int
ldap_search_st(
LDAP *ld, LDAP_CONST char *base, int scope,
LDAP_CONST char *filter, char **attrs,
int attrsonly, struct timeval *timeout, LDAPMessage **res )
{
int msgid;
*res = NULL;
if ( (msgid = ldap_search( ld, base, scope, filter, attrs, attrsonly ))
== -1 )
return( ld->ld_errno );
if ( ldap_result( ld, msgid, LDAP_MSG_ALL, timeout, res ) == -1 || !*res )
return( ld->ld_errno );
if ( ld->ld_errno == LDAP_TIMEOUT ) {
(void) ldap_abandon( ld, msgid );
ld->ld_errno = LDAP_TIMEOUT;
return( ld->ld_errno );
}
return( ldap_result2error( ld, *res, 0 ) );
}
/* ARGSUSED */
int _ns_ldap_abandon(char *service, int flags,
int msgid)
{
LDAP *ld = __s_api_getLDAPconn(flags);
return (ldap_abandon(ld, msgid));
}
static int
nsldapi_search_s(
LDAP *ld,
const char *base,
int scope,
const char *filter,
char **attrs,
int attrsonly,
LDAPControl **serverctrls,
LDAPControl **clientctrls,
struct timeval *localtimeoutp,
int timelimit, /* -1 means use ld->ld_timelimit */
int sizelimit, /* -1 means use ld->ld_sizelimit */
LDAPMessage **res
)
{
int err, msgid;
/*
* It is an error to pass in a zero'd timeval.
*/
if ( localtimeoutp != NULL && localtimeoutp->tv_sec == 0 &&
localtimeoutp->tv_usec == 0 ) {
if ( ld != NULL ) {
LDAP_SET_LDERRNO( ld, LDAP_PARAM_ERROR, NULL, NULL );
}
if ( res != NULL ) {
*res = NULL;
}
return( LDAP_PARAM_ERROR );
}
if (( err = nsldapi_search( ld, base, scope, filter, attrs, attrsonly,
serverctrls, clientctrls, timelimit, sizelimit, &msgid ))
!= LDAP_SUCCESS ) {
if ( res != NULL ) {
*res = NULL;
}
return( err );
}
if ( ldap_result( ld, msgid, 1, localtimeoutp, res ) == -1 ) {
/*
* Error. ldap_result() sets *res to NULL for us.
*/
return( LDAP_GET_LDERRNO( ld, NULL, NULL ) );
}
if ( LDAP_GET_LDERRNO( ld, NULL, NULL ) == LDAP_TIMEOUT ) {
(void) ldap_abandon( ld, msgid );
err = LDAP_TIMEOUT;
LDAP_SET_LDERRNO( ld, err, NULL, NULL );
if ( res != NULL ) {
*res = NULL;
}
return( err );
}
return( ldap_result2error( ld, *res, 0 ) );
}
int
ldap_pvt_search_s(
LDAP *ld,
LDAP_CONST char *base,
int scope,
LDAP_CONST char *filter,
char **attrs,
int attrsonly,
LDAPControl **sctrls,
LDAPControl **cctrls,
struct timeval *timeout,
int sizelimit,
int deref,
LDAPMessage **res )
{
int rc;
int msgid;
*res = NULL;
rc = ldap_pvt_search( ld, base, scope, filter, attrs, attrsonly,
sctrls, cctrls, timeout, sizelimit, deref, &msgid );
if ( rc != LDAP_SUCCESS ) {
return( rc );
}
rc = ldap_result( ld, msgid, LDAP_MSG_ALL, timeout, res );
if( rc <= 0 ) {
/* error(-1) or timeout(0) */
if ( ld->ld_errno == LDAP_TIMEOUT ) {
/* cleanup request */
(void) ldap_abandon( ld, msgid );
ld->ld_errno = LDAP_TIMEOUT;
}
return( ld->ld_errno );
}
if( rc == LDAP_RES_SEARCH_REFERENCE || rc == LDAP_RES_INTERMEDIATE ) {
return( ld->ld_errno );
}
return( ldap_result2error( ld, *res, 0 ) );
}
/*
* We need a version of ldap_bind that times out, otherwise all
* of Postfix can get wedged during daemon initialization.
*/
static int dict_ldap_bind_st(DICT_LDAP *dict_ldap)
{
int msgid;
LDAPMessage *res;
struct timeval mytimeval;
if ((msgid = ldap_bind(dict_ldap->ld, dict_ldap->bind_dn,
dict_ldap->bind_pw, LDAP_AUTH_SIMPLE)) == -1)
return (dict_ldap_get_errno(dict_ldap->ld));
mytimeval.tv_sec = dict_ldap->timeout;
mytimeval.tv_usec = 0;
if (ldap_result(dict_ldap->ld, msgid, 1, &mytimeval, &res) == -1)
return (dict_ldap_get_errno(dict_ldap->ld));
if (dict_ldap_get_errno(dict_ldap->ld) == LDAP_TIMEOUT) {
(void) ldap_abandon(dict_ldap->ld, msgid);
return (dict_ldap_set_errno(dict_ldap->ld, LDAP_TIMEOUT));
}
return (ldap_result2error(dict_ldap->ld, res, 1));
}
int
LDAP_CALL
ldap_url_search_st( LDAP *ld, const char *url, int attrsonly,
struct timeval *timeout, LDAPMessage **res )
{
int msgid;
/*
* It is an error to pass in a zero'd timeval.
*/
if ( timeout != NULL && timeout->tv_sec == 0 &&
timeout->tv_usec == 0 ) {
if ( ld != NULL ) {
LDAP_SET_LDERRNO( ld, LDAP_PARAM_ERROR, NULL, NULL );
}
if ( res != NULL ) {
*res = NULL;
}
return( LDAP_PARAM_ERROR );
}
if (( msgid = ldap_url_search( ld, url, attrsonly )) == -1 ) {
return( LDAP_GET_LDERRNO( ld, NULL, NULL ) );
}
if ( ldap_result( ld, msgid, 1, timeout, res ) == -1 ) {
return( LDAP_GET_LDERRNO( ld, NULL, NULL ) );
}
if ( LDAP_GET_LDERRNO( ld, NULL, NULL ) == LDAP_TIMEOUT ) {
(void) ldap_abandon( ld, msgid );
LDAP_SET_LDERRNO( ld, LDAP_TIMEOUT, NULL, NULL );
return( LDAP_TIMEOUT );
}
return( ldap_result2error( ld, *res, 0 ));
}
sInt32 CLDAPNode::BindProc ( sLDAPNodeStruct *inLDAPNodeStruct )
{
sInt32 siResult = eDSNoErr;
int bindMsgId = 0;
int version = -1;
sLDAPConfigData *pConfig = nil;
char *ldapAcct = nil;
char *ldapPasswd = nil;
int openTO = 0;
LDAP *inLDAPHost = inLDAPNodeStruct->fHost;
LDAPMessage *result = nil;
int ldapReturnCode = 0;
try
{
if ( inLDAPNodeStruct == nil ) throw( (sInt32)eDSNullParameter );
if (inLDAPNodeStruct->fLDAPSessionMutex != nil)
{
inLDAPNodeStruct->fLDAPSessionMutex->Wait();
}
// Here is the bind to the LDAP server
// Note that there may be stored name/password in the config table
// ie. always use the config table data if authentication has not explicitly been set
// use LDAPAuthNodeMap if inLDAPNodeStruct contains a username
//check that we were already here
if (inLDAPHost == NULL)
{
//retrieve the config data
//don't need to retrieve for the case of "generic unknown" so don't check index 0
if (( inLDAPNodeStruct->fLDAPConfigTableIndex < gConfigTableLen) && ( inLDAPNodeStruct->fLDAPConfigTableIndex >= 1 ))
{
pConfig = (sLDAPConfigData *)gConfigTable->GetItemData( inLDAPNodeStruct->fLDAPConfigTableIndex );
if (pConfig != nil)
{
if ( (pConfig->bSecureUse) && (inLDAPNodeStruct->fUserName == nil) )
{
if (pConfig->fServerAccount != nil)
{
ldapAcct = new char[1+::strlen(pConfig->fServerAccount)];
::strcpy( ldapAcct, pConfig->fServerAccount );
}
if (pConfig->fServerPassword != nil)
{
ldapPasswd = new char[1+::strlen(pConfig->fServerPassword)];
::strcpy( ldapPasswd, pConfig->fServerPassword );
}
}
else
{
if (inLDAPNodeStruct->fUserName != nil)
{
ldapAcct = new char[1+::strlen(inLDAPNodeStruct->fUserName)];
::strcpy( ldapAcct, inLDAPNodeStruct->fUserName );
}
if (inLDAPNodeStruct->fAuthCredential != nil)
{
if (inLDAPNodeStruct->fAuthType != nil)
{
//auth type of clear text means char * password
if (strcmp(inLDAPNodeStruct->fAuthType,kDSStdAuthClearText) == 0)
{
ldapPasswd = new char[1+::strlen((char*)(inLDAPNodeStruct->fAuthCredential))];
::strcpy( ldapPasswd, (char*)(inLDAPNodeStruct->fAuthCredential) );
}
}
else //default is password
{
ldapPasswd = new char[1+::strlen((char*)(inLDAPNodeStruct->fAuthCredential))];
::strcpy( ldapPasswd, (char*)(inLDAPNodeStruct->fAuthCredential) );
}
}
}
openTO = pConfig->fOpenCloseTimeout;
}
}
if (inLDAPNodeStruct->fLDAPConfigTableIndex != 0)
{
if (pConfig != nil)
{
inLDAPHost = ldap_init( pConfig->fServerName, pConfig->fServerPort );
}
}
else
{
inLDAPHost = ldap_init( inLDAPNodeStruct->fServerName, inLDAPNodeStruct->fDirectLDAPPort );
}
if ( inLDAPHost == nil ) throw( (sInt32)eDSCannotAccessSession );
if (pConfig != nil)
{
if ( pConfig->bIsSSL )
{
int ldapOptVal = LDAP_OPT_X_TLS_HARD;
ldap_set_option(inLDAPHost, LDAP_OPT_X_TLS, &ldapOptVal);
}
}
/* LDAPv3 only */
version = LDAP_VERSION3;
ldap_set_option( inLDAPHost, LDAP_OPT_PROTOCOL_VERSION, &version );
//heuristic to prevent many consecutive failures with long timeouts
//ie. forcing quick failures after first failure during a window of
//the same length as the timeout value
//NN fLDAPNodeOpenMutex.Wait();
if ( inLDAPNodeStruct->bHasFailed )
{
if ( time( nil ) < inLDAPNodeStruct->fDelayedBindTime )
{
//NN fLDAPNodeOpenMutex.Signal();
throw( (sInt32)eDSCannotAccessSession );
}
else
{
inLDAPNodeStruct->bHasFailed = false;
//fDelayedBindTime then is unused so no need to reset
}
}
//NN fLDAPNodeOpenMutex.Signal();
//this is our and only our LDAP session for now
//need to use our timeout so we don't hang indefinitely
bindMsgId = ldap_bind( inLDAPHost, ldapAcct, ldapPasswd, LDAP_AUTH_SIMPLE );
if (openTO == 0)
{
ldapReturnCode = ldap_result(inLDAPHost, bindMsgId, 0, NULL, &result);
}
else
{
struct timeval tv;
tv.tv_sec = openTO;
tv.tv_usec = 0;
ldapReturnCode = ldap_result(inLDAPHost, bindMsgId, 0, &tv, &result);
}
if ( ldapReturnCode == -1 )
{
throw( (sInt32)eDSCannotAccessSession );
}
else if ( ldapReturnCode == 0 )
{
// timed out, let's forget it
ldap_abandon(inLDAPHost, bindMsgId);
//log this timed out connection
if (pConfig != nil)
{
syslog(LOG_INFO,"DSLDAPv3PlugIn: Timed out in attempt to bind to [%s] LDAP server.", pConfig->fServerName);
syslog(LOG_INFO,"DSLDAPv3PlugIn: Disabled future attempts to bind to [%s] LDAP server for next %d seconds.", pConfig->fServerName, inLDAPNodeStruct->fDelayRebindTry);
}
else
{
syslog(LOG_INFO,"DSLDAPv3PlugIn: Timed out in attempt to bind to [%s] LDAP server.", inLDAPNodeStruct->fServerName);
syslog(LOG_INFO,"DSLDAPv3PlugIn: Disabled future attempts to bind to [%s] LDAP server for next %d seconds.", inLDAPNodeStruct->fServerName, inLDAPNodeStruct->fDelayRebindTry);
}
//NN fLDAPNodeOpenMutex.Wait();
inLDAPNodeStruct->bHasFailed = true;
inLDAPNodeStruct->fDelayedBindTime = time( nil ) + inLDAPNodeStruct->fDelayRebindTry;
//NN fLDAPNodeOpenMutex.Signal();
throw( (sInt32)eDSCannotAccessSession );
}
else if ( ldap_result2error(inLDAPHost, result, 1) != LDAP_SUCCESS )
{
//NN fLDAPNodeOpenMutex.Wait();
inLDAPNodeStruct->bHasFailed = true;
inLDAPNodeStruct->fHost = inLDAPHost;
//NN fLDAPNodeOpenMutex.Signal();
throw( (sInt32)eDSCannotAccessSession );
}
//NN fLDAPNodeOpenMutex.Wait();
inLDAPNodeStruct->fHost = inLDAPHost;
//NN fLDAPNodeOpenMutex.Signal();
//result is consumed above within ldap_result2error
result = nil;
}
} // try
catch ( sInt32 err )
{
siResult = err;
}
if (ldapAcct != nil)
{
delete (ldapAcct);
ldapAcct = nil;
}
if (ldapPasswd != nil)
{
delete (ldapPasswd);
ldapPasswd = nil;
}
if (inLDAPNodeStruct->fLDAPSessionMutex != nil)
{
inLDAPNodeStruct->fLDAPSessionMutex->Signal();
}
return (siResult);
}// BindProc
static int
do_bind (LDAP * ldap_connection, int timelimit)
{
int rc;
int rv;
struct timeval tv;
LDAPMessage *result;
/*
* set timelimit in ld for select() call in ldap_pvt_connect()
* function implemented in libldap2's os-ip.c
*/
tv.tv_sec = timelimit;
tv.tv_usec = 0;
DBG2("do_bind(): bind DN=\"%s\" pass=\"%s\"",binddn,passwd);
/* LDAPv3 doesn't need bind at all,
* nevertheless, if no binddn is given than bind anonymous */
if ( ! strncmp(binddn,"",1) ) {
rv = ldap_simple_bind(ldap_connection, NULL, NULL);
} else {
rv = ldap_simple_bind(ldap_connection, binddn, passwd);
}
if (rv < 0)
{
DBG("do_bind: rv < 0");
#if defined(HAVE_LDAP_GET_OPTION) && defined(LDAP_OPT_ERROR_NUMBER)
if (ldap_get_option (ldap_connection, LDAP_OPT_ERROR_NUMBER, &rc) !=
LDAP_SUCCESS)
{
rc = LDAP_UNAVAILABLE;
}
#else
rc = ldap_connection->ld_errno;
#endif /* LDAP_OPT_ERROR_NUMBER */
/* Notify if we failed. */
DBG3("could not connect to LDAP server as %s - %d - %s",
binddn, rc, ldap_err2string (rc));
return rc;
}
rc = ldap_result (ldap_connection, rv, 0, &tv, &result);
if (rc > 0)
{
DBG1("do_bind rc=%d", rc);
/* debug ("<== do_bind"); */
return ldap_result2error (ldap_connection, result, 1);
}
/* took too long */
if (rc == 0)
{
DBG("do_bind rc=0");
ldap_abandon (ldap_connection, rv);
}
DBG("do_bind return -1");
return -1;
}
static int
cldap_result( LDAP *ld, int msgid, LDAPMessage **res,
struct cldap_retinfo *crip, char *base )
{
Sockbuf *sb;
BerElement ber;
char *logdn;
int ret, id, fromaddr, i;
struct timeval tv;
#if defined( SUN ) && defined( _REENTRANT )
LOCK_LDAP(ld);
#endif
sb = &ld->ld_sb;
fromaddr = -1;
if ( crip->cri_try == 0 ) {
crip->cri_maxtries = ld->ld_cldaptries * sb->sb_naddr;
crip->cri_timeout = ld->ld_cldaptimeout;
crip->cri_useaddr = 0;
Debug( LDAP_DEBUG_TRACE, catgets(slapdcat, 1, 117, "cldap_result tries %1$d timeout %2$d\n"),
ld->ld_cldaptries, ld->ld_cldaptimeout, 0 );
}
if ((tv.tv_sec = crip->cri_timeout / sb->sb_naddr) < 1 ) {
tv.tv_sec = 1;
}
tv.tv_usec = 0;
Debug( LDAP_DEBUG_TRACE,
catgets(slapdcat, 1, 118, "cldap_result waiting up to %d seconds for a response\n"),
tv.tv_sec, 0, 0 );
ber_zero_init( &ber, 0 );
set_ber_options( ld, &ber );
if ( cldap_getmsg( ld, &tv, &ber ) == -1 ) {
ret = ld->ld_errno;
Debug( LDAP_DEBUG_TRACE, catgets(slapdcat, 1, 119, "cldap_getmsg returned -1 (%d)\n"),
ret, 0, 0 );
} else if ( ld->ld_errno == LDAP_TIMEOUT ) {
Debug( LDAP_DEBUG_TRACE,
catgets(slapdcat, 1, 120, "cldap_result timed out\n"), 0, 0, 0 );
/*
* It timed out; is it time to give up?
*/
if ( ++crip->cri_try >= crip->cri_maxtries ) {
ret = LDAP_TIMEOUT;
--crip->cri_try;
} else {
if ( ++crip->cri_useaddr >= sb->sb_naddr ) {
/*
* new round: reset address to first one and
* double the timeout
*/
crip->cri_useaddr = 0;
crip->cri_timeout <<= 1;
}
ret = -1;
}
} else {
/*
* Got a response. It should look like:
* { msgid, logdn, { searchresponse...}}
*/
logdn = NULL;
if ( ber_scanf( &ber, "ia", &id, &logdn ) == LBER_ERROR ) {
free( ber.ber_buf ); /* gack! */
ret = LDAP_DECODING_ERROR;
Debug( LDAP_DEBUG_TRACE,
catgets(slapdcat, 1, 121, "cldap_result: ber_scanf returned LBER_ERROR (%d)\n"),
ret, 0, 0 );
} else if ( id != msgid ) {
free( ber.ber_buf ); /* gack! */
Debug( LDAP_DEBUG_TRACE,
catgets(slapdcat, 1, 122, "cldap_result: looking for msgid %1$d; got %2$d\n"),
msgid, id, 0 );
ret = -1; /* ignore and keep looking */
} else {
/*
* got a result: determine which server it came from
* decode into ldap message chain
*/
for ( fromaddr = 0; fromaddr < sb->sb_naddr; ++fromaddr ) {
if ( memcmp( &((struct sockaddr_in *)
sb->sb_addrs[ fromaddr ])->sin_addr,
&((struct sockaddr_in *)sb->sb_fromaddr)->sin_addr,
sizeof( struct in_addr )) == 0 ) {
break;
}
}
ret = cldap_parsemsg( ld, msgid, &ber, res, base );
free( ber.ber_buf ); /* gack! */
Debug( LDAP_DEBUG_TRACE,
catgets(slapdcat, 1, 123, "cldap_result got result (%d)\n"), ret, 0, 0 );
}
if ( logdn != NULL ) {
free( logdn );
}
}
/*
* If we are giving up (successfully or otherwise) then
* abandon any outstanding requests.
*/
if ( ret != -1 ) {
i = crip->cri_try;
if ( i >= sb->sb_naddr ) {
i = sb->sb_naddr - 1;
}
for ( ; i >= 0; --i ) {
if ( i == fromaddr ) {
continue;
}
sb->sb_useaddr = sb->sb_addrs[ i ];
Debug( LDAP_DEBUG_TRACE, catgets(slapdcat, 1, 124, "cldap_result abandoning id %1$d (to %2$s)\n"),
msgid, inet_ntoa( ((struct sockaddr_in *)
sb->sb_useaddr)->sin_addr ), 0 );
(void) ldap_abandon( ld, msgid );
}
}
#if defined( SUN ) && defined( _REENTRANT )
UNLOCK_LDAP(ld);
#endif
return( ld->ld_errno = ret );
}
static krb5_error_code
LDAP_seq(krb5_context context, HDB * db, unsigned flags, hdb_entry * entry)
{
int msgid, rc, parserc;
krb5_error_code ret;
LDAPMessage *e;
msgid = HDB2MSGID(db);
if (msgid < 0)
return HDB_ERR_NOENTRY;
do {
rc = ldap_result(HDB2LDAP(db), msgid, LDAP_MSG_ONE, NULL, &e);
switch (rc) {
case LDAP_RES_SEARCH_REFERENCE:
ldap_msgfree(e);
ret = 0;
break;
case LDAP_RES_SEARCH_ENTRY:
/* We have an entry. Parse it. */
ret = LDAP_message2entry(context, db, e, entry);
ldap_msgfree(e);
break;
case LDAP_RES_SEARCH_RESULT:
/* We're probably at the end of the results. If not, abandon. */
parserc =
ldap_parse_result(HDB2LDAP(db), e, NULL, NULL, NULL,
NULL, NULL, 1);
if (parserc != LDAP_SUCCESS
&& parserc != LDAP_MORE_RESULTS_TO_RETURN) {
krb5_set_error_string(context, "ldap_parse_result: %s",
ldap_err2string(parserc));
ldap_abandon(HDB2LDAP(db), msgid);
}
ret = HDB_ERR_NOENTRY;
HDBSETMSGID(db, -1);
break;
case LDAP_SERVER_DOWN:
ldap_msgfree(e);
LDAP_close(context, db);
HDBSETMSGID(db, -1);
ret = ENETDOWN;
break;
default:
/* Some unspecified error (timeout?). Abandon. */
ldap_msgfree(e);
ldap_abandon(HDB2LDAP(db), msgid);
ret = HDB_ERR_NOENTRY;
HDBSETMSGID(db, -1);
break;
}
} while (rc == LDAP_RES_SEARCH_REFERENCE);
if (ret == 0) {
if (db->hdb_master_key_set && (flags & HDB_F_DECRYPT)) {
ret = hdb_unseal_keys(context, db, entry);
if (ret)
hdb_free_entry(context,entry);
}
}
return ret;
}
int
main( int argc, char **argv )
{
LDAP *ld = NULL;
int i, c, port, errflg, method, id, msgtype;
char line[256], command1, command2, command3;
char passwd[64], dn[256], rdn[64], attr[64], value[256];
char filter[256], *host, **types;
char **exdn;
static const char usage[] =
"usage: %s [-u] [-h host] [-d level] [-s dnsuffix] [-p port] [-t file] [-T file]\n";
int bound, all, scope, attrsonly;
LDAPMessage *res;
LDAPMod **mods, **attrs;
struct timeval timeout;
char *copyfname = NULL;
int copyoptions = 0;
LDAPURLDesc *ludp;
host = NULL;
port = LDAP_PORT;
dnsuffix = "";
errflg = 0;
while (( c = getopt( argc, argv, "h:d:s:p:t:T:" )) != -1 ) {
switch( c ) {
case 'd':
#ifdef LDAP_DEBUG
ldap_debug = atoi( optarg );
#ifdef LBER_DEBUG
if ( ldap_debug & LDAP_DEBUG_PACKETS ) {
ber_set_option( NULL, LBER_OPT_DEBUG_LEVEL, &ldap_debug );
}
#endif
#else
printf( "Compile with -DLDAP_DEBUG for debugging\n" );
#endif
break;
case 'h':
host = optarg;
break;
case 's':
dnsuffix = optarg;
break;
case 'p':
port = atoi( optarg );
break;
case 't': /* copy ber's to given file */
copyfname = strdup( optarg );
/* copyoptions = LBER_TO_FILE; */
break;
case 'T': /* only output ber's to given file */
copyfname = strdup( optarg );
/* copyoptions = (LBER_TO_FILE | LBER_TO_FILE_ONLY); */
break;
default:
++errflg;
}
}
if ( host == NULL && optind == argc - 1 ) {
host = argv[ optind ];
++optind;
}
if ( errflg || optind < argc - 1 ) {
fprintf( stderr, usage, argv[ 0 ] );
exit( EXIT_FAILURE );
}
printf( "ldap_init( %s, %d )\n",
host == NULL ? "(null)" : host, port );
ld = ldap_init( host, port );
if ( ld == NULL ) {
perror( "ldap_init" );
exit( EXIT_FAILURE );
}
if ( copyfname != NULL ) {
if ( ( ld->ld_sb->sb_fd = open( copyfname, O_WRONLY|O_CREAT|O_EXCL,
0600 )) == -1 ) {
perror( copyfname );
exit ( EXIT_FAILURE );
}
ld->ld_sb->sb_options = copyoptions;
}
bound = 0;
timeout.tv_sec = 0;
timeout.tv_usec = 0;
(void) memset( line, '\0', sizeof(line) );
while ( get_line( line, sizeof(line), stdin, "\ncommand? " ) != NULL ) {
command1 = line[0];
command2 = line[1];
command3 = line[2];
switch ( command1 ) {
case 'a': /* add or abandon */
switch ( command2 ) {
case 'd': /* add */
get_line( dn, sizeof(dn), stdin, "dn? " );
strcat( dn, dnsuffix );
if ( (attrs = get_modlist( NULL, "attr? ",
"value? " )) == NULL )
break;
if ( (id = ldap_add( ld, dn, attrs )) == -1 )
ldap_perror( ld, "ldap_add" );
else
printf( "Add initiated with id %d\n",
id );
break;
case 'b': /* abandon */
get_line( line, sizeof(line), stdin, "msgid? " );
id = atoi( line );
if ( ldap_abandon( ld, id ) != 0 )
ldap_perror( ld, "ldap_abandon" );
else
printf( "Abandon successful\n" );
break;
default:
printf( "Possibilities: [ad]d, [ab]ort\n" );
}
break;
case 'b': /* asynch bind */
method = LDAP_AUTH_SIMPLE;
get_line( dn, sizeof(dn), stdin, "dn? " );
strcat( dn, dnsuffix );
if ( method == LDAP_AUTH_SIMPLE && dn[0] != '\0' )
get_line( passwd, sizeof(passwd), stdin,
"password? " );
else
passwd[0] = '\0';
if ( ldap_bind( ld, dn, passwd, method ) == -1 ) {
fprintf( stderr, "ldap_bind failed\n" );
ldap_perror( ld, "ldap_bind" );
} else {
printf( "Bind initiated\n" );
bound = 1;
}
break;
case 'B': /* synch bind */
method = LDAP_AUTH_SIMPLE;
get_line( dn, sizeof(dn), stdin, "dn? " );
strcat( dn, dnsuffix );
if ( dn[0] != '\0' )
get_line( passwd, sizeof(passwd), stdin,
"password? " );
else
passwd[0] = '\0';
if ( ldap_bind_s( ld, dn, passwd, method ) !=
LDAP_SUCCESS ) {
fprintf( stderr, "ldap_bind_s failed\n" );
ldap_perror( ld, "ldap_bind_s" );
} else {
printf( "Bind successful\n" );
bound = 1;
}
break;
case 'c': /* compare */
get_line( dn, sizeof(dn), stdin, "dn? " );
strcat( dn, dnsuffix );
get_line( attr, sizeof(attr), stdin, "attr? " );
get_line( value, sizeof(value), stdin, "value? " );
if ( (id = ldap_compare( ld, dn, attr, value )) == -1 )
ldap_perror( ld, "ldap_compare" );
else
printf( "Compare initiated with id %d\n", id );
break;
case 'd': /* turn on debugging */
#ifdef LDAP_DEBUG
get_line( line, sizeof(line), stdin, "debug level? " );
ldap_debug = atoi( line );
#ifdef LBER_DEBUG
if ( ldap_debug & LDAP_DEBUG_PACKETS ) {
ber_set_option( NULL, LBER_OPT_DEBUG_LEVEL, &ldap_debug );
}
#endif
#else
printf( "Compile with -DLDAP_DEBUG for debugging\n" );
#endif
break;
case 'E': /* explode a dn */
get_line( line, sizeof(line), stdin, "dn? " );
exdn = ldap_explode_dn( line, 0 );
for ( i = 0; exdn != NULL && exdn[i] != NULL; i++ ) {
printf( "\t%s\n", exdn[i] );
}
break;
case 'g': /* set next msgid */
get_line( line, sizeof(line), stdin, "msgid? " );
ld->ld_msgid = atoi( line );
break;
case 'v': /* set version number */
get_line( line, sizeof(line), stdin, "version? " );
ld->ld_version = atoi( line );
break;
case 'm': /* modify or modifyrdn */
if ( strncmp( line, "modify", 4 ) == 0 ) {
get_line( dn, sizeof(dn), stdin, "dn? " );
strcat( dn, dnsuffix );
if ( (mods = get_modlist(
"mod (0=>add, 1=>delete, 2=>replace -1=>done)? ",
"attribute type? ", "attribute value? " ))
== NULL )
break;
if ( (id = ldap_modify( ld, dn, mods )) == -1 )
ldap_perror( ld, "ldap_modify" );
else
printf( "Modify initiated with id %d\n",
id );
} else if ( strncmp( line, "modrdn", 4 ) == 0 ) {
get_line( dn, sizeof(dn), stdin, "dn? " );
strcat( dn, dnsuffix );
get_line( rdn, sizeof(rdn), stdin, "newrdn? " );
if ( (id = ldap_modrdn( ld, dn, rdn )) == -1 )
ldap_perror( ld, "ldap_modrdn" );
else
printf( "Modrdn initiated with id %d\n",
id );
} else {
printf( "Possibilities: [modi]fy, [modr]dn\n" );
}
break;
case 'q': /* quit */
ldap_unbind( ld );
exit( EXIT_SUCCESS );
break;
case 'r': /* result or remove */
switch ( command3 ) {
case 's': /* result */
get_line( line, sizeof(line), stdin,
"msgid (-1=>any)? " );
if ( line[0] == '\0' )
id = -1;
else
id = atoi( line );
get_line( line, sizeof(line), stdin,
"all (0=>any, 1=>all)? " );
if ( line[0] == '\0' )
all = 1;
else
all = atoi( line );
if (( msgtype = ldap_result( ld, id, all,
&timeout, &res )) < 1 ) {
ldap_perror( ld, "ldap_result" );
break;
}
printf( "\nresult: msgtype %d msgid %d\n",
msgtype, res->lm_msgid );
handle_result( ld, res );
res = NULL;
break;
case 'm': /* remove */
get_line( dn, sizeof(dn), stdin, "dn? " );
strcat( dn, dnsuffix );
if ( (id = ldap_delete( ld, dn )) == -1 )
ldap_perror( ld, "ldap_delete" );
else
printf( "Remove initiated with id %d\n",
id );
break;
default:
printf( "Possibilities: [rem]ove, [res]ult\n" );
break;
}
break;
case 's': /* search */
get_line( dn, sizeof(dn), stdin, "searchbase? " );
strcat( dn, dnsuffix );
get_line( line, sizeof(line), stdin,
"scope (0=baseObject, 1=oneLevel, 2=subtree, 3=children)? " );
scope = atoi( line );
get_line( filter, sizeof(filter), stdin,
"search filter (e.g. sn=jones)? " );
types = get_list( "attrs to return? " );
get_line( line, sizeof(line), stdin,
"attrsonly (0=attrs&values, 1=attrs only)? " );
attrsonly = atoi( line );
if (( id = ldap_search( ld, dn, scope, filter,
types, attrsonly )) == -1 ) {
ldap_perror( ld, "ldap_search" );
} else {
printf( "Search initiated with id %d\n", id );
}
free_list( types );
break;
case 't': /* set timeout value */
get_line( line, sizeof(line), stdin, "timeout? " );
timeout.tv_sec = atoi( line );
break;
case 'p': /* parse LDAP URL */
get_line( line, sizeof(line), stdin, "LDAP URL? " );
if (( i = ldap_url_parse( line, &ludp )) != 0 ) {
fprintf( stderr, "ldap_url_parse: error %d\n", i );
} else {
printf( "\t host: " );
if ( ludp->lud_host == NULL ) {
printf( "DEFAULT\n" );
} else {
printf( "<%s>\n", ludp->lud_host );
}
printf( "\t port: " );
if ( ludp->lud_port == 0 ) {
printf( "DEFAULT\n" );
} else {
printf( "%d\n", ludp->lud_port );
}
printf( "\t dn: <%s>\n", ludp->lud_dn );
printf( "\t attrs:" );
if ( ludp->lud_attrs == NULL ) {
printf( " ALL" );
} else {
for ( i = 0; ludp->lud_attrs[ i ] != NULL; ++i ) {
printf( " <%s>", ludp->lud_attrs[ i ] );
}
}
printf( "\n\t scope: %s\n",
ludp->lud_scope == LDAP_SCOPE_BASE ? "baseObject"
: ludp->lud_scope == LDAP_SCOPE_ONELEVEL ? "oneLevel"
: ludp->lud_scope == LDAP_SCOPE_SUBTREE ? "subtree"
#ifdef LDAP_SCOPE_SUBORDINATE
: ludp->lud_scope == LDAP_SCOPE_SUBORDINATE ? "children"
#endif
: "**invalid**" );
printf( "\tfilter: <%s>\n", ludp->lud_filter );
ldap_free_urldesc( ludp );
}
break;
case 'n': /* set dn suffix, for convenience */
get_line( line, sizeof(line), stdin, "DN suffix? " );
strcpy( dnsuffix, line );
break;
case 'o': /* set ldap options */
get_line( line, sizeof(line), stdin, "alias deref (0=never, 1=searching, 2=finding, 3=always)?" );
ld->ld_deref = atoi( line );
get_line( line, sizeof(line), stdin, "timelimit?" );
ld->ld_timelimit = atoi( line );
get_line( line, sizeof(line), stdin, "sizelimit?" );
ld->ld_sizelimit = atoi( line );
LDAP_BOOL_ZERO(&ld->ld_options);
get_line( line, sizeof(line), stdin,
"Recognize and chase referrals (0=no, 1=yes)?" );
if ( atoi( line ) != 0 ) {
LDAP_BOOL_SET(&ld->ld_options, LDAP_BOOL_REFERRALS);
get_line( line, sizeof(line), stdin,
"Prompt for bind credentials when chasing referrals (0=no, 1=yes)?" );
if ( atoi( line ) != 0 ) {
ldap_set_rebind_proc( ld, bind_prompt, NULL );
}
}
break;
case '?': /* help */
printf(
"Commands: [ad]d [ab]andon [b]ind\n"
" [B]ind async [c]ompare\n"
" [modi]fy [modr]dn [rem]ove\n"
" [res]ult [s]earch [q]uit/unbind\n\n"
" [d]ebug set ms[g]id\n"
" d[n]suffix [t]imeout [v]ersion\n"
" [?]help [o]ptions"
" [E]xplode dn [p]arse LDAP URL\n" );
break;
default:
printf( "Invalid command. Type ? for help.\n" );
break;
}
(void) memset( line, '\0', sizeof(line) );
}
return( 0 );
}
/*
* Do an LDAP lookup to the server described in the info argument.
*
* Args info -- LDAP info for server.
* string -- String to lookup.
* cust -- Possible custom filter description.
* wp_err -- We set this is we get a white pages error.
* name_in_error -- Caller sets this if they want us to include the server
* name in error messages.
*
* Returns Results of lookup, NULL if lookup failed.
*/
LDAP_SERV_RES_S *
ldap_lookup(LDAP_SERV_S *info, char *string, CUSTOM_FILT_S *cust,
WP_ERR_S *wp_err, int name_in_error)
{
char ebuf[900];
char buf[900];
char *serv, *base, *serv_errstr;
char *mailattr, *snattr, *gnattr, *cnattr;
int we_cancel = 0, we_turned_on = 0;
LDAP_SERV_RES_S *serv_res = NULL;
LDAP *ld;
long pwdtrial = 0L;
int ld_errnum;
char *ld_errstr;
if(!info)
return(serv_res);
serv = cpystr((info->serv && *info->serv) ? info->serv : "?");
if(name_in_error)
snprintf(ebuf, sizeof(ebuf), " (%s)",
(info->nick && *info->nick) ? info->nick : serv);
else
ebuf[0] = '\0';
serv_errstr = cpystr(ebuf);
base = cpystr(info->base ? info->base : "");
if(info->port < 0)
info->port = LDAP_PORT;
if(info->type < 0)
info->type = DEF_LDAP_TYPE;
if(info->srch < 0)
info->srch = DEF_LDAP_SRCH;
if(info->time < 0)
info->time = DEF_LDAP_TIME;
if(info->size < 0)
info->size = DEF_LDAP_SIZE;
if(info->scope < 0)
info->scope = DEF_LDAP_SCOPE;
mailattr = (info->mailattr && info->mailattr[0]) ? info->mailattr
: DEF_LDAP_MAILATTR;
snattr = (info->snattr && info->snattr[0]) ? info->snattr
: DEF_LDAP_SNATTR;
gnattr = (info->gnattr && info->gnattr[0]) ? info->gnattr
: DEF_LDAP_GNATTR;
cnattr = (info->cnattr && info->cnattr[0]) ? info->cnattr
: DEF_LDAP_CNATTR;
/*
* We may want to keep ldap handles open, but at least for
* now, re-open them every time.
*/
dprint((3, "ldap_lookup(%s,%d)\n", serv ? serv : "?", info->port));
snprintf(ebuf, sizeof(ebuf), "Searching%s%s%s on %s",
(string && *string) ? " for \"" : "",
(string && *string) ? string : "",
(string && *string) ? "\"" : "",
serv);
we_turned_on = intr_handling_on(); /* this erases keymenu */
we_cancel = busy_cue(ebuf, NULL, 0);
if(wp_err->mangled)
*(wp_err->mangled) = 1;
#ifdef _SOLARIS_SDK
if(info->tls || info->tlsmust)
ldapssl_client_init(NULL, NULL);
if((ld = ldap_init(serv, info->port)) == NULL)
#else
#if (LDAPAPI >= 11)
if((ld = ldap_init(serv, info->port)) == NULL)
#else
if((ld = ldap_open(serv, info->port)) == NULL)
#endif
#endif
{
/* TRANSLATORS: All of the three args together are an error message */
snprintf(ebuf, sizeof(ebuf), _("Access to LDAP server failed: %s%s(%s)"),
errno ? error_description(errno) : "",
errno ? " " : "",
serv);
wp_err->wp_err_occurred = 1;
if(wp_err->error)
fs_give((void **)&wp_err->error);
wp_err->error = cpystr(ebuf);
if(we_cancel)
cancel_busy_cue(-1);
q_status_message(SM_ORDER, 3, 5, wp_err->error);
display_message('x');
dprint((2, "%s\n", ebuf));
}
else if(!ps_global->intr_pending){
int proto = 3, tlsmustbail = 0;
char pwd[NETMAXPASSWD], user[NETMAXUSER];
char *passwd = NULL;
char hostbuf[1024];
NETMBX mb;
#ifndef _WINDOWS
int rc;
#endif
memset(&mb, 0, sizeof(mb));
#ifdef _SOLARIS_SDK
if(info->tls || info->tlsmust)
rc = ldapssl_install_routines(ld);
#endif
if(ldap_v3_is_supported(ld) &&
our_ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &proto) == 0){
dprint((5, "ldap: using version 3 protocol\n"));
}
/*
* If we don't set RESTART then the select() waiting for the answer
* in libldap will be interrupted and stopped by our busy_cue.
*/
our_ldap_set_option(ld, LDAP_OPT_RESTART, LDAP_OPT_ON);
/*
* If we need to authenticate, get the password. We are not
* supporting SASL authentication, just LDAP simple.
*/
if(info->binddn && info->binddn[0]){
char pmt[500];
char *space;
snprintf(hostbuf, sizeof(hostbuf), "{%s}dummy", info->serv ? info->serv : "?");
/*
* We don't handle multiple space-delimited hosts well.
* We don't know which we're asking for a password for.
* We're not connected yet so we can't know.
*/
if((space=strindex(hostbuf, ' ')) != NULL)
*space = '\0';
mail_valid_net_parse_work(hostbuf, &mb, "ldap");
mb.port = info->port;
mb.tlsflag = (info->tls || info->tlsmust) ? 1 : 0;
try_password_again:
if(mb.tlsflag
&& (pwdtrial > 0 ||
#ifndef _WINDOWS
#ifdef _SOLARIS_SDK
(rc == LDAP_SUCCESS)
#else /* !_SOLARIS_SDK */
((rc=ldap_start_tls_s(ld, NULL, NULL)) == LDAP_SUCCESS)
#endif /* !_SOLARIS_SDK */
#else /* _WINDOWS */
0 /* TODO: find a way to do this in Windows */
#endif /* _WINDOWS */
))
mb.tlsflag = 1;
else
mb.tlsflag = 0;
if((info->tls || info->tlsmust) && !mb.tlsflag){
q_status_message(SM_ORDER, 3, 5, "Not able to start TLS encryption for LDAP server");
if(info->tlsmust)
tlsmustbail++;
}
if(!tlsmustbail){
snprintf(pmt, sizeof(pmt), " %s", (info->nick && *info->nick) ? info->nick : serv);
mm_login_work(&mb, user, pwd, pwdtrial, pmt, info->binddn);
if(pwd && pwd[0])
passwd = pwd;
}
}
/*
* LDAPv2 requires the bind. v3 doesn't require it but we want
* to tell the server we're v3 if the server supports v3, and if the
* server doesn't support v3 the bind is required.
*/
if(tlsmustbail || ldap_simple_bind_s(ld, info->binddn, passwd) != LDAP_SUCCESS){
wp_err->wp_err_occurred = 1;
ld_errnum = our_ldap_get_lderrno(ld, NULL, &ld_errstr);
if(!tlsmustbail && info->binddn && info->binddn[0] && pwdtrial < 2L
&& ld_errnum == LDAP_INVALID_CREDENTIALS){
pwdtrial++;
q_status_message(SM_ORDER, 3, 5, _("Invalid password"));
goto try_password_again;
}
snprintf(ebuf, sizeof(ebuf), _("LDAP server failed: %s%s%s%s"),
ldap_err2string(ld_errnum),
serv_errstr,
(ld_errstr && *ld_errstr) ? ": " : "",
(ld_errstr && *ld_errstr) ? ld_errstr : "");
if(wp_err->error)
fs_give((void **)&wp_err->error);
if(we_cancel)
cancel_busy_cue(-1);
ldap_unbind(ld);
wp_err->error = cpystr(ebuf);
q_status_message(SM_ORDER, 3, 5, wp_err->error);
display_message('x');
dprint((2, "%s\n", ebuf));
}
else if(!ps_global->intr_pending){
int srch_res, args, slen, flen;
#define TEMPLATELEN 512
char filt_template[TEMPLATELEN + 1];
char filt_format[2*TEMPLATELEN + 1];
char filter[2*TEMPLATELEN + 1];
char scp[2*TEMPLATELEN + 1];
char *p, *q;
LDAPMessage *res = NULL;
int intr_happened = 0;
int tl;
tl = (info->time == 0) ? info->time : info->time + 10;
our_ldap_set_option(ld, LDAP_OPT_TIMELIMIT, &tl);
our_ldap_set_option(ld, LDAP_OPT_SIZELIMIT, &info->size);
/*
* If a custom filter has been passed in and it doesn't include a
* request to combine it with the configured filter, then replace
* any configured filter with the passed in filter.
*/
if(cust && cust->filt && !cust->combine){
if(info->cust)
fs_give((void **)&info->cust);
info->cust = cpystr(cust->filt);
}
if(info->cust && *info->cust){ /* use custom filter if present */
strncpy(filt_template, info->cust, sizeof(filt_template));
filt_template[sizeof(filt_template)-1] = '\0';
}
else{ /* else use configured filter */
switch(info->type){
case LDAP_TYPE_SUR:
snprintf(filt_template, sizeof(filt_template), "(%s=%%s)", snattr);
break;
case LDAP_TYPE_GIVEN:
snprintf(filt_template, sizeof(filt_template), "(%s=%%s)", gnattr);
break;
case LDAP_TYPE_EMAIL:
snprintf(filt_template, sizeof(filt_template), "(%s=%%s)", mailattr);
break;
case LDAP_TYPE_CN_EMAIL:
snprintf(filt_template, sizeof(filt_template), "(|(%s=%%s)(%s=%%s))", cnattr,
mailattr);
break;
case LDAP_TYPE_SUR_GIVEN:
snprintf(filt_template, sizeof(filt_template), "(|(%s=%%s)(%s=%%s))",
snattr, gnattr);
break;
case LDAP_TYPE_SEVERAL:
snprintf(filt_template, sizeof(filt_template),
"(|(%s=%%s)(%s=%%s)(%s=%%s)(%s=%%s))",
cnattr, mailattr, snattr, gnattr);
break;
default:
case LDAP_TYPE_CN:
snprintf(filt_template, sizeof(filt_template), "(%s=%%s)", cnattr);
break;
}
}
/* just copy if custom */
if(info->cust && *info->cust)
info->srch = LDAP_SRCH_EQUALS;
p = filt_template;
q = filt_format;
memset((void *)filt_format, 0, sizeof(filt_format));
args = 0;
while(*p && (q - filt_format) + 4 < sizeof(filt_format)){
if(*p == '%' && *(p+1) == 's'){
args++;
switch(info->srch){
/* Exact match */
case LDAP_SRCH_EQUALS:
*q++ = *p++;
*q++ = *p++;
break;
/* Append wildcard after %s */
case LDAP_SRCH_BEGINS:
*q++ = *p++;
*q++ = *p++;
*q++ = '*';
break;
/* Insert wildcard before %s */
case LDAP_SRCH_ENDS:
*q++ = '*';
*q++ = *p++;
*q++ = *p++;
break;
/* Put wildcard before and after %s */
default:
case LDAP_SRCH_CONTAINS:
*q++ = '*';
*q++ = *p++;
*q++ = *p++;
*q++ = '*';
break;
}
}
else
*q++ = *p++;
}
if(q - filt_format < sizeof(filt_format))
*q = '\0';
filt_format[sizeof(filt_format)-1] = '\0';
/*
* If combine is lit we put the custom filter and the filt_format
* filter and combine them with an &.
*/
if(cust && cust->filt && cust->combine){
char *combined;
size_t l;
l = strlen(filt_format) + strlen(cust->filt) + 3;
combined = (char *) fs_get((l+1) * sizeof(char));
snprintf(combined, l+1, "(&%s%s)", cust->filt, filt_format);
strncpy(filt_format, combined, sizeof(filt_format));
filt_format[sizeof(filt_format)-1] = '\0';
fs_give((void **) &combined);
}
/*
* Ad hoc attempt to make "Steve Hubert" match
* Steven Hubert but not Steven Shubert.
* We replace a <SPACE> with * <SPACE> (not * <SPACE> *).
*/
memset((void *)scp, 0, sizeof(scp));
if(info->nosub)
strncpy(scp, string, sizeof(scp));
else{
p = string;
q = scp;
while(*p && (q - scp) + 1 < sizeof(scp)){
if(*p == SPACE && *(p+1) != SPACE){
*q++ = '*';
*q++ = *p++;
}
else
*q++ = *p++;
}
}
scp[sizeof(scp)-1] = '\0';
slen = strlen(scp);
flen = strlen(filt_format);
/* truncate string if it will overflow filter */
if(args*slen + flen - 2*args > sizeof(filter)-1)
scp[(sizeof(filter)-1 - flen)/args] = '\0';
/*
* Replace %s's with scp.
*/
switch(args){
case 0:
snprintf(filter, sizeof(filter), "%s", filt_format);
break;
case 1:
snprintf(filter, sizeof(filter), filt_format, scp);
break;
case 2:
snprintf(filter, sizeof(filter), filt_format, scp, scp);
break;
case 3:
snprintf(filter, sizeof(filter), filt_format, scp, scp, scp);
break;
case 4:
snprintf(filter, sizeof(filter), filt_format, scp, scp, scp, scp);
break;
case 5:
snprintf(filter, sizeof(filter), filt_format, scp, scp, scp, scp, scp);
break;
case 6:
snprintf(filter, sizeof(filter), filt_format, scp, scp, scp, scp, scp, scp);
break;
case 7:
snprintf(filter, sizeof(filter), filt_format, scp, scp, scp, scp, scp, scp, scp);
break;
case 8:
snprintf(filter, sizeof(filter), filt_format, scp, scp, scp, scp, scp, scp, scp,
scp);
break;
case 9:
snprintf(filter, sizeof(filter), filt_format, scp, scp, scp, scp, scp, scp, scp,
scp, scp);
break;
case 10:
default:
snprintf(filter, sizeof(filter), filt_format, scp, scp, scp, scp, scp, scp, scp,
scp, scp, scp);
break;
}
/* replace double *'s with single *'s in filter */
for(p = q = filter; *p; p++)
if(*p != '*' || p == filter || *(p-1) != '*')
*q++ = *p;
*q = '\0';
(void) removing_double_quotes(base);
dprint((5, "about to ldap_search(\"%s\", %s)\n",
base ? base : "?", filter ? filter : "?"));
if(ps_global->intr_pending)
srch_res = LDAP_PROTOCOL_ERROR;
else{
int msgid;
time_t start_time;
start_time = time((time_t *)0);
dprint((6, "ldap_lookup: calling ldap_search\n"));
msgid = ldap_search(ld, base, info->scope, filter, NULL, 0);
if(msgid == -1)
srch_res = our_ldap_get_lderrno(ld, NULL, NULL);
else{
int lres;
/*
* Warning: struct timeval is not portable. However, since it is
* part of LDAP api it must be portable to all platforms LDAP
* has been ported to.
*/
struct timeval t;
t.tv_sec = 1; t.tv_usec = 0;
do {
if(ps_global->intr_pending)
intr_happened = 1;
dprint((6, "ldap_result(id=%d): ", msgid));
if((lres=ldap_result(ld, msgid, LDAP_MSG_ALL, &t, &res)) == -1){
/* error */
srch_res = our_ldap_get_lderrno(ld, NULL, NULL);
dprint((6, "error (-1 returned): ld_errno=%d\n",
srch_res));
}
else if(lres == 0){ /* timeout, no results available */
if(intr_happened){
ldap_abandon(ld, msgid);
srch_res = LDAP_PROTOCOL_ERROR;
if(our_ldap_get_lderrno(ld, NULL, NULL) == LDAP_SUCCESS)
our_ldap_set_lderrno(ld, LDAP_PROTOCOL_ERROR, NULL, NULL);
dprint((6, "timeout, intr: srch_res=%d\n",
srch_res));
}
else if(info->time > 0 &&
((long)time((time_t *)0) - start_time) > info->time){
/* try for partial results */
t.tv_sec = 0; t.tv_usec = 0;
lres = ldap_result(ld, msgid, LDAP_MSG_RECEIVED, &t, &res);
if(lres > 0 && lres != LDAP_RES_SEARCH_RESULT){
srch_res = LDAP_SUCCESS;
dprint((6, "partial result: lres=0x%x\n", lres));
}
else{
if(lres == 0)
ldap_abandon(ld, msgid);
srch_res = LDAP_TIMEOUT;
if(our_ldap_get_lderrno(ld, NULL, NULL) == LDAP_SUCCESS)
our_ldap_set_lderrno(ld, LDAP_TIMEOUT, NULL, NULL);
dprint((6,
"timeout, total_time (%d), srch_res=%d\n",
info->time, srch_res));
}
}
else{
dprint((6, "timeout\n"));
}
}
else{
srch_res = ldap_result2error(ld, res, 0);
dprint((6, "lres=0x%x, srch_res=%d\n", lres,
srch_res));
}
}while(lres == 0 &&
!(intr_happened ||
(info->time > 0 &&
((long)time((time_t *)0) - start_time) > info->time)));
}
}
if(intr_happened){
wp_exit = 1;
if(we_cancel)
cancel_busy_cue(-1);
if(wp_err->error)
fs_give((void **)&wp_err->error);
else{
q_status_message(SM_ORDER, 0, 1, "Interrupt");
display_message('x');
fflush(stdout);
}
if(res)
ldap_msgfree(res);
if(ld)
ldap_unbind(ld);
res = NULL; ld = NULL;
}
else if(srch_res != LDAP_SUCCESS &&
srch_res != LDAP_TIMELIMIT_EXCEEDED &&
srch_res != LDAP_RESULTS_TOO_LARGE &&
srch_res != LDAP_TIMEOUT &&
srch_res != LDAP_SIZELIMIT_EXCEEDED){
wp_err->wp_err_occurred = 1;
ld_errnum = our_ldap_get_lderrno(ld, NULL, &ld_errstr);
snprintf(ebuf, sizeof(ebuf), _("LDAP search failed: %s%s%s%s"),
ldap_err2string(ld_errnum),
serv_errstr,
(ld_errstr && *ld_errstr) ? ": " : "",
(ld_errstr && *ld_errstr) ? ld_errstr : "");
if(wp_err->error)
fs_give((void **)&wp_err->error);
wp_err->error = cpystr(ebuf);
if(we_cancel)
cancel_busy_cue(-1);
q_status_message(SM_ORDER, 3, 5, wp_err->error);
display_message('x');
dprint((2, "%s\n", ebuf));
if(res)
ldap_msgfree(res);
if(ld)
ldap_unbind(ld);
res = NULL; ld = NULL;
}
else{
int cnt;
cnt = ldap_count_entries(ld, res);
if(cnt > 0){
if(srch_res == LDAP_TIMELIMIT_EXCEEDED ||
srch_res == LDAP_RESULTS_TOO_LARGE ||
srch_res == LDAP_TIMEOUT ||
srch_res == LDAP_SIZELIMIT_EXCEEDED){
wp_err->wp_err_occurred = 1;
ld_errnum = our_ldap_get_lderrno(ld, NULL, &ld_errstr);
snprintf(ebuf, sizeof(ebuf), _("LDAP partial results: %s%s%s%s"),
ldap_err2string(ld_errnum),
serv_errstr,
(ld_errstr && *ld_errstr) ? ": " : "",
(ld_errstr && *ld_errstr) ? ld_errstr : "");
dprint((2, "%s\n", ebuf));
if(wp_err->error)
fs_give((void **)&wp_err->error);
wp_err->error = cpystr(ebuf);
if(we_cancel)
cancel_busy_cue(-1);
q_status_message(SM_ORDER, 3, 5, wp_err->error);
display_message('x');
}
dprint((5, "Matched %d entries on %s\n",
cnt, serv ? serv : "?"));
serv_res = (LDAP_SERV_RES_S *)fs_get(sizeof(LDAP_SERV_RES_S));
memset((void *)serv_res, 0, sizeof(*serv_res));
serv_res->ld = ld;
serv_res->res = res;
serv_res->info_used = copy_ldap_serv_info(info);
/* Save by reference? */
if(info->ref){
snprintf(buf, sizeof(buf), "%s:%s", serv, comatose(info->port));
serv_res->serv = cpystr(buf);
}
else
serv_res->serv = NULL;
serv_res->next = NULL;
}
else{
if(srch_res == LDAP_TIMELIMIT_EXCEEDED ||
srch_res == LDAP_RESULTS_TOO_LARGE ||
srch_res == LDAP_TIMEOUT ||
srch_res == LDAP_SIZELIMIT_EXCEEDED){
wp_err->wp_err_occurred = 1;
wp_err->ldap_errno = srch_res;
ld_errnum = our_ldap_get_lderrno(ld, NULL, &ld_errstr);
snprintf(ebuf, sizeof(ebuf), _("LDAP search failed: %s%s%s%s"),
ldap_err2string(ld_errnum),
serv_errstr,
(ld_errstr && *ld_errstr) ? ": " : "",
(ld_errstr && *ld_errstr) ? ld_errstr : "");
if(wp_err->error)
fs_give((void **)&wp_err->error);
wp_err->error = cpystr(ebuf);
if(we_cancel)
cancel_busy_cue(-1);
q_status_message(SM_ORDER, 3, 5, wp_err->error);
display_message('x');
dprint((2, "%s\n", ebuf));
}
dprint((5, "Matched 0 entries on %s\n",
serv ? serv : "?"));
if(res)
ldap_msgfree(res);
if(ld)
ldap_unbind(ld);
res = NULL; ld = NULL;
}
}
}
}
if(we_cancel)
cancel_busy_cue(-1);
if(we_turned_on)
intr_handling_off();
if(serv)
fs_give((void **)&serv);
if(base)
fs_give((void **)&base);
if(serv_errstr)
fs_give((void **)&serv_errstr);
return(serv_res);
}
#include <stdio.h>
#include <ctype.h>
#include <string.h>
#ifdef MACOS
#include <stdlib.h>
#ifdef THINK_C
#include <console.h>
#include <unix.h>
#include <fcntl.h>
#endif /* THINK_C */
#include "macos.h"
#else /* MACOS */
#if defined( DOS ) || defined( _WIN32 )
#ifdef DOS
#include "msdos.h"
#endif
#if defined( WINSOCK ) || defined( _WIN32 )
#include "console.h"
#endif /* WINSOCK */
#else /* DOS */
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/time.h>
#include <sys/stat.h>
#include <sys/file.h>
#ifndef VMS
#include <fcntl.h>
#include <unistd.h>
#endif /* VMS */
#endif /* DOS */
#endif /* MACOS */
#include "lber.h"
#include "ldap.h"
#if !defined( PCNFS ) && !defined( WINSOCK ) && !defined( MACOS )
#define MOD_USE_BVALS
#endif /* !PCNFS && !WINSOCK && !MACOS */
#ifdef NEEDPROTOS
static void handle_result( LDAP *ld, LDAPMessage *lm );
static void print_ldap_result( LDAP *ld, LDAPMessage *lm, char *s );
static void print_search_entry( LDAP *ld, LDAPMessage *res );
static void free_list( char **list );
#else
static void handle_result();
static void print_ldap_result();
static void print_search_entry();
static void free_list();
#endif /* NEEDPROTOS */
#define NOCACHEERRMSG \
"don't compile with -DNO_CACHE if you desire local caching"
char *dnsuffix;
#ifndef WINSOCK
static char *
getline( char *line, int len, FILE *fp, char *prompt )
{
printf(prompt);
if ( fgets( line, len, fp ) == NULL )
return( NULL );
line[ strlen( line ) - 1 ] = '\0';
return( line );
}
#endif /* WINSOCK */
static char **
get_list( char *prompt )
{
static char buf[256];
int num;
char **result;
num = 0;
result = (char **) 0;
while ( 1 ) {
getline( buf, sizeof(buf), stdin, prompt );
if ( *buf == '\0' )
break;
if ( result == (char **) 0 )
result = (char **) malloc( sizeof(char *) );
else
result = (char **) realloc( result,
sizeof(char *) * (num + 1) );
result[num++] = (char *) strdup( buf );
}
if ( result == (char **) 0 )
return( NULL );
result = (char **) realloc( result, sizeof(char *) * (num + 1) );
result[num] = NULL;
return( result );
}
static void
free_list( char **list )
{
int i;
if ( list != NULL ) {
for ( i = 0; list[ i ] != NULL; ++i ) {
free( list[ i ] );
}
free( (char *)list );
}
}
#ifdef MOD_USE_BVALS
static int
file_read( char *path, struct berval *bv )
{
FILE *fp;
long rlen;
int eof;
if (( fp = fopen( path, "r" )) == NULL ) {
perror( path );
return( -1 );
}
if ( fseek( fp, 0L, SEEK_END ) != 0 ) {
perror( path );
fclose( fp );
return( -1 );
}
bv->bv_len = ftell( fp );
if (( bv->bv_val = (char *)malloc( bv->bv_len )) == NULL ) {
perror( "malloc" );
fclose( fp );
return( -1 );
}
if ( fseek( fp, 0L, SEEK_SET ) != 0 ) {
perror( path );
fclose( fp );
return( -1 );
}
rlen = fread( bv->bv_val, 1, bv->bv_len, fp );
eof = feof( fp );
fclose( fp );
if ( rlen != bv->bv_len ) {
perror( path );
free( bv->bv_val );
return( -1 );
}
return( bv->bv_len );
}
#endif /* MOD_USE_BVALS */
static LDAPMod **
get_modlist( char *prompt1, char *prompt2, char *prompt3 )
{
static char buf[256];
int num;
LDAPMod tmp;
LDAPMod **result;
#ifdef MOD_USE_BVALS
struct berval **bvals;
#endif /* MOD_USE_BVALS */
num = 0;
result = NULL;
while ( 1 ) {
if ( prompt1 ) {
getline( buf, sizeof(buf), stdin, prompt1 );
tmp.mod_op = atoi( buf );
if ( tmp.mod_op == -1 || buf[0] == '\0' )
break;
}
getline( buf, sizeof(buf), stdin, prompt2 );
if ( buf[0] == '\0' )
break;
tmp.mod_type = strdup( buf );
tmp.mod_values = get_list( prompt3 );
#ifdef MOD_USE_BVALS
if ( tmp.mod_values != NULL ) {
int i;
for ( i = 0; tmp.mod_values[i] != NULL; ++i )
;
bvals = (struct berval **)calloc( i + 1,
sizeof( struct berval *));
for ( i = 0; tmp.mod_values[i] != NULL; ++i ) {
bvals[i] = (struct berval *)malloc(
sizeof( struct berval ));
if ( strncmp( tmp.mod_values[i], "{FILE}",
6 ) == 0 ) {
if ( file_read( tmp.mod_values[i] + 6,
bvals[i] ) < 0 ) {
return( NULL );
}
} else {
bvals[i]->bv_val = tmp.mod_values[i];
bvals[i]->bv_len =
strlen( tmp.mod_values[i] );
}
}
tmp.mod_bvalues = bvals;
tmp.mod_op |= LDAP_MOD_BVALUES;
}
#endif /* MOD_USE_BVALS */
if ( result == NULL )
result = (LDAPMod **) malloc( sizeof(LDAPMod *) );
else
result = (LDAPMod **) realloc( result,
sizeof(LDAPMod *) * (num + 1) );
result[num] = (LDAPMod *) malloc( sizeof(LDAPMod) );
*(result[num]) = tmp; /* struct copy */
num++;
}
if ( result == NULL )
return( NULL );
result = (LDAPMod **) realloc( result, sizeof(LDAPMod *) * (num + 1) );
result[num] = NULL;
return( result );
}
#ifdef LDAP_REFERRALS
int
bind_prompt( LDAP *ld, char **dnp, char **passwdp, int *authmethodp,
int freeit )
{
static char dn[256], passwd[256];
if ( !freeit ) {
#ifdef KERBEROS
getline( dn, sizeof(dn), stdin, "re-bind method (0->simple, "
"1->krbv41, 2->krbv42, 3->krbv41&2)? " );
if (( *authmethodp = atoi( dn )) == 3 ) {
*authmethodp = LDAP_AUTH_KRBV4;
} else {
*authmethodp |= 0x80;
}
#else /* KERBEROS */
*authmethodp = LDAP_AUTH_SIMPLE;
#endif /* KERBEROS */
getline( dn, sizeof(dn), stdin, "re-bind dn? " );
strcat( dn, dnsuffix );
*dnp = dn;
if ( *authmethodp == LDAP_AUTH_SIMPLE && dn[0] != '\0' ) {
getline( passwd, sizeof(passwd), stdin,
"re-bind password? " );
} else {
passwd[0] = '\0';
}
*passwdp = passwd;
}
return( LDAP_SUCCESS );
}
#endif /* LDAP_REFERRALS */
int
#ifdef WINSOCK
ldapmain(
#else /* WINSOCK */
main(
#endif /* WINSOCK */
int argc, char **argv )
{
LDAP *ld;
int i, c, port, cldapflg, errflg, method, id, msgtype;
char line[256], command1, command2, command3;
char passwd[64], dn[256], rdn[64], attr[64], value[256];
char filter[256], *host, **types;
char **exdn;
char *usage = "usage: %s [-u] [-h host] [-d level] "
"[-s dnsuffix] [-p port] [-t file] [-T file]\n";
int bound, all, scope, attrsonly;
LDAPMessage *res;
LDAPMod **mods, **attrs;
struct timeval timeout;
char *copyfname = NULL;
int copyoptions = 0;
LDAPURLDesc *ludp;
extern char *optarg;
extern int optind;
#ifdef MACOS
if (( argv = get_list( "cmd line arg?" )) == NULL ) {
exit( 1 );
}
for ( argc = 0; argv[ argc ] != NULL; ++argc ) {
;
}
#endif /* MACOS */
host = NULL;
port = LDAP_PORT;
dnsuffix = "";
cldapflg = errflg = 0;
while (( c = getopt( argc, argv, "uh:d:s:p:t:T:" )) != -1 ) {
switch( c ) {
case 'u':
#ifdef CLDAP
cldapflg++;
#else /* CLDAP */
printf( "Compile with -DCLDAP for UDP support\n" );
#endif /* CLDAP */
break;
case 'd':
#ifdef LDAP_DEBUG
ldap_debug = atoi( optarg );
if ( ldap_debug & LDAP_DEBUG_PACKETS ) {
lber_debug = ldap_debug;
}
#else
printf( "Compile with -DLDAP_DEBUG for debugging\n" );
#endif
break;
case 'h':
host = optarg;
break;
case 's':
dnsuffix = optarg;
break;
case 'p':
port = atoi( optarg );
break;
#if !defined(MACOS) && !defined(DOS)
case 't': /* copy ber's to given file */
copyfname = strdup( optarg );
copyoptions = LBER_TO_FILE;
break;
case 'T': /* only output ber's to given file */
copyfname = strdup( optarg );
copyoptions = (LBER_TO_FILE | LBER_TO_FILE_ONLY);
break;
#endif
default:
++errflg;
}
}
if ( host == NULL && optind == argc - 1 ) {
host = argv[ optind ];
++optind;
}
if ( errflg || optind < argc - 1 ) {
fprintf( stderr, usage, argv[ 0 ] );
exit( 1 );
}
printf( "%sldap_open( %s, %d )\n", cldapflg ? "c" : "",
host == NULL ? "(null)" : host, port );
if ( cldapflg ) {
#ifdef CLDAP
ld = cldap_open( host, port );
#endif /* CLDAP */
} else {
ld = ldap_open( host, port );
}
if ( ld == NULL ) {
perror( "ldap_open" );
exit(1);
}
#if !defined(MACOS) && !defined(DOS)
if ( copyfname != NULL ) {
if ( (ld->ld_sb.sb_fd = open( copyfname, O_WRONLY | O_CREAT,
0600 )) == -1 ) {
perror( copyfname );
exit ( 1 );
}
ld->ld_sb.sb_options = copyoptions;
}
#endif
bound = 0;
timeout.tv_sec = 0;
timeout.tv_usec = 0;
(void) memset( line, '\0', sizeof(line) );
while ( getline( line, sizeof(line), stdin, "\ncommand? " ) != NULL ) {
command1 = line[0];
command2 = line[1];
command3 = line[2];
switch ( command1 ) {
case 'a': /* add or abandon */
switch ( command2 ) {
case 'd': /* add */
getline( dn, sizeof(dn), stdin, "dn? " );
strcat( dn, dnsuffix );
if ( (attrs = get_modlist( NULL, "attr? ",
"value? " )) == NULL )
break;
if ( (id = ldap_add( ld, dn, attrs )) == -1 )
ldap_perror( ld, "ldap_add" );
else
printf( "Add initiated with id %d\n",
id );
break;
case 'b': /* abandon */
getline( line, sizeof(line), stdin, "msgid? " );
id = atoi( line );
if ( ldap_abandon( ld, id ) != 0 )
ldap_perror( ld, "ldap_abandon" );
else
printf( "Abandon successful\n" );
break;
default:
printf( "Possibilities: [ad]d, [ab]ort\n" );
}
break;
case 'b': /* asynch bind */
#ifdef KERBEROS
getline( line, sizeof(line), stdin,
"method (0->simple, 1->krbv41, 2->krbv42)? " );
method = atoi( line ) | 0x80;
#else /* KERBEROS */
method = LDAP_AUTH_SIMPLE;
#endif /* KERBEROS */
getline( dn, sizeof(dn), stdin, "dn? " );
strcat( dn, dnsuffix );
if ( method == LDAP_AUTH_SIMPLE && dn[0] != '\0' )
getline( passwd, sizeof(passwd), stdin,
"password? " );
else
passwd[0] = '\0';
if ( ldap_bind( ld, dn, passwd, method ) == -1 ) {
fprintf( stderr, "ldap_bind failed\n" );
ldap_perror( ld, "ldap_bind" );
} else {
printf( "Bind initiated\n" );
bound = 1;
}
break;
case 'B': /* synch bind */
#ifdef KERBEROS
getline( line, sizeof(line), stdin,
"method 0->simple 1->krbv41 2->krbv42 3->krb? " );
method = atoi( line );
if ( method == 3 )
method = LDAP_AUTH_KRBV4;
else
method = method | 0x80;
#else /* KERBEROS */
method = LDAP_AUTH_SIMPLE;
#endif /* KERBEROS */
getline( dn, sizeof(dn), stdin, "dn? " );
strcat( dn, dnsuffix );
if ( dn[0] != '\0' )
getline( passwd, sizeof(passwd), stdin,
"password? " );
else
passwd[0] = '\0';
if ( ldap_bind_s( ld, dn, passwd, method ) !=
LDAP_SUCCESS ) {
fprintf( stderr, "ldap_bind_s failed\n" );
ldap_perror( ld, "ldap_bind_s" );
} else {
printf( "Bind successful\n" );
bound = 1;
}
break;
case 'c': /* compare */
getline( dn, sizeof(dn), stdin, "dn? " );
strcat( dn, dnsuffix );
getline( attr, sizeof(attr), stdin, "attr? " );
getline( value, sizeof(value), stdin, "value? " );
if ( (id = ldap_compare( ld, dn, attr, value )) == -1 )
ldap_perror( ld, "ldap_compare" );
else
printf( "Compare initiated with id %d\n", id );
break;
case 'd': /* turn on debugging */
#ifdef LDAP_DEBUG
getline( line, sizeof(line), stdin, "debug level? " );
ldap_debug = atoi( line );
if ( ldap_debug & LDAP_DEBUG_PACKETS ) {
lber_debug = ldap_debug;
}
#else
printf( "Compile with -DLDAP_DEBUG for debugging\n" );
#endif
break;
case 'E': /* explode a dn */
getline( line, sizeof(line), stdin, "dn? " );
exdn = ldap_explode_dn( line, 0 );
for ( i = 0; exdn != NULL && exdn[i] != NULL; i++ ) {
printf( "\t%s\n", exdn[i] );
}
break;
case 'g': /* set next msgid */
getline( line, sizeof(line), stdin, "msgid? " );
ld->ld_msgid = atoi( line );
break;
case 'v': /* set version number */
getline( line, sizeof(line), stdin, "version? " );
ld->ld_version = atoi( line );
break;
case 'm': /* modify or modifyrdn */
if ( strncmp( line, "modify", 4 ) == 0 ) {
getline( dn, sizeof(dn), stdin, "dn? " );
strcat( dn, dnsuffix );
if ( (mods = get_modlist(
"mod (0=>add, 1=>delete, 2=>replace -1=>done)? ",
"attribute type? ", "attribute value? " ))
== NULL )
break;
if ( (id = ldap_modify( ld, dn, mods )) == -1 )
ldap_perror( ld, "ldap_modify" );
else
printf( "Modify initiated with id %d\n",
id );
} else if ( strncmp( line, "modrdn", 4 ) == 0 ) {
getline( dn, sizeof(dn), stdin, "dn? " );
strcat( dn, dnsuffix );
getline( rdn, sizeof(rdn), stdin, "newrdn? " );
if ( (id = ldap_modrdn( ld, dn, rdn )) == -1 )
ldap_perror( ld, "ldap_modrdn" );
else
printf( "Modrdn initiated with id %d\n",
id );
} else {
printf( "Possibilities: [modi]fy, [modr]dn\n" );
}
break;
case 'q': /* quit */
#ifdef CLDAP
if ( cldapflg )
cldap_close( ld );
#endif /* CLDAP */
#ifdef LDAP_REFERRALS
if ( !cldapflg )
#else /* LDAP_REFERRALS */
if ( !cldapflg && bound )
#endif /* LDAP_REFERRALS */
ldap_unbind( ld );
exit( 0 );
break;
case 'r': /* result or remove */
switch ( command3 ) {
case 's': /* result */
getline( line, sizeof(line), stdin,
"msgid (-1=>any)? " );
if ( line[0] == '\0' )
id = -1;
else
id = atoi( line );
getline( line, sizeof(line), stdin,
"all (0=>any, 1=>all)? " );
if ( line[0] == '\0' )
all = 1;
else
all = atoi( line );
if (( msgtype = ldap_result( ld, id, all,
&timeout, &res )) < 1 ) {
ldap_perror( ld, "ldap_result" );
break;
}
printf( "\nresult: msgtype %d msgid %d\n",
msgtype, res->lm_msgid );
handle_result( ld, res );
res = NULLMSG;
break;
case 'm': /* remove */
getline( dn, sizeof(dn), stdin, "dn? " );
strcat( dn, dnsuffix );
if ( (id = ldap_delete( ld, dn )) == -1 )
ldap_perror( ld, "ldap_delete" );
else
printf( "Remove initiated with id %d\n",
id );
break;
default:
printf( "Possibilities: [rem]ove, [res]ult\n" );
break;
}
break;
case 's': /* search */
getline( dn, sizeof(dn), stdin, "searchbase? " );
strcat( dn, dnsuffix );
getline( line, sizeof(line), stdin,
"scope (0=Base, 1=One Level, 2=Subtree)? " );
scope = atoi( line );
getline( filter, sizeof(filter), stdin,
"search filter (e.g. sn=jones)? " );
types = get_list( "attrs to return? " );
getline( line, sizeof(line), stdin,
"attrsonly (0=attrs&values, 1=attrs only)? " );
attrsonly = atoi( line );
if ( cldapflg ) {
#ifdef CLDAP
getline( line, sizeof(line), stdin,
"Requestor DN (for logging)? " );
if ( cldap_search_s( ld, dn, scope, filter, types,
attrsonly, &res, line ) != 0 ) {
ldap_perror( ld, "cldap_search_s" );
} else {
printf( "\nresult: msgid %d\n",
res->lm_msgid );
handle_result( ld, res );
res = NULLMSG;
}
#endif /* CLDAP */
} else {
if (( id = ldap_search( ld, dn, scope, filter,
types, attrsonly )) == -1 ) {
ldap_perror( ld, "ldap_search" );
} else {
printf( "Search initiated with id %d\n", id );
}
}
free_list( types );
break;
case 't': /* set timeout value */
getline( line, sizeof(line), stdin, "timeout? " );
timeout.tv_sec = atoi( line );
break;
case 'U': /* set ufn search prefix */
getline( line, sizeof(line), stdin, "ufn prefix? " );
ldap_ufn_setprefix( ld, line );
break;
case 'u': /* user friendly search w/optional timeout */
getline( dn, sizeof(dn), stdin, "ufn? " );
strcat( dn, dnsuffix );
types = get_list( "attrs to return? " );
getline( line, sizeof(line), stdin,
"attrsonly (0=attrs&values, 1=attrs only)? " );
attrsonly = atoi( line );
if ( command2 == 't' ) {
id = ldap_ufn_search_c( ld, dn, types,
attrsonly, &res, ldap_ufn_timeout,
&timeout );
} else {
id = ldap_ufn_search_s( ld, dn, types,
attrsonly, &res );
}
if ( res == NULL )
ldap_perror( ld, "ldap_ufn_search" );
else {
printf( "\nresult: err %d\n", id );
handle_result( ld, res );
res = NULLMSG;
}
free_list( types );
break;
case 'l': /* URL search */
getline( line, sizeof(line), stdin,
"attrsonly (0=attrs&values, 1=attrs only)? " );
attrsonly = atoi( line );
getline( line, sizeof(line), stdin, "LDAP URL? " );
if (( id = ldap_url_search( ld, line, attrsonly ))
== -1 ) {
ldap_perror( ld, "ldap_url_search" );
} else {
printf( "URL search initiated with id %d\n", id );
}
break;
case 'p': /* parse LDAP URL */
getline( line, sizeof(line), stdin, "LDAP URL? " );
if (( i = ldap_url_parse( line, &ludp )) != 0 ) {
fprintf( stderr, "ldap_url_parse: error %d\n", i );
} else {
printf( "\t host: " );
if ( ludp->lud_host == NULL ) {
printf( "DEFAULT\n" );
} else {
printf( "<%s>\n", ludp->lud_host );
}
printf( "\t port: " );
if ( ludp->lud_port == 0 ) {
printf( "DEFAULT\n" );
} else {
printf( "%d\n", ludp->lud_port );
}
printf( "\t dn: <%s>\n", ludp->lud_dn );
printf( "\t attrs:" );
if ( ludp->lud_attrs == NULL ) {
printf( " ALL" );
} else {
for ( i = 0; ludp->lud_attrs[ i ] != NULL; ++i ) {
printf( " <%s>", ludp->lud_attrs[ i ] );
}
}
printf( "\n\t scope: %s\n",
ludp->lud_scope == LDAP_SCOPE_ONELEVEL ? "ONE"
: ludp->lud_scope == LDAP_SCOPE_BASE ? "BASE" :
ludp->lud_scope == LDAP_SCOPE_SUBTREE ? "SUB" :
"**invalid**" );
printf( "\tfilter: <%s>\n", ludp->lud_filter );
ldap_free_urldesc( ludp );
}
break;
case 'n': /* set dn suffix, for convenience */
getline( line, sizeof(line), stdin, "DN suffix? " );
strcpy( dnsuffix, line );
break;
case 'e': /* enable cache */
#ifdef NO_CACHE
printf( NOCACHEERRMSG );
#else /* NO_CACHE */
getline( line, sizeof(line), stdin,
"Cache timeout (secs)? " );
i = atoi( line );
getline( line, sizeof(line), stdin,
"Maximum memory to use (bytes)? " );
if ( ldap_enable_cache( ld, i, atoi( line )) == 0 ) {
printf( "local cache is on\n" );
} else {
printf( "ldap_enable_cache failed\n" );
}
#endif /* NO_CACHE */
break;
case 'x': /* uncache entry */
#ifdef NO_CACHE
printf( NOCACHEERRMSG );
#else /* NO_CACHE */
getline( line, sizeof(line), stdin, "DN? " );
ldap_uncache_entry( ld, line );
#endif /* NO_CACHE */
break;
case 'X': /* uncache request */
#ifdef NO_CACHE
printf( NOCACHEERRMSG );
#else /* NO_CACHE */
getline( line, sizeof(line), stdin, "request msgid? " );
ldap_uncache_request( ld, atoi( line ));
#endif /* NO_CACHE */
break;
case 'o': /* set ldap options */
getline( line, sizeof(line), stdin,
"alias deref (0=never, 1=searching, 2"
"=finding, 3=always)?" );
ld->ld_deref = atoi( line );
getline( line, sizeof(line), stdin, "timelimit?" );
ld->ld_timelimit = atoi( line );
getline( line, sizeof(line), stdin, "sizelimit?" );
ld->ld_sizelimit = atoi( line );
ld->ld_options = 0;
#ifdef STR_TRANSLATION
getline( line, sizeof(line), stdin,
"Automatic translation of T.61 strings "
"(0=no, 1=yes)?" );
if ( atoi( line ) == 0 ) {
ld->ld_lberoptions &= ~LBER_TRANSLATE_STRINGS;
} else {
ld->ld_lberoptions |= LBER_TRANSLATE_STRINGS;
#ifdef LDAP_CHARSET_8859
getline( line, sizeof(line), stdin,
"Translate to/from ISO-8859 "
"(0=no, 1=yes?" );
if ( atoi( line ) != 0 ) {
ldap_set_string_translators( ld,
ldap_8859_to_t61,
ldap_t61_to_8859 );
}
#endif /* LDAP_CHARSET_8859 */
}
#endif /* STR_TRANSLATION */
#ifdef LDAP_DNS
getline( line, sizeof(line), stdin,
"Use DN & DNS to determine where to send "
"requests (0=no, 1=yes)?" );
if ( atoi( line ) != 0 ) {
ld->ld_options |= LDAP_OPT_DNS;
}
#endif /* LDAP_DNS */
#ifdef LDAP_REFERRALS
getline( line, sizeof(line), stdin,
"Recognize and chase referrals (0=no, 1=yes)?");
if ( atoi( line ) != 0 ) {
ld->ld_options |= LDAP_OPT_REFERRALS;
getline( line, sizeof(line), stdin,
"Prompt for bind credentials when "
"chasing referrals (0=no, 1=yes)?" );
if ( atoi( line ) != 0 ) {
ldap_set_rebind_proc( ld, bind_prompt );
}
}
#endif /* LDAP_REFERRALS */
break;
case 'O': /* set cache options */
#ifdef NO_CACHE
printf( NOCACHEERRMSG );
#else /* NO_CACHE */
getline( line, sizeof(line), stdin,
"cache errors (0=smart, 1=never, 2=always)?" );
switch( atoi( line )) {
case 0:
ldap_set_cache_options( ld, 0 );
break;
case 1:
ldap_set_cache_options( ld,
LDAP_CACHE_OPT_CACHENOERRS );
break;
case 2:
ldap_set_cache_options( ld,
LDAP_CACHE_OPT_CACHEALLERRS );
break;
default:
printf( "not a valid cache option\n" );
}
#endif /* NO_CACHE */
break;
case '?': /* help */
printf( "Commands: [ad]d [ab]andon [b]ind\n" );
printf( " [B]ind async [c]ompare [l]URL search\n" );
printf( " [modi]fy [modr]dn [rem]ove\n" );
printf( " [res]ult [s]earch [q]uit/unbind\n\n" );
printf( " [u]fn search [ut]fn search with timeout\n" );
printf( " [d]ebug [e]nable cache set ms[g]id\n" );
printf( " d[n]suffix [t]imeout [v]ersion\n" );
printf( " [U]fn prefix [x]uncache entry [X]uncache request\n" );
printf( " [?]help [o]ptions [O]cache options\n" );
printf( " [E]xplode dn [p]arse LDAP URL\n" );
break;
default:
printf( "Invalid command. Type ? for help.\n" );
break;
}
(void) memset( line, '\0', sizeof(line) );
}
return( 0 );
}
