int ldap_search_st( LDAP *ld, LDAP_CONST char *base, int scope, LDAP_CONST char *filter, char **attrs, int attrsonly, struct timeval *timeout, LDAPMessage **res ) { int msgid; *res = NULL; if ( (msgid = ldap_search( ld, base, scope, filter, attrs, attrsonly )) == -1 ) return( ld->ld_errno ); if ( ldap_result( ld, msgid, LDAP_MSG_ALL, timeout, res ) == -1 || !*res ) return( ld->ld_errno ); if ( ld->ld_errno == LDAP_TIMEOUT ) { (void) ldap_abandon( ld, msgid ); ld->ld_errno = LDAP_TIMEOUT; return( ld->ld_errno ); } return( ldap_result2error( ld, *res, 0 ) ); }
/* ARGSUSED */ int _ns_ldap_abandon(char *service, int flags, int msgid) { LDAP *ld = __s_api_getLDAPconn(flags); return (ldap_abandon(ld, msgid)); }
static int nsldapi_search_s( LDAP *ld, const char *base, int scope, const char *filter, char **attrs, int attrsonly, LDAPControl **serverctrls, LDAPControl **clientctrls, struct timeval *localtimeoutp, int timelimit, /* -1 means use ld->ld_timelimit */ int sizelimit, /* -1 means use ld->ld_sizelimit */ LDAPMessage **res ) { int err, msgid; /* * It is an error to pass in a zero'd timeval. */ if ( localtimeoutp != NULL && localtimeoutp->tv_sec == 0 && localtimeoutp->tv_usec == 0 ) { if ( ld != NULL ) { LDAP_SET_LDERRNO( ld, LDAP_PARAM_ERROR, NULL, NULL ); } if ( res != NULL ) { *res = NULL; } return( LDAP_PARAM_ERROR ); } if (( err = nsldapi_search( ld, base, scope, filter, attrs, attrsonly, serverctrls, clientctrls, timelimit, sizelimit, &msgid )) != LDAP_SUCCESS ) { if ( res != NULL ) { *res = NULL; } return( err ); } if ( ldap_result( ld, msgid, 1, localtimeoutp, res ) == -1 ) { /* * Error. ldap_result() sets *res to NULL for us. */ return( LDAP_GET_LDERRNO( ld, NULL, NULL ) ); } if ( LDAP_GET_LDERRNO( ld, NULL, NULL ) == LDAP_TIMEOUT ) { (void) ldap_abandon( ld, msgid ); err = LDAP_TIMEOUT; LDAP_SET_LDERRNO( ld, err, NULL, NULL ); if ( res != NULL ) { *res = NULL; } return( err ); } return( ldap_result2error( ld, *res, 0 ) ); }
int ldap_pvt_search_s( LDAP *ld, LDAP_CONST char *base, int scope, LDAP_CONST char *filter, char **attrs, int attrsonly, LDAPControl **sctrls, LDAPControl **cctrls, struct timeval *timeout, int sizelimit, int deref, LDAPMessage **res ) { int rc; int msgid; *res = NULL; rc = ldap_pvt_search( ld, base, scope, filter, attrs, attrsonly, sctrls, cctrls, timeout, sizelimit, deref, &msgid ); if ( rc != LDAP_SUCCESS ) { return( rc ); } rc = ldap_result( ld, msgid, LDAP_MSG_ALL, timeout, res ); if( rc <= 0 ) { /* error(-1) or timeout(0) */ if ( ld->ld_errno == LDAP_TIMEOUT ) { /* cleanup request */ (void) ldap_abandon( ld, msgid ); ld->ld_errno = LDAP_TIMEOUT; } return( ld->ld_errno ); } if( rc == LDAP_RES_SEARCH_REFERENCE || rc == LDAP_RES_INTERMEDIATE ) { return( ld->ld_errno ); } return( ldap_result2error( ld, *res, 0 ) ); }
/* * We need a version of ldap_bind that times out, otherwise all * of Postfix can get wedged during daemon initialization. */ static int dict_ldap_bind_st(DICT_LDAP *dict_ldap) { int msgid; LDAPMessage *res; struct timeval mytimeval; if ((msgid = ldap_bind(dict_ldap->ld, dict_ldap->bind_dn, dict_ldap->bind_pw, LDAP_AUTH_SIMPLE)) == -1) return (dict_ldap_get_errno(dict_ldap->ld)); mytimeval.tv_sec = dict_ldap->timeout; mytimeval.tv_usec = 0; if (ldap_result(dict_ldap->ld, msgid, 1, &mytimeval, &res) == -1) return (dict_ldap_get_errno(dict_ldap->ld)); if (dict_ldap_get_errno(dict_ldap->ld) == LDAP_TIMEOUT) { (void) ldap_abandon(dict_ldap->ld, msgid); return (dict_ldap_set_errno(dict_ldap->ld, LDAP_TIMEOUT)); } return (ldap_result2error(dict_ldap->ld, res, 1)); }
int LDAP_CALL ldap_url_search_st( LDAP *ld, const char *url, int attrsonly, struct timeval *timeout, LDAPMessage **res ) { int msgid; /* * It is an error to pass in a zero'd timeval. */ if ( timeout != NULL && timeout->tv_sec == 0 && timeout->tv_usec == 0 ) { if ( ld != NULL ) { LDAP_SET_LDERRNO( ld, LDAP_PARAM_ERROR, NULL, NULL ); } if ( res != NULL ) { *res = NULL; } return( LDAP_PARAM_ERROR ); } if (( msgid = ldap_url_search( ld, url, attrsonly )) == -1 ) { return( LDAP_GET_LDERRNO( ld, NULL, NULL ) ); } if ( ldap_result( ld, msgid, 1, timeout, res ) == -1 ) { return( LDAP_GET_LDERRNO( ld, NULL, NULL ) ); } if ( LDAP_GET_LDERRNO( ld, NULL, NULL ) == LDAP_TIMEOUT ) { (void) ldap_abandon( ld, msgid ); LDAP_SET_LDERRNO( ld, LDAP_TIMEOUT, NULL, NULL ); return( LDAP_TIMEOUT ); } return( ldap_result2error( ld, *res, 0 )); }
sInt32 CLDAPNode::BindProc ( sLDAPNodeStruct *inLDAPNodeStruct ) { sInt32 siResult = eDSNoErr; int bindMsgId = 0; int version = -1; sLDAPConfigData *pConfig = nil; char *ldapAcct = nil; char *ldapPasswd = nil; int openTO = 0; LDAP *inLDAPHost = inLDAPNodeStruct->fHost; LDAPMessage *result = nil; int ldapReturnCode = 0; try { if ( inLDAPNodeStruct == nil ) throw( (sInt32)eDSNullParameter ); if (inLDAPNodeStruct->fLDAPSessionMutex != nil) { inLDAPNodeStruct->fLDAPSessionMutex->Wait(); } // Here is the bind to the LDAP server // Note that there may be stored name/password in the config table // ie. always use the config table data if authentication has not explicitly been set // use LDAPAuthNodeMap if inLDAPNodeStruct contains a username //check that we were already here if (inLDAPHost == NULL) { //retrieve the config data //don't need to retrieve for the case of "generic unknown" so don't check index 0 if (( inLDAPNodeStruct->fLDAPConfigTableIndex < gConfigTableLen) && ( inLDAPNodeStruct->fLDAPConfigTableIndex >= 1 )) { pConfig = (sLDAPConfigData *)gConfigTable->GetItemData( inLDAPNodeStruct->fLDAPConfigTableIndex ); if (pConfig != nil) { if ( (pConfig->bSecureUse) && (inLDAPNodeStruct->fUserName == nil) ) { if (pConfig->fServerAccount != nil) { ldapAcct = new char[1+::strlen(pConfig->fServerAccount)]; ::strcpy( ldapAcct, pConfig->fServerAccount ); } if (pConfig->fServerPassword != nil) { ldapPasswd = new char[1+::strlen(pConfig->fServerPassword)]; ::strcpy( ldapPasswd, pConfig->fServerPassword ); } } else { if (inLDAPNodeStruct->fUserName != nil) { ldapAcct = new char[1+::strlen(inLDAPNodeStruct->fUserName)]; ::strcpy( ldapAcct, inLDAPNodeStruct->fUserName ); } if (inLDAPNodeStruct->fAuthCredential != nil) { if (inLDAPNodeStruct->fAuthType != nil) { //auth type of clear text means char * password if (strcmp(inLDAPNodeStruct->fAuthType,kDSStdAuthClearText) == 0) { ldapPasswd = new char[1+::strlen((char*)(inLDAPNodeStruct->fAuthCredential))]; ::strcpy( ldapPasswd, (char*)(inLDAPNodeStruct->fAuthCredential) ); } } else //default is password { ldapPasswd = new char[1+::strlen((char*)(inLDAPNodeStruct->fAuthCredential))]; ::strcpy( ldapPasswd, (char*)(inLDAPNodeStruct->fAuthCredential) ); } } } openTO = pConfig->fOpenCloseTimeout; } } if (inLDAPNodeStruct->fLDAPConfigTableIndex != 0) { if (pConfig != nil) { inLDAPHost = ldap_init( pConfig->fServerName, pConfig->fServerPort ); } } else { inLDAPHost = ldap_init( inLDAPNodeStruct->fServerName, inLDAPNodeStruct->fDirectLDAPPort ); } if ( inLDAPHost == nil ) throw( (sInt32)eDSCannotAccessSession ); if (pConfig != nil) { if ( pConfig->bIsSSL ) { int ldapOptVal = LDAP_OPT_X_TLS_HARD; ldap_set_option(inLDAPHost, LDAP_OPT_X_TLS, &ldapOptVal); } } /* LDAPv3 only */ version = LDAP_VERSION3; ldap_set_option( inLDAPHost, LDAP_OPT_PROTOCOL_VERSION, &version ); //heuristic to prevent many consecutive failures with long timeouts //ie. forcing quick failures after first failure during a window of //the same length as the timeout value //NN fLDAPNodeOpenMutex.Wait(); if ( inLDAPNodeStruct->bHasFailed ) { if ( time( nil ) < inLDAPNodeStruct->fDelayedBindTime ) { //NN fLDAPNodeOpenMutex.Signal(); throw( (sInt32)eDSCannotAccessSession ); } else { inLDAPNodeStruct->bHasFailed = false; //fDelayedBindTime then is unused so no need to reset } } //NN fLDAPNodeOpenMutex.Signal(); //this is our and only our LDAP session for now //need to use our timeout so we don't hang indefinitely bindMsgId = ldap_bind( inLDAPHost, ldapAcct, ldapPasswd, LDAP_AUTH_SIMPLE ); if (openTO == 0) { ldapReturnCode = ldap_result(inLDAPHost, bindMsgId, 0, NULL, &result); } else { struct timeval tv; tv.tv_sec = openTO; tv.tv_usec = 0; ldapReturnCode = ldap_result(inLDAPHost, bindMsgId, 0, &tv, &result); } if ( ldapReturnCode == -1 ) { throw( (sInt32)eDSCannotAccessSession ); } else if ( ldapReturnCode == 0 ) { // timed out, let's forget it ldap_abandon(inLDAPHost, bindMsgId); //log this timed out connection if (pConfig != nil) { syslog(LOG_INFO,"DSLDAPv3PlugIn: Timed out in attempt to bind to [%s] LDAP server.", pConfig->fServerName); syslog(LOG_INFO,"DSLDAPv3PlugIn: Disabled future attempts to bind to [%s] LDAP server for next %d seconds.", pConfig->fServerName, inLDAPNodeStruct->fDelayRebindTry); } else { syslog(LOG_INFO,"DSLDAPv3PlugIn: Timed out in attempt to bind to [%s] LDAP server.", inLDAPNodeStruct->fServerName); syslog(LOG_INFO,"DSLDAPv3PlugIn: Disabled future attempts to bind to [%s] LDAP server for next %d seconds.", inLDAPNodeStruct->fServerName, inLDAPNodeStruct->fDelayRebindTry); } //NN fLDAPNodeOpenMutex.Wait(); inLDAPNodeStruct->bHasFailed = true; inLDAPNodeStruct->fDelayedBindTime = time( nil ) + inLDAPNodeStruct->fDelayRebindTry; //NN fLDAPNodeOpenMutex.Signal(); throw( (sInt32)eDSCannotAccessSession ); } else if ( ldap_result2error(inLDAPHost, result, 1) != LDAP_SUCCESS ) { //NN fLDAPNodeOpenMutex.Wait(); inLDAPNodeStruct->bHasFailed = true; inLDAPNodeStruct->fHost = inLDAPHost; //NN fLDAPNodeOpenMutex.Signal(); throw( (sInt32)eDSCannotAccessSession ); } //NN fLDAPNodeOpenMutex.Wait(); inLDAPNodeStruct->fHost = inLDAPHost; //NN fLDAPNodeOpenMutex.Signal(); //result is consumed above within ldap_result2error result = nil; } } // try catch ( sInt32 err ) { siResult = err; } if (ldapAcct != nil) { delete (ldapAcct); ldapAcct = nil; } if (ldapPasswd != nil) { delete (ldapPasswd); ldapPasswd = nil; } if (inLDAPNodeStruct->fLDAPSessionMutex != nil) { inLDAPNodeStruct->fLDAPSessionMutex->Signal(); } return (siResult); }// BindProc
static int do_bind (LDAP * ldap_connection, int timelimit) { int rc; int rv; struct timeval tv; LDAPMessage *result; /* * set timelimit in ld for select() call in ldap_pvt_connect() * function implemented in libldap2's os-ip.c */ tv.tv_sec = timelimit; tv.tv_usec = 0; DBG2("do_bind(): bind DN=\"%s\" pass=\"%s\"",binddn,passwd); /* LDAPv3 doesn't need bind at all, * nevertheless, if no binddn is given than bind anonymous */ if ( ! strncmp(binddn,"",1) ) { rv = ldap_simple_bind(ldap_connection, NULL, NULL); } else { rv = ldap_simple_bind(ldap_connection, binddn, passwd); } if (rv < 0) { DBG("do_bind: rv < 0"); #if defined(HAVE_LDAP_GET_OPTION) && defined(LDAP_OPT_ERROR_NUMBER) if (ldap_get_option (ldap_connection, LDAP_OPT_ERROR_NUMBER, &rc) != LDAP_SUCCESS) { rc = LDAP_UNAVAILABLE; } #else rc = ldap_connection->ld_errno; #endif /* LDAP_OPT_ERROR_NUMBER */ /* Notify if we failed. */ DBG3("could not connect to LDAP server as %s - %d - %s", binddn, rc, ldap_err2string (rc)); return rc; } rc = ldap_result (ldap_connection, rv, 0, &tv, &result); if (rc > 0) { DBG1("do_bind rc=%d", rc); /* debug ("<== do_bind"); */ return ldap_result2error (ldap_connection, result, 1); } /* took too long */ if (rc == 0) { DBG("do_bind rc=0"); ldap_abandon (ldap_connection, rv); } DBG("do_bind return -1"); return -1; }
static int cldap_result( LDAP *ld, int msgid, LDAPMessage **res, struct cldap_retinfo *crip, char *base ) { Sockbuf *sb; BerElement ber; char *logdn; int ret, id, fromaddr, i; struct timeval tv; #if defined( SUN ) && defined( _REENTRANT ) LOCK_LDAP(ld); #endif sb = &ld->ld_sb; fromaddr = -1; if ( crip->cri_try == 0 ) { crip->cri_maxtries = ld->ld_cldaptries * sb->sb_naddr; crip->cri_timeout = ld->ld_cldaptimeout; crip->cri_useaddr = 0; Debug( LDAP_DEBUG_TRACE, catgets(slapdcat, 1, 117, "cldap_result tries %1$d timeout %2$d\n"), ld->ld_cldaptries, ld->ld_cldaptimeout, 0 ); } if ((tv.tv_sec = crip->cri_timeout / sb->sb_naddr) < 1 ) { tv.tv_sec = 1; } tv.tv_usec = 0; Debug( LDAP_DEBUG_TRACE, catgets(slapdcat, 1, 118, "cldap_result waiting up to %d seconds for a response\n"), tv.tv_sec, 0, 0 ); ber_zero_init( &ber, 0 ); set_ber_options( ld, &ber ); if ( cldap_getmsg( ld, &tv, &ber ) == -1 ) { ret = ld->ld_errno; Debug( LDAP_DEBUG_TRACE, catgets(slapdcat, 1, 119, "cldap_getmsg returned -1 (%d)\n"), ret, 0, 0 ); } else if ( ld->ld_errno == LDAP_TIMEOUT ) { Debug( LDAP_DEBUG_TRACE, catgets(slapdcat, 1, 120, "cldap_result timed out\n"), 0, 0, 0 ); /* * It timed out; is it time to give up? */ if ( ++crip->cri_try >= crip->cri_maxtries ) { ret = LDAP_TIMEOUT; --crip->cri_try; } else { if ( ++crip->cri_useaddr >= sb->sb_naddr ) { /* * new round: reset address to first one and * double the timeout */ crip->cri_useaddr = 0; crip->cri_timeout <<= 1; } ret = -1; } } else { /* * Got a response. It should look like: * { msgid, logdn, { searchresponse...}} */ logdn = NULL; if ( ber_scanf( &ber, "ia", &id, &logdn ) == LBER_ERROR ) { free( ber.ber_buf ); /* gack! */ ret = LDAP_DECODING_ERROR; Debug( LDAP_DEBUG_TRACE, catgets(slapdcat, 1, 121, "cldap_result: ber_scanf returned LBER_ERROR (%d)\n"), ret, 0, 0 ); } else if ( id != msgid ) { free( ber.ber_buf ); /* gack! */ Debug( LDAP_DEBUG_TRACE, catgets(slapdcat, 1, 122, "cldap_result: looking for msgid %1$d; got %2$d\n"), msgid, id, 0 ); ret = -1; /* ignore and keep looking */ } else { /* * got a result: determine which server it came from * decode into ldap message chain */ for ( fromaddr = 0; fromaddr < sb->sb_naddr; ++fromaddr ) { if ( memcmp( &((struct sockaddr_in *) sb->sb_addrs[ fromaddr ])->sin_addr, &((struct sockaddr_in *)sb->sb_fromaddr)->sin_addr, sizeof( struct in_addr )) == 0 ) { break; } } ret = cldap_parsemsg( ld, msgid, &ber, res, base ); free( ber.ber_buf ); /* gack! */ Debug( LDAP_DEBUG_TRACE, catgets(slapdcat, 1, 123, "cldap_result got result (%d)\n"), ret, 0, 0 ); } if ( logdn != NULL ) { free( logdn ); } } /* * If we are giving up (successfully or otherwise) then * abandon any outstanding requests. */ if ( ret != -1 ) { i = crip->cri_try; if ( i >= sb->sb_naddr ) { i = sb->sb_naddr - 1; } for ( ; i >= 0; --i ) { if ( i == fromaddr ) { continue; } sb->sb_useaddr = sb->sb_addrs[ i ]; Debug( LDAP_DEBUG_TRACE, catgets(slapdcat, 1, 124, "cldap_result abandoning id %1$d (to %2$s)\n"), msgid, inet_ntoa( ((struct sockaddr_in *) sb->sb_useaddr)->sin_addr ), 0 ); (void) ldap_abandon( ld, msgid ); } } #if defined( SUN ) && defined( _REENTRANT ) UNLOCK_LDAP(ld); #endif return( ld->ld_errno = ret ); }
static krb5_error_code LDAP_seq(krb5_context context, HDB * db, unsigned flags, hdb_entry * entry) { int msgid, rc, parserc; krb5_error_code ret; LDAPMessage *e; msgid = HDB2MSGID(db); if (msgid < 0) return HDB_ERR_NOENTRY; do { rc = ldap_result(HDB2LDAP(db), msgid, LDAP_MSG_ONE, NULL, &e); switch (rc) { case LDAP_RES_SEARCH_REFERENCE: ldap_msgfree(e); ret = 0; break; case LDAP_RES_SEARCH_ENTRY: /* We have an entry. Parse it. */ ret = LDAP_message2entry(context, db, e, entry); ldap_msgfree(e); break; case LDAP_RES_SEARCH_RESULT: /* We're probably at the end of the results. If not, abandon. */ parserc = ldap_parse_result(HDB2LDAP(db), e, NULL, NULL, NULL, NULL, NULL, 1); if (parserc != LDAP_SUCCESS && parserc != LDAP_MORE_RESULTS_TO_RETURN) { krb5_set_error_string(context, "ldap_parse_result: %s", ldap_err2string(parserc)); ldap_abandon(HDB2LDAP(db), msgid); } ret = HDB_ERR_NOENTRY; HDBSETMSGID(db, -1); break; case LDAP_SERVER_DOWN: ldap_msgfree(e); LDAP_close(context, db); HDBSETMSGID(db, -1); ret = ENETDOWN; break; default: /* Some unspecified error (timeout?). Abandon. */ ldap_msgfree(e); ldap_abandon(HDB2LDAP(db), msgid); ret = HDB_ERR_NOENTRY; HDBSETMSGID(db, -1); break; } } while (rc == LDAP_RES_SEARCH_REFERENCE); if (ret == 0) { if (db->hdb_master_key_set && (flags & HDB_F_DECRYPT)) { ret = hdb_unseal_keys(context, db, entry); if (ret) hdb_free_entry(context,entry); } } return ret; }
int main( int argc, char **argv ) { LDAP *ld = NULL; int i, c, port, errflg, method, id, msgtype; char line[256], command1, command2, command3; char passwd[64], dn[256], rdn[64], attr[64], value[256]; char filter[256], *host, **types; char **exdn; static const char usage[] = "usage: %s [-u] [-h host] [-d level] [-s dnsuffix] [-p port] [-t file] [-T file]\n"; int bound, all, scope, attrsonly; LDAPMessage *res; LDAPMod **mods, **attrs; struct timeval timeout; char *copyfname = NULL; int copyoptions = 0; LDAPURLDesc *ludp; host = NULL; port = LDAP_PORT; dnsuffix = ""; errflg = 0; while (( c = getopt( argc, argv, "h:d:s:p:t:T:" )) != -1 ) { switch( c ) { case 'd': #ifdef LDAP_DEBUG ldap_debug = atoi( optarg ); #ifdef LBER_DEBUG if ( ldap_debug & LDAP_DEBUG_PACKETS ) { ber_set_option( NULL, LBER_OPT_DEBUG_LEVEL, &ldap_debug ); } #endif #else printf( "Compile with -DLDAP_DEBUG for debugging\n" ); #endif break; case 'h': host = optarg; break; case 's': dnsuffix = optarg; break; case 'p': port = atoi( optarg ); break; case 't': /* copy ber's to given file */ copyfname = strdup( optarg ); /* copyoptions = LBER_TO_FILE; */ break; case 'T': /* only output ber's to given file */ copyfname = strdup( optarg ); /* copyoptions = (LBER_TO_FILE | LBER_TO_FILE_ONLY); */ break; default: ++errflg; } } if ( host == NULL && optind == argc - 1 ) { host = argv[ optind ]; ++optind; } if ( errflg || optind < argc - 1 ) { fprintf( stderr, usage, argv[ 0 ] ); exit( EXIT_FAILURE ); } printf( "ldap_init( %s, %d )\n", host == NULL ? "(null)" : host, port ); ld = ldap_init( host, port ); if ( ld == NULL ) { perror( "ldap_init" ); exit( EXIT_FAILURE ); } if ( copyfname != NULL ) { if ( ( ld->ld_sb->sb_fd = open( copyfname, O_WRONLY|O_CREAT|O_EXCL, 0600 )) == -1 ) { perror( copyfname ); exit ( EXIT_FAILURE ); } ld->ld_sb->sb_options = copyoptions; } bound = 0; timeout.tv_sec = 0; timeout.tv_usec = 0; (void) memset( line, '\0', sizeof(line) ); while ( get_line( line, sizeof(line), stdin, "\ncommand? " ) != NULL ) { command1 = line[0]; command2 = line[1]; command3 = line[2]; switch ( command1 ) { case 'a': /* add or abandon */ switch ( command2 ) { case 'd': /* add */ get_line( dn, sizeof(dn), stdin, "dn? " ); strcat( dn, dnsuffix ); if ( (attrs = get_modlist( NULL, "attr? ", "value? " )) == NULL ) break; if ( (id = ldap_add( ld, dn, attrs )) == -1 ) ldap_perror( ld, "ldap_add" ); else printf( "Add initiated with id %d\n", id ); break; case 'b': /* abandon */ get_line( line, sizeof(line), stdin, "msgid? " ); id = atoi( line ); if ( ldap_abandon( ld, id ) != 0 ) ldap_perror( ld, "ldap_abandon" ); else printf( "Abandon successful\n" ); break; default: printf( "Possibilities: [ad]d, [ab]ort\n" ); } break; case 'b': /* asynch bind */ method = LDAP_AUTH_SIMPLE; get_line( dn, sizeof(dn), stdin, "dn? " ); strcat( dn, dnsuffix ); if ( method == LDAP_AUTH_SIMPLE && dn[0] != '\0' ) get_line( passwd, sizeof(passwd), stdin, "password? " ); else passwd[0] = '\0'; if ( ldap_bind( ld, dn, passwd, method ) == -1 ) { fprintf( stderr, "ldap_bind failed\n" ); ldap_perror( ld, "ldap_bind" ); } else { printf( "Bind initiated\n" ); bound = 1; } break; case 'B': /* synch bind */ method = LDAP_AUTH_SIMPLE; get_line( dn, sizeof(dn), stdin, "dn? " ); strcat( dn, dnsuffix ); if ( dn[0] != '\0' ) get_line( passwd, sizeof(passwd), stdin, "password? " ); else passwd[0] = '\0'; if ( ldap_bind_s( ld, dn, passwd, method ) != LDAP_SUCCESS ) { fprintf( stderr, "ldap_bind_s failed\n" ); ldap_perror( ld, "ldap_bind_s" ); } else { printf( "Bind successful\n" ); bound = 1; } break; case 'c': /* compare */ get_line( dn, sizeof(dn), stdin, "dn? " ); strcat( dn, dnsuffix ); get_line( attr, sizeof(attr), stdin, "attr? " ); get_line( value, sizeof(value), stdin, "value? " ); if ( (id = ldap_compare( ld, dn, attr, value )) == -1 ) ldap_perror( ld, "ldap_compare" ); else printf( "Compare initiated with id %d\n", id ); break; case 'd': /* turn on debugging */ #ifdef LDAP_DEBUG get_line( line, sizeof(line), stdin, "debug level? " ); ldap_debug = atoi( line ); #ifdef LBER_DEBUG if ( ldap_debug & LDAP_DEBUG_PACKETS ) { ber_set_option( NULL, LBER_OPT_DEBUG_LEVEL, &ldap_debug ); } #endif #else printf( "Compile with -DLDAP_DEBUG for debugging\n" ); #endif break; case 'E': /* explode a dn */ get_line( line, sizeof(line), stdin, "dn? " ); exdn = ldap_explode_dn( line, 0 ); for ( i = 0; exdn != NULL && exdn[i] != NULL; i++ ) { printf( "\t%s\n", exdn[i] ); } break; case 'g': /* set next msgid */ get_line( line, sizeof(line), stdin, "msgid? " ); ld->ld_msgid = atoi( line ); break; case 'v': /* set version number */ get_line( line, sizeof(line), stdin, "version? " ); ld->ld_version = atoi( line ); break; case 'm': /* modify or modifyrdn */ if ( strncmp( line, "modify", 4 ) == 0 ) { get_line( dn, sizeof(dn), stdin, "dn? " ); strcat( dn, dnsuffix ); if ( (mods = get_modlist( "mod (0=>add, 1=>delete, 2=>replace -1=>done)? ", "attribute type? ", "attribute value? " )) == NULL ) break; if ( (id = ldap_modify( ld, dn, mods )) == -1 ) ldap_perror( ld, "ldap_modify" ); else printf( "Modify initiated with id %d\n", id ); } else if ( strncmp( line, "modrdn", 4 ) == 0 ) { get_line( dn, sizeof(dn), stdin, "dn? " ); strcat( dn, dnsuffix ); get_line( rdn, sizeof(rdn), stdin, "newrdn? " ); if ( (id = ldap_modrdn( ld, dn, rdn )) == -1 ) ldap_perror( ld, "ldap_modrdn" ); else printf( "Modrdn initiated with id %d\n", id ); } else { printf( "Possibilities: [modi]fy, [modr]dn\n" ); } break; case 'q': /* quit */ ldap_unbind( ld ); exit( EXIT_SUCCESS ); break; case 'r': /* result or remove */ switch ( command3 ) { case 's': /* result */ get_line( line, sizeof(line), stdin, "msgid (-1=>any)? " ); if ( line[0] == '\0' ) id = -1; else id = atoi( line ); get_line( line, sizeof(line), stdin, "all (0=>any, 1=>all)? " ); if ( line[0] == '\0' ) all = 1; else all = atoi( line ); if (( msgtype = ldap_result( ld, id, all, &timeout, &res )) < 1 ) { ldap_perror( ld, "ldap_result" ); break; } printf( "\nresult: msgtype %d msgid %d\n", msgtype, res->lm_msgid ); handle_result( ld, res ); res = NULL; break; case 'm': /* remove */ get_line( dn, sizeof(dn), stdin, "dn? " ); strcat( dn, dnsuffix ); if ( (id = ldap_delete( ld, dn )) == -1 ) ldap_perror( ld, "ldap_delete" ); else printf( "Remove initiated with id %d\n", id ); break; default: printf( "Possibilities: [rem]ove, [res]ult\n" ); break; } break; case 's': /* search */ get_line( dn, sizeof(dn), stdin, "searchbase? " ); strcat( dn, dnsuffix ); get_line( line, sizeof(line), stdin, "scope (0=baseObject, 1=oneLevel, 2=subtree, 3=children)? " ); scope = atoi( line ); get_line( filter, sizeof(filter), stdin, "search filter (e.g. sn=jones)? " ); types = get_list( "attrs to return? " ); get_line( line, sizeof(line), stdin, "attrsonly (0=attrs&values, 1=attrs only)? " ); attrsonly = atoi( line ); if (( id = ldap_search( ld, dn, scope, filter, types, attrsonly )) == -1 ) { ldap_perror( ld, "ldap_search" ); } else { printf( "Search initiated with id %d\n", id ); } free_list( types ); break; case 't': /* set timeout value */ get_line( line, sizeof(line), stdin, "timeout? " ); timeout.tv_sec = atoi( line ); break; case 'p': /* parse LDAP URL */ get_line( line, sizeof(line), stdin, "LDAP URL? " ); if (( i = ldap_url_parse( line, &ludp )) != 0 ) { fprintf( stderr, "ldap_url_parse: error %d\n", i ); } else { printf( "\t host: " ); if ( ludp->lud_host == NULL ) { printf( "DEFAULT\n" ); } else { printf( "<%s>\n", ludp->lud_host ); } printf( "\t port: " ); if ( ludp->lud_port == 0 ) { printf( "DEFAULT\n" ); } else { printf( "%d\n", ludp->lud_port ); } printf( "\t dn: <%s>\n", ludp->lud_dn ); printf( "\t attrs:" ); if ( ludp->lud_attrs == NULL ) { printf( " ALL" ); } else { for ( i = 0; ludp->lud_attrs[ i ] != NULL; ++i ) { printf( " <%s>", ludp->lud_attrs[ i ] ); } } printf( "\n\t scope: %s\n", ludp->lud_scope == LDAP_SCOPE_BASE ? "baseObject" : ludp->lud_scope == LDAP_SCOPE_ONELEVEL ? "oneLevel" : ludp->lud_scope == LDAP_SCOPE_SUBTREE ? "subtree" #ifdef LDAP_SCOPE_SUBORDINATE : ludp->lud_scope == LDAP_SCOPE_SUBORDINATE ? "children" #endif : "**invalid**" ); printf( "\tfilter: <%s>\n", ludp->lud_filter ); ldap_free_urldesc( ludp ); } break; case 'n': /* set dn suffix, for convenience */ get_line( line, sizeof(line), stdin, "DN suffix? " ); strcpy( dnsuffix, line ); break; case 'o': /* set ldap options */ get_line( line, sizeof(line), stdin, "alias deref (0=never, 1=searching, 2=finding, 3=always)?" ); ld->ld_deref = atoi( line ); get_line( line, sizeof(line), stdin, "timelimit?" ); ld->ld_timelimit = atoi( line ); get_line( line, sizeof(line), stdin, "sizelimit?" ); ld->ld_sizelimit = atoi( line ); LDAP_BOOL_ZERO(&ld->ld_options); get_line( line, sizeof(line), stdin, "Recognize and chase referrals (0=no, 1=yes)?" ); if ( atoi( line ) != 0 ) { LDAP_BOOL_SET(&ld->ld_options, LDAP_BOOL_REFERRALS); get_line( line, sizeof(line), stdin, "Prompt for bind credentials when chasing referrals (0=no, 1=yes)?" ); if ( atoi( line ) != 0 ) { ldap_set_rebind_proc( ld, bind_prompt, NULL ); } } break; case '?': /* help */ printf( "Commands: [ad]d [ab]andon [b]ind\n" " [B]ind async [c]ompare\n" " [modi]fy [modr]dn [rem]ove\n" " [res]ult [s]earch [q]uit/unbind\n\n" " [d]ebug set ms[g]id\n" " d[n]suffix [t]imeout [v]ersion\n" " [?]help [o]ptions" " [E]xplode dn [p]arse LDAP URL\n" ); break; default: printf( "Invalid command. Type ? for help.\n" ); break; } (void) memset( line, '\0', sizeof(line) ); } return( 0 ); }
/* * Do an LDAP lookup to the server described in the info argument. * * Args info -- LDAP info for server. * string -- String to lookup. * cust -- Possible custom filter description. * wp_err -- We set this is we get a white pages error. * name_in_error -- Caller sets this if they want us to include the server * name in error messages. * * Returns Results of lookup, NULL if lookup failed. */ LDAP_SERV_RES_S * ldap_lookup(LDAP_SERV_S *info, char *string, CUSTOM_FILT_S *cust, WP_ERR_S *wp_err, int name_in_error) { char ebuf[900]; char buf[900]; char *serv, *base, *serv_errstr; char *mailattr, *snattr, *gnattr, *cnattr; int we_cancel = 0, we_turned_on = 0; LDAP_SERV_RES_S *serv_res = NULL; LDAP *ld; long pwdtrial = 0L; int ld_errnum; char *ld_errstr; if(!info) return(serv_res); serv = cpystr((info->serv && *info->serv) ? info->serv : "?"); if(name_in_error) snprintf(ebuf, sizeof(ebuf), " (%s)", (info->nick && *info->nick) ? info->nick : serv); else ebuf[0] = '\0'; serv_errstr = cpystr(ebuf); base = cpystr(info->base ? info->base : ""); if(info->port < 0) info->port = LDAP_PORT; if(info->type < 0) info->type = DEF_LDAP_TYPE; if(info->srch < 0) info->srch = DEF_LDAP_SRCH; if(info->time < 0) info->time = DEF_LDAP_TIME; if(info->size < 0) info->size = DEF_LDAP_SIZE; if(info->scope < 0) info->scope = DEF_LDAP_SCOPE; mailattr = (info->mailattr && info->mailattr[0]) ? info->mailattr : DEF_LDAP_MAILATTR; snattr = (info->snattr && info->snattr[0]) ? info->snattr : DEF_LDAP_SNATTR; gnattr = (info->gnattr && info->gnattr[0]) ? info->gnattr : DEF_LDAP_GNATTR; cnattr = (info->cnattr && info->cnattr[0]) ? info->cnattr : DEF_LDAP_CNATTR; /* * We may want to keep ldap handles open, but at least for * now, re-open them every time. */ dprint((3, "ldap_lookup(%s,%d)\n", serv ? serv : "?", info->port)); snprintf(ebuf, sizeof(ebuf), "Searching%s%s%s on %s", (string && *string) ? " for \"" : "", (string && *string) ? string : "", (string && *string) ? "\"" : "", serv); we_turned_on = intr_handling_on(); /* this erases keymenu */ we_cancel = busy_cue(ebuf, NULL, 0); if(wp_err->mangled) *(wp_err->mangled) = 1; #ifdef _SOLARIS_SDK if(info->tls || info->tlsmust) ldapssl_client_init(NULL, NULL); if((ld = ldap_init(serv, info->port)) == NULL) #else #if (LDAPAPI >= 11) if((ld = ldap_init(serv, info->port)) == NULL) #else if((ld = ldap_open(serv, info->port)) == NULL) #endif #endif { /* TRANSLATORS: All of the three args together are an error message */ snprintf(ebuf, sizeof(ebuf), _("Access to LDAP server failed: %s%s(%s)"), errno ? error_description(errno) : "", errno ? " " : "", serv); wp_err->wp_err_occurred = 1; if(wp_err->error) fs_give((void **)&wp_err->error); wp_err->error = cpystr(ebuf); if(we_cancel) cancel_busy_cue(-1); q_status_message(SM_ORDER, 3, 5, wp_err->error); display_message('x'); dprint((2, "%s\n", ebuf)); } else if(!ps_global->intr_pending){ int proto = 3, tlsmustbail = 0; char pwd[NETMAXPASSWD], user[NETMAXUSER]; char *passwd = NULL; char hostbuf[1024]; NETMBX mb; #ifndef _WINDOWS int rc; #endif memset(&mb, 0, sizeof(mb)); #ifdef _SOLARIS_SDK if(info->tls || info->tlsmust) rc = ldapssl_install_routines(ld); #endif if(ldap_v3_is_supported(ld) && our_ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &proto) == 0){ dprint((5, "ldap: using version 3 protocol\n")); } /* * If we don't set RESTART then the select() waiting for the answer * in libldap will be interrupted and stopped by our busy_cue. */ our_ldap_set_option(ld, LDAP_OPT_RESTART, LDAP_OPT_ON); /* * If we need to authenticate, get the password. We are not * supporting SASL authentication, just LDAP simple. */ if(info->binddn && info->binddn[0]){ char pmt[500]; char *space; snprintf(hostbuf, sizeof(hostbuf), "{%s}dummy", info->serv ? info->serv : "?"); /* * We don't handle multiple space-delimited hosts well. * We don't know which we're asking for a password for. * We're not connected yet so we can't know. */ if((space=strindex(hostbuf, ' ')) != NULL) *space = '\0'; mail_valid_net_parse_work(hostbuf, &mb, "ldap"); mb.port = info->port; mb.tlsflag = (info->tls || info->tlsmust) ? 1 : 0; try_password_again: if(mb.tlsflag && (pwdtrial > 0 || #ifndef _WINDOWS #ifdef _SOLARIS_SDK (rc == LDAP_SUCCESS) #else /* !_SOLARIS_SDK */ ((rc=ldap_start_tls_s(ld, NULL, NULL)) == LDAP_SUCCESS) #endif /* !_SOLARIS_SDK */ #else /* _WINDOWS */ 0 /* TODO: find a way to do this in Windows */ #endif /* _WINDOWS */ )) mb.tlsflag = 1; else mb.tlsflag = 0; if((info->tls || info->tlsmust) && !mb.tlsflag){ q_status_message(SM_ORDER, 3, 5, "Not able to start TLS encryption for LDAP server"); if(info->tlsmust) tlsmustbail++; } if(!tlsmustbail){ snprintf(pmt, sizeof(pmt), " %s", (info->nick && *info->nick) ? info->nick : serv); mm_login_work(&mb, user, pwd, pwdtrial, pmt, info->binddn); if(pwd && pwd[0]) passwd = pwd; } } /* * LDAPv2 requires the bind. v3 doesn't require it but we want * to tell the server we're v3 if the server supports v3, and if the * server doesn't support v3 the bind is required. */ if(tlsmustbail || ldap_simple_bind_s(ld, info->binddn, passwd) != LDAP_SUCCESS){ wp_err->wp_err_occurred = 1; ld_errnum = our_ldap_get_lderrno(ld, NULL, &ld_errstr); if(!tlsmustbail && info->binddn && info->binddn[0] && pwdtrial < 2L && ld_errnum == LDAP_INVALID_CREDENTIALS){ pwdtrial++; q_status_message(SM_ORDER, 3, 5, _("Invalid password")); goto try_password_again; } snprintf(ebuf, sizeof(ebuf), _("LDAP server failed: %s%s%s%s"), ldap_err2string(ld_errnum), serv_errstr, (ld_errstr && *ld_errstr) ? ": " : "", (ld_errstr && *ld_errstr) ? ld_errstr : ""); if(wp_err->error) fs_give((void **)&wp_err->error); if(we_cancel) cancel_busy_cue(-1); ldap_unbind(ld); wp_err->error = cpystr(ebuf); q_status_message(SM_ORDER, 3, 5, wp_err->error); display_message('x'); dprint((2, "%s\n", ebuf)); } else if(!ps_global->intr_pending){ int srch_res, args, slen, flen; #define TEMPLATELEN 512 char filt_template[TEMPLATELEN + 1]; char filt_format[2*TEMPLATELEN + 1]; char filter[2*TEMPLATELEN + 1]; char scp[2*TEMPLATELEN + 1]; char *p, *q; LDAPMessage *res = NULL; int intr_happened = 0; int tl; tl = (info->time == 0) ? info->time : info->time + 10; our_ldap_set_option(ld, LDAP_OPT_TIMELIMIT, &tl); our_ldap_set_option(ld, LDAP_OPT_SIZELIMIT, &info->size); /* * If a custom filter has been passed in and it doesn't include a * request to combine it with the configured filter, then replace * any configured filter with the passed in filter. */ if(cust && cust->filt && !cust->combine){ if(info->cust) fs_give((void **)&info->cust); info->cust = cpystr(cust->filt); } if(info->cust && *info->cust){ /* use custom filter if present */ strncpy(filt_template, info->cust, sizeof(filt_template)); filt_template[sizeof(filt_template)-1] = '\0'; } else{ /* else use configured filter */ switch(info->type){ case LDAP_TYPE_SUR: snprintf(filt_template, sizeof(filt_template), "(%s=%%s)", snattr); break; case LDAP_TYPE_GIVEN: snprintf(filt_template, sizeof(filt_template), "(%s=%%s)", gnattr); break; case LDAP_TYPE_EMAIL: snprintf(filt_template, sizeof(filt_template), "(%s=%%s)", mailattr); break; case LDAP_TYPE_CN_EMAIL: snprintf(filt_template, sizeof(filt_template), "(|(%s=%%s)(%s=%%s))", cnattr, mailattr); break; case LDAP_TYPE_SUR_GIVEN: snprintf(filt_template, sizeof(filt_template), "(|(%s=%%s)(%s=%%s))", snattr, gnattr); break; case LDAP_TYPE_SEVERAL: snprintf(filt_template, sizeof(filt_template), "(|(%s=%%s)(%s=%%s)(%s=%%s)(%s=%%s))", cnattr, mailattr, snattr, gnattr); break; default: case LDAP_TYPE_CN: snprintf(filt_template, sizeof(filt_template), "(%s=%%s)", cnattr); break; } } /* just copy if custom */ if(info->cust && *info->cust) info->srch = LDAP_SRCH_EQUALS; p = filt_template; q = filt_format; memset((void *)filt_format, 0, sizeof(filt_format)); args = 0; while(*p && (q - filt_format) + 4 < sizeof(filt_format)){ if(*p == '%' && *(p+1) == 's'){ args++; switch(info->srch){ /* Exact match */ case LDAP_SRCH_EQUALS: *q++ = *p++; *q++ = *p++; break; /* Append wildcard after %s */ case LDAP_SRCH_BEGINS: *q++ = *p++; *q++ = *p++; *q++ = '*'; break; /* Insert wildcard before %s */ case LDAP_SRCH_ENDS: *q++ = '*'; *q++ = *p++; *q++ = *p++; break; /* Put wildcard before and after %s */ default: case LDAP_SRCH_CONTAINS: *q++ = '*'; *q++ = *p++; *q++ = *p++; *q++ = '*'; break; } } else *q++ = *p++; } if(q - filt_format < sizeof(filt_format)) *q = '\0'; filt_format[sizeof(filt_format)-1] = '\0'; /* * If combine is lit we put the custom filter and the filt_format * filter and combine them with an &. */ if(cust && cust->filt && cust->combine){ char *combined; size_t l; l = strlen(filt_format) + strlen(cust->filt) + 3; combined = (char *) fs_get((l+1) * sizeof(char)); snprintf(combined, l+1, "(&%s%s)", cust->filt, filt_format); strncpy(filt_format, combined, sizeof(filt_format)); filt_format[sizeof(filt_format)-1] = '\0'; fs_give((void **) &combined); } /* * Ad hoc attempt to make "Steve Hubert" match * Steven Hubert but not Steven Shubert. * We replace a <SPACE> with * <SPACE> (not * <SPACE> *). */ memset((void *)scp, 0, sizeof(scp)); if(info->nosub) strncpy(scp, string, sizeof(scp)); else{ p = string; q = scp; while(*p && (q - scp) + 1 < sizeof(scp)){ if(*p == SPACE && *(p+1) != SPACE){ *q++ = '*'; *q++ = *p++; } else *q++ = *p++; } } scp[sizeof(scp)-1] = '\0'; slen = strlen(scp); flen = strlen(filt_format); /* truncate string if it will overflow filter */ if(args*slen + flen - 2*args > sizeof(filter)-1) scp[(sizeof(filter)-1 - flen)/args] = '\0'; /* * Replace %s's with scp. */ switch(args){ case 0: snprintf(filter, sizeof(filter), "%s", filt_format); break; case 1: snprintf(filter, sizeof(filter), filt_format, scp); break; case 2: snprintf(filter, sizeof(filter), filt_format, scp, scp); break; case 3: snprintf(filter, sizeof(filter), filt_format, scp, scp, scp); break; case 4: snprintf(filter, sizeof(filter), filt_format, scp, scp, scp, scp); break; case 5: snprintf(filter, sizeof(filter), filt_format, scp, scp, scp, scp, scp); break; case 6: snprintf(filter, sizeof(filter), filt_format, scp, scp, scp, scp, scp, scp); break; case 7: snprintf(filter, sizeof(filter), filt_format, scp, scp, scp, scp, scp, scp, scp); break; case 8: snprintf(filter, sizeof(filter), filt_format, scp, scp, scp, scp, scp, scp, scp, scp); break; case 9: snprintf(filter, sizeof(filter), filt_format, scp, scp, scp, scp, scp, scp, scp, scp, scp); break; case 10: default: snprintf(filter, sizeof(filter), filt_format, scp, scp, scp, scp, scp, scp, scp, scp, scp, scp); break; } /* replace double *'s with single *'s in filter */ for(p = q = filter; *p; p++) if(*p != '*' || p == filter || *(p-1) != '*') *q++ = *p; *q = '\0'; (void) removing_double_quotes(base); dprint((5, "about to ldap_search(\"%s\", %s)\n", base ? base : "?", filter ? filter : "?")); if(ps_global->intr_pending) srch_res = LDAP_PROTOCOL_ERROR; else{ int msgid; time_t start_time; start_time = time((time_t *)0); dprint((6, "ldap_lookup: calling ldap_search\n")); msgid = ldap_search(ld, base, info->scope, filter, NULL, 0); if(msgid == -1) srch_res = our_ldap_get_lderrno(ld, NULL, NULL); else{ int lres; /* * Warning: struct timeval is not portable. However, since it is * part of LDAP api it must be portable to all platforms LDAP * has been ported to. */ struct timeval t; t.tv_sec = 1; t.tv_usec = 0; do { if(ps_global->intr_pending) intr_happened = 1; dprint((6, "ldap_result(id=%d): ", msgid)); if((lres=ldap_result(ld, msgid, LDAP_MSG_ALL, &t, &res)) == -1){ /* error */ srch_res = our_ldap_get_lderrno(ld, NULL, NULL); dprint((6, "error (-1 returned): ld_errno=%d\n", srch_res)); } else if(lres == 0){ /* timeout, no results available */ if(intr_happened){ ldap_abandon(ld, msgid); srch_res = LDAP_PROTOCOL_ERROR; if(our_ldap_get_lderrno(ld, NULL, NULL) == LDAP_SUCCESS) our_ldap_set_lderrno(ld, LDAP_PROTOCOL_ERROR, NULL, NULL); dprint((6, "timeout, intr: srch_res=%d\n", srch_res)); } else if(info->time > 0 && ((long)time((time_t *)0) - start_time) > info->time){ /* try for partial results */ t.tv_sec = 0; t.tv_usec = 0; lres = ldap_result(ld, msgid, LDAP_MSG_RECEIVED, &t, &res); if(lres > 0 && lres != LDAP_RES_SEARCH_RESULT){ srch_res = LDAP_SUCCESS; dprint((6, "partial result: lres=0x%x\n", lres)); } else{ if(lres == 0) ldap_abandon(ld, msgid); srch_res = LDAP_TIMEOUT; if(our_ldap_get_lderrno(ld, NULL, NULL) == LDAP_SUCCESS) our_ldap_set_lderrno(ld, LDAP_TIMEOUT, NULL, NULL); dprint((6, "timeout, total_time (%d), srch_res=%d\n", info->time, srch_res)); } } else{ dprint((6, "timeout\n")); } } else{ srch_res = ldap_result2error(ld, res, 0); dprint((6, "lres=0x%x, srch_res=%d\n", lres, srch_res)); } }while(lres == 0 && !(intr_happened || (info->time > 0 && ((long)time((time_t *)0) - start_time) > info->time))); } } if(intr_happened){ wp_exit = 1; if(we_cancel) cancel_busy_cue(-1); if(wp_err->error) fs_give((void **)&wp_err->error); else{ q_status_message(SM_ORDER, 0, 1, "Interrupt"); display_message('x'); fflush(stdout); } if(res) ldap_msgfree(res); if(ld) ldap_unbind(ld); res = NULL; ld = NULL; } else if(srch_res != LDAP_SUCCESS && srch_res != LDAP_TIMELIMIT_EXCEEDED && srch_res != LDAP_RESULTS_TOO_LARGE && srch_res != LDAP_TIMEOUT && srch_res != LDAP_SIZELIMIT_EXCEEDED){ wp_err->wp_err_occurred = 1; ld_errnum = our_ldap_get_lderrno(ld, NULL, &ld_errstr); snprintf(ebuf, sizeof(ebuf), _("LDAP search failed: %s%s%s%s"), ldap_err2string(ld_errnum), serv_errstr, (ld_errstr && *ld_errstr) ? ": " : "", (ld_errstr && *ld_errstr) ? ld_errstr : ""); if(wp_err->error) fs_give((void **)&wp_err->error); wp_err->error = cpystr(ebuf); if(we_cancel) cancel_busy_cue(-1); q_status_message(SM_ORDER, 3, 5, wp_err->error); display_message('x'); dprint((2, "%s\n", ebuf)); if(res) ldap_msgfree(res); if(ld) ldap_unbind(ld); res = NULL; ld = NULL; } else{ int cnt; cnt = ldap_count_entries(ld, res); if(cnt > 0){ if(srch_res == LDAP_TIMELIMIT_EXCEEDED || srch_res == LDAP_RESULTS_TOO_LARGE || srch_res == LDAP_TIMEOUT || srch_res == LDAP_SIZELIMIT_EXCEEDED){ wp_err->wp_err_occurred = 1; ld_errnum = our_ldap_get_lderrno(ld, NULL, &ld_errstr); snprintf(ebuf, sizeof(ebuf), _("LDAP partial results: %s%s%s%s"), ldap_err2string(ld_errnum), serv_errstr, (ld_errstr && *ld_errstr) ? ": " : "", (ld_errstr && *ld_errstr) ? ld_errstr : ""); dprint((2, "%s\n", ebuf)); if(wp_err->error) fs_give((void **)&wp_err->error); wp_err->error = cpystr(ebuf); if(we_cancel) cancel_busy_cue(-1); q_status_message(SM_ORDER, 3, 5, wp_err->error); display_message('x'); } dprint((5, "Matched %d entries on %s\n", cnt, serv ? serv : "?")); serv_res = (LDAP_SERV_RES_S *)fs_get(sizeof(LDAP_SERV_RES_S)); memset((void *)serv_res, 0, sizeof(*serv_res)); serv_res->ld = ld; serv_res->res = res; serv_res->info_used = copy_ldap_serv_info(info); /* Save by reference? */ if(info->ref){ snprintf(buf, sizeof(buf), "%s:%s", serv, comatose(info->port)); serv_res->serv = cpystr(buf); } else serv_res->serv = NULL; serv_res->next = NULL; } else{ if(srch_res == LDAP_TIMELIMIT_EXCEEDED || srch_res == LDAP_RESULTS_TOO_LARGE || srch_res == LDAP_TIMEOUT || srch_res == LDAP_SIZELIMIT_EXCEEDED){ wp_err->wp_err_occurred = 1; wp_err->ldap_errno = srch_res; ld_errnum = our_ldap_get_lderrno(ld, NULL, &ld_errstr); snprintf(ebuf, sizeof(ebuf), _("LDAP search failed: %s%s%s%s"), ldap_err2string(ld_errnum), serv_errstr, (ld_errstr && *ld_errstr) ? ": " : "", (ld_errstr && *ld_errstr) ? ld_errstr : ""); if(wp_err->error) fs_give((void **)&wp_err->error); wp_err->error = cpystr(ebuf); if(we_cancel) cancel_busy_cue(-1); q_status_message(SM_ORDER, 3, 5, wp_err->error); display_message('x'); dprint((2, "%s\n", ebuf)); } dprint((5, "Matched 0 entries on %s\n", serv ? serv : "?")); if(res) ldap_msgfree(res); if(ld) ldap_unbind(ld); res = NULL; ld = NULL; } } } } if(we_cancel) cancel_busy_cue(-1); if(we_turned_on) intr_handling_off(); if(serv) fs_give((void **)&serv); if(base) fs_give((void **)&base); if(serv_errstr) fs_give((void **)&serv_errstr); return(serv_res); }
#include <stdio.h> #include <ctype.h> #include <string.h> #ifdef MACOS #include <stdlib.h> #ifdef THINK_C #include <console.h> #include <unix.h> #include <fcntl.h> #endif /* THINK_C */ #include "macos.h" #else /* MACOS */ #if defined( DOS ) || defined( _WIN32 ) #ifdef DOS #include "msdos.h" #endif #if defined( WINSOCK ) || defined( _WIN32 ) #include "console.h" #endif /* WINSOCK */ #else /* DOS */ #include <sys/types.h> #include <sys/socket.h> #include <sys/time.h> #include <sys/stat.h> #include <sys/file.h> #ifndef VMS #include <fcntl.h> #include <unistd.h> #endif /* VMS */ #endif /* DOS */ #endif /* MACOS */ #include "lber.h" #include "ldap.h" #if !defined( PCNFS ) && !defined( WINSOCK ) && !defined( MACOS ) #define MOD_USE_BVALS #endif /* !PCNFS && !WINSOCK && !MACOS */ #ifdef NEEDPROTOS static void handle_result( LDAP *ld, LDAPMessage *lm ); static void print_ldap_result( LDAP *ld, LDAPMessage *lm, char *s ); static void print_search_entry( LDAP *ld, LDAPMessage *res ); static void free_list( char **list ); #else static void handle_result(); static void print_ldap_result(); static void print_search_entry(); static void free_list(); #endif /* NEEDPROTOS */ #define NOCACHEERRMSG \ "don't compile with -DNO_CACHE if you desire local caching" char *dnsuffix; #ifndef WINSOCK static char * getline( char *line, int len, FILE *fp, char *prompt ) { printf(prompt); if ( fgets( line, len, fp ) == NULL ) return( NULL ); line[ strlen( line ) - 1 ] = '\0'; return( line ); } #endif /* WINSOCK */ static char ** get_list( char *prompt ) { static char buf[256]; int num; char **result; num = 0; result = (char **) 0; while ( 1 ) { getline( buf, sizeof(buf), stdin, prompt ); if ( *buf == '\0' ) break; if ( result == (char **) 0 ) result = (char **) malloc( sizeof(char *) ); else result = (char **) realloc( result, sizeof(char *) * (num + 1) ); result[num++] = (char *) strdup( buf ); } if ( result == (char **) 0 ) return( NULL ); result = (char **) realloc( result, sizeof(char *) * (num + 1) ); result[num] = NULL; return( result ); } static void free_list( char **list ) { int i; if ( list != NULL ) { for ( i = 0; list[ i ] != NULL; ++i ) { free( list[ i ] ); } free( (char *)list ); } } #ifdef MOD_USE_BVALS static int file_read( char *path, struct berval *bv ) { FILE *fp; long rlen; int eof; if (( fp = fopen( path, "r" )) == NULL ) { perror( path ); return( -1 ); } if ( fseek( fp, 0L, SEEK_END ) != 0 ) { perror( path ); fclose( fp ); return( -1 ); } bv->bv_len = ftell( fp ); if (( bv->bv_val = (char *)malloc( bv->bv_len )) == NULL ) { perror( "malloc" ); fclose( fp ); return( -1 ); } if ( fseek( fp, 0L, SEEK_SET ) != 0 ) { perror( path ); fclose( fp ); return( -1 ); } rlen = fread( bv->bv_val, 1, bv->bv_len, fp ); eof = feof( fp ); fclose( fp ); if ( rlen != bv->bv_len ) { perror( path ); free( bv->bv_val ); return( -1 ); } return( bv->bv_len ); } #endif /* MOD_USE_BVALS */ static LDAPMod ** get_modlist( char *prompt1, char *prompt2, char *prompt3 ) { static char buf[256]; int num; LDAPMod tmp; LDAPMod **result; #ifdef MOD_USE_BVALS struct berval **bvals; #endif /* MOD_USE_BVALS */ num = 0; result = NULL; while ( 1 ) { if ( prompt1 ) { getline( buf, sizeof(buf), stdin, prompt1 ); tmp.mod_op = atoi( buf ); if ( tmp.mod_op == -1 || buf[0] == '\0' ) break; } getline( buf, sizeof(buf), stdin, prompt2 ); if ( buf[0] == '\0' ) break; tmp.mod_type = strdup( buf ); tmp.mod_values = get_list( prompt3 ); #ifdef MOD_USE_BVALS if ( tmp.mod_values != NULL ) { int i; for ( i = 0; tmp.mod_values[i] != NULL; ++i ) ; bvals = (struct berval **)calloc( i + 1, sizeof( struct berval *)); for ( i = 0; tmp.mod_values[i] != NULL; ++i ) { bvals[i] = (struct berval *)malloc( sizeof( struct berval )); if ( strncmp( tmp.mod_values[i], "{FILE}", 6 ) == 0 ) { if ( file_read( tmp.mod_values[i] + 6, bvals[i] ) < 0 ) { return( NULL ); } } else { bvals[i]->bv_val = tmp.mod_values[i]; bvals[i]->bv_len = strlen( tmp.mod_values[i] ); } } tmp.mod_bvalues = bvals; tmp.mod_op |= LDAP_MOD_BVALUES; } #endif /* MOD_USE_BVALS */ if ( result == NULL ) result = (LDAPMod **) malloc( sizeof(LDAPMod *) ); else result = (LDAPMod **) realloc( result, sizeof(LDAPMod *) * (num + 1) ); result[num] = (LDAPMod *) malloc( sizeof(LDAPMod) ); *(result[num]) = tmp; /* struct copy */ num++; } if ( result == NULL ) return( NULL ); result = (LDAPMod **) realloc( result, sizeof(LDAPMod *) * (num + 1) ); result[num] = NULL; return( result ); } #ifdef LDAP_REFERRALS int bind_prompt( LDAP *ld, char **dnp, char **passwdp, int *authmethodp, int freeit ) { static char dn[256], passwd[256]; if ( !freeit ) { #ifdef KERBEROS getline( dn, sizeof(dn), stdin, "re-bind method (0->simple, " "1->krbv41, 2->krbv42, 3->krbv41&2)? " ); if (( *authmethodp = atoi( dn )) == 3 ) { *authmethodp = LDAP_AUTH_KRBV4; } else { *authmethodp |= 0x80; } #else /* KERBEROS */ *authmethodp = LDAP_AUTH_SIMPLE; #endif /* KERBEROS */ getline( dn, sizeof(dn), stdin, "re-bind dn? " ); strcat( dn, dnsuffix ); *dnp = dn; if ( *authmethodp == LDAP_AUTH_SIMPLE && dn[0] != '\0' ) { getline( passwd, sizeof(passwd), stdin, "re-bind password? " ); } else { passwd[0] = '\0'; } *passwdp = passwd; } return( LDAP_SUCCESS ); } #endif /* LDAP_REFERRALS */ int #ifdef WINSOCK ldapmain( #else /* WINSOCK */ main( #endif /* WINSOCK */ int argc, char **argv ) { LDAP *ld; int i, c, port, cldapflg, errflg, method, id, msgtype; char line[256], command1, command2, command3; char passwd[64], dn[256], rdn[64], attr[64], value[256]; char filter[256], *host, **types; char **exdn; char *usage = "usage: %s [-u] [-h host] [-d level] " "[-s dnsuffix] [-p port] [-t file] [-T file]\n"; int bound, all, scope, attrsonly; LDAPMessage *res; LDAPMod **mods, **attrs; struct timeval timeout; char *copyfname = NULL; int copyoptions = 0; LDAPURLDesc *ludp; extern char *optarg; extern int optind; #ifdef MACOS if (( argv = get_list( "cmd line arg?" )) == NULL ) { exit( 1 ); } for ( argc = 0; argv[ argc ] != NULL; ++argc ) { ; } #endif /* MACOS */ host = NULL; port = LDAP_PORT; dnsuffix = ""; cldapflg = errflg = 0; while (( c = getopt( argc, argv, "uh:d:s:p:t:T:" )) != -1 ) { switch( c ) { case 'u': #ifdef CLDAP cldapflg++; #else /* CLDAP */ printf( "Compile with -DCLDAP for UDP support\n" ); #endif /* CLDAP */ break; case 'd': #ifdef LDAP_DEBUG ldap_debug = atoi( optarg ); if ( ldap_debug & LDAP_DEBUG_PACKETS ) { lber_debug = ldap_debug; } #else printf( "Compile with -DLDAP_DEBUG for debugging\n" ); #endif break; case 'h': host = optarg; break; case 's': dnsuffix = optarg; break; case 'p': port = atoi( optarg ); break; #if !defined(MACOS) && !defined(DOS) case 't': /* copy ber's to given file */ copyfname = strdup( optarg ); copyoptions = LBER_TO_FILE; break; case 'T': /* only output ber's to given file */ copyfname = strdup( optarg ); copyoptions = (LBER_TO_FILE | LBER_TO_FILE_ONLY); break; #endif default: ++errflg; } } if ( host == NULL && optind == argc - 1 ) { host = argv[ optind ]; ++optind; } if ( errflg || optind < argc - 1 ) { fprintf( stderr, usage, argv[ 0 ] ); exit( 1 ); } printf( "%sldap_open( %s, %d )\n", cldapflg ? "c" : "", host == NULL ? "(null)" : host, port ); if ( cldapflg ) { #ifdef CLDAP ld = cldap_open( host, port ); #endif /* CLDAP */ } else { ld = ldap_open( host, port ); } if ( ld == NULL ) { perror( "ldap_open" ); exit(1); } #if !defined(MACOS) && !defined(DOS) if ( copyfname != NULL ) { if ( (ld->ld_sb.sb_fd = open( copyfname, O_WRONLY | O_CREAT, 0600 )) == -1 ) { perror( copyfname ); exit ( 1 ); } ld->ld_sb.sb_options = copyoptions; } #endif bound = 0; timeout.tv_sec = 0; timeout.tv_usec = 0; (void) memset( line, '\0', sizeof(line) ); while ( getline( line, sizeof(line), stdin, "\ncommand? " ) != NULL ) { command1 = line[0]; command2 = line[1]; command3 = line[2]; switch ( command1 ) { case 'a': /* add or abandon */ switch ( command2 ) { case 'd': /* add */ getline( dn, sizeof(dn), stdin, "dn? " ); strcat( dn, dnsuffix ); if ( (attrs = get_modlist( NULL, "attr? ", "value? " )) == NULL ) break; if ( (id = ldap_add( ld, dn, attrs )) == -1 ) ldap_perror( ld, "ldap_add" ); else printf( "Add initiated with id %d\n", id ); break; case 'b': /* abandon */ getline( line, sizeof(line), stdin, "msgid? " ); id = atoi( line ); if ( ldap_abandon( ld, id ) != 0 ) ldap_perror( ld, "ldap_abandon" ); else printf( "Abandon successful\n" ); break; default: printf( "Possibilities: [ad]d, [ab]ort\n" ); } break; case 'b': /* asynch bind */ #ifdef KERBEROS getline( line, sizeof(line), stdin, "method (0->simple, 1->krbv41, 2->krbv42)? " ); method = atoi( line ) | 0x80; #else /* KERBEROS */ method = LDAP_AUTH_SIMPLE; #endif /* KERBEROS */ getline( dn, sizeof(dn), stdin, "dn? " ); strcat( dn, dnsuffix ); if ( method == LDAP_AUTH_SIMPLE && dn[0] != '\0' ) getline( passwd, sizeof(passwd), stdin, "password? " ); else passwd[0] = '\0'; if ( ldap_bind( ld, dn, passwd, method ) == -1 ) { fprintf( stderr, "ldap_bind failed\n" ); ldap_perror( ld, "ldap_bind" ); } else { printf( "Bind initiated\n" ); bound = 1; } break; case 'B': /* synch bind */ #ifdef KERBEROS getline( line, sizeof(line), stdin, "method 0->simple 1->krbv41 2->krbv42 3->krb? " ); method = atoi( line ); if ( method == 3 ) method = LDAP_AUTH_KRBV4; else method = method | 0x80; #else /* KERBEROS */ method = LDAP_AUTH_SIMPLE; #endif /* KERBEROS */ getline( dn, sizeof(dn), stdin, "dn? " ); strcat( dn, dnsuffix ); if ( dn[0] != '\0' ) getline( passwd, sizeof(passwd), stdin, "password? " ); else passwd[0] = '\0'; if ( ldap_bind_s( ld, dn, passwd, method ) != LDAP_SUCCESS ) { fprintf( stderr, "ldap_bind_s failed\n" ); ldap_perror( ld, "ldap_bind_s" ); } else { printf( "Bind successful\n" ); bound = 1; } break; case 'c': /* compare */ getline( dn, sizeof(dn), stdin, "dn? " ); strcat( dn, dnsuffix ); getline( attr, sizeof(attr), stdin, "attr? " ); getline( value, sizeof(value), stdin, "value? " ); if ( (id = ldap_compare( ld, dn, attr, value )) == -1 ) ldap_perror( ld, "ldap_compare" ); else printf( "Compare initiated with id %d\n", id ); break; case 'd': /* turn on debugging */ #ifdef LDAP_DEBUG getline( line, sizeof(line), stdin, "debug level? " ); ldap_debug = atoi( line ); if ( ldap_debug & LDAP_DEBUG_PACKETS ) { lber_debug = ldap_debug; } #else printf( "Compile with -DLDAP_DEBUG for debugging\n" ); #endif break; case 'E': /* explode a dn */ getline( line, sizeof(line), stdin, "dn? " ); exdn = ldap_explode_dn( line, 0 ); for ( i = 0; exdn != NULL && exdn[i] != NULL; i++ ) { printf( "\t%s\n", exdn[i] ); } break; case 'g': /* set next msgid */ getline( line, sizeof(line), stdin, "msgid? " ); ld->ld_msgid = atoi( line ); break; case 'v': /* set version number */ getline( line, sizeof(line), stdin, "version? " ); ld->ld_version = atoi( line ); break; case 'm': /* modify or modifyrdn */ if ( strncmp( line, "modify", 4 ) == 0 ) { getline( dn, sizeof(dn), stdin, "dn? " ); strcat( dn, dnsuffix ); if ( (mods = get_modlist( "mod (0=>add, 1=>delete, 2=>replace -1=>done)? ", "attribute type? ", "attribute value? " )) == NULL ) break; if ( (id = ldap_modify( ld, dn, mods )) == -1 ) ldap_perror( ld, "ldap_modify" ); else printf( "Modify initiated with id %d\n", id ); } else if ( strncmp( line, "modrdn", 4 ) == 0 ) { getline( dn, sizeof(dn), stdin, "dn? " ); strcat( dn, dnsuffix ); getline( rdn, sizeof(rdn), stdin, "newrdn? " ); if ( (id = ldap_modrdn( ld, dn, rdn )) == -1 ) ldap_perror( ld, "ldap_modrdn" ); else printf( "Modrdn initiated with id %d\n", id ); } else { printf( "Possibilities: [modi]fy, [modr]dn\n" ); } break; case 'q': /* quit */ #ifdef CLDAP if ( cldapflg ) cldap_close( ld ); #endif /* CLDAP */ #ifdef LDAP_REFERRALS if ( !cldapflg ) #else /* LDAP_REFERRALS */ if ( !cldapflg && bound ) #endif /* LDAP_REFERRALS */ ldap_unbind( ld ); exit( 0 ); break; case 'r': /* result or remove */ switch ( command3 ) { case 's': /* result */ getline( line, sizeof(line), stdin, "msgid (-1=>any)? " ); if ( line[0] == '\0' ) id = -1; else id = atoi( line ); getline( line, sizeof(line), stdin, "all (0=>any, 1=>all)? " ); if ( line[0] == '\0' ) all = 1; else all = atoi( line ); if (( msgtype = ldap_result( ld, id, all, &timeout, &res )) < 1 ) { ldap_perror( ld, "ldap_result" ); break; } printf( "\nresult: msgtype %d msgid %d\n", msgtype, res->lm_msgid ); handle_result( ld, res ); res = NULLMSG; break; case 'm': /* remove */ getline( dn, sizeof(dn), stdin, "dn? " ); strcat( dn, dnsuffix ); if ( (id = ldap_delete( ld, dn )) == -1 ) ldap_perror( ld, "ldap_delete" ); else printf( "Remove initiated with id %d\n", id ); break; default: printf( "Possibilities: [rem]ove, [res]ult\n" ); break; } break; case 's': /* search */ getline( dn, sizeof(dn), stdin, "searchbase? " ); strcat( dn, dnsuffix ); getline( line, sizeof(line), stdin, "scope (0=Base, 1=One Level, 2=Subtree)? " ); scope = atoi( line ); getline( filter, sizeof(filter), stdin, "search filter (e.g. sn=jones)? " ); types = get_list( "attrs to return? " ); getline( line, sizeof(line), stdin, "attrsonly (0=attrs&values, 1=attrs only)? " ); attrsonly = atoi( line ); if ( cldapflg ) { #ifdef CLDAP getline( line, sizeof(line), stdin, "Requestor DN (for logging)? " ); if ( cldap_search_s( ld, dn, scope, filter, types, attrsonly, &res, line ) != 0 ) { ldap_perror( ld, "cldap_search_s" ); } else { printf( "\nresult: msgid %d\n", res->lm_msgid ); handle_result( ld, res ); res = NULLMSG; } #endif /* CLDAP */ } else { if (( id = ldap_search( ld, dn, scope, filter, types, attrsonly )) == -1 ) { ldap_perror( ld, "ldap_search" ); } else { printf( "Search initiated with id %d\n", id ); } } free_list( types ); break; case 't': /* set timeout value */ getline( line, sizeof(line), stdin, "timeout? " ); timeout.tv_sec = atoi( line ); break; case 'U': /* set ufn search prefix */ getline( line, sizeof(line), stdin, "ufn prefix? " ); ldap_ufn_setprefix( ld, line ); break; case 'u': /* user friendly search w/optional timeout */ getline( dn, sizeof(dn), stdin, "ufn? " ); strcat( dn, dnsuffix ); types = get_list( "attrs to return? " ); getline( line, sizeof(line), stdin, "attrsonly (0=attrs&values, 1=attrs only)? " ); attrsonly = atoi( line ); if ( command2 == 't' ) { id = ldap_ufn_search_c( ld, dn, types, attrsonly, &res, ldap_ufn_timeout, &timeout ); } else { id = ldap_ufn_search_s( ld, dn, types, attrsonly, &res ); } if ( res == NULL ) ldap_perror( ld, "ldap_ufn_search" ); else { printf( "\nresult: err %d\n", id ); handle_result( ld, res ); res = NULLMSG; } free_list( types ); break; case 'l': /* URL search */ getline( line, sizeof(line), stdin, "attrsonly (0=attrs&values, 1=attrs only)? " ); attrsonly = atoi( line ); getline( line, sizeof(line), stdin, "LDAP URL? " ); if (( id = ldap_url_search( ld, line, attrsonly )) == -1 ) { ldap_perror( ld, "ldap_url_search" ); } else { printf( "URL search initiated with id %d\n", id ); } break; case 'p': /* parse LDAP URL */ getline( line, sizeof(line), stdin, "LDAP URL? " ); if (( i = ldap_url_parse( line, &ludp )) != 0 ) { fprintf( stderr, "ldap_url_parse: error %d\n", i ); } else { printf( "\t host: " ); if ( ludp->lud_host == NULL ) { printf( "DEFAULT\n" ); } else { printf( "<%s>\n", ludp->lud_host ); } printf( "\t port: " ); if ( ludp->lud_port == 0 ) { printf( "DEFAULT\n" ); } else { printf( "%d\n", ludp->lud_port ); } printf( "\t dn: <%s>\n", ludp->lud_dn ); printf( "\t attrs:" ); if ( ludp->lud_attrs == NULL ) { printf( " ALL" ); } else { for ( i = 0; ludp->lud_attrs[ i ] != NULL; ++i ) { printf( " <%s>", ludp->lud_attrs[ i ] ); } } printf( "\n\t scope: %s\n", ludp->lud_scope == LDAP_SCOPE_ONELEVEL ? "ONE" : ludp->lud_scope == LDAP_SCOPE_BASE ? "BASE" : ludp->lud_scope == LDAP_SCOPE_SUBTREE ? "SUB" : "**invalid**" ); printf( "\tfilter: <%s>\n", ludp->lud_filter ); ldap_free_urldesc( ludp ); } break; case 'n': /* set dn suffix, for convenience */ getline( line, sizeof(line), stdin, "DN suffix? " ); strcpy( dnsuffix, line ); break; case 'e': /* enable cache */ #ifdef NO_CACHE printf( NOCACHEERRMSG ); #else /* NO_CACHE */ getline( line, sizeof(line), stdin, "Cache timeout (secs)? " ); i = atoi( line ); getline( line, sizeof(line), stdin, "Maximum memory to use (bytes)? " ); if ( ldap_enable_cache( ld, i, atoi( line )) == 0 ) { printf( "local cache is on\n" ); } else { printf( "ldap_enable_cache failed\n" ); } #endif /* NO_CACHE */ break; case 'x': /* uncache entry */ #ifdef NO_CACHE printf( NOCACHEERRMSG ); #else /* NO_CACHE */ getline( line, sizeof(line), stdin, "DN? " ); ldap_uncache_entry( ld, line ); #endif /* NO_CACHE */ break; case 'X': /* uncache request */ #ifdef NO_CACHE printf( NOCACHEERRMSG ); #else /* NO_CACHE */ getline( line, sizeof(line), stdin, "request msgid? " ); ldap_uncache_request( ld, atoi( line )); #endif /* NO_CACHE */ break; case 'o': /* set ldap options */ getline( line, sizeof(line), stdin, "alias deref (0=never, 1=searching, 2" "=finding, 3=always)?" ); ld->ld_deref = atoi( line ); getline( line, sizeof(line), stdin, "timelimit?" ); ld->ld_timelimit = atoi( line ); getline( line, sizeof(line), stdin, "sizelimit?" ); ld->ld_sizelimit = atoi( line ); ld->ld_options = 0; #ifdef STR_TRANSLATION getline( line, sizeof(line), stdin, "Automatic translation of T.61 strings " "(0=no, 1=yes)?" ); if ( atoi( line ) == 0 ) { ld->ld_lberoptions &= ~LBER_TRANSLATE_STRINGS; } else { ld->ld_lberoptions |= LBER_TRANSLATE_STRINGS; #ifdef LDAP_CHARSET_8859 getline( line, sizeof(line), stdin, "Translate to/from ISO-8859 " "(0=no, 1=yes?" ); if ( atoi( line ) != 0 ) { ldap_set_string_translators( ld, ldap_8859_to_t61, ldap_t61_to_8859 ); } #endif /* LDAP_CHARSET_8859 */ } #endif /* STR_TRANSLATION */ #ifdef LDAP_DNS getline( line, sizeof(line), stdin, "Use DN & DNS to determine where to send " "requests (0=no, 1=yes)?" ); if ( atoi( line ) != 0 ) { ld->ld_options |= LDAP_OPT_DNS; } #endif /* LDAP_DNS */ #ifdef LDAP_REFERRALS getline( line, sizeof(line), stdin, "Recognize and chase referrals (0=no, 1=yes)?"); if ( atoi( line ) != 0 ) { ld->ld_options |= LDAP_OPT_REFERRALS; getline( line, sizeof(line), stdin, "Prompt for bind credentials when " "chasing referrals (0=no, 1=yes)?" ); if ( atoi( line ) != 0 ) { ldap_set_rebind_proc( ld, bind_prompt ); } } #endif /* LDAP_REFERRALS */ break; case 'O': /* set cache options */ #ifdef NO_CACHE printf( NOCACHEERRMSG ); #else /* NO_CACHE */ getline( line, sizeof(line), stdin, "cache errors (0=smart, 1=never, 2=always)?" ); switch( atoi( line )) { case 0: ldap_set_cache_options( ld, 0 ); break; case 1: ldap_set_cache_options( ld, LDAP_CACHE_OPT_CACHENOERRS ); break; case 2: ldap_set_cache_options( ld, LDAP_CACHE_OPT_CACHEALLERRS ); break; default: printf( "not a valid cache option\n" ); } #endif /* NO_CACHE */ break; case '?': /* help */ printf( "Commands: [ad]d [ab]andon [b]ind\n" ); printf( " [B]ind async [c]ompare [l]URL search\n" ); printf( " [modi]fy [modr]dn [rem]ove\n" ); printf( " [res]ult [s]earch [q]uit/unbind\n\n" ); printf( " [u]fn search [ut]fn search with timeout\n" ); printf( " [d]ebug [e]nable cache set ms[g]id\n" ); printf( " d[n]suffix [t]imeout [v]ersion\n" ); printf( " [U]fn prefix [x]uncache entry [X]uncache request\n" ); printf( " [?]help [o]ptions [O]cache options\n" ); printf( " [E]xplode dn [p]arse LDAP URL\n" ); break; default: printf( "Invalid command. Type ? for help.\n" ); break; } (void) memset( line, '\0', sizeof(line) ); } return( 0 ); }