static const char *
NS_LDAP_ERR2STR (ns_ldap_return_code err)
{
char *str = NULL;
__ns_ldap_err2str (err, &str);
return str;
}
/* returns 0=success, 1=error */
int
list(char *database, char *ldapfilter, char **ldapattribute,
char **err, char *userdata)
{
ns_ldap_result_t *result;
ns_ldap_error_t *errorp;
int rc;
char buf[500];
const char *sort = NULL;
int i;
if (database) {
for (i = 0; databaselist[i].database; i++) {
if (strcmp(databaselist[i].database, database) == 0) {
sort = databaselist[i].sortattr;
break;
}
if (strcmp(databaselist[i].database,
NS_LDAP_TYPE_AUTOMOUNT) == 0 &&
strncmp(database, NS_LDAP_TYPE_AUTOMOUNT,
sizeof (NS_LDAP_TYPE_AUTOMOUNT) - 1) == 0) {
sort = databaselist[i].sortattr;
break;
}
}
}
*err = NULL;
buf[0] = '\0';
rc = __ns_ldap_list_sort(database, (const char *)ldapfilter,
sort, merge_SSD_filter, (const char **)ldapattribute, NULL,
listflag, &result, &errorp, NULL, userdata);
if (rc != NS_LDAP_SUCCESS) {
char *p;
(void) __ns_ldap_err2str(rc, &p);
if (errorp && errorp->message) {
(void) snprintf(buf, sizeof (buf), "%s (%s)",
p, errorp->message);
(void) __ns_ldap_freeError(&errorp);
} else
(void) snprintf(buf, sizeof (buf), "%s\n", p);
*err = strdup(buf);
return (rc);
}
_printResult(result);
(void) __ns_ldap_freeResult(&result);
return (0);
}
/*
* This function takes the p argument just for the beauty of the symmetry
* with idmap_ad_set (and for future enhancements).
*/
static
idmap_stat
/* LINTED E_FUNC_ARG_UNUSED */
idmap_nldap_set(idmap_nm_handle_t *p, ns_cred_t *nsc, char *dn, char *attr,
char *value, bool_t is_new, int is_user)
{
int ldaprc;
ns_ldap_error_t *errorp = NULL;
ns_ldap_attr_t *attrs[2];
attrs[0] = (ns_ldap_attr_t *)malloc(sizeof (ns_ldap_attr_t));
if (attrs == NULL)
return (IDMAP_ERR_MEMORY);
attrs[0]->attrname = attr;
if (value != NULL) {
char **newattr = (char **)calloc(2, sizeof (char *));
if (newattr == NULL) {
free(attrs[0]);
return (IDMAP_ERR_MEMORY);
}
newattr[0] = value;
newattr[1] = NULL;
attrs[0]->attrvalue = newattr;
attrs[0]->value_count = 1;
} else {
attrs[0]->attrvalue = NULL;
attrs[0]->value_count = 0;
}
attrs[1] = NULL;
if (value == NULL) {
ldaprc = __ns_ldap_delAttr(
is_user == IDMAP_YES ? "passwd": "group",
dn, (const ns_ldap_attr_t * const *)attrs,
nsc, 0, &errorp);
} else if (is_new)
ldaprc = __ns_ldap_addAttr(
is_user == IDMAP_YES ? "passwd": "group",
dn, (const ns_ldap_attr_t * const *)attrs,
nsc, 0, &errorp);
else
ldaprc = __ns_ldap_repAttr(
is_user == IDMAP_YES ? "passwd": "group",
dn, (const ns_ldap_attr_t * const *)attrs,
nsc, 0, &errorp);
if (ldaprc != NS_LDAP_SUCCESS) {
char *msg = "Cause unidentified";
if (errorp != NULL) {
(void) __ns_ldap_err2str(errorp->status, &msg);
}
namemap_log(
gettext("__ns_ldap_addAttr/rep/delAttr failed (%s)"),
msg);
return (IDMAP_ERR_ARG);
}
return (IDMAP_SUCCESS);
}
static
idmap_stat
unixname2dn(idmap_nm_handle_t *p, char *unixname, int is_user, char **dn,
char **winname, char **windomain)
{
idmap_stat rc = IDMAP_SUCCESS;
int rc_ns;
char filter[255];
static const char *attribs[3];
ns_ldap_result_t *res;
ns_ldap_error_t *errorp = NULL;
char **attrs;
attribs[0] = p->nldap_winname_attr;
attribs[1] = "dn";
attribs[2] = NULL;
(void) snprintf(filter, sizeof (filter), is_user ? "uid=%s" : "cn=%s",
unixname);
rc_ns = __ns_ldap_list(is_user ? "passwd" : "group",
filter, NULL, attribs, NULL, 0, &res, &errorp, NULL, NULL);
if (rc_ns == NS_LDAP_NOTFOUND) {
namemap_log(is_user ? gettext("User %s not found.")
: gettext("Group %s not found."), unixname);
return (IDMAP_ERR_NOTFOUND);
} else if (rc_ns != NS_LDAP_SUCCESS) {
char *msg = "Cause unidentified";
if (errorp != NULL) {
(void) __ns_ldap_err2str(errorp->status, &msg);
}
namemap_log(gettext("Ldap list failed (%s)."), msg);
return (IDMAP_ERR_ARG);
}
if (res == NULL) {
namemap_log(gettext("User %s not found"), unixname);
return (IDMAP_ERR_ARG);
}
if (winname != NULL && windomain != NULL) {
attrs = __ns_ldap_getAttr(&res->entry[0],
p->nldap_winname_attr);
if (attrs != NULL && attrs[0] != NULL) {
rc = split_fqwn(attrs[0], winname, windomain);
} else {
*winname = *windomain = NULL;
}
}
if (dn != NULL) {
attrs = __ns_ldap_getAttr(&res->entry[0], "dn");
if (attrs == NULL || attrs[0] == NULL) {
namemap_log(gettext("dn for %s not found"),
unixname);
return (IDMAP_ERR_ARG);
}
*dn = strdup(attrs[0]);
}
return (rc);
}
