示例#1
0
文件: x3ldap.c 项目: evilnet/x3 
int ldap_search_user(const char *account, LDAPMessage **entry)
{

   char filter[MAXLEN+1];
   int rc;
   LDAPMessage *res;

   struct timeval timeout;

   memset(filter, 0, MAXLEN+1);
   snprintf(filter, MAXLEN, "%s=%s", nickserv_conf.ldap_field_account, account);
   /*
    Now we do a search;
    */
   timeout.tv_usec = 0;
   timeout.tv_sec  = nickserv_conf.ldap_timeout;
    if(!admin_bind && LDAP_SUCCESS != ( rc = ldap_do_admin_bind())) {
       log_module(MAIN_LOG, LOG_ERROR, "failed to bind as admin");
       return rc;
    }
   if( (rc = ldap_search_st(ld, nickserv_conf.ldap_base, LDAP_SCOPE_ONELEVEL, filter, NULL, 0, &timeout, &res)) != LDAP_SUCCESS) {
       log_module(MAIN_LOG, LOG_ERROR, "search failed: %s   %s: %s", nickserv_conf.ldap_base, filter, ldap_err2string(rc));
       return(rc);
   }
   log_module(MAIN_LOG, LOG_DEBUG, "Search successfull!  %s    %s\n", nickserv_conf.ldap_base, filter);
   if(ldap_count_entries(ld, res) != 1) {
      log_module(MAIN_LOG, LOG_DEBUG, "LDAP search got %d entries when looking for %s", ldap_count_entries(ld, res), account);
      return(LDAP_OTHER); /* Search was a success, but user not found.. */
   }
   log_module(MAIN_LOG, LOG_DEBUG, "LDAP search got %d entries", ldap_count_entries(ld, res));
   *entry = ldap_first_entry(ld, res);
   return(rc);
}
示例#2
0
int login::proof()
{
	
	/* setup LDAP connection */
	if((ld=ldap_init(LDAP_HOST, LDAP_PORT)) == NULL) {
		perror("ldap_init failed");
		return EXIT_FAILURE;
	}
	printf("\nconnected to LDAP server %s on port %d\n",LDAP_HOST,LDAP_PORT);
	
	/* non-anonymous bind from home */
	rc = ldap_simple_bind_s(ld,BIND_USER,BIND_PW);
	
	if(rc != LDAP_SUCCESS) {
		fprintf(stderr,"\nLDAP error: %s\n",ldap_err2string(rc));
		return EXIT_FAILURE;
	} else {
		printf("\npretended anonymous bind successful\n");
	}
	
	/* perform LDAP search */
	rc = ldap_search_s(ld, SEARCHBASE, SCOPE, filter_c, attribs, 0, &result);
	
	if(rc != LDAP_SUCCESS) {
		fprintf(stderr,"\nLDAP search error: %s\n",ldap_err2string(rc));
		return EXIT_FAILURE;
	}else{
		printf("\nTotal results: %d\n", ldap_count_entries(ld, result));
		if(ldap_count_entries(ld,result) < 1) {
			fprintf(stderr,"\nUser nicht gefunden!\n");
			return EXIT_FAILURE;
		}
	}
	
	e = ldap_first_entry(ld, result);
	found = ldap_get_dn(ld,e);
	printf("\nDN: %s\n",found);
	
	/* User anmelden */
	rc = ldap_simple_bind_s(ld,found,passwd_c);
	
	if(rc != LDAP_SUCCESS) {
		fprintf(stderr,"\nLDAP error: %s\n",ldap_err2string(rc));
		return EXIT_FAILURE;
	} else {
		printf("\nbind successful\n");
	}
	
	
	/* free memory used for result */
	ldap_msgfree(result);
	free(attribs[0]);
	free(attribs[1]);
	printf("\nLDAP login succeeded\n");
	
	ldap_unbind(ld);
	return EXIT_SUCCESS;
}
示例#3
0
文件: addhost.c 项目: tridge/junkcode 
int ldap_add_machine_account(const char *ldap_host, 
			     const char *hostname, const char *realm)
{
	LDAP *ld;
	int ldap_port = LDAP_PORT;
	char *bind_path;
	int rc;
	LDAPMessage *res;
	void *sasl_defaults;
	int version = LDAP_VERSION3;

	bind_path = build_dn(realm);

	printf("Creating host account for %s@%s\n", hostname, realm);

	ld = ldap_open(ldap_host, ldap_port);
	ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &version);

	rc = ldap_sasl_interactive_bind_s(ld, NULL, NULL, NULL, NULL, 0,
					  sasl_interact, NULL);

	if (rc != LDAP_SUCCESS) {
		ldap_perror(ld, "ldap_bind");
		goto failed;
	}

	rc = find_host(ld, &res, bind_path, hostname);
	if (rc == LDAP_SUCCESS && ldap_count_entries(ld, res) == 1) {
		printf("Host account for %s already exists\n", hostname);
		goto finished;
	}

	rc = add_host(ld, bind_path, hostname, realm);
	if (rc != LDAP_SUCCESS) {
		ldap_perror(ld, "add_host");
		goto failed;
	}

	rc = find_host(ld, &res, bind_path, hostname);
	if (rc != LDAP_SUCCESS || ldap_count_entries(ld, res) != 1) {
		ldap_perror(ld, "find_host test");
		goto failed;
	}

	printf("Successfully added machine account for %s\n", hostname);

finished:	
	free(bind_path);
	return 0;

failed:
	printf("ldap_add_machine_account failed\n");
	free(bind_path);
	ldap_unbind(ld);
	return 1;
}
示例#4
0
static int
count_identical_fullnames(abook_ldap_state *ldap_state, char *alias)
{
    int rc, count = 0;
    char filter[1024];
    LDAPMessage *results;

    /* 
     * To limit the work done for this search, look for some bogus attribute 
     * that's probably not in the entry and don't return any values.
     */
    char *attrs[] = {"c", NULL};

    snprintf(filter, sizeof(filter), "(&%s(%s=%s))", config.defaultfilter, 
	    config.fullnameattr, alias);
    rc = ldap_search_s(ldap_state->ld, config.searchbase, config.scope,
		       filter, attrs, 1 /*attrs-only*/, &results);
    if (rc != LDAP_SUCCESS) {
	syslog(LOG_ERR, "count_identical_fullnames: search failed: %s",
	       ldap_err2string(rc));
	count = -1;
    } else {
	count = ldap_count_entries(ldap_state->ld, results);
	/* Returns -1 on error, so just pass that back to the caller */
	(void) ldap_msgfree(results);  /* ignore message type return value */
    }

    return count;
}
示例#5
0
PWCHAR kuhl_m_sid_getRootDomainNamingContext(LDAP *ld)
{
	DWORD dwErr;
	PWCHAR rootAttr[] = {L"rootDomainNamingContext", NULL}, ret = NULL;
	PLDAPMessage pMessage = NULL;
	PBERVAL *pBerVal;

	dwErr = ldap_search_s(ld, NULL, LDAP_SCOPE_BASE, L"(dn=RootDSE)", rootAttr, FALSE, &pMessage);
	if(dwErr == LDAP_SUCCESS)
	{
		if(ldap_count_entries(ld, pMessage) == 1)
		{
			if(pBerVal = ldap_get_values_len(ld, pMessage, rootAttr[0]))
			{
				if(ldap_count_values_len(pBerVal) == 1)
					ret = kull_m_string_qad_ansi_c_to_unicode(pBerVal[0]->bv_val, pBerVal[0]->bv_len);
				else PRINT_ERROR(L"ldap_get_values_len is NOT 1\n");
				ldap_value_free_len(pBerVal);
			}
		}
		else PRINT_ERROR(L"ldap_count_entries is NOT 1\n");
	}
	else PRINT_ERROR(L"ldap_search_s 0x%x (%u)\n", dwErr, dwErr);
	if(pMessage)
		ldap_msgfree(pMessage);
	return ret;
}
示例#6
0
文件: ldap.c 项目: baohaojun/dico 
static int
db_get_pass(void *handle, const char *qpw, const char *key, char **ppass)
{
    struct _dico_ldap_handle *lp = handle;
    LDAPMessage *res, *msg;
    int rc;
    struct berval **values;
    
    res = _dico_ldap_search(lp, lp->user_filter, qpw, key);
    if (!res)
	return 1;

    rc = ldap_count_entries(lp->ldap, res);
    if (rc == 0) {
	dico_log(L_ERR, 0, "not enough entires");
	ldap_msgfree(res);
	return 1;
    }

    msg = ldap_first_entry(lp->ldap, res);
    
    values = ldap_get_values_len(lp->ldap, msg, qpw);
    if (ldap_count_values_len(values) == 0) {
	dico_log(L_ERR, 0, "not enough entires");
	ldap_msgfree(res);
	return 1;
    }
    *ppass = strdup(values[0]->bv_val);
    rc = *ppass == NULL;
    if (rc)
	dico_log(L_ERR, 0, "not enough memory");
    ldap_value_free_len(values);
    ldap_msgfree(res);
    return rc;
}
示例#7
0
static int verify_single_result(LDAP *l, int always_log, char *reason, LDAPMessage *messages)
{
  int rc, erc, num_entries;
  char *errmsg;

  rc = ldap_parse_result(l, messages, &erc, NULL, &errmsg,
			 NULL, NULL, 0);
  if (rc != LDAP_SUCCESS) {
    prtmsg("Failed to %s (parse_result): %s", reason, ldap_err2string(rc));
    return 0;
  }
  if (erc != LDAP_SUCCESS) {
    prtmsg("Failed to %s (server response): %s%s%s", reason, ldap_err2string(erc),
	   (errmsg?", ":""), (errmsg?errmsg:""));
    if (errmsg)
      ldap_memfree(errmsg);
    return 0;
  }
  if (errmsg)
    ldap_memfree(errmsg);
  num_entries=ldap_count_entries(l, messages);
  if (num_entries == 0) {
    if (always_log) 
      prtmsg("Failed to %s (no entries returned)", reason);
    return 0;
  }
  if (num_entries > 1) {
    prtmsg("Failed to %s (too many entries: %d)", reason, num_entries);
    return 0;
  }
  return 1;
}
示例#8
0
DWORD
LwLdapCountEntries(
    HANDLE hDirectory,
    LDAPMessage* pMessage,
    PDWORD pdwCount
    )
{
    int iCount = 0;
    int err = 0;
    PLW_LDAP_DIRECTORY_CONTEXT pDirectory = NULL;
    DWORD dwError = 0;

    pDirectory = (PLW_LDAP_DIRECTORY_CONTEXT)hDirectory;
    iCount = ldap_count_entries(pDirectory->ld, pMessage);

    if (iCount < 0)
    {
        dwError = ldap_get_option(
                        pDirectory->ld,
                        LDAP_OPT_ERROR_NUMBER,
                        &err);
        BAIL_ON_LDAP_ERROR(dwError);
        dwError = err;
        BAIL_ON_LDAP_ERROR(dwError);
    }

    *pdwCount = iCount;

cleanup:
    return dwError;

error:
    *pdwCount = 0;
    goto cleanup;
}
示例#9
0
/**
 * @name tcp_mapper_ldap_query
 * @description Issue a query to a LDAP instance
 * @param LDAP *ldap
 * @return int numrows
 */
int tcp_mapper_ldap_search(LDAP *ldap, char *search, char *result){

    LDAPMessage *ldap_result, *entry;
    int     numentries = 0;
    int     err;
    char    **val;


    if(err = ldap_search_s(ldap, cfg.ldap_base, LDAP_SCOPE_SUBTREE, search,
                NULL, 0, &ldap_result) != LDAP_SUCCESS ) {

        printf("%s\n", ldap_err2string(err));
        return -1;
    }
    numentries = ldap_count_entries(ldap, ldap_result);

    if(numentries != 0) {
        /* just firts entry. We don't need any other */
        entry = ldap_first_entry(ldap, ldap_result);
        val   = ldap_get_values(ldap, entry, cfg.ldap_result_attr);
   
	if(val == NULL) {
	    return 0; 
	}
	snprintf(result, strlen(val[0])+1, "%s", (char *) val[0]);
	ldap_value_free(val);
    }

    return numentries;
}
示例#10
0
文件: AD.cpp 项目: shiham101/Reaper 
void AD::AddGroups(LDAPMessage *search)
{
    DWORD i;
    DWORD j;
    LDAPMessage *entry = NULL;
    PWCHAR attribute;
    PWCHAR *values;
    BerElement *berElement;

    for(i = 0; i < ldap_count_entries(ldap, search); i++)
    {
        Group *g = new Group();

        if(!i)
        {
            entry = ldap_first_entry(ldap, search);
        }
        else
        {
            entry = ldap_next_entry(ldap, entry);
        }

        attribute = ldap_first_attribute(ldap, entry, &berElement);

        while(attribute != NULL)
        {
            values = ldap_get_values(ldap, entry, attribute);

            if(lstrcmpi(attribute, L"samaccountname") == 0)
            {
                g->name = values[0];
            }
            if(lstrcmpi(attribute, L"member") == 0)
            {
                for(j = 0; j < ldap_count_values(values); j++)
                {
                    std::wstring *ret = new std::wstring();
                    CNToAccountName(values[j], ret);
                    g->users.push_back(ret);
                }
            }
            ldap_value_free(values);
            ldap_memfree(attribute);
            attribute = ldap_next_attribute(ldap, entry, berElement);
        }

        ber_free(berElement, 0);

        if(g->name.length() > 0)
        {
            GetGroupManager()->groups.push_back(g);
            g->PrettyPrint();
        }
        else
        {
            delete(g);
        }

    }
}
示例#11
0
char *
gfarm_generic_info_get(
	void *key,
	void *info,
	const struct gfarm_generic_info_ops *ops)
{
	LDAPMessage *res, *e;
	int n, rv;
	char *a;
	BerElement *ber;
	char **vals;
	char *dn = ops->make_dn(key);
	char *error;

	if (dn == NULL)
		return (GFARM_ERR_NO_MEMORY);
	if ((error = gfarm_ldap_check()) != NULL)
		return (error);
	rv = ldap_search_s(gfarm_ldap_server, dn, 
	    LDAP_SCOPE_BASE, ops->query_type, NULL, 0, &res);
	free(dn);
	if (rv != LDAP_SUCCESS) {
		if (rv == LDAP_NO_SUCH_OBJECT)
			return (GFARM_ERR_NO_SUCH_OBJECT);
		return (ldap_err2string(rv));
	}
	n = ldap_count_entries(gfarm_ldap_server, res);
	if (n == 0) {
		/* free the search results */
		ldap_msgfree(res);
		return (GFARM_ERR_NO_SUCH_OBJECT);
	}
	ops->clear(info);
	e = ldap_first_entry(gfarm_ldap_server, res);

	ber = NULL;
	for (a = ldap_first_attribute(gfarm_ldap_server, e, &ber); a != NULL;
	    a = ldap_next_attribute(gfarm_ldap_server, e, ber)) {
		vals = ldap_get_values(gfarm_ldap_server, e, a);
		if (vals[0] != NULL)
			ops->set_field(info, a, vals);
		ldap_value_free(vals);
		ldap_memfree(a);
	}
	if (ber != NULL)
		ber_free(ber, 0);

	/* free the search results */
	ldap_msgfree(res);

	/* should check all fields are filled */
	if (!ops->validate(info)) {
		ops->free(info);
		/* XXX - different error code is better ? */
		return (GFARM_ERR_NO_SUCH_OBJECT);
	}

	return (NULL); /* success */
}
示例#12
0
文件: authldap.c 项目: alniaky/dbmail 
/* returns the number of matches found */
static GList * __auth_get_every_match(const char *q, const char **retfields)
{
	LDAPMessage *ldap_msg;
	LDAPMessage *ldap_res;
	char **ldap_vals = NULL, *dn;
	int j = 0, k = 0, m = 0, err;
	GList *attlist,*fldlist,*entlist;
	LDAP *_ldap_conn = ldap_con_get();
	
	attlist = fldlist = entlist = NULL;

	if (! (ldap_res = authldap_search(q))) return NULL;

	if ((j = ldap_count_entries(_ldap_conn, ldap_res)) < 1) {
		TRACE(TRACE_DEBUG, "nothing found");
		if (ldap_res) ldap_msgfree(ldap_res);
		return NULL;
	}

	/* do the first entry here */
	if ((ldap_msg = ldap_first_entry(_ldap_conn, ldap_res)) == NULL) {
		ldap_get_option(_ldap_conn, LDAP_OPT_ERROR_NUMBER, &err);
		TRACE(TRACE_ERR, "ldap_first_entry failed: [%s]", ldap_err2string(err));
		if (ldap_res) ldap_msgfree(ldap_res);
		return NULL;
	}

	while (ldap_msg) {
		dn = ldap_get_dn(_ldap_conn, ldap_msg);

		TRACE(TRACE_DEBUG,"scan results for DN: [%s]", dn);
		for (k = 0; retfields[k] != NULL; k++) {
			TRACE(TRACE_DEBUG,"ldap_get_values [%s]", retfields[k]);
			if ((ldap_vals = ldap_get_values(_ldap_conn, ldap_msg, retfields[k]))) {
				m = 0;
				while (ldap_vals[m]) { 
					TRACE(TRACE_DEBUG,"got value [%s]", ldap_vals[m]);
					attlist = g_list_append(attlist,g_strdup(ldap_vals[m]));
					m++;
				}
			}

			fldlist = g_list_append(fldlist, attlist);
			attlist = NULL;
			
			ldap_value_free(ldap_vals);
		}
		entlist = g_list_append(entlist, fldlist);
		fldlist = NULL;
		
		ldap_memfree(dn);
		ldap_msg = ldap_next_entry(_ldap_conn, ldap_msg);
	}

	if (ldap_res) ldap_msgfree(ldap_res);
	if (ldap_msg) ldap_msgfree(ldap_msg);

	return entlist;
}
示例#13
0
krb5_error_code ipadb_multibase_search(struct ipadb_context *ipactx,
                                       char **basedns, int scope,
                                       char *filter, char **attrs,
                                       struct ipadb_multires **res,
                                       bool any)
{
    int ret;

    ret = ipadb_multires_init(ipactx->lcontext, res);
    if (ret != 0) return ret;

    ret = ipadb_check_connection(ipactx);
    if (ret != 0)
        return ipadb_simple_ldap_to_kerr(ret);

    for (int b = 0; basedns[b]; b++) {
        LDAPMessage *r;
        ret = ldap_search_ext_s(ipactx->lcontext, basedns[b], scope,
                                filter, attrs, 0, NULL, NULL,
                                &std_timeout, LDAP_NO_LIMIT, &r);

        /* first test if we need to retry to connect */
        if (ret != 0 &&
            ipadb_need_retry(ipactx, ret)) {
            ldap_msgfree(r);
            ret = ldap_search_ext_s(ipactx->lcontext, basedns[b], scope,
                                    filter, attrs, 0, NULL, NULL,
                                    &std_timeout, LDAP_NO_LIMIT, &r);
        }

        if (ret != 0) break;

        if (ldap_count_entries(ipactx->lcontext, r) > 0) {
            void *tmp = realloc((*res)->res, (((*res)->count + 1) *
                                                sizeof(LDAPMessage *)));
            if (tmp == NULL) {
                ret = ENOMEM;
                break;
            }
            (*res)->res = tmp;
            (*res)->res[(*res)->count] = r;
            (*res)->count++;

            if (any) break;
        }
    }

    if (ret != 0) {
        ipadb_multires_free(*res);
        *res = NULL;
    }

    return ipadb_simple_ldap_to_kerr(ret);
}
示例#14
0
/* Remove the user from all groups below the given container */
int ad_group_subtree_remove_user(char *container_dn, char *user_dn) {
	LDAP *ds;
	char *filter;
	int filter_length;
	char *attrs[]={"1.1", NULL};
	LDAPMessage *res;
	LDAPMessage *entry;
	int result, num_results;
	char *group_dn=NULL;

	ds=ad_login();
	if(!ds) return ad_error_code;

	filter_length=(strlen(user_dn)+255);
	filter=malloc(filter_length);
	snprintf(filter, filter_length, 
		"(&(objectclass=group)(member=%s))", user_dn);

	result=ldap_search_s(ds, container_dn, LDAP_SCOPE_SUBTREE, 
				filter, attrs, 0, &res);
	if(result!=LDAP_SUCCESS) {
		snprintf(ad_error_msg, MAX_ERR_LENGTH, 
			"Error in ldap_search_s for ad_group_subtree_remove_user: %s", 
			ldap_err2string(result));
		ad_error_code=AD_LDAP_OPERATION_FAILURE;
		return ad_error_code;
	}
	free(filter);

	num_results=ldap_count_entries(ds, res);
	if(num_results==0) {
		ad_error_code=AD_SUCCESS;
		return ad_error_code;
	}

	entry=ldap_first_entry(ds, res);
	while(entry!=NULL) {
		group_dn=ldap_get_dn(ds, entry);
		if(ad_group_remove_user(group_dn, user_dn)!=AD_SUCCESS) {
			snprintf(ad_error_msg, MAX_ERR_LENGTH, 
				"Error in ad_group_subtree_remove_user"
				"\nwhen removing %s from %s:\n%s", 
				user_dn, group_dn, ad_error_msg);
			return ad_error_code;
		}
		entry=ldap_next_entry(ds, entry);
	}

	if(group_dn!=NULL) ldap_memfree(group_dn);
	ldap_msgfree(res);
	ad_error_code=AD_SUCCESS;
	return ad_error_code; 
}
示例#15
0
int
ldap_sort_entries(
    LDAP	*ld,
    LDAPMessage	**chain,
    char	*attr,		/* NULL => sort by DN */
    int		(*cmp)(const void *a, const void *b)
)
{
	int			i, count;
	struct entrything	*et;
	LDAPMessage		*e, *last;
	LDAPMessage		**ep;

	count = ldap_count_entries( ld, *chain );

	if ( (et = (struct entrything *) malloc( count *
	    sizeof(struct entrything) )) == NULL ) {
		ld->ld_errno = LDAP_NO_MEMORY;
		return( -1 );
	}

	e = *chain;
	for ( i = 0; i < count; i++ ) {
		et[i].et_msg = e;
		if ( attr == NULL ) {
			char	*dn;

			dn = ldap_get_dn( ld, e );
			et[i].et_vals = ldap_explode_dn( dn, 1 );
			free( dn );
		} else {
			et[i].et_vals = ldap_get_values( ld, e, attr );
		}

		e = e->lm_chain;
	}
	last = e;

	et_cmp_fn = cmp;
	qsort( et, count, sizeof(struct entrything), (void *) et_cmp );

	ep = chain;
	for ( i = 0; i < count; i++ ) {
		*ep = et[i].et_msg;
		ep = &(*ep)->lm_chain;

		ldap_value_free( et[i].et_vals );
	}
	*ep = last;
	free( (char *) et );

	return( 0 );
}
示例#16
0
文件: misc.c 项目: Strongc/reactos 
/***********************************************************************
 *      ldap_count_entries     (WLDAP32.@)
 *
 * Count the number of entries returned from a search.
 *
 * PARAMS
 *  ld  [I] Pointer to an LDAP context.
 *  res [I] LDAP message.
 *
 * RETURNS
 *  Success: The number of entries.
 *  Failure: ~0u
 */
ULONG CDECL WLDAP32_ldap_count_entries( WLDAP32_LDAP *ld, WLDAP32_LDAPMessage *res )
{
    ULONG ret = WLDAP32_LDAP_NOT_SUPPORTED;
#ifdef HAVE_LDAP

    TRACE( "(%p, %p)\n", ld, res );

    if (!ld) return ~0u;
    ret = ldap_count_entries( ld, res );

#endif
    return ret;
}
示例#17
0
文件: AD.cpp 项目: shiham101/Reaper 
// Sorry that this is kind of crappy, but passing the point to wstring
// is basically necessary unless you want thrashed memory for strings.
void AD::CNToAccountName(LPWSTR s, std::wstring *d)
{
    LDAPMessage *search = NULL;
    LDAPMessage *entry = NULL;
    PWCHAR attribute;
    PWCHAR *values;
    BerElement *berElement = NULL;
    DWORD i;
    DWORD j;
    LPWSTR filters[2];

    filters[0] = L"samAccountName";
    filters[1] = NULL;

    d->clear();

    if(ldap_search_s(ldap, s, LDAP_SCOPE_SUBTREE, NULL, filters, 0, &search) != LDAP_SUCCESS)
    {
        Util::Error(LdapGetLastError(), L"ldap_search_s()");
    }

    entry = ldap_first_entry(ldap, search);

    for(i = 0; i < ldap_count_entries(ldap, search); i++)
    {
        if(!i)
        {
            entry = ldap_first_entry(ldap, search);
        }
        else
        {
            entry = ldap_next_entry(ldap, entry);
        }

        attribute = ldap_first_attribute(ldap, entry, &berElement);

        while(attribute != NULL)
        {
            values = ldap_get_values(ldap, entry, attribute);
            if(lstrcmpi(attribute, L"samaccountname") == 0)
            {
                d->append(values[0]);
            }
            ldap_value_free(values);
            ldap_memfree(attribute);
            attribute = ldap_next_attribute(ldap, entry, berElement);
        }
    }
    ber_free(berElement, 0);
    ldap_msgfree(search);
}
示例#18
0
文件: AD.cpp 项目: shiham101/Reaper 
void AD::AddServers(LDAPMessage *search)
{
    DWORD i;
    DWORD j;
    LDAPMessage *entry = NULL;
    BerElement *berElement = NULL;
    PWCHAR attribute;
    PWCHAR *values;

    for(i = 0; i < ldap_count_entries(ldap, search); i++)
    {
        Server *s = new Server();

        if(!i)
        {
            entry = ldap_first_entry(ldap, search);
        }
        else
        {
            entry = ldap_next_entry(ldap, entry);
        }

        attribute = ldap_first_attribute(ldap, entry, &berElement);

        while(attribute != NULL)
        {
            values = ldap_get_values(ldap, entry, attribute);

            if(lstrcmpi(attribute, L"samaccountname") == 0)
            {
                s->name = values[0];
                s->name.resize(s->name.length()-1);
            }
            ldap_value_free(values);
            ldap_memfree(attribute);
            attribute = ldap_next_attribute(ldap, entry, berElement);
        }

        if(s->name.length() > 0)
        {
            GetServerManager()->servers.push_back(s);
            s->PrettyPrint();
        }
        else
        {
            delete(s);
        }
    }
    ber_free(berElement, 0);
}
示例#19
0
/*
 * @uid: user's uid, list all users if * is passed in.
 */
static int ldap_count_users (CcnetUserManager *manager, const char *uid)
{
    LDAP *ld = NULL;
    int res;
    GString *filter;
    char *filter_str;
    char *attrs[2];
    LDAPMessage *msg = NULL;

    ld = ldap_init_and_bind (manager->ldap_host,
#ifdef WIN32
                             manager->use_ssl,
#endif
                             manager->user_dn,
                             manager->password);
    if (!ld)
        return -1;

    filter = g_string_new (NULL);
    if (!manager->filter)
        g_string_printf (filter, "(%s=%s)", manager->login_attr, uid);
    else
        g_string_printf (filter, "(&(%s=%s) (%s))",
                         manager->login_attr, uid, manager->filter);
    filter_str = g_string_free (filter, FALSE);

    attrs[0] = manager->login_attr;
    attrs[1] = NULL;

    char **base;
    int count = 0;
    for (base = manager->base_list; *base; ++base) {
        res = ldap_search_s (ld, *base, LDAP_SCOPE_SUBTREE,
                             filter_str, attrs, 0, &msg);
        if (res != LDAP_SUCCESS) {
            ccnet_warning ("ldap_search failed: %s.\n", ldap_err2string(res));
            ldap_msgfree (msg);
            count = -1;
            goto out;
        }

        count += ldap_count_entries (ld, msg);
        ldap_msgfree (msg);
    }

out:
    g_free (filter_str);
    if (ld) ldap_unbind_s (ld);
    return count;
}
示例#20
0
/* -1 if trouble
   0 if user is NOT member of current server group
   1 if user IS MEMBER of current server group 
 */
int ldap_ismember(ldap_opt_t * l, const char * user) {
    LDAPMessage *res;
    char * filter;
    int i;

    if ((!l->sgroup) || !(l->g_basedn))
        return 1;

    /* Am i still connected ? RETRY n times */
    /* XXX TODO: setup some conf value for retrying */
    if (!(l->flags & FLAG_CONNECTED)) 
        for (i = 0 ; i < 2 ; i++)
            if (ldap_connect(l) == 0)
                 break;

    /* quick check for attempts to be evil */
    if ((strchr(user, '(') != NULL) || (strchr(user, ')') != NULL) ||
        (strchr(user, '*') != NULL) || (strchr(user, '\\') != NULL))
        return FAILURE;

    /* build filter for LDAP request */
    REQUEST_GROUP(filter, l->fgroup, user);

    if (ldap_search_st( l->ld, 
        l->g_basedn,
        LDAP_SCOPE_SUBTREE,
        filter,
        NULL, 0, &l->s_timeout, &res) != LDAP_SUCCESS) {
    
        ldap_perror(l->ld, "ldap_search_st()");

        free(filter);

        /* XXX error on search, timeout etc.. close ask for reconnect */
        ldap_close(l);

        return FAILURE;
    }

    free(filter);

    /* check if any results */
    if (ldap_count_entries(l->ld, res) > 0) {
        ldap_msgfree(res);
        return 1;
    }

    ldap_msgfree(res);
    return 0;
}
示例#21
0
static
DWORD
_GetSchemaEntryFromPartner(
        LDAP *pLd,
        LDAPMessage **ppResult,
        LDAPMessage **ppEntry
        )
{
    DWORD dwError = 0;
    PCSTR pcszFilter = "(objectclass=*)";
    LDAPMessage *pResult = NULL;
    LDAPMessage *pEntry = NULL;

    dwError = ldap_search_ext_s(
            pLd,
            SUB_SCHEMA_SUB_ENTRY_DN,
            LDAP_SCOPE_BASE,
            pcszFilter,
            ppszSchemaEntryAttrs,
            FALSE, /* get values      */
            NULL,  /* server controls */
            NULL,  /* client controls */
            NULL,  /* timeout         */
            0,     /* size limit      */
            &pResult);
    BAIL_ON_VMDIR_ERROR(dwError);

    // Note: searching by name should yield just one
    if (ldap_count_entries(pLd, pResult) != 1)
    {
        dwError = VMDIR_ERROR_DATA_CONSTRAINT_VIOLATION;
        BAIL_ON_VMDIR_ERROR(dwError);
    }
    pEntry = ldap_first_entry(pLd, pResult);
    *ppEntry = pEntry;
    *ppResult = pResult;

cleanup:
    return dwError;

error:
    VMDIR_LOG_ERROR( VMDIR_LOG_MASK_ALL,
            "%s,%d failed, error(%d)", __FUNCTION__, __LINE__, dwError );

    if (pResult)
    {
        ldap_msgfree(pResult);
    }
    goto cleanup;
}
示例#22
0
文件: authldap.c 项目: alniaky/dbmail 
static char *__auth_get_first_match(const char *q, const char **retfields)
{
	LDAPMessage *ldap_msg;
	LDAPMessage *ldap_res;
	char *returnid = NULL, *ldap_dn = NULL;
	char **ldap_vals = NULL;
	int k = 0, err;
	LDAP *_ldap_conn = ldap_con_get();

	if (! (ldap_res = authldap_search(q)))
		return NULL;

	if (ldap_count_entries(_ldap_conn, ldap_res) < 1) {
		TRACE(TRACE_DEBUG, "none found");
		goto endfree;
	}

	ldap_msg = ldap_first_entry(_ldap_conn, ldap_res);
	if (ldap_msg == NULL) {
		ldap_get_option(_ldap_conn, LDAP_OPT_ERROR_NUMBER, &err);
		TRACE(TRACE_ERR, "ldap_first_entry failed: %s", ldap_err2string(err));
		goto endfree;
	}

	for (k = 0; retfields[k] != NULL; k++) {
		if (0 == strcasecmp(retfields[k], "dn")) {
			ldap_dn = ldap_get_dn(_ldap_conn, ldap_msg);
			if (ldap_dn)
				returnid = g_strdup(ldap_dn);
			break;
		} else {
			ldap_vals = ldap_get_values(_ldap_conn, ldap_msg, retfields[k]);
			if (ldap_vals) 
				returnid = g_strdup(ldap_vals[0]);
			break;
		}
	}

endfree:
	if (ldap_dn)
		ldap_memfree(ldap_dn);
	if (ldap_vals)
		ldap_value_free(ldap_vals);
	if (ldap_res)
		ldap_msgfree(ldap_res);

	return returnid;
}
示例#23
0
文件: qldap.c 项目: ajtulloch/qmail 
int
qldap_first(qldap *q)
{
	CHECK(q, EXTRACT);
	/* get first match of a qldap_filter search */

	q->msg = ldap_first_entry(q->ld, q->res);
	if (q->msg == (LDAPMessage *)0) {
		if (ldap_count_entries(q->ld, q->res) == 0)
			return NOSUCH;
		else
			return FAILED;
	}
	q->state = EXTRACT;
	return OK;
}
示例#24
0
BOOL kuhl_m_sid_quickSearch(int argc, wchar_t * argv[], BOOL needUnique, PCWCHAR system, PLDAP *ld, PLDAPMessage *pMessage)
{
	BOOL status = FALSE;
	DWORD dwErr;
	PWCHAR myAttrs[] = {L"name", L"sAMAccountName", L"objectSid", L"sIDHistory", L"objectGUID", NULL}, dn, filter;
	if(filter = kuhl_m_sid_filterFromArgs(argc, argv))
	{
		if(kuhl_m_sid_getLdapAndRootDN(system, ld, &dn))
		{
			*pMessage = NULL;
			dwErr = ldap_search_s(*ld, dn, LDAP_SCOPE_SUBTREE, filter, myAttrs, FALSE, pMessage);
			if(status = (dwErr == LDAP_SUCCESS))
			{
				switch(ldap_count_entries(*ld, *pMessage))
				{
				case 0:
					status = FALSE;
					PRINT_ERROR(L"No result! - filter was \'%s\'\n", filter);
					break;
				case 1:
					break;
				default:
					if(needUnique)
					{
						PRINT_ERROR(L"Not unique - Please: don\'t brick your AD! - filter was \'%s\'\n", filter);
						status = FALSE;
					}
					break;
				}
			}
			else PRINT_ERROR(L"ldap_search_s 0x%x (%u)\n", dwErr, dwErr);
			
			if(status)
				kuhl_m_sid_displayMessage(*ld, *pMessage);
			else
			{
				if(*pMessage)
					ldap_msgfree(*pMessage);
				ldap_unbind(*ld);
			}
			LocalFree(dn);			
		}
		LocalFree(filter);
	}
	return status;
}
示例#25
0
static int get_ldap_seq(const char *server, int port, uint32 *seq)
{
	int ret = -1;
	struct timeval to;
	char *attrs[] = {"highestCommittedUSN", NULL};
	LDAPMessage *res = NULL;
	char **values = NULL;
	LDAP *ldp = NULL;

	*seq = DOM_SEQUENCE_NONE;

	/*
	 * Parameterised (5) second timeout on open. This is needed as the search timeout
	 * doesn't seem to apply to doing an open as well. JRA.
	 */

	if ((ldp = ldap_open_with_timeout(server, port, lp_ldap_timeout())) == NULL)
		return -1;

	/* Timeout if no response within 20 seconds. */
	to.tv_sec = 10;
	to.tv_usec = 0;

	if (ldap_search_st(ldp, "", LDAP_SCOPE_BASE, "(objectclass=*)", &attrs[0], 0, &to, &res))
		goto done;

	if (ldap_count_entries(ldp, res) != 1)
		goto done;

	values = ldap_get_values(ldp, res, "highestCommittedUSN");
	if (!values || !values[0])
		goto done;

	*seq = atoi(values[0]);
	ret = 0;

  done:

	if (values)
		ldap_value_free(values);
	if (res)
		ldap_msgfree(res);
	if (ldp)
		ldap_unbind(ldp);
	return ret;
}
示例#26
0
/**
 * The public method auth authenticats the user with username and password
 * Parameters:
 * 		std::string *username: a reverence to the username
 * 		std::string *pw: a reverence to the password
 * Return:
 * 		bool: true if auth successfull
 */
bool LDAPConnection::auth(std::string *username, std::string *pw){
	int rc = 0;
	LDAPMessage *result, *entry;
	std::string filter = "(uid=";
	filter.append(*username);
	filter.append(")");

	//searches for user
	rc = ldap_search_s(this->ld, SEARCHBASE, SCOPE, filter.c_str(), this->attribs, 0, &result);
	if(rc != LDAP_SUCCESS){
		std::cout << ldap_err2string(rc) << std::endl;
		ldap_msgfree(result);
		return false;
	}

	//counts results
	if(ldap_count_entries(this->ld, result) != 1){
		ldap_msgfree(result);
		return false;
	}

	//gets user dn
	entry = ldap_first_entry(this->ld, result);
	std::string dn = ldap_get_dn(this->ld,entry);
	ldap_msgfree(result);

	//initializes a new ldap connection
	LDAP *ldp;
	ldap_initialize(&ldp, LDAP_HOST);
	if(ldp == NULL){
		return false;
	}

	//tries to bind the user
	rc = ldap_simple_bind_s(ldp, dn.c_str(), pw->c_str());

	if(rc != LDAP_SUCCESS){
		ldap_unbind(ldp);
		return false;
	}

	//closes the new ldap connection
	ldap_unbind(ldp);
	return true;
}
示例#27
0
//- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
std::string LDAP_UNX::getDistinguishedName( const std::string userID,
	std::string *dname )
{
	*dname = "";
	LDAP *ldap = NULL;	// INITIALISE AND CONNECT TO LDAP SERVER
	std::string	e = initialize( &ldap );
	if ( ! e.empty() )
		{return( e );
		}
	std::string	base = ou + "," + dc;
	std::string	bparam = std::string("CN=LDAPbind,") + base;
	const	int 	ibind = ldap_simple_bind_s( ldap, bparam.c_str(),
		ldap_pw.c_str() );
	if ( ibind != LDAP_SUCCESS )
		{sprintf( ebuf, "ldap_simple_bind_s=%d", ibind );
		return( std::string(ebuf) );
		}
/* SEARCH FOR ENTRY WITH sAMAccountName AS GIVEN BY USER AND GET
 distinguishedName IF IT EXISTS (IF FOUND, THEN USERNAME EXISTS) */
	LDAPMessage *res = ( LDAPMessage * )NULL;
	std::string filter = "(sAMAccountName=" + userID + ")";
	const	int	isearch = ldap_search_s( ldap, base.c_str(),
		LDAP_SCOPE_ONELEVEL, filter.c_str(), ( char ** )NULL, 0, &res );
	if ( isearch != LDAP_SUCCESS )
		{sprintf( ebuf, "ldap_search_s=%d", isearch );
		return( std::string(ebuf) );
		}
	const	int	nentries = ldap_count_entries( ldap, res );
	if ( nentries <= 0 )
		{    // FAILED TO FIND distinguishedName from sAMAccountName
		ldap_msgfree( res );
		ldap_unbind_s( ldap );
		return( "Username not found in LDAP-OU" );
		}
					    // EXTRACT distinguishedNAme
	char 	*dn = ldap_get_dn( ldap, ldap_first_entry( ldap, res ) );
	*dname = std::string( dn );
	ldap_memfree( dn );			    		// TIDY UP
	ldap_msgfree( res );
	ldap_unbind_s( ldap );   			// DROP ASSOCIATION
	return( "" );
 }
示例#28
0
文件: ldap.c 项目: baohaojun/dico 
static int
db_get_groups(void *handle, const char *qgr, const char *key,
	      dico_list_t *pgroups)
{
    struct _dico_ldap_handle *lp = handle;
    LDAPMessage *res, *msg;
    int rc;
    dico_list_t groups = NULL;
    
    res = _dico_ldap_search(lp, lp->group_filter, qgr, key);
    if (!res)
	return 1;

    rc = ldap_count_entries(lp->ldap, res);
    if (rc == 0) {
	dico_log(L_INFO, 0, "no groups containing %s", key);
	ldap_msgfree(res);
	*pgroups = NULL;
	return 0;
    }

    groups = dico_list_create();
    dico_list_set_free_item(groups, _free_group, NULL);
    *pgroups = groups;

    rc = 0;
    for (msg = ldap_first_entry(lp->ldap, res); msg;
	 msg = ldap_next_entry(lp->ldap, msg)) {
	struct berval **values;
	size_t i, count;
	
	values = ldap_get_values_len(lp->ldap, msg, qgr);
	count = ldap_count_values_len(values);
	for (i = 0; i < count; i++) {
	    char *s = strdup(values[i]->bv_val);
	    dico_list_append(groups, s);
	}
	ldap_value_free_len(values);
    }
    ldap_msgfree(res);
    return rc;
}
示例#29
0
文件: authldap.c 项目: alniaky/dbmail 
static char * dm_ldap_user_getdn(u64_t user_idnr) 
{
	GString *t = g_string_new("");
	char *dn;
	int err;
	LDAPMessage *ldap_res;
	LDAPMessage *ldap_msg;
	LDAP *_ldap_conn = ldap_con_get();
	
	g_string_printf(t, "(%s=%llu)", _ldap_cfg.field_nid, user_idnr);
	TRACE(TRACE_DEBUG, "searching with query [%s]", t->str);
	
	if (! (ldap_res = authldap_search(t->str))) {
		g_string_free(t,TRUE);
		return NULL;
	}
		
	g_string_free(t,TRUE);

	if (ldap_count_entries(_ldap_conn, ldap_res) < 1) {
		TRACE(TRACE_DEBUG, "no entries found");
		ldap_msgfree(ldap_res);
		return NULL;
	}

	if (! (ldap_msg = ldap_first_entry(_ldap_conn, ldap_res))) {
		ldap_get_option(_ldap_conn, LDAP_OPT_ERROR_NUMBER, &err);
		TRACE(TRACE_ERR, "ldap_first_entry failed: %s", ldap_err2string(err));
		ldap_msgfree(ldap_res);
		return NULL;
	}

	if (! (dn = ldap_get_dn(_ldap_conn, ldap_msg))) {
		ldap_get_option(_ldap_conn, LDAP_OPT_ERROR_NUMBER, &err);
		TRACE(TRACE_ERR, "ldap_get_dn failed: %s", ldap_err2string(err));
		ldap_msgfree(ldap_res);
		return NULL;
	}

	ldap_msgfree(ldap_res);
	return dn;
}
示例#30
0
文件: user-mgr.c 项目: hfeeki/ccnet 
/*
 * @uid: user's uid, list all users if * is passed in.
 */
static int ldap_count_users (CcnetUserManager *manager, const char *uid)
{
    LDAP *ld = NULL;
    int res;
    GString *filter;
    char *filter_str;
    char *attrs[2];
    LDAPMessage *msg = NULL;
    int count = -1;

    ld = ldap_init_and_bind (manager->ldap_host,
                             manager->user_dn,
                             manager->password);
    if (!ld)
        return -1;

    filter = g_string_new (NULL);
    g_string_printf (filter, "(%s=%s)", manager->login_attr, uid);
    filter_str = g_string_free (filter, FALSE);

    attrs[0] = manager->login_attr;
    attrs[1] = NULL;

    res = ldap_search_s (ld, manager->base, LDAP_SCOPE_SUBTREE,
                         filter_str, attrs, 0, &msg);
    if (res != LDAP_SUCCESS) {
        ccnet_warning ("ldap_search failed: %s.\n", ldap_err2string(res));
        goto out;
    }

    count = ldap_count_entries (ld, msg);

out:
    ldap_msgfree (msg);
    g_free (filter_str);
    if (ld) ldap_unbind_s (ld);
    return count;
}