1 /* ldapdelete.c - simple program to delete an entry using LDAP */
3 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
5 * Copyright 1998-2008 The OpenLDAP Foundation.
6 * Portions Copyright 1998-2003 Kurt D. Zeilenga.
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted only as authorized by the OpenLDAP
13 * A copy of this license is available in the file LICENSE in the
14 * top-level directory of the distribution or, alternatively, at
15 * <http://www.OpenLDAP.org/license.html>.
17 /* Portions Copyright (c) 1992-1996 Regents of the University of Michigan.
18 * All rights reserved.
20 * Redistribution and use in source and binary forms are permitted
21 * provided that this notice is preserved and that due credit is given
22 * to the University of Michigan at Ann Arbor. The name of the
23 * University may not be used to endorse or promote products derived
24 * from this software without specific prior written permission. This
25 * software is provided ``as is'' without express or implied warranty.
28 * This work was originally developed by the University of Michigan
29 * (as part of U-MICH LDAP). Additional significant contributors
38 #include <ac/stdlib.h>
40 #include <ac/string.h>
41 #include <ac/unistd.h>
42 #include <ac/socket.h>
47 #include "lutil_ldap.h"
48 #include "ldap_defaults.h"
54 static int sizelimit = -1;
57 static int dodelete LDAP_P((
61 static int deletechildren LDAP_P((
68 fprintf( stderr, _("Delete entries from an LDAP server\n\n"));
69 fprintf( stderr, _("usage: %s [options] [dn]...\n"), prog);
70 fprintf( stderr, _(" dn: list of DNs to delete. If not given, it will be readed from stdin\n"));
71 fprintf( stderr, _(" or from the file specified with \"-f file\".\n"));
72 fprintf( stderr, _("Delete Options:\n"));
73 fprintf( stderr, _(" -r delete recursively\n"));
79 const char options[] = "r"
80 "cd:D:e:f:h:H:IMnO:o:p:P:QR:U:vVw:WxX:y:Y:z:Z";
83 handle_private_option( int i )
90 char *control, *cvalue;
91 case 'E': /* delete extensions */
92 if( protocol == LDAP_VERSION2 ) {
93 fprintf( stderr, _("%s: -E incompatible with LDAPv%d\n"),
98 /* should be extended to support comma separated list of
99 * [!]key[=value] parameters, e.g. -E !foo,bar=567
104 if( optarg[0] == '!' ) {
109 control = strdup( optarg );
110 if ( (cvalue = strchr( control, '=' )) != NULL ) {
113 fprintf( stderr, _("Invalid delete extension name: %s\n"), control );
121 case 'z': /* size limit */
122 if ( strcasecmp( optarg, "none" ) == 0 ) {
125 } else if ( strcasecmp( optarg, "max" ) == 0 ) {
126 sizelimit = LDAP_MAXINT;
129 ival = strtol( optarg, &next, 10 );
130 if ( next == NULL || next[0] != '\0' ) {
132 _("Unable to parse size limit \"%s\"\n"), optarg );
133 exit( EXIT_FAILURE );
137 if( sizelimit < 0 || sizelimit > LDAP_MAXINT ) {
138 fprintf( stderr, _("%s: invalid sizelimit (%d) specified\n"),
140 exit( EXIT_FAILURE );
152 private_conn_setup( LDAP *ld )
154 /* this seems prudent for searches below */
155 int deref = LDAP_DEREF_NEVER;
156 ldap_set_option( ld, LDAP_OPT_DEREF, &deref );
161 main( int argc, char **argv )
170 tool_init( TOOL_DELETE );
171 prog = lutil_progname( "ldapdelete", argc, argv );
173 tool_args( argc, argv );
175 if ( infile != NULL ) {
176 if (( fp = fopen( infile, "r" )) == NULL ) {
178 exit( EXIT_FAILURE );
181 if ( optind >= argc ) {
186 ld = tool_conn_setup( 0, &private_conn_setup );
188 if ( pw_file || want_bindpw ) {
190 rc = lutil_get_filed_password( pw_file, &passwd );
191 if( rc ) return EXIT_FAILURE;
193 passwd.bv_val = getpassphrase( _("Enter LDAP Password: ") );
194 passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
200 tool_server_controls( ld, NULL, 0 );
205 for ( ; optind < argc; ++optind ) {
206 rc = dodelete( ld, argv[ optind ] );
208 /* Stop on error and no -c option */
211 if( contoper == 0 ) break;
215 while ((rc == 0 || contoper) && fgets(buf, sizeof(buf), fp) != NULL) {
216 buf[ strlen( buf ) - 1 ] = '\0'; /* remove trailing newline */
218 if ( *buf != '\0' ) {
219 rc = dodelete( ld, buf );
238 char *matcheddn = NULL, *text = NULL, **refs = NULL;
239 LDAPControl **ctrls = NULL;
243 printf( _("%sdeleting entry \"%s\"\n"),
244 (dont ? "!" : ""), dn );
251 /* If prune is on, remove a whole subtree. Delete the children of the
252 * DN recursively, then the DN requested.
254 if ( prune ) deletechildren( ld, dn );
256 rc = ldap_delete_ext( ld, dn, NULL, NULL, &id );
257 if ( rc != LDAP_SUCCESS ) {
258 fprintf( stderr, "%s: ldap_delete_ext: %s (%d)\n",
259 prog, ldap_err2string( rc ), rc );
266 if ( tool_check_abandon( ld, id ) ) {
267 return LDAP_CANCELLED;
273 rc = ldap_result( ld, LDAP_RES_ANY, LDAP_MSG_ALL, &tv, &res );
275 tool_perror( "ldap_result", rc, NULL, NULL, NULL, NULL );
284 rc = ldap_parse_result( ld, res, &code, &matcheddn, &text, &refs, &ctrls, 1 );
286 if( rc != LDAP_SUCCESS ) {
287 fprintf( stderr, "%s: ldap_parse_result: %s (%d)\n",
288 prog, ldap_err2string( rc ), rc );
292 if( code != LDAP_SUCCESS ) {
293 tool_perror( "ldap_delete", code, NULL, matcheddn, text, refs );
294 } else if ( verbose &&
295 ((matcheddn && *matcheddn) || (text && *text) || (refs && *refs) ))
297 printf( _("Delete Result: %s (%d)\n"),
298 ldap_err2string( code ), code );
300 if( text && *text ) {
301 printf( _("Additional info: %s\n"), text );
304 if( matcheddn && *matcheddn ) {
305 printf( _("Matched DN: %s\n"), matcheddn );
310 for( i=0; refs[i]; i++ ) {
311 printf(_("Referral: %s\n"), refs[i] );
317 tool_print_ctrls( ld, ctrls );
318 ldap_controls_free( ctrls );
322 ber_memfree( matcheddn );
323 ber_memvfree( (void **) refs );
329 * Delete all the children of an entry recursively until leaf nodes are reached.
331 static int deletechildren(
335 LDAPMessage *res, *e;
338 static char *attrs[] = { LDAP_NO_ATTRS, NULL };
339 LDAPControl c, *ctrls[2];
340 BerElement *ber = NULL;
343 if ( verbose ) printf ( _("deleting children of: %s\n"), base );
346 * Do a one level search at base for children. For each, delete its children.
349 srch_rc = ldap_search_ext_s( ld, base, LDAP_SCOPE_ONELEVEL, NULL, attrs, 1,
350 NULL, NULL, NULL, sizelimit, &res );
353 case LDAP_SIZELIMIT_EXCEEDED:
356 tool_perror( "ldap_search", srch_rc, NULL, NULL, NULL, NULL );
360 entries = ldap_count_entries( ld, res );
365 for (e = ldap_first_entry( ld, res ), i = 0; e != NULL;
366 e = ldap_next_entry( ld, e ), i++ )
368 char *dn = ldap_get_dn( ld, e );
371 ldap_get_option( ld, LDAP_OPT_RESULT_CODE, &rc );
372 tool_perror( "ldap_prune", rc, NULL, NULL, NULL, NULL );
377 rc = deletechildren( ld, dn );
379 tool_perror( "ldap_prune", rc, NULL, NULL, NULL, NULL );
385 printf( _("\tremoving %s\n"), dn );
388 rc = ldap_delete_ext_s( ld, dn, NULL, NULL );
390 tool_perror( "ldap_delete", rc, NULL, NULL, NULL, NULL );
397 printf( _("\t%s removed\n"), dn );
406 if ( srch_rc == LDAP_SIZELIMIT_EXCEEDED ) {
411 * Do a one level search at base for subentry children.
414 if ((ber = ber_alloc_t(LBER_USE_DER)) == NULL) {
417 rc = ber_printf( ber, "b", 1 );
420 fprintf( stderr, _("Subentries control encoding error!\n"));
423 if ( ber_flatten2( ber, &c.ldctl_value, 0 ) == -1 ) {
426 c.ldctl_oid = LDAP_CONTROL_SUBENTRIES;
427 c.ldctl_iscritical = 1;
432 srch_rc = ldap_search_ext_s( ld, base, LDAP_SCOPE_ONELEVEL, NULL, attrs, 1,
433 ctrls, NULL, NULL, sizelimit, &res_se );
436 case LDAP_SIZELIMIT_EXCEEDED:
439 tool_perror( "ldap_search", srch_rc, NULL, NULL, NULL, NULL );
444 entries = ldap_count_entries( ld, res_se );
449 for (e = ldap_first_entry( ld, res_se ), i = 0; e != NULL;
450 e = ldap_next_entry( ld, e ), i++ )
452 char *dn = ldap_get_dn( ld, e );
455 ldap_get_option( ld, LDAP_OPT_RESULT_CODE, &rc );
456 tool_perror( "ldap_prune", rc, NULL, NULL, NULL, NULL );
462 printf( _("\tremoving %s\n"), dn );
465 rc = ldap_delete_ext_s( ld, dn, NULL, NULL );
467 tool_perror( "ldap_delete", rc, NULL, NULL, NULL, NULL );
474 printf( _("\t%s removed\n"), dn );
481 ldap_msgfree( res_se );
483 if ( srch_rc == LDAP_SIZELIMIT_EXCEEDED ) {