1 /* ldapmodify.c - generic program to modify or add entries using LDAP */
3 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
5 * Copyright 1998-2014 The OpenLDAP Foundation.
6 * Portions Copyright 2006 Howard Chu.
7 * Portions Copyright 1998-2003 Kurt D. Zeilenga.
8 * Portions Copyright 1998-2001 Net Boolean Incorporated.
9 * Portions Copyright 2001-2003 IBM Corporation.
10 * All rights reserved.
12 * Redistribution and use in source and binary forms, with or without
13 * modification, are permitted only as authorized by the OpenLDAP
16 * A copy of this license is available in the file LICENSE in the
17 * top-level directory of the distribution or, alternatively, at
18 * <http://www.OpenLDAP.org/license.html>.
20 /* Portions Copyright (c) 1992-1996 Regents of the University of Michigan.
21 * All rights reserved.
23 * Redistribution and use in source and binary forms are permitted
24 * provided that this notice is preserved and that due credit is given
25 * to the University of Michigan at Ann Arbor. The name of the
26 * University may not be used to endorse or promote products derived
27 * from this software without specific prior written permission. This
28 * software is provided ``as is'' without express or implied warranty.
31 * This work was originally developed by the University of Michigan
32 * (as part of U-MICH LDAP). Additional significant contributors
43 #include <ac/stdlib.h>
45 #include <ac/string.h>
46 #include <ac/unistd.h>
47 #include <ac/socket.h>
50 #ifdef HAVE_SYS_STAT_H
54 #ifdef HAVE_SYS_FILE_H
64 #include "lutil_ldap.h"
66 #include "ldap_defaults.h"
73 static char *rejfile = NULL;
74 static LDAP *ld = NULL;
76 static int process_ldif_rec LDAP_P(( char *rbuf, unsigned long lineno ));
77 static int domodify LDAP_P((
78 const struct berval *dn,
82 static int dodelete LDAP_P((
83 const struct berval *dn,
84 LDAPControl **pctrls ));
85 static int dorename LDAP_P((
86 const struct berval *dn,
87 const struct berval *newrdn,
88 const struct berval *newsup,
90 LDAPControl **pctrls ));
91 static int process_response(
95 const struct berval *dn );
99 static int txnabort = 0;
100 struct berval *txn_id = NULL;
106 fprintf( stderr, _("Add or modify entries from an LDAP server\n\n"));
107 fprintf( stderr, _("usage: %s [options]\n"), prog);
108 fprintf( stderr, _(" The list of desired operations are read from stdin"
109 " or from the file\n"));
110 fprintf( stderr, _(" specified by \"-f file\".\n"));
111 fprintf( stderr, _("Add or modify options:\n"));
112 fprintf( stderr, _(" -a add values (%s)\n"),
113 (ldapadd ? _("default") : _("default is to replace")));
114 fprintf( stderr, _(" -c continuous operation mode (do not stop on errors)\n"));
115 fprintf( stderr, _(" -E [!]ext=extparam modify extensions"
116 " (! indicate s criticality)\n"));
117 fprintf( stderr, _(" -f file read operations from `file'\n"));
118 fprintf( stderr, _(" -M enable Manage DSA IT control (-MM to make critical)\n"));
119 fprintf( stderr, _(" -P version protocol version (default: 3)\n"));
122 _(" [!]txn=<commit|abort> (transaction)\n"));
124 fprintf( stderr, _(" -S file write skipped modifications to `file'\n"));
127 exit( EXIT_FAILURE );
131 const char options[] = "aE:rS:"
132 "cd:D:e:f:h:H:IMnNO:o:p:P:QR:U:vVw:WxX:y:Y:Z";
135 handle_private_option( int i )
137 char *control, *cvalue;
141 case 'E': /* modify extensions */
142 if( protocol == LDAP_VERSION2 ) {
143 fprintf( stderr, _("%s: -E incompatible with LDAPv%d\n"),
145 exit( EXIT_FAILURE );
148 /* should be extended to support comma separated list of
149 * [!]key[=value] parameters, e.g. -E !foo,bar=567
154 if( optarg[0] == '!' ) {
159 control = ber_strdup( optarg );
160 if ( (cvalue = strchr( control, '=' )) != NULL ) {
165 if( strcasecmp( control, "txn" ) == 0 ) {
169 _("txn control previously specified\n"));
170 exit( EXIT_FAILURE );
172 if( cvalue != NULL ) {
173 if( strcasecmp( cvalue, "abort" ) == 0 ) {
175 } else if( strcasecmp( cvalue, "commit" ) != 0 ) {
176 fprintf( stderr, _("Invalid value for txn control, %s\n"),
178 exit( EXIT_FAILURE );
186 fprintf( stderr, _("Invalid modify extension name: %s\n"),
196 case 'r': /* replace (obsolete) */
199 case 'S': /* skipped modifications to file */
200 if( rejfile != NULL ) {
201 fprintf( stderr, _("%s: -S previously specified\n"), prog );
202 exit( EXIT_FAILURE );
204 rejfile = ber_strdup( optarg );
215 main( int argc, char **argv )
217 char *rbuf = NULL, *rejbuf = NULL;
219 struct LDIFFP *ldiffp = NULL, ldifdummy = {0};
220 char *matched_msg, *error_msg;
221 int rc, retval, ldifrc;
224 unsigned long lineno, nextline = 0;
227 prog = lutil_progname( "ldapmodify", argc, argv );
229 /* strncmp instead of strcmp since NT binaries carry .exe extension */
230 ldapadd = ( strncasecmp( prog, "ldapadd", sizeof("ldapadd")-1 ) == 0 );
232 tool_init( ldapadd ? TOOL_ADD : TOOL_MODIFY );
234 tool_args( argc, argv );
236 if ( argc != optind ) usage();
238 if ( rejfile != NULL ) {
239 if (( rejfp = fopen( rejfile, "w" )) == NULL ) {
241 retval = EXIT_FAILURE;
248 if ( infile != NULL ) {
249 if (( ldiffp = ldif_open( infile, "r" )) == NULL ) {
251 retval = EXIT_FAILURE;
255 ldifdummy.fp = stdin;
259 if ( debug ) ldif_debug = debug;
261 ld = tool_conn_setup( dont, 0 );
269 /* start transaction */
270 rc = ldap_txn_start_s( ld, NULL, NULL, &txn_id );
271 if( rc != LDAP_SUCCESS ) {
272 tool_perror( "ldap_txn_start_s", rc, NULL, NULL, NULL, NULL );
274 retval = EXIT_FAILURE;
290 c[i].ldctl_oid = LDAP_CONTROL_X_TXN_SPEC;
291 c[i].ldctl_value = *txn_id;
292 c[i].ldctl_iscritical = 1;
298 tool_server_controls( ld, c, i );
303 while (( rc == 0 || contoper ) && ( ldifrc = ldif_read_record( ldiffp, &nextline,
304 &rbuf, &lmax )) > 0 )
307 len = strlen( rbuf );
308 if (( rejbuf = (char *)ber_memalloc( len+1 )) == NULL ) {
310 retval = EXIT_FAILURE;
313 memcpy( rejbuf, rbuf, len+1 );
316 rc = process_ldif_rec( rbuf, lineno );
319 if ( rc ) retval = rc;
321 fprintf(rejfp, _("# Error: %s (%d)"), ldap_err2string(rc), rc);
324 ldap_get_option(ld, LDAP_OPT_MATCHED_DN, &matched_msg);
325 if ( matched_msg != NULL ) {
326 if ( *matched_msg != '\0' ) {
327 fprintf( rejfp, _(", matched DN: %s"), matched_msg );
329 ldap_memfree( matched_msg );
333 ldap_get_option(ld, LDAP_OPT_DIAGNOSTIC_MESSAGE, &error_msg);
334 if ( error_msg != NULL ) {
335 if ( *error_msg != '\0' ) {
336 fprintf( rejfp, _(", additional info: %s"), error_msg );
338 ldap_memfree( error_msg );
340 fprintf( rejfp, "\n%s\n", rejbuf );
343 if (rejfp) ber_memfree( rejbuf );
351 if( retval == 0 && txn ) {
352 rc = ldap_set_option( ld, LDAP_OPT_SERVER_CONTROLS, NULL );
353 if ( rc != LDAP_OPT_SUCCESS ) {
354 fprintf( stderr, "Could not unset controls for ldap_txn_end\n");
357 /* create transaction */
358 rc = ldap_txn_end_s( ld, !txnabort, txn_id, NULL, NULL, NULL );
359 if( rc != LDAP_SUCCESS ) {
360 tool_perror( "ldap_txn_end_s", rc, NULL, NULL, NULL, NULL );
367 if ( rejfp != NULL ) {
371 if ( ldiffp != NULL && ldiffp != &ldifdummy ) {
372 ldif_close( ldiffp );
375 tool_exit( ld, retval );
380 process_ldif_rec( char *rbuf, unsigned long linenum )
383 int lrflags = ldapadd ? LDIF_DEFAULT_ADD : 0;
385 struct berval rbuf_bv;
388 if ( getenv( "LDIF_ENTRIES_ONLY" ) ) {
389 lrflags |= LDIF_ENTRIES_ONLY;
391 if ( getenv( "LDIF_NO_CONTROLS" ) ) {
392 lrflags |= LDIF_NO_CONTROLS;
394 #endif /* TEST_LDIF_API */
396 rbuf_bv.bv_val = rbuf;
397 rbuf_bv.bv_len = 0; /* not used */
398 rc = ldap_parse_ldif_record( &rbuf_bv, linenum, &lr, prog, lrflags );
400 /* If default controls are set (as with -M option) and controls are
401 specified in the LDIF file, we must add the default controls to
402 the list of controls sent with the ldap operation.
406 LDAPControl **defctrls = NULL; /* Default server controls */
407 LDAPControl **newctrls = NULL;
408 ldap_get_option(ld, LDAP_OPT_SERVER_CONTROLS, &defctrls);
410 int npc=0; /* Num of LDIF controls */
411 int ndefc=0; /* Num of default controls */
412 while (lr.lr_ctrls[npc]) npc++; /* Count LDIF controls */
413 while (defctrls[ndefc]) ndefc++; /* Count default controls */
414 newctrls = ber_memrealloc(lr.lr_ctrls,
415 (npc+ndefc+1)*sizeof(LDAPControl*));
417 if (newctrls == NULL) {
421 lr.lr_ctrls = newctrls;
422 for (i=npc; i<npc+ndefc; i++) {
423 lr.lr_ctrls[i] = ldap_control_dup(defctrls[i-npc]);
424 if (lr.lr_ctrls[i] == NULL) {
429 lr.lr_ctrls[npc+ndefc] = NULL;
431 ldap_controls_free(defctrls); /* Must be freed by library */
437 if ( LDAP_REQ_DELETE == lr.lr_op ) {
438 rc = dodelete( &lr.lr_dn, lr.lr_ctrls );
439 } else if ( LDAP_REQ_RENAME == lr.lr_op ) {
440 rc = dorename( &lr.lr_dn, &lr.lrop_newrdn, &lr.lrop_newsup, lr.lrop_delold, lr.lr_ctrls );
441 } else if ( ( LDAP_REQ_ADD == lr.lr_op ) || ( LDAP_REQ_MODIFY == lr.lr_op ) ) {
442 rc = domodify( &lr.lr_dn, lr.lrop_mods, lr.lr_ctrls, LDAP_REQ_ADD == lr.lr_op );
444 /* record skipped e.g. version: or comment or something we don't handle yet */
447 if ( rc == LDAP_SUCCESS ) {
452 ldap_ldif_record_done( &lr );
460 const struct berval *dn,
462 LDAPControl **pctrls,
465 int rc, i, j, k, notascii, op;
468 if ( ( dn == NULL ) || ( dn->bv_val == NULL ) ) {
469 fprintf( stderr, _("%s: no DN specified\n"), prog );
470 return( LDAP_PARAM_ERROR );
473 if ( pmods == NULL ) {
474 /* implement "touch" (empty sequence)
475 * modify operation (note that there
476 * is no symmetry with the UNIX command,
477 * since \"touch\" on a non-existent entry
479 printf( "warning: no attributes to %sadd (entry=\"%s\")\n",
480 newentry ? "" : "change or ", dn->bv_val );
483 for ( i = 0; pmods[ i ] != NULL; ++i ) {
484 op = pmods[ i ]->mod_op & ~LDAP_MOD_BVALUES;
485 if( op == LDAP_MOD_ADD && ( pmods[i]->mod_bvalues == NULL )) {
487 _("%s: attribute \"%s\" has no values (entry=\"%s\")\n"),
488 prog, pmods[i]->mod_type, dn->bv_val );
489 return LDAP_PARAM_ERROR;
494 for ( i = 0; pmods[ i ] != NULL; ++i ) {
495 op = pmods[ i ]->mod_op & ~LDAP_MOD_BVALUES;
497 op == LDAP_MOD_REPLACE ? _("replace") :
498 op == LDAP_MOD_ADD ? _("add") :
499 op == LDAP_MOD_INCREMENT ? _("increment") :
500 op == LDAP_MOD_DELETE ? _("delete") :
502 pmods[ i ]->mod_type );
504 if ( pmods[ i ]->mod_bvalues != NULL ) {
505 for ( j = 0; pmods[ i ]->mod_bvalues[ j ] != NULL; ++j ) {
506 bvp = pmods[ i ]->mod_bvalues[ j ];
508 for ( k = 0; (unsigned long) k < bvp->bv_len; ++k ) {
509 if ( !isascii( bvp->bv_val[ k ] )) {
515 printf( _("\tNOT ASCII (%ld bytes)\n"), bvp->bv_len );
517 printf( "\t%s\n", bvp->bv_val );
526 printf( "%sadding new entry \"%s\"\n", dont ? "!" : "", dn->bv_val );
528 printf( "%smodifying entry \"%s\"\n", dont ? "!" : "", dn->bv_val );
534 rc = ldap_add_ext( ld, dn->bv_val, pmods, pctrls, NULL, &msgid );
536 rc = ldap_modify_ext( ld, dn->bv_val, pmods, pctrls, NULL, &msgid );
539 if ( rc != LDAP_SUCCESS ) {
540 /* print error message about failed update including DN */
541 fprintf( stderr, _("%s: update failed: %s\n"), prog, dn->bv_val );
542 tool_perror( newentry ? "ldap_add" : "ldap_modify",
543 rc, NULL, NULL, NULL, NULL );
546 rc = process_response( ld, msgid,
547 newentry ? LDAP_RES_ADD : LDAP_RES_MODIFY, dn );
549 if ( verbose && rc == LDAP_SUCCESS ) {
550 printf( _("modify complete\n") );
565 const struct berval *dn,
566 LDAPControl **pctrls )
571 assert( dn != NULL );
572 assert( dn->bv_val != NULL );
573 printf( _("%sdeleting entry \"%s\"\n"), dont ? "!" : "", dn->bv_val );
575 rc = ldap_delete_ext( ld, dn->bv_val, pctrls, NULL, &msgid );
576 if ( rc != LDAP_SUCCESS ) {
577 fprintf( stderr, _("%s: delete failed: %s\n"), prog, dn->bv_val );
578 tool_perror( "ldap_delete", rc, NULL, NULL, NULL, NULL );
581 rc = process_response( ld, msgid, LDAP_RES_DELETE, dn );
583 if ( verbose && rc == LDAP_SUCCESS ) {
584 printf( _("delete complete\n") );
598 const struct berval *dn,
599 const struct berval *newrdn,
600 const struct berval *newsup,
602 LDAPControl **pctrls )
607 assert( dn != NULL );
608 assert( dn->bv_val != NULL );
609 assert( newrdn != NULL );
610 assert( newrdn->bv_val != NULL );
611 printf( _("%smodifying rdn of entry \"%s\"\n"), dont ? "!" : "", dn->bv_val );
613 printf( _("\tnew RDN: \"%s\" (%skeep existing values)\n"),
614 newrdn->bv_val, deleteoldrdn ? _("do not ") : "" );
617 rc = ldap_rename( ld, dn->bv_val, newrdn->bv_val,
618 ( newsup && newsup->bv_val ) ? newsup->bv_val : NULL,
619 deleteoldrdn, pctrls, NULL, &msgid );
620 if ( rc != LDAP_SUCCESS ) {
621 fprintf( stderr, _("%s: rename failed: %s\n"), prog, dn->bv_val );
622 tool_perror( "ldap_rename", rc, NULL, NULL, NULL, NULL );
625 rc = process_response( ld, msgid, LDAP_RES_RENAME, dn );
627 if ( verbose && rc == LDAP_SUCCESS ) {
628 printf( _("rename complete\n") );
644 case LDAP_RES_DELETE:
645 return "ldap_delete";
646 case LDAP_RES_MODIFY:
647 return "ldap_modify";
648 case LDAP_RES_MODRDN:
649 return "ldap_rename";
654 return "ldap_unknown";
657 static int process_response(
661 const struct berval *dn )
664 int rc = LDAP_OTHER, msgtype;
665 struct timeval tv = { 0, 0 };
667 char *text = NULL, *matched = NULL, **refs = NULL;
668 LDAPControl **ctrls = NULL;
670 assert( dn != NULL );
675 rc = ldap_result( ld, msgid, LDAP_MSG_ALL, &tv, &res );
676 if ( tool_check_abandon( ld, msgid ) ) {
677 return LDAP_CANCELLED;
681 ldap_get_option( ld, LDAP_OPT_RESULT_CODE, &rc );
682 tool_perror( "ldap_result", rc, NULL, NULL, NULL, NULL );
691 msgtype = ldap_msgtype( res );
693 rc = ldap_parse_result( ld, res, &err, &matched, &text, &refs, &ctrls, 1 );
694 if ( rc == LDAP_SUCCESS ) rc = err;
697 if ( rc == LDAP_X_TXN_SPECIFY_OKAY ) {
701 if ( rc != LDAP_SUCCESS ) {
702 tool_perror( res2str( op ), rc, NULL, matched, text, refs );
703 } else if ( msgtype != op ) {
704 fprintf( stderr, "%s: msgtype: expected %d got %d\n",
705 res2str( op ), op, msgtype );
709 if ( text ) ldap_memfree( text );
710 if ( matched ) ldap_memfree( matched );
711 if ( refs ) ber_memvfree( (void **)refs );
714 tool_print_ctrls( ld, ctrls );
715 ldap_controls_free( ctrls );
projects / openldap / blob