19 fprintf( stderr, "usage: %s [options] filter [attributes...]\nwhere:\n", s );
20 fprintf( stderr, " filter\tRFC-1558 compliant LDAP search filter\n" );
21 fprintf( stderr, " attributes\twhitespace-separated list of attributes to retrieve\n" );
22 fprintf( stderr, "\t\t(if no attribute list is given, all are retrieved)\n" );
23 fprintf( stderr, "options:\n" );
24 fprintf( stderr, " -n\t\tshow what would be done but don't actually search\n" );
25 fprintf( stderr, " -v\t\trun in verbose mode (diagnostics to standard output)\n" );
26 fprintf( stderr, " -t\t\twrite values to files in /tmp\n" );
27 fprintf( stderr, " -u\t\tinclude User Friendly entry names in the output\n" );
28 fprintf( stderr, " -A\t\tretrieve attribute names only (no values)\n" );
29 fprintf( stderr, " -B\t\tdo not suppress printing of non-ASCII values\n" );
30 fprintf( stderr, " -L\t\tprint entries in LDIF format (-B is implied)\n" );
31 #ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_REFERRALS
32 fprintf( stderr, " -R\t\tdo not automatically follow referrals\n" );
33 #endif /* LDAP_API_FEATURE_X_OPENLDAP_V2_REFERRALS */
34 fprintf( stderr, " -d level\tset LDAP debugging level to `level'\n" );
35 fprintf( stderr, " -F sep\tprint `sep' instead of `=' between attribute names and values\n" );
36 fprintf( stderr, " -S attr\tsort the results by attribute `attr'\n" );
37 fprintf( stderr, " -f file\tperform sequence of searches listed in `file'\n" );
38 fprintf( stderr, " -b basedn\tbase dn for search\n" );
39 fprintf( stderr, " -s scope\tone of base, one, or sub (search scope)\n" );
40 fprintf( stderr, " -a deref\tone of never, always, search, or find (alias dereferencing)\n" );
41 fprintf( stderr, " -l time lim\ttime limit (in seconds) for search\n" );
42 fprintf( stderr, " -z size lim\tsize limit (in entries) for search\n" );
43 fprintf( stderr, " -D binddn\tbind dn\n" );
44 fprintf( stderr, " -W \t\tprompt for bind passwd\n" );
45 fprintf( stderr, " -w passwd\tbind passwd (for simple authentication)\n" );
47 fprintf( stderr, " -k\t\tuse Kerberos instead of Simple Password authentication\n" );
48 fprintf( stderr, " -K\t\tuse Kerberos step 1\n" );
50 fprintf( stderr, " -h host\tldap server\n" );
51 fprintf( stderr, " -p port\tport on ldap server\n" );
55 static void print_entry LDAP_P((
60 static int write_ldif_value LDAP_P((
63 unsigned long vallen ));
65 static int dosearch LDAP_P((
74 static int skipsortattr = 0;
75 static int verbose, not, includeufn, allow_binary, vals2tmp, ldif;
76 static char *sortattr = NULL;
77 static char *sep = DEFSEP;
80 main(int argc, char **argv)
85 char *filtpattern, **attrs, line[ BUFSIZ ];
89 char *ldaphost = NULL;
90 int rc, i, first, deref, attrsonly;
91 int referrals, timelimit, sizelimit, want_passwd;
92 int authmethod = LDAP_AUTH_SIMPLE;
93 int scope = LDAP_SCOPE_SUBTREE;
94 int ldapport = LDAP_PORT;
96 deref = verbose = allow_binary = not = vals2tmp =
97 attrsonly = ldif = want_passwd = 0;
98 referrals = (int)LDAP_OPT_ON;
99 sizelimit = timelimit = 0;
101 while ((i = getopt(argc, argv, "Aa:Bb:D:d:h:f:F:KkLl:np:RS:s:tuvWw:z:")) != EOF)
105 case 'A': /* retrieve attribute names only -- no values */
109 case 'a': /* set alias deref option */
110 if (strncasecmp(optarg, "never", 5) == 0) {
111 deref = LDAP_DEREF_NEVER;
112 } else if (strncasecmp( optarg, "search", 5) == 0) {
113 deref = LDAP_DEREF_SEARCHING;
114 } else if (strncasecmp( optarg, "find", 4) == 0) {
115 deref = LDAP_DEREF_FINDING;
116 } else if (strncasecmp( optarg, "always", 6) == 0) {
117 deref = LDAP_DEREF_ALWAYS;
119 fprintf( stderr, "alias deref should be never, search, find, or always\n" );
124 case 'L': /* print entries in LDIF format */
126 /* fall through -- always allow binary when outputting LDIF */
127 case 'B': /* allow binary values to be printed */
131 case 'b': /* searchbase */
132 base = strdup( optarg );
135 case 'D': /* bind DN */
136 binddn = strdup( optarg );
141 ldap_debug = lber_debug = atoi( optarg ); /* */
142 #else /* LDAP_DEBUG */
143 fprintf( stderr, "compile with -DLDAP_DEBUG for debugging\n" );
144 #endif /* LDAP_DEBUG */
147 case 'F': /* field separator */
148 sep = strdup( optarg );
151 case 'f': /* input file */
152 infile = strdup( optarg );
155 case 'h': /* ldap host */
156 ldaphost = strdup( optarg );
159 case 'K': /* use kerberos bind, 1st part only */
161 authmethod = LDAP_AUTH_KRBV41;
163 fprintf(stderr, "%s was not compiled with Kerberos support\n", argv[0]);
167 case 'k': /* use kerberos bind */
169 authmethod = LDAP_AUTH_KRBV4;
171 fprintf(stderr, "%s was not compiled with Kerberos support\n", argv[0]);
175 case 'l': /* time limit */
176 timelimit = atoi( optarg );
179 case 'n': /* do Not do any searches */
183 case 'p': /* ldap port */
184 ldapport = atoi( optarg );
187 case 'R': /* don't automatically chase referrals */
188 referrals = (int) LDAP_OPT_OFF;
191 case 'S': /* sort attribute */
192 sortattr = strdup( optarg );
195 case 's': /* search scope */
196 if ( strncasecmp( optarg, "base", 4 ) == 0 ) {
197 scope = LDAP_SCOPE_BASE;
198 } else if ( strncasecmp( optarg, "one", 3 ) == 0 ) {
199 scope = LDAP_SCOPE_ONELEVEL;
200 } else if ( strncasecmp( optarg, "sub", 3 ) == 0 ) {
201 scope = LDAP_SCOPE_SUBTREE;
203 fprintf( stderr, "scope should be base, one, or sub\n" );
208 case 't': /* write attribute values to /tmp files */
212 case 'u': /* include UFN */
216 case 'v': /* verbose mode */
224 case 'w': /* bind password */
225 passwd = strdup( optarg );
228 case 'z': /* size limit */
229 sizelimit = atoi( optarg );
237 if ( argc - optind < 1 ) {
240 filtpattern = strdup( argv[ optind ] );
241 if ( argv[ optind + 1 ] == NULL ) {
243 } else if ( sortattr == NULL || *sortattr == '\0' ) {
244 attrs = &argv[ optind + 1 ];
246 for ( i = optind + 1; i < argc; i++ ) {
247 if ( strcasecmp( argv[ i ], sortattr ) == 0 ) {
253 argv[ optind ] = sortattr;
257 attrs = &argv[ optind ];
260 if (want_passwd && !passwd)
261 passwd = strdup(getpass("Enter LDAP password: "));
263 if ( infile != NULL ) {
264 if ( infile[0] == '-' && infile[1] == '\0' ) {
266 } else if ((fp = fopen(infile, "r")) == NULL) {
273 printf("ldap_open(%s, %d)\n", ldaphost, ldapport);
275 if ((ld = ldap_open(ldaphost, ldapport)) == NULL) {
280 if (ldap_set_option(ld, LDAP_OPT_DEREF, (void *)&deref) == -1 ) {
281 /* set option error */
283 if (ldap_set_option(ld, LDAP_OPT_TIMELIMIT, (void *)&timelimit) == -1 ) {
284 /* set option error */
286 if (ldap_set_option(ld, LDAP_OPT_SIZELIMIT, (void *)&sizelimit) == -1 ) {
287 /* set option error */
289 if (ldap_set_option(ld, LDAP_OPT_REFERRALS, (void *)referrals) == -1 ) {
290 /* set option error */
293 if ( ldap_bind_s( ld, binddn, passwd, authmethod ) != LDAP_SUCCESS ) {
294 ldap_perror( ld, "ldap_bind" );
299 printf( "filter pattern: %s\nreturning: ", filtpattern );
300 if ( attrs == NULL ) {
303 for ( i = 0; attrs[ i ] != NULL; ++i ) {
304 printf( "%s ", attrs[ i ] );
310 if ( infile == NULL ) {
311 rc = dosearch( ld, base, scope, attrs, attrsonly, filtpattern, "" );
315 while ( rc == 0 && fgets( line, sizeof( line ), fp ) != NULL ) {
316 line[ strlen( line ) - 1 ] = '\0';
322 rc = dosearch( ld, base, scope, attrs, attrsonly, filtpattern,
347 char filter[ BUFSIZ ];
348 int rc, first, matches;
349 LDAPMessage *res, *e;
351 sprintf( filter, filtpatt, value );
354 printf( "filter is: (%s)\n", filter );
358 return( LDAP_SUCCESS );
361 if ( ldap_search( ld, base, scope, filter, attrs, attrsonly ) == -1 ) {
363 ldap_perror( ld, "ldap_search" );
365 ldap_get_option(ld, LDAP_OPT_ERROR_NUMBER, &ld_errno);
371 while ( (rc = ldap_result( ld, LDAP_RES_ANY, sortattr ? 1 : 0, NULL, &res ))
372 == LDAP_RES_SEARCH_ENTRY ) {
374 e = ldap_first_entry( ld, res );
380 print_entry( ld, e, attrsonly );
384 ldap_perror( ld, "ldap_result" );
387 if (( rc = ldap_result2error( ld, res, 0 )) != LDAP_SUCCESS ) {
388 ldap_perror( ld, "ldap_search" );
390 if ( sortattr != NULL ) {
391 (void) ldap_sort_entries( ld, &res,
392 ( *sortattr == '\0' ) ? NULL : sortattr, strcasecmp );
395 for ( e = ldap_first_entry( ld, res ); e != NULLMSG;
396 e = ldap_next_entry( ld, e ) ) {
403 print_entry( ld, e, attrsonly );
408 printf( "%d matches\n", matches );
421 char *a, *dn, *ufn, tmpfname[ 64 ];
424 struct berval **bvals;
427 dn = ldap_get_dn( ld, entry );
429 write_ldif_value( "dn", dn, strlen( dn ));
431 printf( "%s\n", dn );
434 ufn = ldap_dn2ufn( dn );
436 write_ldif_value( "ufn", ufn, strlen( ufn ));
438 printf( "%s\n", ufn );
444 for ( a = ldap_first_attribute( ld, entry, &ber ); a != NULL;
445 a = ldap_next_attribute( ld, entry, ber ) ) {
446 if ( skipsortattr && strcasecmp( a, sortattr ) == 0 ) {
451 write_ldif_value( a, "", 0 );
455 } else if (( bvals = ldap_get_values_len( ld, entry, a )) != NULL ) {
456 for ( i = 0; bvals[i] != NULL; i++ ) {
458 sprintf( tmpfname, "/tmp/ldapsearch-%s-XXXXXX", a );
461 if ( mktemp( tmpfname ) == NULL ) {
463 } else if (( tmpfp = fopen( tmpfname, "w")) == NULL ) {
465 } else if ( fwrite( bvals[ i ]->bv_val,
466 bvals[ i ]->bv_len, 1, tmpfp ) == 0 ) {
469 write_ldif_value( a, tmpfname, strlen( tmpfname ));
471 printf( "%s%s%s\n", a, sep, tmpfname );
474 if ( tmpfp != NULL ) {
479 if ( !allow_binary ) {
480 for ( j = 0; (unsigned long) j < bvals[ i ]->bv_len; ++j ) {
481 if ( !isascii( bvals[ i ]->bv_val[ j ] )) {
489 write_ldif_value( a, bvals[ i ]->bv_val,
490 bvals[ i ]->bv_len );
492 printf( "%s%s%s\n", a, sep,
493 notascii ? "NOT ASCII" : bvals[ i ]->bv_val );
497 ber_bvecfree( bvals );
504 write_ldif_value( char *type, char *value, unsigned long vallen )
508 if (( ldif = ldif_type_and_value( type, value, (int)vallen )) == NULL ) {
512 fputs( ldif, stdout );