1 /* slapcommon.c - common routine for the slap tools */
3 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
5 * Copyright 1998-2010 The OpenLDAP Foundation.
6 * Portions Copyright 1998-2003 Kurt D. Zeilenga.
7 * Portions Copyright 2003 IBM Corporation.
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted only as authorized by the OpenLDAP
14 * A copy of this license is available in file LICENSE in the
15 * top-level directory of the distribution or, alternatively, at
16 * <http://www.OpenLDAP.org/license.html>.
19 * This work was initially developed by Kurt Zeilenga for inclusion
20 * in OpenLDAP Software. Additional signficant contributors include
22 * Hallvard B. Furuseth
31 #include <ac/stdlib.h>
33 #include <ac/string.h>
34 #include <ac/socket.h>
35 #include <ac/unistd.h>
37 #include "slapcommon.h"
41 tool_vars tool_globals;
44 static char *leakfilename;
45 static FILE *leakfile;
50 #if defined(LDAP_SYSLOG) && defined(LDAP_DEBUG)
52 static char **syslog_unknowns;
54 static int syslogUser = SLAP_DEFAULT_SYSLOG_USER;
55 #endif /* LOG_LOCAL4 */
56 #endif /* LDAP_DEBUG && LDAP_SYSLOG */
59 usage( int tool, const char *progname )
63 "usage: %s [-v] [-d debuglevel] [-f configfile] [-F configdir] [-o <name>[=<value>]]",
68 options = "\n\t[-U authcID | -D authcDN] [-X authzID | -o authzDN=<DN>]"
69 "\n\t-b DN [-u] [attr[/access][:value]] [...]\n";
73 options = " [-c]\n\t[-g] [-n databasenumber | -b suffix]\n"
74 "\t[-l ldiffile] [-j linenumber] [-q] [-u] [-s] [-w]\n";
78 options = "\n\t[-U authcID] [-X authzID] [-R realm] [-M mech] ID [...]\n";
82 options = " [-c]\n\t[-g] [-n databasenumber | -b suffix]"
83 " [-l ldiffile] [-a filter] [-s subtree] [-H url]\n";
87 options = "\n\t[-N | -P] DN [...]\n";
91 options = " [-c]\n\t[-g] [-n databasenumber | -b suffix] [attr ...] [-q] [-t]\n";
95 options = " [-n databasenumber] [-u]\n";
99 options = " [-c]\n\t[-g] [-n databasenumber | -b suffix]"
100 " [-l errorfile] [-a filter] [-s subtree] [-H url]\n";
104 if ( options != NULL ) {
105 fputs( options, stderr );
107 exit( EXIT_FAILURE );
111 parse_slapopt( void )
116 p = strchr( optarg, '=' );
122 if ( strncasecmp( optarg, "sockurl", len ) == 0 ) {
123 if ( !BER_BVISNULL( &listener_url ) ) {
124 ber_memfree( listener_url.bv_val );
126 ber_str2bv( p, 0, 1, &listener_url );
128 } else if ( strncasecmp( optarg, "domain", len ) == 0 ) {
129 if ( !BER_BVISNULL( &peer_domain ) ) {
130 ber_memfree( peer_domain.bv_val );
132 ber_str2bv( p, 0, 1, &peer_domain );
134 } else if ( strncasecmp( optarg, "peername", len ) == 0 ) {
135 if ( !BER_BVISNULL( &peer_name ) ) {
136 ber_memfree( peer_name.bv_val );
138 ber_str2bv( p, 0, 1, &peer_name );
140 } else if ( strncasecmp( optarg, "sockname", len ) == 0 ) {
141 if ( !BER_BVISNULL( &sock_name ) ) {
142 ber_memfree( sock_name.bv_val );
144 ber_str2bv( p, 0, 1, &sock_name );
146 } else if ( strncasecmp( optarg, "ssf", len ) == 0 ) {
147 if ( lutil_atou( &ssf, p ) ) {
148 Debug( LDAP_DEBUG_ANY, "unable to parse ssf=\"%s\".\n", p, 0, 0 );
152 } else if ( strncasecmp( optarg, "transport_ssf", len ) == 0 ) {
153 if ( lutil_atou( &transport_ssf, p ) ) {
154 Debug( LDAP_DEBUG_ANY, "unable to parse transport_ssf=\"%s\".\n", p, 0, 0 );
158 } else if ( strncasecmp( optarg, "tls_ssf", len ) == 0 ) {
159 if ( lutil_atou( &tls_ssf, p ) ) {
160 Debug( LDAP_DEBUG_ANY, "unable to parse tls_ssf=\"%s\".\n", p, 0, 0 );
164 } else if ( strncasecmp( optarg, "sasl_ssf", len ) == 0 ) {
165 if ( lutil_atou( &sasl_ssf, p ) ) {
166 Debug( LDAP_DEBUG_ANY, "unable to parse sasl_ssf=\"%s\".\n", p, 0, 0 );
170 } else if ( strncasecmp( optarg, "authzDN", len ) == 0 ) {
171 ber_str2bv( p, 0, 1, &authzDN );
173 #if defined(LDAP_SYSLOG) && defined(LDAP_DEBUG)
174 } else if ( strncasecmp( optarg, "syslog", len ) == 0 ) {
175 if ( parse_debug_level( p, &ldap_syslog, &syslog_unknowns ) ) {
180 } else if ( strncasecmp( optarg, "syslog-level", len ) == 0 ) {
181 if ( parse_syslog_level( p, &ldap_syslog_level ) ) {
187 } else if ( strncasecmp( optarg, "syslog-user", len ) == 0 ) {
188 if ( parse_syslog_user( p, &syslogUser ) ) {
192 #endif /* LOG_LOCAL4 */
193 #endif /* LDAP_DEBUG && LDAP_SYSLOG */
203 * slap_tool_init - initialize slap utility, handle program options.
207 * argc, argv command line arguments
210 static int need_shutdown;
214 const char* progname,
216 int argc, char **argv )
219 char *conffile = NULL;
220 char *confdir = NULL;
221 struct berval base = BER_BVNULL;
222 char *filterstr = NULL;
223 char *subtree = NULL;
224 char *ldiffile = NULL;
225 char **debug_unknowns = NULL;
227 int mode = SLAP_TOOL_MODE;
228 int truncatemode = 0;
233 /* tools default to "none", so that at least LDAP_DEBUG_ANY
234 * messages show up; use -d 0 to reset */
235 slap_debug = LDAP_DEBUG_NONE;
236 ldif_debug = slap_debug;
241 leakfilename = malloc( strlen( progname ) + STRLENOF( ".leak" ) + 1 );
242 sprintf( leakfilename, "%s.leak", progname );
243 if( ( leakfile = fopen( leakfilename, "w" )) == NULL ) {
246 free( leakfilename );
250 scope = LDAP_SCOPE_DEFAULT;
254 options = "b:cd:f:F:gj:l:n:o:qsS:uvw";
258 options = "a:b:cd:f:F:gH:l:n:o:s:v";
259 mode |= SLAP_TOOL_READMAIN | SLAP_TOOL_READONLY;
263 options = "d:f:F:No:Pv";
264 mode |= SLAP_TOOL_READMAIN | SLAP_TOOL_READONLY;
268 options = "b:cd:f:F:gj:l:n:o:qsS:uvw";
272 options = "a:b:cd:f:F:gH:l:n:o:s:v";
273 mode |= SLAP_TOOL_READMAIN | SLAP_TOOL_READONLY;
277 options = "d:f:F:n:o:Quv";
278 mode |= SLAP_TOOL_READMAIN | SLAP_TOOL_READONLY;
282 options = "d:f:F:M:o:R:U:vX:";
283 mode |= SLAP_TOOL_READMAIN | SLAP_TOOL_READONLY;
287 options = "b:cd:f:F:gn:o:qtv";
288 mode |= SLAP_TOOL_READMAIN;
292 options = "b:D:d:f:F:o:uU:vX:";
293 mode |= SLAP_TOOL_READMAIN | SLAP_TOOL_READONLY;
297 fprintf( stderr, "%s: unknown tool mode (%d)\n", progname, tool );
298 exit( EXIT_FAILURE );
302 while ( (i = getopt( argc, argv, options )) != EOF ) {
305 filterstr = ch_strdup( optarg );
309 ber_str2bv( optarg, 0, 1, &base );
312 case 'c': /* enable continue mode */
316 case 'd': { /* turn on debugging */
319 if ( parse_debug_level( optarg, &level, &debug_unknowns ) ) {
320 usage( tool, progname );
324 /* allow to reset log level */
332 fputs( "must compile with LDAP_DEBUG for debugging\n",
338 ber_str2bv( optarg, 0, 1, &authcDN );
341 case 'f': /* specify a conf file */
342 conffile = ch_strdup( optarg );
345 case 'F': /* specify a conf dir */
346 confdir = ch_strdup( optarg );
349 case 'g': /* disable subordinate glue */
357 rc = ldap_url_parse_ext( optarg, &ludp,
358 LDAP_PVT_URL_PARSE_NOEMPTY_HOST | LDAP_PVT_URL_PARSE_NOEMPTY_DN );
359 if ( rc != LDAP_URL_SUCCESS ) {
360 usage( tool, progname );
363 /* don't accept host, port, attrs, extensions */
364 if ( ldap_pvt_url_scheme2proto( ludp->lud_scheme ) != LDAP_PROTO_TCP ) {
365 usage( tool, progname );
368 if ( ludp->lud_host != NULL ) {
369 usage( tool, progname );
372 if ( ludp->lud_port != 0 ) {
373 usage( tool, progname );
376 if ( ludp->lud_attrs != NULL ) {
377 usage( tool, progname );
380 if ( ludp->lud_exts != NULL ) {
381 usage( tool, progname );
384 if ( ludp->lud_dn != NULL && ludp->lud_dn[0] != '\0' ) {
385 subtree = ludp->lud_dn;
389 if ( ludp->lud_filter != NULL && ludp->lud_filter[0] != '\0' ) {
390 filterstr = ludp->lud_filter;
391 ludp->lud_filter = NULL;
394 scope = ludp->lud_scope;
396 ldap_free_urldesc( ludp );
399 case 'j': /* jump to linenumber */
400 if ( lutil_atoi( &jumpline, optarg ) ) {
401 usage( tool, progname );
405 case 'l': /* LDIF file */
406 ldiffile = ch_strdup( optarg );
410 ber_str2bv( optarg, 0, 0, &mech );
414 if ( dn_mode && dn_mode != SLAP_TOOL_LDAPDN_NORMAL ) {
415 usage( tool, progname );
417 dn_mode = SLAP_TOOL_LDAPDN_NORMAL;
420 case 'n': /* which config file db to index */
421 if ( lutil_atoi( &dbnum, optarg ) || dbnum < 0 ) {
422 usage( tool, progname );
427 if ( parse_slapopt() ) {
428 usage( tool, progname );
433 if ( dn_mode && dn_mode != SLAP_TOOL_LDAPDN_PRETTY ) {
434 usage( tool, progname );
436 dn_mode = SLAP_TOOL_LDAPDN_PRETTY;
444 case 'q': /* turn on quick */
445 mode |= SLAP_TOOL_QUICK;
453 if ( lutil_atou( &csnsid, optarg )
454 || csnsid > SLAP_SYNC_SID_MAX )
456 usage( tool, progname );
460 case 's': /* dump subtree */
461 if ( tool == SLAPADD )
462 mode |= SLAP_TOOL_NO_SCHEMA_CHECK;
463 else if ( tool == SLAPCAT || tool == SLAPSCHEMA )
464 subtree = ch_strdup( optarg );
467 case 't': /* turn on truncate */
469 mode |= SLAP_TRUNCATE_MODE;
473 ber_str2bv( optarg, 0, 0, &authcID );
476 case 'u': /* dry run */
480 case 'v': /* turn on verbose */
484 case 'w': /* write context csn at the end */
489 ber_str2bv( optarg, 0, 0, &authzID );
493 usage( tool, progname );
498 #if defined(LDAP_SYSLOG) && defined(LDAP_DEBUG)
499 if ( start_syslog ) {
502 logName = ch_strdup( progname );
505 logName = (char *)progname;
509 openlog( logName, OPENLOG_OPTIONS, syslogUser );
510 #elif defined LOG_DEBUG
511 openlog( logName, OPENLOG_OPTIONS );
518 #endif /* LDAP_DEBUG && LDAP_SYSLOG */
536 if ( ( argc != optind ) || (dbnum >= 0 && base.bv_val != NULL ) ) {
537 usage( tool, progname );
543 if ( dbnum >= 0 && base.bv_val != NULL ) {
544 usage( tool, progname );
550 if ( argc == optind ) {
551 usage( tool, progname );
556 if ( argc == optind && BER_BVISNULL( &authcID ) ) {
557 usage( tool, progname );
562 if ( argc != optind ) {
563 usage( tool, progname );
568 if ( !BER_BVISNULL( &authcDN ) && !BER_BVISNULL( &authcID ) ) {
569 usage( tool, progname );
571 if ( BER_BVISNULL( &base ) ) {
572 usage( tool, progname );
574 ber_dupbv( &baseDN, &base );
581 if ( ldiffile == NULL ) {
582 dummy.fp = writer ? stdout : stdin;
585 } else if ((ldiffp = ldif_open( ldiffile, writer ? "w" : "r" ))
589 exit( EXIT_FAILURE );
593 * initialize stuff and figure out which backend we're dealing with
596 rc = slap_init( mode, progname );
598 fprintf( stderr, "%s: slap_init failed!\n", progname );
599 exit( EXIT_FAILURE );
602 rc = read_config( conffile, confdir );
605 fprintf( stderr, "%s: bad configuration %s!\n",
606 progname, confdir ? "directory" : "file" );
607 exit( EXIT_FAILURE );
610 if ( debug_unknowns ) {
611 rc = parse_debug_unknowns( debug_unknowns, &slap_debug );
612 ldap_charray_free( debug_unknowns );
613 debug_unknowns = NULL;
615 exit( EXIT_FAILURE );
618 #if defined(LDAP_SYSLOG) && defined(LDAP_DEBUG)
619 if ( syslog_unknowns ) {
620 rc = parse_debug_unknowns( syslog_unknowns, &ldap_syslog );
621 ldap_charray_free( syslog_unknowns );
622 syslog_unknowns = NULL;
624 exit( EXIT_FAILURE );
637 fprintf( stderr, "No databases found "
638 "in config file\n" );
639 exit( EXIT_FAILURE );
648 rc = glue_sub_attach( 0 );
652 "%s: subordinate configuration error\n", progname );
653 exit( EXIT_FAILURE );
657 rc = slap_schema_check();
660 fprintf( stderr, "%s: slap_schema_prep failed!\n", progname );
661 exit( EXIT_FAILURE );
679 filter = str2filter( filterstr );
681 if( filter == NULL ) {
682 fprintf( stderr, "Invalid filter '%s'\n", filterstr );
683 exit( EXIT_FAILURE );
686 ch_free( filterstr );
692 ber_str2bv( subtree, 0, 0, &val );
693 rc = dnNormalize( 0, NULL, NULL, &val, &sub_ndn, NULL );
694 if( rc != LDAP_SUCCESS ) {
695 fprintf( stderr, "Invalid subtree DN '%s'\n", subtree );
696 exit( EXIT_FAILURE );
699 if ( BER_BVISNULL( &base ) && dbnum == -1 ) {
707 if( base.bv_val != NULL ) {
710 rc = dnNormalize( 0, NULL, NULL, &base, &nbase, NULL );
711 if( rc != LDAP_SUCCESS ) {
712 fprintf( stderr, "%s: slap_init invalid suffix (\"%s\")\n",
713 progname, base.bv_val );
714 exit( EXIT_FAILURE );
717 be = select_backend( &nbase, 0 );
718 ber_memfree( nbase.bv_val );
719 BER_BVZERO( &nbase );
730 fprintf( stderr, "%s: slap_init no backend for \"%s\"\n",
731 progname, base.bv_val );
732 exit( EXIT_FAILURE );
734 /* If the named base is a glue master, operate on the
737 if ( SLAP_GLUE_INSTANCE( be ) ) {
741 ch_free( base.bv_val );
744 } else if ( dbnum == -1 ) {
745 /* no suffix and no dbnum specified, just default to
746 * the first available database
748 if ( nbackends <= 0 ) {
749 fprintf( stderr, "No available databases\n" );
750 exit( EXIT_FAILURE );
752 LDAP_STAILQ_FOREACH( be, &backendDB, be_next ) {
755 /* db #0 is cn=config, don't select it as a default */
756 if ( dbnum < 1 ) continue;
758 if ( SLAP_MONITOR(be))
761 /* If just doing the first by default and it is a
762 * glue subordinate, find the master.
764 if ( SLAP_GLUE_SUBORDINATE(be) ) {
772 fprintf( stderr, "Available database(s) "
773 "do not allow %s\n", progname );
774 exit( EXIT_FAILURE );
777 if ( nosubordinates == 0 && dbnum > 1 ) {
778 Debug( LDAP_DEBUG_ANY,
779 "The first database does not allow %s;"
780 " using the first available one (%d)\n",
781 progname, dbnum, 0 );
784 } else if ( dbnum >= nbackends ) {
786 "Database number selected via -n is out of range\n"
787 "Must be in the range 0 to %d"
788 " (the number of configured databases)\n",
790 exit( EXIT_FAILURE );
794 LDAP_STAILQ_FOREACH( be, &backendDB, be_next ) {
795 if ( dbnum == 0 ) break;
800 if ( scope != LDAP_SCOPE_DEFAULT && BER_BVISNULL( &sub_ndn ) ) {
801 if ( be && be->be_nsuffix ) {
802 ber_dupbv( &sub_ndn, be->be_nsuffix );
806 "<scope> needs a DN or a valid database\n" );
807 exit( EXIT_FAILURE );
816 LDAP_STAILQ_FOREACH( bdtmp, &backendDB, be_next ) {
817 if ( bdtmp == be ) break;
826 if ( conffile != NULL ) {
831 if ( confdir != NULL ) {
836 if ( ldiffile != NULL ) {
841 /* slapdn doesn't specify a backend to startup */
842 if ( !dryrun && tool != SLAPDN ) {
845 if ( slap_startup( be ) ) {
848 fprintf( stderr, "slap_startup failed "
849 "(test would succeed using "
850 "the -u switch)\n" );
854 fprintf( stderr, "slap_startup failed\n" );
858 exit( EXIT_FAILURE );
863 int slap_tool_destroy( void )
867 if ( need_shutdown ) {
868 if ( slap_shutdown( be ))
875 if ( slapMode == SLAP_SERVER_MODE ) {
876 /* always false. just pulls in necessary symbol references. */
877 lutil_uuidstr(NULL, 0);
883 ldap_pvt_tls_destroy();
888 mal_dumpleaktrace( leakfile );
891 if ( !BER_BVISNULL( &authcDN ) ) {
892 ch_free( authcDN.bv_val );
893 BER_BVZERO( &authcDN );
896 if ( ldiffp && ldiffp != &dummy ) {
897 ldif_close( ldiffp );