+ if ( verbose ) {
+ fprintf( stderr, "ldap_initialize( %s )\n",
+ ldapuri != NULL ? ldapuri : "<DEFAULT>" );
+ }
+ (void) ldap_initialize( &ld, ldapuri );
+ }
+
+ if( ld == NULL ) {
+ fprintf( stderr, "Could not create LDAP session handle (%d): %s\n",
+ rc, ldap_err2string(rc) );
+ return EXIT_FAILURE;
+ }
+
+ if (deref != -1 &&
+ ldap_set_option( ld, LDAP_OPT_DEREF, (void *) &deref ) != LDAP_OPT_SUCCESS )
+ {
+ fprintf( stderr, "Could not set LDAP_OPT_DEREF %d\n", deref );
+ return EXIT_FAILURE;
+ }
+ if (timelimit != -1 &&
+ ldap_set_option( ld, LDAP_OPT_TIMELIMIT, (void *) &timelimit ) != LDAP_OPT_SUCCESS )
+ {
+ fprintf( stderr, "Could not set LDAP_OPT_TIMELIMIT %d\n", timelimit );
+ return EXIT_FAILURE;
+ }
+ if (sizelimit != -1 &&
+ ldap_set_option( ld, LDAP_OPT_SIZELIMIT, (void *) &sizelimit ) != LDAP_OPT_SUCCESS )
+ {
+ fprintf( stderr, "Could not set LDAP_OPT_SIZELIMIT %d\n", sizelimit );
+ return EXIT_FAILURE;
+ }
+
+ /* referrals */
+ if (ldap_set_option( ld, LDAP_OPT_REFERRALS,
+ referrals ? LDAP_OPT_ON : LDAP_OPT_OFF ) != LDAP_OPT_SUCCESS )
+ {
+ fprintf( stderr, "Could not set LDAP_OPT_REFERRALS %s\n",
+ referrals ? "on" : "off" );
+ return EXIT_FAILURE;
+ }
+
+ if (version == -1 ) {
+ version = 3;
+ }
+
+ if( ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &version )
+ != LDAP_OPT_SUCCESS )
+ {
+ fprintf( stderr, "Could not set LDAP_OPT_PROTOCOL_VERSION %d\n",
+ version );
+ return EXIT_FAILURE;
+ }
+
+ if ( use_tls ) {
+ rc = ldap_start_tls_s( ld, NULL, NULL );
+
+ if ( rc != LDAP_SUCCESS && use_tls > 1 ) {
+ ldap_perror( ld, "ldap_start_tls" );
+ fprintf( stderr, "Could not start TLS %d: %s\n",
+ rc, ldap_err2string( rc ) );
+ return EXIT_FAILURE;
+ }
+ fprintf( stderr, "WARNING: could not start TLS\n" );
+ }
+
+ if (want_bindpw) {
+ passwd.bv_val = getpassphrase("Enter LDAP Password: ");
+ passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
+ }
+
+ if ( authmethod == LDAP_AUTH_SASL ) {
+#ifdef HAVE_CYRUS_SASL
+ void *defaults;
+
+ if( sasl_secprops != NULL ) {
+ rc = ldap_set_option( ld, LDAP_OPT_X_SASL_SECPROPS,
+ (void *) sasl_secprops );
+
+ if( rc != LDAP_OPT_SUCCESS ) {
+ fprintf( stderr,
+ "Could not set LDAP_OPT_X_SASL_SECPROPS: %s\n",
+ sasl_secprops );
+ return( EXIT_FAILURE );
+ }
+ }
+
+ defaults = lutil_sasl_defaults( ld,
+ sasl_mech,
+ sasl_realm,
+ sasl_authc_id,
+ passwd.bv_val,
+ sasl_authz_id );
+
+ rc = ldap_sasl_interactive_bind_s( ld, binddn,
+ sasl_mech, NULL, NULL,
+ sasl_flags, lutil_sasl_interact, defaults );
+
+ if( rc != LDAP_SUCCESS ) {
+ ldap_perror( ld, "ldap_sasl_interactive_bind_s" );
+ return( EXIT_FAILURE );
+ }
+#else
+ fprintf( stderr, "%s: not compiled with SASL support\n",
+ prog, argv[0] );
+ return( EXIT_FAILURE );
+#endif
+ } else {
+ if ( ldap_bind_s( ld, binddn, passwd.bv_val, authmethod )
+ != LDAP_SUCCESS ) {
+ ldap_perror( ld, "ldap_bind" );
+ return( EXIT_FAILURE );
+ }
+ }
+
+ if ( manageDSAit ) {
+ int err;
+ LDAPControl c;
+ LDAPControl *ctrls[2];
+ ctrls[0] = &c;
+ ctrls[1] = NULL;
+
+ c.ldctl_oid = LDAP_CONTROL_MANAGEDSAIT;
+ c.ldctl_value.bv_val = NULL;
+ c.ldctl_value.bv_len = 0;
+ c.ldctl_iscritical = manageDSAit > 1;
+
+ err = ldap_set_option( ld, LDAP_OPT_SERVER_CONTROLS, ctrls );
+
+ if( err != LDAP_OPT_SUCCESS ) {
+ fprintf( stderr, "Could not set ManageDSAit %scontrol\n",
+ c.ldctl_iscritical ? "critical " : "" );
+ if( c.ldctl_iscritical ) {
+ exit( EXIT_FAILURE );
+ }
+ }
+ }
+
+ if ( verbose ) {
+ fprintf( stderr, "filter%s: %s\nrequesting: ",
+ infile != NULL ? " pattern" : "",
+ filtpattern );
+
+ if ( attrs == NULL ) {
+ fprintf( stderr, "ALL" );
+ } else {
+ for ( i = 0; attrs[ i ] != NULL; ++i ) {
+ fprintf( stderr, "%s ", attrs[ i ] );
+ }
+ }
+ fprintf( stderr, "\n" );
+ }
+
+ if (ldif < 3 ) {
+ printf( "version: %d\n\n", ldif ? 1 : 2 );
+ }
+
+ if (ldif < 2 ) {
+ printf( "#\n# filter%s: %s\n# requesting: ",
+ infile != NULL ? " pattern" : "",
+ filtpattern );
+
+ if ( attrs == NULL ) {
+ printf( "ALL" );
+ } else {
+ for ( i = 0; attrs[ i ] != NULL; ++i ) {
+ printf( "%s ", attrs[ i ] );
+ }
+ }
+
+ if ( manageDSAit ) {
+ printf("\n# with manageDSAit %scontrol",
+ manageDSAit > 1 ? "critical " : "" );
+ }
+
+ printf( "\n#\n\n" );
+ }
+
+ if ( infile == NULL ) {
+ rc = dosearch( ld, base, scope, NULL, filtpattern,
+ attrs, attrsonly, NULL, NULL, NULL, -1 );
+
+ } else {
+ rc = 0;
+ first = 1;
+ while ( rc == 0 && fgets( line, sizeof( line ), fp ) != NULL ) {
+ line[ strlen( line ) - 1 ] = '\0';
+ if ( !first ) {
+ putchar( '\n' );
+ } else {
+ first = 0;
+ }
+ rc = dosearch( ld, base, scope, filtpattern, line,
+ attrs, attrsonly, NULL, NULL, NULL, -1 );
+ }
+ if ( fp != stdin ) {
+ fclose( fp );
+ }
+ }
+
+ ldap_unbind( ld );
+ return( rc );