+ case 'x':
+ if( authmethod != -1 && authmethod != LDAP_AUTH_SIMPLE ) {
+ fprintf( stderr, "%s: incompatible with previous "
+ "authentication choice\n", prog );
+ return EXIT_FAILURE;
+ }
+ authmethod = LDAP_AUTH_SIMPLE;
+ break;
+ case 'X':
+#ifdef HAVE_CYRUS_SASL
+ if( sasl_authz_id != NULL ) {
+ fprintf( stderr, "%s: -X previously specified\n" );
+ return EXIT_FAILURE;
+ }
+ if( version == LDAP_VERSION2 ) {
+ fprintf( stderr, "%s: -X incompatible with LDAPv%d\n",
+ prog, version );
+ return EXIT_FAILURE;
+ }
+ if( authmethod != -1 && authmethod != LDAP_AUTH_SASL ) {
+ fprintf( stderr, "%s: -X incompatible with "
+ "authentication choice\n", prog );
+ return EXIT_FAILURE;
+ }
+ authmethod = LDAP_AUTH_SASL;
+ version = LDAP_VERSION3;
+ sasl_authz_id = strdup( optarg );
+#else
+ fprintf( stderr, "%s: not compiled with SASL support\n",
+ prog );
+ return( EXIT_FAILURE );
+#endif
+ break;
+ case 'Z':
+#ifdef HAVE_TLS
+ if( version == LDAP_VERSION2 ) {
+ fprintf( stderr, "%s: -Z incompatible with version %d\n",
+ prog, version );
+ return EXIT_FAILURE;
+ }
+ version = LDAP_VERSION3;
+ use_tls++;
+#else
+ fprintf( stderr, "%s: not compiled with TLS support\n",
+ prog );
+ return( EXIT_FAILURE );
+#endif
+ break;
+ default:
+ fprintf( stderr, "%s: unrecongized option -%c\n",
+ prog, optopt );
+ usage( argv[0] );
+ }
+ }
+
+ if (version == -1) {
+ version = LDAP_VERSION3;
+ }
+ if (authmethod == -1 && version > LDAP_VERSION2) {
+#ifdef HAVE_CYRUS_SASL
+ authmethod = LDAP_AUTH_SASL;
+#else
+ authmethod = LDAP_AUTH_SIMPLE;
+#endif
+ }
+
+ if (( argc - optind < 1 ) ||
+ ( *argv[optind] != '(' /*')'*/ &&
+ ( strchr( argv[optind], '=' ) == NULL ) ) )
+ {
+ filtpattern = "(objectclass=*)";
+ } else {
+ filtpattern = strdup( argv[optind++] );
+ }
+
+ if ( argv[optind] == NULL ) {
+ attrs = NULL;
+ } else if ( sortattr == NULL || *sortattr == '\0' ) {
+ attrs = &argv[optind];
+ }
+
+ if ( infile != NULL ) {
+ if ( infile[0] == '-' && infile[1] == '\0' ) {
+ fp = stdin;
+ } else if (( fp = fopen( infile, "r" )) == NULL ) {
+ perror( infile );
+ return EXIT_FAILURE;
+ }
+ }
+
+ if( tmpdir == NULL
+ && (tmpdir = getenv("TMPDIR")) == NULL
+ && (tmpdir = getenv("TMP")) == NULL
+ && (tmpdir = getenv("TEMP")) == NULL )
+ {
+ tmpdir = LDAP_TMPDIR;
+ }
+
+ if( urlpre == NULL ) {
+ urlpre = malloc( sizeof("file:////") + strlen(tmpdir) );
+
+ if( urlpre == NULL ) {
+ perror( "malloc" );
+ return EXIT_FAILURE;
+ }
+
+ sprintf( urlpre, "file:///%s/",
+ tmpdir[0] == '/' ? &tmpdir[1] : tmpdir );
+
+ /* urlpre should be URLized.... */
+ }
+
+ if ( debug ) {
+ if( ber_set_option( NULL, LBER_OPT_DEBUG_LEVEL, &debug ) != LBER_OPT_SUCCESS ) {
+ fprintf( stderr, "Could not set LBER_OPT_DEBUG_LEVEL %d\n", debug );
+ }
+ if( ldap_set_option( NULL, LDAP_OPT_DEBUG_LEVEL, &debug ) != LDAP_OPT_SUCCESS ) {
+ fprintf( stderr, "Could not set LDAP_OPT_DEBUG_LEVEL %d\n", debug );
+ }
+ ldif_debug = debug;
+ }
+
+#ifdef SIGPIPE
+ (void) SIGNAL( SIGPIPE, SIG_IGN );
+#endif
+
+
+ if( ( ldaphost != NULL || ldapport ) && ( ldapuri == NULL ) ) {
+ if ( verbose ) {
+ fprintf( stderr, "ldap_init( %s, %d )\n",
+ ldaphost != NULL ? ldaphost : "<DEFAULT>",
+ ldapport );
+ }
+ ld = ldap_init( ldaphost, ldapport );
+
+ } else {
+ if ( verbose ) {
+ fprintf( stderr, "ldap_initialize( %s )\n",
+ ldapuri != NULL ? ldapuri : "<DEFAULT>" );
+ }
+ (void) ldap_initialize( &ld, ldapuri );
+ }
+
+ if( ld == NULL ) {
+ fprintf( stderr, "Could not create LDAP session handle (%d): %s\n",
+ rc, ldap_err2string(rc) );
+ return EXIT_FAILURE;
+ }
+
+ if (deref != -1 &&
+ ldap_set_option( ld, LDAP_OPT_DEREF, (void *) &deref ) != LDAP_OPT_SUCCESS )
+ {
+ fprintf( stderr, "Could not set LDAP_OPT_DEREF %d\n", deref );
+ return EXIT_FAILURE;
+ }
+ if (timelimit != -1 &&
+ ldap_set_option( ld, LDAP_OPT_TIMELIMIT, (void *) &timelimit ) != LDAP_OPT_SUCCESS )
+ {
+ fprintf( stderr, "Could not set LDAP_OPT_TIMELIMIT %d\n", timelimit );
+ return EXIT_FAILURE;
+ }
+ if (sizelimit != -1 &&
+ ldap_set_option( ld, LDAP_OPT_SIZELIMIT, (void *) &sizelimit ) != LDAP_OPT_SUCCESS )
+ {
+ fprintf( stderr, "Could not set LDAP_OPT_SIZELIMIT %d\n", sizelimit );
+ return EXIT_FAILURE;
+ }
+
+ /* referrals */
+ if (ldap_set_option( ld, LDAP_OPT_REFERRALS,
+ referrals ? LDAP_OPT_ON : LDAP_OPT_OFF ) != LDAP_OPT_SUCCESS )
+ {
+ fprintf( stderr, "Could not set LDAP_OPT_REFERRALS %s\n",
+ referrals ? "on" : "off" );
+ return EXIT_FAILURE;
+ }
+
+ if (version == -1 ) {
+ version = 3;
+ }
+
+ if( ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &version )
+ != LDAP_OPT_SUCCESS )
+ {
+ fprintf( stderr, "Could not set LDAP_OPT_PROTOCOL_VERSION %d\n",
+ version );
+ return EXIT_FAILURE;
+ }
+
+ if ( use_tls ) {
+ rc = ldap_start_tls_s( ld, NULL, NULL );
+
+ if ( rc != LDAP_SUCCESS && use_tls > 1 ) {
+ ldap_perror( ld, "ldap_start_tls" );
+ fprintf( stderr, "Could not start TLS %d: %s\n",
+ rc, ldap_err2string( rc ) );
+ return EXIT_FAILURE;
+ }
+ fprintf( stderr, "WARNING: could not start TLS\n" );