/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
- * Copyright 1998-2006 The OpenLDAP Foundation.
+ * Copyright 1998-2007 The OpenLDAP Foundation.
* Portions Copyright 2003 Kurt D. Zeilenga.
* Portions Copyright 2003 IBM Corporation.
* All rights reserved.
#include <ac/ctype.h>
#include <ac/unistd.h>
#include <ac/errno.h>
+#include <ac/time.h>
#ifdef HAVE_CYRUS_SASL
#ifdef HAVE_SASL_SASL_H
#include "common.h"
-#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
-#if !LDAP_DEPRECATED
-/* Necessary for old LDAPv2 Kerberos Bind methods */
-LDAP_F( int )
-ldap_bind LDAP_P(( /* deprecated */
- LDAP *ld,
- LDAP_CONST char *who,
- LDAP_CONST char *passwd,
- int authmethod ));
-#endif
-#endif
-
/* input-related vars */
/* misc. parameters */
static int chainingContinuation = -1;
#endif /* LDAP_CONTROL_X_CHAINING_BEHAVIOR */
+/* options */
+struct timeval nettimeout = { -1 , 0 };
+
typedef int (*print_ctrl_fn)( LDAP *ld, LDAPControl *ctrl );
static int print_preread( LDAP *ld, LDAPControl *ctrl );
N_(" -h host LDAP server\n"),
N_(" -H URI LDAP Uniform Resource Indentifier(s)\n"),
N_(" -I use SASL Interactive mode\n"),
-N_(" -k use Kerberos authentication\n"),
-N_(" -K like -k, but do only step 1 of the Kerberos bind\n"),
N_(" -M enable Manage DSA IT control (-MM to make critical)\n"),
N_(" -n show what would be done but don't actually do it\n"),
N_(" -O props SASL security properties\n"),
+N_(" -o <opt>[=<optparam] general options\n"),
+N_(" nettimeout=<timeout> (in seconds, or \"none\" or \"max\")\n"),
N_(" -p port port on LDAP server\n"),
N_(" -P version procotol version (default: 3)\n"),
N_(" -Q use SASL Quiet mode\n"),
prog );
exit( EXIT_FAILURE );
#endif
- case 'k': /* kerberos bind */
-#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
- if( authmethod != -1 ) {
- fprintf( stderr, "%s: -k incompatible with previous "
- "authentication choice\n", prog );
- exit( EXIT_FAILURE );
- }
- authmethod = LDAP_AUTH_KRBV4;
-#else
- fprintf( stderr, "%s: not compiled with Kerberos support\n", prog );
- exit( EXIT_FAILURE );
-#endif
- break;
- case 'K': /* kerberos bind, part one only */
-#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
- if( authmethod != -1 ) {
- fprintf( stderr, "%s: incompatible with previous "
- "authentication choice\n", prog );
- exit( EXIT_FAILURE );
- }
- authmethod = LDAP_AUTH_KRBV41;
-#else
- fprintf( stderr, "%s: not compiled with Kerberos support\n", prog );
- exit( EXIT_FAILURE );
-#endif
- break;
case 'M':
/* enable Manage DSA IT */
manageDSAit++;
case 'n': /* print operations, don't actually do them */
dont++;
break;
+ case 'o':
+ control = ber_strdup( optarg );
+ if ( (cvalue = strchr( control, '=' )) != NULL ) {
+ *cvalue++ = '\0';
+ }
+
+ if ( strcasecmp( control, "nettimeout" ) == 0 ) {
+ if( nettimeout.tv_sec != -1 ) {
+ fprintf( stderr, "nettimeout option previously specified\n");
+ exit( EXIT_FAILURE );
+ }
+ if( cvalue == NULL || cvalue[0] == '\0' ) {
+ fprintf( stderr, "nettimeout: option value expected\n" );
+ usage();
+ }
+ if ( strcasecmp( cvalue, "none" ) == 0 ) {
+ nettimeout.tv_sec = 0;
+ } else if ( strcasecmp( cvalue, "max" ) == 0 ) {
+ nettimeout.tv_sec = LDAP_MAXINT;
+ } else {
+ ival = strtol( cvalue, &next, 10 );
+ if ( next == NULL || next[0] != '\0' ) {
+ fprintf( stderr,
+ _("Unable to parse network timeout \"%s\"\n"), cvalue );
+ exit( EXIT_FAILURE );
+ }
+ nettimeout.tv_sec = ival;
+ }
+ if( nettimeout.tv_sec < 0 || nettimeout.tv_sec > LDAP_MAXINT ) {
+ fprintf( stderr, _("%s: invalid network timeout (%ld) specified\n"),
+ prog, (long)nettimeout.tv_sec );
+ exit( EXIT_FAILURE );
+ }
+ } else {
+ fprintf( stderr, "Invalid general option name: %s\n",
+ control );
+ usage();
+ }
+ break;
case 'O':
#ifdef HAVE_CYRUS_SASL
if( sasl_secprops != NULL ) {
exit( EXIT_FAILURE );
}
#endif
-
-#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
- } else {
- if ( authmethod == LDAP_AUTH_KRBV4 || authmethod == LDAP_AUTH_KRBV41 ) {
- fprintf( stderr, "%s: -k/-K incompatible with LDAPv%d\n",
- prog, protocol );
- exit( EXIT_FAILURE );
- }
-#endif
}
}
}
}
}
+
+ if ( nettimeout.tv_sec > 0 ) {
+ if ( ldap_set_option( ld, LDAP_OPT_NETWORK_TIMEOUT, (void *) &nettimeout )
+ != LDAP_OPT_SUCCESS )
+ {
+ fprintf( stderr, "Could not set LDAP_OPT_NETWORK_TIMEOUT %ld\n",
+ (long)nettimeout.tv_sec );
+ exit( EXIT_FAILURE );
+ }
+ }
}
return ld;
msgbuf[0] = 0;
-#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
- if ( authmethod == LDAP_AUTH_KRBV4 || authmethod == LDAP_AUTH_KRBV41 ) {
- msgid = ldap_bind( ld, binddn, passwd.bv_val, authmethod );
- if ( msgid == -1 ) {
- tool_perror( "ldap_bind", -1, NULL, NULL, NULL, NULL );
- exit( LDAP_LOCAL_ERROR );
- }
- } else
-#endif
{
/* simple bind */
rc = ldap_sasl_bind( ld, binddn, LDAP_SASL_SIMPLE, &passwd,