X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=clients%2Ftools%2Fldappasswd.c;h=9a6cb8838a5ef16903122385c803cf656b051269;hb=fb6590f8db1b3cec24e00a888e033ee427d4aaab;hp=f3dc98047c86e135531343c10183bf4503e738d9;hpb=6393523ffa71bffabcafffda064c04b36742cb2c;p=openldap diff --git a/clients/tools/ldappasswd.c b/clients/tools/ldappasswd.c index f3dc98047c..9a6cb8838a 100644 --- a/clients/tools/ldappasswd.c +++ b/clients/tools/ldappasswd.c @@ -30,32 +30,33 @@ usage(const char *s) fprintf(stderr, "Change password of an LDAP user\n\n" "usage: %s [options] user\n" -" user: the identity of the user, normally a DN\n" +" user: the identity of the user, normally a DN\n" "Password change options:\n" -" -a secret\told password\n" -" -A\t\tprompt for old password\n" -" -s secret\tnew password\n" -" -S\t\tprompt for new password\n" +" -a secret old password\n" +" -A prompt for old password\n" +" -s secret new password\n" +" -S prompt for new password\n" "Common options:\n" -" -d level\tdebugging level\n" -" -C\t\tchase referrals\n" -" -D binddn\tbind DN\n" -" -h host\t\tLDAP server (default: localhost)\n" -" -I\t\tuse SASL Interactive mode\n" -" -n\t\tmake no modifications\n" -" -O secprops\tSASL security properties\n" -" -p port\t\tport on LDAP server\n" -" -Q\t\tuse SASL Quiet mode\n" -" -R realm\tSASL realm\n" -" -U user\t\tSASL authentication identity (username)\n" -" -v\t\tverbose mode\n" -" -w passwd\tbind password (for simple authentication)\n" -" -W\t\tprompt for bind password\n" -" -x\t\tSimple authentication\n" -" -X id\t\tSASL authorization identity (\"dn:\" or \"u:\")\n" -" -Y mech\t\tSASL mechanism\n" -" -Z\t\tissue Start TLS request (-ZZ to require successful response)\n" +" -d level set LDAP debugging level to `level'\n" +" -D binddn bind DN\n" +" -f file read operations from `file'\n" +" -h host LDAP server(s)\n" +" -H URI LDAP Uniform Resource Indentifier(s)\n" +" -I use SASL Interactive mode\n" +" -n show what would be done but don't actually search\n" +" -O props SASL security properties\n" +" -p port port on LDAP server\n" +" -Q use SASL Quiet mode\n" +" -R realm SASL realm\n" +" -U user SASL authentication identity (username)\n" +" -v run in verbose mode (diagnostics to standard output)\n" +" -w passwd bind passwd (for simple authentication)\n" +" -W prompt for bind passwd\n" +" -x Simple authentication\n" +" -X id SASL authorization identity (\"dn:\" or \"u:\")\n" +" -Y mech SASL mechanism\n" +" -Z Start TLS request (-ZZ to require successful response)\n" , s ); exit( EXIT_FAILURE ); @@ -67,6 +68,7 @@ main( int argc, char *argv[] ) int rc; char *prog = NULL; char *ldaphost = NULL; + char *ldapuri = NULL; char *dn = NULL; char *binddn = NULL; @@ -96,7 +98,7 @@ main( int argc, char *argv[] ) #endif int use_tls = 0; int referrals = 0; - LDAP *ld; + LDAP *ld = NULL; struct berval *bv = NULL; int id, code; @@ -105,13 +107,13 @@ main( int argc, char *argv[] ) char *retoid = NULL; struct berval *retdata = NULL; - prog = (prog = strrchr(argv[0], *LDAP_DIRSEP)) == NULL ? argv[0] : ++prog; + prog = (prog = strrchr(argv[0], *LDAP_DIRSEP)) == NULL ? argv[0] : prog + 1; if (argc == 1) usage (argv[0]); while( (i = getopt( argc, argv, - "Aa:Ss:" "Cd:D:h:InO:p:QRU:vw:WxX:Y:Z" )) != EOF ) + "Aa:Ss:" "Cd:D:h:H:InO:p:QRU:vw:WxX:Y:Z" )) != EOF ) { switch (i) { /* Password Options */ @@ -161,12 +163,31 @@ main( int argc, char *argv[] ) binddn = strdup( optarg ); break; case 'h': /* ldap host */ + if( ldapuri != NULL ) { + fprintf( stderr, "%s: -h incompatible with -H\n" ); + return EXIT_FAILURE; + } if( ldaphost != NULL ) { fprintf( stderr, "%s: -h previously specified\n" ); return EXIT_FAILURE; } ldaphost = strdup( optarg ); break; + case 'H': /* ldap URI */ + if( ldaphost != NULL ) { + fprintf( stderr, "%s: -H incompatible with -h\n" ); + return EXIT_FAILURE; + } + if( ldapport ) { + fprintf( stderr, "%s: -H incompatible with -p\n" ); + return EXIT_FAILURE; + } + if( ldapuri != NULL ) { + fprintf( stderr, "%s: -H previously specified\n" ); + return EXIT_FAILURE; + } + ldapuri = strdup( optarg ); + break; case 'I': #ifdef HAVE_CYRUS_SASL if( version == LDAP_VERSION2 ) { @@ -315,7 +336,7 @@ main( int argc, char *argv[] ) sasl_flags = LDAP_SASL_QUIET; break; #else - fprintf( stderr, "%s: was not compiled with SASL support\n", + fprintf( stderr, "%s: not compiled with SASL support\n", prog ); return( EXIT_FAILURE ); #endif @@ -340,7 +361,7 @@ main( int argc, char *argv[] ) version = LDAP_VERSION3; sasl_realm = strdup( optarg ); #else - fprintf( stderr, "%s: was not compiled with SASL support\n", + fprintf( stderr, "%s: not compiled with SASL support\n", prog ); return( EXIT_FAILURE ); #endif @@ -366,7 +387,7 @@ main( int argc, char *argv[] ) version = LDAP_VERSION3; sasl_authc_id = strdup( optarg ); #else - fprintf( stderr, "%s: was not compiled with SASL support\n", + fprintf( stderr, "%s: not compiled with SASL support\n", prog ); return( EXIT_FAILURE ); #endif @@ -407,7 +428,7 @@ main( int argc, char *argv[] ) version = LDAP_VERSION3; sasl_mech = strdup( optarg ); #else - fprintf( stderr, "%s: was not compiled with SASL support\n", + fprintf( stderr, "%s: not compiled with SASL support\n", prog ); return( EXIT_FAILURE ); #endif @@ -448,7 +469,7 @@ main( int argc, char *argv[] ) case 'Z': #ifdef HAVE_TLS if( version == LDAP_VERSION2 ) { - fprintf( stderr, "%s -Z incompatible with version %d\n", + fprintf( stderr, "%s: -Z incompatible with version %d\n", prog, version ); return EXIT_FAILURE; } @@ -542,8 +563,25 @@ main( int argc, char *argv[] ) #endif /* connect to server */ - if ((ld = ldap_init( ldaphost, ldapport )) == NULL) { - perror("ldap_init"); + if( ( ldaphost != NULL || ldapport ) && ( ldapuri == NULL ) ) { + if ( verbose ) { + fprintf( stderr, "ldap_init( %s, %d )\n", + ldaphost != NULL ? ldaphost : "", + ldapport ); + } + ld = ldap_init( ldaphost, ldapport ); + + } else { + if ( verbose ) { + fprintf( stderr, "ldap_initialize( %s )\n", + ldapuri != NULL ? ldapuri : "" ); + } + (void) ldap_initialize( &ld, ldapuri ); + } + + if( ld == NULL ) { + fprintf( stderr, "Could not create LDAP session handle (%d): %s\n", + rc, ldap_err2string(rc) ); return EXIT_FAILURE; } @@ -605,7 +643,7 @@ main( int argc, char *argv[] ) return( EXIT_FAILURE ); } #else - fprintf( stderr, "%s was not compiled with SASL support\n", + fprintf( stderr, "%s: not compiled with SASL support\n", argv[0] ); return( EXIT_FAILURE ); #endif