X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=libraries%2Flibldap%2Finit.c;h=613bd93c57152bf35df9241e1ee82a5a69d63a3d;hb=0ea43c9d7d2fbf08b2078931bebfcaf443230878;hp=8c22855fd85f97472ec2463001687bb3ad8f8dbc;hpb=8c793fa1c9448716b777f0bd5c1e1ea1be9b587f;p=openldap
diff --git a/libraries/libldap/init.c b/libraries/libldap/init.c
index 8c22855fd8..613bd93c57 100644
--- a/libraries/libldap/init.c
+++ b/libraries/libldap/init.c
@@ -1,32 +1,47 @@
-/*
- * Copyright 1998-1999 The OpenLDAP Foundation, All Rights Reserved.
- * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+/* $OpenLDAP$ */
+/* This work is part of OpenLDAP Software .
+ *
+ * Copyright 1998-2005 The OpenLDAP Foundation.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted only as authorized by the OpenLDAP
+ * Public License.
+ *
+ * A copy of this license is available in the file LICENSE in the
+ * top-level directory of the distribution or, alternatively, at
+ * .
*/
+
#include "portable.h"
#include
-#include
+#include
#include
#include
#include
#include
-#include "ldap-int.h"
-#include "ldapconfig.h"
-
-struct ldapoptions openldap_ldap_global_options = { LDAP_DEBUG_NONE };
+#ifdef HAVE_LIMITS_H
+#include
+#endif
-#undef gopts
-#define gopts openldap_ldap_global_options
+#include "ldap-int.h"
+#include "ldap_defaults.h"
-int openldap_ldap_initialized = 0;
+struct ldapoptions ldap_int_global_options =
+ { LDAP_UNINITIALIZED, LDAP_DEBUG_NONE };
#define ATTR_NONE 0
#define ATTR_BOOL 1
#define ATTR_INT 2
#define ATTR_KV 3
#define ATTR_STRING 4
+#define ATTR_OPTION 5
+
+#define ATTR_SASL 6
+#define ATTR_TLS 7
struct ol_keyvalue {
const char * key;
@@ -42,51 +57,91 @@ static const struct ol_keyvalue deref_kv[] = {
};
static const struct ol_attribute {
+ int useronly;
int type;
const char * name;
const void * data;
size_t offset;
} attrs[] = {
- {ATTR_KV, "DEREF", deref_kv, /* or &deref_kv[0] */
+ {0, ATTR_KV, "DEREF", deref_kv, /* or &deref_kv[0] */
offsetof(struct ldapoptions, ldo_deref)},
- {ATTR_INT, "SIZELIMIT", NULL,
+ {0, ATTR_INT, "SIZELIMIT", NULL,
offsetof(struct ldapoptions, ldo_sizelimit)},
- {ATTR_INT, "TIMELIMIT", NULL,
+ {0, ATTR_INT, "TIMELIMIT", NULL,
offsetof(struct ldapoptions, ldo_timelimit)},
- {ATTR_STRING, "BASE", NULL,
+ {1, ATTR_STRING, "BINDDN", NULL,
+ offsetof(struct ldapoptions, ldo_defbinddn)},
+ {0, ATTR_STRING, "BASE", NULL,
offsetof(struct ldapoptions, ldo_defbase)},
- {ATTR_STRING, "HOST", NULL,
- offsetof(struct ldapoptions, ldo_defhost)},
- {ATTR_INT, "PORT", NULL,
+ {0, ATTR_INT, "PORT", NULL, /* deprecated */
offsetof(struct ldapoptions, ldo_defport)},
- {ATTR_BOOL, "REFERRALS", NULL, LDAP_BOOL_REFERRALS},
- {ATTR_BOOL, "RESTART", NULL, LDAP_BOOL_RESTART},
- {ATTR_BOOL, "DNS", NULL, LDAP_BOOL_DNS},
- {ATTR_NONE, NULL, NULL, 0}
+ {0, ATTR_OPTION, "HOST", NULL, LDAP_OPT_HOST_NAME}, /* deprecated */
+ {0, ATTR_OPTION, "URI", NULL, LDAP_OPT_URI}, /* replaces HOST/PORT */
+ {0, ATTR_BOOL, "REFERRALS", NULL, LDAP_BOOL_REFERRALS},
+ {0, ATTR_BOOL, "RESTART", NULL, LDAP_BOOL_RESTART},
+
+#ifdef HAVE_CYRUS_SASL
+ {1, ATTR_STRING, "SASL_MECH", NULL,
+ offsetof(struct ldapoptions, ldo_def_sasl_mech)},
+ {1, ATTR_STRING, "SASL_REALM", NULL,
+ offsetof(struct ldapoptions, ldo_def_sasl_realm)},
+ {1, ATTR_STRING, "SASL_AUTHCID", NULL,
+ offsetof(struct ldapoptions, ldo_def_sasl_authcid)},
+ {1, ATTR_STRING, "SASL_AUTHZID", NULL,
+ offsetof(struct ldapoptions, ldo_def_sasl_authzid)},
+ {0, ATTR_SASL, "SASL_SECPROPS", NULL, LDAP_OPT_X_SASL_SECPROPS},
+#endif
+
+#ifdef HAVE_TLS
+ {1, ATTR_TLS, "TLS_CERT", NULL, LDAP_OPT_X_TLS_CERTFILE},
+ {1, ATTR_TLS, "TLS_KEY", NULL, LDAP_OPT_X_TLS_KEYFILE},
+ {0, ATTR_TLS, "TLS_CACERT", NULL, LDAP_OPT_X_TLS_CACERTFILE},
+ {0, ATTR_TLS, "TLS_CACERTDIR", NULL, LDAP_OPT_X_TLS_CACERTDIR},
+ {0, ATTR_TLS, "TLS_REQCERT", NULL, LDAP_OPT_X_TLS_REQUIRE_CERT},
+ {0, ATTR_TLS, "TLS_RANDFILE", NULL, LDAP_OPT_X_TLS_RANDOM_FILE},
+ {0, ATTR_TLS, "TLS_CIPHER_SUITE", NULL, LDAP_OPT_X_TLS_CIPHER_SUITE},
+
+#ifdef HAVE_OPENSSL_CRL
+ {0, ATTR_TLS, "TLS_CRLCHECK", NULL, LDAP_OPT_X_TLS_CRLCHECK},
+#endif
+
+#endif
+
+ {0, ATTR_NONE, NULL, NULL, 0}
};
-#define MAX_LDAP_ATTR_LEN sizeof("SIZELIMIT")
+#define MAX_LDAP_ATTR_LEN sizeof("TLS_CIPHER_SUITE")
#define MAX_LDAP_ENV_PREFIX_LEN 8
-static void openldap_ldap_init_w_conf(const char *file)
+static void openldap_ldap_init_w_conf(
+ const char *file, int userconf )
{
char linebuf[128];
FILE *fp;
int i;
char *cmd, *opt;
char *start, *end;
+ struct ldapoptions *gopts;
+
+ if ((gopts = LDAP_INT_GLOBAL_OPT()) == NULL) {
+ return; /* Could not allocate mem for global options */
+ }
if (file == NULL) {
/* no file name */
return;
}
+ Debug(LDAP_DEBUG_TRACE, "ldap_init: trying %s\n", file, 0, 0);
+
fp = fopen(file, "r");
if(fp == NULL) {
/* could not open file */
return;
}
+ Debug(LDAP_DEBUG_TRACE, "ldap_init: using %s\n", file, 0, 0);
+
while((start = fgets(linebuf, sizeof(linebuf), fp)) != NULL) {
/* skip lines starting with '#' */
if(*start == '#') continue;
@@ -119,13 +174,17 @@ static void openldap_ldap_init_w_conf(const char *file)
*start++ = '\0';
- /* we must have some non-whitespace to skip */
+ /* we must have some whitespace to skip */
while(isspace((unsigned char)*start)) start++;
opt = start;
for(i=0; attrs[i].type != ATTR_NONE; i++) {
void *p;
+ if( !userconf && attrs[i].useronly ) {
+ continue;
+ }
+
if(strcasecmp(cmd, attrs[i].name) != 0) {
continue;
}
@@ -136,16 +195,16 @@ static void openldap_ldap_init_w_conf(const char *file)
|| (strcasecmp(opt, "yes") == 0)
|| (strcasecmp(opt, "true") == 0))
{
- LDAP_BOOL_SET(&gopts, attrs[i].offset);
+ LDAP_BOOL_SET(gopts, attrs[i].offset);
} else {
- LDAP_BOOL_CLR(&gopts, attrs[i].offset);
+ LDAP_BOOL_CLR(gopts, attrs[i].offset);
}
break;
case ATTR_INT:
- p = &((char *) &gopts)[attrs[i].offset];
+ p = &((char *) gopts)[attrs[i].offset];
* (int*) p = atoi(opt);
break;
@@ -157,7 +216,7 @@ static void openldap_ldap_init_w_conf(const char *file)
kv++) {
if(strcasecmp(opt, kv->key) == 0) {
- p = &((char *) &gopts)[attrs[i].offset];
+ p = &((char *) gopts)[attrs[i].offset];
* (int*) p = kv->value;
break;
}
@@ -165,21 +224,41 @@ static void openldap_ldap_init_w_conf(const char *file)
} break;
case ATTR_STRING:
- p = &((char *) &gopts)[attrs[i].offset];
- if (* (char**) p != NULL) free(* (char**) p);
- * (char**) p = strdup(opt);
+ p = &((char *) gopts)[attrs[i].offset];
+ if (* (char**) p != NULL) LDAP_FREE(* (char**) p);
+ * (char**) p = LDAP_STRDUP(opt);
+ break;
+ case ATTR_OPTION:
+ ldap_set_option( NULL, attrs[i].offset, opt );
+ break;
+ case ATTR_SASL:
+#ifdef HAVE_CYRUS_SASL
+ ldap_int_sasl_config( gopts, attrs[i].offset, opt );
+#endif
+ break;
+ case ATTR_TLS:
+#ifdef HAVE_TLS
+ ldap_int_tls_config( NULL, attrs[i].offset, opt );
+#endif
break;
}
+
+ break;
}
}
fclose(fp);
}
+static void openldap_ldap_init_w_sysconf(const char *file)
+{
+ openldap_ldap_init_w_conf( file, 0 );
+}
+
static void openldap_ldap_init_w_userconf(const char *file)
{
char *home;
- char *path;
+ char *path = NULL;
if (file == NULL) {
/* no file name */
@@ -189,32 +268,37 @@ static void openldap_ldap_init_w_userconf(const char *file)
home = getenv("HOME");
if (home != NULL) {
- path = malloc(strlen(home) + strlen(file) + 3);
+ Debug(LDAP_DEBUG_TRACE, "ldap_init: HOME env is %s\n",
+ home, 0, 0);
+ path = LDAP_MALLOC(strlen(home) + strlen(file) + sizeof( LDAP_DIRSEP "."));
} else {
- path = malloc(strlen(file) + 3);
+ Debug(LDAP_DEBUG_TRACE, "ldap_init: HOME env is NULL\n",
+ 0, 0, 0);
}
if(home != NULL && path != NULL) {
/* we assume UNIX path syntax is used... */
/* try ~/file */
- sprintf(path, "%s/%s", home, file);
- openldap_ldap_init_w_conf(path);
+ sprintf(path, "%s" LDAP_DIRSEP "%s", home, file);
+ openldap_ldap_init_w_conf(path, 1);
/* try ~/.file */
- sprintf(path, "%s/.%s", home, file);
- openldap_ldap_init_w_conf(path);
+ sprintf(path, "%s" LDAP_DIRSEP ".%s", home, file);
+ openldap_ldap_init_w_conf(path, 1);
}
if(path != NULL) {
- free(path);
+ LDAP_FREE(path);
}
/* try file */
- openldap_ldap_init_w_conf(file);
+ openldap_ldap_init_w_conf(file, 1);
}
-static void openldap_ldap_init_w_env(const char *prefix)
+static void openldap_ldap_init_w_env(
+ struct ldapoptions *gopts,
+ const char *prefix)
{
char buf[MAX_LDAP_ATTR_LEN+MAX_LDAP_ENV_PREFIX_LEN];
int len;
@@ -223,7 +307,7 @@ static void openldap_ldap_init_w_env(const char *prefix)
char *value;
if (prefix == NULL) {
- prefix = DEFAULT_LDAP_ENV_PREFIX;
+ prefix = LDAP_ENV_PREFIX;
}
strncpy(buf, prefix, MAX_LDAP_ENV_PREFIX_LEN);
@@ -244,15 +328,15 @@ static void openldap_ldap_init_w_env(const char *prefix)
|| (strcasecmp(value, "yes") == 0)
|| (strcasecmp(value, "true") == 0))
{
- LDAP_BOOL_SET(&gopts, attrs[i].offset);
+ LDAP_BOOL_SET(gopts, attrs[i].offset);
} else {
- LDAP_BOOL_CLR(&gopts, attrs[i].offset);
+ LDAP_BOOL_CLR(gopts, attrs[i].offset);
}
break;
case ATTR_INT:
- p = &((char *) &gopts)[attrs[i].offset];
+ p = &((char *) gopts)[attrs[i].offset];
* (int*) p = atoi(value);
break;
@@ -264,7 +348,7 @@ static void openldap_ldap_init_w_env(const char *prefix)
kv++) {
if(strcasecmp(value, kv->key) == 0) {
- p = &((char *) &gopts)[attrs[i].offset];
+ p = &((char *) gopts)[attrs[i].offset];
* (int*) p = kv->value;
break;
}
@@ -272,66 +356,234 @@ static void openldap_ldap_init_w_env(const char *prefix)
} break;
case ATTR_STRING:
- p = &((char *) &gopts)[attrs[i].offset];
- if (* (char**) p != NULL) free(* (char**) p);
+ p = &((char *) gopts)[attrs[i].offset];
+ if (* (char**) p != NULL) LDAP_FREE(* (char**) p);
if (*value == '\0') {
* (char**) p = NULL;
} else {
- * (char**) p = strdup(value);
+ * (char**) p = LDAP_STRDUP(value);
}
break;
+ case ATTR_OPTION:
+ ldap_set_option( NULL, attrs[i].offset, value );
+ break;
+ case ATTR_SASL:
+#ifdef HAVE_CYRUS_SASL
+ ldap_int_sasl_config( gopts, attrs[i].offset, value );
+#endif
+ break;
+ case ATTR_TLS:
+#ifdef HAVE_TLS
+ ldap_int_tls_config( NULL, attrs[i].offset, value );
+#endif
+ break;
}
}
}
-void openldap_ldap_initialize( void )
+#if defined(__GNUC__)
+/* Declare this function as a destructor so that it will automatically be
+ * invoked either at program exit (if libldap is a static library) or
+ * at unload time (if libldap is a dynamic library).
+ *
+ * Sorry, don't know how to handle this for non-GCC environments.
+ */
+static void ldap_int_destroy_global_options(void)
+ __attribute__ ((destructor));
+#endif
+
+static void
+ldap_int_destroy_global_options(void)
{
- if ( openldap_ldap_initialized ) {
+ struct ldapoptions *gopts = LDAP_INT_GLOBAL_OPT();
+
+ if ( gopts == NULL )
return;
+
+ gopts->ldo_valid = LDAP_UNINITIALIZED;
+
+ if ( gopts->ldo_defludp ) {
+ ldap_free_urllist( gopts->ldo_defludp );
+ gopts->ldo_defludp = NULL;
}
+#if defined(HAVE_WINSOCK) || defined(HAVE_WINSOCK2)
+ WSACleanup( );
+#endif
+}
- ldap_int_utils_init();
+/*
+ * Initialize the global options structure with default values.
+ */
+void ldap_int_initialize_global_options( struct ldapoptions *gopts, int *dbglvl )
+{
+ if (dbglvl)
+ gopts->ldo_debug = *dbglvl;
+ else
+ gopts->ldo_debug = 0;
+
+ gopts->ldo_version = LDAP_VERSION2;
+ gopts->ldo_deref = LDAP_DEREF_NEVER;
+ gopts->ldo_timelimit = LDAP_NO_LIMIT;
+ gopts->ldo_sizelimit = LDAP_NO_LIMIT;
+
+ gopts->ldo_tm_api = (struct timeval *)NULL;
+ gopts->ldo_tm_net = (struct timeval *)NULL;
+
+ /* ldo_defludp will be freed by the termination handler
+ */
+ ldap_url_parselist(&gopts->ldo_defludp, "ldap://localhost/");
+ gopts->ldo_defport = LDAP_PORT;
+#if !defined(__GNUC__) && !defined(PIC)
+ /* Do this only for a static library, and only if we can't
+ * arrange for it to be executed as a library destructor
+ */
+ atexit(ldap_int_destroy_global_options);
+#endif
+
+ gopts->ldo_refhoplimit = LDAP_DEFAULT_REFHOPLIMIT;
+ gopts->ldo_rebind_proc = NULL;
+ gopts->ldo_rebind_params = NULL;
+
+ LDAP_BOOL_ZERO(gopts);
+
+ LDAP_BOOL_SET(gopts, LDAP_BOOL_REFERRALS);
+
+#ifdef LDAP_CONNECTIONLESS
+ gopts->ldo_peer = NULL;
+ gopts->ldo_cldapdn = NULL;
+ gopts->ldo_is_udp = 0;
+#endif
+
+#ifdef HAVE_CYRUS_SASL
+ gopts->ldo_def_sasl_mech = NULL;
+ gopts->ldo_def_sasl_realm = NULL;
+ gopts->ldo_def_sasl_authcid = NULL;
+ gopts->ldo_def_sasl_authzid = NULL;
+
+ memset( &gopts->ldo_sasl_secprops,
+ '\0', sizeof(gopts->ldo_sasl_secprops) );
+
+ gopts->ldo_sasl_secprops.max_ssf = INT_MAX;
+ gopts->ldo_sasl_secprops.maxbufsize = SASL_MAX_BUFF_SIZE;
+ gopts->ldo_sasl_secprops.security_flags =
+ SASL_SEC_NOPLAINTEXT | SASL_SEC_NOANONYMOUS;
+#endif
+
+#ifdef HAVE_TLS
+ gopts->ldo_tls_connect_cb = NULL;
+ gopts->ldo_tls_connect_arg = NULL;
+#endif
+
+ gopts->ldo_valid = LDAP_INITIALIZED;
+ return;
+}
- gopts.ldo_version = LDAP_VERSION2;
- gopts.ldo_deref = LDAP_DEREF_NEVER;
- gopts.ldo_timelimit = LDAP_NO_LIMIT;
- gopts.ldo_sizelimit = LDAP_NO_LIMIT;
+#if defined(LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND) \
+ || defined(HAVE_TLS) || defined(HAVE_CYRUS_SASL)
+char * ldap_int_hostname = NULL;
+#endif
- gopts.ldo_debug = 0;
+void ldap_int_initialize( struct ldapoptions *gopts, int *dbglvl )
+{
+ if ( gopts->ldo_valid == LDAP_INITIALIZED ) {
+ return;
+ }
- gopts.ldo_defhost = strdup("localhost");
- gopts.ldo_defport = LDAP_PORT;
+ ldap_int_error_init();
- gopts.ldo_refhoplimit = LDAP_DEFAULT_REFHOPLIMIT;
+ ldap_int_utils_init();
- LDAP_BOOL_ZERO(&gopts);
+#ifdef HAVE_WINSOCK2
+{ WORD wVersionRequested;
+ WSADATA wsaData;
+
+ wVersionRequested = MAKEWORD( 2, 0 );
+ if ( WSAStartup( wVersionRequested, &wsaData ) != 0 ) {
+ /* Tell the user that we couldn't find a usable */
+ /* WinSock DLL. */
+ return;
+ }
+
+ /* Confirm that the WinSock DLL supports 2.0.*/
+ /* Note that if the DLL supports versions greater */
+ /* than 2.0 in addition to 2.0, it will still return */
+ /* 2.0 in wVersion since that is the version we */
+ /* requested. */
+
+ if ( LOBYTE( wsaData.wVersion ) != 2 ||
+ HIBYTE( wsaData.wVersion ) != 0 )
+ {
+ /* Tell the user that we couldn't find a usable */
+ /* WinSock DLL. */
+ WSACleanup( );
+ return;
+ }
+} /* The WinSock DLL is acceptable. Proceed. */
+#elif HAVE_WINSOCK
+{ WSADATA wsaData;
+ if ( WSAStartup( 0x0101, &wsaData ) != 0 ) {
+ return;
+ }
+}
+#endif
+
+#if defined(LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND) \
+ || defined(HAVE_TLS) || defined(HAVE_CYRUS_SASL)
+ ldap_int_hostname = ldap_pvt_get_fqdn( ldap_int_hostname );
+#endif
- LDAP_BOOL_SET(&gopts, LDAP_BOOL_REFERRALS);
+#ifndef HAVE_POLL
+ if ( ldap_int_tblsize == 0 ) ldap_int_ip_init();
+#endif
- openldap_ldap_initialized = 1;
+ ldap_int_initialize_global_options(gopts, NULL);
if( getenv("LDAPNOINIT") != NULL ) {
return;
}
- openldap_ldap_init_w_conf(DEFAULT_LDAP_CONF_FILE);
- openldap_ldap_init_w_userconf(DEFAULT_LDAP_USERRC_FILE);
+#ifdef HAVE_CYRUS_SASL
+ {
+ /* set authentication identity to current user name */
+ char *user = getenv("USER");
+
+ if( user == NULL ) user = getenv("USERNAME");
+ if( user == NULL ) user = getenv("LOGNAME");
+
+ if( user != NULL ) {
+ gopts->ldo_def_sasl_authcid = user;
+ }
+ }
+#endif
+
+ openldap_ldap_init_w_sysconf(LDAP_CONF_FILE);
+ openldap_ldap_init_w_userconf(LDAP_USERRC_FILE);
{
- char *altfile = getenv("LDAPCONF");
+ char *altfile = getenv(LDAP_ENV_PREFIX "CONF");
if( altfile != NULL ) {
- openldap_ldap_init_w_conf( altfile );
+ Debug(LDAP_DEBUG_TRACE, "ldap_init: %s env is %s\n",
+ LDAP_ENV_PREFIX "CONF", altfile, 0);
+ openldap_ldap_init_w_sysconf( altfile );
}
+ else
+ Debug(LDAP_DEBUG_TRACE, "ldap_init: %s env is NULL\n",
+ LDAP_ENV_PREFIX "CONF", 0, 0);
}
{
- char *altfile = getenv("LDAPRC");
+ char *altfile = getenv(LDAP_ENV_PREFIX "RC");
if( altfile != NULL ) {
+ Debug(LDAP_DEBUG_TRACE, "ldap_init: %s env is %s\n",
+ LDAP_ENV_PREFIX "RC", altfile, 0);
openldap_ldap_init_w_userconf( altfile );
}
+ else
+ Debug(LDAP_DEBUG_TRACE, "ldap_init: %s env is NULL\n",
+ LDAP_ENV_PREFIX "RC", 0, 0);
}
- openldap_ldap_init_w_env(NULL);
+ openldap_ldap_init_w_env(gopts, NULL);
}