" -d level set LDAP debugging level to `level'\n"
" -D binddn bind DN\n"
" -e [!]<ctrl>[=<ctrlparam>] general controls (! indicates criticality)\n"
+" [!]authzid=<authzid> (\"dn:<dn>\" or \"u:<user>\")\n"
" [!]manageDSAit (alternate form, see -M)\n"
" [!]noop\n"
" -h host LDAP server\n"
struct berval bvalue = { 0, NULL };
char *pw_file = NULL;
char *control, *cvalue;
+ char *authzid = NULL;
debug = verbose = not = referrals = noop =
manageDSAit = want_bindpw = quiet = 0;
*cvalue++ = '\0';
}
- if ( strcasecmp( control, "manageDSAit" ) == 0 ) {
+ if ( strcasecmp( control, "authzid" ) == 0 ) {
+ if( authzid != NULL ) {
+ fprintf( stderr, "authzid control previously specified");
+ return EXIT_FAILURE;
+ }
+ if( cvalue == NULL ) {
+ fprintf( stderr, "authzid: control value expected" );
+ usage(prog);
+ return EXIT_FAILURE;
+ }
+ if( !crit ) {
+ fprintf( stderr, "authzid: must be marked critical" );
+ usage(prog);
+ return EXIT_FAILURE;
+ }
+
+ assert( authzid == NULL );
+ authzid = control;
+ break;
+
+ } else if ( strcasecmp( control, "manageDSAit" ) == 0 ) {
if( manageDSAit ) {
fprintf( stderr, "manageDSAit control previously specified");
return EXIT_FAILURE;
}
manageDSAit = 1 + crit;
- free( control );
break;
} else if ( strcasecmp( control, "noop" ) == 0 ) {
}
noop = 1 + crit;
- free( control );
break;
} else {
}
}
- if ( manageDSAit || noop ) {
- int err, i = 0;
- LDAPControl c1, c2;
- LDAPControl *ctrls[3];
+ if ( authzid || manageDSAit || noop ) {
+ int err, crit=0, i=0;
+ LDAPControl c[3];
+ LDAPControl *ctrls[4];
+
+ if ( authzid ) {
+ c[i].ldctl_oid = LDAP_CONTROL_PROXY_AUTHZ;
+ c[i].ldctl_value.bv_val = authzid;
+ c[i].ldctl_value.bv_len = strlen( authzid );
+ c[i].ldctl_iscritical = 1;
+
+ if( c[i].ldctl_iscritical ) crit++;
+ ctrls[i] = &c[i];
+ ctrls[++i] = NULL;
+ }
if ( manageDSAit ) {
- ctrls[i++] = &c1;
- ctrls[i] = NULL;
- c1.ldctl_oid = LDAP_CONTROL_MANAGEDSAIT;
- c1.ldctl_value.bv_val = NULL;
- c1.ldctl_value.bv_len = 0;
- c1.ldctl_iscritical = manageDSAit > 1;
+ c[i].ldctl_oid = LDAP_CONTROL_MANAGEDSAIT;
+ c[i].ldctl_value.bv_val = NULL;
+ c[i].ldctl_value.bv_len = 0;
+ c[i].ldctl_iscritical = manageDSAit > 1;
+
+ if( c[i].ldctl_iscritical ) crit++;
+ ctrls[i] = &c[i];
+ ctrls[++i] = NULL;
}
if ( noop ) {
- ctrls[i++] = &c2;
- ctrls[i] = NULL;
-
- c2.ldctl_oid = LDAP_CONTROL_NOOP;
- c2.ldctl_value.bv_val = NULL;
- c2.ldctl_value.bv_len = 0;
- c2.ldctl_iscritical = noop > 1;
+ c[i].ldctl_oid = LDAP_CONTROL_NOOP;
+ c[i].ldctl_value.bv_val = NULL;
+ c[i].ldctl_value.bv_len = 0;
+ c[i].ldctl_iscritical = noop > 1;
+
+ if( c[i].ldctl_iscritical ) crit++;
+ ctrls[i] = &c[i];
+ ctrls[++i] = NULL;
}
err = ldap_set_option( ld, LDAP_OPT_SERVER_CONTROLS, ctrls );
if( err != LDAP_OPT_SUCCESS ) {
fprintf( stderr, "Could not set %scontrols\n",
- (c1.ldctl_iscritical || c2.ldctl_iscritical)
- ? "critical " : "" );
- if ( c1.ldctl_iscritical && c2.ldctl_iscritical ) {
+ crit ? "critical " : "" );
+ if ( crit ) {
return EXIT_FAILURE;
}
}
" -d level set LDAP debugging level to `level'\n"
" -D binddn bind DN\n"
" -e [!]<ctrl>[=<ctrlparam>] general controls (! indicates criticality)\n"
+" [!]authzid=<authzid> (\"dn:<dn>\" or \"u:<user>\")\n"
" [!]manageDSAit (alternate form, see -M)\n"
" [!]noop\n"
" -f file read operations from `file'\n"
int i, rc, authmethod, referrals, want_bindpw, version, debug, manageDSAit, noop, crit;
char *pw_file;
char *control, *cvalue;
+ char *authzid = NULL;
not = verbose = contoper = want_bindpw = debug
= manageDSAit = noop = referrals = 0;
}
manageDSAit = 1 + crit;
- free( control );
break;
} else if ( strcasecmp( control, "noop" ) == 0 ) {
}
noop = 1 + crit;
- free( control );
break;
} else {
}
}
- if ( manageDSAit || noop ) {
- int err, i = 0;
- LDAPControl c1, c2;
- LDAPControl *ctrls[3];
+ if ( authzid || manageDSAit || noop ) {
+ int err, crit=0, i=0;
+ LDAPControl c[3];
+ LDAPControl *ctrls[4];
+
+ if ( authzid ) {
+ c[i].ldctl_oid = LDAP_CONTROL_PROXY_AUTHZ;
+ c[i].ldctl_value.bv_val = authzid;
+ c[i].ldctl_value.bv_len = strlen( authzid );
+ c[i].ldctl_iscritical = 1;
+
+ if( c[i].ldctl_iscritical ) crit++;
+ ctrls[i] = &c[i];
+ ctrls[++i] = NULL;
+ }
if ( manageDSAit ) {
- ctrls[i++] = &c1;
- ctrls[i] = NULL;
- c1.ldctl_oid = LDAP_CONTROL_MANAGEDSAIT;
- c1.ldctl_value.bv_val = NULL;
- c1.ldctl_value.bv_len = 0;
- c1.ldctl_iscritical = manageDSAit > 1;
+ c[i].ldctl_oid = LDAP_CONTROL_MANAGEDSAIT;
+ c[i].ldctl_value.bv_val = NULL;
+ c[i].ldctl_value.bv_len = 0;
+ c[i].ldctl_iscritical = manageDSAit > 1;
+
+ if( c[i].ldctl_iscritical ) crit++;
+ ctrls[i] = &c[i];
+ ctrls[++i] = NULL;
}
if ( noop ) {
- ctrls[i++] = &c2;
- ctrls[i] = NULL;
+ c[i].ldctl_oid = LDAP_CONTROL_NOOP;
+ c[i].ldctl_value.bv_val = NULL;
+ c[i].ldctl_value.bv_len = 0;
+ c[i].ldctl_iscritical = noop > 1;
- c2.ldctl_oid = LDAP_CONTROL_NOOP;
- c2.ldctl_value.bv_val = NULL;
- c2.ldctl_value.bv_len = 0;
- c2.ldctl_iscritical = noop > 1;
+ if( c[i].ldctl_iscritical ) crit++;
+ ctrls[i] = &c[i];
+ ctrls[++i] = NULL;
}
err = ldap_set_option( ld, LDAP_OPT_SERVER_CONTROLS, ctrls );
if( err != LDAP_OPT_SUCCESS ) {
fprintf( stderr, "Could not set %scontrols\n",
- (c1.ldctl_iscritical || c2.ldctl_iscritical)
- ? "critical " : "" );
- if ( c1.ldctl_iscritical && c2.ldctl_iscritical ) {
+ crit ? "critical " : "" );
+ if ( crit ) {
return EXIT_FAILURE;
}
}
" -d level set LDAP debugging level to `level'\n"
" -D binddn bind DN\n"
" -e [!]<ctrl>[=<ctrlparam>] general controls (! indicates criticality)\n"
+" [!]authzid=<authzid> (\"dn:<dn>\" or \"u:<user>\")\n"
" [!]manageDSAit (alternate form, see -M)\n"
" [!]noop\n"
" -f file read operations from `file'\n"
int count, len;
char *pw_file = NULL;
char *control, *cvalue;
+ char *authzid = NULL;
int crit;
prog = lutil_progname( "ldapmodify", argc, argv );
}
manageDSAit = 1 + crit;
- free( control );
break;
} else if ( strcasecmp( control, "noop" ) == 0 ) {
}
noop = 1 + crit;
- free( control );
break;
} else {
rc = 0;
- if ( manageDSAit || noop ) {
- int err, i = 0;
- LDAPControl c1, c2;
- LDAPControl *ctrls[3];
+ if ( authzid || manageDSAit || noop ) {
+ int err, crit=0, i=0;
+ LDAPControl c[3];
+ LDAPControl *ctrls[4];
+
+ if ( authzid ) {
+ c[i].ldctl_oid = LDAP_CONTROL_PROXY_AUTHZ;
+ c[i].ldctl_value.bv_val = authzid;
+ c[i].ldctl_value.bv_len = strlen( authzid );
+ c[i].ldctl_iscritical = 1;
+
+ if( c[i].ldctl_iscritical ) crit++;
+ ctrls[i] = &c[i];
+ ctrls[++i] = NULL;
+ }
if ( manageDSAit ) {
- ctrls[i++] = &c1;
- ctrls[i] = NULL;
- c1.ldctl_oid = LDAP_CONTROL_MANAGEDSAIT;
- c1.ldctl_value.bv_val = NULL;
- c1.ldctl_value.bv_len = 0;
- c1.ldctl_iscritical = manageDSAit > 1;
+ c[i].ldctl_oid = LDAP_CONTROL_MANAGEDSAIT;
+ c[i].ldctl_value.bv_val = NULL;
+ c[i].ldctl_value.bv_len = 0;
+ c[i].ldctl_iscritical = manageDSAit > 1;
+
+ if( c[i].ldctl_iscritical ) crit++;
+ ctrls[i] = &c[i];
+ ctrls[++i] = NULL;
}
if ( noop ) {
- ctrls[i++] = &c2;
- ctrls[i] = NULL;
+ c[i].ldctl_oid = LDAP_CONTROL_NOOP;
+ c[i].ldctl_value.bv_val = NULL;
+ c[i].ldctl_value.bv_len = 0;
+ c[i].ldctl_iscritical = noop > 1;
- c2.ldctl_oid = LDAP_CONTROL_NOOP;
- c2.ldctl_value.bv_val = NULL;
- c2.ldctl_value.bv_len = 0;
- c2.ldctl_iscritical = noop > 1;
+ if( c[i].ldctl_iscritical ) crit++;
+ ctrls[i] = &c[i];
+ ctrls[++i] = NULL;
}
err = ldap_set_option( ld, LDAP_OPT_SERVER_CONTROLS, ctrls );
if( err != LDAP_OPT_SUCCESS ) {
fprintf( stderr, "Could not set %scontrols\n",
- (c1.ldctl_iscritical || c2.ldctl_iscritical)
- ? "critical " : "" );
- if ( c1.ldctl_iscritical && c2.ldctl_iscritical ) {
+ crit ? "critical " : "" );
+ if ( crit ) {
return EXIT_FAILURE;
}
}
" -d level set LDAP debugging level to `level'\n"
" -D binddn bind DN\n"
" -e [!]<ctrl>[=<ctrlparam>] general controls (! indicates criticality)\n"
+" [!]authzid=<authzid> (\"dn:<dn>\" or \"u:<user>\")\n"
" [!]manageDSAit (alternate form, see -M)\n"
" [!]noop\n"
" -f file read operations from `file'\n"
char *newSuperior=NULL;
char *pw_file = NULL;
char *control, *cvalue;
+ char *authzid = NULL;
infile = NULL;
not = contoper = verbose = remove = want_bindpw =
}
manageDSAit = 1 + crit;
- free( control );
break;
} else if ( strcasecmp( control, "noop" ) == 0 ) {
}
noop = 1 + crit;
- free( control );
break;
} else {
}
}
- if ( manageDSAit || noop ) {
- int err, i = 0;
- LDAPControl c1, c2;
- LDAPControl *ctrls[3];
+ if ( authzid || manageDSAit || noop ) {
+ int err, crit=0, i=0;
+ LDAPControl c[3];
+ LDAPControl *ctrls[4];
+
+ if ( authzid ) {
+ c[i].ldctl_oid = LDAP_CONTROL_PROXY_AUTHZ;
+ c[i].ldctl_value.bv_val = authzid;
+ c[i].ldctl_value.bv_len = strlen( authzid );
+ c[i].ldctl_iscritical = 1;
+
+ if( c[i].ldctl_iscritical ) crit++;
+ ctrls[i] = &c[i];
+ ctrls[++i] = NULL;
+ }
if ( manageDSAit ) {
- ctrls[i++] = &c1;
- ctrls[i] = NULL;
- c1.ldctl_oid = LDAP_CONTROL_MANAGEDSAIT;
- c1.ldctl_value.bv_val = NULL;
- c1.ldctl_value.bv_len = 0;
- c1.ldctl_iscritical = manageDSAit > 1;
+ c[i].ldctl_oid = LDAP_CONTROL_MANAGEDSAIT;
+ c[i].ldctl_value.bv_val = NULL;
+ c[i].ldctl_value.bv_len = 0;
+ c[i].ldctl_iscritical = manageDSAit > 1;
+
+ if( c[i].ldctl_iscritical ) crit++;
+ ctrls[i] = &c[i];
+ ctrls[++i] = NULL;
}
if ( noop ) {
- ctrls[i++] = &c2;
- ctrls[i] = NULL;
+ c[i].ldctl_oid = LDAP_CONTROL_NOOP;
+ c[i].ldctl_value.bv_val = NULL;
+ c[i].ldctl_value.bv_len = 0;
+ c[i].ldctl_iscritical = noop > 1;
- c2.ldctl_oid = LDAP_CONTROL_NOOP;
- c2.ldctl_value.bv_val = NULL;
- c2.ldctl_value.bv_len = 0;
- c2.ldctl_iscritical = noop > 1;
+ if( c[i].ldctl_iscritical ) crit++;
+ ctrls[i] = &c[i];
+ ctrls[++i] = NULL;
}
err = ldap_set_option( ld, LDAP_OPT_SERVER_CONTROLS, ctrls );
if( err != LDAP_OPT_SUCCESS ) {
fprintf( stderr, "Could not set %scontrols\n",
- (c1.ldctl_iscritical || c2.ldctl_iscritical)
- ? "critical " : "" );
- if ( c1.ldctl_iscritical && c2.ldctl_iscritical ) {
+ crit ? "critical " : "" );
+ if ( crit ) {
return EXIT_FAILURE;
}
}
" -d level set LDAP debugging level to `level'\n"
" -D binddn bind DN\n"
" -e [!]<ctrl>[=<ctrlparam>] general controls (! indicates criticality)\n"
+" [!]authzid=<authzid> (\"dn:<dn>\" or \"u:<user>\")\n"
" [!]manageDSAit (alternate form, see -M)\n"
" [!]noop\n"
" -f file read operations from `file'\n"
int noop = 0;
int crit;
char *control, *cvalue;
+ char *authzid = NULL;
+
#ifdef HAVE_CYRUS_SASL
unsigned sasl_flags = LDAP_SASL_AUTOMATIC;
char *sasl_realm = NULL;
char *sasl_mech = NULL;
char *sasl_secprops = NULL;
#endif
+
int use_tls = 0;
int referrals = 0;
LDAP *ld = NULL;
}
manageDSAit = 1 + crit;
- free( control );
break;
} else if ( strcasecmp( control, "noop" ) == 0 ) {
}
noop = 1 + crit;
- free( control );
break;
} else {
}
}
- if ( manageDSAit || noop ) {
- int err, i = 0;
- LDAPControl c1, c2;
- LDAPControl *ctrls[3];
+ if ( authzid || manageDSAit || noop ) {
+ int err, crit=0, i=0;
+ LDAPControl c[3];
+ LDAPControl *ctrls[4];
+
+ if ( authzid ) {
+ c[i].ldctl_oid = LDAP_CONTROL_PROXY_AUTHZ;
+ c[i].ldctl_value.bv_val = authzid;
+ c[i].ldctl_value.bv_len = strlen( authzid );
+ c[i].ldctl_iscritical = 1;
+
+ if( c[i].ldctl_iscritical ) crit++;
+ ctrls[i] = &c[i];
+ ctrls[++i] = NULL;
+ }
if ( manageDSAit ) {
- ctrls[i++] = &c1;
- ctrls[i] = NULL;
- c1.ldctl_oid = LDAP_CONTROL_MANAGEDSAIT;
- c1.ldctl_value.bv_val = NULL;
- c1.ldctl_value.bv_len = 0;
- c1.ldctl_iscritical = manageDSAit > 1;
+ c[i].ldctl_oid = LDAP_CONTROL_MANAGEDSAIT;
+ c[i].ldctl_value.bv_val = NULL;
+ c[i].ldctl_value.bv_len = 0;
+ c[i].ldctl_iscritical = manageDSAit > 1;
+
+ if( c[i].ldctl_iscritical ) crit++;
+ ctrls[i] = &c[i];
+ ctrls[++i] = NULL;
}
if ( noop ) {
- ctrls[i++] = &c2;
- ctrls[i] = NULL;
+ c[i].ldctl_oid = LDAP_CONTROL_NOOP;
+ c[i].ldctl_value.bv_val = NULL;
+ c[i].ldctl_value.bv_len = 0;
+ c[i].ldctl_iscritical = noop > 1;
- c2.ldctl_oid = LDAP_CONTROL_NOOP;
- c2.ldctl_value.bv_val = NULL;
- c2.ldctl_value.bv_len = 0;
- c2.ldctl_iscritical = noop > 1;
+ if( c[i].ldctl_iscritical ) crit++;
+ ctrls[i] = &c[i];
+ ctrls[++i] = NULL;
}
err = ldap_set_option( ld, LDAP_OPT_SERVER_CONTROLS, ctrls );
if( err != LDAP_OPT_SUCCESS ) {
fprintf( stderr, "Could not set %scontrols\n",
- (c1.ldctl_iscritical || c2.ldctl_iscritical)
- ? "critical " : "" );
- if ( c1.ldctl_iscritical && c2.ldctl_iscritical ) {
+ crit ? "critical " : "" );
+ if ( crit ) {
return EXIT_FAILURE;
}
}
" [!]mv=<filter> (matched values filter)\n"
#ifdef LDAP_CONTROL_PAGEDRESULTS
" [!]pr=<size> (paged results)\n"
-#endif /* LDAP_CONTROL_PAGEDRESULTS */
+#endif
#ifdef LDAP_CONTROL_SUBENTRIES
" [!]subentries[=true|false] (subentries)\n"
#endif
" -d level set LDAP debugging level to `level'\n"
" -D binddn bind DN\n"
" -e [!]<ctrl>[=<ctrlparam>] general controls (! indicates criticality)\n"
-" [!]manageDSAit (alternate form, see -M)\n"
+" [!]authzid=<authzid> (\"dn:<dn>\" or \"u:<user>\")\n"
+" [!]manageDSAit (alternate form, see -M)\n"
" [!]noop\n"
" -f file read operations from `file'\n"
" -h host LDAP server\n"
struct timeval *timeout,
int sizelimit ));
-#ifdef LDAP_CONTROL_PAGEDRESULTS
-static int parse_page_control(
- LDAP *ld,
- LDAPMessage *result,
- struct berval *cookie );
-#endif /* LDAP_CONTROL_PAGEDRESULTS */
-
static char *tmpdir = NULL;
static char *urlpre = NULL;
static char *prog = NULL;
static int use_tls = 0;
static char *sortattr = NULL;
static int verbose, not, includeufn, vals2tmp, ldif;
+
#ifdef LDAP_CONTROL_PAGEDRESULTS
-static int pageSize = 0;
-static ber_int_t searchControlSize = 0;
+static int pagedResults = 0;
+static ber_int_t pageSize = 0;
static ber_int_t entriesLeft = 0;
static ber_int_t morePagedResults = 1;
static struct berval cookie = { 0, NULL };
static int npagedreferences;
static int npagedextended;
static int npagedpartial;
+
+static int parse_page_control(
+ LDAP *ld,
+ LDAPMessage *result,
+ struct berval *cookie );
#endif /* LDAP_CONTROL_PAGEDRESULTS */
static void
LDAP *ld = NULL;
int subentries, valuesReturnFilter;
BerElement *ber = NULL;
- struct berval *bvalp = NULL;
- char *vrFilter = NULL, *control = NULL, *cvalue;
+ struct berval *sebvalp = NULL, *vrbvalp = NULL;
+ char *vrFilter = NULL;
+ char *control = NULL, *cvalue;
char *pw_file = NULL;
+ char *authzid = NULL;
#ifdef LDAP_CONTROL_PAGEDRESULTS
- BerElement *pageber = NULL;
- struct berval *bvalptr = NULL;
- int num = 0, searchControlCrit = 0;
+ struct berval *prbvalp = NULL;
+ int num = 0;
#endif /* LDAP_CONTROL_PAGEDRESULTS */
#ifdef LDAP_CONTROL_PAGEDRESULTS
} else if ( strcasecmp( control, "pr" ) == 0 ) {
+ int tmp;
/* PagedResults control */
- if ( pageSize != 0 ) {
+ if ( pagedResults != 0 ) {
fprintf( stderr, "PagedResultsControl previously specified" );
return EXIT_FAILURE;
}
- num = sscanf( cvalue, "%d", &pageSize );
+ num = sscanf( cvalue, "%d", &tmp );
if ( num != 1 ) {
fprintf( stderr, "Invalid value for PagedResultsControl, %s.\n", cvalue);
return EXIT_FAILURE;
}
- searchControlSize = (ber_int_t)pageSize;
- searchControlCrit = crit;
+ pageSize = (ber_int_t) tmp;
+ pagedResults = 1 + crit;
break;
#endif /* LDAP_CONTROL_PAGEDRESULTS */
}
manageDSAit = 1 + crit;
- free( control );
break;
} else if ( strcasecmp( control, "noop" ) == 0 ) {
}
noop = 1 + crit;
- free( control );
break;
} else {
#ifdef LDAP_CONTROL_PAGEDRESULTS
getNextPage:
- if ( manageDSAit || noop || valuesReturnFilter || pageSize ) {
- int critical = 0;
-#else /* !LDAP_CONTROL_PAGEDRESULTS */
- if ( manageDSAit || noop || valuesReturnFilter ) {
-#endif /* !LDAP_CONTROL_PAGEDRESULTS */
+ if ( manageDSAit || noop || subentries || valuesReturnFilter || pageSize )
+#else
+ if ( manageDSAit || noop || subentries || valuesReturnFilter )
+#endif
+ {
int err;
int i=0;
- LDAPControl c1,c2,c3,c4,c5;
- LDAPControl *ctrls[6];
+ int crit = 0;
+ LDAPControl c[6];
+ LDAPControl *ctrls[7];
+ if ( authzid ) {
+ c[i].ldctl_oid = LDAP_CONTROL_PROXY_AUTHZ;
+ c[i].ldctl_value.bv_val = authzid;
+ c[i].ldctl_value.bv_len = strlen( authzid );
+ c[i].ldctl_iscritical = 1;
+
+ if( c[i].ldctl_iscritical ) crit++;
+ ctrls[i] = &c[i];
+ ctrls[++i] = NULL;
+ }
+
if ( manageDSAit ) {
- ctrls[i++]=&c1;
- ctrls[i] = NULL;
+ c[i].ldctl_oid = LDAP_CONTROL_MANAGEDSAIT;
+ c[i].ldctl_value.bv_val = NULL;
+ c[i].ldctl_value.bv_len = 0;
+ c[i].ldctl_iscritical = manageDSAit > 1;
- c1.ldctl_oid = LDAP_CONTROL_MANAGEDSAIT;
- c1.ldctl_value.bv_val = NULL;
- c1.ldctl_value.bv_len = 0;
- c1.ldctl_iscritical = manageDSAit > 1;
-#ifdef LDAP_CONTROL_PAGEDRESULTS
- if ( c1.ldctl_iscritical ) critical = 1;
-#endif /* LDAP_CONTROL_PAGEDRESULTS */
+ if( c[i].ldctl_iscritical ) crit++;
+ ctrls[i] = &c[i];
+ ctrls[++i] = NULL;
}
if ( noop ) {
- ctrls[i++] = &c2;
- ctrls[i] = NULL;
+ c[i].ldctl_oid = LDAP_CONTROL_NOOP;
+ c[i].ldctl_value.bv_val = NULL;
+ c[i].ldctl_value.bv_len = 0;
+ c[i].ldctl_iscritical = noop > 1;
- c2.ldctl_oid = LDAP_CONTROL_NOOP;
- c2.ldctl_value.bv_val = NULL;
- c2.ldctl_value.bv_len = 0;
- c2.ldctl_iscritical = noop > 1;
-#ifdef LDAP_CONTROL_PAGEDRESULTS
- if ( c2.ldctl_iscritical ) critical = 1;
-#endif /* LDAP_CONTROL_PAGEDRESULTS */
+ if( c[i].ldctl_iscritical ) crit++;
+ ctrls[i] = &c[i];
+ ctrls[++i] = NULL;
}
#ifdef LDAP_CONTROL_SUBENTRIES
if ( subentries ) {
- ctrls[i++]=&c3;
- ctrls[i] = NULL;
-
- c3.ldctl_oid = LDAP_CONTROL_SUBENTRIES;
- c3.ldctl_iscritical = subentries < 1;
-#ifdef LDAP_CONTROL_PAGEDRESULTS
- if ( c3.ldctl_iscritical ) critical = 1;
-#endif /* LDAP_CONTROL_PAGEDRESULTS */
-
if (( ber = ber_alloc_t(LBER_USE_DER)) == NULL ) {
return EXIT_FAILURE;
}
return EXIT_FAILURE;
}
- if ( ber_flatten( ber, &bvalp ) == LBER_ERROR ) {
+ if ( ber_flatten( ber, &sebvalp ) == LBER_ERROR ) {
return EXIT_FAILURE;
}
- c3.ldctl_value=(*bvalp);
+ c[i].ldctl_oid = LDAP_CONTROL_SUBENTRIES;
+ c[i].ldctl_value=(*sebvalp);
+ c[i].ldctl_iscritical = subentries < 1;
+
+ if( c[i].ldctl_iscritical ) crit++;
+ ctrls[i] = &c[i];
+ ctrls[++i] = NULL;
}
#endif
if ( valuesReturnFilter ) {
- ctrls[i++]=&c4;
- ctrls[i] = NULL;
-
- c4.ldctl_oid = LDAP_CONTROL_VALUESRETURNFILTER;
- c4.ldctl_iscritical = valuesReturnFilter > 1;
-#ifdef LDAP_CONTROL_PAGEDRESULTS
- if ( c4.ldctl_iscritical ) critical = 1;
-#endif /* LDAP_CONTROL_PAGEDRESULTS */
-
if (( ber = ber_alloc_t(LBER_USE_DER)) == NULL ) {
return EXIT_FAILURE;
}
return EXIT_FAILURE;
}
- if ( ber_flatten( ber, &bvalp ) == LBER_ERROR ) {
+ if ( ber_flatten( ber, &vrbvalp ) == LBER_ERROR ) {
return EXIT_FAILURE;
}
- c4.ldctl_value=(*bvalp);
+ ber_free( ber, 1 );
+
+ c[i].ldctl_oid = LDAP_CONTROL_VALUESRETURNFILTER;
+ c[i].ldctl_value=(*vrbvalp);
+ c[i].ldctl_iscritical = valuesReturnFilter > 1;
+
+ if( c[i].ldctl_iscritical ) crit++;
+ ctrls[i] = &c[i];
+ ctrls[++i] = NULL;
}
#ifdef LDAP_CONTROL_PAGEDRESULTS
- if ( pageSize ) {
- if (( pageber = ber_alloc_t(LBER_USE_DER)) == NULL ) {
+ if ( pagedResults ) {
+ if (( ber = ber_alloc_t(LBER_USE_DER)) == NULL ) {
return EXIT_FAILURE;
}
- ber_printf( pageber, "{iO}", searchControlSize, &cookie );
- if ( ber_flatten( pageber, &bvalptr ) == LBER_ERROR) {
+ ber_printf( ber, "{iO}", pageSize, &cookie );
+ if ( ber_flatten( ber, &prbvalp ) == LBER_ERROR ) {
return EXIT_FAILURE;
}
- ctrls[i++]=&c5;
- ctrls[i] = NULL;
+ ber_free( ber, 1 );
- c5.ldctl_oid = LDAP_CONTROL_PAGEDRESULTS;
- c5.ldctl_value = ( *bvalptr );
- c5.ldctl_iscritical = searchControlCrit;
- if ( c5.ldctl_iscritical ) critical = 1;
+ c[i].ldctl_oid = LDAP_CONTROL_PAGEDRESULTS;
+ c[i].ldctl_value=(*prbvalp);
+ c[i].ldctl_iscritical = pagedResults > 1;
+
+ if( c[i].ldctl_iscritical ) crit++;
+ ctrls[i] = &c[i];
+ ctrls[++i] = NULL;
}
#endif /* LDAP_CONTROL_PAGEDRESULTS */
err = ldap_set_option( ld, LDAP_OPT_SERVER_CONTROLS, ctrls );
- ber_bvfree(bvalp);
- ber_free( ber, 1 );
-#ifdef LDAP_CONTROL_PAGEDRESULTS
- ber_free( pageber, 1 );
- ber_bvfree( bvalptr );
-#endif /* LDAP_CONTROL_PAGEDRESULTS */
-
-#ifdef LDAP_CONTROL_PAGEDRESULTS
- if( err != LDAP_OPT_SUCCESS ) {
- if ( critical ) {
- fprintf( stderr, "Could not set controls\n");
- return EXIT_FAILURE;
- } else {
- fprintf( stderr, "Could not set critical controls\n" );
- }
- }
-#else /* !LDAP_CONTROL_PAGEDRESULTS */
if( err != LDAP_OPT_SUCCESS ) {
fprintf( stderr, "Could not set %scontrols\n",
- (c1.ldctl_iscritical || c2.ldctl_iscritical)
- ? "critical " : "" );
- if( c1.ldctl_iscritical && c2.ldctl_iscritical ) {
+ crit ? "critical " : "" );
+ if( crit ) {
return EXIT_FAILURE;
}
}
-#endif /* !LDAP_CONTROL_PAGEDRESULTS */
+
+ ber_bvfree( sebvalp );
+ ber_bvfree( vrbvalp );
+#ifdef LDAP_CONTROL_PAGEDRESULTS
+ ber_bvfree( prbvalp );
+#endif /* LDAP_CONTROL_PAGEDRESULTS */
}
if ( verbose ) {
}
if ( pageSize ) {
printf("\n# with pagedResults %scontrol: size=%d",
- searchControlCrit ? "critical " : "",
- searchControlSize );
+ (pagedResults > 1) ? "critical " : "",
+ pageSize );
}
printf( "\n#\n\n" );
printf( "Estimate entries: %d\n", entriesLeft );
}
printf( "Press [size] Enter for the next {%d|size} entries.\n",
- (int)searchControlSize );
+ (int)pageSize );
i = 0;
moreEntries = getchar();
while ( moreEntries != EOF && moreEntries != '\n' ) {
return EXIT_FAILURE;
}
- searchControlSize = (ber_int_t)tmpSize;
+ pageSize = (ber_int_t)tmpSize;
}
goto getNextPage;
done:
#ifdef LDAP_CONTROL_PAGEDRESULTS
- if ( pageSize == 0 ) {
- if ( ldif < 2 ) {
- printf( "\n# numResponses: %d\n", nresponses );
- if( nentries ) printf( "# numEntries: %d\n", nentries );
- if( nextended ) printf( "# numExtended: %d\n", nextended );
- if( npartial ) printf( "# numPartial: %d\n", npartial );
- if( nreferences ) printf( "# numReferences: %d\n", nreferences );
- }
- } else {
+ if ( pageSize != 0 ) {
npagedresponses = npagedresponses + nresponses;
npagedentries = npagedentries + nentries;
npagedreferences = npagedreferences + nreferences;
if( npartial ) printf( "# numPartial: %d\n", npagedpartial );
if( nreferences ) printf( "# numReferences: %d\n", npagedreferences );
}
- }
-#else /* !LDAP_CONTROL_PAGEDRESULTS */
+ } else
+#endif /* LDAP_CONTROL_PAGEDRESULTS */
if ( ldif < 2 ) {
printf( "\n# numResponses: %d\n", nresponses );
if( nentries ) printf( "# numEntries: %d\n", nentries );
if( npartial ) printf( "# numPartial: %d\n", npartial );
if( nreferences ) printf( "# numReferences: %d\n", nreferences );
}
-#endif /* LDAP_CONTROL_PAGEDRESULTS */
return( rc );
}
-#if 1
+#if 0
/* This is the original version, the old way of doing things. */
static void
print_entry(
}
#else
/* This is the proposed new way of doing things.
- * It is more * efficient, but the API is non-standard.
+ * It is more efficient, but the API is non-standard.
*/
static void
print_entry(
return err;
}
#endif /* LDAP_CONTROL_PAGEDRESULTS */
-
" -d level set LDAP debugging level to `level'\n"
" -D binddn bind DN\n"
" -e [!]<ctrl>[=<ctrlparam>] general controls (! indicates criticality)\n"
+" [!]authzid=<authzid> (\"dn:<dn>\" or \"u:<user>\")\n"
" [!]manageDSAit (alternate form, see -M)\n"
" [!]noop\n"
" -f file read operations from `file'\n"
LDAP *ld = NULL;
int manageDSAit=0;
int noop=0;
+ char *authzid = NULL;
char *control, *cvalue;
int crit;
}
manageDSAit = 1 + crit;
- free( control );
break;
} else if ( strcasecmp( control, "noop" ) == 0 ) {
}
noop = 1 + crit;
- free( control );
break;
} else {
goto skip;
}
- if ( manageDSAit || noop ) {
- int err, i = 0;
- LDAPControl c1, c2;
- LDAPControl *ctrls[3];
+ if ( authzid || manageDSAit || noop ) {
+ int err, crit=0, i=0;
+ LDAPControl c[3];
+ LDAPControl *ctrls[4];
+
+ if ( authzid ) {
+ c[i].ldctl_oid = LDAP_CONTROL_PROXY_AUTHZ;
+ c[i].ldctl_value.bv_val = authzid;
+ c[i].ldctl_value.bv_len = strlen( authzid );
+ c[i].ldctl_iscritical = 1;
+
+ if( c[i].ldctl_iscritical ) crit++;
+ ctrls[i] = &c[i];
+ ctrls[++i] = NULL;
+ }
if ( manageDSAit ) {
- ctrls[i++] = &c1;
- ctrls[i] = NULL;
- c1.ldctl_oid = LDAP_CONTROL_MANAGEDSAIT;
- c1.ldctl_value.bv_val = NULL;
- c1.ldctl_value.bv_len = 0;
- c1.ldctl_iscritical = manageDSAit > 1;
+ c[i].ldctl_oid = LDAP_CONTROL_MANAGEDSAIT;
+ c[i].ldctl_value.bv_val = NULL;
+ c[i].ldctl_value.bv_len = 0;
+ c[i].ldctl_iscritical = manageDSAit > 1;
+
+ if( c[i].ldctl_iscritical ) crit++;
+ ctrls[i] = &c[i];
+ ctrls[++i] = NULL;
}
if ( noop ) {
- ctrls[i++] = &c2;
- ctrls[i] = NULL;
+ c[i].ldctl_oid = LDAP_CONTROL_NOOP;
+ c[i].ldctl_value.bv_val = NULL;
+ c[i].ldctl_value.bv_len = 0;
+ c[i].ldctl_iscritical = noop > 1;
- c2.ldctl_oid = LDAP_CONTROL_NOOP;
- c2.ldctl_value.bv_val = NULL;
- c2.ldctl_value.bv_len = 0;
- c2.ldctl_iscritical = noop > 1;
+ if( c[i].ldctl_iscritical ) crit++;
+ ctrls[i] = &c[i];
+ ctrls[++i] = NULL;
}
err = ldap_set_option( ld, LDAP_OPT_SERVER_CONTROLS, ctrls );
if( err != LDAP_OPT_SUCCESS ) {
fprintf( stderr, "Could not set %scontrols\n",
- (c1.ldctl_iscritical || c2.ldctl_iscritical)
- ? "critical " : "" );
- if ( c1.ldctl_iscritical && c2.ldctl_iscritical ) {
+ crit ? "critical " : "" );
+ if ( crit ) {
return EXIT_FAILURE;
}
}
}
+#if 1
+ rc = ldap_whoami_s( ld, &retdata, NULL, NULL );
+
+#else
rc = ldap_extended_operation( ld,
LDAP_EXOP_X_WHO_AM_I, NULL,
NULL, NULL, &id );
}
rc = ldap_parse_extended_result( ld, res, &retoid, &retdata, 1 );
+#endif
if( rc != LDAP_SUCCESS ) {
ldap_perror( ld, "ldap_parse_result" );
#define LDAP_CHASE_EXTERNAL_REFERRALS 0x0040U
#endif
+#define LDAP_CONTROL_PROXY_AUTHZ "2.16.840.1.113730.3.4.18"
#define LDAP_CONTROL_MANAGEDSAIT "2.16.840.1.113730.3.4.2"
#define LDAP_CONTROL_SUBENTRIES "1.3.6.1.4.1.4203.1.10.1"
#define LDAP_CONTROL_NOOP "1.3.6.1.4.1.4203.1.10.2"
#define LDAP_TAG_EXOP_MODIFY_PASSWD_NEW ((ber_tag_t) 0x82U)
#define LDAP_TAG_EXOP_MODIFY_PASSWD_GEN ((ber_tag_t) 0x80U)
+#define LDAP_EXOP_X_CANCEL "1.3.6.1.4.1.4203.666.6.3"
#define LDAP_EXOP_X_WHO_AM_I "1.3.6.1.4.1.4203.1.11.3"
/* LDAP Features */
ldap_uncache_request LDAP_P(( LDAP *ld, int msgid ));
+/*
+ * LDAP Cancel Extended Operation <draft-zeilenga-ldap-cancel-xx.txt>
+ */
+
+LDAP_F( int )
+ldap_cancel LDAP_P(( LDAP *ld,
+ int cancelid,
+ LDAPControl **sctrls,
+ LDAPControl **cctrls,
+ int *msgidp ));
+
+LDAP_F( int )
+ldap_cancel_s LDAP_P((
+ LDAP *ld,
+ int cancelid,
+ LDAPControl **sctrl,
+ LDAPControl **cctrl ));
+
/*
* in compare.c:
*/
struct berval **contextp,
int *errcodep ));
+/*
+ * LDAP Who Am I? (whoami.c)
+ */
+
+LDAP_F( int )
+ldap_parse_whoami LDAP_P((
+ LDAP *ld,
+ LDAPMessage *res,
+ struct berval **authzid ));
+
+LDAP_F( int )
+ldap_whoami LDAP_P(( LDAP *ld,
+ LDAPControl **sctrls,
+ LDAPControl **cctrls,
+ int *msgidp ));
+
+LDAP_F( int )
+ldap_whoami_s LDAP_P((
+ LDAP *ld,
+ struct berval **authzid,
+ LDAPControl **sctrls,
+ LDAPControl **cctrls ));
LDAP_END_DECL
#endif /* _LDAP_H */
va_list ap;
LDAP_CONST char *fmt_reset;
char *s, **ss;
-#ifdef TMP_SLOTS
- char *last;
- char ***sss;
- ber_tag_t tag;
- struct berval ***bv;
- int j;
-#endif
struct berval **bvp, *bval;
ber_int_t *i;
ber_len_t *l;
# End Source File
# Begin Source File
+SOURCE=.\cancel.c
+# End Source File
+# Begin Source File
+
SOURCE=.\charray.c
# End Source File
# Begin Source File
# End Source File
# Begin Source File
+SOURCE=.\passwd.c
+# End Source File
+# Begin Source File
+
SOURCE=..\..\include\portable.h
# End Source File
# Begin Source File
SOURCE=.\vlvctrl.c
# End Source File
+# Begin Source File
+
+SOURCE=.\whoami.c
+# End Source File
# End Target
# End Project
--- /dev/null
+/* $OpenLDAP$ */
+/*
+ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
+
+#include "portable.h"
+
+#include <stdio.h>
+#include <ac/stdlib.h>
+#include <ac/string.h>
+#include <ac/time.h>
+
+#include "ldap-int.h"
+
+/*
+ * LDAP Password Modify (Extended) Operation <RFC 3???>
+ */
+
+int ldap_parse_passwd(
+ LDAP *ld,
+ LDAPMessage *res,
+ struct berval **newpasswd )
+{
+ int rc;
+ char *retoid = NULL;
+ struct berval *retdata;
+
+ assert( ld != NULL );
+ assert( LDAP_VALID( ld ) );
+ assert( res != NULL );
+ assert( newpasswd != NULL );
+
+ *newpasswd = NULL;
+
+ rc = ldap_parse_extended_result( ld, res, &retoid, &retdata, 0 );
+
+ if( rc != LDAP_SUCCESS ) {
+ return rc;
+ }
+
+ if( retdata != NULL ) {
+ ber_tag_t tag;
+ BerElement *ber = ber_init( retdata );
+
+ if( ber == NULL ) {
+ ld->ld_errno = LDAP_NO_MEMORY;
+ return ld->ld_errno;
+ }
+
+ /* we should check the tag */
+ tag = ber_scanf( ber, "{o}", newpasswd );
+ ber_free( ber, 1 );
+
+ if( tag == -1 ) {
+ rc = ld->ld_errno = LDAP_DECODING_ERROR;
+ }
+ }
+
+ ber_memfree( retoid );
+ return rc;
+}
+
+int
+ldap_passwd( LDAP *ld,
+ struct berval *user,
+ struct berval *oldpw,
+ struct berval *newpw,
+ LDAPControl **sctrls,
+ LDAPControl **cctrls,
+ int *msgidp )
+{
+ int rc;
+ struct berval *bv = NULL;
+
+ assert( ld != NULL );
+ assert( LDAP_VALID( ld ) );
+ assert( msgidp != NULL );
+
+ if( user != NULL || oldpw != NULL || newpw != NULL ) {
+ /* build change password control */
+ BerElement *ber = ber_alloc_t( LBER_USE_DER );
+
+ if( ber == NULL ) {
+ ld->ld_errno = LDAP_NO_MEMORY;
+ return ld->ld_errno;
+ }
+
+ ber_printf( ber, "{" /*}*/ );
+
+ if( user != NULL ) {
+ ber_printf( ber, "ts",
+ LDAP_TAG_EXOP_MODIFY_PASSWD_ID, user );
+ }
+
+ if( oldpw != NULL ) {
+ ber_printf( ber, "ts",
+ LDAP_TAG_EXOP_MODIFY_PASSWD_OLD, oldpw );
+ }
+
+ if( newpw != NULL ) {
+ ber_printf( ber, "ts",
+ LDAP_TAG_EXOP_MODIFY_PASSWD_NEW, newpw );
+ }
+
+ ber_printf( ber, /*{*/ "N}" );
+
+ rc = ber_flatten( ber, &bv );
+
+ ber_free( ber, 1 );
+
+ if( rc < 0 ) {
+ ld->ld_errno = LDAP_ENCODING_ERROR;
+ return ld->ld_errno;
+ }
+
+ }
+
+ rc = ldap_extended_operation( ld, LDAP_EXOP_MODIFY_PASSWD,
+ bv, sctrls, cctrls, msgidp );
+
+ return rc;
+}
+
+int
+ldap_passwd_s(
+ LDAP *ld,
+ struct berval *user,
+ struct berval *oldpw,
+ struct berval *newpw,
+ struct berval **newpasswd,
+ LDAPControl **sctrls,
+ LDAPControl **cctrls )
+{
+ int rc;
+ int msgid;
+ LDAPMessage *res;
+
+ rc = ldap_passwd( ld, user, oldpw, newpw, sctrls, cctrls, &msgid );
+ if ( rc != LDAP_SUCCESS ) {
+ return rc;
+ }
+
+ if ( ldap_result( ld, msgid, 1, (struct timeval *) NULL, &res ) == -1 ) {
+ return ld->ld_errno;
+ }
+
+ rc = ldap_parse_passwd( ld, res, newpasswd );
+ ldap_msgfree( res );
+ return rc;
+}
--- /dev/null
+/* $OpenLDAP$ */
+/*
+ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
+
+#include "portable.h"
+
+#include <stdio.h>
+#include <ac/stdlib.h>
+#include <ac/string.h>
+#include <ac/time.h>
+
+#include "ldap-int.h"
+
+/*
+ * LDAP Who Am I? (Extended) Operation <draft-zeilenga-ldap-authzid-xx.txt>
+ */
+
+int ldap_parse_whoami(
+ LDAP *ld,
+ LDAPMessage *res,
+ struct berval **authzid )
+{
+ int rc;
+ char *retoid = NULL;
+
+ assert( ld != NULL );
+ assert( LDAP_VALID( ld ) );
+ assert( res != NULL );
+ assert( authzid != NULL );
+
+ *authzid = NULL;
+
+ rc = ldap_parse_extended_result( ld, res, &retoid, authzid, 0 );
+
+ if( rc != LDAP_SUCCESS ) {
+ ldap_perror( ld, "ldap_parse_whoami" );
+ return rc;
+ }
+
+ ber_memfree( retoid );
+ return rc;
+}
+
+int
+ldap_whoami( LDAP *ld,
+ LDAPControl **sctrls,
+ LDAPControl **cctrls,
+ int *msgidp )
+{
+ int rc;
+
+ assert( ld != NULL );
+ assert( LDAP_VALID( ld ) );
+ assert( msgidp != NULL );
+
+ rc = ldap_extended_operation( ld, LDAP_EXOP_X_WHO_AM_I,
+ NULL, sctrls, cctrls, msgidp );
+
+ return rc;
+}
+
+int
+ldap_whoami_s(
+ LDAP *ld,
+ struct berval **authzid,
+ LDAPControl **sctrls,
+ LDAPControl **cctrls )
+{
+ int rc;
+ int msgid;
+ LDAPMessage *res;
+
+ rc = ldap_whoami( ld, sctrls, cctrls, &msgid );
+ if ( rc != LDAP_SUCCESS ) return rc;
+
+ if ( ldap_result( ld, msgid, 1, (struct timeval *) NULL, &res ) == -1 ) {
+ return ld->ld_errno;
+ }
+
+ rc = ldap_parse_whoami( ld, res, authzid );
+ ldap_msgfree( res );
+ return rc;
+}
projects / openldap / commitdiff