/* ldapdelete.c - simple program to delete an entry using LDAP */
+#include "portable.h"
+
#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-#include <ctype.h>
+
+#include <ac/stdlib.h>
+#include <ac/ctype.h>
+
+#include <ac/signal.h>
+#include <ac/string.h>
+#include <ac/unistd.h>
+
#include <lber.h>
#include <ldap.h>
-#include "ldapconfig.h"
-
-static char *binddn = LDAPDELETE_BINDDN;
-static char *base = LDAPDELETE_BASE;
+static char *binddn = NULL;
static char *passwd = NULL;
-static char *ldaphost = LDAPHOST;
-static int ldapport = LDAP_PORT;
+static char *base = NULL;
+static char *ldaphost = NULL;
+static int ldapport = 0;
static int not, verbose, contoper;
static LDAP *ld;
-#ifdef LDAP_DEBUG
-extern int ldap_debug, lber_debug;
-#endif /* LDAP_DEBUG */
+static int dodelete LDAP_P((
+ LDAP *ld,
+ char *dn));
-#define safe_realloc( ptr, size ) ( ptr == NULL ? malloc( size ) : \
- realloc( ptr, size ))
-
-
-main( argc, argv )
- int argc;
- char **argv;
+int
+main( int argc, char **argv )
{
- char *usage = "usage: %s [-n] [-v] [-k] [-d debug-level] [-f file] [-h ldaphost] [-p ldapport] [-D binddn] [-w passwd] [dn]...\n";
- char *p, buf[ 4096 ];
+ char *usage = "usage: %s [-n] [-v] [-k] [-W] [-M[M]] [-d debug-level] [-f file] [-h ldaphost] [-P version] [-p ldapport] [-D binddn] [-w passwd] [dn]...\n";
+ char buf[ 4096 ];
FILE *fp;
- int i, rc, kerberos, linenum, authmethod;
-
- extern char *optarg;
- extern int optind;
+ int i, rc, authmethod, want_bindpw, version, debug, manageDSAit;
- kerberos = not = verbose = contoper = 0;
+ not = verbose = contoper = want_bindpw = debug = manageDSAit = 0;
fp = NULL;
+ authmethod = LDAP_AUTH_SIMPLE;
+ version = -1;
- while (( i = getopt( argc, argv, "nvkKch:p:D:w:d:f:" )) != EOF ) {
+ while (( i = getopt( argc, argv, "WMnvkKch:P:p:D:w:d:f:" )) != EOF ) {
switch( i ) {
case 'k': /* kerberos bind */
- kerberos = 2;
+#ifdef HAVE_KERBEROS
+ authmethod = LDAP_AUTH_KRBV4;
+#else
+ fprintf (stderr, "%s was not compiled with Kerberos support\n", argv[0]);
+ fprintf( stderr, usage, argv[0] );
+ return( EXIT_FAILURE );
+#endif
break;
case 'K': /* kerberos bind, part one only */
- kerberos = 1;
+#ifdef HAVE_KERBEROS
+ authmethod = LDAP_AUTH_KRBV41;
+#else
+ fprintf (stderr, "%s was not compiled with Kerberos support\n", argv[0]);
+ fprintf( stderr, usage, argv[0] );
+ return( EXIT_FAILURE );
+#endif
break;
case 'c': /* continuous operation mode */
++contoper;
break;
case 'w': /* password */
passwd = strdup( optarg );
+ {
+ char* p;
+
+ for( p = optarg; *p == '\0'; p++ ) {
+ *p = '*';
+ }
+ }
break;
case 'f': /* read DNs from a file */
if (( fp = fopen( optarg, "r" )) == NULL ) {
}
break;
case 'd':
-#ifdef LDAP_DEBUG
- ldap_debug = lber_debug = atoi( optarg ); /* */
-#else /* LDAP_DEBUG */
- fprintf( stderr, "compile with -DLDAP_DEBUG for debugging\n" );
-#endif /* LDAP_DEBUG */
+ debug |= atoi( optarg );
break;
case 'p':
ldapport = atoi( optarg );
case 'v': /* verbose mode */
verbose++;
break;
+ case 'M':
+ /* enable Manage DSA IT */
+ manageDSAit++;
+ break;
+ case 'W':
+ want_bindpw++;
+ break;
+ case 'P':
+ switch( atoi(optarg) )
+ {
+ case 2:
+ version = LDAP_VERSION2;
+ break;
+ case 3:
+ version = LDAP_VERSION3;
+ break;
+ default:
+ fprintf( stderr, "protocol version should be 2 or 3\n" );
+ fprintf( stderr, usage, argv[0] );
+ return( EXIT_FAILURE );
+ }
+ break;
default:
fprintf( stderr, usage, argv[0] );
- exit( 1 );
+ return( EXIT_FAILURE );
}
}
}
}
- if (( ld = ldap_open( ldaphost, ldapport )) == NULL ) {
- perror( "ldap_open" );
- exit( 1 );
- }
+ if ( debug ) {
+ if( ber_set_option( NULL, LBER_OPT_DEBUG_LEVEL, &debug ) != LBER_OPT_SUCCESS ) {
+ fprintf( stderr, "Could not set LBER_OPT_DEBUG_LEVEL %d\n", debug );
+ }
+ if( ldap_set_option( NULL, LDAP_OPT_DEBUG_LEVEL, &debug ) != LDAP_OPT_SUCCESS ) {
+ fprintf( stderr, "Could not set LDAP_OPT_DEBUG_LEVEL %d\n", debug );
+ }
+ }
- ld->ld_deref = LDAP_DEREF_NEVER; /* prudent, but probably unnecessary */
+#ifdef SIGPIPE
+ (void) SIGNAL( SIGPIPE, SIG_IGN );
+#endif
- if ( !kerberos ) {
- authmethod = LDAP_AUTH_SIMPLE;
- } else if ( kerberos == 1 ) {
- authmethod = LDAP_AUTH_KRBV41;
- } else {
- authmethod = LDAP_AUTH_KRBV4;
+ if (( ld = ldap_init( ldaphost, ldapport )) == NULL ) {
+ perror( "ldap_init" );
+ return( EXIT_FAILURE );
}
+
+ {
+ /* this seems prudent */
+ int deref = LDAP_DEREF_NEVER;
+ ldap_set_option( ld, LDAP_OPT_DEREF, &deref );
+ }
+
+ if (want_bindpw)
+ passwd = getpass("Enter LDAP Password: ");
+
+ if (version != -1 &&
+ ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &version ) != LDAP_OPT_SUCCESS)
+ {
+ fprintf( stderr, "Could not set LDAP_OPT_PROTOCOL_VERSION %d\n", version );
+ }
+
if ( ldap_bind_s( ld, binddn, passwd, authmethod ) != LDAP_SUCCESS ) {
ldap_perror( ld, "ldap_bind" );
- exit( 1 );
+ return( EXIT_FAILURE );
}
+ if ( manageDSAit ) {
+ int err;
+ LDAPControl c;
+ LDAPControl *ctrls[2];
+ ctrls[0] = &c;
+ ctrls[1] = NULL;
+
+ c.ldctl_oid = LDAP_CONTROL_MANAGEDSAIT;
+ c.ldctl_value.bv_val = NULL;
+ c.ldctl_value.bv_len = 0;
+ c.ldctl_iscritical = manageDSAit > 1;
+
+ err = ldap_set_option( ld, LDAP_OPT_SERVER_CONTROLS, &ctrls );
+
+ if( err != LDAP_OPT_SUCCESS ) {
+ fprintf( stderr, "Could not set Manage DSA IT Control\n" );
+ if( c.ldctl_iscritical ) {
+ exit( EXIT_FAILURE );
+ }
+ }
+ }
+
if ( fp == NULL ) {
for ( ; optind < argc; ++optind ) {
rc = dodelete( ld, argv[ optind ] );
ldap_unbind( ld );
- exit( rc );
+ return( rc );
}
-dodelete( ld, dn )
- LDAP *ld;
- char *dn;
+static int dodelete(
+ LDAP *ld,
+ char *dn)
{
int rc;
if ( verbose ) {
- printf( "%sdeleting entry %s\n", not ? "!" : "", dn );
+ printf( "%sdeleting entry \"%s\"\n",
+ (not ? "!" : ""), dn );
}
if ( not ) {
rc = LDAP_SUCCESS;
if (( rc = ldap_delete_s( ld, dn )) != LDAP_SUCCESS ) {
ldap_perror( ld, "ldap_delete" );
} else if ( verbose ) {
- printf( "entry removed\n" );
+ printf( "\tremoved\n" );
}
}
+/*
+ * Copyright 1998-1999 The OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
/* ldapmodify.c - generic program to modify or add entries using LDAP */
+#include "portable.h"
+
#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-#include <ctype.h>
-#include <sys/types.h>
+
+#include <ac/stdlib.h>
+
+#include <ac/ctype.h>
+#include <ac/signal.h>
+#include <ac/string.h>
+#include <ac/unistd.h>
+
#include <sys/stat.h>
+
+#ifdef HAVE_SYS_FILE_H
#include <sys/file.h>
+#endif
+#ifdef HAVE_FCNTL_H
#include <fcntl.h>
-#ifndef VMS
-#include <unistd.h>
-#endif /* VMS */
+#endif
+
#include <lber.h>
#include <ldap.h>
#include <ldif.h>
-#include "ldapconfig.h"
+#include <ldap_defaults.h>
static char *prog;
-static char *binddn = LDAPMODIFY_BINDDN;
+static char *binddn = NULL;
static char *passwd = NULL;
-static char *ldaphost = LDAPHOST;
-static int ldapport = LDAP_PORT;
+static char *ldaphost = NULL;
+static int ldapport = 0;
static int new, replace, not, verbose, contoper, force, valsfromfiles;
static LDAP *ld;
-#ifdef LDAP_DEBUG
-extern int ldap_debug, lber_debug;
-#endif /* LDAP_DEBUG */
-
-#define safe_realloc( ptr, size ) ( ptr == NULL ? malloc( size ) : \
- realloc( ptr, size ))
-
#define LDAPMOD_MAXLINE 4096
/* strings found in replog/LDIF entries (mostly lifted from slurpd/slurp.h) */
#define T_DELETEOLDRDNSTR "deleteoldrdn"
-#ifdef NEEDPROTOS
-static int process_ldapmod_rec( char *rbuf );
-static int process_ldif_rec( char *rbuf );
-static void addmodifyop( LDAPMod ***pmodsp, int modop, char *attr,
- char *value, int vlen );
-static int domodify( char *dn, LDAPMod **pmods, int newentry );
-static int dodelete( char *dn );
-static int domodrdn( char *dn, char *newrdn, int deleteoldrdn );
-static void freepmods( LDAPMod **pmods );
-static int fromfile( char *path, struct berval *bv );
-static char *read_one_record( FILE *fp );
-#else /* NEEDPROTOS */
-static int process_ldapmod_rec();
-static int process_ldif_rec();
-static void addmodifyop();
-static int domodify();
-static int dodelete();
-static int domodrdn();
-static void freepmods();
-static int fromfile();
-static char *read_one_record();
-#endif /* NEEDPROTOS */
-
-
-main( argc, argv )
- int argc;
- char **argv;
+static void usage LDAP_P(( const char *prog ));
+static int process_ldapmod_rec LDAP_P(( char *rbuf ));
+static int process_ldif_rec LDAP_P(( char *rbuf ));
+static void addmodifyop LDAP_P(( LDAPMod ***pmodsp, int modop, char *attr,
+ char *value, int vlen ));
+static int domodify LDAP_P(( char *dn, LDAPMod **pmods, int newentry ));
+static int dodelete LDAP_P(( char *dn ));
+static int domodrdn LDAP_P(( char *dn, char *newrdn, int deleteoldrdn ));
+static int fromfile LDAP_P(( char *path, struct berval *bv ));
+static char *read_one_record LDAP_P(( FILE *fp ));
+
+static void
+usage( const char *prog )
+{
+ fprintf( stderr,
+ "Add or modify entries from an LDAP server\n\n"
+ "usage: %s [-abcknrvFM] [-d debug-level] [-P version] [-h ldaphost]\n"
+ " [-p ldapport] [-D binddn] [-w passwd] [ -f file | < entryfile ]\n"
+ " a - add values (default%s)\n"
+ " b - read values from files (for binary attributes)\n"
+ " c - continuous operation\n"
+ " D - bind DN\n"
+ " M - enable Manage DSA IT control (-MM for critical)\n"
+ " d - debug level\n"
+ " f - read from file\n"
+ " F - force all changes records to be used\n"
+ " h - ldap host\n"
+ " n - print adds, don't actually do them\n"
+ " p - LDAP port\n"
+ " r - replace values\n"
+ " v - verbose mode\n"
+ " w - password\n"
+ , prog, (strcmp( prog, "ldapadd" ) ? " is to replace" : "") );
+ exit( EXIT_FAILURE );
+}
+
+
+int
+main( int argc, char **argv )
{
char *infile, *rbuf, *start, *p, *q;
FILE *fp;
- int rc, i, kerberos, use_ldif, authmethod;
- char *usage = "usage: %s [-abcknrvF] [-d debug-level] [-h ldaphost] [-p ldapport] [-D binddn] [-w passwd] [ -f file | < entryfile ]\n";
-
- extern char *optarg;
- extern int optind;
+ int rc, i, use_ldif, authmethod, version, want_bindpw, debug, manageDSAit;
- if (( prog = strrchr( argv[ 0 ], '/' )) == NULL ) {
+ if (( prog = strrchr( argv[ 0 ], *LDAP_DIRSEP )) == NULL ) {
prog = argv[ 0 ];
} else {
++prog;
}
+
+ /* Print usage when no parameters */
+ if( argc < 2 )
+ usage( prog );
+
new = ( strcmp( prog, "ldapadd" ) == 0 );
infile = NULL;
- kerberos = not = verbose = valsfromfiles = 0;
+ not = verbose = valsfromfiles = want_bindpw = debug = manageDSAit = 0;
+ authmethod = LDAP_AUTH_SIMPLE;
+ version = -1;
- while (( i = getopt( argc, argv, "FabckKnrtvh:p:D:w:d:f:" )) != EOF ) {
+ while (( i = getopt( argc, argv, "WFMabckKnrtvh:p:D:w:d:f:P:" )) != EOF ) {
switch( i ) {
case 'a': /* add */
new = 1;
replace = 1;
break;
case 'k': /* kerberos bind */
- kerberos = 2;
+#ifdef HAVE_KERBEROS
+ authmethod = LDAP_AUTH_KRBV4;
+#else
+ fprintf (stderr, "%s was not compiled with Kerberos support\n", argv[0]);
+ usage( argv[0] );
+ return( EXIT_FAILURE );
+#endif
break;
case 'K': /* kerberos bind, part 1 only */
- kerberos = 1;
+#ifdef HAVE_KERBEROS
+ authmethod = LDAP_AUTH_KRBV41;
+#else
+ fprintf (stderr, "%s was not compiled with Kerberos support\n", argv[0]);
+ usage( argv[0] );
+ return( EXIT_FAILURE );
+#endif
break;
case 'F': /* force all changes records to be used */
force = 1;
break;
case 'w': /* password */
passwd = strdup( optarg );
+ {
+ char* p;
+
+ for( p = optarg; *p == '\0'; p++ ) {
+ *p = '*';
+ }
+ }
break;
case 'd':
-#ifdef LDAP_DEBUG
- ldap_debug = lber_debug = atoi( optarg ); /* */
-#else /* LDAP_DEBUG */
- fprintf( stderr, "%s: compile with -DLDAP_DEBUG for debugging\n",
- prog );
-#endif /* LDAP_DEBUG */
+ debug |= atoi( optarg );
break;
case 'f': /* read from file */
infile = strdup( optarg );
case 'v': /* verbose mode */
verbose++;
break;
+ case 'M':
+ /* enable Manage DSA IT */
+ manageDSAit++;
+ break;
+ case 'W':
+ want_bindpw++;
+ break;
+ case 'P':
+ switch( atoi(optarg) )
+ {
+ case 2:
+ version = LDAP_VERSION2;
+ break;
+ case 3:
+ version = LDAP_VERSION3;
+ break;
+ default:
+ fprintf( stderr, "protocol version should be 2 or 3\n" );
+ usage( argv[0] );
+ }
+ break;
default:
- fprintf( stderr, usage, prog );
- exit( 1 );
+ usage( prog );
}
}
- if ( argc - optind != 0 ) {
- fprintf( stderr, usage, prog );
- exit( 1 );
- }
+ if ( argc != optind )
+ usage( prog );
if ( infile != NULL ) {
if (( fp = fopen( infile, "r" )) == NULL ) {
perror( infile );
- exit( 1 );
+ return( EXIT_FAILURE );
}
} else {
fp = stdin;
}
+ if ( debug ) {
+ if( ber_set_option( NULL, LBER_OPT_DEBUG_LEVEL, &debug ) != LBER_OPT_SUCCESS ) {
+ fprintf( stderr, "Could not set LBER_OPT_DEBUG_LEVEL %d\n", debug );
+ }
+ if( ldap_set_option( NULL, LDAP_OPT_DEBUG_LEVEL, &debug ) != LDAP_OPT_SUCCESS ) {
+ fprintf( stderr, "Could not set LDAP_OPT_DEBUG_LEVEL %d\n", debug );
+ }
+ ldif_debug = debug;
+ }
+
+#ifdef SIGPIPE
+ (void) SIGNAL( SIGPIPE, SIG_IGN );
+#endif
if ( !not ) {
- if (( ld = ldap_open( ldaphost, ldapport )) == NULL ) {
- perror( "ldap_open" );
- exit( 1 );
+ if (( ld = ldap_init( ldaphost, ldapport )) == NULL ) {
+ perror( "ldap_init" );
+ return( EXIT_FAILURE );
}
- ld->ld_deref = LDAP_DEREF_NEVER; /* this seems prudent */
+ /* this seems prudent */
+ {
+ int deref = LDAP_DEREF_NEVER;
+ ldap_set_option( ld, LDAP_OPT_DEREF, &deref);
+ }
- if ( !kerberos ) {
- authmethod = LDAP_AUTH_SIMPLE;
- } else if ( kerberos == 1 ) {
- authmethod = LDAP_AUTH_KRBV41;
- } else {
- authmethod = LDAP_AUTH_KRBV4;
+ if (want_bindpw)
+ passwd = getpass("Enter LDAP Password: ");
+
+ if (version != -1 &&
+ ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &version ) != LDAP_OPT_SUCCESS)
+ {
+ fprintf( stderr, "Could not set LDAP_OPT_PROTOCOL_VERSION %d\n", version );
}
+
if ( ldap_bind_s( ld, binddn, passwd, authmethod ) != LDAP_SUCCESS ) {
ldap_perror( ld, "ldap_bind" );
- exit( 1 );
+ return( EXIT_FAILURE );
}
}
rc = 0;
+ if ( manageDSAit ) {
+ int err;
+ LDAPControl c;
+ LDAPControl *ctrls[2];
+ ctrls[0] = &c;
+ ctrls[1] = NULL;
+
+ c.ldctl_oid = LDAP_CONTROL_MANAGEDSAIT;
+ c.ldctl_value.bv_val = NULL;
+ c.ldctl_value.bv_len = 0;
+ c.ldctl_iscritical = manageDSAit > 1;
+
+ err = ldap_set_option( ld, LDAP_OPT_SERVER_CONTROLS, &ctrls );
+
+ if( err != LDAP_OPT_SUCCESS ) {
+ fprintf( stderr, "Could not set Manage DSA IT Control\n" );
+ if( c.ldctl_iscritical ) {
+ exit( EXIT_FAILURE );
+ }
+ }
+ }
+
while (( rc == 0 || contoper ) &&
( rbuf = read_one_record( fp )) != NULL ) {
/*
if ( !use_ldif && ( q = strchr( rbuf, '\n' )) != NULL ) {
for ( p = rbuf; p < q; ++p ) {
- if ( !isdigit( *p )) {
+ if ( !isdigit( (unsigned char) *p )) {
break;
}
}
rc = process_ldapmod_rec( start );
}
+ if( rc )
+ fprintf( stderr, "%s() = %d\n",
+ use_ldif ? "ldif_rec" : "ldapmod_rec" , rc );
+
free( rbuf );
}
ldap_unbind( ld );
}
- exit( rc );
+ return( rc );
}
pmods = NULL;
dn = newrdn = NULL;
- while ( rc == 0 && ( line = str_getline( &rbuf )) != NULL ) {
+ while ( rc == 0 && ( line = ldif_getline( &rbuf )) != NULL ) {
++linenum;
if ( expect_sep && strcasecmp( line, T_MODSEPSTR ) == 0 ) {
expect_sep = 0;
continue;
}
- if ( str_parse_line( line, &type, &value, &vlen ) < 0 ) {
+ if ( ldif_parse_line( line, &type, &value, &vlen ) < 0 ) {
fprintf( stderr, "%s: invalid format (line %d of entry: %s\n",
prog, linenum, dn == NULL ? "" : dn );
rc = LDAP_PARAM_ERROR;
if ( !use_record && strcasecmp( type, T_REPLICA_STR ) == 0 ) {
++saw_replica;
if (( p = strchr( value, ':' )) == NULL ) {
- replicaport = LDAP_PORT;
+ replicaport = 0;
} else {
*p++ = '\0';
replicaport = atoi( p );
free( newrdn );
}
if ( pmods != NULL ) {
- freepmods( pmods );
+ ldap_mods_free( pmods, 1 );
}
return( rc );
rbuf = NULL;
} else {
if ( *(p-1) == '\\' ) { /* lines ending in '\' are continued */
- strcpy( p - 1, p );
+ SAFEMEMCPY( p - 1, p, strlen( p ) + 1 );
rbuf = p;
continue;
}
value = p;
}
- for ( attr = line; *attr != '\0' && isspace( *attr ); ++attr ) {
+ for ( attr = line;
+ *attr != '\0' && isspace( (unsigned char) *attr ); ++attr ) {
; /* skip attribute leading white space */
}
- for ( q = p - 1; q > attr && isspace( *q ); --q ) {
+ for ( q = p - 1; q > attr && isspace( (unsigned char) *q ); --q ) {
*q = '\0'; /* remove attribute trailing white space */
}
if ( value != NULL ) {
- while ( isspace( *value )) {
+ while ( isspace( (unsigned char) *value )) {
++value; /* skip value leading white space */
}
for ( q = value + strlen( value ) - 1; q > value &&
- isspace( *q ); --q ) {
+ isspace( (unsigned char) *q ); --q ) {
*q = '\0'; /* remove value trailing white space */
}
if ( *value == '\0' ) {
}
if ( pmods != NULL ) {
- freepmods( pmods );
+ ldap_mods_free( pmods, 1 );
}
if ( dn != NULL ) {
free( dn );
}
if ( pmods == NULL || pmods[ i ] == NULL ) {
- if (( pmods = (LDAPMod **)safe_realloc( pmods, (i + 2) *
+ if (( pmods = (LDAPMod **)ber_memrealloc( pmods, (i + 2) *
sizeof( LDAPMod * ))) == NULL ) {
- perror( "safe_realloc" );
+ perror( "realloc" );
exit( 1 );
}
*pmodsp = pmods;
pmods[ i + 1 ] = NULL;
- if (( pmods[ i ] = (LDAPMod *)calloc( 1, sizeof( LDAPMod )))
+ if (( pmods[ i ] = (LDAPMod *)ber_memcalloc( 1, sizeof( LDAPMod )))
== NULL ) {
perror( "calloc" );
exit( 1 );
}
pmods[ i ]->mod_op = modop;
- if (( pmods[ i ]->mod_type = strdup( attr )) == NULL ) {
+ if (( pmods[ i ]->mod_type = ber_strdup( attr )) == NULL ) {
perror( "strdup" );
exit( 1 );
}
}
}
if (( pmods[ i ]->mod_bvalues =
- (struct berval **)safe_realloc( pmods[ i ]->mod_bvalues,
+ (struct berval **)ber_memrealloc( pmods[ i ]->mod_bvalues,
(j + 2) * sizeof( struct berval * ))) == NULL ) {
- perror( "safe_realloc" );
+ perror( "ber_realloc" );
exit( 1 );
}
pmods[ i ]->mod_bvalues[ j + 1 ] = NULL;
- if (( bvp = (struct berval *)malloc( sizeof( struct berval )))
+ if (( bvp = (struct berval *)ber_memalloc( sizeof( struct berval )))
== NULL ) {
- perror( "malloc" );
+ perror( "ber_memalloc" );
exit( 1 );
}
pmods[ i ]->mod_bvalues[ j ] = bvp;
}
} else {
bvp->bv_len = vlen;
- if (( bvp->bv_val = (char *)malloc( vlen + 1 )) == NULL ) {
+ if (( bvp->bv_val = (char *)ber_memalloc( vlen + 1 )) == NULL ) {
perror( "malloc" );
exit( 1 );
}
for ( j = 0; pmods[ i ]->mod_bvalues[ j ] != NULL; ++j ) {
bvp = pmods[ i ]->mod_bvalues[ j ];
notascii = 0;
- for ( k = 0; k < bvp->bv_len; ++k ) {
+ for ( k = 0; (unsigned long) k < bvp->bv_len; ++k ) {
if ( !isascii( bvp->bv_val[ k ] )) {
notascii = 1;
break;
}
-
-static void
-freepmods( LDAPMod **pmods )
-{
- int i;
-
- for ( i = 0; pmods[ i ] != NULL; ++i ) {
- if ( pmods[ i ]->mod_bvalues != NULL ) {
- ber_bvecfree( pmods[ i ]->mod_bvalues );
- }
- if ( pmods[ i ]->mod_type != NULL ) {
- free( pmods[ i ]->mod_type );
- }
- free( pmods[ i ] );
- }
- free( pmods );
-}
-
-
static int
fromfile( char *path, struct berval *bv )
{
bv->bv_len = ftell( fp );
- if (( bv->bv_val = (char *)malloc( bv->bv_len )) == NULL ) {
+ if (( bv->bv_val = (char *)ber_memalloc( bv->bv_len )) == NULL ) {
perror( "malloc" );
fclose( fp );
return( -1 );
if ( fseek( fp, 0L, SEEK_SET ) != 0 ) {
perror( path );
fclose( fp );
+ ber_memfree( bv->bv_val );
+ bv->bv_val = NULL;
return( -1 );
}
eof = feof( fp );
fclose( fp );
- if ( rlen != bv->bv_len ) {
+ if ( (unsigned long) rlen != bv->bv_len ) {
perror( path );
- free( bv->bv_val );
+ ber_memfree( bv->bv_val );
+ bv->bv_val = NULL;
return( -1 );
}
if ( lcur + len + 1 > lmax ) {
lmax = LDAPMOD_MAXLINE
* (( lcur + len + 1 ) / LDAPMOD_MAXLINE + 1 );
- if (( buf = (char *)safe_realloc( buf, lmax )) == NULL ) {
- perror( "safe_realloc" );
+ if (( buf = (char *)realloc( buf, lmax )) == NULL ) {
+ perror( "realloc" );
exit( 1 );
}
}
-/* ldapmodrdn.c - generic program to modify an entry's RDN using LDAP */
+/* ldapmodrdn.c - generic program to modify an entry's RDN using LDAP.
+ *
+ * Support for MODIFYDN REQUEST V3 (newSuperior) by:
+ *
+ * Copyright 1999, Juan C. Gomez, All rights reserved.
+ * This software is not subject to any license of Silicon Graphics
+ * Inc. or Purdue University.
+ *
+ * Redistribution and use in source and binary forms are permitted
+ * without restriction or fee of any kind as long as this notice
+ * is preserved.
+ *
+ */
+
+#include "portable.h"
#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-#include <ctype.h>
+
+#include <ac/stdlib.h>
+
+#include <ac/ctype.h>
+#include <ac/signal.h>
+#include <ac/string.h>
+#include <ac/unistd.h>
+
#include <lber.h>
#include <ldap.h>
-#include "ldapconfig.h"
-
-static char *binddn = LDAPMODRDN_BINDDN;
-static char *base = LDAPMODRDN_BASE;
+static char *binddn = NULL;
static char *passwd = NULL;
-static char *ldaphost = LDAPHOST;
-static int ldapport = LDAP_PORT;
+static char *base = NULL;
+static char *ldaphost = NULL;
+static int ldapport = 0;
static int not, verbose, contoper;
static LDAP *ld;
-#ifdef LDAP_DEBUG
-extern int ldap_debug, lber_debug;
-#endif /* LDAP_DEBUG */
-
-#define safe_realloc( ptr, size ) ( ptr == NULL ? malloc( size ) : \
- realloc( ptr, size ))
+static int domodrdn LDAP_P((
+ LDAP *ld,
+ char *dn,
+ char *rdn,
+ int remove, /* flag: remove old RDN */
+ char *newSuperior));
-
-main( argc, argv )
- int argc;
- char **argv;
+int
+main(int argc, char **argv)
{
- char *usage = "usage: %s [-nvkc] [-d debug-level] [-h ldaphost] [-p ldapport] [-D binddn] [-w passwd] [ -f file | < entryfile | dn newrdn ]\n";
- char *myname,*infile, *p, *entrydn, *rdn, buf[ 4096 ];
+ char *usage = "usage: %s [-nvkWc] [-M[M]] [-d debug-level] [-h ldaphost] [-P version] [-p ldapport] [-D binddn] [-w passwd] [ -f file | < entryfile | dn newrdn ] [-s newSuperior]\n";
+ char *myname,*infile, *entrydn, *rdn, buf[ 4096 ];
FILE *fp;
- int rc, i, kerberos, remove, havedn, authmethod;
- LDAPMod **pmods;
-
- extern char *optarg;
- extern int optind;
+ int rc, i, remove, havedn, authmethod, version, want_bindpw, debug, manageDSAit;
+ char *newSuperior=NULL;
infile = NULL;
- kerberos = not = contoper = verbose = remove = 0;
+ not = contoper = verbose = remove = want_bindpw = debug = manageDSAit = 0;
+ authmethod = LDAP_AUTH_SIMPLE;
+ version = -1;
myname = (myname = strrchr(argv[0], '/')) == NULL ? argv[0] : ++myname;
- while (( i = getopt( argc, argv, "kKcnvrh:p:D:w:d:f:" )) != EOF ) {
+ while (( i = getopt( argc, argv, "WkKMcnvrh:P:p:D:w:d:f:s:" )) != EOF ) {
switch( i ) {
case 'k': /* kerberos bind */
- kerberos = 2;
+#ifdef HAVE_KERBEROS
+ authmethod = LDAP_AUTH_KRBV4;
+#else
+ fprintf (stderr, "%s was not compiled with Kerberos support\n", argv[0]);
+ return( EXIT_FAILURE );
+#endif
break;
case 'K': /* kerberos bind, part one only */
- kerberos = 1;
+#ifdef HAVE_KERBEROS
+ authmethod = LDAP_AUTH_KRBV41;
+#else
+ fprintf (stderr, "%s was not compiled with Kerberos support\n", argv[0]);
+ return( EXIT_FAILURE );
+#endif
break;
case 'c': /* continuous operation mode */
++contoper;
case 'D': /* bind DN */
binddn = strdup( optarg );
break;
+ case 's': /* newSuperior */
+ newSuperior = strdup( optarg );
+ version = LDAP_VERSION3; /* This option => force V3 */
+ break;
case 'w': /* password */
passwd = strdup( optarg );
+ {
+ char* p;
+
+ for( p = optarg; *p == '\0'; p++ ) {
+ *p = '*';
+ }
+ }
break;
case 'd':
-#ifdef LDAP_DEBUG
- ldap_debug = lber_debug = atoi( optarg ); /* */
-#else /* LDAP_DEBUG */
- fprintf( stderr, "compile with -DLDAP_DEBUG for debugging\n" );
-#endif /* LDAP_DEBUG */
+ debug |= atoi( optarg );
break;
case 'f': /* read from file */
infile = strdup( optarg );
case 'r': /* remove old RDN */
remove++;
break;
+ case 'M':
+ /* enable Manage DSA IT */
+ manageDSAit++;
+ break;
+ case 'W':
+ want_bindpw++;
+ break;
+ case 'P':
+ switch( atoi(optarg) )
+ {
+ case 2:
+ version = LDAP_VERSION2;
+ break;
+ case 3:
+ version = LDAP_VERSION3;
+ break;
+ default:
+ fprintf( stderr, "protocol version should be 2 or 3\n" );
+ fprintf( stderr, usage, argv[0] );
+ return( EXIT_FAILURE );
+ }
+ break;
default:
fprintf( stderr, usage, argv[0] );
- exit( 1 );
+ return( EXIT_FAILURE );
}
}
+ if (newSuperior != NULL) {
+ if (version == LDAP_VERSION2) {
+ fprintf( stderr,
+ "%s: version conflict!, -s newSuperior requires LDAPv3\n",
+ myname);
+ fprintf( stderr, usage, argv[0] );
+ return( EXIT_FAILURE );
+ }
+
+ /* promote to LDAPv3 */
+ version = LDAP_VERSION3;
+ }
+
havedn = 0;
if (argc - optind == 2) {
if (( rdn = strdup( argv[argc - 1] )) == NULL ) {
perror( "strdup" );
- exit( 1 );
+ return( EXIT_FAILURE );
}
if (( entrydn = strdup( argv[argc - 2] )) == NULL ) {
perror( "strdup" );
- exit( 1 );
+ return( EXIT_FAILURE );
}
++havedn;
} else if ( argc - optind != 0 ) {
fprintf( stderr, "%s: invalid number of arguments, only two allowed\n", myname);
fprintf( stderr, usage, argv[0] );
- exit( 1 );
+ return( EXIT_FAILURE );
}
if ( infile != NULL ) {
if (( fp = fopen( infile, "r" )) == NULL ) {
perror( infile );
- exit( 1 );
+ return( EXIT_FAILURE );
}
} else {
fp = stdin;
}
- if (( ld = ldap_open( ldaphost, ldapport )) == NULL ) {
- perror( "ldap_open" );
- exit( 1 );
- }
+ if ( debug ) {
+ if( ber_set_option( NULL, LBER_OPT_DEBUG_LEVEL, &debug ) != LBER_OPT_SUCCESS ) {
+ fprintf( stderr, "Could not set LBER_OPT_DEBUG_LEVEL %d\n", debug );
+ }
+ if( ldap_set_option( NULL, LDAP_OPT_DEBUG_LEVEL, &debug ) != LDAP_OPT_SUCCESS ) {
+ fprintf( stderr, "Could not set LDAP_OPT_DEBUG_LEVEL %d\n", debug );
+ }
+ }
- ld->ld_deref = LDAP_DEREF_NEVER; /* this seems prudent */
+#ifdef SIGPIPE
+ (void) SIGNAL( SIGPIPE, SIG_IGN );
+#endif
- if ( !kerberos ) {
- authmethod = LDAP_AUTH_SIMPLE;
- } else if ( kerberos == 1 ) {
- authmethod = LDAP_AUTH_KRBV41;
- } else {
- authmethod = LDAP_AUTH_KRBV4;
+ if (( ld = ldap_init( ldaphost, ldapport )) == NULL ) {
+ perror( "ldap_init" );
+ return( EXIT_FAILURE );
}
+
+ /* this seems prudent */
+ {
+ int deref = LDAP_DEREF_NEVER;
+ ldap_set_option( ld, LDAP_OPT_DEREF, &deref);
+ }
+
+ if (want_bindpw)
+ passwd = getpass("Enter LDAP Password: ");
+
+ if (version != -1 &&
+ ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &version ) != LDAP_OPT_SUCCESS)
+ {
+ fprintf( stderr, "Could not set LDAP_OPT_PROTOCOL_VERSION %d\n", version );
+ }
+
if ( ldap_bind_s( ld, binddn, passwd, authmethod ) != LDAP_SUCCESS ) {
ldap_perror( ld, "ldap_bind" );
- exit( 1 );
+ return( EXIT_FAILURE );
}
+ if ( manageDSAit ) {
+ int err;
+ LDAPControl c;
+ LDAPControl *ctrls[2];
+ ctrls[0] = &c;
+ ctrls[1] = NULL;
+
+ c.ldctl_oid = LDAP_CONTROL_MANAGEDSAIT;
+ c.ldctl_value.bv_val = NULL;
+ c.ldctl_value.bv_len = 0;
+ c.ldctl_iscritical = manageDSAit > 1;
+
+ err = ldap_set_option( ld, LDAP_OPT_SERVER_CONTROLS, &ctrls );
+
+ if( err != LDAP_OPT_SUCCESS ) {
+ fprintf( stderr, "Could not set Manage DSA IT Control\n" );
+ if( c.ldctl_iscritical ) {
+ exit( EXIT_FAILURE );
+ }
+ }
+ }
+
rc = 0;
if (havedn)
- rc = domodrdn(ld, entrydn, rdn, remove);
+ rc = domodrdn(ld, entrydn, rdn, remove, newSuperior);
else while ((rc == 0 || contoper) && fgets(buf, sizeof(buf), fp) != NULL) {
if ( *buf != '\0' ) { /* blank lines optional, skip */
buf[ strlen( buf ) - 1 ] = '\0'; /* remove nl */
if ( havedn ) { /* have DN, get RDN */
if (( rdn = strdup( buf )) == NULL ) {
perror( "strdup" );
- exit( 1 );
+ return( EXIT_FAILURE );
}
- rc = domodrdn(ld, entrydn, rdn, remove);
+ rc = domodrdn(ld, entrydn, rdn, remove, newSuperior);
havedn = 0;
} else if ( !havedn ) { /* don't have DN yet */
if (( entrydn = strdup( buf )) == NULL ) {
perror( "strdup" );
- exit( 1 );
+ return( EXIT_FAILURE );
}
++havedn;
}
ldap_unbind( ld );
- exit( rc );
+ /* UNREACHABLE */
+ return( rc );
}
-domodrdn( ld, dn, rdn, remove )
- LDAP *ld;
- char *dn;
- char *rdn;
- int remove; /* flag: remove old RDN */
+static int domodrdn(
+ LDAP *ld,
+ char *dn,
+ char *rdn,
+ int remove, /* flag: remove old RDN */
+ char *newSuperior)
{
int i;
printf("removing old RDN\n");
else
printf("keeping old RDN\n");
+ if(newSuperior!=NULL)
+ printf("placing node under a new parent = %s\n", newSuperior);
}
if ( !not ) {
- i = ldap_modrdn2_s( ld, dn, rdn, remove );
+ i = ldap_rename2_s( ld, dn, rdn, remove, newSuperior );
if ( i != LDAP_SUCCESS ) {
- ldap_perror( ld, "ldap_modrdn2_s" );
+ ldap_perror( ld, "ldap_rename2_s" );
} else if ( verbose ) {
printf( "modrdn complete\n" );
}
+#include "portable.h"
+
#include <stdio.h>
-#include <string.h>
-#include <ctype.h>
+
+#include <ac/stdlib.h>
+
+#include <ac/ctype.h>
+#include <ac/signal.h>
+#include <ac/string.h>
+#include <ac/unistd.h>
+
#include <lber.h>
#include <ldap.h>
#include <ldif.h>
-#include "ldapconfig.h"
-
#define DEFSEP "="
-#ifdef LDAP_DEBUG
-extern int ldap_debug, lber_debug;
-#endif /* LDAP_DEBUG */
-
-usage( s )
-char *s;
+static void
+usage( char *s )
{
fprintf( stderr, "usage: %s [options] filter [attributes...]\nwhere:\n", s );
fprintf( stderr, " filter\tRFC-1558 compliant LDAP search filter\n" );
fprintf( stderr, " -A\t\tretrieve attribute names only (no values)\n" );
fprintf( stderr, " -B\t\tdo not suppress printing of non-ASCII values\n" );
fprintf( stderr, " -L\t\tprint entries in LDIF format (-B is implied)\n" );
-#ifdef LDAP_REFERRALS
+ fprintf( stderr, " -M\t\tenable Manage DSA IT control (-MM implies critical)\n" );
fprintf( stderr, " -R\t\tdo not automatically follow referrals\n" );
-#endif /* LDAP_REFERRALS */
fprintf( stderr, " -d level\tset LDAP debugging level to `level'\n" );
fprintf( stderr, " -F sep\tprint `sep' instead of `=' between attribute names and values\n" );
fprintf( stderr, " -S attr\tsort the results by attribute `attr'\n" );
fprintf( stderr, " -z size lim\tsize limit (in entries) for search\n" );
fprintf( stderr, " -D binddn\tbind dn\n" );
fprintf( stderr, " -w passwd\tbind passwd (for simple authentication)\n" );
-#ifdef KERBEROS
+ fprintf( stderr, " -W\t\tprompt for bind passwd\n" );
+#ifdef HAVE_KERBEROS
fprintf( stderr, " -k\t\tuse Kerberos instead of Simple Password authentication\n" );
#endif
fprintf( stderr, " -h host\tldap server\n" );
fprintf( stderr, " -p port\tport on ldap server\n" );
- exit( 1 );
+ fprintf( stderr, " -P version\tprocotol version (2 or 3)\n" );
+ exit( EXIT_FAILURE );
}
-static char *binddn = LDAPSEARCH_BINDDN;
+static void print_entry LDAP_P((
+ LDAP *ld,
+ LDAPMessage *entry,
+ int attrsonly));
+
+static int write_ldif_value LDAP_P((
+ char *type,
+ char *value,
+ unsigned long vallen ));
+
+static int dosearch LDAP_P((
+ LDAP *ld,
+ char *base,
+ int scope,
+ char **attrs,
+ int attrsonly,
+ char *filtpatt,
+ char *value));
+
+static char *binddn = NULL;
static char *passwd = NULL;
-static char *base = LDAPSEARCH_BASE;
-static char *ldaphost = LDAPHOST;
-static int ldapport = LDAP_PORT;
+static char *base = NULL;
+static char *ldaphost = NULL;
+static int ldapport = 0;
static char *sep = DEFSEP;
static char *sortattr = NULL;
static int skipsortattr = 0;
static int verbose, not, includeufn, allow_binary, vals2tmp, ldif;
-main( argc, argv )
-int argc;
-char **argv;
+int
+main( int argc, char **argv )
{
char *infile, *filtpattern, **attrs, line[ BUFSIZ ];
FILE *fp;
- int rc, i, first, scope, kerberos, deref, attrsonly;
- int ldap_options, timelimit, sizelimit, authmethod;
+ int rc, i, first, scope, deref, attrsonly, manageDSAit;
+ int referrals, timelimit, sizelimit, debug;
+ int authmethod, version, want_bindpw;
LDAP *ld;
- extern char *optarg;
- extern int optind;
infile = NULL;
- deref = verbose = allow_binary = not = kerberos = vals2tmp =
- attrsonly = ldif = 0;
-#ifdef LDAP_REFERRALS
- ldap_options = LDAP_OPT_REFERRALS;
-#else /* LDAP_REFERRALS */
- ldap_options = 0;
-#endif /* LDAP_REFERRALS */
- sizelimit = timelimit = 0;
- scope = LDAP_SCOPE_SUBTREE;
-
- while (( i = getopt( argc, argv,
-#ifdef KERBEROS
- "KknuvtRABLD:s:f:h:b:d:p:F:a:w:l:z:S:"
-#else
- "nuvtRABLD:s:f:h:b:d:p:F:a:w:l:z:S:"
-#endif
- )) != EOF ) {
+ debug = verbose = allow_binary = not = vals2tmp =
+ attrsonly = manageDSAit = ldif = want_bindpw = 0;
+
+ deref = referrals = sizelimit = timelimit = version = -1;
+
+ scope = LDAP_SCOPE_SUBTREE;
+ authmethod = LDAP_AUTH_SIMPLE;
+
+ while (( i = getopt( argc, argv, "WKknuvtMRABLD:s:f:h:b:d:P:p:F:a:w:l:z:S:")) != EOF ) {
switch( i ) {
case 'n': /* do Not do any searches */
++not;
++verbose;
break;
case 'd':
-#ifdef LDAP_DEBUG
- ldap_debug = lber_debug = atoi( optarg ); /* */
-#else /* LDAP_DEBUG */
- fprintf( stderr, "compile with -DLDAP_DEBUG for debugging\n" );
-#endif /* LDAP_DEBUG */
+ debug |= atoi( optarg );
break;
-#ifdef KERBEROS
case 'k': /* use kerberos bind */
- kerberos = 2;
+#ifdef HAVE_KERBEROS
+ authmethod = LDAP_AUTH_KRBV4;
+#else
+ fprintf (stderr, "%s was not compiled with Kerberos support\n", argv[0]);
+#endif
break;
case 'K': /* use kerberos bind, 1st part only */
- kerberos = 1;
- break;
+#ifdef HAVE_KERBEROS
+ authmethod = LDAP_AUTH_KRBV41;
+#else
+ fprintf (stderr, "%s was not compiled with Kerberos support\n", argv[0]);
#endif
+ break;
case 'u': /* include UFN */
++includeufn;
break;
case 't': /* write attribute values to /tmp files */
++vals2tmp;
break;
+ case 'M':
+ /* enable Manage DSA IT */
+ manageDSAit++;
+ break;
case 'R': /* don't automatically chase referrals */
-#ifdef LDAP_REFERRALS
- ldap_options &= ~LDAP_OPT_REFERRALS;
-#else /* LDAP_REFERRALS */
- fprintf( stderr,
- "compile with -DLDAP_REFERRALS for referral support\n" );
-#endif /* LDAP_REFERRALS */
+ referrals = (int) LDAP_OPT_OFF;
break;
case 'A': /* retrieve attribute names only -- no values */
++attrsonly;
++allow_binary;
break;
case 's': /* search scope */
- if ( strncasecmp( optarg, "base", 4 ) == 0 ) {
+ if ( strcasecmp( optarg, "base" ) == 0 ) {
scope = LDAP_SCOPE_BASE;
- } else if ( strncasecmp( optarg, "one", 3 ) == 0 ) {
+ } else if ( strcasecmp( optarg, "one" ) == 0 ) {
scope = LDAP_SCOPE_ONELEVEL;
- } else if ( strncasecmp( optarg, "sub", 3 ) == 0 ) {
+ } else if ( strcasecmp( optarg, "sub" ) == 0 ) {
scope = LDAP_SCOPE_SUBTREE;
} else {
fprintf( stderr, "scope should be base, one, or sub\n" );
break;
case 'a': /* set alias deref option */
- if ( strncasecmp( optarg, "never", 5 ) == 0 ) {
+ if ( strcasecmp( optarg, "never" ) == 0 ) {
deref = LDAP_DEREF_NEVER;
- } else if ( strncasecmp( optarg, "search", 5 ) == 0 ) {
+ } else if ( strcasecmp( optarg, "search" ) == 0 ) {
deref = LDAP_DEREF_SEARCHING;
- } else if ( strncasecmp( optarg, "find", 4 ) == 0 ) {
+ } else if ( strcasecmp( optarg, "find" ) == 0 ) {
deref = LDAP_DEREF_FINDING;
- } else if ( strncasecmp( optarg, "always", 6 ) == 0 ) {
+ } else if ( strcasecmp( optarg, "always" ) == 0 ) {
deref = LDAP_DEREF_ALWAYS;
} else {
fprintf( stderr, "alias deref should be never, search, find, or always\n" );
break;
case 'w': /* bind password */
passwd = strdup( optarg );
+ {
+ char* p;
+
+ for( p = optarg; *p == '\0'; p++ ) {
+ *p = '*';
+ }
+ }
break;
case 'l': /* time limit */
timelimit = atoi( optarg );
case 'S': /* sort attribute */
sortattr = strdup( optarg );
break;
+ case 'W':
+ want_bindpw++;
+ break;
+ case 'P':
+ switch( atoi( optarg ) )
+ {
+ case 2:
+ version = LDAP_VERSION2;
+ break;
+ case 3:
+ version = LDAP_VERSION3;
+ break;
+ default:
+ fprintf( stderr, "protocol version should be 2 or 3\n" );
+ usage( argv[0] );
+ }
+ break;
default:
usage( argv[0] );
}
fp = stdin;
} else if (( fp = fopen( infile, "r" )) == NULL ) {
perror( infile );
- exit( 1 );
+ return( EXIT_FAILURE );
}
}
+ if ( debug ) {
+ if( ber_set_option( NULL, LBER_OPT_DEBUG_LEVEL, &debug ) != LBER_OPT_SUCCESS ) {
+ fprintf( stderr, "Could not set LBER_OPT_DEBUG_LEVEL %d\n", debug );
+ }
+ if( ldap_set_option( NULL, LDAP_OPT_DEBUG_LEVEL, &debug ) != LDAP_OPT_SUCCESS ) {
+ fprintf( stderr, "Could not set LDAP_OPT_DEBUG_LEVEL %d\n", debug );
+ }
+ ldif_debug = debug;
+ }
+
+#ifdef SIGPIPE
+ (void) SIGNAL( SIGPIPE, SIG_IGN );
+#endif
+
if ( verbose ) {
- printf( "ldap_open( %s, %d )\n", ldaphost, ldapport );
+ fprintf( stderr, "ldap_init( %s, %d )\n",
+ (ldaphost != NULL) ? ldaphost : "<DEFAULT>",
+ ldapport );
}
- if (( ld = ldap_open( ldaphost, ldapport )) == NULL ) {
- perror( ldaphost );
- exit( 1 );
+ if (( ld = ldap_init( ldaphost, ldapport )) == NULL ) {
+ perror( "ldap_init" );
+ return( EXIT_FAILURE );
}
- ld->ld_deref = deref;
- ld->ld_timelimit = timelimit;
- ld->ld_sizelimit = sizelimit;
- ld->ld_options = ldap_options;
+ if (deref != -1 &&
+ ldap_set_option( ld, LDAP_OPT_DEREF, (void *) &deref ) != LDAP_OPT_SUCCESS )
+ {
+ fprintf( stderr, "Could not set LDAP_OPT_DEREF %d\n", deref );
+ }
+ if (timelimit != -1 &&
+ ldap_set_option( ld, LDAP_OPT_TIMELIMIT, (void *) &timelimit ) != LDAP_OPT_SUCCESS )
+ {
+ fprintf( stderr, "Could not set LDAP_OPT_TIMELIMIT %d\n", timelimit );
+ }
+ if (sizelimit != -1 &&
+ ldap_set_option( ld, LDAP_OPT_SIZELIMIT, (void *) &sizelimit ) != LDAP_OPT_SUCCESS )
+ {
+ fprintf( stderr, "Could not set LDAP_OPT_SIZELIMIT %d\n", sizelimit );
+ }
+ if (referrals != -1 &&
+ ldap_set_option( ld, LDAP_OPT_REFERRALS,
+ (referrals ? LDAP_OPT_ON : LDAP_OPT_OFF) ) != LDAP_OPT_SUCCESS )
+ {
+ fprintf( stderr, "Could not set LDAP_OPT_REFERRALS %s\n",
+ referrals ? "on" : "off" );
+ }
+
+ if (version != -1 &&
+ ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &version ) != LDAP_OPT_SUCCESS )
+ {
+ fprintf( stderr, "Could not set LDAP_OPT_PROTOCOL_VERSION %d\n", version );
+ }
+
+ if (want_bindpw)
+ passwd = getpass("Enter LDAP Password: ");
- if ( !kerberos ) {
- authmethod = LDAP_AUTH_SIMPLE;
- } else if ( kerberos == 1 ) {
- authmethod = LDAP_AUTH_KRBV41;
- } else {
- authmethod = LDAP_AUTH_KRBV4;
- }
if ( ldap_bind_s( ld, binddn, passwd, authmethod ) != LDAP_SUCCESS ) {
ldap_perror( ld, "ldap_bind" );
- exit( 1 );
+ return( EXIT_FAILURE );
}
if ( verbose ) {
- printf( "filter pattern: %s\nreturning: ", filtpattern );
+ fprintf( stderr, "filter pattern: %s\nreturning: ", filtpattern );
if ( attrs == NULL ) {
printf( "ALL" );
} else {
for ( i = 0; attrs[ i ] != NULL; ++i ) {
- printf( "%s ", attrs[ i ] );
+ fprintf( stderr, "%s ", attrs[ i ] );
}
}
- putchar( '\n' );
+ fprintf( stderr, "\n" );
}
+ if ( manageDSAit ) {
+ int err;
+ LDAPControl c;
+ LDAPControl *ctrls[2];
+ ctrls[0] = &c;
+ ctrls[1] = NULL;
+
+ c.ldctl_oid = LDAP_CONTROL_MANAGEDSAIT;
+ c.ldctl_value.bv_val = NULL;
+ c.ldctl_value.bv_len = 0;
+ c.ldctl_iscritical = manageDSAit > 1;
+
+ err = ldap_set_option( ld, LDAP_OPT_SERVER_CONTROLS, &ctrls );
+
+ if( err != LDAP_OPT_SUCCESS ) {
+ fprintf( stderr, "Could not set Manage DSA IT Control\n" );
+ if( c.ldctl_iscritical ) {
+ exit( EXIT_FAILURE );
+ }
+ }
+ }
+
if ( infile == NULL ) {
rc = dosearch( ld, base, scope, attrs, attrsonly, filtpattern, "" );
} else {
}
ldap_unbind( ld );
- exit( rc );
+
+
+ return( rc );
}
-dosearch( ld, base, scope, attrs, attrsonly, filtpatt, value )
- LDAP *ld;
- char *base;
- int scope;
- char **attrs;
- int attrsonly;
- char *filtpatt;
- char *value;
+static int dosearch(
+ LDAP *ld,
+ char *base,
+ int scope,
+ char **attrs,
+ int attrsonly,
+ char *filtpatt,
+ char *value)
{
- char filter[ BUFSIZ ], **val;
+ char filter[ BUFSIZ ];
int rc, first, matches;
LDAPMessage *res, *e;
sprintf( filter, filtpatt, value );
if ( verbose ) {
- printf( "filter is: (%s)\n", filter );
+ fprintf( stderr, "filter is: (%s)\n", filter );
}
if ( not ) {
}
if ( ldap_search( ld, base, scope, filter, attrs, attrsonly ) == -1 ) {
- ldap_perror( ld, "ldap_search" );
- return( ld->ld_errno );
+ int ld_errno;
+ ldap_perror( ld, "ldap_search" );
+
+ ldap_get_option(ld, LDAP_OPT_ERROR_NUMBER, &ld_errno);
+ return( ld_errno );
}
matches = 0;
first = 1;
+ res = NULL;
while ( (rc = ldap_result( ld, LDAP_RES_ANY, sortattr ? 1 : 0, NULL, &res ))
== LDAP_RES_SEARCH_ENTRY ) {
matches++;
}
print_entry( ld, e, attrsonly );
ldap_msgfree( res );
+ res = NULL;
}
if ( rc == -1 ) {
ldap_perror( ld, "ldap_result" );
ldap_perror( ld, "ldap_search" );
}
if ( sortattr != NULL ) {
- extern int strcasecmp();
-
(void) ldap_sort_entries( ld, &res,
( *sortattr == '\0' ) ? NULL : sortattr, strcasecmp );
matches = 0;
first = 1;
- for ( e = ldap_first_entry( ld, res ); e != NULLMSG;
+ for ( e = ldap_first_entry( ld, res ); e != NULL;
e = ldap_next_entry( ld, e ) ) {
matches++;
if ( !first ) {
}
-print_entry( ld, entry, attrsonly )
- LDAP *ld;
- LDAPMessage *entry;
- int attrsonly;
+void print_entry(
+ LDAP *ld,
+ LDAPMessage *entry,
+ int attrsonly)
{
char *a, *dn, *ufn, tmpfname[ 64 ];
int i, j, notascii;
- BerElement *ber;
+ BerElement *ber = NULL;
struct berval **bvals;
FILE *tmpfp;
- extern char *mktemp();
dn = ldap_get_dn( ld, entry );
if ( ldif ) {
} else {
printf( "%s\n", ufn );
}
- free( ufn );
+ ldap_memfree( ufn );
}
- free( dn );
+ ldap_memfree( dn );
for ( a = ldap_first_attribute( ld, entry, &ber ); a != NULL;
a = ldap_next_attribute( ld, entry, ber ) ) {
} else {
notascii = 0;
if ( !allow_binary ) {
- for ( j = 0; j < bvals[ i ]->bv_len; ++j ) {
+ for ( j = 0; (unsigned long) j < bvals[ i ]->bv_len; ++j ) {
if ( !isascii( bvals[ i ]->bv_val[ j ] )) {
notascii = 1;
break;
ber_bvecfree( bvals );
}
}
+
+ if( ber != NULL ) {
+ ber_free( ber, 0 );
+ }
}
}
fputs( ldif, stdout );
- free( ldif );
+ ber_memfree( ldif );
return( 0 );
}