From cd5c29cdc445d815b0a247b6e4a8ab57f99e99c3 Mon Sep 17 00:00:00 2001 From: Kurt Zeilenga Date: Sun, 12 Dec 1999 05:05:20 +0000 Subject: [PATCH] Add checks to ensure arguments are consistent (v2 vs v3). --- clients/tools/ldapdelete.c | 24 ++++++++++++++++++++---- clients/tools/ldapmodify.c | 22 +++++++++++++++++++--- clients/tools/ldapmodrdn.c | 22 +++++++++++++++++++--- clients/tools/ldapsearch.c | 16 ++++++++++++++++ 4 files changed, 74 insertions(+), 10 deletions(-) diff --git a/clients/tools/ldapdelete.c b/clients/tools/ldapdelete.c index 6351df28c8..bfb02bc13d 100644 --- a/clients/tools/ldapdelete.c +++ b/clients/tools/ldapdelete.c @@ -135,6 +135,22 @@ main( int argc, char **argv ) } } + if( authmethod != LDAP_AUTH_SIMPLE ) { + if( version == LDAP_VERSION3 ) { + fprintf(stderr, "Kerberos requires LDAPv2\n"); + return EXIT_FAILURE; + } + version = LDAP_VERSION2; + } + + if( manageDSAit ) { + if( version == LDAP_VERSION2 ) { + fprintf(stderr, "manage DSA control requires LDAPv3\n"); + return EXIT_FAILURE; + } + version = LDAP_VERSION3; + } + if ( fp == NULL ) { if ( optind >= argc ) { fp = stdin; @@ -168,15 +184,15 @@ main( int argc, char **argv ) /* don't chase referrals */ ldap_set_option( ld, LDAP_OPT_REFERRALS, LDAP_OPT_OFF ); - if (want_bindpw) - passwd = getpass("Enter LDAP Password: "); - if (version != -1 && ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &version ) != LDAP_OPT_SUCCESS) { fprintf( stderr, "Could not set LDAP_OPT_PROTOCOL_VERSION %d\n", version ); } + if (want_bindpw) + passwd = getpass("Enter LDAP Password: "); + if ( ldap_bind_s( ld, binddn, passwd, authmethod ) != LDAP_SUCCESS ) { ldap_perror( ld, "ldap_bind" ); return( EXIT_FAILURE ); @@ -268,7 +284,7 @@ static int deletechildren( LDAP *ld, /* * Do a one level search at dn for children. For each, delete its children. */ - if ( ldap_search_s( ld, dn, LDAP_SCOPE_ONELEVEL, "objectclass=*", NULL, 0, &res ) == -1 ) + if ( ldap_search_s( ld, dn, LDAP_SCOPE_ONELEVEL, "(objectclass=*)", NULL, 0, &res ) == -1 ) { ldap_perror( ld, "ldap_search" ); ldap_get_option( ld, LDAP_OPT_ERROR_NUMBER, &rc ); diff --git a/clients/tools/ldapmodify.c b/clients/tools/ldapmodify.c index 043d3bbc3d..55c3b6f0b9 100644 --- a/clients/tools/ldapmodify.c +++ b/clients/tools/ldapmodify.c @@ -218,6 +218,22 @@ main( int argc, char **argv ) if ( argc != optind ) usage( prog ); + if( authmethod != LDAP_AUTH_SIMPLE ) { + if( version == LDAP_VERSION3 ) { + fprintf(stderr, "Kerberos requires LDAPv2\n"); + return EXIT_FAILURE; + } + version = LDAP_VERSION2; + } + + if( manageDSAit ) { + if( version == LDAP_VERSION2 ) { + fprintf(stderr, "manage DSA control requires LDAPv3\n"); + return EXIT_FAILURE; + } + version = LDAP_VERSION3; + } + if ( infile != NULL ) { if (( fp = fopen( infile, "r" )) == NULL ) { perror( infile ); @@ -255,15 +271,15 @@ main( int argc, char **argv ) /* don't chase referrals */ ldap_set_option( ld, LDAP_OPT_REFERRALS, LDAP_OPT_OFF ); - if (want_bindpw) - passwd = getpass("Enter LDAP Password: "); - if (version != -1 && ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &version ) != LDAP_OPT_SUCCESS) { fprintf( stderr, "Could not set LDAP_OPT_PROTOCOL_VERSION to %d\n", version ); } + if (want_bindpw) + passwd = getpass("Enter LDAP Password: "); + if ( ldap_bind_s( ld, binddn, passwd, authmethod ) != LDAP_SUCCESS ) { ldap_perror( ld, "ldap_bind" ); return( EXIT_FAILURE ); diff --git a/clients/tools/ldapmodrdn.c b/clients/tools/ldapmodrdn.c index 0070011adf..efaa002d43 100644 --- a/clients/tools/ldapmodrdn.c +++ b/clients/tools/ldapmodrdn.c @@ -148,6 +148,22 @@ main(int argc, char **argv) } } + if( authmethod != LDAP_AUTH_SIMPLE ) { + if( version == LDAP_VERSION3 ) { + fprintf(stderr, "Kerberos requires LDAPv2\n"); + return EXIT_FAILURE; + } + version = LDAP_VERSION2; + } + + if( manageDSAit ) { + if( version == LDAP_VERSION2 ) { + fprintf(stderr, "manage DSA control requires LDAPv3\n"); + return EXIT_FAILURE; + } + version = LDAP_VERSION3; + } + if (newSuperior != NULL) { if (version == LDAP_VERSION2) { fprintf( stderr, @@ -214,15 +230,15 @@ main(int argc, char **argv) ldap_set_option( ld, LDAP_OPT_REFERRALS, LDAP_OPT_OFF ); - if (want_bindpw) - passwd = getpass("Enter LDAP Password: "); - if (version != -1 && ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &version ) != LDAP_OPT_SUCCESS) { fprintf( stderr, "Could not set LDAP_OPT_PROTOCOL_VERSION %d\n", version ); } + if (want_bindpw) + passwd = getpass("Enter LDAP Password: "); + if ( ldap_bind_s( ld, binddn, passwd, authmethod ) != LDAP_SUCCESS ) { ldap_perror( ld, "ldap_bind" ); return( EXIT_FAILURE ); diff --git a/clients/tools/ldapsearch.c b/clients/tools/ldapsearch.c index 6a66a80ad1..a56e667fcf 100644 --- a/clients/tools/ldapsearch.c +++ b/clients/tools/ldapsearch.c @@ -273,6 +273,22 @@ main( int argc, char **argv ) } } + if( authmethod != LDAP_AUTH_SIMPLE ) { + if( version == LDAP_VERSION3 ) { + fprintf(stderr, "Kerberos requires LDAPv2\n"); + return EXIT_FAILURE; + } + version = LDAP_VERSION2; + } + + if( manageDSAit ) { + if( version == LDAP_VERSION2 ) { + fprintf(stderr, "manage DSA control requires LDAPv3\n"); + return EXIT_FAILURE; + } + version = LDAP_VERSION3; + } + if ( argc - optind < 1 ) { usage( argv[ 0 ] ); } -- 2.39.5