From: Pierangelo Masarati Date: Mon, 13 Aug 2007 22:03:51 +0000 (+0000) Subject: finish backporting ppolicy control response to client tools (ITS#5061) X-Git-Tag: OPENLDAP_REL_ENG_2_3_38~5 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1afdd0325bc1dae2d70b61849d16f16e8e527c9c;p=thirdparty%2Fopenldap.git finish backporting ppolicy control response to client tools (ITS#5061) --- diff --git a/CHANGES b/CHANGES index 3f05686724..9975e9e33e 100644 --- a/CHANGES +++ b/CHANGES @@ -15,6 +15,7 @@ OpenLDAP 2.3.38 Engineering Fixed slapd-sql structuralObjectClass issue (ITS#5088) Fixed slapo-syncprov uninit'd vars (ITS#5048,#5049) Fixed libldap ldap_add_result_entry (ITS#5056) + Added client tools support for ppolicy response (ITS#5061) Removed lint Build Environment Fixed macro definition of open() in glibc 2.6 (ITS#5075) diff --git a/clients/tools/common.c b/clients/tools/common.c index 6e47eed512..6642ffdb08 100644 --- a/clients/tools/common.c +++ b/clients/tools/common.c @@ -46,6 +46,8 @@ #include "ldap_defaults.h" #include "ldap_pvt.h" #include "lber_pvt.h" +#include "lutil.h" +#include "ldif.h" #include "common.h" @@ -87,6 +89,7 @@ char *pw_file = NULL; int referrals = 0; int protocol = -1; int verbose = 0; +int ldif = 0; int version = 0; #ifdef LDAP_CONTROL_X_CHAINING_BEHAVIOR @@ -1272,3 +1275,126 @@ tool_check_abandon( LDAP *ld, int msgid ) return 0; } +#ifdef LDAP_CONTROL_PASSWORDPOLICYREQUEST +static int +print_ppolicy( LDAP *ld, LDAPControl *ctrl ) +{ + int expire = 0, grace = 0, rc; + LDAPPasswordPolicyError pperr; + + rc = ldap_parse_passwordpolicy_control( ld, ctrl, + &expire, &grace, &pperr ); + if ( rc == LDAP_SUCCESS ) { + char buf[ BUFSIZ ], *ptr = buf; + + if ( expire != -1 ) { + ptr += snprintf( ptr, sizeof( buf ) - ( ptr - buf ), + "expire=%d", expire ); + } + + if ( grace != -1 ) { + ptr += snprintf( ptr, sizeof( buf ) - ( ptr - buf ), + "%sgrace=%d", ptr == buf ? "" : " ", grace ); + } + + if ( pperr != PP_noError ) { + ptr += snprintf( ptr, sizeof( buf ) - ( ptr - buf ), + "%serror=%d (%s)", ptr == buf ? "" : " ", + pperr, + ldap_passwordpolicy_err2txt( pperr ) ); + } + + tool_write_ldif( ldif ? LDIF_PUT_COMMENT : LDIF_PUT_VALUE, + "ppolicy", buf, ptr - buf ); + } + + return rc; +} +#endif + +void tool_print_ctrls( + LDAP *ld, + LDAPControl **ctrls ) +{ + int i; + char *ptr; + + for ( i = 0; ctrls[i] != NULL; i++ ) { + /* control: OID criticality base64value */ + struct berval b64 = BER_BVNULL; + ber_len_t len; + char *str; + int j; + + len = ldif ? 2 : 0; + len += strlen( ctrls[i]->ldctl_oid ); + + /* add enough for space after OID and the critical value itself */ + len += ctrls[i]->ldctl_iscritical + ? sizeof("true") : sizeof("false"); + + /* convert to base64 */ + if ( ctrls[i]->ldctl_value.bv_len ) { + b64.bv_len = LUTIL_BASE64_ENCODE_LEN( + ctrls[i]->ldctl_value.bv_len ) + 1; + b64.bv_val = ber_memalloc( b64.bv_len + 1 ); + + b64.bv_len = lutil_b64_ntop( + (unsigned char *) ctrls[i]->ldctl_value.bv_val, + ctrls[i]->ldctl_value.bv_len, + b64.bv_val, b64.bv_len ); + } + + if ( b64.bv_len ) { + len += 1 + b64.bv_len; + } + + ptr = str = malloc( len + 1 ); + if ( ldif ) { + ptr = lutil_strcopy( ptr, ": " ); + } + ptr = lutil_strcopy( ptr, ctrls[i]->ldctl_oid ); + ptr = lutil_strcopy( ptr, ctrls[i]->ldctl_iscritical + ? " true" : " false" ); + + if ( b64.bv_len ) { + ptr = lutil_strcopy( ptr, " " ); + ptr = lutil_strcopy( ptr, b64.bv_val ); + } + + if ( ldif < 2 ) { + tool_write_ldif( ldif ? LDIF_PUT_COMMENT : LDIF_PUT_VALUE, + "control", str, len ); + } + + free( str ); + if ( b64.bv_len ) { + ber_memfree( b64.bv_val ); + } + + /* known controls */ + if ( 0 ) { + /* dummy */ ; +#ifdef LDAP_CONTROL_PASSWORDPOLICYREQUEST + } else if ( strcmp( LDAP_CONTROL_PASSWORDPOLICYRESPONSE, ctrls[i]->ldctl_oid ) == 0 ) { + (void)print_ppolicy( ld, ctrls[i] ); +#endif + } + } +} + +int +tool_write_ldif( int type, char *name, char *value, ber_len_t vallen ) +{ + char *ldif; + + if (( ldif = ldif_put( type, name, value, vallen )) == NULL ) { + return( -1 ); + } + + fputs( ldif, stdout ); + ber_memfree( ldif ); + + return( 0 ); +} + diff --git a/clients/tools/common.h b/clients/tools/common.h index 82ab023cae..bc6276d9c6 100644 --- a/clients/tools/common.h +++ b/clients/tools/common.h @@ -61,6 +61,7 @@ extern char *pw_file; extern int referrals; extern int protocol; extern int verbose; +extern int ldif; extern int version; /* Defined in common.c, set in main() */ @@ -89,6 +90,8 @@ void tool_perror LDAP_P(( char *matched, char *info, char **refs )); +void tool_print_ctrls LDAP_P(( LDAP *ld, LDAPControl **ctrls )); +int tool_write_ldif LDAP_P(( int type, char *name, char *value, ber_len_t vallen )); LDAP_END_DECL diff --git a/clients/tools/ldapmodify.c b/clients/tools/ldapmodify.c index 15eacdf060..fb4cdd4e07 100644 --- a/clients/tools/ldapmodify.c +++ b/clients/tools/ldapmodify.c @@ -1165,9 +1165,51 @@ static int process_response( } if ( ldap_msgtype( res ) != LDAP_RES_INTERMEDIATE ) { - rc = ldap_result2error( ld, res, 1 ); - if( rc != LDAP_SUCCESS ) ldap_perror( ld, opstr ); - return rc; + int code; + char *matcheddn = NULL, *text = NULL, **refs = NULL; + LDAPControl **ctrls = NULL; + rc = ldap_parse_result( ld, res, &code, &matcheddn, &text, &refs, &ctrls, 1 ); + + if ( rc != LDAP_SUCCESS ) { + fprintf( stderr, "%s: ldap_parse_result: %s (%d)\n", + prog, ldap_err2string( rc ), rc ); + return rc; + } + + if ( code != LDAP_SUCCESS ) { + tool_perror( prog, code, NULL, matcheddn, text, refs ); + } else if ( verbose && + ((matcheddn && *matcheddn) || (text && *text) || (refs && *refs) )) + { + printf( _("Delete Result: %s (%d)\n"), + ldap_err2string( code ), code ); + + if ( text && *text ) { + printf( _("Additional info: %s\n"), text ); + } + + if ( matcheddn && *matcheddn ) { + printf( _("Matched DN: %s\n"), matcheddn ); + } + + if ( refs ) { + int i; + for( i=0; refs[i]; i++ ) { + printf(_("Referral: %s\n"), refs[i] ); + } + } + } + + if (ctrls) { + tool_print_ctrls( ld, ctrls ); + ldap_controls_free( ctrls ); + } + + ber_memfree( text ); + ber_memfree( matcheddn ); + ber_memvfree( (void **) refs ); + + return code; } #ifdef LDAP_GROUP_TRANSACTION diff --git a/clients/tools/ldapsearch.c b/clients/tools/ldapsearch.c index c56c82956f..7d4382a8a6 100644 --- a/clients/tools/ldapsearch.c +++ b/clients/tools/ldapsearch.c @@ -163,12 +163,6 @@ static int print_result( static void print_ctrls( LDAPControl **ctrls ); -static int write_ldif LDAP_P(( - int type, - char *name, - char *value, - ber_len_t vallen )); - static int dosearch LDAP_P(( LDAP *ld, char *base, @@ -186,7 +180,7 @@ static char *tmpdir = NULL; static char *urlpre = NULL; static char *base = NULL; static char *sortattr = NULL; -static int includeufn, vals2tmp = 0, ldif = 0; +static int includeufn, vals2tmp = 0; static int subentries = 0, valuesReturnFilter = 0; static char *vrFilter = NULL; @@ -1183,9 +1177,9 @@ print_entry( if ( ldif < 2 ) { ufn = ldap_dn2ufn( bv.bv_val ); - write_ldif( LDIF_PUT_COMMENT, NULL, ufn, ufn ? strlen( ufn ) : 0 ); + tool_write_ldif( LDIF_PUT_COMMENT, NULL, ufn, ufn ? strlen( ufn ) : 0 ); } - write_ldif( LDIF_PUT_VALUE, "dn", bv.bv_val, bv.bv_len ); + tool_write_ldif( LDIF_PUT_VALUE, "dn", bv.bv_val, bv.bv_len ); rc = ldap_get_entry_controls( ld, entry, &ctrls ); if( rc != LDAP_SUCCESS ) { @@ -1203,7 +1197,7 @@ print_entry( if( ufn == NULL ) { ufn = ldap_dn2ufn( bv.bv_val ); } - write_ldif( LDIF_PUT_VALUE, "ufn", ufn, ufn ? strlen( ufn ) : 0 ); + tool_write_ldif( LDIF_PUT_VALUE, "ufn", ufn, ufn ? strlen( ufn ) : 0 ); } if( ufn != NULL ) ldap_memfree( ufn ); @@ -1217,7 +1211,7 @@ print_entry( if (bv.bv_val == NULL) break; if ( attrsonly ) { - write_ldif( LDIF_PUT_NOVALUE, bv.bv_val, NULL, 0 ); + tool_write_ldif( LDIF_PUT_NOVALUE, bv.bv_val, NULL, 0 ); } else if ( bvals ) { for ( i = 0; bvals[i].bv_val != NULL; i++ ) { @@ -1257,10 +1251,10 @@ print_entry( &tmpfname[strlen(tmpdir) + sizeof(LDAP_DIRSEP) - 1] ); urlize( url ); - write_ldif( LDIF_PUT_URL, bv.bv_val, url, strlen( url )); + tool_write_ldif( LDIF_PUT_URL, bv.bv_val, url, strlen( url )); } else { - write_ldif( LDIF_PUT_VALUE, bv.bv_val, + tool_write_ldif( LDIF_PUT_VALUE, bv.bv_val, bvals[ i ].bv_val, bvals[ i ].bv_len ); } } @@ -1295,7 +1289,7 @@ static void print_reference( if( refs ) { int i; for( i=0; refs[i] != NULL; i++ ) { - write_ldif( ldif ? LDIF_PUT_COMMENT : LDIF_PUT_VALUE, + tool_write_ldif( ldif ? LDIF_PUT_COMMENT : LDIF_PUT_VALUE, "ref", refs[i], strlen(refs[i]) ); } ber_memvfree( (void **) refs ); @@ -1328,14 +1322,14 @@ static void print_extended( } if ( ldif < 2 ) { - write_ldif( ldif ? LDIF_PUT_COMMENT : LDIF_PUT_VALUE, + tool_write_ldif( ldif ? LDIF_PUT_COMMENT : LDIF_PUT_VALUE, "extended", retoid, retoid ? strlen(retoid) : 0 ); } ber_memfree( retoid ); if(retdata) { if ( ldif < 2 ) { - write_ldif( ldif ? LDIF_PUT_COMMENT : LDIF_PUT_BINARY, + tool_write_ldif( ldif ? LDIF_PUT_COMMENT : LDIF_PUT_BINARY, "data", retdata->bv_val, retdata->bv_len ); } ber_bvfree( retdata ); @@ -1366,7 +1360,7 @@ static void print_partial( } if ( ldif < 2 ) { - write_ldif( ldif ? LDIF_PUT_COMMENT : LDIF_PUT_VALUE, + tool_write_ldif( ldif ? LDIF_PUT_COMMENT : LDIF_PUT_VALUE, "partial", retoid, retoid ? strlen(retoid) : 0 ); } @@ -1374,7 +1368,7 @@ static void print_partial( if( retdata ) { if ( ldif < 2 ) { - write_ldif( ldif ? LDIF_PUT_COMMENT : LDIF_PUT_BINARY, + tool_write_ldif( ldif ? LDIF_PUT_COMMENT : LDIF_PUT_BINARY, "data", retdata->bv_val, retdata->bv_len ); } @@ -1426,7 +1420,7 @@ static int print_result( if( matcheddn ) { if( *matcheddn ) { if( !ldif ) { - write_ldif( LDIF_PUT_VALUE, + tool_write_ldif( LDIF_PUT_VALUE, "matchedDN", matcheddn, strlen(matcheddn) ); } else { fprintf( stderr, _("Matched DN: %s\n"), matcheddn ); @@ -1439,7 +1433,7 @@ static int print_result( if( text ) { if( *text ) { if( !ldif ) { - write_ldif( LDIF_PUT_TEXT, "text", + tool_write_ldif( LDIF_PUT_TEXT, "text", text, strlen(text) ); } else { fprintf( stderr, _("Additional information: %s\n"), text ); @@ -1453,7 +1447,7 @@ static int print_result( int i; for( i=0; refs[i] != NULL; i++ ) { if( !ldif ) { - write_ldif( LDIF_PUT_VALUE, "ref", refs[i], strlen(refs[i]) ); + tool_write_ldif( LDIF_PUT_VALUE, "ref", refs[i], strlen(refs[i]) ); } else { fprintf( stderr, _("Referral: %s\n"), refs[i] ); } @@ -1521,7 +1515,7 @@ static void print_ctrls( } if ( ldif < 2 ) { - write_ldif( ldif ? LDIF_PUT_COMMENT : LDIF_PUT_VALUE, + tool_write_ldif( ldif ? LDIF_PUT_COMMENT : LDIF_PUT_VALUE, "control", str, len ); } @@ -1530,22 +1524,6 @@ static void print_ctrls( } } -static int -write_ldif( int type, char *name, char *value, ber_len_t vallen ) -{ - char *ldif; - - if (( ldif = ldif_put( type, name, value, vallen )) == NULL ) { - return( -1 ); - } - - fputs( ldif, stdout ); - ber_memfree( ldif ); - - return( 0 ); -} - - #ifdef LDAP_CONTROL_PAGEDRESULTS static int parse_page_control(