mozilla
/
pjs
зеркало из https://github.com/mozilla/pjs.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Bug 364812 merging Sun and Mozilla ldap tools

This commit is contained in:
anton.bobrov%sun.com 2007-01-10 15:54:50 +00:00
Родитель 8380b486b8
Коммит 3ce7fe1694
9 изменённых файлов: 168 добавлений и 202 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

22
directory/c-sdk/ldap/clients/tools/Options.txt
Просмотреть файл

@ -55,42 +55,42 @@ The "avail" lists included options that are available for use.
common.c (supported by all of the tools):
raw: gnvEMRHZ02:3d:D:f:h:I:j:K:N:O:o:P:p:Q:W:w:V:X:m:i:k:y:Y:J:
sorted: 023 DEHIJKMNOPQRVWXYZ dfghijkmnopvwy
raw: gnvEMRHZ02:3d:D:f:h:I:j:K:N:O:o:P:p:Q:W:w:V:m:i:k:y:Y:J:
sorted: 023 DEHIJKMNOPQRVWYZ dfghijkmnopvwy
avail: [4-9] (not used by any of the tools)
ldapcmp.c:
raw: Bb:l:s:z:
sorted: B blsz
all: 023 BDEHIJKMNOPQRVWXYZ bdfghijklmnopsvwyz
all: 023 BDEHIJKMNOPQRVWYZ bdfghijklmnopsvwyz
avail: 1 [4-9] ACFGLSTU aceqrtux
ldapcompare.c:
raw: cq
sorted: cq
all: 023 DEHIJKMNOPQRVWXYZ cdfghijkmnopqvwy
all: 023 DEHIJKMNOPQRVWYZ cdfghijkmnopqvwy
avail: 1 [4-9] ABCFGLSTU abelrstuxz
ldapdelete.c (deprecated)
raw: c
sorted: c
all: 023 DEHIJKMNOPQRVWXYZ cdfghijkmnopvwy
all: 023 DEHIJKMNOPQRVWYZ cdfghijkmnopvwy
avail: 1 [4-9] ABCFGLSTU abelqrstuxz
ldapmodify.c
raw: aAbcFe:B:q
sorted: ABF abceq
all: 023 ABDEFHIJKMNOPQRVWXYZ abcdefghijkmnopqvwy
all: 023 ABDEFHIJKMNOPQRVWYZ abcdefghijkmnopqvwy
avail: 1 [4-9] CGLSTU lrstuxz
ldapmodrdn.c (deprecated)
raw: cr
sorted: cr
all: 023 DEHIJKMNOPQRVWXYZ cdfghijklmnoprvwy
all: 023 DEHIJKMNOPQRVWYZ cdfghijklmnoprvwy
avail: 1 [4-9] ABCFGLSTU abelqstuxz
ldapsearch.c
raw: ABLTU1eortuxa:b:F:G:l:S:s:z:C:
sorted: 1 ABCFGLSTU abeorstuxz
all: 0123 ABCDEFGHIJKLMNOPQRSTUVWXYZ abdefghijklmnoprstuvwxyz
avail: [4-9] cq
raw: ABLTU1eortuxa:b:F:G:l:S:s:z:C:c:X:
sorted: 1 ABCFGLSTUX abceorstuxz
all: 0123 ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnoprstuvwxyz
avail: [4-9] q

216
directory/c-sdk/ldap/clients/tools/common.c
Просмотреть файл

@ -78,13 +78,6 @@ static void ldaptool_debug_free( void *ptr );
#if defined(NET_SSL) && defined(LDAP_TOOL_PKCS11)
static void ldaptool_setcallbacks( struct ldapssl_pkcs_fns *pfns);
static char * buildTokenCertName( const char *tokenName, const char *certName);
#ifdef FORTEZZA
static int ldaptool_fortezza_init( int exit_on_error );
static int ldaptool_fortezza_alert( void *arg, PRBool onOpen,
char *string, int value1, void *value2 );
static void * ldaptool_fortezza_getpin( char **passwordp );
static char * ldaptool_fortezza_err2string( int err );
#endif /* FORTEZZA */
#endif
#ifdef HAVE_SASL_OPTIONS
static int saslSetParam(char *saslarg);
@ -132,14 +125,12 @@ ldaptool_common_usage( int two_hosts )
fprintf( stderr, " -m pathname\tpath to security module database\n");
#endif /* LDAP_TOOL_PKCS11 */
fprintf( stderr, " -W\t\tSSL key password\n" );
fprintf( stderr, " -3\t\tcheck hostnames in SSL certificates\n" );
fprintf( stderr, " -W - \tprompt for SSL key password\n" );
#ifdef LDAP_TOOL_PKCS11
fprintf( stderr, " -I file\tSSL key password 'file' containing token:password pair/s\n" );
fprintf( stderr, " -Q [token][:certificate name]\tPKCS 11\n" );
fprintf( stderr, " -X pathname\tFORTEZZA compromised key list (CKL)\n" );
fprintf( stderr, " -I pin\tcard password file\n" );
#endif /* LDAP_TOOL_PKCS11 */
fprintf( stderr, " -3\t\tcheck hostnames in SSL certificates\n" );
#endif /* NET_SSL */
fprintf( stderr, " -D binddn\tbind dn\n" );
fprintf( stderr, " -w passwd\tbind passwd (for simple authentication)\n" );
@ -154,11 +145,8 @@ ldaptool_common_usage( int two_hosts )
fprintf( stderr, " -O limit\tmaximum number of referral hops to traverse (default: %d)\n", LDAPTOOL_DEFREFHOPLIMIT );
fprintf( stderr, " -M\t\tmanage references (treat them as regular entries)\n" );
fprintf( stderr, " -0\t\tignore LDAP library version mismatches\n" );
#ifndef NO_LIBLCACHE
fprintf( stderr, " -C cfgfile\tuse local database described by cfgfile\n" );
#endif
fprintf( stderr, " -i charset\tcharacter set for command line input (default taken from locale)\n" );
fprintf( stderr, " \t\tuse '-i 0' to override locale settings and bypass any conversions\n" );
fprintf( stderr, " -k do not convert password to utf8 (use default from locale)\n" );
#if 0
/*
@ -211,6 +199,7 @@ static int ldversion = -1; /* use default */
static int refhoplim = LDAPTOOL_DEFREFHOPLIMIT;
static int send_manage_dsait_ctrl = 0;
static int prompt_password = 0;
static int prompt_sslpassword = 0;
static FILE *password_fp = NULL;
static char *proxyauth_id = NULL;
static int proxyauth_version = 2; /* use newer proxy control */
@ -225,9 +214,6 @@ static char *sasl_secprops = NULL;
static int ldapauth = -1;
#endif /* HAVE_SASL_OPTIONS */
#ifndef NO_LIBLCACHE
static char *cache_config_file = NULL;
#endif /* !NO_LIBLCACHE */
#if defined(NET_SSL)
static int secure = 0;
static int isZ = 0;
@ -258,12 +244,6 @@ static char *pkcs_pin = NULL;
static struct ldapssl_pkcs_fns local_pkcs_fns =
{0,NULL,NULL,NULL,NULL,NULL,NULL,NULL, NULL };
#ifdef FORTEZZA
static uint32 fortezza_cardmask = 0;
static char *fortezza_personality = NULL;
static char *fortezza_krlfile = NULL;
static char *fortezza_pin = NULL;
#endif /* FORTEZZA */
#endif /* LDAP_TOOL_PKCS11 */
#endif /* NET_SSL */
@ -387,26 +367,29 @@ ldaptool_process_args( int argc, char **argv, char *extra_opts,
#ifdef HAVE_SASL_OPTIONS
#ifdef HAVE_SASL_OPTIONS_2
common_opts = "kgnvEMRHZ02:3d:D:f:h:j:I:K:N:O:P:p:W:w:V:X:m:i:y:Y:J:";
common_opts = "kgnvEMRHZ02:3d:D:f:h:j:I:K:N:O:P:p:W:w:V:m:i:y:Y:J:";
#else
common_opts = "kgnvEMRHZ03d:D:f:h:j:I:K:N:O:o:P:p:W:w:V:X:m:i:y:Y:J:";
common_opts = "kgnvEMRHZ03d:D:f:h:j:I:K:N:O:o:P:p:W:w:V:m:i:y:Y:J:";
#endif
#else
common_opts = "kgnvEMRHZ03d:D:f:h:j:I:K:N:O:P:p:Q:W:w:V:X:m:i:k:y:Y:J:";
common_opts = "kgnvEMRHZ03d:D:f:h:j:I:K:N:O:P:p:Q:W:w:V:m:i:k:y:Y:J:";
#endif /* HAVE_SASL_OPTIONS */
/* note: optstring must include room for liblcache "C:" option */
if (( optstring = (char *) malloc( strlen( extra_opts ) + strlen( common_opts )
+ 3 )) == NULL ) {
+ 1 )) == NULL ) {
perror( "malloc" );
exit( LDAP_NO_MEMORY );
}
#ifdef NO_LIBLCACHE
sprintf( optstring, "%s%s", common_opts, extra_opts );
#else
sprintf( optstring, "%s%sC:", common_opts, extra_opts );
#endif
if ( argc == 2 ) {
if ( ((strncmp( argv[1], "/?", strlen("/?") + 1 )) == 0 ) ||
((strncmp( argv[1], "-help", strlen("-help") + 1 )) == 0 ) ||
((strncmp( argv[1], "--help", strlen("--help") + 1 )) == 0 ) ) {
return( -1 );
}
}
hostnum = 0;
while ( (i = getopt( argc, argv, optstring )) != EOF ) {
@ -432,11 +415,6 @@ ldaptool_process_args( int argc, char **argv, char *extra_opts,
case 'R': /* don't automatically chase referrals */
chase_referrals = 0;
break;
#ifndef NO_LIBLCACHE
case 'C': /* search local database */
cache_config_file = strdup( optarg );
break;
#endif
case 'f': /* input file */
if ( optarg[0] == '-' && optarg[1] == '\0' ) {
ldaptool_fp = stdin;
@ -526,11 +504,15 @@ ldaptool_process_args( int argc, char **argv, char *extra_opts,
}
break;
case 'W': /* SSL key password */
ssl_passwd = strdup( optarg );
if (NULL == ssl_passwd)
{
perror("malloc");
exit( LDAP_NO_MEMORY );
if ( optarg[0] == '-' && optarg[1] == '\0' ) {
prompt_sslpassword = 1;
} else {
ssl_passwd = strdup( optarg );
if (NULL == ssl_passwd)
{
perror("malloc");
exit( LDAP_NO_MEMORY );
}
}
isW = 1;
break;
@ -549,7 +531,7 @@ ldaptool_process_args( int argc, char **argv, char *extra_opts,
}
break;
case 'Q': /* FORTEZZA [card][:personality] */
case 'Q': /* [token][:certificate name] */
pkcs_token = strdup(optarg);
if (NULL == pkcs_token)
{
@ -558,13 +540,8 @@ ldaptool_process_args( int argc, char **argv, char *extra_opts,
}
break;
case 'X': /* path to FORTEZZA CKL file */
/*
fortezza_krlfile = strdup( optarg );
*/
break;
case 'I': /* FORTEZZA PIN (password file) */
case 'I': /* PIN (password file) */
ssl_donglefile = strdup( optarg );
break;
@ -686,10 +663,10 @@ ldaptool_process_args( int argc, char **argv, char *extra_opts,
}
}
/* if '-N' is specified, -W is needed too */
if ( isN && NULL == ssl_passwd ) {
fprintf( stderr, "%s: with the -N option, please specify -W also\n\n", ldaptool_progname );
return (-1);
/* if '-N' is specified, -W or -I is needed too */
if ( isN && NULL == ssl_passwd && 0 == prompt_sslpassword && NULL == ssl_donglefile ) {
fprintf( stderr, "%s: with the -N option, please specify -W or -I also\n\n", ldaptool_progname );
return (-1);
}
if ( isj && isw ) {
@ -1044,25 +1021,6 @@ ldaptool_ldap_init( int second_host )
exit( LDAP_LOCAL_ERROR );
}
#ifndef NO_LIBLCACHE
if ( cache_config_file != NULL ) {
int opt;
if ( lcache_init( ld, cache_config_file ) != 0 ) {
exit( ldaptool_print_lderror( ld, cache_config_file,
LDAPTOOL_CHECK4SSL_NEVER ));
}
opt = 1;
(void) ldap_set_option( ld, LDAP_OPT_CACHE_ENABLE, &opt );
opt = LDAP_CACHE_LOCALDB;
(void) ldap_set_option( ld, LDAP_OPT_CACHE_STRATEGY, &opt );
if ( ldversion == -1 ) { /* not set with -V */
ldversion = LDAP_VERSION2; /* local db only supports v2 */
}
}
#endif
ldap_set_option( ld, LDAP_OPT_REFERRALS, chase_referrals ? LDAP_OPT_ON:
LDAP_OPT_OFF );
if ( chase_referrals ) {
@ -1810,6 +1768,26 @@ ldaptool_create_proxyauth_control( LDAP *ld )
return( ctl );
}
/* Effective Rights control */
LDAPControl *
ldaptool_create_geteffectiveRights_control ( LDAP *ld, const char *authzid,
const char **attrlist)
{
LDAPControl *ctl = NULL;
int rc;
rc = ldap_create_geteffectiveRights_control( ld, authzid, attrlist, 1,
&ctl);
if ( rc != LDAP_SUCCESS)
{
if (ctl)
ldap_control_free( ctl);
return NULL;
}
return( ctl );
}
void
ldaptool_add_control_to_array( LDAPControl *ctrl, LDAPControl **array)
{
@ -2368,96 +2346,6 @@ ldaptool_setcallbacks( struct ldapssl_pkcs_fns *pfns)
pfns->local_structure_id=PKCS_STRUCTURE_ID;
}
#ifdef FORTEZZA
static int
ldaptool_fortezza_init( int exit_on_error )
{
int rc, errcode;
if ( fortezza_personality == NULL && fortezza_cardmask == 0 ) { /* no FORTEZZA desired */
SSL_EnableGroup( SSL_GroupFortezza, DSFalse ); /* disable FORTEZZA */
return( 0 );
}
if (( rc = FortezzaConfigureServer( ldaptool_fortezza_getpin, fortezza_cardmask,
fortezza_personality, ldaptool_fortezza_alert, NULL, &errcode,
fortezza_krlfile )) < 0 ) {
fprintf( stderr,
"%s: FORTEZZA initialization failed (error %d - %s)\n",
ldaptool_progname, errcode,
ldaptool_fortezza_err2string( errcode ));
if ( exit_on_error ) {
exit( LDAP_LOCAL_ERROR );
}
SSL_EnableGroup( SSL_GroupFortezza, DSFalse ); /* disable FORTEZZA */
return( -1 );
}
SSL_EnableGroup( SSL_GroupFortezza, DSTrue ); /* enable FORTEZZA */
return( 0 );
}
static int
ldaptool_fortezza_alert( void *arg, PRBool onOpen, char *string,
int value1, void *value2 )
{
fprintf( stderr, "%s: FORTEZZA alert: ", ldaptool_progname );
fprintf( stderr, string, value1, value2 );
fprintf( stderr, "\n" );
return( 1 );
}
static void *
ldaptool_fortezza_getpin( char **passwordp )
{
*passwordp = fortezza_pin;
return( *passwordp );
}
/*
* convert a Fortezza error code (as returned by FortezzaConfigureServer()
* into a human-readable string.
*
* Error strings are intentionally similar to those found in
* ns/netsite/lib/libadmin/httpcon.c
*/
static char *
ldaptool_fortezza_err2string( int err )
{
char *s;
switch( err ) {
case FORTEZZA_BADPASSWD:
s = "invalid pin number";
break;
case FORTEZZA_BADCARD:
s = "bad or missing card";
break;
case FORTEZZA_MISSING_KRL:
s = "bad or missing compromised key list";
break;
case FORTEZZA_CERT_INIT_ERROR:
s = "unable to initialize certificate cache. either a cert on "
"the card is bad, or an old FORTEZZA certificate is in a"
"readonly database";
break;
case FORTEZZA_EXPIRED_CERT:
s = "unable to verify certificate";
break;
default:
s = "unknown error";
}
return( s );
}
#endif /* FORTEZZA */
#endif /* LDAP_TOOL_PKCS11 */
#endif /* NET_SSL */

4
directory/c-sdk/ldap/clients/tools/convutf8.cpp
Просмотреть файл

@ -118,6 +118,10 @@ ldaptool_local2UTF8( const char *src, const char *desc )
} else if ( *src == '\0' ) { /* trivial case # 2 */
utf8 = strdup( "" );
} else {
/* check for bypass option */
if ( NULL != ldaptool_charset && 0 == strcmp(ldaptool_charset, "0") ) {
return strdup( src );
}
/* Determine the source charset if not already done */
if ( NULL == src_charset ) {
if ( NULL != ldaptool_charset

12
directory/c-sdk/ldap/clients/tools/fileurl.c
Просмотреть файл

@ -247,10 +247,10 @@ ldaptool_berval_from_ldif_value( const char *value, int vlen,
}
if (strlen(url) < 6 || strncasecmp(url, "file:/", 6) != 0) {
/*
* We only support file:/ URLs for now.
*/
url = NULL;
/*
* We only support file:// like URLs for now.
*/
url = NULL;
}
}
@ -261,7 +261,7 @@ ldaptool_berval_from_ldif_value( const char *value, int vlen,
switch( rc ) {
case LDAPTOOL_FILEURL_NOTAFILEURL:
if ( reporterrs ) fprintf( stderr, "%s: unsupported URL \"%s\";"
" use a file:/ URL instead.\n", ldaptool_progname, url );
" use a file:// URL instead.\n", ldaptool_progname, url );
break;
case LDAPTOOL_FILEURL_MISSINGPATH:
@ -273,7 +273,7 @@ ldaptool_berval_from_ldif_value( const char *value, int vlen,
case LDAPTOOL_FILEURL_NONLOCAL:
if ( reporterrs ) fprintf( stderr,
"%s: unable to process URL \"%s\" -- only"
" local file:/ URLs are supported.\n",
" local file:// URLs are supported.\n",
ldaptool_progname, url );
break;

2
directory/c-sdk/ldap/clients/tools/ldapcmp.c
Просмотреть файл

@ -69,6 +69,8 @@ usage( void )
fprintf( stderr, "\t\tthen the -b flag is not required)\n" );
fprintf( stderr, "options:\n" );
fprintf( stderr, " -s scope\tone of base, one, or sub (default is sub)\n" );
fprintf( stderr, " -l timelim\ttime limit (in seconds) for search (default is no limit)\n" );
fprintf( stderr, " -z sizelim\tsize limit (in entries) for search (default is no limit)\n" );
ldaptool_common_usage( 1 );
exit( LDAP_PARAM_ERROR );
}

4
directory/c-sdk/ldap/clients/tools/ldapcompare.c
Просмотреть файл

@ -85,6 +85,10 @@ main( int argc, char **argv )
#endif
optind = ldaptool_process_args( argc, argv, "cq", 0, options_callback );
if ( optind == -1 ) {
usage ( LDAP_PARAM_ERROR );
}
if ( ldaptool_fp == NULL && optind >= argc ) {
ldaptool_fp = stdin;

4
directory/c-sdk/ldap/clients/tools/ldapmodrdn.c
Просмотреть файл

@ -60,9 +60,7 @@ usage( void )
}
main( argc, argv )
int argc;
char **argv;
int main( int argc, char **argv )
{
char *entrydn, *rdn, buf[ 4096 ];
int rc, havedn, deref, optind;

97
directory/c-sdk/ldap/clients/tools/ldapsearch.c
Просмотреть файл

@ -56,6 +56,7 @@ static void parse_and_display_reference( LDAP *ld, LDAPMessage *ref );
static char *sortresult2string(ber_int_t result);
static char *changetype_num2string( ber_int_t chgtype );
static char *msgtype2str( int msgtype );
static char **get_effectiverights_attrlist(char * optarg);
/*
* Prefix used in names of pseudo attributes added to the entry LDIF
@ -94,13 +95,13 @@ usage( void )
fprintf( stderr, " -B\t\tprint non-ASCII values and use old output format (attr=value)\n" );
fprintf( stderr, " -x\t\tperforming sorting on server\n" );
fprintf( stderr, " -F sep\tprint `sep' instead of `%s' between attribute names\n", LDAPTOOL_DEFSEP );
fprintf( stderr, " \tand values\n" );
fprintf( stderr, " \tand values in old output format (attr=value)\n" );
fprintf( stderr, " -S attr\tsort the results by attribute `attr'\n" );
fprintf( stderr, " -s scope\tone of base, one, or sub (default is sub)\n" );
fprintf( stderr, " -a deref\tone of never, always, search, or find (default: never)\n" );
fprintf( stderr, " \t(alias dereferencing)\n" );
fprintf( stderr, " -l time lim\ttime limit (in seconds) for search\n" );
fprintf( stderr, " -z size lim\tsize limit (in entries) for search\n" );
fprintf( stderr, " -l time lim\ttime limit (in seconds) for search (default is no limit)\n" );
fprintf( stderr, " -z size lim\tsize limit (in entries) for search (default is no limit)\n" );
fprintf( stderr, " -C PS:changetype[:changesonly[:entrychgcontrols]]\n" );
fprintf( stderr, "\t\tchangetypes are add,delete,modify,moddn,any\n" );
fprintf( stderr, "\t\tchangesonly and entrychgcontrols are boolean values\n" );
@ -108,6 +109,13 @@ usage( void )
fprintf( stderr, " -G before%cafter%cindex%ccount | before%cafter%cvalue where 'before' and\n", VLV_PARAM_SEP, VLV_PARAM_SEP, VLV_PARAM_SEP, VLV_PARAM_SEP, VLV_PARAM_SEP );
fprintf( stderr, "\t\t'after' are the number of entries surrounding 'index.'\n");
fprintf( stderr, "\t\t'count' is the content count, 'value' is the search value.\n");
fprintf( stderr, " -c authzid\tspecifies the getEffectiveRights control authzid\n");
fprintf( stderr, "\t\t eg. dn:uid=bjensen,dc=example,dc=com\n");
fprintf( stderr, "\t\t A value of \"\" means \"the authorization id for the operation\".\n");
fprintf( stderr, "\t\t A value of \"dn:\" means \"anonymous\"\n");
fprintf( stderr, "\t\t (The aclRights operational attribute must be requested)\n");
fprintf( stderr, " -X attrlist\tspecifies the getEffectiveRights control specific attribute list,\n");
fprintf( stderr, "\t\t where attributes are space separated eg. \"nsroledn userPassword\"\n");
exit( LDAP_PARAM_ERROR );
}
@ -125,6 +133,9 @@ static int use_vlv = 0, vlv_before, vlv_after, vlv_index, vlv_count;
static int use_psearch=0;
static int flush_after_each_entry=0;
static int write_ldif_version = 1;
static char *get_effectiverights_control_target_dn = NULL; /* -c */
static char **get_effectiverights_control_attrlist = NULL; /* -X */
static int do_effective_rights_control = 0;
/* Persistent search variables */
static int chgtype=0, changesonly=1, return_echg_ctls=1;
@ -133,7 +144,9 @@ static int chgtype=0, changesonly=1, return_echg_ctls=1;
int
main( int argc, char **argv )
{
char *filtpattern, **attrs;
char *filtpattern = NULL;
int free_filtpattern = 0;
char **attrs;
int rc, optind, i, first;
LDAP *ld;
@ -158,15 +171,15 @@ main( int argc, char **argv )
ldaptool_reset_control_array( ldaptool_request_ctrls );
#ifdef HAVE_SASL_OPTIONS
#ifdef HAVE_SASL_OPTIONS_2
optind = ldaptool_process_args( argc, argv, "ABLTU1eortuxa:b:F:G:l:S:s:z:C:",
optind = ldaptool_process_args( argc, argv, "ABLTU1eortuxa:b:F:G:l:S:s:z:C:c:X:",
0, options_callback );
#else
optind = ldaptool_process_args( argc, argv, "ABLTU1ertuxa:b:F:G:l:S:s:z:C:",
optind = ldaptool_process_args( argc, argv, "ABLTU1ertuxa:b:F:G:l:S:s:z:C:c:X:",
0, options_callback );
#endif
#else
optind = ldaptool_process_args( argc, argv,
"ABLTU1eortuxa:b:F:G:l:S:s:z:C:", 0, options_callback );
"ABLTU1eortuxa:b:F:G:l:S:s:z:C:c:X:", 0, options_callback );
#endif /* HAVE_SASL_OPTIONS */
if ( optind == -1 ) {
@ -202,6 +215,7 @@ main( int argc, char **argv )
} else { /* there are additional args (filter + attrs) */
if ( ldaptool_fp == NULL || strstr( argv[ optind ], "%s" ) != NULL ) {
filtpattern = ldaptool_local2UTF8( argv[ optind ], "filter" );
free_filtpattern = 1;
++optind;
} else {
filtpattern = "%s";
@ -256,7 +270,7 @@ main( int argc, char **argv )
}
if ( ldaptool_fp == NULL ) {
char *conv;
char *conv = NULL;
conv = ldaptool_local2UTF8( base, "base DN" );
rc = dosearch( ld, conv, scope, attrs, attrsonly, filtpattern, "" );
@ -314,6 +328,9 @@ main( int argc, char **argv )
}
ldaptool_cleanup( ld );
if ( (free_filtpattern != 0) && (filtpattern != NULL) ) {
free (filtpattern);
}
return( rc );
}
@ -383,6 +400,26 @@ options_callback( int option, char *optarg )
case 'F': /* field separator */
sep = strdup( optarg );
break;
case 'c': /* getEffectiveRights control authzid */
if ( optarg && optarg[0] == '\0' ) {
/* -c ""
means "This user"
*/
get_effectiverights_control_target_dn = NULL;
do_effective_rights_control = 1;
}else if ( strlen(optarg) < 3 || (strncasecmp(optarg, "dn:", 3) != 0) ) {
fprintf(stderr,"-c wrong format--should be \"\" or \"dn:...\".\n"
"\"dn:\" means anonymous user.");
usage();
} else {
get_effectiverights_control_target_dn = strdup(optarg);
do_effective_rights_control = 1;
}
break;
case 'X': /* getEffectiveRights control attr list */
get_effectiverights_control_attrlist = get_effectiverights_attrlist(optarg);
do_effective_rights_control = 1;
break;
case 'b': /* searchbase */
base = strdup( optarg );
break;
@ -602,7 +639,15 @@ dosearch( ld, base, scope, attrs, attrsonly, filtpatt, value )
if ((ldctrl = ldaptool_create_proxyauth_control(ld)) !=NULL) {
ldaptool_add_control_to_array(ldctrl, ldaptool_request_ctrls);
}
if ( do_effective_rights_control ) {
if ((ldctrl = ldaptool_create_geteffectiveRights_control(ld,
get_effectiverights_control_target_dn,
(const char**) get_effectiverights_control_attrlist)) != NULL) {
ldaptool_add_control_to_array(ldctrl, ldaptool_request_ctrls);
}
}
if (use_psearch) {
if ( ldap_create_persistentsearch_control( ld, chgtype,
changesonly, return_echg_ctls,
@ -1181,8 +1226,8 @@ static struct ldapsearch_type2str ldapsearch_msgtypes[] = {
/*
* Return a descriptive string given an LDAP result message type (tag).
*/
* Return a descriptive string given an LDAP result message type (tag).
*/
static char *
msgtype2str( int msgtype )
{
@ -1224,3 +1269,33 @@ changetype_num2string( ber_int_t chgtype )
return( s );
}
/* returns a null teminated charrary */
static char **get_effectiverights_attrlist(char * optarg)
{
int i = 0;
char ** retArray = NULL;
char * tmp_str = strdup(optarg);
if ( tmp_str == NULL ) {
perror("strdup");
exit(LDAP_NO_MEMORY);
}
retArray = ldap_str2charray( tmp_str, " "); /* takes copies */
if ( retArray == NULL ) {
fprintf( stderr, "%s: not enough memory\n", ldaptool_progname );
exit( LDAP_NO_MEMORY );
}
free(tmp_str);
while( retArray[i] != NULL ) {
fprintf(stderr,"%s ", retArray[i]);
i++;
}
fprintf(stderr, "\n");
return(retArray);
}

9
directory/c-sdk/ldap/clients/tools/ldaptool.h
Просмотреть файл

@ -95,14 +95,8 @@ extern int getopt (int argc, char *const *argv, const char *optstring);
#include <ssl.h>
#endif
#include <portable.h>
#include <ldap.h>
#ifndef NO_LIBLCACHE
#include <lcache.h>
#endif
#include <ldaplog.h>
#include <ldif.h>
@ -116,7 +110,6 @@ extern int getopt (int argc, char *const *argv, const char *optstring);
extern "C" {
#endif
/*
* shared macros, structures, etc.
*/
@ -176,6 +169,8 @@ LDAPControl *ldaptool_create_manage_dsait_control( void );
void ldaptool_print_referrals( char **refs );
int ldaptool_print_extended_response( LDAP *ld, LDAPMessage *res, char *msg );
LDAPControl *ldaptool_create_proxyauth_control( LDAP *ld );
LDAPControl *ldaptool_create_geteffectiveRights_control ( LDAP *ld,
const char *authzid, const char **attrlist );
void ldaptool_add_control_to_array( LDAPControl *ctrl, LDAPControl **array);
void ldaptool_reset_control_array( LDAPControl **array );
char *ldaptool_get_tmp_dir( void );