#include <stdio.h>
#include <sys/types.h>
#include <stdlib.h>
#include <libintl.h>
#include <string.h>
#include <ctype.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <unistd.h>
#include <syslog.h>
#include <locale.h>
#include <errno.h>
#include <sys/time.h>
#include "ns_sldap.h"
#include "ns_internal.h"
#include "ns_cache_door.h"
#define ALWAYS 1
static int
read_line(FILE *fp, char *buffer, int buflen, char *errstr)
{
int linelen;
char c;
*errstr = '\0';
for (linelen = 0; linelen < buflen; ) {
c = getc(fp);
if (c == EOF)
break;
switch (c) {
case '\n':
if (linelen > 0 && buffer[linelen - 1] == '\\') {
--linelen;
} else {
buffer[linelen] = '\0';
return (linelen);
}
break;
default:
buffer[linelen++] = c;
}
}
if (linelen >= buflen) {
(void) snprintf(errstr, MAXERROR,
gettext("Buffer overflow, line too long."));
return (-2);
} else if (linelen > 0 && buffer[linelen - 1] == '\\') {
(void) snprintf(errstr, MAXERROR,
gettext("Unterminated continuation line."));
return (-2);
} else {
buffer[linelen] = '\0';
}
return (linelen > 0 ? linelen : -1);
}
static ns_parse_status
read_file(ns_config_t *ptr, int cred_file, ns_ldap_error_t **error)
{
ParamIndexType i = 0;
char errstr[MAXERROR];
char buffer[BUFSIZE], *name, *value;
int emptyfile, lineno;
FILE *fp;
int ret;
int linelen;
char *file;
int first = 1;
if (cred_file) {
file = NSCREDFILE;
} else {
file = NSCONFIGFILE;
}
fp = fopen(file, "rF");
if (fp == NULL) {
(void) snprintf(errstr, sizeof (errstr),
gettext("Unable to open filename '%s' "
"for reading (errno=%d)."), file, errno);
MKERROR(LOG_ERR, *error, NS_CONFIG_FILE, strdup(errstr),
NS_PARSE_ERR);
return (NS_NOTFOUND);
}
emptyfile = 1;
lineno = 0;
for (; ; ) {
if ((linelen = read_line(fp, buffer, sizeof (buffer),
errstr)) < 0)
break;
lineno++;
if (linelen == 0)
continue;
if (buffer[0] == '#')
continue;
emptyfile = 0;
name = NULL;
value = NULL;
__s_api_split_key_value(buffer, &name, &value);
if (name == NULL || value == NULL) {
(void) snprintf(errstr, sizeof (errstr),
gettext("Missing Name or Value on line %d."),
lineno);
MKERROR(LOG_ERR, *error, NS_CONFIG_SYNTAX,
strdup(errstr), NS_PARSE_ERR);
(void) fclose(fp);
return (NS_PARSE_ERR);
}
if (__s_api_get_versiontype(ptr, name, &i) != 0) {
(void) snprintf(errstr, sizeof (errstr),
gettext("Illegal profile type on line %d."),
lineno);
MKERROR(LOG_ERR, *error, NS_CONFIG_SYNTAX,
strdup(errstr), NS_PARSE_ERR);
(void) fclose(fp);
return (NS_PARSE_ERR);
}
if (!first && i == NS_LDAP_FILE_VERSION_P) {
(void) snprintf(errstr, sizeof (errstr),
gettext("Illegal NS_LDAP_FILE_VERSION "
"on line %d."), lineno);
MKERROR(LOG_ERR, *error, NS_CONFIG_SYNTAX,
strdup(errstr), NS_PARSE_ERR);
(void) fclose(fp);
return (NS_PARSE_ERR);
}
first = 0;
switch (__s_api_get_configtype(i)) {
case SERVERCONFIG:
case CLIENTCONFIG:
if (cred_file == 0) {
ret = __ns_ldap_setParamValue(ptr, i, value,
error);
if (ret != NS_SUCCESS) {
(void) fclose(fp);
return (ret);
}
} else if (i != NS_LDAP_FILE_VERSION_P) {
(void) snprintf(errstr, sizeof (errstr),
gettext("Illegal entry in '%s' on "
"line %d"), file, lineno);
MKERROR(LOG_ERR, *error, NS_CONFIG_SYNTAX,
strdup(errstr), NS_PARSE_ERR);
(void) fclose(fp);
return (NS_PARSE_ERR);
}
break;
case CREDCONFIG:
if (i == NS_LDAP_FILE_VERSION_P)
break;
if (cred_file) {
ret = __ns_ldap_setParamValue(ptr, i, value,
error);
if (ret != NS_SUCCESS) {
(void) fclose(fp);
return (ret);
}
} else {
(void) snprintf(errstr, sizeof (errstr),
gettext("Illegal entry in '%s' on "
"line %d"), file, lineno);
MKERROR(LOG_ERR, *error, NS_CONFIG_SYNTAX,
strdup(errstr), NS_PARSE_ERR);
(void) fclose(fp);
return (NS_PARSE_ERR);
}
}
}
(void) fclose(fp);
if (!cred_file && emptyfile) {
(void) snprintf(errstr, sizeof (errstr),
gettext("Empty config file: '%s'"), file);
MKERROR(LOG_ERR, *error, NS_CONFIG_SYNTAX, strdup(errstr),
NS_PARSE_ERR);
return (NS_PARSE_ERR);
}
if (linelen == -2) {
(void) snprintf(errstr, sizeof (errstr),
gettext("Line too long in '%s'"), file);
MKERROR(LOG_ERR, *error, NS_CONFIG_SYNTAX, strdup(errstr),
NS_PARSE_ERR);
return (NS_PARSE_ERR);
}
return (NS_SUCCESS);
}
static
ns_ldap_return_code
set_attr(ns_config_t *config_struct, char *attr_name, char *attr_val,
ns_ldap_error_t **errorp)
{
ParamIndexType idx;
char errmsg[MAXERROR];
if (errorp == NULL) {
return (NS_LDAP_INVALID_PARAM);
}
*errorp = NULL;
if (__s_api_get_profiletype(attr_name, &idx) < 0 &&
__s_api_get_versiontype(config_struct, attr_name, &idx) < 0) {
(void) snprintf(errmsg, sizeof (errmsg),
gettext("Illegal DUAProfile property: <%s>."), attr_name);
MKERROR(LOG_ERR, *errorp, NS_LDAP_CONFIG, strdup(errmsg),
NS_LDAP_MEMORY);
return (NS_LDAP_CONFIG);
}
return (__ns_ldap_setParamValue(config_struct, idx, attr_val, errorp));
}
ns_config_t *
__s_api_create_config_door_str(char *config, ns_ldap_error_t **errorp)
{
char *attr, *attrName, *attrVal, *rest;
ns_config_t *configStruct = NULL;
char errmsg[MAXERROR];
if (config == NULL || errorp == NULL)
return (NULL);
if ((configStruct = __s_api_create_config()) == NULL) {
return (NULL);
}
*errorp = NULL;
attr = strtok_r(config, DOORLINESEP, &rest);
if (!attr) {
__s_api_destroy_config(configStruct);
(void) snprintf(errmsg, sizeof (errmsg),
gettext("DUAProfile received from the server"
" has bad format"));
MKERROR(LOG_ERR, *errorp, NS_LDAP_CONFIG, strdup(errmsg), NULL);
return (NULL);
}
do {
__s_api_split_key_value(attr, &attrName, &attrVal);
if (attrName == NULL || attrVal == NULL) {
__s_api_destroy_config(configStruct);
(void) snprintf(errmsg, sizeof (errmsg),
gettext("Attribute %s is not valid"), attr);
MKERROR(LOG_ERR, *errorp, NS_LDAP_CONFIG,
strdup(errmsg), NULL);
return (NULL);
}
if (strcasecmp(attrName, "objectclass") == 0) {
if (strcasecmp(attrVal, _PROFILE2_OBJECTCLASS) == 0) {
if (__ns_ldap_setParamValue(configStruct,
NS_LDAP_FILE_VERSION_P,
NS_LDAP_VERSION_2,
errorp) != NS_LDAP_SUCCESS) {
__s_api_destroy_config(configStruct);
return (NULL);
}
} else if (strcasecmp(attrVal,
_PROFILE1_OBJECTCLASS) == 0) {
if (__ns_ldap_setParamValue(configStruct,
NS_LDAP_FILE_VERSION_P,
NS_LDAP_VERSION_1,
errorp) != NS_LDAP_SUCCESS) {
__s_api_destroy_config(configStruct);
return (NULL);
}
}
continue;
}
if (set_attr(configStruct, attrName, attrVal, errorp) !=
NS_LDAP_SUCCESS) {
__s_api_destroy_config(configStruct);
return (NULL);
}
} while (attr = strtok_r(NULL, DOORLINESEP, &rest));
if (__s_api_crosscheck(configStruct, errmsg, B_FALSE) != NS_SUCCESS) {
MKERROR(LOG_ERR, *errorp, NS_LDAP_CONFIG, strdup(errmsg), NULL);
__s_api_destroy_config(configStruct);
return (NULL);
}
return (configStruct);
}
ns_ldap_error_t *
__ns_ldap_LoadConfiguration()
{
ns_ldap_error_t *error = NULL;
ns_config_t *ptr = NULL;
char errstr[MAXERROR];
ns_parse_status ret;
ptr = __s_api_create_config();
if (ptr == NULL) {
(void) snprintf(errstr, sizeof (errstr),
gettext("__ns_ldap_LoadConfiguration: Out of memory."));
MKERROR(LOG_ERR, error, NS_CONFIG_NOTLOADED,
strdup(errstr), NULL);
return (error);
}
ret = read_file(ptr, 0, &error);
if (ret != NS_SUCCESS) {
__s_api_destroy_config(ptr);
return (error);
}
ret = read_file(ptr, 1, &error);
if (ret != NS_SUCCESS) {
__s_api_destroy_config(ptr);
return (error);
}
if (__s_api_crosscheck(ptr, errstr, B_TRUE) != NS_SUCCESS) {
__s_api_destroy_config(ptr);
MKERROR(LOG_ERR, error, NS_CONFIG_SYNTAX, strdup(errstr), NULL);
return (error);
}
__s_api_init_config(ptr);
return (NULL);
}
int
__print2buf(LineBuf *line, const char *toprint, char *sep)
{
int newsz = 0;
int newmax = 0;
char *str;
if (line == NULL)
return (-1);
newsz = strlen(toprint) + line->len + 1;
if (sep != NULL) {
newsz += strlen(sep);
}
if (line->alloc == 0 || newsz > line->alloc) {
newmax = (((newsz+(BUFSIZ-1))/BUFSIZ)+1) * BUFSIZ;
if (line->alloc == 0)
line->str = (char *)calloc(newmax, 1);
else {
str = (char *)realloc(line->str, newmax);
if (str == NULL) {
free(line->str);
line->str = NULL;
}
else
line->str = str;
}
line->alloc = newmax;
if (line->str == NULL) {
line->alloc = 0;
line->len = 0;
return (-1);
}
}
(void) strlcat(line->str, toprint, line->alloc);
if (sep != NULL) {
(void) strlcat(line->str, sep, line->alloc);
}
line->len = newsz;
return (0);
}
ns_ldap_error_t *
__ns_ldap_LoadDoorInfo(LineBuf *configinfo, char *domainname,
ns_config_t *new, int cred_only)
{
ns_config_t *ptr;
char errstr[MAXERROR];
ns_ldap_error_t *errorp;
char *str;
ParamIndexType i = 0;
int len;
ldap_config_out_t *cout;
if (new == NULL)
ptr = __s_api_get_default_config();
else
ptr = new;
if (ptr == NULL) {
(void) snprintf(errstr, sizeof (errstr),
gettext("No configuration information available for %s."),
domainname == NULL ? "<no domain specified>" : domainname);
MKERROR(LOG_WARNING, errorp, NS_CONFIG_NOTLOADED,
strdup(errstr), NULL);
return (errorp);
}
(void) memset((char *)configinfo, 0, sizeof (LineBuf));
for (i = 0; i <= NS_LDAP_MAX_PIT_P; i++) {
if (cred_only) {
if (i != NS_LDAP_ADMIN_BINDDN_P &&
i != NS_LDAP_ADMIN_BINDPASSWD_P)
continue;
} else {
if (i == NS_LDAP_ADMIN_BINDDN_P ||
i == NS_LDAP_ADMIN_BINDPASSWD_P)
continue;
}
str = __s_api_strValue(ptr, i, NS_DOOR_FMT);
if (str == NULL)
continue;
if (__print2buf(configinfo, str, DOORLINESEP)) {
(void) snprintf(errstr, sizeof (errstr),
gettext("__print2buf: Out of memory."));
MKERROR(LOG_WARNING, errorp, NS_CONFIG_NOTLOADED,
strdup(errstr), NULL);
__s_api_release_config(ptr);
free(str);
return (errorp);
}
free(str);
}
if (new == NULL)
__s_api_release_config(ptr);
if (configinfo->str) {
len = sizeof (ldap_config_out_t) - sizeof (int) +
configinfo->len;
if ((cout = calloc(1, len)) == NULL) {
free(configinfo->str);
configinfo->str = NULL;
configinfo->len = 0;
(void) snprintf(errstr, sizeof (errstr),
gettext("calloc: Out of memory."));
MKERROR(LOG_WARNING, errorp, NS_CONFIG_NOTLOADED,
strdup(errstr), NULL);
return (errorp);
}
cout->data_size = configinfo->len;
(void) memcpy(cout->config_str, configinfo->str,
configinfo->len);
free(configinfo->str);
configinfo->str = (char *)cout;
configinfo->len = len;
}
return (NULL);
}
ns_ldap_error_t *
__ns_ldap_DumpLdif(char *filename)
{
ns_config_t *ptr;
char errstr[MAXERROR];
ns_ldap_error_t *errorp;
char *str;
FILE *fp;
ParamIndexType i = 0;
char *profile, *container, *base;
ptr = __s_api_get_default_config();
if (ptr == NULL) {
(void) snprintf(errstr, sizeof (errstr),
gettext("No configuration information available."));
MKERROR(LOG_ERR, errorp, NS_CONFIG_NOTLOADED, strdup(errstr),
NULL);
return (errorp);
}
if (filename == NULL) {
fp = stdout;
} else {
fp = fopen(filename, "wF");
if (fp == NULL) {
(void) snprintf(errstr, sizeof (errstr),
gettext("Unable to open filename %s for ldif "
"dump (errno=%d)."), filename, errno);
MKERROR(LOG_WARNING, errorp, NS_CONFIG_FILE,
strdup(errstr), NULL);
__s_api_release_config(ptr);
return (errorp);
}
(void) fchmod(fileno(fp), 0444);
}
if (ptr->paramList[NS_LDAP_SEARCH_BASEDN_P].ns_ptype != CHARPTR ||
ptr->paramList[NS_LDAP_PROFILE_P].ns_ptype != CHARPTR) {
(void) snprintf(errstr, sizeof (errstr),
gettext("Required BaseDN and/or Profile name "
"ldif fields not present"));
MKERROR(LOG_WARNING, errorp, NS_CONFIG_FILE, strdup(errstr),
NULL);
__s_api_release_config(ptr);
return (errorp);
}
profile = ptr->paramList[NS_LDAP_PROFILE_P].ns_pc;
base = ptr->paramList[NS_LDAP_SEARCH_BASEDN_P].ns_pc;
container = _PROFILE_CONTAINER;
(void) fprintf(fp, "dn: cn=%s,ou=%s,%s\n", profile, container, base);
if (ptr->version == NS_LDAP_V1) {
(void) fprintf(fp, "ObjectClass: top\nObjectClass: %s\n",
_PROFILE1_OBJECTCLASS);
} else {
(void) fprintf(fp, "ObjectClass: top\nObjectClass: %s\n",
_PROFILE2_OBJECTCLASS);
}
for (i = 0; i <= NS_LDAP_MAX_PIT_P; i++) {
str = __s_api_strValue(ptr, i, NS_LDIF_FMT);
if (str == NULL)
continue;
if ((i != NS_LDAP_BINDDN_P) &&
(i != NS_LDAP_BINDPASSWD_P) &&
(i != NS_LDAP_ADMIN_BINDDN_P) &&
(i != NS_LDAP_ADMIN_BINDPASSWD_P) &&
(i != NS_LDAP_ENABLE_SHADOW_UPDATE_P) &&
(i != NS_LDAP_HOST_CERTPATH_P))
(void) fprintf(fp, "%s\n", str);
free(str);
}
if (filename != NULL)
(void) fclose(fp);
__s_api_release_config(ptr);
return (NULL);
}
static
ns_ldap_error_t *
__ns_ldap_DumpConfigFiles(char **files)
{
char *filename;
int fi;
int docred;
ns_config_t *ptr;
char *str;
char errstr[MAXERROR];
ParamIndexType i = 0;
FILE *fp;
int rc;
ns_ldap_error_t *errorp = NULL;
struct stat buf;
int cfgtype;
boolean_t file_export_error = B_FALSE;
ptr = __s_api_get_default_config();
if (ptr == NULL) {
(void) snprintf(errstr, sizeof (errstr),
gettext("No configuration information available."));
MKERROR(LOG_ERR, errorp, NS_CONFIG_NOTLOADED, strdup(errstr),
NULL);
return (errorp);
}
for (fi = 0; fi < 2; fi++) {
docred = 0;
filename = files[fi];
if (filename == NULL)
continue;
if (fi == 1)
docred++;
rc = stat(filename, &buf);
fp = fopen(filename, "wF");
if (fp == NULL) {
(void) snprintf(errstr, sizeof (errstr),
gettext("Unable to open filename %s"
" for configuration dump (%s)."),
filename, strerror(errno));
MKERROR(LOG_ERR, errorp, NS_CONFIG_FILE,
strdup(errstr), NULL);
__s_api_release_config(ptr);
return (errorp);
}
if (rc == 0) {
if (fchmod(fileno(fp), buf.st_mode) != 0) {
(void) snprintf(errstr, sizeof (errstr),
gettext("Unable to set permissions for file"
" %s for configuration dump (%s)."),
filename, strerror(errno));
(void) fclose(fp);
file_export_error = B_TRUE;
break;
}
} else {
if (fchmod(fileno(fp), 0400) != 0) {
(void) snprintf(errstr, sizeof (errstr),
gettext("Unable to set permissions for file"
" %s for configuration dump (%s)."),
filename, strerror(errno));
(void) fclose(fp);
file_export_error = B_TRUE;
break;
}
}
if (fprintf(fp, "#\n# %s\n#\n", DONOTEDIT) < 0) {
(void) snprintf(errstr, sizeof (errstr), gettext(
"Writing to file %s for configuration dump failed "
"(%s)."), filename, strerror(errno));
file_export_error = B_TRUE;
}
for (i = 0; !file_export_error && (i <= NS_LDAP_MAX_PIT_P);
i++) {
cfgtype = __s_api_get_configtype(i);
if ((docred == 0 && cfgtype == CREDCONFIG) ||
(docred == 1 && cfgtype != CREDCONFIG))
continue;
str = __s_api_strValue(ptr, i, NS_FILE_FMT);
if (str == NULL)
continue;
if (fprintf(fp, "%s\n", str) < 0) {
(void) snprintf(errstr, sizeof (errstr),
gettext("Writing to file %s for"
"configuration dump failed (%s)."),
filename, strerror(errno));
file_export_error = B_TRUE;
}
free(str);
}
if (fclose(fp) != 0) {
if (file_export_error)
break;
(void) snprintf(errstr, sizeof (errstr), gettext(
"Writing to file %s for configuration dump failed "
"during file close (%s)."), filename,
strerror(errno));
file_export_error = B_TRUE;
break;
}
}
if (file_export_error) {
MKERROR(LOG_ERR, errorp, NS_CONFIG_FILE,
strdup(errstr), NULL);
(void) unlink(filename);
}
__s_api_release_config(ptr);
return (errorp);
}
ns_ldap_error_t *
__ns_ldap_DumpConfiguration(char *file)
{
ns_ldap_error_t *ret;
char *files[3];
files[0] = NULL;
files[1] = NULL;
files[2] = NULL;
if (strcmp(file, NSCONFIGFILE) == 0) {
files[0] = file;
} else if (strcmp(file, NSCONFIGREFRESH) == 0) {
files[0] = file;
} else if (strcmp(file, NSCREDFILE) == 0) {
files[1] = file;
} else if (strcmp(file, NSCREDREFRESH) == 0) {
files[1] = file;
}
ret = __ns_ldap_DumpConfigFiles(files);
return (ret);
}
ns_config_t *
__ns_ldap_make_config(ns_ldap_result_t *result)
{
int l, m;
char val[BUFSIZE];
char *attrname;
ns_ldap_entry_t *entry;
ns_ldap_attr_t *attr;
char **attrval;
ParamIndexType index;
ns_config_t *ptr;
ns_ldap_error_t *error = NULL;
int prof_ver;
ns_config_t *curr_ptr = NULL;
char errstr[MAXERROR];
ns_ldap_error_t *errorp;
LineBuf buffer;
char *sepstr;
if (result == NULL)
return (NULL);
if (result->entries_count > 1) {
(void) snprintf(errstr, MAXERROR,
gettext("Configuration Error: More than one profile "
"found"));
MKERROR(LOG_ERR, errorp, NS_PARSE_ERR, strdup(errstr), NULL);
(void) __ns_ldap_freeError(&errorp);
return (NULL);
}
ptr = __s_api_create_config();
if (ptr == NULL)
return (NULL);
curr_ptr = __s_api_get_default_config();
if (curr_ptr == NULL) {
__s_api_destroy_config(ptr);
return (NULL);
}
prof_ver = 1;
entry = result->entry;
for (l = 0; l < entry->attr_count; l++) {
attr = entry->attr_pair[l];
attrname = attr->attrname;
if (attrname == NULL)
continue;
if (strcasecmp(attrname, "objectclass") == 0) {
for (m = 0; m < attr->value_count; m++) {
if (strcasecmp(_PROFILE2_OBJECTCLASS,
attr->attrvalue[m]) == 0) {
prof_ver = 2;
break;
}
}
}
}
if (prof_ver == 1) {
(void) strcpy(val, NS_LDAP_VERSION_1);
(void) __ns_ldap_setParamValue(ptr, NS_LDAP_FILE_VERSION_P,
val, &error);
} else {
(void) strcpy(val, NS_LDAP_VERSION_2);
(void) __ns_ldap_setParamValue(ptr, NS_LDAP_FILE_VERSION_P,
val, &error);
}
for (l = 0; l < entry->attr_count; l++) {
attr = entry->attr_pair[l];
attrname = attr->attrname;
if (attrname == NULL)
continue;
if (__s_api_get_profiletype(attrname, &index) != 0)
continue;
attrval = attr->attrvalue;
switch (index) {
case NS_LDAP_SEARCH_DN_P:
case NS_LDAP_SERVICE_SEARCH_DESC_P:
case NS_LDAP_ATTRIBUTEMAP_P:
case NS_LDAP_OBJECTCLASSMAP_P:
case NS_LDAP_SERVICE_CRED_LEVEL_P:
case NS_LDAP_SERVICE_AUTH_METHOD_P:
for (m = 0; m < attr->value_count; m++) {
(void) __ns_ldap_setParamValue(ptr, index,
attrval[m], &error);
}
break;
default:
(void) memset((void *)&buffer, 0, sizeof (LineBuf));
for (m = 0; m < attr->value_count; m++) {
sepstr = NULL;
if (m != attr->value_count - 1) {
sepstr = SPACESEP;
}
if (__print2buf(&buffer, attrval[m], sepstr))
goto makeconfigerror;
}
(void) __ns_ldap_setParamValue(ptr, index, buffer.str,
&error);
if (buffer.len > 0) {
free(buffer.str);
buffer.len = 0;
}
break;
}
}
if (ptr->version != NS_LDAP_V1) {
ParamIndexType i;
if (curr_ptr->paramList[NS_LDAP_BINDDN_P].ns_ptype == CHARPTR) {
(void) __ns_ldap_setParamValue(ptr, NS_LDAP_BINDDN_P,
curr_ptr->paramList[NS_LDAP_BINDDN_P].ns_pc,
&error);
}
if (curr_ptr->paramList[NS_LDAP_BINDPASSWD_P].ns_ptype ==
CHARPTR) {
(void) __ns_ldap_setParamValue(ptr,
NS_LDAP_BINDPASSWD_P,
curr_ptr->paramList[NS_LDAP_BINDPASSWD_P].ns_pc,
&error);
}
i = NS_LDAP_ENABLE_SHADOW_UPDATE_P;
if (curr_ptr->paramList[i].ns_ptype == INT) {
char *valt;
valt = __s_get_shadowupdate_name(
curr_ptr->paramList[i].ns_i);
(void) __ns_ldap_setParamValue(ptr, i, valt, &error);
}
if (curr_ptr->paramList[NS_LDAP_ADMIN_BINDDN_P].ns_ptype ==
CHARPTR) {
(void) __ns_ldap_setParamValue(ptr,
NS_LDAP_ADMIN_BINDDN_P,
curr_ptr->paramList[NS_LDAP_ADMIN_BINDDN_P].ns_pc,
&error);
}
if (curr_ptr->paramList[NS_LDAP_ADMIN_BINDPASSWD_P].ns_ptype ==
CHARPTR) {
(void) __ns_ldap_setParamValue(ptr,
NS_LDAP_ADMIN_BINDPASSWD_P,
curr_ptr->
paramList[NS_LDAP_ADMIN_BINDPASSWD_P].ns_pc,
&error);
}
if (curr_ptr->paramList[NS_LDAP_HOST_CERTPATH_P].ns_ptype ==
CHARPTR) {
(void) __ns_ldap_setParamValue(ptr,
NS_LDAP_HOST_CERTPATH_P,
curr_ptr->paramList[NS_LDAP_HOST_CERTPATH_P].ns_pc,
&error);
}
}
__s_api_release_config(curr_ptr);
return (ptr);
makeconfigerror:
if (buffer.len > 0)
free(buffer.str);
__s_api_debug_pause(LOG_ERR, NS_PARSE_ERR,
"__ns_ldap_make_config: Not enough memory");
return (NULL);
}
int
__ns_ldap_download(const char *profile, char *addr, char *baseDN,
ns_ldap_error_t **errorp)
{
char filter[BUFSIZE];
int rc;
ns_ldap_result_t *result = NULL;
ns_config_t *ptr = NULL;
ns_config_t *new_ptr = NULL;
char errstr[MAXERROR];
*errorp = NULL;
if (baseDN == NULL)
return (NS_LDAP_INVALID_PARAM);
ptr = __s_api_get_default_config();
if (ptr == NULL) {
(void) snprintf(errstr, sizeof (errstr),
gettext("No configuration information available."));
MKERROR(LOG_ERR, *errorp, NS_CONFIG_NOTLOADED, strdup(errstr),
NS_LDAP_MEMORY);
return (NS_LDAP_CONFIG);
}
rc = __ns_ldap_setParamValue(ptr, NS_LDAP_SEARCH_BASEDN_P, baseDN,
errorp);
if (rc != NS_LDAP_SUCCESS) {
__s_api_release_config(ptr);
return (rc);
}
rc = __ns_ldap_setParamValue(ptr, NS_LDAP_SERVERS_P, addr, errorp);
__s_api_release_config(ptr);
if (rc != NS_LDAP_SUCCESS)
return (rc);
(void) snprintf(filter, sizeof (filter), _PROFILE_FILTER,
_PROFILE1_OBJECTCLASS, _PROFILE2_OBJECTCLASS, profile);
rc = __ns_ldap_list(_PROFILE_CONTAINER, (const char *)filter,
NULL, NULL, NULL, 0, &result, errorp, NULL, NULL);
if (rc != NS_LDAP_SUCCESS)
return (rc);
new_ptr = __ns_ldap_make_config(result);
(void) __ns_ldap_freeResult(&result);
if (new_ptr == NULL)
return (NS_LDAP_OP_FAILED);
rc = __s_api_crosscheck(new_ptr, errstr, B_FALSE);
if (rc != NS_LDAP_SUCCESS) {
__s_api_destroy_config(new_ptr);
MKERROR(LOG_ERR, *errorp, NS_CONFIG_NOTLOADED, strdup(errstr),
NS_LDAP_MEMORY);
return (NS_LDAP_CONFIG);
}
__s_api_init_config(new_ptr);
return (rc);
}
ns_ldap_error_t *
__ns_ldap_print_config(int verbose)
{
ns_config_t *ptr;
char errstr[MAXERROR];
ns_ldap_error_t *errorp;
char *str;
int i;
ptr = __s_api_get_default_config();
if (ptr == NULL) {
errorp = __ns_ldap_LoadConfiguration();
if (errorp != NULL)
return (errorp);
ptr = __s_api_get_default_config();
if (ptr == NULL) {
(void) snprintf(errstr, sizeof (errstr),
gettext("No configuration information."));
MKERROR(LOG_WARNING, errorp, NS_CONFIG_NOTLOADED,
strdup(errstr), NULL);
return (errorp);
}
}
if (verbose && (ptr->domainName != NULL)) {
(void) fputs("ptr->domainName ", stdout);
(void) fputs(ptr->domainName, stdout);
(void) putchar('\n');
}
for (i = 0; i <= NS_LDAP_MAX_PIT_P; i++) {
if ((i == NS_LDAP_CACHETTL_P) && (ptr->version == NS_LDAP_V1))
continue;
if (i == NS_LDAP_ADMIN_BINDDN_P ||
i == NS_LDAP_ADMIN_BINDPASSWD_P)
continue;
str = __s_api_strValue(ptr, i, NS_FILE_FMT);
if (str == NULL)
continue;
if (verbose)
(void) putchar('\t');
(void) fprintf(stdout, "%s\n", str);
free(str);
}
__s_api_release_config(ptr);
return (NULL);
}
