#include <stdio.h>
#include <sys/types.h>
#include <stdlib.h>
#include <libintl.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <unistd.h>
#include <string.h>
#include <strings.h>
#include <lber.h>
#include <ldap.h>
#include <syslog.h>
#include <stddef.h>
#include <sys/mman.h>
#include "ns_sldap.h"
#include "ns_internal.h"
#include "ns_connmgmt.h"
#include "ns_cache_door.h"
#include <pwd.h>
#include <project.h>
#include <shadow.h>
#include <grp.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <netdb.h>
#include <rpc/rpcent.h>
#include <auth_attr.h>
#include <exec_attr.h>
#include <prof_attr.h>
#include <user_attr.h>
#include <bsm/libbsm.h>
#include <sys/tsol/tndb.h>
#include <tsol/label.h>
static int send_to_cachemgr(const char *,
ns_ldap_attr_t **, ns_ldap_error_t **);
static int escape_str(char *, char *);
static int
replace_mapped_attr_in_dn(
const char *service, const char *dn, char **new_dn)
{
char **mappedattr;
char **dnArray = NULL;
char *rservice;
char *cur = NULL;
int len = 0, orig_len = 0, mapped_len = 0;
int dn_len = 0;
*new_dn = NULL;
dnArray = ldap_explode_dn(dn, 0);
if (!dnArray || !*dnArray)
return (NS_LDAP_INVALID_PARAM);
cur = strchr(dnArray[0], '=');
if (!cur) {
__s_api_free2dArray(dnArray);
return (NS_LDAP_INVALID_PARAM);
}
*cur = '\0';
if (strncasecmp(service, NS_LDAP_TYPE_AUTOMOUNT,
sizeof (NS_LDAP_TYPE_AUTOMOUNT) - 1) == 0)
rservice = "automount";
else
rservice = (char *)service;
mappedattr = __ns_ldap_getMappedAttributes(rservice, dnArray[0]);
if (!mappedattr || !mappedattr[0]) {
__s_api_free2dArray(dnArray);
if (mappedattr)
__s_api_free2dArray(mappedattr);
return (NS_LDAP_SUCCESS);
}
orig_len = strlen(dnArray[0]);
mapped_len = strlen(mappedattr[0]);
dn_len = strlen(dn);
len = dn_len - orig_len + mapped_len + 1;
*new_dn = (char *)calloc(1, len);
if (*new_dn == NULL) {
__s_api_free2dArray(dnArray);
__s_api_free2dArray(mappedattr);
return (NS_LDAP_MEMORY);
}
(void) snprintf(*new_dn, len, "%s=%s", mappedattr[0], dn + orig_len +1);
__s_api_free2dArray(dnArray);
__s_api_free2dArray(mappedattr);
return (NS_LDAP_SUCCESS);
}
static int
init_bval_mod(
LDAPMod *mod,
int mop,
char *mtype,
char *mvptr,
int mvlen)
{
struct berval **bmodval;
mod->mod_type = strdup(mtype);
if (mod->mod_type == NULL)
return (-1);
bmodval = (struct berval **)calloc(2, sizeof (struct berval *));
if (bmodval == NULL) {
free(mod->mod_type);
mod->mod_type = NULL;
return (-1);
}
bmodval[0] = (struct berval *)calloc(1, sizeof (struct berval));
if (bmodval[0] == NULL) {
free(mod->mod_type);
mod->mod_type = NULL;
free(bmodval);
return (-1);
}
bmodval[0]->bv_val = mvptr;
bmodval[0]->bv_len = mvlen;
mod->mod_op = mop | LDAP_MOD_BVALUES;
mod->mod_bvalues = bmodval;
return (0);
}
static void
freeModList(LDAPMod **mods)
{
int i, j;
int name_is_oc;
if (mods == NULL)
return;
for (i = 0; mods[i]; i++) {
name_is_oc = FALSE;
if (mods[i]->mod_type) {
if (strcasecmp(mods[i]->mod_type, "objectclass") == 0)
name_is_oc = TRUE;
free(mods[i]->mod_type);
}
if (mods[i]->mod_bvalues == NULL)
continue;
if (mods[i]->mod_op & LDAP_MOD_BVALUES) {
if (mods[i]->mod_bvalues[0])
free(mods[i]->mod_bvalues[0]);
} else {
if (name_is_oc) {
for (j = 0; mods[i]->mod_values[j]; j++)
free(mods[i]->mod_values[j]);
}
}
free(mods[i]->mod_bvalues);
}
free((char *)(mods[0]));
free(mods);
}
static LDAPMod **
__s_api_makeModListCount(
const char *service,
const ns_ldap_attr_t * const *attr,
const int mod_op,
const int count,
const int flags)
{
LDAPMod **mods, *modlist;
char **modval;
char **mapping;
int i;
int j;
int k, rc, vlen;
char *c, *comma1 = NULL, *comma2 = NULL;
int schema_mapping_existed = FALSE;
int auto_service = FALSE;
mods = (LDAPMod **)calloc((count + 3), sizeof (LDAPMod *));
if (mods == NULL) {
return (NULL);
}
modlist = (LDAPMod *)calloc(count + 2, sizeof (LDAPMod));
if (modlist == NULL) {
free(mods);
return (NULL);
}
if (service != NULL && strncasecmp(service, NS_LDAP_TYPE_AUTOMOUNT,
sizeof (NS_LDAP_TYPE_AUTOMOUNT) - 1) == 0)
auto_service = TRUE;
mapping = __ns_ldap_getOrigAttribute(service,
NS_HASH_SCHEMA_MAPPING_EXISTED);
if (mapping) {
schema_mapping_existed = TRUE;
__s_api_free2dArray(mapping);
mapping = NULL;
}
for (i = 0, k = 0; k < count && attr[k] != NULL; i++, k++) {
mods[i] = &modlist[i];
mods[i]->mod_op = mod_op;
if (schema_mapping_existed && (flags & NS_LDAP_NOMAP) == 0) {
mapping = __ns_ldap_getMappedAttributes(service,
attr[k]->attrname);
} else
mapping = NULL;
if (mapping == NULL && auto_service &&
(flags & NS_LDAP_NOMAP) == 0) {
mapping = __ns_ldap_getMappedAttributes("automount",
attr[k]->attrname);
}
if (mapping == NULL) {
mods[i]->mod_type = strdup(attr[k]->attrname);
if (mods[i]->mod_type == NULL)
goto free_memory;
} else {
if (strcasecmp(service, "passwd") == 0 &&
strcasecmp(attr[k]->attrname, "gecos") == 0 &&
mapping[1] && attr[k]->attrvalue[0] &&
(comma1 = strchr(attr[k]->attrvalue[0],
COMMATOK)) != NULL) {
if (*(comma1 + 1) != '\0')
comma2 = strchr(comma1 + 1, COMMATOK);
if (mapping[2] == NULL || comma2 == NULL) {
vlen = comma1 - attr[k]->attrvalue[0];
c = attr[k]->attrvalue[0];
if (vlen > 0 && c) {
rc = init_bval_mod(mods[i], mod_op,
mapping[0], c, vlen);
if (rc != 0)
goto free_memory;
} else {
mods[i] = NULL;
i--;
}
if (*(comma1 + 1) == '\0') {
__s_api_free2dArray(mapping);
mapping = NULL;
continue;
}
i++;
mods[i] = &modlist[i];
for (c = comma1 + 1; *c == SPACETOK; c++) {
}
vlen = strlen(attr[k]->attrvalue[0]) -
(c - attr[k]->attrvalue[0]);
if (vlen > 0 && c) {
rc = init_bval_mod(mods[i], mod_op,
mapping[1], c, vlen);
if (rc != 0)
goto free_memory;
} else {
mods[i] = NULL;
i--;
}
__s_api_free2dArray(mapping);
mapping = NULL;
continue;
} else {
vlen = comma1 - attr[k]->attrvalue[0];
c = attr[k]->attrvalue[0];
if (vlen > 0 && c) {
rc = init_bval_mod(mods[i], mod_op,
mapping[0], c, vlen);
if (rc != 0)
goto free_memory;
} else {
mods[i] = NULL;
i--;
}
i++;
mods[i] = &modlist[i];
for (c = comma1 + 1; *c == SPACETOK; c++) {
};
vlen = comma2 - c;
if (vlen > 0 && c) {
rc = init_bval_mod(mods[i], mod_op,
mapping[1], c, vlen);
if (rc != 0)
goto free_memory;
} else {
mods[i] = NULL;
i--;
}
if (*(comma2 + 1) == '\0') {
__s_api_free2dArray(mapping);
mapping = NULL;
continue;
}
i++;
mods[i] = &modlist[i];
for (c = comma2 + 1; *c == SPACETOK; c++) {
}
vlen = strlen(attr[k]->attrvalue[0]) -
(c - attr[k]->attrvalue[0]);
if (vlen > 0 && c) {
rc = init_bval_mod(mods[i], mod_op,
mapping[2], c, vlen);
if (rc != 0)
goto free_memory;
} else {
mods[i] = NULL;
i--;
}
__s_api_free2dArray(mapping);
mapping = NULL;
continue;
}
}
mods[i]->mod_type = strdup(mapping[0]);
if (mods[i]->mod_type == NULL) {
goto free_memory;
}
__s_api_free2dArray(mapping);
mapping = NULL;
}
modval = (char **)calloc(attr[k]->value_count+1,
sizeof (char *));
if (modval == NULL)
goto free_memory;
if (strcasecmp(mods[i]->mod_type, "objectclass") == 0) {
for (j = 0; j < attr[k]->value_count; j++) {
if (schema_mapping_existed &&
(flags & NS_LDAP_NOMAP) == 0)
mapping =
__ns_ldap_getMappedObjectClass(
service, attr[k]->attrvalue[j]);
else
mapping = NULL;
if (mapping == NULL && auto_service &&
(flags & NS_LDAP_NOMAP) == 0)
mapping =
__ns_ldap_getMappedObjectClass(
"automount", attr[k]->attrvalue[j]);
if (mapping && mapping[0]) {
modval[j] = strdup(mapping[0]);
} else {
modval[j] = strdup(attr[k]->
attrvalue[j]);
}
if (modval[j] == NULL)
goto free_memory;
}
} else {
for (j = 0; j < attr[k]->value_count; j++) {
modval[j] = attr[k]->attrvalue[j];
}
}
mods[i]->mod_values = modval;
}
return (mods);
free_memory:
freeModList(mods);
if (mapping)
__s_api_free2dArray(mapping);
return (NULL);
}
static LDAPMod **
__s_api_makeModList(
const char *service,
const ns_ldap_attr_t * const *attr,
const int mod_op,
const int flags)
{
ns_ldap_attr_t **aptr = (ns_ldap_attr_t **)attr;
int count = 0;
if (aptr == NULL)
return (NULL);
while (*aptr++)
count++;
return (__s_api_makeModListCount(service, attr, mod_op, count, flags));
}
static void
__s_cvt_freeEntryRdn(ns_ldap_entry_t **entry, char **rdn)
{
if (*entry != NULL) {
__ns_ldap_freeEntry(*entry);
*entry = NULL;
}
if (*rdn != NULL) {
free(*rdn);
*rdn = NULL;
}
}
static int
write_state_machine(
int ldap_op,
char *dn,
LDAPMod **mods,
const ns_cred_t *cred,
const int flags,
ns_ldap_error_t ** errorp)
{
ConnectionID connectionId = -1;
Connection *conp = NULL;
LDAPMessage *res;
char *target_dn = NULL;
char errstr[MAXERROR];
int rc = NS_LDAP_SUCCESS;
int return_rc = NS_LDAP_SUCCESS;
int followRef = FALSE;
int target_dn_allocated = FALSE;
int len;
int msgid;
int Errno;
boolean_t from_get_lderrno = B_FALSE;
int always = 1;
char *err, *errmsg = NULL;
char **referrals = NULL;
ns_referral_info_t *ref_list = NULL;
ns_referral_info_t *current_ref = NULL;
ns_write_state_t state = W_INIT, new_state, err_state = W_INIT;
int do_not_fail_if_new_pwd_reqd = 0;
ns_ldap_passwd_status_t pwd_status = NS_PASSWD_GOOD;
int passwd_mgmt = 0;
int i = 0;
int ldap_error;
int nopasswd_acct_mgmt = 0;
ns_conn_user_t *conn_user = NULL;
while (always) {
switch (state) {
case W_EXIT:
if (conn_user != NULL) {
if (conn_user->use_mt_conn == B_TRUE) {
if (conn_user->ns_error != NULL) {
*errorp = conn_user->ns_error;
conn_user->ns_error = NULL;
return_rc = conn_user->ns_rc;
}
if (conn_user->conn_mt != NULL)
__s_api_conn_mt_return(
conn_user);
}
__s_api_conn_user_free(conn_user);
}
if (connectionId > -1)
DropConnection(connectionId, NS_LDAP_NEW_CONN);
if (ref_list)
__s_api_deleteRefInfo(ref_list);
if (target_dn && target_dn_allocated)
free(target_dn);
return (return_rc);
case W_INIT:
rc = __s_api_toFollowReferrals(flags,
&followRef, errorp);
if (rc != NS_LDAP_SUCCESS) {
return_rc = rc;
new_state = W_ERROR;
break;
}
len = strlen(dn);
if (dn[len-1] == COMMATOK)
rc = __s_api_append_default_basedn(
dn, &target_dn, &target_dn_allocated,
errorp);
else
target_dn = dn;
if (rc != NS_LDAP_SUCCESS) {
return_rc = rc;
new_state = W_ERROR;
}
else
new_state = GET_CONNECTION;
break;
case GET_CONNECTION:
conn_user = __s_api_conn_user_init(NS_CONN_USER_WRITE,
NULL, B_FALSE);
rc = __s_api_getConnection(NULL,
flags, cred, &connectionId, &conp, errorp,
do_not_fail_if_new_pwd_reqd, nopasswd_acct_mgmt,
conn_user);
if (rc == NS_LDAP_SUCCESS_WITH_INFO) {
(void) __ns_ldap_freeError(errorp);
*errorp = NULL;
rc = NS_LDAP_SUCCESS;
}
if (rc != NS_LDAP_SUCCESS) {
return_rc = rc;
new_state = W_ERROR;
break;
}
if (followRef)
new_state = SELECT_OPERATION_ASYNC;
else
new_state = SELECT_OPERATION_SYNC;
break;
case SELECT_OPERATION_SYNC:
if (ldap_op == LDAP_REQ_ADD)
new_state = DO_ADD_SYNC;
else if (ldap_op == LDAP_REQ_DELETE)
new_state = DO_DELETE_SYNC;
else if (ldap_op == LDAP_REQ_MODIFY)
new_state = DO_MODIFY_SYNC;
break;
case SELECT_OPERATION_ASYNC:
if (ldap_op == LDAP_REQ_ADD)
new_state = DO_ADD_ASYNC;
else if (ldap_op == LDAP_REQ_DELETE)
new_state = DO_DELETE_ASYNC;
else if (ldap_op == LDAP_REQ_MODIFY)
new_state = DO_MODIFY_ASYNC;
break;
case DO_ADD_SYNC:
rc = ldap_add_ext_s(conp->ld, target_dn,
mods, NULL, NULL);
new_state = GET_RESULT_SYNC;
break;
case DO_DELETE_SYNC:
rc = ldap_delete_ext_s(conp->ld, target_dn,
NULL, NULL);
new_state = GET_RESULT_SYNC;
break;
case DO_MODIFY_SYNC:
rc = ldap_modify_ext_s(conp->ld, target_dn,
mods, NULL, NULL);
new_state = GET_RESULT_SYNC;
break;
case DO_ADD_ASYNC:
rc = ldap_add_ext(conp->ld, target_dn,
mods, NULL, NULL, &msgid);
new_state = GET_RESULT_ASYNC;
break;
case DO_DELETE_ASYNC:
rc = ldap_delete_ext(conp->ld, target_dn,
NULL, NULL, &msgid);
new_state = GET_RESULT_ASYNC;
break;
case DO_MODIFY_ASYNC:
rc = ldap_modify_ext(conp->ld, target_dn,
mods, NULL, NULL, &msgid);
new_state = GET_RESULT_ASYNC;
break;
case GET_RESULT_SYNC:
if (rc != LDAP_SUCCESS) {
Errno = rc;
(void) ldap_get_lderrno(conp->ld,
NULL, &errmsg);
if (errmsg != NULL && *errmsg == '\0')
errmsg = NULL;
if (errmsg != NULL) {
from_get_lderrno = B_TRUE;
}
new_state = W_LDAP_ERROR;
} else {
return_rc = NS_LDAP_SUCCESS;
new_state = W_EXIT;
}
break;
case GET_RESULT_ASYNC:
rc = ldap_result(conp->ld, msgid, 1,
(struct timeval *)NULL, &res);
if (rc == -1) {
(void) ldap_get_option(conp->ld,
LDAP_OPT_ERROR_NUMBER, &Errno);
new_state = W_LDAP_ERROR;
break;
}
if (rc == LDAP_RES_ADD || rc == LDAP_RES_MODIFY ||
rc == LDAP_RES_DELETE) {
new_state = PARSE_RESULT;
break;
} else {
return_rc = rc;
new_state = W_ERROR;
}
break;
case PARSE_RESULT:
rc = ldap_parse_result(conp->ld, res, &Errno,
NULL, &errmsg, &referrals, NULL, 1);
if (errmsg && *errmsg == '\0') {
ldap_memfree(errmsg);
errmsg = NULL;
}
if (Errno == LDAP_REFERRAL && followRef && !ref_list) {
for (i = 0; referrals[i] != NULL; i++) {
rc = __s_api_addRefInfo(&ref_list,
referrals[i], NULL, NULL, NULL,
conp->ld);
if (rc != NS_LDAP_SUCCESS) {
__s_api_deleteRefInfo(ref_list);
ref_list = NULL;
break;
}
}
ldap_value_free(referrals);
if (ref_list == NULL) {
if (rc != NS_LDAP_MEMORY)
rc = NS_LDAP_INTERNAL;
return_rc = rc;
new_state = W_ERROR;
} else {
new_state = GET_REFERRAL_CONNECTION;
current_ref = ref_list;
}
if (errmsg) {
ldap_memfree(errmsg);
errmsg = NULL;
}
break;
}
if (Errno != LDAP_SUCCESS) {
new_state = W_LDAP_ERROR;
} else {
return_rc = NS_LDAP_SUCCESS;
new_state = W_EXIT;
}
break;
case GET_REFERRAL_CONNECTION:
return_rc = NS_LDAP_SUCCESS;
if (*errorp)
(void) __ns_ldap_freeError(errorp);
if (connectionId > -1)
DropConnection(connectionId, NS_LDAP_NEW_CONN);
if (conn_user != NULL) {
if (conn_user->conn_mt != NULL)
__s_api_conn_mt_return(conn_user);
conn_user->referral = B_TRUE;
}
rc = __s_api_getConnection(current_ref->refHost,
0, cred, &connectionId, &conp, errorp,
do_not_fail_if_new_pwd_reqd,
nopasswd_acct_mgmt, conn_user);
if (rc == NS_LDAP_SUCCESS_WITH_INFO) {
(void) __ns_ldap_freeError(errorp);
*errorp = NULL;
rc = NS_LDAP_SUCCESS;
}
if (rc != NS_LDAP_SUCCESS) {
return_rc = rc;
if (*errorp != NULL) {
ns_write_state_t get_ref =
GET_REFERRAL_CONNECTION;
ldap_error = (*errorp)->status;
if (ldap_error == LDAP_BUSY ||
ldap_error == LDAP_UNAVAILABLE ||
ldap_error ==
LDAP_UNWILLING_TO_PERFORM ||
ldap_error == LDAP_CONNECT_ERROR ||
ldap_error == LDAP_SERVER_DOWN) {
current_ref = current_ref->next;
if (current_ref == NULL) {
new_state = W_ERROR;
} else
new_state = get_ref;
(void) __ns_ldap_freeError(
errorp);
*errorp = NULL;
break;
}
(void) __ns_ldap_freeError(errorp);
*errorp = NULL;
}
__s_api_deleteRefInfo(ref_list);
ref_list = NULL;
new_state = W_ERROR;
if (conn_user != NULL)
conn_user->referral = B_FALSE;
break;
}
if (current_ref->refDN) {
if (target_dn && target_dn_allocated) {
free(target_dn);
target_dn = NULL;
target_dn_allocated = FALSE;
}
target_dn = current_ref->refDN;
}
new_state = SELECT_OPERATION_SYNC;
break;
case W_LDAP_ERROR:
if (errmsg) {
passwd_mgmt =
__s_api_contain_passwd_control_oid(
conp->controls);
if (passwd_mgmt)
pwd_status =
__s_api_set_passwd_status(
Errno, errmsg);
if (!from_get_lderrno)
ldap_memfree(errmsg);
errmsg = NULL;
from_get_lderrno = B_FALSE;
}
(void) snprintf(errstr, sizeof (errstr),
"%s", ldap_err2string(Errno));
err = strdup(errstr);
if (pwd_status != NS_PASSWD_GOOD) {
MKERROR_PWD_MGMT(*errorp, Errno, err,
pwd_status, 0, NS_LDAP_MEMORY);
} else {
MKERROR(LOG_INFO, *errorp, Errno, err,
NS_LDAP_MEMORY);
}
if (conn_user != NULL &&
(Errno == LDAP_SERVER_DOWN ||
Errno == LDAP_CONNECT_ERROR)) {
__s_api_conn_mt_close(conn_user, Errno, errorp);
}
return_rc = NS_LDAP_INTERNAL;
new_state = W_EXIT;
break;
case W_ERROR:
default:
(void) sprintf(errstr,
gettext("Internal write State machine exit"
" (state = %d, rc = %d)."),
err_state, return_rc);
err = strdup(errstr);
MKERROR(LOG_WARNING, *errorp, return_rc, err,
NS_LDAP_MEMORY);
new_state = W_EXIT;
break;
}
if (new_state == W_ERROR)
err_state = state;
if (conn_user != NULL && conn_user->bad_mt_conn == B_TRUE) {
__s_api_conn_mt_close(conn_user, 0, NULL);
new_state = W_EXIT;
}
state = new_state;
}
return (NS_LDAP_INTERNAL);
}
int
__ns_ldap_addAttr(
const char *service,
const char *dn,
const ns_ldap_attr_t * const *attr,
const ns_cred_t *cred,
const int flags,
ns_ldap_error_t ** errorp)
{
LDAPMod **mods;
int rc = 0;
#ifdef DEBUG
(void) fprintf(stderr, "__ns_ldap_addAttr START\n");
#endif
*errorp = NULL;
if ((attr == NULL) || (*attr == NULL) ||
(dn == NULL) || (cred == NULL))
return (NS_LDAP_INVALID_PARAM);
mods = __s_api_makeModList(service, attr, LDAP_MOD_ADD, flags);
if (mods == NULL) {
return (NS_LDAP_MEMORY);
}
rc = write_state_machine(LDAP_REQ_MODIFY,
(char *)dn, mods, cred, flags, errorp);
freeModList(mods);
return (rc);
}
int
__ns_ldap_delAttr(
const char *service,
const char *dn,
const ns_ldap_attr_t * const *attr,
const ns_cred_t *cred,
const int flags,
ns_ldap_error_t ** errorp)
{
LDAPMod **mods;
int rc = 0;
#ifdef DEBUG
(void) fprintf(stderr, "__ns_ldap_delAttr START\n");
#endif
*errorp = NULL;
if ((attr == NULL) || (*attr == NULL) ||
(dn == NULL) || (cred == NULL))
return (NS_LDAP_INVALID_PARAM);
mods = __s_api_makeModList(service, attr, LDAP_MOD_DELETE, flags);
if (mods == NULL) {
return (NS_LDAP_MEMORY);
}
rc = write_state_machine(LDAP_REQ_MODIFY,
(char *)dn, mods, cred, flags, errorp);
freeModList(mods);
return (rc);
}
static int
get_admin_passwd(ns_cred_t *cred, ns_ldap_error_t **errorp)
{
void **paramVal = NULL;
int rc, ldaprc;
char *modparamVal = NULL;
if (cred->auth.saslmech == NS_LDAP_SASL_GSSAPI)
return (NS_LDAP_SUCCESS);
paramVal = NULL;
if ((ldaprc = __ns_ldap_getParam(NS_LDAP_ADMIN_BINDPASSWD_P,
¶mVal, errorp)) != NS_LDAP_SUCCESS)
return (ldaprc);
if (paramVal == NULL || *paramVal == NULL) {
rc = NS_LDAP_CONFIG;
*errorp = __s_api_make_error(NS_CONFIG_NODEFAULT,
gettext("Admin bind password not configured"));
if (*errorp == NULL)
rc = NS_LDAP_MEMORY;
return (rc);
}
modparamVal = dvalue((char *)*paramVal);
(void) memset(*paramVal, 0, strlen((char *)*paramVal));
(void) __ns_ldap_freeParam(¶mVal);
if (modparamVal == NULL || *((char *)modparamVal) == '\0') {
if (modparamVal != NULL)
free(modparamVal);
rc = NS_LDAP_CONFIG;
*errorp = __s_api_make_error(NS_CONFIG_SYNTAX,
gettext("bind password not valid"));
if (*errorp == NULL)
rc = NS_LDAP_MEMORY;
return (rc);
}
cred->cred.unix_cred.passwd = modparamVal;
return (NS_LDAP_SUCCESS);
}
boolean_t
__ns_ldap_is_shadow_update_enabled(void)
{
int **enable_shadow = NULL;
ns_ldap_error_t *errorp = NULL;
if (__ns_ldap_getParam(NS_LDAP_ENABLE_SHADOW_UPDATE_P,
(void ***)&enable_shadow, &errorp) != NS_LDAP_SUCCESS) {
if (errorp)
(void) __ns_ldap_freeError(&errorp);
return (B_FALSE);
}
if ((enable_shadow != NULL && *enable_shadow != NULL) &&
(*enable_shadow[0] == NS_LDAP_ENABLE_SHADOW_UPDATE_TRUE)) {
(void) __ns_ldap_freeParam((void ***)&enable_shadow);
return (B_TRUE);
}
if (enable_shadow != NULL)
(void) __ns_ldap_freeParam((void ***)&enable_shadow);
return (B_FALSE);
}
int
__ns_ldap_repAttr(
const char *service,
const char *dn,
const ns_ldap_attr_t * const *attr,
const ns_cred_t *cred,
const int flags,
ns_ldap_error_t ** errorp)
{
LDAPMod **mods;
int rc = 0;
boolean_t priv;
boolean_t shadow_update_enabled = B_FALSE;
#ifdef DEBUG
(void) fprintf(stderr, "__ns_ldap_repAttr START\n");
#endif
*errorp = NULL;
if (attr == NULL || *attr == NULL || dn == NULL)
return (NS_LDAP_INVALID_PARAM);
if ((flags & NS_LDAP_UPDATE_SHADOW) != 0 &&
strcmp(service, "shadow") == 0) {
shadow_update_enabled = __ns_ldap_is_shadow_update_enabled();
if (!shadow_update_enabled) {
*errorp = __s_api_make_error(NS_CONFIG_NOTALLOW,
gettext("Shadow Update is not enabled"));
return (NS_LDAP_CONFIG);
}
priv = (geteuid() == 0);
if (!priv) {
priv_set_t *ps = priv_allocset();
priv_set_t *zs;
(void) getppriv(PRIV_EFFECTIVE, ps);
zs = priv_str_to_set("zone", ",", NULL);
priv = priv_isequalset(ps, zs);
priv_freeset(ps);
priv_freeset(zs);
}
if (!priv)
return (NS_LDAP_OP_FAILED);
rc = send_to_cachemgr(dn, (ns_ldap_attr_t **)attr, errorp);
return (rc);
}
if (cred == NULL)
return (NS_LDAP_INVALID_PARAM);
if (strcmp(service, NS_ADMIN_SHADOW_UPDATE) == 0) {
if ((rc = get_admin_passwd((ns_cred_t *)cred, errorp)) !=
NS_LDAP_SUCCESS)
return (rc);
}
mods = __s_api_makeModList(service, attr, LDAP_MOD_REPLACE, flags);
if (mods == NULL)
return (NS_LDAP_MEMORY);
rc = write_state_machine(LDAP_REQ_MODIFY,
(char *)dn, mods, cred, flags, errorp);
freeModList(mods);
return (rc);
}
int
__ns_ldap_addEntry(
const char *service,
const char *dn,
const ns_ldap_entry_t *entry,
const ns_cred_t *cred,
const int flags,
ns_ldap_error_t ** errorp)
{
char *new_dn = NULL;
LDAPMod **mods = NULL;
const ns_ldap_attr_t * const *attr;
int nAttr = 0;
int rc = 0;
#ifdef DEBUG
(void) fprintf(stderr, "__ns_ldap_addEntry START\n");
#endif
if ((entry == NULL) || (dn == NULL) || (cred == NULL))
return (NS_LDAP_INVALID_PARAM);
*errorp = NULL;
nAttr = entry->attr_count;
attr = (const ns_ldap_attr_t * const *)(entry->attr_pair);
mods = __s_api_makeModListCount(service, attr, LDAP_MOD_ADD,
nAttr, flags);
if (mods == NULL) {
return (NS_LDAP_MEMORY);
}
rc = replace_mapped_attr_in_dn(service, dn, &new_dn);
if (rc != NS_LDAP_SUCCESS) {
freeModList(mods);
return (rc);
}
rc = write_state_machine(LDAP_REQ_ADD,
new_dn ? new_dn : (char *)dn, mods, cred, flags, errorp);
if (new_dn)
free(new_dn);
freeModList(mods);
return (rc);
}
int
__ns_ldap_delEntry(
const char *service,
const char *dn,
const ns_cred_t *cred,
const int flags,
ns_ldap_error_t ** errorp)
{
int rc;
#ifdef DEBUG
(void) fprintf(stderr, "__ns_ldap_delEntry START\n");
#endif
if ((dn == NULL) || (cred == NULL))
return (NS_LDAP_INVALID_PARAM);
*errorp = NULL;
rc = write_state_machine(LDAP_REQ_DELETE,
(char *)dn, NULL, cred, flags, errorp);
return (rc);
}
static int
__s_add_attr(ns_ldap_entry_t *e, char *attrname, char *value)
{
ns_ldap_attr_t *a;
char *v;
a = (ns_ldap_attr_t *)calloc(1, sizeof (ns_ldap_attr_t));
if (a == NULL)
return (NS_LDAP_MEMORY);
a->attrname = strdup(attrname);
if (a->attrname == NULL)
return (NS_LDAP_MEMORY);
a->attrvalue = (char **)calloc(1, sizeof (char **));
if (a->attrvalue == NULL)
return (NS_LDAP_MEMORY);
a->value_count = 1;
a->attrvalue[0] = NULL;
v = strdup(value);
if (v == NULL)
return (NS_LDAP_MEMORY);
a->attrvalue[0] = v;
e->attr_pair[e->attr_count] = a;
e->attr_count++;
return (NS_LDAP_SUCCESS);
}
static int
__s_add_attrlist(ns_ldap_entry_t *e, char *attrname, char **argv)
{
ns_ldap_attr_t *a;
char *v;
char **av;
int i, j;
a = (ns_ldap_attr_t *)calloc(1, sizeof (ns_ldap_attr_t));
if (a == NULL)
return (NS_LDAP_MEMORY);
a->attrname = strdup(attrname);
if (a->attrname == NULL)
return (NS_LDAP_MEMORY);
for (i = 0, av = argv; *av != NULL; av++, i++)
;
a->attrvalue = (char **)calloc(i, sizeof (char *));
if (a->attrvalue == NULL)
return (NS_LDAP_MEMORY);
a->value_count = i;
for (j = 0; j < i; j++) {
v = strdup(argv[j]);
if (v == NULL)
return (NS_LDAP_MEMORY);
a->attrvalue[j] = v;
}
e->attr_pair[e->attr_count] = a;
e->attr_count++;
return (NS_LDAP_SUCCESS);
}
static ns_ldap_entry_t *
__s_mk_entry(char **objclass, int max_attr)
{
ns_ldap_entry_t *e;
e = (ns_ldap_entry_t *)calloc(1, sizeof (ns_ldap_entry_t));
if (e == NULL)
return (NULL);
e->attr_pair = (ns_ldap_attr_t **)
calloc(max_attr + 2, sizeof (ns_ldap_attr_t *));
if (e->attr_pair == NULL) {
free(e);
return (NULL);
}
e->attr_count = 0;
if (__s_add_attrlist(e, "objectClass", objclass) != NS_LDAP_SUCCESS) {
free(e->attr_pair);
free(e);
return (NULL);
}
return (e);
}
static int
__s_cvt_passwd(const void *data, char **rdn,
ns_ldap_entry_t **entry, ns_ldap_error_t **errorp)
{
ns_ldap_entry_t *e;
int rc;
char trdn[RDNSIZE];
struct passwd *ptr;
int max_attr = 9;
char ibuf[10];
static char *oclist[] = {
"posixAccount",
"shadowAccount",
"account",
"top",
NULL
};
if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL)
return (NS_LDAP_OP_FAILED);
*entry = e = __s_mk_entry(oclist, max_attr);
if (e == NULL)
return (NS_LDAP_MEMORY);
ptr = (struct passwd *)data;
if (ptr->pw_name == NULL || ptr->pw_uid > MAXUID ||
ptr->pw_gid > MAXUID || ptr->pw_dir == NULL) {
__ns_ldap_freeEntry(e);
*entry = NULL;
return (NS_LDAP_INVALID_PARAM);
}
(void) snprintf(trdn, RDNSIZE, "uid=%s", ptr->pw_name);
*rdn = strdup(trdn);
if (*rdn == NULL) {
__ns_ldap_freeEntry(e);
*entry = NULL;
return (NS_LDAP_MEMORY);
}
rc = __s_add_attr(e, "uid", ptr->pw_name);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
rc = __s_add_attr(e, "cn", ptr->pw_name);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
if (ptr->pw_passwd != NULL &&
ptr->pw_passwd[0] != '\0') {
rc = __s_add_attr(e, "userPassword", ptr->pw_passwd);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
}
(void) sprintf(ibuf, "%u", ptr->pw_uid);
rc = __s_add_attr(e, "uidNumber", ibuf);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
(void) sprintf(ibuf, "%u", ptr->pw_gid);
rc = __s_add_attr(e, "gidNumber", ibuf);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
if (ptr->pw_gecos != NULL &&
ptr->pw_gecos[0] != '\0') {
rc = __s_add_attr(e, "gecos", ptr->pw_gecos);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
}
rc = __s_add_attr(e, "homeDirectory", ptr->pw_dir);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
if (ptr->pw_shell != NULL &&
ptr->pw_shell[0] != '\0') {
rc = __s_add_attr(e, "loginShell", ptr->pw_shell);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
}
return (NS_LDAP_SUCCESS);
}
static int escape_str(char *escstr, char *str)
{
int index = 0;
while ((*str != '\0') && (index < (RDNSIZE - 1))) {
if (*str == '+' || *str == ';' || *str == '>' ||
*str == '<' || *str == ',' || *str == '"' ||
*str == '\\' || *str == '=' ||
(*str == '#' && index == 0)) {
*escstr++ = '\\';
*escstr++ = *str++;
index += 2;
} else {
*escstr++ = *str++;
index++;
}
}
if (*str == '\0') {
*escstr = '\0';
return (0);
} else {
return (1);
}
}
static int
__s_cvt_project(const void *data, char **rdn,
ns_ldap_entry_t **entry, ns_ldap_error_t **errorp)
{
ns_ldap_entry_t *e;
int rc;
char trdn[RDNSIZE];
struct project *ptr;
int max_attr = 9;
char ibuf[11];
static char *oclist[] = {
"SolarisProject",
"top",
NULL
};
if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL)
return (NS_LDAP_OP_FAILED);
*entry = e = __s_mk_entry(oclist, max_attr);
if (e == NULL)
return (NS_LDAP_MEMORY);
ptr = (struct project *)data;
if (ptr->pj_name == NULL || ptr->pj_projid > MAXUID) {
__ns_ldap_freeEntry(e);
*entry = NULL;
return (NS_LDAP_INVALID_PARAM);
}
(void) snprintf(trdn, RDNSIZE, "SolarisProjectName=%s", ptr->pj_name);
*rdn = strdup(trdn);
if (*rdn == NULL) {
__ns_ldap_freeEntry(e);
*entry = NULL;
return (NS_LDAP_MEMORY);
}
rc = __s_add_attr(e, "SolarisProjectName", ptr->pj_name);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
if (snprintf(ibuf, sizeof (ibuf), "%u", ptr->pj_projid) < 0) {
__s_cvt_freeEntryRdn(entry, rdn);
return (NS_LDAP_INVALID_PARAM);
}
rc = __s_add_attr(e, "SolarisProjectID", ibuf);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
if (ptr->pj_comment != NULL && ptr->pj_comment[0] != '\0') {
rc = __s_add_attr(e, "description", ptr->pj_comment);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
}
if (ptr->pj_attr != NULL && ptr->pj_attr[0] != '\0') {
rc = __s_add_attr(e, "SolarisProjectAttr", ptr->pj_attr);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
}
if (ptr->pj_users != NULL) {
rc = __s_add_attrlist(e, "memberUid", ptr->pj_users);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
}
if (ptr->pj_groups != NULL) {
rc = __s_add_attrlist(e, "memberGid", ptr->pj_groups);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
}
return (NS_LDAP_SUCCESS);
}
static int
__s_cvt_shadow(const void *data, char **rdn,
ns_ldap_entry_t **entry, ns_ldap_error_t **errorp)
{
ns_ldap_entry_t *e;
int rc;
char trdn[RDNSIZE];
struct spwd *ptr;
int max_attr = 10;
char ibuf[10];
static char *oclist[] = {
"posixAccount",
"shadowAccount",
"account",
"top",
NULL
};
if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL)
return (NS_LDAP_OP_FAILED);
*entry = e = __s_mk_entry(oclist, max_attr);
if (e == NULL)
return (NS_LDAP_MEMORY);
ptr = (struct spwd *)data;
if (ptr->sp_namp == NULL) {
__ns_ldap_freeEntry(e);
*entry = NULL;
return (NS_LDAP_INVALID_PARAM);
}
(void) snprintf(trdn, RDNSIZE, "uid=%s", ptr->sp_namp);
*rdn = strdup(trdn);
if (*rdn == NULL) {
__ns_ldap_freeEntry(e);
*entry = NULL;
return (NS_LDAP_MEMORY);
}
rc = __s_add_attr(e, "uid", ptr->sp_namp);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
if (ptr->sp_pwdp == NULL) {
__s_cvt_freeEntryRdn(entry, rdn);
return (NS_LDAP_INVALID_PARAM);
} else {
rc = __s_add_attr(e, "userPassword", ptr->sp_pwdp);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
}
if (ptr->sp_lstchg >= 0) {
(void) sprintf(ibuf, "%d", ptr->sp_lstchg);
rc = __s_add_attr(e, "shadowLastChange", ibuf);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
}
if (ptr->sp_min >= 0) {
(void) sprintf(ibuf, "%d", ptr->sp_min);
rc = __s_add_attr(e, "shadowMin", ibuf);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
}
if (ptr->sp_max >= 0) {
(void) sprintf(ibuf, "%d", ptr->sp_max);
rc = __s_add_attr(e, "shadowMax", ibuf);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
}
if (ptr->sp_warn >= 0) {
(void) sprintf(ibuf, "%d", ptr->sp_warn);
rc = __s_add_attr(e, "shadowWarning", ibuf);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
}
if (ptr->sp_inact >= 0) {
(void) sprintf(ibuf, "%d", ptr->sp_inact);
rc = __s_add_attr(e, "shadowInactive", ibuf);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
}
if (ptr->sp_expire >= 0) {
(void) sprintf(ibuf, "%d", ptr->sp_expire);
rc = __s_add_attr(e, "shadowExpire", ibuf);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
}
(void) sprintf(ibuf, "%d", ptr->sp_flag);
rc = __s_add_attr(e, "shadowFlag", ibuf);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
return (NS_LDAP_SUCCESS);
}
static int
__s_cvt_group(const void *data, char **rdn,
ns_ldap_entry_t **entry, ns_ldap_error_t **errorp)
{
ns_ldap_entry_t *e;
int rc;
char trdn[RDNSIZE];
struct group *ptr;
int i, j, k;
char **nm, **lm;
int max_attr = 4;
char ibuf[10];
static char *oclist[] = {
"posixGroup",
"top",
NULL
};
if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL)
return (NS_LDAP_OP_FAILED);
*entry = e = __s_mk_entry(oclist, max_attr);
if (e == NULL)
return (NS_LDAP_MEMORY);
ptr = (struct group *)data;
if (ptr->gr_name == NULL || ptr->gr_gid > MAXUID) {
__ns_ldap_freeEntry(e);
*entry = NULL;
return (NS_LDAP_INVALID_PARAM);
}
(void) snprintf(trdn, RDNSIZE, "cn=%s", ptr->gr_name);
*rdn = strdup(trdn);
if (*rdn == NULL) {
__ns_ldap_freeEntry(e);
*entry = NULL;
return (NS_LDAP_MEMORY);
}
rc = __s_add_attr(e, "cn", ptr->gr_name);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
(void) sprintf(ibuf, "%u", ptr->gr_gid);
rc = __s_add_attr(e, "gidNumber", ibuf);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
if (ptr->gr_passwd && ptr->gr_passwd[0] != '\0') {
rc = __s_add_attr(e, "userPassword", ptr->gr_passwd);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
}
if (ptr->gr_mem && ptr->gr_mem[0]) {
lm = ptr->gr_mem;
for (i = 0; *lm; i++, lm++)
;
lm = ptr->gr_mem;
nm = (char **)calloc(i+2, sizeof (char *));
if (nm == NULL) {
__s_cvt_freeEntryRdn(entry, rdn);
return (NS_LDAP_MEMORY);
}
for (j = 0; j < i; j++) {
nm[j] = strdup(lm[j]);
if (nm[j] == NULL) {
for (k = 0; k < j; k++)
free(nm[k]);
free(nm);
__s_cvt_freeEntryRdn(entry, rdn);
return (NS_LDAP_MEMORY);
}
}
rc = __s_add_attrlist(e, "memberUid", nm);
for (j = 0; j < i; j++) {
free(nm[j]);
}
free(nm);
nm = NULL;
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
}
return (NS_LDAP_SUCCESS);
}
static int
__s_cvt_hosts(const void *data, char **rdn,
ns_ldap_entry_t **entry, ns_ldap_error_t **errorp)
{
ns_ldap_entry_t *e;
int rc;
char trdn[RDNSIZE];
struct hostent *ptr;
int max_attr = 6;
int i, j, k;
char **nm, **lm;
static char *oclist[] = {
"ipHost",
"device",
"top",
NULL
};
if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL)
return (NS_LDAP_OP_FAILED);
*entry = e = __s_mk_entry(oclist, max_attr);
if (e == NULL)
return (NS_LDAP_MEMORY);
ptr = (struct hostent *)data;
if (ptr->h_name == NULL ||
ptr->h_addr_list == NULL || ptr->h_addr_list[0] == NULL) {
__ns_ldap_freeEntry(e);
*entry = NULL;
return (NS_LDAP_INVALID_PARAM);
}
(void) snprintf(trdn, RDNSIZE, "cn=%s+ipHostNumber=%s",
ptr->h_name, ptr->h_addr_list[0]);
*rdn = strdup(trdn);
if (*rdn == NULL) {
__ns_ldap_freeEntry(e);
*entry = NULL;
return (NS_LDAP_MEMORY);
}
if (ptr->h_aliases && ptr->h_aliases[0]) {
lm = ptr->h_aliases;
for (i = 0; *lm && (*lm)[0] != '#'; i++, lm++)
;
lm = ptr->h_aliases;
nm = (char **)calloc(i+2, sizeof (char *));
if (nm == NULL) {
__s_cvt_freeEntryRdn(entry, rdn);
return (NS_LDAP_MEMORY);
}
nm[0] = ptr->h_name;
for (j = 0; j < i; j++)
nm[j+1] = ptr->h_aliases[j];
rc = __s_add_attrlist(e, "cn", nm);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
free(nm);
return (rc);
}
if (lm[i] && lm[i][0] == '#') {
nm[0] = &(lm[i][1]);
nm[1] = NULL;
rc = __s_add_attrlist(e, "description", nm);
}
free(nm);
nm = NULL;
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
} else {
rc = __s_add_attr(e, "cn", ptr->h_name);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
}
if (ptr->h_addr_list && ptr->h_addr_list[0]) {
lm = ptr->h_addr_list;
for (i = 0; *lm; i++, lm++)
;
lm = ptr->h_addr_list;
nm = (char **)calloc(i+2, sizeof (char *));
if (nm == NULL) {
__s_cvt_freeEntryRdn(entry, rdn);
return (NS_LDAP_MEMORY);
}
for (j = 0; j < i; j++) {
nm[j] = strdup(lm[j]);
if (nm[j] == NULL) {
for (k = 0; k < j; k++)
free(nm[k]);
free(nm);
__s_cvt_freeEntryRdn(entry, rdn);
return (NS_LDAP_MEMORY);
}
}
rc = __s_add_attrlist(e, "ipHostNumber", nm);
for (j = 0; j < i; j++) {
free(nm[j]);
}
free(nm);
nm = NULL;
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
} else {
__s_cvt_freeEntryRdn(entry, rdn);
return (NS_LDAP_INVALID_PARAM);
}
return (NS_LDAP_SUCCESS);
}
static int
__s_cvt_rpc(const void *data, char **rdn,
ns_ldap_entry_t **entry, ns_ldap_error_t **errorp)
{
ns_ldap_entry_t *e;
int rc;
char trdn[RDNSIZE];
struct rpcent *ptr;
int max_attr = 3;
int i, j;
char **nm;
char ibuf[10];
static char *oclist[] = {
"oncRpc",
"top",
NULL
};
if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL)
return (NS_LDAP_OP_FAILED);
*entry = e = __s_mk_entry(oclist, max_attr);
if (e == NULL)
return (NS_LDAP_MEMORY);
ptr = (struct rpcent *)data;
if (ptr->r_name == NULL || ptr->r_number < 0) {
__ns_ldap_freeEntry(e);
*entry = NULL;
return (NS_LDAP_INVALID_PARAM);
}
(void) snprintf(trdn, RDNSIZE, "cn=%s", ptr->r_name);
*rdn = strdup(trdn);
if (*rdn == NULL) {
__ns_ldap_freeEntry(e);
*entry = NULL;
return (NS_LDAP_MEMORY);
}
if (ptr->r_aliases && ptr->r_aliases[0]) {
nm = ptr->r_aliases;
for (i = 0; *nm; i++, nm++)
;
nm = (char **)calloc(i+2, sizeof (char *));
if (nm == NULL) {
__s_cvt_freeEntryRdn(entry, rdn);
return (NS_LDAP_MEMORY);
}
nm[0] = ptr->r_name;
for (j = 0; j < i; j++)
nm[j+1] = ptr->r_aliases[j];
rc = __s_add_attrlist(e, "cn", nm);
free(nm);
nm = NULL;
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
} else {
rc = __s_add_attr(e, "cn", ptr->r_name);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
}
if (ptr->r_number >= 0) {
(void) sprintf(ibuf, "%d", ptr->r_number);
rc = __s_add_attr(e, "oncRpcNumber", ibuf);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
}
return (NS_LDAP_SUCCESS);
}
static int
__s_cvt_protocols(const void *data, char **rdn,
ns_ldap_entry_t **entry, ns_ldap_error_t **errorp)
{
ns_ldap_entry_t *e;
int rc;
char trdn[RDNSIZE];
struct protoent *ptr;
int max_attr = 3;
int i, j;
char ibuf[10];
char **nm;
static char *oclist[] = {
"ipProtocol",
"top",
NULL
};
if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL)
return (NS_LDAP_OP_FAILED);
*entry = e = __s_mk_entry(oclist, max_attr);
if (e == NULL)
return (NS_LDAP_MEMORY);
ptr = (struct protoent *)data;
if (ptr->p_name == NULL || ptr->p_proto < 0) {
__ns_ldap_freeEntry(e);
*entry = NULL;
return (NS_LDAP_INVALID_PARAM);
}
(void) snprintf(trdn, RDNSIZE, "cn=%s", ptr->p_name);
*rdn = strdup(trdn);
if (*rdn == NULL) {
__ns_ldap_freeEntry(e);
*entry = NULL;
return (NS_LDAP_MEMORY);
}
if (ptr->p_aliases && ptr->p_aliases[0]) {
nm = ptr->p_aliases;
for (i = 0; *nm; i++, nm++)
;
nm = (char **)calloc(i+2, sizeof (char *));
if (nm == NULL) {
__s_cvt_freeEntryRdn(entry, rdn);
return (NS_LDAP_MEMORY);
}
nm[0] = ptr->p_name;
for (j = 0; j < i; j++)
nm[j+1] = ptr->p_aliases[j];
rc = __s_add_attrlist(e, "cn", nm);
free(nm);
nm = NULL;
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
} else {
rc = __s_add_attr(e, "cn", ptr->p_name);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
}
(void) sprintf(ibuf, "%d", ptr->p_proto);
rc = __s_add_attr(e, "ipProtocolNumber", ibuf);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
return (NS_LDAP_SUCCESS);
}
static int
__s_cvt_services(const void *data, char **rdn,
ns_ldap_entry_t **entry, ns_ldap_error_t **errorp)
{
ns_ldap_entry_t *e;
int rc;
char trdn[RDNSIZE];
char esc_str[RDNSIZE];
struct servent *ptr;
int max_attr = 4;
int i, j;
char ibuf[10];
char **nm;
static char *oclist[] = {
"ipService",
"top",
NULL
};
if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL)
return (NS_LDAP_OP_FAILED);
*entry = e = __s_mk_entry(oclist, max_attr);
if (e == NULL)
return (NS_LDAP_MEMORY);
ptr = (struct servent *)data;
if (ptr->s_name == NULL || ptr->s_port < 0 || ptr->s_proto == NULL) {
__ns_ldap_freeEntry(e);
*entry = NULL;
return (NS_LDAP_INVALID_PARAM);
}
if (escape_str(esc_str, ptr->s_name) != 0) {
__ns_ldap_freeEntry(e);
*entry = NULL;
return (NS_LDAP_INVALID_PARAM);
}
(void) snprintf(trdn, RDNSIZE, "cn=%s+ipServiceProtocol=%s",
esc_str, ptr->s_proto);
*rdn = strdup(trdn);
if (*rdn == NULL) {
__ns_ldap_freeEntry(e);
*entry = NULL;
return (NS_LDAP_MEMORY);
}
if (ptr->s_aliases && ptr->s_aliases[0]) {
nm = ptr->s_aliases;
for (i = 0; *nm; i++, nm++)
;
nm = (char **)calloc(i+2, sizeof (char *));
if (nm == NULL) {
__s_cvt_freeEntryRdn(entry, rdn);
return (NS_LDAP_MEMORY);
}
nm[0] = ptr->s_name;
for (j = 0; j < i; j++)
nm[j+1] = ptr->s_aliases[j];
rc = __s_add_attrlist(e, "cn", nm);
free(nm);
nm = NULL;
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
} else {
rc = __s_add_attr(e, "cn", ptr->s_name);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
}
(void) sprintf(ibuf, "%d", ptr->s_port);
rc = __s_add_attr(e, "ipServicePort", ibuf);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
rc = __s_add_attr(e, "ipServiceProtocol", ptr->s_proto);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
return (NS_LDAP_SUCCESS);
}
static int
__s_cvt_networks(const void *data, char **rdn,
ns_ldap_entry_t **entry, ns_ldap_error_t **errorp)
{
ns_ldap_entry_t *e;
int rc;
char trdn[RDNSIZE];
struct netent *ptr;
int max_attr = 4;
int i, j;
char cp[64];
char **nm;
static char *oclist[] = {
"ipNetwork",
"top",
NULL
};
if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL)
return (NS_LDAP_OP_FAILED);
*entry = e = __s_mk_entry(oclist, max_attr);
if (e == NULL)
return (NS_LDAP_MEMORY);
ptr = (struct netent *)data;
if (ptr->n_name == NULL || ptr->n_net == 0) {
__ns_ldap_freeEntry(e);
*entry = NULL;
return (NS_LDAP_INVALID_PARAM);
}
(void) snprintf(cp, sizeof (cp), "%d.%d.%d.%d",
(ptr->n_net & 0xFF000000) >> 24,
(ptr->n_net & 0x00FF0000) >> 16,
(ptr->n_net & 0x0000FF00) >> 8,
(ptr->n_net & 0x000000FF));
(void) snprintf(trdn, RDNSIZE, "ipNetworkNumber=%s", cp);
*rdn = strdup(trdn);
if (*rdn == NULL) {
__ns_ldap_freeEntry(e);
*entry = NULL;
return (NS_LDAP_MEMORY);
}
if (ptr->n_aliases && ptr->n_aliases[0]) {
nm = ptr->n_aliases;
for (i = 0; *nm; i++, nm++)
;
nm = (char **)calloc(i+2, sizeof (char *));
if (nm == NULL) {
__s_cvt_freeEntryRdn(entry, rdn);
return (NS_LDAP_MEMORY);
}
nm[0] = ptr->n_name;
for (j = 0; j < i; j++)
nm[j+1] = ptr->n_aliases[j];
rc = __s_add_attrlist(e, "cn", nm);
free(nm);
nm = NULL;
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
} else {
rc = __s_add_attr(e, "cn", ptr->n_name);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
}
rc = __s_add_attr(e, "ipNetworkNumber", cp);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
return (NS_LDAP_SUCCESS);
}
static int
__s_cvt_netmasks(const void *data, char **rdn,
ns_ldap_entry_t **entry, ns_ldap_error_t **errorp)
{
ns_ldap_entry_t *e;
int rc;
char trdn[RDNSIZE];
struct _ns_netmasks *ptr;
int max_attr = 4;
static char *oclist[] = {
"ipNetwork",
"top",
NULL
};
if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL)
return (NS_LDAP_OP_FAILED);
*entry = e = __s_mk_entry(oclist, max_attr);
if (e == NULL)
return (NS_LDAP_MEMORY);
ptr = (struct _ns_netmasks *)data;
if (ptr->netnumber == NULL) {
__ns_ldap_freeEntry(e);
*entry = NULL;
return (NS_LDAP_INVALID_PARAM);
}
(void) snprintf(trdn, RDNSIZE, "ipNetworkNumber=%s", ptr->netnumber);
*rdn = strdup(trdn);
if (*rdn == NULL) {
__ns_ldap_freeEntry(e);
*entry = NULL;
return (NS_LDAP_MEMORY);
}
rc = __s_add_attr(e, "ipNetworkNumber", ptr->netnumber);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
if (ptr->netmask != NULL) {
rc = __s_add_attr(e, "ipNetmaskNumber", ptr->netmask);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
}
return (NS_LDAP_SUCCESS);
}
static int
__s_cvt_netgroups(const void *data, char **rdn,
ns_ldap_entry_t **entry, ns_ldap_error_t **errorp)
{
ns_ldap_entry_t *e;
int rc;
char trdn[RDNSIZE];
struct _ns_netgroups *ptr;
int max_attr = 6;
int i, j;
char **nm;
static char *oclist[] = {
"nisNetgroup",
"top",
NULL
};
if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL)
return (NS_LDAP_OP_FAILED);
*entry = e = __s_mk_entry(oclist, max_attr);
if (e == NULL)
return (NS_LDAP_MEMORY);
ptr = (struct _ns_netgroups *)data;
if (ptr->name == NULL || *ptr->name == '\0') {
__ns_ldap_freeEntry(e);
*entry = NULL;
return (NS_LDAP_INVALID_PARAM);
}
(void) snprintf(trdn, RDNSIZE, "cn=%s", ptr->name);
*rdn = strdup(trdn);
if (*rdn == NULL) {
__ns_ldap_freeEntry(e);
*entry = NULL;
return (NS_LDAP_MEMORY);
}
rc = __s_add_attr(e, "cn", ptr->name);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
if (ptr->triplet && ptr->triplet[0]) {
nm = ptr->triplet;
for (i = 0; *nm; i++, nm++)
;
nm = (char **)calloc(i+2, sizeof (char *));
if (nm == NULL) {
__s_cvt_freeEntryRdn(entry, rdn);
return (NS_LDAP_MEMORY);
}
for (j = 0; j < i; j++)
nm[j] = ptr->triplet[j];
rc = __s_add_attrlist(e, "nisNetgroupTriple", nm);
free(nm);
nm = NULL;
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
}
if (ptr->netgroup && ptr->netgroup[0]) {
nm = ptr->netgroup;
for (i = 0; *nm; i++, nm++)
;
nm = (char **)calloc(i+2, sizeof (char *));
if (nm == NULL) {
__s_cvt_freeEntryRdn(entry, rdn);
return (NS_LDAP_MEMORY);
}
for (j = 0; j < i; j++)
nm[j] = ptr->netgroup[j];
rc = __s_add_attrlist(e, "memberNisNetgroup", nm);
free(nm);
nm = NULL;
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
}
return (NS_LDAP_SUCCESS);
}
static int
__s_cvt_bootparams(const void *data, char **rdn,
ns_ldap_entry_t **entry, ns_ldap_error_t **errorp)
{
ns_ldap_entry_t *e;
int rc;
char trdn[RDNSIZE];
struct _ns_bootp *ptr;
int max_attr = 4;
int i, j;
char **nm;
static char *oclist[] = {
"bootableDevice",
"device",
"top",
NULL
};
if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL)
return (NS_LDAP_OP_FAILED);
*entry = e = __s_mk_entry(oclist, max_attr);
if (e == NULL)
return (NS_LDAP_MEMORY);
ptr = (struct _ns_bootp *)data;
if (ptr->name == NULL || *ptr->name == '\0') {
__ns_ldap_freeEntry(e);
*entry = NULL;
return (NS_LDAP_INVALID_PARAM);
}
(void) snprintf(trdn, RDNSIZE, "cn=%s", ptr->name);
*rdn = strdup(trdn);
if (*rdn == NULL) {
__ns_ldap_freeEntry(e);
*entry = NULL;
return (NS_LDAP_MEMORY);
}
rc = __s_add_attr(e, "cn", ptr->name);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
if (ptr->param && ptr->param[0]) {
nm = ptr->param;
for (i = 0; *nm; i++, nm++)
;
nm = (char **)calloc(i+2, sizeof (char *));
if (nm == NULL) {
__s_cvt_freeEntryRdn(entry, rdn);
return (NS_LDAP_MEMORY);
}
for (j = 0; j < i; j++)
nm[j] = ptr->param[j];
rc = __s_add_attrlist(e, "bootParameter", nm);
free(nm);
nm = NULL;
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
}
return (NS_LDAP_SUCCESS);
}
static int
__s_cvt_ethers(const void *data, char **rdn,
ns_ldap_entry_t **entry, ns_ldap_error_t **errorp)
{
ns_ldap_entry_t *e;
int rc;
char trdn[RDNSIZE];
struct _ns_ethers *ptr;
int max_attr = 4;
static char *oclist[] = {
"ieee802Device",
"device",
"top",
NULL
};
if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL)
return (NS_LDAP_OP_FAILED);
*entry = e = __s_mk_entry(oclist, max_attr);
if (e == NULL)
return (NS_LDAP_MEMORY);
ptr = (struct _ns_ethers *)data;
if (ptr->name == NULL || *ptr->name == '\0' || ptr->ether == NULL) {
__ns_ldap_freeEntry(e);
*entry = NULL;
return (NS_LDAP_INVALID_PARAM);
}
(void) snprintf(trdn, RDNSIZE, "cn=%s", ptr->name);
*rdn = strdup(trdn);
if (*rdn == NULL) {
__ns_ldap_freeEntry(e);
*entry = NULL;
return (NS_LDAP_MEMORY);
}
rc = __s_add_attr(e, "cn", ptr->name);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
rc = __s_add_attr(e, "macAddress", ptr->ether);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
return (NS_LDAP_SUCCESS);
}
#define _MAX_ATTR_ETHBOOTP 2
static int
modify_ethers_bootp(
const char *service,
const char *rdn,
const char *fulldn,
const ns_ldap_attr_t * const *attrlist,
const ns_cred_t *cred,
const int flags,
ns_ldap_error_t **errorp)
{
char filter[BUFSIZ];
ns_ldap_result_t *resultp;
int rc = 0;
int i;
ns_ldap_attr_t *new_attrlist[_MAX_ATTR_ETHBOOTP+1];
ns_ldap_attr_t new_attrlist0;
char *new_attrvalue0[1];
const ns_ldap_attr_t * const *aptr = attrlist;
ns_ldap_attr_t *aptr2;
ns_ldap_error_t *new_errorp = NULL;
if (rdn == NULL || fulldn == NULL || attrlist == NULL ||
errorp == NULL || service == NULL)
return (NS_LDAP_OP_FAILED);
bzero(&new_attrlist, sizeof (new_attrlist));
bzero(&new_attrlist0, sizeof (new_attrlist0));
new_attrlist[0] = &new_attrlist0;
new_attrlist[0]->attrvalue = new_attrvalue0;
new_attrlist[0]->attrname = "objectclass";
new_attrlist[0]->value_count = 1;
if (strcasecmp(service, "ethers") == 0) {
(void) snprintf(&filter[0], sizeof (filter),
"(&(objectClass=ieee802Device)(%s))", rdn);
new_attrlist[0]->attrvalue[0] = "ieee802Device";
} else {
(void) snprintf(&filter[0], sizeof (filter),
"(&(objectClass=bootableDevice)(%s))", rdn);
new_attrlist[0]->attrvalue[0] = "bootableDevice";
}
rc = __ns_ldap_list(service, filter, NULL, (const char **)NULL,
NULL, NS_LDAP_SCOPE_SUBTREE, &resultp, &new_errorp,
NULL, NULL);
switch (rc) {
case NS_LDAP_SUCCESS:
rc = NS_LDAP_INTERNAL;
break;
case NS_LDAP_NOTFOUND:
i = 1;
while (*aptr && (i < _MAX_ATTR_ETHBOOTP)) {
aptr2 = (ns_ldap_attr_t *)*aptr++;
if ((strcasecmp(aptr2->attrname, "cn") != 0) &&
(strcasecmp(aptr2->attrname,
"objectclass") != 0)) {
new_attrlist[i++] = (ns_ldap_attr_t *)aptr2;
}
}
if (i != _MAX_ATTR_ETHBOOTP) {
rc = NS_LDAP_OP_FAILED;
break;
}
aptr = (const ns_ldap_attr_t * const *) new_attrlist;
(void) __ns_ldap_freeError(errorp);
rc = __ns_ldap_addAttr(service, fulldn, aptr, cred, flags,
errorp);
break;
default:
(void) __ns_ldap_freeError(errorp);
*errorp = new_errorp;
break;
}
return (rc);
}
static int
__s_cvt_publickey(const void *data, char **rdn,
ns_ldap_entry_t **entry, ns_ldap_error_t **errorp)
{
ns_ldap_entry_t *e;
int rc;
char trdn[RDNSIZE];
struct _ns_pubkey *ptr;
int max_attr = 3;
static char *oclist[] = {
"NisKeyObject",
NULL
};
if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL)
return (NS_LDAP_OP_FAILED);
*entry = e = __s_mk_entry(oclist, max_attr);
if (e == NULL)
return (NS_LDAP_MEMORY);
ptr = (struct _ns_pubkey *)data;
if (ptr->name == NULL || *ptr->name == '\0' || ptr->pubkey == NULL ||
ptr->privkey == NULL) {
__ns_ldap_freeEntry(e);
*entry = NULL;
return (NS_LDAP_INVALID_PARAM);
}
if (ptr->hostcred == NS_HOSTCRED_FALSE)
(void) snprintf(trdn, RDNSIZE, "uid=%s", ptr->name);
else
(void) snprintf(trdn, RDNSIZE, "cn=%s", ptr->name);
*rdn = strdup(trdn);
if (*rdn == NULL) {
__ns_ldap_freeEntry(e);
*entry = NULL;
return (NS_LDAP_MEMORY);
}
rc = __s_add_attr(e, "nisPublickey", ptr->pubkey);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
rc = __s_add_attr(e, "nisSecretkey", ptr->privkey);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
return (NS_LDAP_SUCCESS);
}
static int
__s_cvt_aliases(const void *data, char **rdn,
ns_ldap_entry_t **entry, ns_ldap_error_t **errorp)
{
ns_ldap_entry_t *e;
int rc;
char trdn[RDNSIZE];
struct _ns_alias *ptr;
int max_attr = 4;
int i, j;
char **nm;
static char *oclist[] = {
"mailGroup",
"top",
NULL
};
if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL)
return (NS_LDAP_OP_FAILED);
*entry = e = __s_mk_entry(oclist, max_attr);
if (e == NULL)
return (NS_LDAP_MEMORY);
ptr = (struct _ns_alias *)data;
if (ptr->alias == NULL || *ptr->alias == '\0') {
__ns_ldap_freeEntry(e);
*entry = NULL;
return (NS_LDAP_INVALID_PARAM);
}
(void) snprintf(trdn, RDNSIZE, "cn=%s", ptr->alias);
*rdn = strdup(trdn);
if (*rdn == NULL) {
__ns_ldap_freeEntry(e);
*entry = NULL;
return (NS_LDAP_MEMORY);
}
rc = __s_add_attr(e, "mail", (char *)ptr->alias);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
if (ptr->member && ptr->member[0]) {
nm = ptr->member;
for (i = 0; *nm; i++, nm++)
;
nm = (char **)calloc(i+2, sizeof (char *));
if (nm == NULL) {
__s_cvt_freeEntryRdn(entry, rdn);
return (NS_LDAP_MEMORY);
}
for (j = 0; j < i; j++)
nm[j] = ptr->member[j];
rc = __s_add_attrlist(e, "mgrpRFC822MailMember", nm);
free(nm);
nm = NULL;
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
}
return (NS_LDAP_SUCCESS);
}
static int
__s_cvt_auto_mount(const void *data, char **rdn,
ns_ldap_entry_t **entry, ns_ldap_error_t **errorp)
{
ns_ldap_entry_t *e;
int rc;
char trdn[RDNSIZE];
struct _ns_automount *ptr;
int max_attr = 6;
void **paramVal = NULL;
char **mappedschema = NULL;
int version1 = 0;
static char *oclist[] = {
NULL,
"top",
NULL
};
if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL)
return (NS_LDAP_OP_FAILED);
rc = __ns_ldap_getParam(NS_LDAP_FILE_VERSION_P, ¶mVal, errorp);
if (paramVal && *paramVal &&
strcasecmp(*paramVal, NS_LDAP_VERSION_1) == 0)
version1 = 1;
if (paramVal)
(void) __ns_ldap_freeParam(¶mVal);
if (rc && errorp)
(void) __ns_ldap_freeError(errorp);
if (version1)
oclist[0] = "nisObject";
else
oclist[0] = "automount";
*entry = e = __s_mk_entry(oclist, max_attr);
if (e == NULL)
return (NS_LDAP_MEMORY);
ptr = (struct _ns_automount *)data;
if (ptr->key == NULL || *ptr->key == '\0' || ptr->value == NULL ||
ptr->mapname == NULL) {
__ns_ldap_freeEntry(e);
*entry = NULL;
return (NS_LDAP_INVALID_PARAM);
}
(void) snprintf(trdn, RDNSIZE, version1 ? "cn=%s" : "automountKey=%s",
ptr->key);
*rdn = strdup(trdn);
if (*rdn == NULL) {
__ns_ldap_freeEntry(e);
*entry = NULL;
return (NS_LDAP_MEMORY);
}
rc = __s_add_attr(e, version1 ? "cn" : "automountKey",
(char *)ptr->key);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
rc = __s_add_attr(e, version1 ? "nisMapEntry" : "automountInformation",
(char *)ptr->value);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
mappedschema = __ns_ldap_getMappedObjectClass("automount", "automount");
if (mappedschema && mappedschema[0] &&
strcasecmp(mappedschema[0], "nisObject") == 0)
version1 = 1;
if (mappedschema)
__s_api_free2dArray(mappedschema);
if (version1) {
rc = __s_add_attr(e, "nisMapName", (char *)ptr->mapname);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
}
return (NS_LDAP_SUCCESS);
}
static int
__s_cvt_authattr(const void *data, char **rdn,
ns_ldap_entry_t **entry, ns_ldap_error_t **errorp)
{
ns_ldap_entry_t *e;
int rc;
char trdn[RDNSIZE];
authstr_t *ptr;
int max_attr = 6;
static char *oclist[] = {
"SolarisAuthAttr",
"top",
NULL
};
if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL)
return (NS_LDAP_OP_FAILED);
*entry = e = __s_mk_entry(oclist, max_attr);
if (e == NULL)
return (NS_LDAP_MEMORY);
ptr = (authstr_t *)data;
if (ptr->name == NULL || ptr->name[0] == '\0' || ptr->attr == NULL) {
__ns_ldap_freeEntry(e);
*entry = NULL;
return (NS_LDAP_INVALID_PARAM);
}
(void) snprintf(trdn, RDNSIZE, "cn=%s", ptr->name);
*rdn = strdup(trdn);
if (*rdn == NULL) {
__ns_ldap_freeEntry(e);
*entry = NULL;
return (NS_LDAP_MEMORY);
}
rc = __s_add_attr(e, "cn", ptr->name);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
rc = __s_add_attr(e, "SolarisAttrKeyValue", ptr->attr);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
if (ptr->res1 != NULL) {
rc = __s_add_attr(e, "SolarisAttrReserved1", ptr->res1);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
}
if (ptr->res2 != NULL) {
rc = __s_add_attr(e, "SolarisAttrReserved2", ptr->res2);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
}
if (ptr->short_desc != NULL) {
rc = __s_add_attr(e, "SolarisAttrShortDesc", ptr->short_desc);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
}
if (ptr->long_desc != NULL) {
rc = __s_add_attr(e, "SolarisAttrLongDesc", ptr->long_desc);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
}
return (NS_LDAP_SUCCESS);
}
static int
__s_cvt_execattr(const void *data, char **rdn,
ns_ldap_entry_t **entry, ns_ldap_error_t **errorp)
{
ns_ldap_entry_t *e;
int rc;
char trdn[RDNSIZE];
char esc_str[RDNSIZE];
execstr_t *ptr;
int max_attr = 7;
static char *oclist[] = {
"SolarisExecAttr",
"SolarisProfAttr",
"top",
NULL
};
if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL)
return (NS_LDAP_OP_FAILED);
*entry = e = __s_mk_entry(oclist, max_attr);
if (e == NULL)
return (NS_LDAP_MEMORY);
ptr = (execstr_t *)data;
if (ptr->name == NULL || ptr->name[0] == '\0' ||
ptr->policy == NULL || ptr->policy[0] == '\0' ||
ptr->type == NULL || ptr->type[0] == '\0' ||
ptr->id == NULL || ptr->id[0] == '\0') {
__ns_ldap_freeEntry(e);
*entry = NULL;
return (NS_LDAP_INVALID_PARAM);
}
if (escape_str(esc_str, ptr->id) != 0) {
__ns_ldap_freeEntry(e);
*entry = NULL;
return (NS_LDAP_INVALID_PARAM);
}
(void) snprintf(trdn, RDNSIZE, "cn=%s+SolarisKernelSecurityPolicy=%s"
"+SolarisProfileType=%s+SolarisProfileId=%s",
ptr->name, ptr->policy, ptr->type, esc_str);
*rdn = strdup(trdn);
if (*rdn == NULL) {
__ns_ldap_freeEntry(e);
*entry = NULL;
return (NS_LDAP_MEMORY);
}
rc = __s_add_attr(e, "cn", ptr->name);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
rc = __s_add_attr(e, "SolarisKernelSecurityPolicy", ptr->policy);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
rc = __s_add_attr(e, "SolarisProfileType", ptr->type);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
rc = __s_add_attr(e, "SolarisProfileId", ptr->id);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
rc = __s_add_attr(e, "SolarisAttrKeyValue", ptr->attr);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
if (ptr->res1 != NULL) {
rc = __s_add_attr(e, "SolarisAttrRes1", ptr->res1);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
}
if (ptr->res2 != NULL) {
rc = __s_add_attr(e, "SolarisAttrRes2", ptr->res2);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
}
return (NS_LDAP_SUCCESS);
}
static int
__s_cvt_profattr(const void *data, char **rdn,
ns_ldap_entry_t **entry, ns_ldap_error_t **errorp)
{
ns_ldap_entry_t *e;
int rc;
char trdn[RDNSIZE];
profstr_t *ptr;
int max_attr = 5;
static char *oclist[] = {
"SolarisProfAttr",
"top",
NULL
};
if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL)
return (NS_LDAP_OP_FAILED);
*entry = e = __s_mk_entry(oclist, max_attr);
if (e == NULL)
return (NS_LDAP_MEMORY);
ptr = (profstr_t *)data;
if (ptr->name == NULL || ptr->name[0] == '\0' || ptr->attr == NULL) {
__ns_ldap_freeEntry(e);
*entry = NULL;
return (NS_LDAP_INVALID_PARAM);
}
(void) snprintf(trdn, RDNSIZE, "cn=%s", ptr->name);
*rdn = strdup(trdn);
if (*rdn == NULL) {
__ns_ldap_freeEntry(e);
*entry = NULL;
return (NS_LDAP_MEMORY);
}
rc = __s_add_attr(e, "cn", ptr->name);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
rc = __s_add_attr(e, "SolarisAttrKeyValue", ptr->attr);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
if (ptr->res1 != NULL) {
rc = __s_add_attr(e, "SolarisAttrReserved1", ptr->res1);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
}
if (ptr->res2 != NULL) {
rc = __s_add_attr(e, "SolarisAttrReserved2", ptr->res2);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
}
if (ptr->desc != NULL) {
rc = __s_add_attr(e, "SolarisAttrLongDesc", ptr->desc);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
}
return (NS_LDAP_SUCCESS);
}
static int
__s_cvt_userattr(const void *data, char **rdn,
ns_ldap_entry_t **entry, ns_ldap_error_t **errorp)
{
ns_ldap_entry_t *e;
int rc;
char trdn[RDNSIZE];
userstr_t *ptr;
int max_attr = 5;
static char *oclist[] = {
"SolarisUserAttr",
NULL
};
if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL)
return (NS_LDAP_OP_FAILED);
*entry = e = __s_mk_entry(oclist, max_attr);
if (e == NULL)
return (NS_LDAP_MEMORY);
ptr = (userstr_t *)data;
if (ptr->name == NULL || ptr->name[0] == '\0' ||
ptr->attr == NULL) {
__ns_ldap_freeEntry(e);
*entry = NULL;
return (NS_LDAP_INVALID_PARAM);
}
(void) snprintf(trdn, RDNSIZE, "uid=%s", ptr->name);
*rdn = strdup(trdn);
if (*rdn == NULL) {
__ns_ldap_freeEntry(e);
*entry = NULL;
return (NS_LDAP_MEMORY);
}
rc = __s_add_attr(e, "SolarisAttrKeyValue", ptr->attr);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
if (ptr->qualifier != NULL) {
rc = __s_add_attr(e, "SolarisUserQualifier", ptr->qualifier);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
}
if (ptr->res1 != NULL) {
rc = __s_add_attr(e, "SolarisAttrReserved1", ptr->res1);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
}
if (ptr->res2 != NULL) {
rc = __s_add_attr(e, "SolarisAttrReserved2", ptr->res2);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
}
return (NS_LDAP_SUCCESS);
}
static int
__s_cvt_audituser(const void *data, char **rdn,
ns_ldap_entry_t **entry, ns_ldap_error_t **errorp)
{
ns_ldap_entry_t *e;
int rc;
char trdn[RDNSIZE];
au_user_str_t *ptr;
int max_attr = 3;
static char *oclist[] = {
"SolarisAuditUser",
NULL
};
if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL)
return (NS_LDAP_OP_FAILED);
*entry = e = __s_mk_entry(oclist, max_attr);
if (e == NULL)
return (NS_LDAP_MEMORY);
ptr = (au_user_str_t *)data;
if (ptr->au_name == NULL || ptr->au_name[0] == '\0') {
__ns_ldap_freeEntry(e);
*entry = NULL;
return (NS_LDAP_INVALID_PARAM);
}
(void) snprintf(trdn, RDNSIZE, "uid=%s", ptr->au_name);
*rdn = strdup(trdn);
if (*rdn == NULL) {
__ns_ldap_freeEntry(e);
*entry = NULL;
return (NS_LDAP_MEMORY);
}
if (ptr->au_always != NULL) {
rc = __s_add_attr(e, "SolarisAuditAlways", ptr->au_always);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
}
if (ptr->au_never != NULL) {
rc = __s_add_attr(e, "SolarisAuditNever", ptr->au_never);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
}
return (NS_LDAP_SUCCESS);
}
static int
__s_cvt_tnrhtp(const void *data, char **rdn,
ns_ldap_entry_t **entry, ns_ldap_error_t **errorp)
{
ns_ldap_entry_t *e;
int rc;
char trdn[RDNSIZE];
char esc_str[RDNSIZE];
int max_attr = 2;
tsol_tpstr_t *ptr;
static char *oclist[] = {
"ipTnetTemplate",
"top",
NULL
};
if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL)
return (NS_LDAP_OP_FAILED);
*entry = e = __s_mk_entry(oclist, max_attr);
if (e == NULL)
return (NS_LDAP_MEMORY);
ptr = (tsol_tpstr_t *)data;
if (ptr->template == NULL || *ptr->template == '\0') {
__ns_ldap_freeEntry(e);
*entry = NULL;
return (NS_LDAP_INVALID_PARAM);
}
if (escape_str(esc_str, ptr->template) != 0) {
__ns_ldap_freeEntry(e);
*entry = NULL;
return (NS_LDAP_INVALID_PARAM);
}
(void) snprintf(trdn, RDNSIZE, "ipTnetTemplateName=%s", esc_str);
*rdn = strdup(trdn);
if (*rdn == NULL) {
__ns_ldap_freeEntry(e);
*entry = NULL;
return (NS_LDAP_MEMORY);
}
rc = __s_add_attr(e, "ipTnetTemplateName", ptr->template);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
rc = __s_add_attr(e, "SolarisAttrKeyValue", ptr->attrs);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
return (NS_LDAP_SUCCESS);
}
static int
__s_cvt_tnrhdb(const void *data, char **rdn,
ns_ldap_entry_t **entry, ns_ldap_error_t **errorp)
{
ns_ldap_entry_t *e;
int rc;
char trdn[RDNSIZE];
tsol_rhstr_t *ptr;
int max_attr = 2;
static char *oclist[] = {
"ipTnetHost",
"ipTnetTemplate",
"top",
NULL
};
if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL)
return (NS_LDAP_OP_FAILED);
*entry = e = __s_mk_entry(oclist, max_attr);
if (e == NULL)
return (NS_LDAP_MEMORY);
ptr = (tsol_rhstr_t *)data;
if (ptr->address == NULL || *ptr->address == '\0' ||
ptr->template == NULL || *ptr->template == '\0') {
__ns_ldap_freeEntry(e);
*entry = NULL;
return (NS_LDAP_INVALID_PARAM);
}
(void) snprintf(trdn, RDNSIZE, "ipTnetNumber=%s", ptr->address);
*rdn = strdup(trdn);
if (*rdn == NULL) {
__ns_ldap_freeEntry(e);
*entry = NULL;
return (NS_LDAP_MEMORY);
}
rc = __s_add_attr(e, "ipTnetNumber", ptr->address);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
rc = __s_add_attr(e, "ipTnetTemplateName", ptr->template);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(entry, rdn);
return (rc);
}
return (NS_LDAP_SUCCESS);
}
typedef struct __ns_cvt_type {
const char *service;
int flags;
#define AE 1
int (*cvt_rtn)(const void *data,
char **rdn,
ns_ldap_entry_t **entry,
ns_ldap_error_t **errorp);
} __ns_cvt_type_t;
static __ns_cvt_type_t __s_cvtlist[] = {
{ NS_LDAP_TYPE_PASSWD, 0, __s_cvt_passwd },
{ NS_LDAP_TYPE_GROUP, 0, __s_cvt_group },
{ NS_LDAP_TYPE_HOSTS, 0, __s_cvt_hosts },
{ NS_LDAP_TYPE_IPNODES, 0, __s_cvt_hosts },
{ NS_LDAP_TYPE_RPC, 0, __s_cvt_rpc },
{ NS_LDAP_TYPE_PROTOCOLS, 0, __s_cvt_protocols },
{ NS_LDAP_TYPE_NETWORKS, 0, __s_cvt_networks },
{ NS_LDAP_TYPE_NETGROUP, 0, __s_cvt_netgroups },
{ NS_LDAP_TYPE_ALIASES, 0, __s_cvt_aliases },
{ NS_LDAP_TYPE_SERVICES, 0, __s_cvt_services },
{ NS_LDAP_TYPE_ETHERS, 0, __s_cvt_ethers },
{ NS_LDAP_TYPE_SHADOW, 0, __s_cvt_shadow },
{ NS_LDAP_TYPE_NETMASKS, 0, __s_cvt_netmasks },
{ NS_LDAP_TYPE_BOOTPARAMS, 0, __s_cvt_bootparams },
{ NS_LDAP_TYPE_AUTHATTR, 0, __s_cvt_authattr },
{ NS_LDAP_TYPE_EXECATTR, 0, __s_cvt_execattr },
{ NS_LDAP_TYPE_PROFILE, 0, __s_cvt_profattr },
{ NS_LDAP_TYPE_USERATTR, AE, __s_cvt_userattr },
{ NS_LDAP_TYPE_AUTOMOUNT, 0, __s_cvt_auto_mount },
{ NS_LDAP_TYPE_PUBLICKEY, AE, __s_cvt_publickey },
{ NS_LDAP_TYPE_AUUSER, AE, __s_cvt_audituser },
{ NS_LDAP_TYPE_TNRHTP, 0, __s_cvt_tnrhtp },
{ NS_LDAP_TYPE_TNRHDB, 0, __s_cvt_tnrhdb },
{ NS_LDAP_TYPE_PROJECT, 0, __s_cvt_project },
{ NULL, 0, NULL },
};
int __ns_ldap_addTypedEntry(
const char *servicetype,
const char *basedn,
const void *data,
const int create,
const ns_cred_t *cred,
const int flags,
ns_ldap_error_t **errorp)
{
char *rdn = NULL, *fulldn = NULL;
void **paramVal = NULL;
ns_ldap_entry_t *entry = NULL;
const ns_ldap_attr_t *const *modattrlist;
ns_ldap_search_desc_t **sdlist;
char **dns = NULL;
char trdn[RDNSIZE];
char service[BUFSIZE];
int rc = 0;
int automount = 0;
int i, s;
rc = NS_LDAP_OP_FAILED;
for (s = 0; __s_cvtlist[s].service != NULL; s++) {
if (__s_cvtlist[s].cvt_rtn == NULL)
continue;
if (strcasecmp(__s_cvtlist[s].service, servicetype) == 0)
break;
if (strcmp(__s_cvtlist[s].service,
NS_LDAP_TYPE_AUTOMOUNT) == 0 &&
strncasecmp(servicetype, NS_LDAP_TYPE_AUTOMOUNT,
sizeof (NS_LDAP_TYPE_AUTOMOUNT) - 1) == 0) {
automount++;
break;
}
}
if (__s_cvtlist[s].service == NULL)
return (rc);
rc = (*__s_cvtlist[s].cvt_rtn)(data, &rdn, &entry, errorp);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(&entry, &rdn);
return (rc);
}
if (rdn == NULL) {
__ns_ldap_freeEntry(entry);
return (NS_LDAP_OP_FAILED);
}
if (strcmp(servicetype, "publickey") == 0) {
struct _ns_pubkey *ptr;
ptr = (struct _ns_pubkey *)data;
if (ptr->hostcred == NS_HOSTCRED_TRUE)
(void) strcpy(service, "hosts");
else
(void) strcpy(service, "passwd");
} else
(void) strcpy(service, servicetype);
if (basedn == NULL) {
rc = __s_api_get_SSD_from_SSDtoUse_service(service,
&sdlist, errorp);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(&entry, &rdn);
return (rc);
}
if (sdlist == NULL) {
rc = __s_api_getDNs(&dns, service, errorp);
if (rc != NS_LDAP_SUCCESS) {
if (dns) {
__s_api_free2dArray(dns);
dns = NULL;
}
__s_cvt_freeEntryRdn(&entry, &rdn);
return (rc);
}
(void) snprintf(trdn, RDNSIZE, "%s,%s", rdn, dns[0]);
__s_api_free2dArray(dns);
} else {
if (sdlist[0]->basedn) {
(void) snprintf(trdn, RDNSIZE, "%s,%s",
rdn, sdlist[0]->basedn);
} else {
__s_cvt_freeEntryRdn(&entry, &rdn);
return (NS_LDAP_OP_FAILED);
}
}
i = strlen(trdn) - 1;
if (trdn[i] == COMMATOK) {
rc = __ns_ldap_getParam(NS_LDAP_SEARCH_BASEDN_P,
¶mVal, errorp);
if (rc != NS_LDAP_SUCCESS) {
__s_cvt_freeEntryRdn(&entry, &rdn);
return (rc);
}
i = strlen(trdn) + strlen((char *)(paramVal[0])) + 1;
fulldn = (char *)calloc(i, 1);
if (fulldn == NULL) {
(void) __ns_ldap_freeParam(¶mVal);
__s_cvt_freeEntryRdn(&entry, &rdn);
return (NS_LDAP_MEMORY);
}
(void) snprintf(fulldn, i, "%s%s", trdn,
(char *)(paramVal[0]));
(void) __ns_ldap_freeParam(¶mVal);
} else {
fulldn = strdup(trdn);
if (fulldn == NULL) {
__s_cvt_freeEntryRdn(&entry, &rdn);
return (NS_LDAP_MEMORY);
}
}
} else {
i = strlen(rdn) + strlen(basedn) + 2;
fulldn = (char *)calloc(i, 1);
if (fulldn == NULL) {
__s_cvt_freeEntryRdn(&entry, &rdn);
return (NS_LDAP_MEMORY);
}
(void) snprintf(fulldn, i, "%s,%s", rdn, basedn);
}
modattrlist = (const ns_ldap_attr_t * const *)entry->attr_pair;
if (create != 1) {
if ((__s_cvtlist[s].flags & AE) != 0)
rc = __ns_ldap_addAttr(service, fulldn, modattrlist,
cred, flags, errorp);
else {
rc = __ns_ldap_repAttr(service, fulldn, modattrlist,
cred, flags, errorp);
if (rc == NS_LDAP_INTERNAL && *errorp &&
(*errorp)->status == LDAP_NO_SUCH_OBJECT) {
(void) __ns_ldap_freeError(errorp);
rc = __ns_ldap_addEntry(service, fulldn,
entry, cred, flags, errorp);
if (rc == NS_LDAP_INTERNAL && *errorp &&
(*errorp)->status ==
LDAP_OBJECT_CLASS_VIOLATION)
(*errorp)->status = LDAP_NO_SUCH_OBJECT;
}
}
} else {
rc = __ns_ldap_addEntry(service, fulldn, entry,
cred, flags, errorp);
if (rc == NS_LDAP_INTERNAL && *errorp &&
(*errorp)->status == LDAP_ALREADY_EXISTS &&
((strcmp(service, "ethers") == 0) ||
(strcmp(service, "bootparams") == 0))) {
rc = modify_ethers_bootp(service, rdn, fulldn,
modattrlist, cred, flags, errorp);
}
}
if (fulldn != NULL)
free(fulldn);
__s_cvt_freeEntryRdn(&entry, &rdn);
return (rc);
}
int
__s_api_append_default_basedn(const char *dn, char **new_dn, int *allocated,
ns_ldap_error_t **errp)
{
int rc = NS_LDAP_SUCCESS, len = 0;
void **param = NULL;
char *str = NULL;
*allocated = FALSE;
*new_dn = NULL;
if (dn == NULL)
return (NS_LDAP_INVALID_PARAM);
rc = __ns_ldap_getParam(NS_LDAP_SEARCH_BASEDN_P,
(void ***)¶m, errp);
if (rc != NS_LDAP_SUCCESS) {
if (param)
(void) __ns_ldap_freeParam(¶m);
return (rc);
}
len = strlen(dn);
str = ((char **)param)[0];
len = len + strlen(str) +1;
*new_dn = (char *)malloc(len);
if (*new_dn == NULL) {
(void) __ns_ldap_freeParam(¶m);
return (NS_LDAP_MEMORY);
}
*allocated = TRUE;
(void) strcpy(*new_dn, dn);
(void) strcat(*new_dn, str);
(void) __ns_ldap_freeParam(¶m);
return (NS_LDAP_SUCCESS);
}
static int
attr2list(const char *dn, ns_ldap_attr_t **attr,
char *buf, int bufsize)
{
int c = 0;
char *ap;
int ao;
ldap_strlist_t *al = (ldap_strlist_t *)buf;
ns_ldap_attr_t *a = (ns_ldap_attr_t *)*attr;
ns_ldap_attr_t **aptr = (ns_ldap_attr_t **)attr;
if ((strlen(dn) + 2 + 1) >= bufsize)
return (-1);
while (*aptr++)
c++;
al->ldap_count = 2 + c * 2;
ao = sizeof (al->ldap_count) + sizeof (al->ldap_offsets[0]) *
al->ldap_count;
if (ao > bufsize)
return (-1);
al->ldap_offsets[0] = ao;
ap = buf + ao;
ao += 3;
if (ao > bufsize)
return (-1);
(void) strlcpy(ap, "dn", bufsize);
ap += 3;
al->ldap_offsets[1] = ao;
ao += strlen(dn) + 1;
if (ao > bufsize)
return (-1);
(void) strlcpy(ap, dn, bufsize);
ap = buf + ao;
aptr = attr;
for (c = 2; c < al->ldap_count; c++, aptr++) {
a = *aptr;
if (a->attrname == NULL || a->attrvalue == NULL ||
a->value_count != 1 || a->attrvalue[0] == NULL)
return (-1);
al->ldap_offsets[c] = ao;
ao += strlen(a->attrname) + 1;
if (ao > bufsize)
return (-1);
(void) strlcpy(ap, a->attrname, bufsize);
ap = buf + ao;
c++;
al->ldap_offsets[c] = ao;
ao += strlen(a->attrvalue[0]) + 1;
(void) strlcpy(ap, a->attrvalue[0], bufsize);
ap = buf + ao;
};
return (ao);
}
static int
send_to_cachemgr(
const char *dn,
ns_ldap_attr_t **attr,
ns_ldap_error_t **errorp)
{
union {
ldap_data_t s_d;
char s_b[DOORBUFFERSIZE];
} space;
ldap_data_t *sptr;
int ndata;
int adata;
int len;
int rc;
char errstr[MAXERROR];
ldap_admin_mod_result_t *admin_result;
*errorp = NULL;
(void) memset(space.s_b, 0, DOORBUFFERSIZE);
len = attr2list(dn, attr, (char *)&space.s_d.ldap_call.ldap_u.strlist,
sizeof (space) - offsetof(ldap_return_t, ldap_u));
if (len <= 0)
return (NS_LDAP_INVALID_PARAM);
adata = sizeof (ldap_call_t) + len;
ndata = sizeof (space);
space.s_d.ldap_call.ldap_callnumber = ADMINMODIFY;
sptr = &space.s_d;
switch (__ns_ldap_trydoorcall(&sptr, &ndata, &adata)) {
case NS_CACHE_SUCCESS:
break;
case NS_CACHE_NOTFOUND:
(void) snprintf(errstr, sizeof (errstr),
gettext("Door call ADMINMODIFY to "
"ldap_cachemgr failed - error: %d"),
space.s_d.ldap_ret.ldap_errno);
MKERROR(LOG_WARNING, *errorp, NS_CONFIG_CACHEMGR,
strdup(errstr), NS_LDAP_MEMORY);
return (NS_LDAP_OP_FAILED);
default:
return (NS_LDAP_OP_FAILED);
}
admin_result = &sptr->ldap_ret.ldap_u.admin_result;
if (admin_result->ns_err == NS_LDAP_SUCCESS)
rc = NS_LDAP_SUCCESS;
else {
rc = admin_result->ns_err;
if (admin_result->msg_size == 0)
*errorp = __s_api_make_error(admin_result->status,
NULL);
else
*errorp = __s_api_make_error(admin_result->status,
admin_result->msg);
}
if (sptr != &space.s_d) {
(void) munmap((char *)sptr, ndata);
}
return (rc);
}
