Plan 9 from Bell Labs’s /usr/web/sources/contrib/lucio/pub/openldap/clients/tools/ldapmodify.c

Copyright © 2021 Plan 9 Foundation.
Distributed under the MIT License.
Download the Plan 9 distribution.


/* ldapmodify.c - generic program to modify or add entries using LDAP */
/* $OpenLDAP: pkg/ldap/clients/tools/ldapmodify.c,v 1.158.2.12 2007/04/01 22:44:23 quanah Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
 *
 * Copyright 1998-2007 The OpenLDAP Foundation.
 * Portions Copyright 1998-2003 Kurt D. Zeilenga.
 * Portions Copyright 1998-2001 Net Boolean Incorporated.
 * Portions Copyright 2001-2003 IBM Corporation.
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted only as authorized by the OpenLDAP
 * Public License.
 *
 * A copy of this license is available in the file LICENSE in the
 * top-level directory of the distribution or, alternatively, at
 * <http://www.OpenLDAP.org/license.html>.
 */
/* Portions Copyright (c) 1992-1996 Regents of the University of Michigan.
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms are permitted
 * provided that this notice is preserved and that due credit is given
 * to the University of Michigan at Ann Arbor.  The name of the
 * University may not be used to endorse or promote products derived
 * from this software without specific prior written permission.  This
 * software is provided ``as is'' without express or implied warranty.
 */
/* ACKNOWLEDGEMENTS:
 * This work was originally developed by the University of Michigan
 * (as part of U-MICH LDAP).  Additional significant contributors
 * include:
 *   Kurt D. Zeilenga
 *   Norbert Klasen
 */

#include "portable.h"

#include <stdio.h>

#include <ac/stdlib.h>
#include <ac/ctype.h>
#include <ac/string.h>
#include <ac/unistd.h>
#include <ac/time.h>

#ifdef HAVE_SYS_STAT_H
#include <sys/stat.h>
#endif

#ifdef HAVE_SYS_FILE_H
#include <sys/file.h>
#endif
#ifdef HAVE_FCNTL_H
#include <fcntl.h>
#endif

#include <ldap.h>

#include "lutil.h"
#include "lutil_ldap.h"
#include "ldif.h"
#include "ldap_defaults.h"
#include "ldap_log.h"
#include "ldap_pvt.h"

#include "common.h"


static int	ldapadd, force = 0;
static char *rejfile = NULL;
static LDAP	*ld = NULL;

#define LDAPMOD_MAXLINE		4096

/* strings found in replog/LDIF entries (mostly lifted from slurpd/slurp.h) */
#define T_VERSION_STR		"version"
#define T_REPLICA_STR		"replica"
#define T_DN_STR			"dn"
#define T_CONTROL_STR		"control"
#define T_CHANGETYPESTR		"changetype"
#define T_ADDCTSTR			"add"
#define T_MODIFYCTSTR		"modify"
#define T_DELETECTSTR		"delete"
#define T_MODRDNCTSTR		"modrdn"
#define T_MODDNCTSTR		"moddn"
#define T_RENAMECTSTR		"rename"
#define T_MODOPADDSTR		"add"
#define T_MODOPREPLACESTR	"replace"
#define T_MODOPDELETESTR	"delete"
#define T_MODOPINCREMENTSTR	"increment"
#define T_MODSEPSTR			"-"
#define T_NEWRDNSTR			"newrdn"
#define T_DELETEOLDRDNSTR	"deleteoldrdn"
#define T_NEWSUPSTR			"newsuperior"


static int process_ldif_rec LDAP_P(( char *rbuf, int count ));
static int parse_ldif_control LDAP_P(( char *line, LDAPControl ***pctrls ));
static void addmodifyop LDAP_P((
	LDAPMod ***pmodsp, int modop,
	const char *attr,
	struct berval *value ));
static int domodify LDAP_P((
	const char *dn,
	LDAPMod **pmods,
	LDAPControl **pctrls,
	int newentry ));
static int dodelete LDAP_P((
	const char *dn,
	LDAPControl **pctrls ));
static int dorename LDAP_P((
	const char *dn,
	const char *newrdn,
	const char *newsup,
	int deleteoldrdn,
	LDAPControl **pctrls ));
static int process_response(
	LDAP *ld,
	int msgid,
	const char *opstr,
	const char *dn );
static char *read_one_record LDAP_P(( FILE *fp ));

#ifdef LDAP_GROUP_TRANSACTION
static int txn = 0;
static int txnabort = 0;
#endif

void
usage( void )
{
	fprintf( stderr, _("Add or modify entries from an LDAP server\n\n"));
	fprintf( stderr, _("usage: %s [options]\n"), prog);
	fprintf( stderr, _("	The list of desired operations are read from stdin"
		" or from the file\n"));
	fprintf( stderr, _("	specified by \"-f file\".\n"));
	fprintf( stderr, _("Add or modify options:\n"));
	fprintf( stderr, _("  -a         add values (%s)\n"),
		(ldapadd ? _("default") : _("default is to replace")));
	fprintf( stderr, _("  -E [!]ext=extparam	modify extensions"
		" (! indicate s criticality)\n"));
#ifdef LDAP_GROUP_TRANSACTION
 	fprintf( stderr,
		_("             [!]txn                      (transaction)\n"));
#endif
	fprintf( stderr, _("  -F         force all changes records to be used\n"));
	fprintf( stderr, _("  -S file    write skipped modifications to `file'\n"));

	tool_common_usage();
	exit( EXIT_FAILURE );
}


const char options[] = "aE:FrS:"
	"cd:D:e:f:h:H:IkKMnO:p:P:QR:U:vVw:WxX:y:Y:Z";

int
handle_private_option( int i )
{
	char	*control, *cvalue;
	int		crit;

	switch ( i ) {
	case 'E': /* modify extensions */
		if( protocol == LDAP_VERSION2 ) {
			fprintf( stderr, _("%s: -E incompatible with LDAPv%d\n"),
				prog, protocol );
			exit( EXIT_FAILURE );
		}

		/* should be extended to support comma separated list of
		 *	[!]key[=value] parameters, e.g.  -E !foo,bar=567
		 */

		crit = 0;
		cvalue = NULL;
		if( optarg[0] == '!' ) {
			crit = 1;
			optarg++;
		}

		control = ber_strdup( optarg );
		if ( (cvalue = strchr( control, '=' )) != NULL ) {
			*cvalue++ = '\0';
		}

#ifdef LDAP_GROUP_TRANSACTION
		if( strcasecmp( control, "txn" ) == 0 ) {
			/* Transaction */
			if( txn ) {
				fprintf( stderr,
					_("txn control previously specified\n"));
				exit( EXIT_FAILURE );
			}
			if( cvalue != NULL ) {
				if( strcasecmp( cvalue, "abort" ) == 0 ) {
					txnabort=1;
				} else if( strcasecmp( cvalue, "commit" ) != 0 ) {
					fprintf( stderr, _("Invalid value for txn control, %s\n"),
						cvalue );
					exit( EXIT_FAILURE );
				}
			}

			txn = 1 + crit;
		} else
#endif
		{
			fprintf( stderr, _("Invalid modify extension name: %s\n"),
				control );
			usage();
		}

	case 'a':	/* add */
		ldapadd = 1;
		break;

	case 'F':	/* force all changes records to be used */
		force = 1;
		break;

	case 'r':	/* replace (obsolete) */
		break;

	case 'S':	/* skipped modifications to file */
		if( rejfile != NULL ) {
			fprintf( stderr, _("%s: -S previously specified\n"), prog );
			exit( EXIT_FAILURE );
		}
		rejfile = ber_strdup( optarg );
		break;

	default:
		return 0;
	}
	return 1;
}


int
main( int argc, char **argv )
{
#ifdef LDAP_GROUP_TRANSACTION
	BerElement *txnber;
	struct berval txnCookie = { 0, NULL };
#endif
	char		*rbuf, *start, *rejbuf = NULL;
	FILE		*fp, *rejfp;
	char		*matched_msg, *error_msg;
	int		rc, retval;
	int count, len;

	tool_init();
	prog = lutil_progname( "ldapmodify", argc, argv );

	/* strncmp instead of strcmp since NT binaries carry .exe extension */
	ldapadd = ( strncasecmp( prog, "ldapadd", sizeof("ldapadd")-1 ) == 0 );

	tool_args( argc, argv );

	if ( argc != optind ) usage();

	if ( rejfile != NULL ) {
		if (( rejfp = fopen( rejfile, "w" )) == NULL ) {
			perror( rejfile );
			return( EXIT_FAILURE );
		}
	} else {
		rejfp = NULL;
	}

	if ( infile != NULL ) {
		if (( fp = fopen( infile, "r" )) == NULL ) {
			perror( infile );
			return( EXIT_FAILURE );
		}
	} else {
		fp = stdin;
	}

	if ( debug ) ldif_debug = debug;

	ld = tool_conn_setup( not, 0 );

	if ( !not ) {
		if ( pw_file || want_bindpw ) {
			if ( pw_file ) {
				rc = lutil_get_filed_password( pw_file, &passwd );
				if( rc ) return EXIT_FAILURE;
			} else {
				passwd.bv_val = getpassphrase( _("Enter LDAP Password: ") );
				passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
			}
		}
		tool_bind( ld );
	}

#ifdef LDAP_GROUP_TRANSACTION
	if( txn ) {
		struct berval *txnCookiep = &txnCookie;

		/* create transaction */
		rc = ldap_txn_create_s( ld, &txnCookiep, NULL, NULL );
		if( rc != LDAP_SUCCESS ) {
			ldap_perror( ld, "ldap_txn_create_s" );
			if( txn > 2 ) return EXIT_FAILURE;
			txn = 0;
		}
	}
#endif

	if ( assertion || authzid || manageDIT || manageDSAit || noop
#ifdef LDAP_GROUP_TRANSACTION
		|| txn
#endif
		|| preread || postread )
	{
		int i = 0;
		LDAPControl c[1];

#ifdef LDAP_GROUP_TRANSACTION
		if( txn ) {
			int err;
			txnber = ber_alloc_t( LBER_USE_DER );
			if( txnber == NULL ) return EXIT_FAILURE;

			err = ber_printf( txnber, "{o}", &txnCookie );
			if( err == -1 ) {
				ber_free( txnber, 1 );
				fprintf( stderr, _("txn grouping control encoding error!\n") );
				return EXIT_FAILURE;
			}

			err = ber_flatten2( txnber, &c[i].ldctl_value, 0 );
			if( err == -1 ) return EXIT_FAILURE;

			c[i].ldctl_oid = LDAP_CONTROL_GROUPING;
			c[i].ldctl_iscritical = 1;
			i++;
		}
#endif

		tool_server_controls( ld, c, i );
	}

	rc = 0;
	count = 0;
	retval = 0;
	while (( rc == 0 || contoper ) &&
		( rbuf = read_one_record( fp )) != NULL )
	{
		count++;

		start = rbuf;

		if ( rejfp ) {
			len = strlen( rbuf );
			if (( rejbuf = (char *)ber_memalloc( len+1 )) == NULL ) {
				perror( "malloc" );
				exit( EXIT_FAILURE );
			}
			memcpy( rejbuf, rbuf, len+1 );
		}

		rc = process_ldif_rec( start, count );

		if ( rc ) retval = rc;
		if ( rc && rejfp ) {
			fprintf(rejfp, _("# Error: %s (%d)"), ldap_err2string(rc), rc);

			matched_msg = NULL;
			ldap_get_option(ld, LDAP_OPT_MATCHED_DN, &matched_msg);
			if ( matched_msg != NULL ) {
				if ( *matched_msg != '\0' ) {
					fprintf( rejfp, _(", matched DN: %s"), matched_msg );
				}
				ldap_memfree( matched_msg );
			}

			error_msg = NULL;
			ldap_get_option(ld, LDAP_OPT_ERROR_STRING, &error_msg);
			if ( error_msg != NULL ) {
				if ( *error_msg != '\0' ) {
					fprintf( rejfp, _(", additional info: %s"), error_msg );
				}
				ldap_memfree( error_msg );
			}
			fprintf( rejfp, "\n%s\n", rejbuf );
		}

		if (rejfp) ber_memfree( rejbuf );
		ber_memfree( rbuf );
	}

#ifdef LDAP_GROUP_TRANSACTION
	if( txn ) {
		/* create transaction */
		rc = ldap_txn_end_s( ld, &txnCookie, !txnabort, NULL, NULL );
		if( rc != LDAP_SUCCESS ) {
			ldap_perror( ld, "ldap_txn_create_s" );
			if( txn > 2 ) return EXIT_FAILURE;
			txn = 0;
		}
	}
#endif

	if ( !not ) {
		tool_unbind( ld );
	}

	if ( rejfp != NULL ) {
		fclose( rejfp );
	}

	tool_destroy();
	return( retval );
}


static int
process_ldif_rec( char *rbuf, int count )
{
	char	*line, *dn, *type, *newrdn, *newsup, *p;
	int		rc, linenum, modop, replicaport;
	int		expect_modop, expect_sep, expect_ct, expect_newrdn, expect_newsup;
	int		expect_deleteoldrdn, deleteoldrdn;
	int		saw_replica, use_record, new_entry, delete_entry, got_all;
	LDAPMod	**pmods;
	int version;
	struct berval val;
	LDAPControl **pctrls;

	new_entry = ldapadd;

	rc = got_all = saw_replica = delete_entry = modop = expect_modop = 0;
	expect_deleteoldrdn = expect_newrdn = expect_newsup = 0;
	expect_sep = expect_ct = 0;
	linenum = 0;
	version = 0;
	deleteoldrdn = 1;
	use_record = force;
	pmods = NULL;
	pctrls = NULL;
	dn = newrdn = newsup = NULL;

	while ( rc == 0 && ( line = ldif_getline( &rbuf )) != NULL ) {
		++linenum;

		if ( expect_sep && strcasecmp( line, T_MODSEPSTR ) == 0 ) {
			expect_sep = 0;
			expect_ct = 1;
			continue;
		}
	
		if ( ldif_parse_line( line, &type, &val.bv_val, &val.bv_len ) < 0 ) {
			fprintf( stderr, _("%s: invalid format (line %d) entry: \"%s\"\n"),
				prog, linenum, dn == NULL ? "" : dn );
			rc = LDAP_PARAM_ERROR;
			break;
		}

		if ( dn == NULL ) {
			if ( !use_record && strcasecmp( type, T_REPLICA_STR ) == 0 ) {
				++saw_replica;
				if (( p = strchr( val.bv_val, ':' )) == NULL ) {
					replicaport = 0;
				} else {
					*p++ = '\0';
					if ( lutil_atoi( &replicaport, p ) != 0 ) {
						fprintf( stderr, _("%s: unable to parse replica port \"%s\" (line %d) entry: \"%s\"\n"),
							prog, p, linenum, dn == NULL ? "" : dn );
						rc = LDAP_PARAM_ERROR;
						break;
					}
				}
				if ( ldaphost != NULL &&
					strcasecmp( val.bv_val, ldaphost ) == 0 &&
					replicaport == ldapport )
				{
					use_record = 1;
				}
	    		} else if ( count == 1 && linenum == 1 && 
				strcasecmp( type, T_VERSION_STR ) == 0 )
			{
				int	v;
				if( val.bv_len == 0 || lutil_atoi( &v, val.bv_val) != 0 || v != 1 ) {
					fprintf( stderr,
						_("%s: invalid version %s, line %d (ignored)\n"),
						prog, val.bv_val, linenum );
				}
				version++;

			} else if ( strcasecmp( type, T_DN_STR ) == 0 ) {
				if (( dn = ber_strdup( val.bv_val )) == NULL ) {
					perror( "strdup" );
					exit( EXIT_FAILURE );
				}
				expect_ct = 1;
			}
			goto end_line;	/* skip all lines until we see "dn:" */
		}

		if ( expect_ct ) {
			/* Check for "control" tag after dn and before changetype. */
			if (strcasecmp(type, T_CONTROL_STR) == 0) {
				/* Parse and add it to the list of controls */
				rc = parse_ldif_control( line, &pctrls );
				if (rc != 0) {
					fprintf( stderr,
						_("%s: Error processing %s line, line %d: %s\n"),
						prog, T_CONTROL_STR, linenum, ldap_err2string(rc) );
				}
				goto end_line;
			}

			expect_ct = 0;
			if ( !use_record && saw_replica ) {
				printf(_("%s: skipping change record for entry: %s\n"),
					prog, dn);
				printf(_("\t(LDAP host/port does not match replica: lines)\n"));
				ber_memfree( dn );
				ber_memfree( type );
				ber_memfree( val.bv_val );
				return( 0 );
			}

			if ( strcasecmp( type, T_CHANGETYPESTR ) == 0 ) {
#ifdef LIBERAL_CHANGETYPE_MODOP
				/* trim trailing spaces (and log warning ...) */
				int icnt;
				for ( icnt = val.bv_len; --icnt > 0; ) {
					if ( !isspace( (unsigned char) val.bv_val[icnt] ) ) {
						break;
					}
				}

				if ( ++icnt != val.bv_len ) {
					fprintf( stderr, _("%s: illegal trailing space after"
						" \"%s: %s\" trimmed (line %d of entry \"%s\")\n"),
						prog, T_CHANGETYPESTR, val.bv_val, linenum, dn );
					val.bv_val[icnt] = '\0';
				}
#endif /* LIBERAL_CHANGETYPE_MODOP */

				if ( strcasecmp( val.bv_val, T_MODIFYCTSTR ) == 0 ) {
					new_entry = 0;
					expect_modop = 1;
				} else if ( strcasecmp( val.bv_val, T_ADDCTSTR ) == 0 ) {
					new_entry = 1;
				} else if ( strcasecmp( val.bv_val, T_MODRDNCTSTR ) == 0
					|| strcasecmp( val.bv_val, T_MODDNCTSTR ) == 0
					|| strcasecmp( val.bv_val, T_RENAMECTSTR ) == 0)
				{
					expect_newrdn = 1;
				} else if ( strcasecmp( val.bv_val, T_DELETECTSTR ) == 0 ) {
					got_all = delete_entry = 1;
				} else {
					fprintf( stderr,
						_("%s:  unknown %s \"%s\" (line %d of entry \"%s\")\n"),
						prog, T_CHANGETYPESTR, val.bv_val, linenum, dn );
					rc = LDAP_PARAM_ERROR;
				}
				goto end_line;
			} else if ( ldapadd ) {		/*  missing changetype => add */
				new_entry = 1;
				modop = LDAP_MOD_ADD;
			} else {
				expect_modop = 1;	/* missing changetype => modify */
			}
		}

		if ( expect_modop ) {
#ifdef LIBERAL_CHANGETYPE_MODOP
			/* trim trailing spaces (and log warning ...) */
		    int icnt;
		    for ( icnt = val.bv_len; --icnt > 0; ) {
				if ( !isspace( (unsigned char) val.bv_val[icnt] ) ) break;
			}
    
			if ( ++icnt != val.bv_len ) {
				fprintf( stderr, _("%s: illegal trailing space after"
					" \"%s: %s\" trimmed (line %d of entry \"%s\")\n"),
					prog, type, val.bv_val, linenum, dn );
				val.bv_val[icnt] = '\0';
			}
#endif /* LIBERAL_CHANGETYPE_MODOP */

			expect_modop = 0;
			expect_sep = 1;
			if ( strcasecmp( type, T_MODOPADDSTR ) == 0 ) {
				modop = LDAP_MOD_ADD;
				goto end_line;
			} else if ( strcasecmp( type, T_MODOPREPLACESTR ) == 0 ) {
				modop = LDAP_MOD_REPLACE;
				addmodifyop( &pmods, modop, val.bv_val, NULL );
				goto end_line;
			} else if ( strcasecmp( type, T_MODOPDELETESTR ) == 0 ) {
				modop = LDAP_MOD_DELETE;
				addmodifyop( &pmods, modop, val.bv_val, NULL );
				goto end_line;
			} else if ( strcasecmp( type, T_MODOPINCREMENTSTR ) == 0 ) {
				modop = LDAP_MOD_INCREMENT;
				addmodifyop( &pmods, modop, val.bv_val, NULL );
				goto end_line;
			} else {	/* no modify op:  use default */
				modop = ldapadd ? LDAP_MOD_ADD : LDAP_MOD_REPLACE;
			}
		}

		if ( expect_newrdn ) {
			if ( strcasecmp( type, T_NEWRDNSTR ) == 0 ) {
				if (( newrdn = ber_strdup( val.bv_val )) == NULL ) {
					perror( "strdup" );
					exit( EXIT_FAILURE );
				}
				expect_deleteoldrdn = 1;
				expect_newrdn = 0;
			} else {
				fprintf( stderr, _("%s: expecting \"%s:\" but saw"
					" \"%s:\" (line %d of entry \"%s\")\n"),
					prog, T_NEWRDNSTR, type, linenum, dn );
				rc = LDAP_PARAM_ERROR;
			}
		} else if ( expect_deleteoldrdn ) {
			if ( strcasecmp( type, T_DELETEOLDRDNSTR ) == 0 ) {
				deleteoldrdn = ( *val.bv_val == '0' ) ? 0 : 1;
				expect_deleteoldrdn = 0;
				expect_newsup = 1;
				got_all = 1;
			} else {
				fprintf( stderr, _("%s: expecting \"%s:\" but saw"
					" \"%s:\" (line %d of entry \"%s\")\n"),
					prog, T_DELETEOLDRDNSTR, type, linenum, dn );
				rc = LDAP_PARAM_ERROR;
			}
		} else if ( expect_newsup ) {
			if ( strcasecmp( type, T_NEWSUPSTR ) == 0 ) {
				if (( newsup = ber_strdup( val.bv_val )) == NULL ) {
					perror( "strdup" );
					exit( EXIT_FAILURE );
				}
				expect_newsup = 0;
			} else {
				fprintf( stderr, _("%s: expecting \"%s:\" but saw"
					" \"%s:\" (line %d of entry \"%s\")\n"),
					prog, T_NEWSUPSTR, type, linenum, dn );
				rc = LDAP_PARAM_ERROR;
			}
		} else if ( got_all ) {
			fprintf( stderr,
				_("%s: extra lines at end (line %d of entry \"%s\")\n"),
				prog, linenum, dn );
			rc = LDAP_PARAM_ERROR;
		} else {
			if ( new_entry && strcasecmp( type, T_DN_STR ) == 0 ) {
				fprintf( stderr, _("%s: attributeDescription \"%s\":"
					" (possible missing newline"
						" after line %d of entry \"%s\"?)\n"),
					prog, type, linenum - 1, dn );
			}
			addmodifyop( &pmods, modop, type, &val );
		}

end_line:
		ber_memfree( type );
		ber_memfree( val.bv_val );
	}

	if( linenum == 0 ) {
		return 0;
	}

	if( version && linenum == 1 ) {
		return 0;
	}

	/* If default controls are set (as with -M option) and controls are
	   specified in the LDIF file, we must add the default controls to
	   the list of controls sent with the ldap operation.
	*/
	if ( rc == 0 ) {
		if (pctrls) {
			LDAPControl **defctrls = NULL;   /* Default server controls */
			LDAPControl **newctrls = NULL;
			ldap_get_option(ld, LDAP_OPT_SERVER_CONTROLS, &defctrls);
			if (defctrls) {
				int npc=0;                       /* Num of LDIF controls */
				int ndefc=0;                     /* Num of default controls */
				while (pctrls[npc]) npc++;       /* Count LDIF controls */
				while (defctrls[ndefc]) ndefc++; /* Count default controls */
				newctrls = ber_memrealloc(pctrls,
					(npc+ndefc+1)*sizeof(LDAPControl*));

				if (newctrls == NULL) {
					rc = LDAP_NO_MEMORY;
				} else {
					int i;
					pctrls = newctrls;
					for (i=npc; i<npc+ndefc; i++) {
						pctrls[i] = ldap_control_dup(defctrls[i-npc]);
						if (pctrls[i] == NULL) {
							rc = LDAP_NO_MEMORY;
							break;
						}
					}
					pctrls[npc+ndefc] = NULL;
				}
				ldap_controls_free(defctrls);  /* Must be freed by library */
			}
		}
	}


	if ( rc == 0 ) {
		if ( delete_entry ) {
			rc = dodelete( dn, pctrls );
		} else if ( newrdn != NULL ) {
			rc = dorename( dn, newrdn, newsup, deleteoldrdn, pctrls );
		} else {
			rc = domodify( dn, pmods, pctrls, new_entry );
		}

		if ( rc == LDAP_SUCCESS ) {
			rc = 0;
		}
	}

	if ( dn != NULL ) {
		ber_memfree( dn );
	}
	if ( newrdn != NULL ) {
		ber_memfree( newrdn );
	}
	if ( newsup != NULL ) {
		ber_memfree( newsup );
	}
	if ( pmods != NULL ) {
		ldap_mods_free( pmods, 1 );
	}
    if (pctrls != NULL) {
    	ldap_controls_free( pctrls );
	}

	return( rc );
}

/* Parse an LDIF control line of the form
      control:  oid  [true/false]  [: value]              or
      control:  oid  [true/false]  [:: base64-value]      or
      control:  oid  [true/false]  [:< url]
   The control is added to the list of controls in *ppctrls.
*/      
static int
parse_ldif_control(
	char *line, 
	LDAPControl ***ppctrls )
{
	char *oid = NULL;
	int criticality = 0;   /* Default is false if not present */
	char *type=NULL;
	char *val = NULL;
	ber_len_t value_len = 0;
	int i, rc=0;
	char *s, *oidStart, *pcolon;
	LDAPControl *newctrl = NULL;
	LDAPControl **pctrls = NULL;

	if (ppctrls) pctrls = *ppctrls;
	s = line + strlen(T_CONTROL_STR);  /* Skip over "control" */
	pcolon = s;                        /* Save this position for later */
	if (*s++ != ':') {                 /* Make sure colon follows */
		return ( LDAP_PARAM_ERROR );
	}
	while (*s && isspace((unsigned char)*s)) {
		s++;                           /* Skip white space before OID */
	}

	/* OID should come next. Validate and extract it. */
	if (*s == 0) return ( LDAP_PARAM_ERROR );
	oidStart = s;
	while (isdigit((unsigned char)*s) || *s == '.') {
		s++;                           /* OID should be digits or . */
	}
	if (s == oidStart) { 
		return ( LDAP_PARAM_ERROR );   /* OID was not present */
	}
	if (*s) {                          /* End of OID should be space or NULL */
		if (!isspace((unsigned char)*s)) {
			return ( LDAP_PARAM_ERROR ); /* else OID contained invalid chars */
		}
		*s++ = 0;                    /* Replace space with null to terminate */
	}

	oid = ber_strdup(oidStart);
	if (oid == NULL) return ( LDAP_NO_MEMORY );

	/* Optional Criticality field is next. */
	while (*s && isspace((unsigned char)*s)) {
		s++;                         /* Skip white space before criticality */
	}
	if (strncasecmp(s, "true", 4) == 0) {
		criticality = 1;
		s += 4;
	} 
	else if (strncasecmp(s, "false", 5) == 0) {
		criticality = 0;
		s += 5;
	}

	/* Optional value field is next */
	while (*s && isspace((unsigned char)*s)) {
		s++;                         /* Skip white space before value */
	}
	if (*s) {
		if (*s != ':') {           /* If value is present, must start with : */
			rc = LDAP_PARAM_ERROR;
			goto cleanup;
		}

		/* Shift value down over OID and criticality so it's in the form
		     control: value
		     control:: base64-value
		     control:< url
		   Then we can use ldif_parse_line to extract and decode the value
		*/
		while ( (*pcolon++ = *s++) != 0) {   /* Shift value */
			/* EMPTY */;
		}
		rc = ldif_parse_line(line, &type, &val, &value_len);
		if (type)  ber_memfree(type);   /* Don't need this field*/
		if (rc < 0) {
			rc = LDAP_PARAM_ERROR;
			goto cleanup;
		}
    }

	/* Create a new LDAPControl structure. */
	newctrl = (LDAPControl *)ber_memalloc(sizeof(LDAPControl));
	if ( newctrl == NULL ) {
		rc = LDAP_NO_MEMORY;
		goto cleanup;
	}
	newctrl->ldctl_oid = oid;
	oid = NULL;
	newctrl->ldctl_iscritical = criticality;
	newctrl->ldctl_value.bv_len = value_len;
	newctrl->ldctl_value.bv_val = val;
	val = NULL;

	/* Add the new control to the passed-in list of controls. */
	i = 0;
	if (pctrls) {
		while ( pctrls[i] ) {    /* Count the # of controls passed in */
			i++;
		}
	}
	/* Allocate 1 more slot for the new control and 1 for the NULL. */
	pctrls = (LDAPControl **) ber_memrealloc(pctrls,
		(i+2)*(sizeof(LDAPControl *)));
	if (pctrls == NULL) {
		rc = LDAP_NO_MEMORY;
		goto cleanup;
	}
	pctrls[i] = newctrl;
	newctrl = NULL;
	pctrls[i+1] = NULL;
	*ppctrls = pctrls;

cleanup:
	if (newctrl) {
		if (newctrl->ldctl_oid) ber_memfree(newctrl->ldctl_oid);
		if (newctrl->ldctl_value.bv_val) {
			ber_memfree(newctrl->ldctl_value.bv_val);
		}
		ber_memfree(newctrl);
	}
	if (val) ber_memfree(val);
	if (oid) ber_memfree(oid);

	return( rc );
}


static void
addmodifyop(
	LDAPMod ***pmodsp,
	int modop,
	const char *attr,
	struct berval *val )
{
	LDAPMod		**pmods;
	int			i, j;

	pmods = *pmodsp;
	modop |= LDAP_MOD_BVALUES;

	i = 0;
	if ( pmods != NULL ) {
		for ( ; pmods[ i ] != NULL; ++i ) {
			if ( strcasecmp( pmods[ i ]->mod_type, attr ) == 0 &&
				pmods[ i ]->mod_op == modop )
			{
				break;
			}
		}
	}

	if ( pmods == NULL || pmods[ i ] == NULL ) {
		if (( pmods = (LDAPMod **)ber_memrealloc( pmods, (i + 2) *
			sizeof( LDAPMod * ))) == NULL )
		{
			perror( "realloc" );
			exit( EXIT_FAILURE );
		}

		*pmodsp = pmods;
		pmods[ i + 1 ] = NULL;

		pmods[ i ] = (LDAPMod *)ber_memcalloc( 1, sizeof( LDAPMod ));
		if ( pmods[ i ] == NULL ) {
			perror( "calloc" );
			exit( EXIT_FAILURE );
		}

		pmods[ i ]->mod_op = modop;
		pmods[ i ]->mod_type = ber_strdup( attr );
		if ( pmods[ i ]->mod_type == NULL ) {
			perror( "strdup" );
			exit( EXIT_FAILURE );
		}
	}

	if ( val != NULL ) {
		j = 0;
		if ( pmods[ i ]->mod_bvalues != NULL ) {
			for ( ; pmods[ i ]->mod_bvalues[ j ] != NULL; ++j ) {
				/* Empty */;
			}
		}

		pmods[ i ]->mod_bvalues = (struct berval **) ber_memrealloc(
			pmods[ i ]->mod_bvalues, (j + 2) * sizeof( struct berval * ));
		if ( pmods[ i ]->mod_bvalues == NULL ) {
			perror( "ber_realloc" );
			exit( EXIT_FAILURE );
		}

		pmods[ i ]->mod_bvalues[ j + 1 ] = NULL;
		pmods[ i ]->mod_bvalues[ j ] = ber_bvdup( val );
		if ( pmods[ i ]->mod_bvalues[ j ] == NULL ) {
			perror( "ber_bvdup" );
			exit( EXIT_FAILURE );
		}
	}
}


static int
domodify(
	const char *dn,
	LDAPMod **pmods,
	LDAPControl **pctrls,
	int newentry )
{
	int			rc, i, j, k, notascii, op;
	struct berval	*bvp;

	if ( dn == NULL ) {
		fprintf( stderr, _("%s: no DN specified\n"), prog );
		return( LDAP_PARAM_ERROR );
	}

	if ( pmods == NULL ) {
		/* implement "touch" (empty sequence)
		 * modify operation (note that there
		 * is no symmetry with the UNIX command,
		 * since \"touch\" on a non-existent entry
		 * will fail)*/
		printf( "warning: no attributes to %sadd (entry=\"%s\")\n",
			newentry ? "" : "change or ", dn );

	} else {
		for ( i = 0; pmods[ i ] != NULL; ++i ) {
			op = pmods[ i ]->mod_op & ~LDAP_MOD_BVALUES;
			if( op == LDAP_MOD_ADD && ( pmods[i]->mod_bvalues == NULL )) {
				fprintf( stderr,
					_("%s: attribute \"%s\" has no values (entry=\"%s\")\n"),
					prog, pmods[i]->mod_type, dn );
				return LDAP_PARAM_ERROR;
			}
		}

		if ( verbose ) {
			for ( i = 0; pmods[ i ] != NULL; ++i ) {
				op = pmods[ i ]->mod_op & ~LDAP_MOD_BVALUES;
				printf( "%s %s:\n",
					op == LDAP_MOD_REPLACE ? _("replace") :
						op == LDAP_MOD_ADD ?  _("add") :
							op == LDAP_MOD_INCREMENT ?  _("increment") :
								op == LDAP_MOD_DELETE ?  _("delete") :
									_("unknown"),
					pmods[ i ]->mod_type );
	
				if ( pmods[ i ]->mod_bvalues != NULL ) {
					for ( j = 0; pmods[ i ]->mod_bvalues[ j ] != NULL; ++j ) {
						bvp = pmods[ i ]->mod_bvalues[ j ];
						notascii = 0;
						for ( k = 0; (unsigned long) k < bvp->bv_len; ++k ) {
							if ( !isascii( bvp->bv_val[ k ] )) {
								notascii = 1;
								break;
							}
						}
						if ( notascii ) {
							printf( _("\tNOT ASCII (%ld bytes)\n"), bvp->bv_len );
						} else {
							printf( "\t%s\n", bvp->bv_val );
						}
					}
				}
			}
		}
	}

	if ( newentry ) {
		printf( "%sadding new entry \"%s\"\n", not ? "!" : "", dn );
	} else {
		printf( "%smodifying entry \"%s\"\n", not ? "!" : "", dn );
	}

	if ( !not ) {
		int	msgid;
		if ( newentry ) {
			rc = ldap_add_ext( ld, dn, pmods, pctrls, NULL, &msgid );
		} else {
			rc = ldap_modify_ext( ld, dn, pmods, pctrls, NULL, &msgid );
		}

		if ( rc != LDAP_SUCCESS ) {
			/* print error message about failed update including DN */
			fprintf( stderr, _("%s: update failed: %s\n"), prog, dn );
			ldap_perror( ld, newentry ? "ldap_add" : "ldap_modify" );
			goto done;
		} else if ( verbose ) {
			printf( _("modify complete\n") );
		}

		rc = process_response( ld, msgid,
			newentry ? "ldap_add" : "ldap_modify", dn );

	} else {
		rc = LDAP_SUCCESS;
	}

done:
	putchar( '\n' );
	return rc;
}


static int
dodelete(
	const char *dn,
	LDAPControl **pctrls )
{
	int	rc;
	int msgid;

	printf( _("%sdeleting entry \"%s\"\n"), not ? "!" : "", dn );
	if ( !not ) {
		rc = ldap_delete_ext( ld, dn, pctrls, NULL, &msgid );
		if ( rc != LDAP_SUCCESS ) {
			fprintf( stderr, _("%s: delete failed: %s\n"), prog, dn );
			ldap_perror( ld, "ldap_delete" );
			goto done;
		} else if ( verbose ) {
			printf( _("delete complete") );
		}

		rc = process_response( ld, msgid, "ldap_delete", dn );

	} else {
		rc = LDAP_SUCCESS;
	}

done:
	putchar( '\n' );
	return( rc );
}


static int
dorename(
	const char *dn,
	const char *newrdn,
	const char* newsup,
	int deleteoldrdn,
	LDAPControl **pctrls )
{
	int	rc;
	int msgid;

	printf( _("%smodifying rdn of entry \"%s\"\n"), not ? "!" : "", dn );
	if ( verbose ) {
		printf( _("\tnew RDN: \"%s\" (%skeep existing values)\n"),
			newrdn, deleteoldrdn ? _("do not ") : "" );
	}
	if ( !not ) {
		rc = ldap_rename( ld, dn, newrdn, newsup, deleteoldrdn,
			pctrls, NULL, &msgid );
		if ( rc != LDAP_SUCCESS ) {
			fprintf( stderr, _("%s: rename failed: %s\n"), prog, dn );
			ldap_perror( ld, "ldap_rename" );
			goto done;
		} else {
			printf( _("rename completed\n") );
		}

		rc = process_response( ld, msgid, "ldap_rename", dn );

	} else {
		rc = LDAP_SUCCESS;
	}

done:
	putchar( '\n' );
	return( rc );
}

static int process_response(
	LDAP *ld,
	int msgid,
	const char *opstr,
	const char *dn )
{
	LDAPMessage	*res;
	int		rc = LDAP_OTHER;
	struct timeval	tv = { 0, 0 };

	for ( ; ; ) {
		tv.tv_sec = 0;
		tv.tv_usec = 100000;

		rc = ldap_result( ld, msgid,
#ifdef LDAP_GROUP_TRANSACTION
			txn ? 0 : 1,
#else
			1,
#endif
			&tv, &res );
		if ( tool_check_abandon( ld, msgid ) ) {
			return LDAP_CANCELLED;
		}

		if ( rc == -1 ) {
			ldap_get_option( ld, LDAP_OPT_ERROR_NUMBER, &rc );
			tool_perror( "ldap_result", rc, NULL, NULL, NULL, NULL );
			return rc;
		}

		if ( rc != 0 ) {
			break;
		}
	}

	if ( ldap_msgtype( res ) != LDAP_RES_INTERMEDIATE ) {
		rc = ldap_result2error( ld, res, 1 );
		if( rc != LDAP_SUCCESS ) ldap_perror( ld, opstr );
		return rc;
	}

#ifdef LDAP_GROUP_TRANSACTION
	/* assume (successful) transaction intermediate response */
	return LDAP_SUCCESS;

#else
	/* intermediate response? */
	return LDAP_DECODING_ERROR;
#endif
}

static char *
read_one_record( FILE *fp )
{
	char        *buf, line[ LDAPMOD_MAXLINE ];
	int		lcur, lmax;

	lcur = lmax = 0;
	buf = NULL;

	while ( fgets( line, sizeof(line), fp ) != NULL ) {
		int len = strlen( line );

		if( len < 2 || ( len == 2 && *line == '\r' )) {
			if( buf == NULL ) {
				continue;
			} else {
				break;
			}
		}

		if ( lcur + len + 1 > lmax ) {
			lmax = LDAPMOD_MAXLINE
				* (( lcur + len + 1 ) / LDAPMOD_MAXLINE + 1 );

			if (( buf = (char *)ber_memrealloc( buf, lmax )) == NULL ) {
				perror( "realloc" );
				exit( EXIT_FAILURE );
			}
		}

		strcpy( buf + lcur, line );
		lcur += len;
	}

	return( buf );
}



Bell Labs OSI certified Powered by Plan 9

(Return to Plan 9 Home Page)

Copyright © 2021 Plan 9 Foundation. All Rights Reserved.
Comments to [email protected].