source3/param/config_ldap.c

   1 /*
   2    Unix SMB/CIFS implementation.
   3
   4    ModConfig LDAP backend
   5
   6    Copyright (C) Simo Sorce             2003
   7    Copyright (C) Jim McDonough <jmcd@us.ibm.com>        2003
   8    Copyright (C) Gerald Carter          2003
   9
  10    This program is free software; you can redistribute it and/or modify
  11    it under the terms of the GNU General Public License as published by
  12    the Free Software Foundation; either version 2 of the License, or
  13    (at your option) any later version.
  14
  15    This program is distributed in the hope that it will be useful,
  16    but WITHOUT ANY WARRANTY; without even the implied warranty of
  17    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  18    GNU General Public License for more details.
  19
  20    You should have received a copy of the GNU General Public License
  21    along with this program; if not, write to the Free Software
  22    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  23 */
  24
  25 #include "includes.h"
  26
  27 /*#undef DBGC_CLASS
  28 #define DBGC_CLASS DBGC_CONFIG
  29 */
  30
  31 #include <lber.h>
  32 #include <ldap.h>
  33
  34 #include "smbldap.h"
  35
  36 #define LDAP_OBJ_SAMBA_CONFIG           "sambaConfig"
  37 #define LDAP_OBJ_SAMBA_SHARE            "sambaShare"
  38 #define LDAP_OBJ_SAMBA_OPTION           "sambaConfigOption"
  39
  40 #define LDAP_ATTR_LIST_END      0
  41 #define LDAP_ATTR_BOOL          1
  42 #define LDAP_ATTR_INTEGER       2
  43 #define LDAP_ATTR_STRING        3
  44 #define LDAP_ATTR_LIST          4
  45 #define LDAP_ATTR_NAME          5
  46
  47
  48 struct ldap_config_state {
  49         struct smbldap_state *smbldap_state;
  50         TALLOC_CTX *mem_ctx;
  51 };
  52
  53 ATTRIB_MAP_ENTRY option_attr_list[] = {
  54         { LDAP_ATTR_NAME,               "sambaOptionName"       },
  55         { LDAP_ATTR_LIST,               "sambaListOption"       },
  56         { LDAP_ATTR_STRING,             "sambaStringOption"     },
  57         { LDAP_ATTR_INTEGER,            "sambaIntegerOption"    },
  58         { LDAP_ATTR_BOOL,               "sambaBoolOption"       },
  59         { LDAP_ATTR_LIST_END,           NULL                    }
  60 };
  61
  62 static struct ldap_config_state ldap_state;
  63 static char *config_base_dn;
  64
  65 static NTSTATUS ldap_config_close(void);
  66
  67 /*
  68 TODO:
  69         search each section
  70         start with global, then with others
  71         for each section parse all options
  72 */
  73
  74 static NTSTATUS parse_section(
  75                 const char *dn,
  76                 BOOL (*pfunc)(const char *, const char *))
  77 {
  78         TALLOC_CTX *mem_ctx;
  79         NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
  80         LDAPMessage *result = NULL;
  81         LDAPMessage *entry = NULL;
  82         pstring filter;
  83         pstring option_name;
  84         pstring option_value;
  85         char **attr_list = NULL;
  86         int rc;
  87         int count;
  88
  89         mem_ctx = talloc_init("parse_section");
  90
  91         /* search for the options */
  92         pstr_sprintf(filter, "objectClass=%s",
  93                         LDAP_OBJ_SAMBA_OPTION);
  94
  95         DEBUG(0, ("Searching for:[%s]\n", filter));
  96
  97         attr_list = get_attr_list(option_attr_list);
  98         rc = smbldap_search(ldap_state.smbldap_state,
  99                                 dn, LDAP_SCOPE_ONELEVEL,
 100                                 filter, attr_list, 0, &result);
 101
 102         if (rc != LDAP_SUCCESS) {
 103                 DEBUG(0,("parse_section: %s object not found\n", LDAP_OBJ_SAMBA_CONFIG));
 104                 goto done;
 105         }
 106
 107         count = ldap_count_entries(ldap_state.smbldap_state->ldap_struct, result);
 108         entry = ldap_first_entry(ldap_state.smbldap_state->ldap_struct, result);
 109         while (entry) {
 110                 int o;
 111
 112                 if (!smbldap_get_single_attribute(ldap_state.smbldap_state->ldap_struct, entry, "sambaOptionName", option_name)) {
 113                         goto done;
 114                 }
 115
 116                 option_value[0] = '\0';
 117                 for (o = 1; option_attr_list[o].name != NULL; o++) {
 118                         if (smbldap_get_single_attribute(ldap_state.smbldap_state->ldap_struct, entry, option_attr_list[o].name, option_value)) {
 119                                 break;
 120                         }
 121                 }
 122                 if (option_value[0] != '\0') {
 123                         if (!pfunc(option_name, option_value)) {
 124                                 goto done;
 125                         }
 126                 } else {
 127                         DEBUG(0,("parse_section: Missing value for option: %s\n", option_name));
 128                         goto done;
 129                 }
 130
 131                 entry = ldap_next_entry(ldap_state.smbldap_state->ldap_struct, entry);
 132         }
 133
 134         ret = NT_STATUS_OK;
 135
 136 done:
 137         talloc_destroy(mem_ctx);
 138         free_attr_list(attr_list);
 139         if (result) ldap_msgfree(result);
 140
 141         return ret;
 142 }
 143
 144 /*****************************************************************************
 145  load configuration from ldap
 146 *****************************************************************************/
 147
 148 static NTSTATUS ldap_config_load(
 149                 BOOL (*sfunc)(const char *),
 150                 BOOL (*pfunc)(const char *, const char *))
 151 {
 152         TALLOC_CTX *mem_ctx;
 153         NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
 154         LDAPMessage *result = NULL;
 155         LDAPMessage *entry = NULL;
 156         pstring filter;
 157         pstring attr_text;
 158         char *config_dn = NULL;
 159         char *temp;
 160         int rc;
 161         int count;
 162         const char *config_attr_list[] = {"description", NULL};
 163         const char *share_attr_list[] = {"sambaShareName", "description", NULL};
 164         char **share_dn;
 165         char **share_name;
 166
 167         mem_ctx = talloc_init("ldap_config_load");
 168
 169         /* search for the base config dn */
 170         pstr_sprintf(filter, "objectClass=%s",
 171                         LDAP_OBJ_SAMBA_CONFIG);
 172
 173         DEBUG(0, ("Searching for:[%s]\n", filter));
 174
 175         rc = smbldap_search(ldap_state.smbldap_state,
 176                                 config_base_dn, LDAP_SCOPE_SUBTREE,
 177                                 filter, config_attr_list, 0, &result);
 178
 179         if (rc != LDAP_SUCCESS) {
 180                 DEBUG(0,("ldap_config_load: %s object not found\n", LDAP_OBJ_SAMBA_CONFIG));
 181                 goto done;
 182         }
 183
 184         count = ldap_count_entries(ldap_state.smbldap_state->ldap_struct, result);
 185         if (count != 1) {
 186                 DEBUG(0,("ldap_config_load: single %s object not found\n", LDAP_OBJ_SAMBA_CONFIG));
 187                 goto done;
 188         }
 189
 190         if (!(temp = smbldap_get_dn(ldap_state.smbldap_state->ldap_struct, result))) {
 191                 goto done;
 192         }
 193         config_dn = talloc_strdup(mem_ctx, temp);
 194         SAFE_FREE(temp);
 195         if (!config_dn) {
 196                 goto done;
 197         }
 198
 199         entry = ldap_first_entry(ldap_state.smbldap_state->ldap_struct, result);
 200
 201         if (!smbldap_get_single_attribute(ldap_state.smbldap_state->ldap_struct, entry, "description", attr_text)) {
 202                 DEBUG(0, ("ldap_config_load: no description field in %s object\n", LDAP_OBJ_SAMBA_CONFIG));
 203         }
 204
 205         if (result) ldap_msgfree(result);
 206 /* TODO: finish up the last section, see loadparm's lp_load()*/
 207
 208         /* retrive the section list */
 209         pstr_sprintf(filter, "objectClass=%s",
 210                         LDAP_OBJ_SAMBA_SHARE);
 211
 212         DEBUG(0, ("Searching for:[%s]\n", filter));
 213
 214         rc = smbldap_search(ldap_state.smbldap_state,
 215                                 config_dn, LDAP_SCOPE_SUBTREE,
 216                                 filter, share_attr_list, 0, &result);
 217
 218         if (rc != LDAP_SUCCESS) {
 219                 DEBUG(0,("ldap_config_load: %s object not found\n", LDAP_OBJ_SAMBA_CONFIG));
 220                 goto done;
 221         }
 222
 223         count = ldap_count_entries(ldap_state.smbldap_state->ldap_struct, result);
 224         DEBUG(0, ("config_ldap: Found %d shares\n", count));
 225         if (count) {
 226                 int i;
 227
 228                 share_dn = talloc(mem_ctx, (count + 1) * sizeof(char *));
 229                 share_name = talloc(mem_ctx, (count) * sizeof(char *));
 230                 if (!share_dn || !share_name) {
 231                         DEBUG(0,("config_ldap: Out of memory!\n"));
 232                         goto done;
 233                 }
 234                 entry = ldap_first_entry(ldap_state.smbldap_state->ldap_struct, result);
 235                 i = 0;
 236                 while (entry) {
 237                         if (!(temp = smbldap_get_dn(ldap_state.smbldap_state->ldap_struct, entry))) {
 238                                 goto done;
 239                         }
 240                         if (!smbldap_get_single_attribute(ldap_state.smbldap_state->ldap_struct, entry, "sambaShareName", attr_text)) {
 241                                 goto done;
 242                         }
 243                         share_dn[i] = talloc_strdup(mem_ctx, temp);
 244                         share_name[i] = talloc_strdup(mem_ctx, attr_text);
 245                         if (!share_dn[i] || !share_name[i]) {
 246                                 DEBUG(0,("config_ldap: Out of memory!\n"));
 247                                 goto done;
 248                         }
 249
 250                         DEBUG(0, ("config_ldap: Found share [%s] (%s)\n", attr_text, temp));
 251                         SAFE_FREE(temp);
 252
 253                         entry = ldap_next_entry(ldap_state.smbldap_state->ldap_struct, entry);
 254                         i++;
 255                         if (entry && (count == i)) {
 256                                 DEBUG(0, ("Error too many entryes in ldap result\n"));
 257                                 goto done;
 258                         }
 259                 }
 260                 share_dn[i] = NULL;
 261         }
 262
 263         /* parse global section*/
 264         if (!sfunc("global")) {
 265                 goto done;
 266         }
 267         if (!NT_STATUS_IS_OK(parse_section(config_dn, pfunc))) {
 268                 goto done;
 269         } else { /* parse shares */
 270                 int i;
 271
 272                 for (i = 0; share_dn[i] != NULL; i++) {
 273                         if (!sfunc(share_name[i])) {
 274                                 goto done;
 275                         }
 276                         if (!NT_STATUS_IS_OK(parse_section(share_dn[i], pfunc))) {
 277                                 goto done;
 278                         }
 279                 }
 280         }
 281
 282 done:
 283         talloc_destroy(mem_ctx);
 284         if (result) ldap_msgfree(result);
 285
 286         return ret;
 287 }
 288
 289 /*****************************************************************************
 290  Initialise config_ldap module
 291 *****************************************************************************/
 292
 293 static NTSTATUS ldap_config_init(char *params)
 294 {
 295         NTSTATUS nt_status;
 296         const char *location;
 297         const char *basedn;
 298
 299         ldap_state.mem_ctx = talloc_init("config_ldap");
 300         if (!ldap_state.mem_ctx) {
 301                 return NT_STATUS_NO_MEMORY;
 302         }
 303
 304         /* we assume only location is passed through an inline parameter
 305          * other options go via parametrical options */
 306         if (params) {
 307                 location = params;
 308         } else {
 309                 location = lp_parm_const_string(GLOBAL_SECTION_SNUM, "config_ldap", "url", "ldap://localhost");
 310         }
 311         DEBUG(0,("config_ldap: location=%s\n", location));
 312         basedn = lp_parm_const_string(GLOBAL_SECTION_SNUM, "config_ldap", "basedn", NULL);
 313         if (basedn) config_base_dn = smb_xstrdup(basedn);
 314
 315         if (!NT_STATUS_IS_OK(nt_status =
 316                              smbldap_init(ldap_state.mem_ctx, location,
 317                                           &ldap_state.smbldap_state))) {
 318                 talloc_destroy(ldap_state.mem_ctx);
 319                 DEBUG(0,("config_ldap: smbldap_init failed!\n"));
 320                 return nt_status;
 321         }
 322
 323         return NT_STATUS_OK;
 324 }
 325
 326 /*****************************************************************************
 327  End the LDAP session
 328 *****************************************************************************/
 329
 330 static NTSTATUS ldap_config_close(void)
 331 {
 332
 333         smbldap_free_struct(&(ldap_state).smbldap_state);
 334         talloc_destroy(ldap_state.mem_ctx);
 335
 336         DEBUG(5,("The connection to the LDAP server was closed\n"));
 337         /* maybe free the results here --metze */
 338
 339         return NT_STATUS_OK;
 340 }
 341
 342 static struct config_functions functions = {
 343         ldap_config_init,
 344         ldap_config_load,
 345         ldap_config_close
 346 };
 347
 348 NTSTATUS config_ldap_init(void)
 349 {
 350         return smb_register_config(SAMBA_CONFIG_INTERFACE_VERSION, "ldap", &functions);
 351 }