1 #if !defined(lint) && !defined(DOS)
2 static char rcsid
[] = "$Id: ldap.c 1204 2009-02-02 19:54:23Z hubert@u.washington.edu $";
6 * ========================================================================
7 * Copyright 2013-2017 Eduardo Chappa
8 * Copyright 2006-2008 University of Washington
10 * Licensed under the Apache License, Version 2.0 (the "License");
11 * you may not use this file except in compliance with the License.
12 * You may obtain a copy of the License at
14 * http://www.apache.org/licenses/LICENSE-2.0
16 * ========================================================================
19 #include "../pith/headers.h"
20 #include "../pith/ldap.h"
21 #include "../pith/state.h"
22 #include "../pith/conf.h"
23 #include "../pith/status.h"
24 #include "../pith/util.h"
25 #include "../pith/imap.h"
26 #include "../pith/busy.h"
27 #include "../pith/signal.h"
28 #include "../pith/ablookup.h"
29 #include "../pith/readfile.h"
32 * Until we can think of a better way to do this. If user exits from an
33 * ldap address selection screen we want to return -1 so that call_builder
34 * will stay on the same line. Might want to use another return value
35 * for the builder so that call_builder more fully understands what we're
44 * Hook to allow user input on whether or not to save chosen LDAP result
46 void (*pith_opt_save_ldap_entry
)(struct pine
*, LDAP_CHOOSE_S
*, int);
52 LDAP_SERV_RES_S
*ldap_lookup(LDAP_SERV_S
*, char *, CUSTOM_FILT_S
*, WP_ERR_S
*, int);
53 LDAP_SERV_S
*copy_ldap_serv_info(LDAP_SERV_S
*);
54 int our_ldap_get_lderrno(LDAP
*, char **, char **);
55 int our_ldap_set_lderrno(LDAP
*, int, char *, char *);
56 #endif /* ENABLE_LDAP */
60 * This function does white pages lookups.
62 * Args string -- the string to use in the lookup
64 * Returns NULL -- lookup failed
65 * Address -- A single address is returned if lookup was successfull.
68 wp_lookups(char *string
, WP_ERR_S
*wp_err
, int recursing
)
70 ADDRESS
*ret_a
= NULL
;
73 LDAP_SERV_RES_S
*free_when_done
= NULL
;
74 LDAPLookupStyle style
;
75 LDAP_CHOOSE_S
*winning_e
= NULL
;
76 LDAP_SERV_S
*info
= NULL
;
77 static char *fakedomain
= "@";
82 * Runtime ldap lookup of addrbook entry.
84 if(!strncmp(string
, RUN_LDAP
, LEN_RL
)){
85 LDAP_SERV_RES_S
*head_of_result_list
;
87 info
= break_up_ldap_server(string
+LEN_RL
);
88 head_of_result_list
= ldap_lookup(info
, "", NULL
, wp_err
, 1);
90 if(head_of_result_list
){
92 auwe_rv
= ask_user_which_entry(head_of_result_list
, string
,
95 wp_err
->wp_err_occurred
96 ? DisplayIfOne
: DisplayIfTwo
);
99 free_when_done
= head_of_result_list
;
102 wp_err
->wp_err_occurred
= 1;
104 q_status_message(SM_ORDER
, 3, 5, wp_err
->error
);
105 display_message('x');
106 fs_give((void **)&wp_err
->error
);
109 /* try using backup email address */
110 if(info
&& info
->mail
&& *info
->mail
){
111 tmp_a_string
= cpystr(info
->mail
);
112 rfc822_parse_adrlist(&ret_a
, tmp_a_string
, fakedomain
);
113 fs_give((void **)&tmp_a_string
);
116 cpystr(_("Directory lookup failed, using backup email address"));
120 * Do this so the awful LDAP: ... string won't show up
121 * in the composer. This shouldn't actually happen in
122 * real life, so we're not too concerned about it. If we
123 * were we'd want to recover the nickname we started with
124 * somehow, or something like that.
126 ret_a
= mail_newaddr();
127 ret_a
->mailbox
= cpystr("missing-username");
128 wp_err
->error
= cpystr(_("Directory lookup failed, no backup email address available"));
131 q_status_message(SM_ORDER
, 3, 5, wp_err
->error
);
132 display_message('x');
136 style
= F_ON(F_COMPOSE_REJECTS_UNQUAL
, ps_global
)
137 ? DisplayIfOne
: DisplayIfTwo
;
138 auwe_rv
= ldap_lookup_all(string
, as
.n_serv
, recursing
, style
, NULL
,
139 &winning_e
, wp_err
, &free_when_done
);
142 if(winning_e
&& auwe_rv
!= -5){
143 ret_a
= address_from_ldap(winning_e
);
145 if(pith_opt_save_ldap_entry
&& ret_a
&& F_ON(F_ADD_LDAP_TO_ABOOK
, ps_global
) && !info
)
146 (*pith_opt_save_ldap_entry
)(ps_global
, winning_e
, 1);
149 fs_give((void **)&winning_e
);
152 /* Info's only set in the RUN_LDAP case */
154 if(ret_a
&& ret_a
->host
){
155 ADDRESS
*backup
= NULL
;
157 if(info
->mail
&& *info
->mail
)
158 rfc822_parse_adrlist(&backup
, info
->mail
, fakedomain
);
160 if(!backup
|| !address_is_same(ret_a
, backup
)){
162 q_status_message(SM_ORDER
, 3, 5, wp_err
->error
);
163 display_message('x');
164 fs_give((void **)&wp_err
->error
);
167 snprintf(ebuf
, sizeof(ebuf
),
168 _("Warning: current address different from saved address (%s)"),
170 wp_err
->error
= cpystr(ebuf
);
171 q_status_message(SM_ORDER
, 3, 5, wp_err
->error
);
172 display_message('x');
176 mail_free_address(&backup
);
179 free_ldap_server_info(&info
);
183 free_ldap_result_list(&free_when_done
);
184 #endif /* ENABLE_LDAP */
187 if(ret_a
->mailbox
){ /* indicates there was a MAIL attribute */
188 if(!ret_a
->host
|| !ret_a
->host
[0]){
190 fs_give((void **)&ret_a
->host
);
192 ret_a
->host
= cpystr("missing-hostname");
193 wp_err
->wp_err_occurred
= 1;
195 fs_give((void **)&wp_err
->error
);
197 wp_err
->error
= cpystr(_("Missing hostname in LDAP address"));
198 q_status_message(SM_ORDER
, 3, 5, wp_err
->error
);
199 display_message('x');
202 if(!ret_a
->mailbox
[0]){
204 fs_give((void **)&ret_a
->mailbox
);
206 ret_a
->mailbox
= cpystr("missing-username");
207 wp_err
->wp_err_occurred
= 1;
209 fs_give((void **)&wp_err
->error
);
211 wp_err
->error
= cpystr(_("Missing username in LDAP address"));
212 q_status_message(SM_ORDER
, 3, 5, wp_err
->error
);
213 display_message('x');
217 wp_err
->wp_err_occurred
= 1;
220 fs_give((void **)&wp_err
->error
);
222 snprintf(ebuf
, sizeof(ebuf
), _("No email address available for \"%s\""),
223 (ret_a
->personal
&& *ret_a
->personal
)
226 wp_err
->error
= cpystr(ebuf
);
227 q_status_message(SM_ORDER
, 3, 5, wp_err
->error
);
228 display_message('x');
229 mail_free_address(&ret_a
);
241 * Goes through all servers looking up string.
243 * Args string -- String to search for
244 * who -- Which servers to look on
245 * style -- Sometimes we want to display no matter what, sometimes
246 * only if more than one entry, sometimes only if email
249 * The possible styles are:
250 * AlwaysDisplayAndMailRequired: This happens when user ^T's from
251 * composer to address book screen, and
252 * then queries directory server.
253 * AlwaysDisplay: This happens when user is browsing
254 * in address book maintenance screen and
255 * then queries directory server.
256 * DisplayIfOne: These two come from implicit lookups
257 * DisplayIfTwo: from build_address. If the compose rejects
258 * unqualified feature is on we get the
259 * DisplayIfOne, otherwise IfTwo.
261 * cust -- Use this custom filter instead of configured filters
262 * winning_e -- Return value
263 * wp_err -- Error handling
264 * free_when_done -- Caller needs to free this
266 * Returns -- value returned by ask_user_which_entry
269 ldap_lookup_all(char *string
, int who
, int recursing
, LDAPLookupStyle style
,
270 CUSTOM_FILT_S
*cust
, LDAP_CHOOSE_S
**winning_e
,
271 WP_ERR_S
*wp_err
, LDAP_SERV_RES_S
**free_when_done
)
274 LDAP_SERV_RES_S
*head_of_result_list
= NULL
;
276 wp_exit
= wp_nobail
= 0;
278 *free_when_done
= NULL
;
280 head_of_result_list
= ldap_lookup_all_work(string
, who
, recursing
,
284 retval
= ask_user_which_entry(head_of_result_list
, string
, winning_e
,
286 (wp_err
->wp_err_occurred
&&
287 style
== DisplayIfTwo
) ? DisplayIfOne
291 * Because winning_e probably points into the result list
292 * we need to leave the result list alone and have the caller
293 * free it after they are done with winning_e.
295 if(retval
!= -5 && free_when_done
)
296 *free_when_done
= head_of_result_list
;
303 * Goes through all servers looking up string.
305 * Args string -- String to search for
306 * who -- Which servers to look on
307 * cust -- Use this custom filter instead of configured filters
308 * wp_err -- Error handling
310 * Returns -- list of results that needs to be freed by caller
313 ldap_lookup_all_work(char *string
, int who
, int recursing
,
314 CUSTOM_FILT_S
*cust
, WP_ERR_S
*wp_err
)
317 LDAP_SERV_RES_S
*serv_res
;
318 LDAP_SERV_RES_S
*rr
, *head_of_result_list
= NULL
;
320 /* If there is at least one server */
321 if(ps_global
->VAR_LDAP_SERVERS
&& ps_global
->VAR_LDAP_SERVERS
[0] &&
322 ps_global
->VAR_LDAP_SERVERS
[0][0]){
323 int how_many_servers
;
325 for(i
= 0; ps_global
->VAR_LDAP_SERVERS
[i
] &&
326 ps_global
->VAR_LDAP_SERVERS
[i
][0]; i
++)
329 how_many_servers
= i
;
331 /* For each server in list */
332 for(i
= 0; !wp_exit
&& ps_global
->VAR_LDAP_SERVERS
[i
] &&
333 ps_global
->VAR_LDAP_SERVERS
[i
][0]; i
++){
336 dprint((6, "ldap_lookup_all_work: lookup on server (%.256s)\n",
337 ps_global
->VAR_LDAP_SERVERS
[i
]));
339 if(who
== -1 || who
== i
|| who
== as
.n_serv
)
340 info
= break_up_ldap_server(ps_global
->VAR_LDAP_SERVERS
[i
]);
343 * Who tells us which servers to look on.
344 * Who == -1 means all servers.
345 * Who == 0 means server[0].
346 * Who == 1 means server[1].
347 * Who == as.n_serv means query on those with impl set.
349 if(!(who
== -1 || who
== i
||
350 (who
== as
.n_serv
&& !recursing
&& info
&& info
->impl
) ||
351 (who
== as
.n_serv
&& recursing
&& info
&& info
->rhs
))){
354 free_ldap_server_info(&info
);
359 dprint((6, "ldap_lookup_all_work: ldap_lookup (server: %.20s...)(string: %s)\n",
360 ps_global
->VAR_LDAP_SERVERS
[i
], string
));
361 serv_res
= ldap_lookup(info
, string
, cust
,
362 wp_err
, how_many_servers
> 1);
364 /* Add new one to end of list so they come in the right order */
365 for(rr
= head_of_result_list
; rr
&& rr
->next
; rr
= rr
->next
)
371 head_of_result_list
= serv_res
;
375 free_ldap_server_info(&info
);
379 return(head_of_result_list
);
384 * Do an LDAP lookup to the server described in the info argument.
386 * Args info -- LDAP info for server.
387 * string -- String to lookup.
388 * cust -- Possible custom filter description.
389 * wp_err -- We set this is we get a white pages error.
390 * name_in_error -- Caller sets this if they want us to include the server
391 * name in error messages.
393 * Returns Results of lookup, NULL if lookup failed.
396 ldap_lookup(LDAP_SERV_S
*info
, char *string
, CUSTOM_FILT_S
*cust
,
397 WP_ERR_S
*wp_err
, int name_in_error
)
401 char *serv
, *base
, *serv_errstr
;
402 char *mailattr
, *snattr
, *gnattr
, *cnattr
;
403 int we_cancel
= 0, we_turned_on
= 0;
404 LDAP_SERV_RES_S
*serv_res
= NULL
;
414 serv
= cpystr((info
->serv
&& *info
->serv
) ? info
->serv
: "?");
417 snprintf(ebuf
, sizeof(ebuf
), " (%s)",
418 (info
->nick
&& *info
->nick
) ? info
->nick
: serv
);
422 serv_errstr
= cpystr(ebuf
);
423 base
= cpystr(info
->base
? info
->base
: "");
426 info
->port
= LDAP_PORT
;
429 info
->type
= DEF_LDAP_TYPE
;
432 info
->srch
= DEF_LDAP_SRCH
;
435 info
->time
= DEF_LDAP_TIME
;
438 info
->size
= DEF_LDAP_SIZE
;
441 info
->scope
= DEF_LDAP_SCOPE
;
443 mailattr
= (info
->mailattr
&& info
->mailattr
[0]) ? info
->mailattr
445 snattr
= (info
->snattr
&& info
->snattr
[0]) ? info
->snattr
447 gnattr
= (info
->gnattr
&& info
->gnattr
[0]) ? info
->gnattr
449 cnattr
= (info
->cnattr
&& info
->cnattr
[0]) ? info
->cnattr
453 * We may want to keep ldap handles open, but at least for
454 * now, re-open them every time.
457 dprint((3, "ldap_lookup(%s,%d)\n", serv
? serv
: "?", info
->port
));
459 snprintf(ebuf
, sizeof(ebuf
), "Searching%s%s%s on %s",
460 (string
&& *string
) ? " for \"" : "",
461 (string
&& *string
) ? string
: "",
462 (string
&& *string
) ? "\"" : "",
464 we_turned_on
= intr_handling_on(); /* this erases keymenu */
465 we_cancel
= busy_cue(ebuf
, NULL
, 0);
467 *(wp_err
->mangled
) = 1;
470 if(info
->tls
|| info
->tlsmust
)
471 ldapssl_client_init(NULL
, NULL
);
472 if((ld
= ldap_init(serv
, info
->port
)) == NULL
)
476 if((ld
= ldap_init(serv
, info
->port
)) == NULL
)
478 #ifdef SMIME_SSLCERTS
479 /* If we are attempting a ldaps secure connection, we need to tell
480 * ldap that we have certificates. There are many ways to do so.
481 * OpenLDAP has many ways to configure this through configuration
482 * files. For example the global (to the system) ldap.conf file, or the
483 * personal ldaprc or .ldaprc files. Setting the location of the
484 * certificates must happen at the time we call ldap_initialize, we
485 * cannot set it up before that call, nor after, so what we are going
486 * to do is to test for a .ldaprc file in the home directory. If such
487 * file exists we read it, if not we create it and if it does not have
488 * a line for the location of the certificates in the system, we add one.
489 * (so we ignore all other configuration files)
491 if(info
->ldaps
&& ps_global
->home_dir
){
493 char *text
, *tls_conf
;
494 char filename
[MAXPATH
+1];
496 build_path(filename
, ps_global
->home_dir
, ".ldaprc", sizeof(filename
));
498 if((text
= read_file(filename
, 0)) != NULL
)
500 && (tls_conf
= strstr(text
, "TLS_CACERTDIR")) != NULL
501 && (tls_conf
== text
|| *(tls_conf
- 1) == '\n')){
502 tls_conf
+= 13; /* 13 = strlen("TLS_CACERTDIR") */
503 while (isspace(*tls_conf
))
505 if(!strncmp(tls_conf
, SMIME_SSLCERTS
, strlen(SMIME_SSLCERTS
)))
512 if((so
= so_get(FileStar
, filename
, WRITE_ACCESS
)) != NULL
){
515 so_puts(so
, NEWLINE
);
517 so_puts(so
, "TLS_CACERTDIR");
519 so_puts(so
, SMIME_SSLCERTS
);
520 so_puts(so
, NEWLINE
);
525 fs_give((void **)&text
);
527 #endif /* SMIME_SSLCERTS */
529 snprintf(tmp_20k_buf
, SIZEOF_20KBUF
, "%s://%s:%d",
530 info
->ldaps
? "ldaps" : "ldap", serv
, info
->port
);
531 tmp_20k_buf
[SIZEOF_20KBUF
-1] = '\0';
533 if(ldap_initialize(&ld
, tmp_20k_buf
) != LDAP_SUCCESS
)
536 if((ld
= ldap_open(serv
, info
->port
)) == NULL
)
540 /* TRANSLATORS: All of the three args together are an error message */
541 snprintf(ebuf
, sizeof(ebuf
), _("Access to LDAP server failed: %s%s(%s)"),
542 errno
? error_description(errno
) : "",
545 wp_err
->wp_err_occurred
= 1;
547 fs_give((void **)&wp_err
->error
);
549 wp_err
->error
= cpystr(ebuf
);
553 q_status_message(SM_ORDER
, 3, 5, wp_err
->error
);
554 display_message('x');
555 dprint((2, "%s\n", ebuf
));
557 else if(!ps_global
->intr_pending
){
558 int proto
= 3, tlsmustbail
= 0;
559 char pwd
[NETMAXPASSWD
], user
[NETMAXUSER
];
563 struct berval passwd
= { 0 };
571 memset(&mb
, 0, sizeof(mb
));
574 if(info
->tls
|| info
->tlsmust
)
575 rc
= ldapssl_install_routines(ld
);
578 if(ldap_v3_is_supported(ld
) &&
579 our_ldap_set_option(ld
, LDAP_OPT_PROTOCOL_VERSION
, &proto
) == 0){
580 dprint((5, "ldap: using version 3 protocol\n"));
584 * If we don't set RESTART then the select() waiting for the answer
585 * in libldap will be interrupted and stopped by our busy_cue.
587 our_ldap_set_option(ld
, LDAP_OPT_RESTART
, LDAP_OPT_ON
);
590 * If we need to authenticate, get the password
592 if(info
->binddn
&& info
->binddn
[0]){
596 snprintf(hostbuf
, sizeof(hostbuf
), "{%s}dummy", info
->serv
? info
->serv
: "?");
599 * We don't handle multiple space-delimited hosts well.
600 * We don't know which we're asking for a password for.
601 * We're not connected yet so we can't know.
603 if((space
=strindex(hostbuf
, ' ')) != NULL
)
606 mail_valid_net_parse_work(hostbuf
, &mb
, info
->ldaps
? "ldaps" : "ldap");
607 mb
.port
= info
->port
;
608 mb
.tlsflag
= (info
->tls
|| info
->tlsmust
) ? 1 : 0;
609 mb
.sslflag
= info
->ldaps
? 1 : 0;
618 #else /* !_SOLARIS_SDK */
619 ((rc
=ldap_start_tls_s(ld
, NULL
, NULL
)) == LDAP_SUCCESS
)
620 #endif /* !_SOLARIS_SDK */
622 0 /* TODO: find a way to do this in Windows */
623 #endif /* _WINDOWS */
629 if((info
->tls
|| info
->tlsmust
) && !mb
.tlsflag
){
630 q_status_message(SM_ORDER
, 3, 5, "Not able to start TLS encryption for LDAP server");
636 snprintf(pmt
, sizeof(pmt
), " %s", (info
->nick
&& *info
->nick
) ? info
->nick
: serv
);
637 mm_login_work(&mb
, user
, pwd
, pwdtrial
, pmt
, info
->binddn
);
642 passwd
.bv_len
= strlen(pwd
);
650 * LDAPv2 requires the bind. v3 doesn't require it but we want
651 * to tell the server we're v3 if the server supports v3, and if the
652 * server doesn't support v3 the bind is required.
656 || ldap_simple_bind_s(ld
, info
->binddn
, passwd
) != LDAP_SUCCESS
){
658 || ldap_sasl_bind_s(ld
, info
->binddn
, LDAP_SASL_SIMPLE
, &passwd
, NULL
, NULL
, NULL
) != LDAP_SUCCESS
){
660 wp_err
->wp_err_occurred
= 1;
662 ld_errnum
= our_ldap_get_lderrno(ld
, NULL
, &ld_errstr
);
664 if(!tlsmustbail
&& info
->binddn
&& info
->binddn
[0] && pwdtrial
< 2L
665 && ld_errnum
== LDAP_INVALID_CREDENTIALS
){
667 q_status_message(SM_ORDER
, 3, 5, _("Invalid password"));
668 goto try_password_again
;
671 snprintf(ebuf
, sizeof(ebuf
), _("LDAP server failed: %s%s%s%s"),
672 ldap_err2string(ld_errnum
),
674 (ld_errstr
&& *ld_errstr
) ? ": " : "",
675 (ld_errstr
&& *ld_errstr
) ? ld_errstr
: "");
678 fs_give((void **)&wp_err
->error
);
685 ldap_unbind_ext(ld
, NULL
, NULL
);
687 wp_err
->error
= cpystr(ebuf
);
688 q_status_message(SM_ORDER
, 3, 5, wp_err
->error
);
689 display_message('x');
690 dprint((2, "%s\n", ebuf
));
692 else if(!ps_global
->intr_pending
){
693 int srch_res
, args
, slen
, flen
;
694 #define TEMPLATELEN 512
695 char filt_template
[TEMPLATELEN
+ 1];
696 char filt_format
[2*TEMPLATELEN
+ 1];
697 char filter
[2*TEMPLATELEN
+ 1];
698 char scp
[2*TEMPLATELEN
+ 1];
700 LDAPMessage
*res
= NULL
;
701 int intr_happened
= 0;
704 tl
= (info
->time
== 0) ? info
->time
: info
->time
+ 10;
706 our_ldap_set_option(ld
, LDAP_OPT_TIMELIMIT
, &tl
);
707 our_ldap_set_option(ld
, LDAP_OPT_SIZELIMIT
, &info
->size
);
710 * If a custom filter has been passed in and it doesn't include a
711 * request to combine it with the configured filter, then replace
712 * any configured filter with the passed in filter.
714 if(cust
&& cust
->filt
&& !cust
->combine
){
716 fs_give((void **)&info
->cust
);
718 info
->cust
= cpystr(cust
->filt
);
721 if(info
->cust
&& *info
->cust
){ /* use custom filter if present */
722 strncpy(filt_template
, info
->cust
, sizeof(filt_template
));
723 filt_template
[sizeof(filt_template
)-1] = '\0';
725 else{ /* else use configured filter */
728 snprintf(filt_template
, sizeof(filt_template
), "(%s=%%s)", snattr
);
730 case LDAP_TYPE_GIVEN
:
731 snprintf(filt_template
, sizeof(filt_template
), "(%s=%%s)", gnattr
);
733 case LDAP_TYPE_EMAIL
:
734 snprintf(filt_template
, sizeof(filt_template
), "(%s=%%s)", mailattr
);
736 case LDAP_TYPE_CN_EMAIL
:
737 snprintf(filt_template
, sizeof(filt_template
), "(|(%s=%%s)(%s=%%s))", cnattr
,
740 case LDAP_TYPE_SUR_GIVEN
:
741 snprintf(filt_template
, sizeof(filt_template
), "(|(%s=%%s)(%s=%%s))",
744 case LDAP_TYPE_SEVERAL
:
745 snprintf(filt_template
, sizeof(filt_template
),
746 "(|(%s=%%s)(%s=%%s)(%s=%%s)(%s=%%s))",
747 cnattr
, mailattr
, snattr
, gnattr
);
751 snprintf(filt_template
, sizeof(filt_template
), "(%s=%%s)", cnattr
);
756 /* just copy if custom */
757 if(info
->cust
&& *info
->cust
)
758 info
->srch
= LDAP_SRCH_EQUALS
;
762 memset((void *)filt_format
, 0, sizeof(filt_format
));
764 while(*p
&& (q
- filt_format
) + 4 < sizeof(filt_format
)){
765 if(*p
== '%' && *(p
+1) == 's'){
769 case LDAP_SRCH_EQUALS
:
774 /* Append wildcard after %s */
775 case LDAP_SRCH_BEGINS
:
781 /* Insert wildcard before %s */
788 /* Put wildcard before and after %s */
790 case LDAP_SRCH_CONTAINS
:
802 if(q
- filt_format
< sizeof(filt_format
))
805 filt_format
[sizeof(filt_format
)-1] = '\0';
808 * If combine is lit we put the custom filter and the filt_format
809 * filter and combine them with an &.
811 if(cust
&& cust
->filt
&& cust
->combine
){
815 l
= strlen(filt_format
) + strlen(cust
->filt
) + 3;
816 combined
= (char *) fs_get((l
+1) * sizeof(char));
817 snprintf(combined
, l
+1, "(&%s%s)", cust
->filt
, filt_format
);
818 strncpy(filt_format
, combined
, sizeof(filt_format
));
819 filt_format
[sizeof(filt_format
)-1] = '\0';
820 fs_give((void **) &combined
);
824 * Ad hoc attempt to make "Steve Hubert" match
825 * Steven Hubert but not Steven Shubert.
826 * We replace a <SPACE> with * <SPACE> (not * <SPACE> *).
828 memset((void *)scp
, 0, sizeof(scp
));
830 strncpy(scp
, string
, sizeof(scp
));
834 while(*p
&& (q
- scp
) + 1 < sizeof(scp
)){
835 if(*p
== SPACE
&& *(p
+1) != SPACE
){
844 scp
[sizeof(scp
)-1] = '\0';
847 flen
= strlen(filt_format
);
848 /* truncate string if it will overflow filter */
849 if(args
*slen
+ flen
- 2*args
> sizeof(filter
)-1)
850 scp
[(sizeof(filter
)-1 - flen
)/args
] = '\0';
853 * Replace %s's with scp.
857 snprintf(filter
, sizeof(filter
), "%s", filt_format
);
860 snprintf(filter
, sizeof(filter
), filt_format
, scp
);
863 snprintf(filter
, sizeof(filter
), filt_format
, scp
, scp
);
866 snprintf(filter
, sizeof(filter
), filt_format
, scp
, scp
, scp
);
869 snprintf(filter
, sizeof(filter
), filt_format
, scp
, scp
, scp
, scp
);
872 snprintf(filter
, sizeof(filter
), filt_format
, scp
, scp
, scp
, scp
, scp
);
875 snprintf(filter
, sizeof(filter
), filt_format
, scp
, scp
, scp
, scp
, scp
, scp
);
878 snprintf(filter
, sizeof(filter
), filt_format
, scp
, scp
, scp
, scp
, scp
, scp
, scp
);
881 snprintf(filter
, sizeof(filter
), filt_format
, scp
, scp
, scp
, scp
, scp
, scp
, scp
,
885 snprintf(filter
, sizeof(filter
), filt_format
, scp
, scp
, scp
, scp
, scp
, scp
, scp
,
890 snprintf(filter
, sizeof(filter
), filt_format
, scp
, scp
, scp
, scp
, scp
, scp
, scp
,
895 /* replace double *'s with single *'s in filter */
896 for(p
= q
= filter
; *p
; p
++)
897 if(*p
!= '*' || p
== filter
|| *(p
-1) != '*')
902 (void) removing_double_quotes(base
);
903 dprint((5, "about to ldap_search(\"%s\", %s)\n",
904 base
? base
: "?", filter
? filter
: "?"));
905 if(ps_global
->intr_pending
)
906 srch_res
= LDAP_PROTOCOL_ERROR
;
910 struct timeval tv
= {0}, *tvp
= NULL
;
912 memset((void *)&tv
, 0, sizeof(struct timeval
));
913 tv
.tv_sec
= info
->time
;
916 start_time
= time((time_t *)0);
918 dprint((6, "ldap_lookup: calling ldap_search\n"));
920 msgid
= ldap_search(ld
, base
, info
->scope
, filter
, NULL
, 0);
922 if(ldap_search_ext(ld
, base
, info
->scope
, filter
, NULL
, 0,
923 NULL
, NULL
, tvp
, info
->size
, &msgid
) != LDAP_SUCCESS
)
928 srch_res
= our_ldap_get_lderrno(ld
, NULL
, NULL
);
932 * Warning: struct timeval is not portable. However, since it is
933 * part of LDAP api it must be portable to all platforms LDAP
934 * has been ported to.
938 t
.tv_sec
= 1; t
.tv_usec
= 0;
941 if(ps_global
->intr_pending
)
944 dprint((6, "ldap_result(id=%d): ", msgid
));
945 if((lres
=ldap_result(ld
, msgid
, LDAP_MSG_ALL
, &t
, &res
)) == -1){
947 srch_res
= our_ldap_get_lderrno(ld
, NULL
, NULL
);
948 dprint((6, "error (-1 returned): ld_errno=%d\n",
951 else if(lres
== 0){ /* timeout, no results available */
954 ldap_abandon(ld
, msgid
);
956 ldap_abandon_ext(ld
, msgid
, NULL
, NULL
);
958 srch_res
= LDAP_PROTOCOL_ERROR
;
959 if(our_ldap_get_lderrno(ld
, NULL
, NULL
) == LDAP_SUCCESS
)
960 our_ldap_set_lderrno(ld
, LDAP_PROTOCOL_ERROR
, NULL
, NULL
);
962 dprint((6, "timeout, intr: srch_res=%d\n",
965 else if(info
->time
> 0 &&
966 ((long)time((time_t *)0) - start_time
) > info
->time
){
967 /* try for partial results */
968 t
.tv_sec
= 0; t
.tv_usec
= 0;
969 lres
= ldap_result(ld
, msgid
, LDAP_MSG_RECEIVED
, &t
, &res
);
970 if(lres
> 0 && lres
!= LDAP_RES_SEARCH_RESULT
){
971 srch_res
= LDAP_SUCCESS
;
972 dprint((6, "partial result: lres=0x%x\n", lres
));
977 ldap_abandon(ld
, msgid
);
979 ldap_abandon_ext(ld
, msgid
, NULL
, NULL
);
982 srch_res
= LDAP_TIMEOUT
;
983 if(our_ldap_get_lderrno(ld
, NULL
, NULL
) == LDAP_SUCCESS
)
984 our_ldap_set_lderrno(ld
, LDAP_TIMEOUT
, NULL
, NULL
);
987 "timeout, total_time (%d), srch_res=%d\n",
988 info
->time
, srch_res
));
992 dprint((6, "timeout\n"));
997 srch_res
= ldap_result2error(ld
, res
, 0);
998 dprint((6, "lres=0x%x, srch_res=%d\n", lres
,
1002 char *dn
, *text
, **ref
;
1005 dn
= text
= NULL
; ref
= NULL
; srv
= NULL
;
1006 srch_res
= ldap_parse_result(ld
, res
,
1007 &err
, &dn
, &text
, &ref
, &srv
, 0);
1008 dprint((6, "lres=0x%x, srch_res=%d, dn=%s, text=%s\n", lres
,
1009 srch_res
, dn
? dn
: "", text
? text
: ""));
1010 if(dn
) ber_memfree(dn
);
1011 if(text
) ber_memfree(text
);
1012 if(ref
) ber_memvfree((void **) ref
);
1013 if(srv
) ldap_controls_free(srv
);
1019 ((long)time((time_t *)0) - start_time
) > info
->time
)));
1026 cancel_busy_cue(-1);
1029 fs_give((void **)&wp_err
->error
);
1031 q_status_message(SM_ORDER
, 0, 1, "Interrupt");
1032 display_message('x');
1042 ldap_unbind_ext(ld
, NULL
, NULL
);
1045 res
= NULL
; ld
= NULL
;
1047 else if(srch_res
!= LDAP_SUCCESS
&&
1048 srch_res
!= LDAP_TIMELIMIT_EXCEEDED
&&
1049 srch_res
!= LDAP_RESULTS_TOO_LARGE
&&
1050 srch_res
!= LDAP_TIMEOUT
&&
1051 srch_res
!= LDAP_SIZELIMIT_EXCEEDED
){
1052 wp_err
->wp_err_occurred
= 1;
1054 ld_errnum
= our_ldap_get_lderrno(ld
, NULL
, &ld_errstr
);
1056 snprintf(ebuf
, sizeof(ebuf
), _("LDAP search failed: %s%s%s%s"),
1057 ldap_err2string(ld_errnum
),
1059 (ld_errstr
&& *ld_errstr
) ? ": " : "",
1060 (ld_errstr
&& *ld_errstr
) ? ld_errstr
: "");
1063 fs_give((void **)&wp_err
->error
);
1065 wp_err
->error
= cpystr(ebuf
);
1067 cancel_busy_cue(-1);
1069 q_status_message(SM_ORDER
, 3, 5, wp_err
->error
);
1070 display_message('x');
1071 dprint((2, "%s\n", ebuf
));
1078 ldap_unbind_ext(ld
, NULL
, NULL
);
1081 res
= NULL
; ld
= NULL
;
1086 cnt
= ldap_count_entries(ld
, res
);
1090 if(srch_res
== LDAP_TIMELIMIT_EXCEEDED
||
1091 srch_res
== LDAP_RESULTS_TOO_LARGE
||
1092 srch_res
== LDAP_TIMEOUT
||
1093 srch_res
== LDAP_SIZELIMIT_EXCEEDED
){
1094 wp_err
->wp_err_occurred
= 1;
1095 ld_errnum
= our_ldap_get_lderrno(ld
, NULL
, &ld_errstr
);
1097 snprintf(ebuf
, sizeof(ebuf
), _("LDAP partial results: %s%s%s%s"),
1098 ldap_err2string(ld_errnum
),
1100 (ld_errstr
&& *ld_errstr
) ? ": " : "",
1101 (ld_errstr
&& *ld_errstr
) ? ld_errstr
: "");
1102 dprint((2, "%s\n", ebuf
));
1104 fs_give((void **)&wp_err
->error
);
1106 wp_err
->error
= cpystr(ebuf
);
1108 cancel_busy_cue(-1);
1110 q_status_message(SM_ORDER
, 3, 5, wp_err
->error
);
1111 display_message('x');
1114 dprint((5, "Matched %d entries on %s\n",
1115 cnt
, serv
? serv
: "?"));
1117 serv_res
= (LDAP_SERV_RES_S
*)fs_get(sizeof(LDAP_SERV_RES_S
));
1118 memset((void *)serv_res
, 0, sizeof(*serv_res
));
1120 serv_res
->res
= res
;
1121 serv_res
->info_used
= copy_ldap_serv_info(info
);
1122 /* Save by reference? */
1124 snprintf(buf
, sizeof(buf
), "%s:%s", serv
, comatose(info
->port
));
1125 serv_res
->serv
= cpystr(buf
);
1128 serv_res
->serv
= NULL
;
1130 serv_res
->next
= NULL
;
1133 if(srch_res
== LDAP_TIMELIMIT_EXCEEDED
||
1134 srch_res
== LDAP_RESULTS_TOO_LARGE
||
1135 srch_res
== LDAP_TIMEOUT
||
1136 srch_res
== LDAP_SIZELIMIT_EXCEEDED
){
1137 wp_err
->wp_err_occurred
= 1;
1138 wp_err
->ldap_errno
= srch_res
;
1140 ld_errnum
= our_ldap_get_lderrno(ld
, NULL
, &ld_errstr
);
1142 snprintf(ebuf
, sizeof(ebuf
), _("LDAP search failed: %s%s%s%s"),
1143 ldap_err2string(ld_errnum
),
1145 (ld_errstr
&& *ld_errstr
) ? ": " : "",
1146 (ld_errstr
&& *ld_errstr
) ? ld_errstr
: "");
1149 fs_give((void **)&wp_err
->error
);
1151 wp_err
->error
= cpystr(ebuf
);
1153 cancel_busy_cue(-1);
1155 q_status_message(SM_ORDER
, 3, 5, wp_err
->error
);
1156 display_message('x');
1157 dprint((2, "%s\n", ebuf
));
1160 dprint((5, "Matched 0 entries on %s\n",
1161 serv
? serv
: "?"));
1168 ldap_unbind_ext(ld
, NULL
, NULL
);
1171 res
= NULL
; ld
= NULL
;
1178 cancel_busy_cue(-1);
1181 intr_handling_off();
1184 fs_give((void **)&serv
);
1186 fs_give((void **)&base
);
1188 fs_give((void **)&serv_errstr
);
1195 * Given a list of entries, present them to user so user may
1198 * Args head -- The head of the list of results
1199 * orig -- The string the user was searching for
1200 * result -- Returned pointer to chosen LDAP_SEARCH_WINNER or NULL
1201 * wp_err -- Error handling
1205 * -1 Exit chosen by user
1206 * -2 None of matched entries had an email address
1207 * -3 No matched entries
1208 * -4 Goback to Abook List chosen by user
1209 * -5 caller shouldn't free head
1212 ask_user_which_entry(LDAP_SERV_RES_S
*head
, char *orig
, LDAP_CHOOSE_S
**result
,
1213 WP_ERR_S
*wp_err
, LDAPLookupStyle style
)
1219 dprint((3, "ask_user_which(style=%s)\n",
1220 style
== AlwaysDisplayAndMailRequired
? "AlwaysDisplayAndMailRequired" :
1221 style
== AlwaysDisplay
? "AlwaysDisplay" :
1222 style
== DisplayIfTwo
? "DisplayIfTwo" :
1223 style
== DisplayForURL
? "DisplayForURL" :
1224 style
== DisplayIfOne
? "DisplayIfOne" : "?"));
1227 * Set up a screen for user to choose one entry.
1230 if(style
== AlwaysDisplay
|| style
== DisplayForURL
)
1231 snprintf(t
, sizeof(t
), "SEARCH RESULTS INDEX");
1236 snprintf(t
, sizeof(t
), _("SELECT ONE ADDRESS%s%s%s"),
1237 (orig
&& *orig
&& len
< 40) ? " FOR \"" : "",
1238 (orig
&& *orig
&& len
< 40) ? orig
: "",
1239 (orig
&& *orig
&& len
< 40) ? "\"" : "");
1242 memset(&ac
, 0, sizeof(ADDR_CHOOSE_S
));
1243 ac
.title
= cpystr(t
);
1246 retval
= ldap_addr_select(ps_global
, &ac
, result
, style
, wp_err
, orig
);
1252 case -1: /* Exit chosen by user */
1256 case -4: /* GoBack to AbookList chosen by user */
1264 if(style
!= AlwaysDisplay
){
1266 fs_give((void **)&wp_err
->error
);
1269 cpystr(_("None of the names matched on directory server has an email address"));
1270 q_status_message(SM_ORDER
, 3, 5, wp_err
->error
);
1271 display_message('x');
1277 if(style
== AlwaysDisplayAndMailRequired
){
1279 fs_give((void **)&wp_err
->error
);
1281 wp_err
->error
= cpystr(_("No matches on directory server"));
1282 q_status_message(SM_ORDER
, 3, 5, wp_err
->error
);
1283 display_message('x');
1289 fs_give((void **)&ac
.title
);
1296 address_from_ldap(LDAP_CHOOSE_S
*winning_e
)
1298 ADDRESS
*ret_a
= NULL
;
1304 ret_a
= mail_newaddr();
1305 for(a
= ldap_first_attribute(winning_e
->ld
, winning_e
->selected_entry
, &ber
);
1307 a
= ldap_next_attribute(winning_e
->ld
, winning_e
->selected_entry
, ber
)){
1310 struct berval
**vals
;
1312 dprint((9, "attribute: %s\n", a
? a
: "?"));
1313 if(!ret_a
->personal
&&
1314 strcmp(a
, winning_e
->info_used
->cnattr
) == 0){
1315 dprint((9, "Got cnattr:"));
1316 vals
= ldap_get_values_len(winning_e
->ld
, winning_e
->selected_entry
, a
);
1317 for(i
= 0; i
< ldap_count_values_len(vals
); i
++)
1319 vals
[i
] ? vals
[i
]->bv_val
: "?"));
1321 if(ALPINE_LDAP_can_use(vals
))
1322 ret_a
->personal
= cpystr(vals
[0]->bv_val
);
1324 ldap_value_free_len(vals
);
1326 else if(!ret_a
->mailbox
&&
1327 strcmp(a
, winning_e
->info_used
->mailattr
) == 0){
1328 dprint((9, "Got mailattr:"));
1329 vals
= ldap_get_values_len(winning_e
->ld
, winning_e
->selected_entry
, a
);
1330 for(i
= 0; i
< ldap_count_values_len(vals
); i
++)
1332 vals
[i
] ? vals
[i
]->bv_val
: "?"));
1335 if(ALPINE_LDAP_can_use(vals
)){
1336 if((p
= strindex(vals
[0]->bv_val
, '@')) != NULL
){
1337 ret_a
->host
= cpystr(p
+1);
1341 ret_a
->mailbox
= cpystr(vals
[0]->bv_val
);
1344 ldap_value_free_len(vals
);
1347 our_ldap_memfree(a
);
1356 * Break up the ldap-server string stored in the pinerc into its
1357 * parts. The structure is allocated here and should be freed by the caller.
1359 * The original string looks like
1360 * <servername>[:port] <SPACE> "/base=<base>/impl=1/..."
1362 * Args serv_str -- The original string from the pinerc to parse.
1364 * Returns A pointer to a structure with filled in answers.
1366 * Some of the members have defaults. If port is -1, that means to use
1367 * the default LDAP_PORT. If base is NULL, use "". Type and srch have
1368 * defaults defined in alpine.h. If cust is non-NULL, it overrides type and
1372 break_up_ldap_server(char *serv_str
)
1376 int i
, only_one
= 1;
1377 LDAP_SERV_S
*info
= NULL
;
1382 info
= (LDAP_SERV_S
*)fs_get(sizeof(LDAP_SERV_S
));
1385 * Initialize to defaults.
1387 memset((void *)info
, 0, sizeof(*info
));
1395 /* copy the whole string to work on */
1396 lserv
= cpystr(serv_str
);
1398 removing_trailing_white_space(lserv
);
1400 if(!lserv
|| !*lserv
|| *lserv
== '"'){
1402 fs_give((void **)&lserv
);
1405 free_ldap_server_info(&info
);
1411 while((tail
= strindex(tail
, SPACE
)) != NULL
){
1413 if(*tail
== '"' || *tail
== '/'){
1421 /* tail is the part after server[:port] <SPACE> */
1423 removing_leading_white_space(tail
);
1424 (void)removing_double_quotes(tail
);
1427 /* get the optional port number */
1428 if(only_one
&& (q
= strindex(lserv
, ':')) != NULL
){
1432 if((ldapport
= atoi(q
+1)) >= 0)
1433 info
->port
= ldapport
;
1436 /* use lserv for serv even though it has a few extra bytes alloced */
1440 /* get the search base */
1441 if((q
= srchstr(tail
, "/base=")) != NULL
)
1442 info
->base
= remove_backslash_escapes(q
+6);
1444 if((q
= srchstr(tail
, "/binddn=")) != NULL
)
1445 info
->binddn
= remove_backslash_escapes(q
+8);
1447 /* get the implicit parameter */
1448 if((q
= srchstr(tail
, "/impl=1")) != NULL
)
1451 /* get the rhs parameter */
1452 if((q
= srchstr(tail
, "/rhs=1")) != NULL
)
1455 /* get the ref parameter */
1456 if((q
= srchstr(tail
, "/ref=1")) != NULL
)
1459 /* get the nosub parameter */
1460 if((q
= srchstr(tail
, "/nosub=1")) != NULL
)
1463 /* get the tls parameter */
1464 if((q
= srchstr(tail
, "/tls=1")) != NULL
)
1467 /* get the tlsmust parameter */
1468 if((q
= srchstr(tail
, "/tlsm=1")) != NULL
)
1471 /* get the ldaps parameter */
1472 if((q
= srchstr(tail
, "/ldaps=1")) != NULL
)
1475 /* get the search type value */
1476 if((q
= srchstr(tail
, "/type=")) != NULL
){
1480 if((p
= strindex(q
, '/')) != NULL
)
1483 for(i
= 0; (v
= ldap_search_types(i
)); i
++)
1484 if(!strucmp(q
, v
->name
)){
1485 info
->type
= v
->value
;
1493 /* get the search rule value */
1494 if((q
= srchstr(tail
, "/srch=")) != NULL
){
1498 if((p
= strindex(q
, '/')) != NULL
)
1501 for(i
= 0; (v
= ldap_search_rules(i
)); i
++)
1502 if(!strucmp(q
, v
->name
)){
1503 info
->srch
= v
->value
;
1512 if((q
= srchstr(tail
, "/scope=")) != NULL
){
1516 if((p
= strindex(q
, '/')) != NULL
)
1519 for(i
= 0; (v
= ldap_search_scope(i
)); i
++)
1520 if(!strucmp(q
, v
->name
)){
1521 info
->scope
= v
->value
;
1529 /* get the time limit */
1530 if((q
= srchstr(tail
, "/time=")) != NULL
){
1532 if((p
= strindex(q
, '/')) != NULL
)
1535 /* This one's a number */
1539 err
= strtoval(q
, &i
, 0, 500, 0, tmp_20k_buf
, SIZEOF_20KBUF
, "ldap timelimit");
1541 dprint((1, "%s\n", err
? err
: "?"));
1551 /* get the size limit */
1552 if((q
= srchstr(tail
, "/size=")) != NULL
){
1554 if((p
= strindex(q
, '/')) != NULL
)
1557 /* This one's a number */
1561 err
= strtoval(q
, &i
, 0, 500, 0, tmp_20k_buf
, SIZEOF_20KBUF
, "ldap sizelimit");
1563 dprint((1, "%s\n", err
? err
: "?"));
1573 /* get the custom search filter */
1574 if((q
= srchstr(tail
, "/cust=")) != NULL
)
1575 info
->cust
= remove_backslash_escapes(q
+6);
1577 /* get the nickname */
1578 if((q
= srchstr(tail
, "/nick=")) != NULL
)
1579 info
->nick
= remove_backslash_escapes(q
+6);
1581 /* get the mail attribute name */
1582 if((q
= srchstr(tail
, "/matr=")) != NULL
)
1583 info
->mailattr
= remove_backslash_escapes(q
+6);
1585 /* get the sn attribute name */
1586 if((q
= srchstr(tail
, "/satr=")) != NULL
)
1587 info
->snattr
= remove_backslash_escapes(q
+6);
1589 /* get the gn attribute name */
1590 if((q
= srchstr(tail
, "/gatr=")) != NULL
)
1591 info
->gnattr
= remove_backslash_escapes(q
+6);
1593 /* get the cn attribute name */
1594 if((q
= srchstr(tail
, "/catr=")) != NULL
)
1595 info
->cnattr
= remove_backslash_escapes(q
+6);
1597 /* get the backup mail address */
1598 if((q
= srchstr(tail
, "/mail=")) != NULL
)
1599 info
->mail
= remove_backslash_escapes(q
+6);
1607 free_ldap_server_info(LDAP_SERV_S
**info
)
1611 fs_give((void **)&(*info
)->serv
);
1614 fs_give((void **)&(*info
)->base
);
1617 fs_give((void **)&(*info
)->cust
);
1620 fs_give((void **)&(*info
)->binddn
);
1623 fs_give((void **)&(*info
)->nick
);
1626 fs_give((void **)&(*info
)->mail
);
1628 if((*info
)->mailattr
)
1629 fs_give((void **)&(*info
)->mailattr
);
1632 fs_give((void **)&(*info
)->snattr
);
1635 fs_give((void **)&(*info
)->gnattr
);
1638 fs_give((void **)&(*info
)->cnattr
);
1640 fs_give((void **)info
);
1647 copy_ldap_serv_info(LDAP_SERV_S
*src
)
1649 LDAP_SERV_S
*info
= NULL
;
1652 info
= (LDAP_SERV_S
*) fs_get(sizeof(*info
));
1655 * Initialize to defaults.
1657 memset((void *)info
, 0, sizeof(*info
));
1659 info
->serv
= src
->serv
? cpystr(src
->serv
) : NULL
;
1660 info
->base
= src
->base
? cpystr(src
->base
) : NULL
;
1661 info
->cust
= src
->cust
? cpystr(src
->cust
) : NULL
;
1662 info
->binddn
= src
->binddn
? cpystr(src
->binddn
) : NULL
;
1663 info
->nick
= src
->nick
? cpystr(src
->nick
) : NULL
;
1664 info
->mail
= src
->mail
? cpystr(src
->mail
) : NULL
;
1665 info
->mailattr
= cpystr((src
->mailattr
&& src
->mailattr
[0])
1666 ? src
->mailattr
: DEF_LDAP_MAILATTR
);
1667 info
->snattr
= cpystr((src
->snattr
&& src
->snattr
[0])
1668 ? src
->snattr
: DEF_LDAP_SNATTR
);
1669 info
->gnattr
= cpystr((src
->gnattr
&& src
->gnattr
[0])
1670 ? src
->gnattr
: DEF_LDAP_GNATTR
);
1671 info
->cnattr
= cpystr((src
->cnattr
&& src
->cnattr
[0])
1672 ? src
->cnattr
: DEF_LDAP_CNATTR
);
1674 info
->port
= (src
->port
< 0) ? LDAP_PORT
: src
->port
;
1675 info
->time
= (src
->time
< 0) ? DEF_LDAP_TIME
: src
->time
;
1676 info
->size
= (src
->size
< 0) ? DEF_LDAP_SIZE
: src
->size
;
1677 info
->type
= (src
->type
< 0) ? DEF_LDAP_TYPE
: src
->type
;
1678 info
->srch
= (src
->srch
< 0) ? DEF_LDAP_SRCH
: src
->srch
;
1679 info
->scope
= (src
->scope
< 0) ? DEF_LDAP_SCOPE
: src
->scope
;
1680 info
->impl
= src
->impl
;
1681 info
->rhs
= src
->rhs
;
1682 info
->ref
= src
->ref
;
1683 info
->nosub
= src
->nosub
;
1684 info
->tls
= src
->tls
;
1692 free_ldap_result_list(LDAP_SERV_RES_S
**r
)
1695 free_ldap_result_list(&(*r
)->next
);
1697 ldap_msgfree((*r
)->res
);
1700 ldap_unbind((*r
)->ld
);
1702 ldap_unbind_ext((*r
)->ld
, NULL
, NULL
);
1705 free_ldap_server_info(&(*r
)->info_used
);
1707 fs_give((void **) &(*r
)->serv
);
1709 fs_give((void **) r
);
1715 * Mask API differences.
1718 our_ldap_memfree(void *a
)
1728 * Mask API differences.
1731 our_ldap_dn_memfree(void *a
)
1733 #if defined(_WINDOWS)
1752 our_ldap_get_lderrno(LDAP
*ld
, char **m
, char **s
)
1756 #if (LDAPAPI >= 2000)
1757 if(ldap_get_option(ld
, LDAP_OPT_ERROR_NUMBER
, (void *)&ret
) == 0){
1759 ldap_get_option(ld
, LDAP_OPT_ERROR_STRING
, (void *)s
);
1761 #elif (LDAPAPI >= 15)
1762 ret
= ldap_get_lderrno(ld
, m
, s
);
1777 our_ldap_set_lderrno(LDAP
*ld
, int e
, char *m
, char *s
)
1781 #if (LDAPAPI >= 2000)
1782 if(ldap_set_option(ld
, LDAP_OPT_ERROR_NUMBER
, (void *)&e
) == 0)
1785 (void)ldap_get_option(ld
, LDAP_OPT_ERROR_NUMBER
, (void *)&ret
);
1786 #elif (LDAPAPI >= 15)
1787 ret
= ldap_set_lderrno(ld
, e
, m
, s
);
1789 /* this is all we care about */
1802 our_ldap_set_option(LDAP
*ld
, int option
, void *optdata
)
1807 ret
= ldap_set_option(ld
, option
, optdata
);
1810 case LDAP_OPT_TIMELIMIT
:
1811 ld
->ld_timelimit
= *(int *)optdata
;
1814 case LDAP_OPT_SIZELIMIT
:
1815 ld
->ld_sizelimit
= *(int *)optdata
;
1818 case LDAP_OPT_RESTART
:
1820 ld
->ld_options
|= LDAP_OPT_RESTART
;
1822 ld
->ld_options
&= ~LDAP_OPT_RESTART
;
1827 * Does nothing here. There is only one protocol version supported.
1829 case LDAP_OPT_PROTOCOL_VERSION
:
1834 alpine_panic("LDAP function not implemented");
1843 * Returns 1 if we can use LDAP version 3 protocol.
1846 ldap_v3_is_supported(LDAP
*ld
)
1856 static struct tl_table ldap_trans_table
[]={
1858 * TRANSLATORS: This is a list of LDAP attributes with translations to present
1859 * to the user. For example the attribute mail is Email Address and the attribute
1862 {"mail", N_("Email Address")},
1863 #define LDAP_MAIL_ATTR 0
1864 {"sn", N_("Surname")},
1865 #define LDAP_SN_ATTR 1
1866 {"givenName", N_("Given Name")},
1867 #define LDAP_GN_ATTR 2
1869 #define LDAP_CN_ATTR 3
1870 {"electronicmail", N_("Email Address")},
1871 #define LDAP_EMAIL_ATTR 4
1872 {"o", N_("Organization")},
1874 {"c", N_("Country")},
1875 {"st", N_("State or Province")},
1876 {"l", N_("Locality")},
1877 {"objectClass", N_("Object Class")},
1878 {"title", N_("Title")},
1879 {"departmentNumber", N_("Department")},
1880 {"postalAddress", N_("Postal Address")},
1881 {"homePostalAddress", N_("Home Address")},
1882 {"mailStop", N_("Mail Stop")},
1883 {"telephoneNumber", N_("Voice Telephone")},
1884 {"homePhone", N_("Home Telephone")},
1885 {"officePhone", N_("Office Telephone")},
1886 {"facsimileTelephoneNumber", N_("FAX Telephone")},
1887 {"mobile", N_("Mobile Telephone")},
1888 {"pager", N_("Pager")},
1889 {"roomNumber", N_("Room Number")},
1890 {"uid", N_("User ID")},
1895 ldap_translate(char *a
, LDAP_SERV_S
*info_used
)
1900 if(info_used
->mailattr
&& strucmp(info_used
->mailattr
, a
) == 0)
1901 return(_(ldap_trans_table
[LDAP_MAIL_ATTR
].translated
));
1902 else if(info_used
->snattr
&& strucmp(info_used
->snattr
, a
) == 0)
1903 return(_(ldap_trans_table
[LDAP_SN_ATTR
].translated
));
1904 else if(info_used
->gnattr
&& strucmp(info_used
->gnattr
, a
) == 0)
1905 return(_(ldap_trans_table
[LDAP_GN_ATTR
].translated
));
1906 else if(info_used
->cnattr
&& strucmp(info_used
->cnattr
, a
) == 0)
1907 return(_(ldap_trans_table
[LDAP_CN_ATTR
].translated
));
1910 for(i
= 0; ldap_trans_table
[i
].ldap_ese
; i
++){
1913 case LDAP_MAIL_ATTR
:
1917 case LDAP_EMAIL_ATTR
:
1921 if(strucmp(ldap_trans_table
[i
].ldap_ese
, a
) == 0)
1922 return(_(ldap_trans_table
[i
].translated
));
1929 berval_to_array(struct berval
**v
)
1934 if(v
== NULL
) return rv
;
1935 len
= ldap_count_values_len(v
);
1937 rv
= fs_get((len
+1)*sizeof(char *));
1938 for(i
= 0; i
< len
; i
++)
1939 if(ALPINE_LDAP_can_use_num(v
, i
))
1940 rv
[i
] = cpystr(v
[i
]->bv_val
);
1948 #endif /* ENABLE_LDAP */