1 #if !defined(lint) && !defined(DOS)
2 static char rcsid
[] = "$Id: ldap.c 1204 2009-02-02 19:54:23Z hubert@u.washington.edu $";
6 * ========================================================================
7 * Copyright 2013-2020 Eduardo Chappa
8 * Copyright 2006-2008 University of Washington
10 * Licensed under the Apache License, Version 2.0 (the "License");
11 * you may not use this file except in compliance with the License.
12 * You may obtain a copy of the License at
14 * http://www.apache.org/licenses/LICENSE-2.0
16 * ========================================================================
19 #include "../pith/headers.h"
20 #include "../pith/ldap.h"
21 #include "../pith/state.h"
22 #include "../pith/conf.h"
23 #include "../pith/status.h"
24 #include "../pith/util.h"
25 #include "../pith/imap.h"
26 #include "../pith/busy.h"
27 #include "../pith/signal.h"
28 #include "../pith/ablookup.h"
29 #include "../pith/readfile.h"
32 * Until we can think of a better way to do this. If user exits from an
33 * ldap address selection screen we want to return -1 so that call_builder
34 * will stay on the same line. Might want to use another return value
35 * for the builder so that call_builder more fully understands what we're
44 * Hook to allow user input on whether or not to save chosen LDAP result
46 void (*pith_opt_save_ldap_entry
)(struct pine
*, LDAP_CHOOSE_S
*, int);
52 LDAP_SERV_RES_S
*ldap_lookup(LDAP_SERV_S
*, char *, CUSTOM_FILT_S
*, WP_ERR_S
*, int);
53 LDAP_SERV_S
*copy_ldap_serv_info(LDAP_SERV_S
*);
54 int our_ldap_get_lderrno(LDAP
*, char **, char **);
55 int our_ldap_set_lderrno(LDAP
*, int, char *, char *);
56 #endif /* ENABLE_LDAP */
60 * This function does white pages lookups.
62 * Args string -- the string to use in the lookup
64 * Returns NULL -- lookup failed
65 * Address -- A single address is returned if lookup was successful.
68 wp_lookups(char *string
, WP_ERR_S
*wp_err
, int recursing
)
70 ADDRESS
*ret_a
= NULL
;
73 LDAP_SERV_RES_S
*free_when_done
= NULL
;
74 LDAPLookupStyle style
;
75 LDAP_CHOOSE_S
*winning_e
= NULL
;
76 LDAP_SERV_S
*info
= NULL
;
77 static char *fakedomain
= "@";
82 * Runtime ldap lookup of addrbook entry.
84 if(!strncmp(string
, RUN_LDAP
, LEN_RL
)){
85 LDAP_SERV_RES_S
*head_of_result_list
;
87 info
= break_up_ldap_server(string
+LEN_RL
);
88 head_of_result_list
= ldap_lookup(info
, "", NULL
, wp_err
, 1);
90 if(head_of_result_list
){
92 auwe_rv
= ask_user_which_entry(head_of_result_list
, string
,
95 wp_err
->wp_err_occurred
96 ? DisplayIfOne
: DisplayIfTwo
);
99 free_when_done
= head_of_result_list
;
102 wp_err
->wp_err_occurred
= 1;
104 q_status_message(SM_ORDER
, 3, 5, wp_err
->error
);
105 display_message('x');
106 fs_give((void **)&wp_err
->error
);
109 /* try using backup email address */
110 if(info
&& info
->mail
&& *info
->mail
){
111 tmp_a_string
= cpystr(info
->mail
);
112 rfc822_parse_adrlist(&ret_a
, tmp_a_string
, fakedomain
);
113 fs_give((void **)&tmp_a_string
);
116 cpystr(_("Directory lookup failed, using backup email address"));
120 * Do this so the awful LDAP: ... string won't show up
121 * in the composer. This shouldn't actually happen in
122 * real life, so we're not too concerned about it. If we
123 * were we'd want to recover the nickname we started with
124 * somehow, or something like that.
126 ret_a
= mail_newaddr();
127 ret_a
->mailbox
= cpystr("missing-username");
128 wp_err
->error
= cpystr(_("Directory lookup failed, no backup email address available"));
131 q_status_message(SM_ORDER
, 3, 5, wp_err
->error
);
132 display_message('x');
136 style
= F_ON(F_COMPOSE_REJECTS_UNQUAL
, ps_global
)
137 ? DisplayIfOne
: DisplayIfTwo
;
138 auwe_rv
= ldap_lookup_all(string
, as
.n_serv
, recursing
, style
, NULL
,
139 &winning_e
, wp_err
, &free_when_done
);
142 if(winning_e
&& auwe_rv
!= -5){
143 ret_a
= address_from_ldap(winning_e
);
145 if(pith_opt_save_ldap_entry
&& ret_a
&& F_ON(F_ADD_LDAP_TO_ABOOK
, ps_global
) && !info
)
146 (*pith_opt_save_ldap_entry
)(ps_global
, winning_e
, 1);
149 fs_give((void **)&winning_e
);
152 /* Info's only set in the RUN_LDAP case */
154 if(ret_a
&& ret_a
->host
){
155 ADDRESS
*backup
= NULL
;
157 if(info
->mail
&& *info
->mail
)
158 rfc822_parse_adrlist(&backup
, info
->mail
, fakedomain
);
160 if(!backup
|| !address_is_same(ret_a
, backup
)){
162 q_status_message(SM_ORDER
, 3, 5, wp_err
->error
);
163 display_message('x');
164 fs_give((void **)&wp_err
->error
);
167 snprintf(ebuf
, sizeof(ebuf
),
168 _("Warning: current address different from saved address (%s)"),
170 wp_err
->error
= cpystr(ebuf
);
171 q_status_message(SM_ORDER
, 3, 5, wp_err
->error
);
172 display_message('x');
176 mail_free_address(&backup
);
179 free_ldap_server_info(&info
);
183 free_ldap_result_list(&free_when_done
);
184 #endif /* ENABLE_LDAP */
187 if(ret_a
->mailbox
){ /* indicates there was a MAIL attribute */
188 if(!ret_a
->host
|| !ret_a
->host
[0]){
190 fs_give((void **)&ret_a
->host
);
192 ret_a
->host
= cpystr("missing-hostname");
193 wp_err
->wp_err_occurred
= 1;
195 fs_give((void **)&wp_err
->error
);
197 wp_err
->error
= cpystr(_("Missing hostname in LDAP address"));
198 q_status_message(SM_ORDER
, 3, 5, wp_err
->error
);
199 display_message('x');
202 if(!ret_a
->mailbox
[0]){
204 fs_give((void **)&ret_a
->mailbox
);
206 ret_a
->mailbox
= cpystr("missing-username");
207 wp_err
->wp_err_occurred
= 1;
209 fs_give((void **)&wp_err
->error
);
211 wp_err
->error
= cpystr(_("Missing username in LDAP address"));
212 q_status_message(SM_ORDER
, 3, 5, wp_err
->error
);
213 display_message('x');
217 wp_err
->wp_err_occurred
= 1;
220 fs_give((void **)&wp_err
->error
);
222 snprintf(ebuf
, sizeof(ebuf
), _("No email address available for \"%s\""),
223 (ret_a
->personal
&& *ret_a
->personal
)
226 wp_err
->error
= cpystr(ebuf
);
227 q_status_message(SM_ORDER
, 3, 5, wp_err
->error
);
228 display_message('x');
229 mail_free_address(&ret_a
);
241 * Goes through all servers looking up string.
243 * Args string -- String to search for
244 * who -- Which servers to look on
245 * style -- Sometimes we want to display no matter what, sometimes
246 * only if more than one entry, sometimes only if email
249 * The possible styles are:
250 * AlwaysDisplayAndMailRequired: This happens when user ^T's from
251 * composer to address book screen, and
252 * then queries directory server.
253 * AlwaysDisplay: This happens when user is browsing
254 * in address book maintenance screen and
255 * then queries directory server.
256 * DisplayIfOne: These two come from implicit lookups
257 * DisplayIfTwo: from build_address. If the compose rejects
258 * unqualified feature is on we get the
259 * DisplayIfOne, otherwise IfTwo.
261 * cust -- Use this custom filter instead of configured filters
262 * winning_e -- Return value
263 * wp_err -- Error handling
264 * free_when_done -- Caller needs to free this
266 * Returns -- value returned by ask_user_which_entry
269 ldap_lookup_all(char *string
, int who
, int recursing
, LDAPLookupStyle style
,
270 CUSTOM_FILT_S
*cust
, LDAP_CHOOSE_S
**winning_e
,
271 WP_ERR_S
*wp_err
, LDAP_SERV_RES_S
**free_when_done
)
274 LDAP_SERV_RES_S
*head_of_result_list
= NULL
;
276 wp_exit
= wp_nobail
= 0;
278 *free_when_done
= NULL
;
280 head_of_result_list
= ldap_lookup_all_work(string
, who
, recursing
,
284 retval
= ask_user_which_entry(head_of_result_list
, string
, winning_e
,
286 (wp_err
->wp_err_occurred
&&
287 style
== DisplayIfTwo
) ? DisplayIfOne
291 * Because winning_e probably points into the result list
292 * we need to leave the result list alone and have the caller
293 * free it after they are done with winning_e.
295 if(retval
!= -5 && free_when_done
)
296 *free_when_done
= head_of_result_list
;
303 * Goes through all servers looking up string.
305 * Args string -- String to search for
306 * who -- Which servers to look on
307 * cust -- Use this custom filter instead of configured filters
308 * wp_err -- Error handling
310 * Returns -- list of results that needs to be freed by caller
313 ldap_lookup_all_work(char *string
, int who
, int recursing
,
314 CUSTOM_FILT_S
*cust
, WP_ERR_S
*wp_err
)
317 LDAP_SERV_RES_S
*serv_res
;
318 LDAP_SERV_RES_S
*rr
, *head_of_result_list
= NULL
;
320 /* If there is at least one server */
321 if(ps_global
->VAR_LDAP_SERVERS
&& ps_global
->VAR_LDAP_SERVERS
[0] &&
322 ps_global
->VAR_LDAP_SERVERS
[0][0]){
323 int how_many_servers
;
325 for(i
= 0; ps_global
->VAR_LDAP_SERVERS
[i
] &&
326 ps_global
->VAR_LDAP_SERVERS
[i
][0]; i
++)
329 how_many_servers
= i
;
331 /* For each server in list */
332 for(i
= 0; !wp_exit
&& ps_global
->VAR_LDAP_SERVERS
[i
] &&
333 ps_global
->VAR_LDAP_SERVERS
[i
][0]; i
++){
336 dprint((6, "ldap_lookup_all_work: lookup on server (%.256s)\n",
337 ps_global
->VAR_LDAP_SERVERS
[i
]));
339 if(who
== -1 || who
== i
|| who
== as
.n_serv
)
340 info
= break_up_ldap_server(ps_global
->VAR_LDAP_SERVERS
[i
]);
343 * Who tells us which servers to look on.
344 * Who == -1 means all servers.
345 * Who == 0 means server[0].
346 * Who == 1 means server[1].
347 * Who == as.n_serv means query on those with impl set.
349 if(!(who
== -1 || who
== i
||
350 (who
== as
.n_serv
&& !recursing
&& info
&& info
->impl
) ||
351 (who
== as
.n_serv
&& recursing
&& info
&& info
->rhs
))){
354 free_ldap_server_info(&info
);
359 dprint((6, "ldap_lookup_all_work: ldap_lookup (server: %.20s...)(string: %s)\n",
360 ps_global
->VAR_LDAP_SERVERS
[i
], string
));
361 serv_res
= ldap_lookup(info
, string
, cust
,
362 wp_err
, how_many_servers
> 1);
364 /* Add new one to end of list so they come in the right order */
365 for(rr
= head_of_result_list
; rr
&& rr
->next
; rr
= rr
->next
)
371 head_of_result_list
= serv_res
;
375 free_ldap_server_info(&info
);
379 return(head_of_result_list
);
384 * Do an LDAP lookup to the server described in the info argument.
386 * Args info -- LDAP info for server.
387 * string -- String to lookup.
388 * cust -- Possible custom filter description.
389 * wp_err -- We set this is we get a white pages error.
390 * name_in_error -- Caller sets this if they want us to include the server
391 * name in error messages.
393 * Returns Results of lookup, NULL if lookup failed.
396 ldap_lookup(LDAP_SERV_S
*info
, char *string
, CUSTOM_FILT_S
*cust
,
397 WP_ERR_S
*wp_err
, int name_in_error
)
401 char *serv
, *base
, *serv_errstr
, *s
, *t
;
402 char *mailattr
, *snattr
, *gnattr
, *cnattr
;
403 int we_cancel
= 0, we_turned_on
= 0;
404 LDAP_SERV_RES_S
*serv_res
= NULL
;
414 serv
= cpystr((info
->serv
&& *info
->serv
) ? info
->serv
: "?");
417 snprintf(ebuf
, sizeof(ebuf
), " (%s)",
418 (info
->nick
&& *info
->nick
) ? info
->nick
: serv
);
422 serv_errstr
= cpystr(ebuf
);
423 base
= cpystr(info
->base
? info
->base
: "");
426 info
->port
= LDAP_PORT
;
429 info
->type
= DEF_LDAP_TYPE
;
432 info
->srch
= DEF_LDAP_SRCH
;
435 info
->time
= DEF_LDAP_TIME
;
438 info
->size
= DEF_LDAP_SIZE
;
441 info
->scope
= DEF_LDAP_SCOPE
;
443 mailattr
= (info
->mailattr
&& info
->mailattr
[0]) ? info
->mailattr
445 snattr
= (info
->snattr
&& info
->snattr
[0]) ? info
->snattr
447 gnattr
= (info
->gnattr
&& info
->gnattr
[0]) ? info
->gnattr
449 cnattr
= (info
->cnattr
&& info
->cnattr
[0]) ? info
->cnattr
453 * We may want to keep ldap handles open, but at least for
454 * now, re-open them every time.
457 dprint((3, "ldap_lookup(%s,%d)\n", serv
? serv
: "?", info
->port
));
459 snprintf(ebuf
, sizeof(ebuf
), "Searching%s%s%s on %s",
460 (string
&& *string
) ? " for \"" : "",
461 (string
&& *string
) ? string
: "",
462 (string
&& *string
) ? "\"" : "",
464 we_turned_on
= intr_handling_on(); /* this erases keymenu */
465 we_cancel
= busy_cue(ebuf
, NULL
, 0);
467 *(wp_err
->mangled
) = 1;
470 if(info
->tls
|| info
->tlsmust
)
471 ldapssl_client_init(NULL
, NULL
);
472 if((ld
= ldap_init(serv
, info
->port
)) == NULL
)
476 if((ld
= ldap_init(serv
, info
->port
)) == NULL
)
478 #ifdef SMIME_SSLCERTS
479 /* If we are attempting a ldaps secure connection, we need to tell
480 * ldap that we have certificates. There are many ways to do so.
481 * OpenLDAP has many ways to configure this through configuration
482 * files. For example the global (to the system) ldap.conf file, or the
483 * personal ldaprc or .ldaprc files. Setting the location of the
484 * certificates must happen at the time we call ldap_initialize, we
485 * cannot set it up before that call, nor after, so what we are going
486 * to do is to test for a .ldaprc file in the home directory. If such
487 * file exists we read it, if not we create it and if it does not have
488 * a line for the location of the certificates in the system, we add one.
489 * (so we ignore all other configuration files)
491 if(info
->ldaps
&& ps_global
->home_dir
){
493 char *text
, *tls_conf
;
494 char filename
[MAXPATH
+1];
496 build_path(filename
, ps_global
->home_dir
, ".ldaprc", sizeof(filename
));
498 if((text
= read_file(filename
, 0)) != NULL
)
500 && (tls_conf
= strstr(text
, "TLS_CACERTDIR")) != NULL
501 && (tls_conf
== text
|| *(tls_conf
- 1) == '\n')){
502 tls_conf
+= 13; /* 13 = strlen("TLS_CACERTDIR") */
503 while (isspace(*tls_conf
))
505 if(!strncmp(tls_conf
, SMIME_SSLCERTS
, strlen(SMIME_SSLCERTS
)))
512 if((so
= so_get(FileStar
, filename
, WRITE_ACCESS
)) != NULL
){
515 so_puts(so
, NEWLINE
);
517 so_puts(so
, "TLS_CACERTDIR");
519 so_puts(so
, SMIME_SSLCERTS
);
520 so_puts(so
, NEWLINE
);
525 fs_give((void **)&text
);
527 #endif /* SMIME_SSLCERTS */
529 tmp_20k_buf
[0] = '\0';
532 if ((t
= strchr(s
, ' ')) != NULL
) *t
= '\0';
533 snprintf(tmp_20k_buf
+ strlen(tmp_20k_buf
),
534 SIZEOF_20KBUF
- strlen(tmp_20k_buf
), "%s://%s",
535 info
->ldaps
? "ldaps" : "ldap", s
);
536 if (strchr(s
, ':') == NULL
){
537 snprintf(tmp_20k_buf
+ strlen(tmp_20k_buf
),
538 SIZEOF_20KBUF
- strlen(tmp_20k_buf
),
539 "%s%d", ":", info
->port
);
543 for( ; *t
== ' '; t
++);
544 snprintf(tmp_20k_buf
+ strlen(tmp_20k_buf
),
545 SIZEOF_20KBUF
- strlen(tmp_20k_buf
), "%s", " ");
550 tmp_20k_buf
[SIZEOF_20KBUF
- 1] = '\0';
552 if(ldap_initialize(&ld
, tmp_20k_buf
) != LDAP_SUCCESS
)
555 if((ld
= ldap_open(serv
, info
->port
)) == NULL
)
559 /* TRANSLATORS: All of the three args together are an error message */
560 snprintf(ebuf
, sizeof(ebuf
), _("Access to LDAP server failed: %s%s(%s)"),
561 errno
? error_description(errno
) : "",
564 wp_err
->wp_err_occurred
= 1;
566 fs_give((void **)&wp_err
->error
);
568 wp_err
->error
= cpystr(ebuf
);
572 q_status_message(SM_ORDER
, 3, 5, wp_err
->error
);
573 display_message('x');
574 dprint((2, "%s\n", ebuf
));
576 else if(!ps_global
->intr_pending
){
577 int proto
= 3, tlsmustbail
= 0;
578 char *pwd
= NULL
, user
[NETMAXUSER
];
582 struct berval passwd
= { 0 };
590 memset(&mb
, 0, sizeof(mb
));
593 if(info
->tls
|| info
->tlsmust
)
594 rc
= ldapssl_install_routines(ld
);
597 if(ldap_v3_is_supported(ld
) &&
598 our_ldap_set_option(ld
, LDAP_OPT_PROTOCOL_VERSION
, &proto
) == 0){
599 dprint((5, "ldap: using version 3 protocol\n"));
603 * If we don't set RESTART then the select() waiting for the answer
604 * in libldap will be interrupted and stopped by our busy_cue.
606 our_ldap_set_option(ld
, LDAP_OPT_RESTART
, LDAP_OPT_ON
);
609 * If we need to authenticate, get the password
611 if(info
->binddn
&& info
->binddn
[0]){
615 snprintf(hostbuf
, sizeof(hostbuf
), "{%s}dummy", info
->serv
? info
->serv
: "?");
618 * We don't handle multiple space-delimited hosts well.
619 * We don't know which we're asking for a password for.
620 * We're not connected yet so we can't know.
622 if((space
=strindex(hostbuf
, ' ')) != NULL
)
625 mail_valid_net_parse_work(hostbuf
, &mb
, info
->ldaps
? "ldaps" : "ldap");
626 mb
.port
= info
->port
;
627 mb
.tlsflag
= (info
->tls
|| info
->tlsmust
) ? 1 : 0;
628 mb
.sslflag
= info
->ldaps
? 1 : 0;
637 #else /* !_SOLARIS_SDK */
638 ((rc
=ldap_start_tls_s(ld
, NULL
, NULL
)) == LDAP_SUCCESS
)
639 #endif /* !_SOLARIS_SDK */
641 0 /* TODO: find a way to do this in Windows */
642 #endif /* _WINDOWS */
648 if((info
->tls
|| info
->tlsmust
) && !mb
.tlsflag
){
649 q_status_message(SM_ORDER
, 3, 5, "Not able to start TLS encryption for LDAP server");
655 snprintf(pmt
, sizeof(pmt
), " %s", (info
->nick
&& *info
->nick
) ? info
->nick
: serv
);
656 mm_login_work(&mb
, user
, &pwd
, pwdtrial
, pmt
, info
->binddn
);
661 passwd
.bv_len
= strlen(pwd
);
669 * LDAPv2 requires the bind. v3 doesn't require it but we want
670 * to tell the server we're v3 if the server supports v3, and if the
671 * server doesn't support v3 the bind is required.
675 || ldap_simple_bind_s(ld
, info
->binddn
, passwd
) != LDAP_SUCCESS
){
677 || ldap_sasl_bind_s(ld
, info
->binddn
, LDAP_SASL_SIMPLE
, &passwd
, NULL
, NULL
, NULL
) != LDAP_SUCCESS
){
679 wp_err
->wp_err_occurred
= 1;
681 ld_errnum
= our_ldap_get_lderrno(ld
, NULL
, &ld_errstr
);
683 if(!tlsmustbail
&& info
->binddn
&& info
->binddn
[0] && pwdtrial
< 2L
684 && ld_errnum
== LDAP_INVALID_CREDENTIALS
){
686 q_status_message(SM_ORDER
, 3, 5, _("Invalid password"));
687 goto try_password_again
;
690 snprintf(ebuf
, sizeof(ebuf
), _("LDAP server failed: %s%s%s%s"),
691 ldap_err2string(ld_errnum
),
693 (ld_errstr
&& *ld_errstr
) ? ": " : "",
694 (ld_errstr
&& *ld_errstr
) ? ld_errstr
: "");
697 fs_give((void **)&wp_err
->error
);
704 ldap_unbind_ext(ld
, NULL
, NULL
);
706 wp_err
->error
= cpystr(ebuf
);
707 q_status_message(SM_ORDER
, 3, 5, wp_err
->error
);
708 display_message('x');
709 dprint((2, "%s\n", ebuf
));
711 else if(!ps_global
->intr_pending
){
712 int srch_res
, args
, slen
, flen
;
713 #define TEMPLATELEN 512
714 char filt_template
[TEMPLATELEN
+ 1];
715 char filt_format
[2*TEMPLATELEN
+ 1];
716 char filter
[2*TEMPLATELEN
+ 1];
717 char scp
[2*TEMPLATELEN
+ 1];
719 LDAPMessage
*res
= NULL
;
720 int intr_happened
= 0;
723 tl
= (info
->time
== 0) ? info
->time
: info
->time
+ 10;
725 our_ldap_set_option(ld
, LDAP_OPT_TIMELIMIT
, &tl
);
726 our_ldap_set_option(ld
, LDAP_OPT_SIZELIMIT
, &info
->size
);
729 * If a custom filter has been passed in and it doesn't include a
730 * request to combine it with the configured filter, then replace
731 * any configured filter with the passed in filter.
733 if(cust
&& cust
->filt
&& !cust
->combine
){
735 fs_give((void **)&info
->cust
);
737 info
->cust
= cpystr(cust
->filt
);
740 if(info
->cust
&& *info
->cust
){ /* use custom filter if present */
741 strncpy(filt_template
, info
->cust
, sizeof(filt_template
));
742 filt_template
[sizeof(filt_template
)-1] = '\0';
744 else{ /* else use configured filter */
747 snprintf(filt_template
, sizeof(filt_template
), "(%s=%%s)", snattr
);
749 case LDAP_TYPE_GIVEN
:
750 snprintf(filt_template
, sizeof(filt_template
), "(%s=%%s)", gnattr
);
752 case LDAP_TYPE_EMAIL
:
753 snprintf(filt_template
, sizeof(filt_template
), "(%s=%%s)", mailattr
);
755 case LDAP_TYPE_CN_EMAIL
:
756 snprintf(filt_template
, sizeof(filt_template
), "(|(%s=%%s)(%s=%%s))", cnattr
,
759 case LDAP_TYPE_SUR_GIVEN
:
760 snprintf(filt_template
, sizeof(filt_template
), "(|(%s=%%s)(%s=%%s))",
763 case LDAP_TYPE_SEVERAL
:
764 snprintf(filt_template
, sizeof(filt_template
),
765 "(|(%s=%%s)(%s=%%s)(%s=%%s)(%s=%%s))",
766 cnattr
, mailattr
, snattr
, gnattr
);
770 snprintf(filt_template
, sizeof(filt_template
), "(%s=%%s)", cnattr
);
775 /* just copy if custom */
776 if(info
->cust
&& *info
->cust
)
777 info
->srch
= LDAP_SRCH_EQUALS
;
781 memset((void *)filt_format
, 0, sizeof(filt_format
));
783 while(*p
&& (q
- filt_format
) + 4 < sizeof(filt_format
)){
784 if(*p
== '%' && *(p
+1) == 's'){
788 case LDAP_SRCH_EQUALS
:
793 /* Append wildcard after %s */
794 case LDAP_SRCH_BEGINS
:
800 /* Insert wildcard before %s */
807 /* Put wildcard before and after %s */
809 case LDAP_SRCH_CONTAINS
:
821 if(q
- filt_format
< sizeof(filt_format
))
824 filt_format
[sizeof(filt_format
)-1] = '\0';
827 * If combine is lit we put the custom filter and the filt_format
828 * filter and combine them with an &.
830 if(cust
&& cust
->filt
&& cust
->combine
){
834 l
= strlen(filt_format
) + strlen(cust
->filt
) + 3;
835 combined
= (char *) fs_get((l
+1) * sizeof(char));
836 snprintf(combined
, l
+1, "(&%s%s)", cust
->filt
, filt_format
);
837 strncpy(filt_format
, combined
, sizeof(filt_format
));
838 filt_format
[sizeof(filt_format
)-1] = '\0';
839 fs_give((void **) &combined
);
843 * Ad hoc attempt to make "Steve Hubert" match
844 * Steven Hubert but not Steven Shubert.
845 * We replace a <SPACE> with * <SPACE> (not * <SPACE> *).
847 memset((void *)scp
, 0, sizeof(scp
));
849 strncpy(scp
, string
, sizeof(scp
));
853 while(*p
&& (q
- scp
) + 1 < sizeof(scp
)){
854 if(*p
== SPACE
&& *(p
+1) != SPACE
){
863 scp
[sizeof(scp
)-1] = '\0';
866 flen
= strlen(filt_format
);
867 /* truncate string if it will overflow filter */
868 if(args
*slen
+ flen
- 2*args
> sizeof(filter
)-1)
869 scp
[(sizeof(filter
)-1 - flen
)/args
] = '\0';
872 * Replace %s's with scp.
876 snprintf(filter
, sizeof(filter
), "%s", filt_format
);
879 snprintf(filter
, sizeof(filter
), filt_format
, scp
);
882 snprintf(filter
, sizeof(filter
), filt_format
, scp
, scp
);
885 snprintf(filter
, sizeof(filter
), filt_format
, scp
, scp
, scp
);
888 snprintf(filter
, sizeof(filter
), filt_format
, scp
, scp
, scp
, scp
);
891 snprintf(filter
, sizeof(filter
), filt_format
, scp
, scp
, scp
, scp
, scp
);
894 snprintf(filter
, sizeof(filter
), filt_format
, scp
, scp
, scp
, scp
, scp
, scp
);
897 snprintf(filter
, sizeof(filter
), filt_format
, scp
, scp
, scp
, scp
, scp
, scp
, scp
);
900 snprintf(filter
, sizeof(filter
), filt_format
, scp
, scp
, scp
, scp
, scp
, scp
, scp
,
904 snprintf(filter
, sizeof(filter
), filt_format
, scp
, scp
, scp
, scp
, scp
, scp
, scp
,
909 snprintf(filter
, sizeof(filter
), filt_format
, scp
, scp
, scp
, scp
, scp
, scp
, scp
,
914 /* replace double *'s with single *'s in filter */
915 for(p
= q
= filter
; *p
; p
++)
916 if(*p
!= '*' || p
== filter
|| *(p
-1) != '*')
921 (void) removing_double_quotes(base
);
922 dprint((5, "about to ldap_search(\"%s\", %s)\n",
923 base
? base
: "?", filter
? filter
: "?"));
924 if(ps_global
->intr_pending
)
925 srch_res
= LDAP_PROTOCOL_ERROR
;
929 struct timeval tv
= {0}, *tvp
= NULL
;
931 memset((void *)&tv
, 0, sizeof(struct timeval
));
932 tv
.tv_sec
= info
->time
;
935 start_time
= time((time_t *)0);
937 dprint((6, "ldap_lookup: calling ldap_search\n"));
939 msgid
= ldap_search(ld
, base
, info
->scope
, filter
, NULL
, 0);
941 if(ldap_search_ext(ld
, base
, info
->scope
, filter
, NULL
, 0,
942 NULL
, NULL
, tvp
, info
->size
, &msgid
) != LDAP_SUCCESS
)
947 srch_res
= our_ldap_get_lderrno(ld
, NULL
, NULL
);
951 * Warning: struct timeval is not portable. However, since it is
952 * part of LDAP api it must be portable to all platforms LDAP
953 * has been ported to.
957 t
.tv_sec
= 1; t
.tv_usec
= 0;
960 if(ps_global
->intr_pending
)
963 dprint((6, "ldap_result(id=%d): ", msgid
));
964 if((lres
=ldap_result(ld
, msgid
, LDAP_MSG_ALL
, &t
, &res
)) == -1){
966 srch_res
= our_ldap_get_lderrno(ld
, NULL
, NULL
);
967 dprint((6, "error (-1 returned): ld_errno=%d\n",
970 else if(lres
== 0){ /* timeout, no results available */
973 ldap_abandon(ld
, msgid
);
975 ldap_abandon_ext(ld
, msgid
, NULL
, NULL
);
977 srch_res
= LDAP_PROTOCOL_ERROR
;
978 if(our_ldap_get_lderrno(ld
, NULL
, NULL
) == LDAP_SUCCESS
)
979 our_ldap_set_lderrno(ld
, LDAP_PROTOCOL_ERROR
, NULL
, NULL
);
981 dprint((6, "timeout, intr: srch_res=%d\n",
984 else if(info
->time
> 0 &&
985 ((long)time((time_t *)0) - start_time
) > info
->time
){
986 /* try for partial results */
987 t
.tv_sec
= 0; t
.tv_usec
= 0;
988 lres
= ldap_result(ld
, msgid
, LDAP_MSG_RECEIVED
, &t
, &res
);
989 if(lres
> 0 && lres
!= LDAP_RES_SEARCH_RESULT
){
990 srch_res
= LDAP_SUCCESS
;
991 dprint((6, "partial result: lres=0x%x\n", lres
));
996 ldap_abandon(ld
, msgid
);
998 ldap_abandon_ext(ld
, msgid
, NULL
, NULL
);
1001 srch_res
= LDAP_TIMEOUT
;
1002 if(our_ldap_get_lderrno(ld
, NULL
, NULL
) == LDAP_SUCCESS
)
1003 our_ldap_set_lderrno(ld
, LDAP_TIMEOUT
, NULL
, NULL
);
1006 "timeout, total_time (%d), srch_res=%d\n",
1007 info
->time
, srch_res
));
1011 dprint((6, "timeout\n"));
1016 srch_res
= ldap_result2error(ld
, res
, 0);
1017 dprint((6, "lres=0x%x, srch_res=%d\n", lres
,
1021 char *dn
, *text
, **ref
;
1024 dn
= text
= NULL
; ref
= NULL
; srv
= NULL
;
1025 srch_res
= ldap_parse_result(ld
, res
,
1026 &err
, &dn
, &text
, &ref
, &srv
, 0);
1027 dprint((6, "lres=0x%x, srch_res=%d, dn=%s, text=%s\n", lres
,
1028 srch_res
, dn
? dn
: "", text
? text
: ""));
1029 if(dn
) ber_memfree(dn
);
1030 if(text
) ber_memfree(text
);
1031 if(ref
) ber_memvfree((void **) ref
);
1032 if(srv
) ldap_controls_free(srv
);
1038 ((long)time((time_t *)0) - start_time
) > info
->time
)));
1045 cancel_busy_cue(-1);
1048 fs_give((void **)&wp_err
->error
);
1050 q_status_message(SM_ORDER
, 0, 1, "Interrupt");
1051 display_message('x');
1061 ldap_unbind_ext(ld
, NULL
, NULL
);
1064 res
= NULL
; ld
= NULL
;
1066 else if(srch_res
!= LDAP_SUCCESS
&&
1067 srch_res
!= LDAP_TIMELIMIT_EXCEEDED
&&
1068 srch_res
!= LDAP_RESULTS_TOO_LARGE
&&
1069 srch_res
!= LDAP_TIMEOUT
&&
1070 srch_res
!= LDAP_SIZELIMIT_EXCEEDED
){
1071 wp_err
->wp_err_occurred
= 1;
1073 ld_errnum
= our_ldap_get_lderrno(ld
, NULL
, &ld_errstr
);
1075 snprintf(ebuf
, sizeof(ebuf
), _("LDAP search failed: %s%s%s%s"),
1076 ldap_err2string(ld_errnum
),
1078 (ld_errstr
&& *ld_errstr
) ? ": " : "",
1079 (ld_errstr
&& *ld_errstr
) ? ld_errstr
: "");
1082 fs_give((void **)&wp_err
->error
);
1084 wp_err
->error
= cpystr(ebuf
);
1086 cancel_busy_cue(-1);
1088 q_status_message(SM_ORDER
, 3, 5, wp_err
->error
);
1089 display_message('x');
1090 dprint((2, "%s\n", ebuf
));
1097 ldap_unbind_ext(ld
, NULL
, NULL
);
1100 res
= NULL
; ld
= NULL
;
1105 cnt
= ldap_count_entries(ld
, res
);
1109 if(srch_res
== LDAP_TIMELIMIT_EXCEEDED
||
1110 srch_res
== LDAP_RESULTS_TOO_LARGE
||
1111 srch_res
== LDAP_TIMEOUT
||
1112 srch_res
== LDAP_SIZELIMIT_EXCEEDED
){
1113 wp_err
->wp_err_occurred
= 1;
1114 ld_errnum
= our_ldap_get_lderrno(ld
, NULL
, &ld_errstr
);
1116 snprintf(ebuf
, sizeof(ebuf
), _("LDAP partial results: %s%s%s%s"),
1117 ldap_err2string(ld_errnum
),
1119 (ld_errstr
&& *ld_errstr
) ? ": " : "",
1120 (ld_errstr
&& *ld_errstr
) ? ld_errstr
: "");
1121 dprint((2, "%s\n", ebuf
));
1123 fs_give((void **)&wp_err
->error
);
1125 wp_err
->error
= cpystr(ebuf
);
1127 cancel_busy_cue(-1);
1129 q_status_message(SM_ORDER
, 3, 5, wp_err
->error
);
1130 display_message('x');
1133 dprint((5, "Matched %d entries on %s\n",
1134 cnt
, serv
? serv
: "?"));
1136 serv_res
= (LDAP_SERV_RES_S
*)fs_get(sizeof(LDAP_SERV_RES_S
));
1137 memset((void *)serv_res
, 0, sizeof(*serv_res
));
1139 serv_res
->res
= res
;
1140 serv_res
->info_used
= copy_ldap_serv_info(info
);
1141 /* Save by reference? */
1143 snprintf(buf
, sizeof(buf
), "%s:%s", serv
, comatose(info
->port
));
1144 serv_res
->serv
= cpystr(buf
);
1147 serv_res
->serv
= NULL
;
1149 serv_res
->next
= NULL
;
1152 if(srch_res
== LDAP_TIMELIMIT_EXCEEDED
||
1153 srch_res
== LDAP_RESULTS_TOO_LARGE
||
1154 srch_res
== LDAP_TIMEOUT
||
1155 srch_res
== LDAP_SIZELIMIT_EXCEEDED
){
1156 wp_err
->wp_err_occurred
= 1;
1157 wp_err
->ldap_errno
= srch_res
;
1159 ld_errnum
= our_ldap_get_lderrno(ld
, NULL
, &ld_errstr
);
1161 snprintf(ebuf
, sizeof(ebuf
), _("LDAP search failed: %s%s%s%s"),
1162 ldap_err2string(ld_errnum
),
1164 (ld_errstr
&& *ld_errstr
) ? ": " : "",
1165 (ld_errstr
&& *ld_errstr
) ? ld_errstr
: "");
1168 fs_give((void **)&wp_err
->error
);
1170 wp_err
->error
= cpystr(ebuf
);
1172 cancel_busy_cue(-1);
1174 q_status_message(SM_ORDER
, 3, 5, wp_err
->error
);
1175 display_message('x');
1176 dprint((2, "%s\n", ebuf
));
1179 dprint((5, "Matched 0 entries on %s\n",
1180 serv
? serv
: "?"));
1187 ldap_unbind_ext(ld
, NULL
, NULL
);
1190 res
= NULL
; ld
= NULL
;
1195 fs_give((void **) &pwd
);
1199 cancel_busy_cue(-1);
1202 intr_handling_off();
1205 fs_give((void **)&serv
);
1207 fs_give((void **)&base
);
1209 fs_give((void **)&serv_errstr
);
1216 * Given a list of entries, present them to user so user may
1219 * Args head -- The head of the list of results
1220 * orig -- The string the user was searching for
1221 * result -- Returned pointer to chosen LDAP_SEARCH_WINNER or NULL
1222 * wp_err -- Error handling
1226 * -1 Exit chosen by user
1227 * -2 None of matched entries had an email address
1228 * -3 No matched entries
1229 * -4 Goback to Abook List chosen by user
1230 * -5 caller shouldn't free head
1233 ask_user_which_entry(LDAP_SERV_RES_S
*head
, char *orig
, LDAP_CHOOSE_S
**result
,
1234 WP_ERR_S
*wp_err
, LDAPLookupStyle style
)
1240 dprint((3, "ask_user_which(style=%s)\n",
1241 style
== AlwaysDisplayAndMailRequired
? "AlwaysDisplayAndMailRequired" :
1242 style
== AlwaysDisplay
? "AlwaysDisplay" :
1243 style
== DisplayIfTwo
? "DisplayIfTwo" :
1244 style
== DisplayForURL
? "DisplayForURL" :
1245 style
== DisplayIfOne
? "DisplayIfOne" : "?"));
1248 * Set up a screen for user to choose one entry.
1251 if(style
== AlwaysDisplay
|| style
== DisplayForURL
)
1252 snprintf(t
, sizeof(t
), "SEARCH RESULTS INDEX");
1257 snprintf(t
, sizeof(t
), _("SELECT ONE ADDRESS%s%s%s"),
1258 (orig
&& *orig
&& len
< 40) ? " FOR \"" : "",
1259 (orig
&& *orig
&& len
< 40) ? orig
: "",
1260 (orig
&& *orig
&& len
< 40) ? "\"" : "");
1263 memset(&ac
, 0, sizeof(ADDR_CHOOSE_S
));
1264 ac
.title
= cpystr(t
);
1267 retval
= ldap_addr_select(ps_global
, &ac
, result
, style
, wp_err
, orig
);
1273 case -1: /* Exit chosen by user */
1277 case -4: /* GoBack to AbookList chosen by user */
1285 if(style
!= AlwaysDisplay
){
1287 fs_give((void **)&wp_err
->error
);
1290 cpystr(_("None of the names matched on directory server has an email address"));
1291 q_status_message(SM_ORDER
, 3, 5, wp_err
->error
);
1292 display_message('x');
1298 if(style
== AlwaysDisplayAndMailRequired
){
1300 fs_give((void **)&wp_err
->error
);
1302 wp_err
->error
= cpystr(_("No matches on directory server"));
1303 q_status_message(SM_ORDER
, 3, 5, wp_err
->error
);
1304 display_message('x');
1310 fs_give((void **)&ac
.title
);
1317 address_from_ldap(LDAP_CHOOSE_S
*winning_e
)
1319 ADDRESS
*ret_a
= NULL
;
1325 ret_a
= mail_newaddr();
1326 for(a
= ldap_first_attribute(winning_e
->ld
, winning_e
->selected_entry
, &ber
);
1328 a
= ldap_next_attribute(winning_e
->ld
, winning_e
->selected_entry
, ber
)){
1331 struct berval
**vals
;
1333 dprint((9, "attribute: %s\n", a
? a
: "?"));
1334 if(!ret_a
->personal
&&
1335 strcmp(a
, winning_e
->info_used
->cnattr
) == 0){
1336 dprint((9, "Got cnattr:"));
1337 vals
= ldap_get_values_len(winning_e
->ld
, winning_e
->selected_entry
, a
);
1338 for(i
= 0; i
< ldap_count_values_len(vals
); i
++)
1340 vals
[i
] ? vals
[i
]->bv_val
: "?"));
1342 if(ALPINE_LDAP_can_use(vals
))
1343 ret_a
->personal
= cpystr(vals
[0]->bv_val
);
1345 ldap_value_free_len(vals
);
1347 else if(!ret_a
->mailbox
&&
1348 strcmp(a
, winning_e
->info_used
->mailattr
) == 0){
1349 dprint((9, "Got mailattr:"));
1350 vals
= ldap_get_values_len(winning_e
->ld
, winning_e
->selected_entry
, a
);
1351 for(i
= 0; i
< ldap_count_values_len(vals
); i
++)
1353 vals
[i
] ? vals
[i
]->bv_val
: "?"));
1356 if(ALPINE_LDAP_can_use(vals
)){
1357 if((p
= strindex(vals
[0]->bv_val
, '@')) != NULL
){
1358 ret_a
->host
= cpystr(p
+1);
1362 ret_a
->mailbox
= cpystr(vals
[0]->bv_val
);
1365 ldap_value_free_len(vals
);
1368 our_ldap_memfree(a
);
1377 * Break up the ldap-server string stored in the pinerc into its
1378 * parts. The structure is allocated here and should be freed by the caller.
1380 * The original string looks like
1381 * <servername>[:port] <SPACE> "/base=<base>/impl=1/..."
1383 * Args serv_str -- The original string from the pinerc to parse.
1385 * Returns A pointer to a structure with filled in answers.
1387 * Some of the members have defaults. If port is -1, that means to use
1388 * the default LDAP_PORT. If base is NULL, use "". Type and srch have
1389 * defaults defined in alpine.h. If cust is non-NULL, it overrides type and
1393 break_up_ldap_server(char *serv_str
)
1397 int i
, only_one
= 1;
1398 LDAP_SERV_S
*info
= NULL
;
1403 info
= (LDAP_SERV_S
*)fs_get(sizeof(LDAP_SERV_S
));
1406 * Initialize to defaults.
1408 memset((void *)info
, 0, sizeof(*info
));
1416 /* copy the whole string to work on */
1417 lserv
= cpystr(serv_str
);
1419 removing_trailing_white_space(lserv
);
1421 if(!lserv
|| !*lserv
|| *lserv
== '"'){
1423 fs_give((void **)&lserv
);
1426 free_ldap_server_info(&info
);
1432 while((tail
= strindex(tail
, SPACE
)) != NULL
){
1434 if(*tail
== '"' || *tail
== '/'){
1442 /* tail is the part after server[:port] <SPACE> */
1444 removing_leading_white_space(tail
);
1445 (void)removing_double_quotes(tail
);
1448 /* get the optional port number */
1449 if(only_one
&& (q
= strindex(lserv
, ':')) != NULL
){
1453 if((ldapport
= atoi(q
+1)) >= 0)
1454 info
->port
= ldapport
;
1457 /* use lserv for serv even though it has a few extra bytes alloced */
1461 /* get the search base */
1462 if((q
= srchstr(tail
, "/base=")) != NULL
)
1463 info
->base
= remove_backslash_escapes(q
+6);
1465 if((q
= srchstr(tail
, "/binddn=")) != NULL
)
1466 info
->binddn
= remove_backslash_escapes(q
+8);
1468 /* get the implicit parameter */
1469 if((q
= srchstr(tail
, "/impl=1")) != NULL
)
1472 /* get the rhs parameter */
1473 if((q
= srchstr(tail
, "/rhs=1")) != NULL
)
1476 /* get the ref parameter */
1477 if((q
= srchstr(tail
, "/ref=1")) != NULL
)
1480 /* get the nosub parameter */
1481 if((q
= srchstr(tail
, "/nosub=1")) != NULL
)
1484 /* get the tls parameter */
1485 if((q
= srchstr(tail
, "/tls=1")) != NULL
)
1488 /* get the tlsmust parameter */
1489 if((q
= srchstr(tail
, "/tlsm=1")) != NULL
)
1492 /* get the ldaps parameter */
1493 if((q
= srchstr(tail
, "/ldaps=1")) != NULL
)
1496 /* get the search type value */
1497 if((q
= srchstr(tail
, "/type=")) != NULL
){
1501 if((p
= strindex(q
, '/')) != NULL
)
1504 for(i
= 0; (v
= ldap_search_types(i
)); i
++)
1505 if(!strucmp(q
, v
->name
)){
1506 info
->type
= v
->value
;
1514 /* get the search rule value */
1515 if((q
= srchstr(tail
, "/srch=")) != NULL
){
1519 if((p
= strindex(q
, '/')) != NULL
)
1522 for(i
= 0; (v
= ldap_search_rules(i
)); i
++)
1523 if(!strucmp(q
, v
->name
)){
1524 info
->srch
= v
->value
;
1533 if((q
= srchstr(tail
, "/scope=")) != NULL
){
1537 if((p
= strindex(q
, '/')) != NULL
)
1540 for(i
= 0; (v
= ldap_search_scope(i
)); i
++)
1541 if(!strucmp(q
, v
->name
)){
1542 info
->scope
= v
->value
;
1550 /* get the time limit */
1551 if((q
= srchstr(tail
, "/time=")) != NULL
){
1553 if((p
= strindex(q
, '/')) != NULL
)
1556 /* This one's a number */
1560 err
= strtoval(q
, &i
, 0, 500, 0, tmp_20k_buf
, SIZEOF_20KBUF
, "ldap timelimit");
1562 dprint((1, "%s\n", err
? err
: "?"));
1572 /* get the size limit */
1573 if((q
= srchstr(tail
, "/size=")) != NULL
){
1575 if((p
= strindex(q
, '/')) != NULL
)
1578 /* This one's a number */
1582 err
= strtoval(q
, &i
, 0, 500, 0, tmp_20k_buf
, SIZEOF_20KBUF
, "ldap sizelimit");
1584 dprint((1, "%s\n", err
? err
: "?"));
1594 /* get the custom search filter */
1595 if((q
= srchstr(tail
, "/cust=")) != NULL
)
1596 info
->cust
= remove_backslash_escapes(q
+6);
1598 /* get the nickname */
1599 if((q
= srchstr(tail
, "/nick=")) != NULL
)
1600 info
->nick
= remove_backslash_escapes(q
+6);
1602 /* get the mail attribute name */
1603 if((q
= srchstr(tail
, "/matr=")) != NULL
)
1604 info
->mailattr
= remove_backslash_escapes(q
+6);
1606 /* get the sn attribute name */
1607 if((q
= srchstr(tail
, "/satr=")) != NULL
)
1608 info
->snattr
= remove_backslash_escapes(q
+6);
1610 /* get the gn attribute name */
1611 if((q
= srchstr(tail
, "/gatr=")) != NULL
)
1612 info
->gnattr
= remove_backslash_escapes(q
+6);
1614 /* get the cn attribute name */
1615 if((q
= srchstr(tail
, "/catr=")) != NULL
)
1616 info
->cnattr
= remove_backslash_escapes(q
+6);
1618 /* get the backup mail address */
1619 if((q
= srchstr(tail
, "/mail=")) != NULL
)
1620 info
->mail
= remove_backslash_escapes(q
+6);
1628 free_ldap_server_info(LDAP_SERV_S
**info
)
1632 fs_give((void **)&(*info
)->serv
);
1635 fs_give((void **)&(*info
)->base
);
1638 fs_give((void **)&(*info
)->cust
);
1641 fs_give((void **)&(*info
)->binddn
);
1644 fs_give((void **)&(*info
)->nick
);
1647 fs_give((void **)&(*info
)->mail
);
1649 if((*info
)->mailattr
)
1650 fs_give((void **)&(*info
)->mailattr
);
1653 fs_give((void **)&(*info
)->snattr
);
1656 fs_give((void **)&(*info
)->gnattr
);
1659 fs_give((void **)&(*info
)->cnattr
);
1661 fs_give((void **)info
);
1668 copy_ldap_serv_info(LDAP_SERV_S
*src
)
1670 LDAP_SERV_S
*info
= NULL
;
1673 info
= (LDAP_SERV_S
*) fs_get(sizeof(*info
));
1676 * Initialize to defaults.
1678 memset((void *)info
, 0, sizeof(*info
));
1680 info
->serv
= src
->serv
? cpystr(src
->serv
) : NULL
;
1681 info
->base
= src
->base
? cpystr(src
->base
) : NULL
;
1682 info
->cust
= src
->cust
? cpystr(src
->cust
) : NULL
;
1683 info
->binddn
= src
->binddn
? cpystr(src
->binddn
) : NULL
;
1684 info
->nick
= src
->nick
? cpystr(src
->nick
) : NULL
;
1685 info
->mail
= src
->mail
? cpystr(src
->mail
) : NULL
;
1686 info
->mailattr
= cpystr((src
->mailattr
&& src
->mailattr
[0])
1687 ? src
->mailattr
: DEF_LDAP_MAILATTR
);
1688 info
->snattr
= cpystr((src
->snattr
&& src
->snattr
[0])
1689 ? src
->snattr
: DEF_LDAP_SNATTR
);
1690 info
->gnattr
= cpystr((src
->gnattr
&& src
->gnattr
[0])
1691 ? src
->gnattr
: DEF_LDAP_GNATTR
);
1692 info
->cnattr
= cpystr((src
->cnattr
&& src
->cnattr
[0])
1693 ? src
->cnattr
: DEF_LDAP_CNATTR
);
1695 info
->port
= (src
->port
< 0) ? LDAP_PORT
: src
->port
;
1696 info
->time
= (src
->time
< 0) ? DEF_LDAP_TIME
: src
->time
;
1697 info
->size
= (src
->size
< 0) ? DEF_LDAP_SIZE
: src
->size
;
1698 info
->type
= (src
->type
< 0) ? DEF_LDAP_TYPE
: src
->type
;
1699 info
->srch
= (src
->srch
< 0) ? DEF_LDAP_SRCH
: src
->srch
;
1700 info
->scope
= (src
->scope
< 0) ? DEF_LDAP_SCOPE
: src
->scope
;
1701 info
->impl
= src
->impl
;
1702 info
->rhs
= src
->rhs
;
1703 info
->ref
= src
->ref
;
1704 info
->nosub
= src
->nosub
;
1705 info
->tls
= src
->tls
;
1713 free_ldap_result_list(LDAP_SERV_RES_S
**r
)
1716 free_ldap_result_list(&(*r
)->next
);
1718 ldap_msgfree((*r
)->res
);
1721 ldap_unbind((*r
)->ld
);
1723 ldap_unbind_ext((*r
)->ld
, NULL
, NULL
);
1726 free_ldap_server_info(&(*r
)->info_used
);
1728 fs_give((void **) &(*r
)->serv
);
1730 fs_give((void **) r
);
1736 * Mask API differences.
1739 our_ldap_memfree(void *a
)
1749 * Mask API differences.
1752 our_ldap_dn_memfree(void *a
)
1754 #if defined(_WINDOWS)
1773 our_ldap_get_lderrno(LDAP
*ld
, char **m
, char **s
)
1777 #if (LDAPAPI >= 2000)
1778 if(ldap_get_option(ld
, LDAP_OPT_ERROR_NUMBER
, (void *)&ret
) == 0){
1780 ldap_get_option(ld
, LDAP_OPT_ERROR_STRING
, (void *)s
);
1782 #elif (LDAPAPI >= 15)
1783 ret
= ldap_get_lderrno(ld
, m
, s
);
1798 our_ldap_set_lderrno(LDAP
*ld
, int e
, char *m
, char *s
)
1802 #if (LDAPAPI >= 2000)
1803 if(ldap_set_option(ld
, LDAP_OPT_ERROR_NUMBER
, (void *)&e
) == 0)
1806 (void)ldap_get_option(ld
, LDAP_OPT_ERROR_NUMBER
, (void *)&ret
);
1807 #elif (LDAPAPI >= 15)
1808 ret
= ldap_set_lderrno(ld
, e
, m
, s
);
1810 /* this is all we care about */
1823 our_ldap_set_option(LDAP
*ld
, int option
, void *optdata
)
1828 ret
= ldap_set_option(ld
, option
, optdata
);
1831 case LDAP_OPT_TIMELIMIT
:
1832 ld
->ld_timelimit
= *(int *)optdata
;
1835 case LDAP_OPT_SIZELIMIT
:
1836 ld
->ld_sizelimit
= *(int *)optdata
;
1839 case LDAP_OPT_RESTART
:
1841 ld
->ld_options
|= LDAP_OPT_RESTART
;
1843 ld
->ld_options
&= ~LDAP_OPT_RESTART
;
1848 * Does nothing here. There is only one protocol version supported.
1850 case LDAP_OPT_PROTOCOL_VERSION
:
1855 alpine_panic("LDAP function not implemented");
1864 * Returns 1 if we can use LDAP version 3 protocol.
1867 ldap_v3_is_supported(LDAP
*ld
)
1877 static struct tl_table ldap_trans_table
[]={
1879 * TRANSLATORS: This is a list of LDAP attributes with translations to present
1880 * to the user. For example the attribute mail is Email Address and the attribute
1883 {"mail", N_("Email Address")},
1884 #define LDAP_MAIL_ATTR 0
1885 {"sn", N_("Surname")},
1886 #define LDAP_SN_ATTR 1
1887 {"givenName", N_("Given Name")},
1888 #define LDAP_GN_ATTR 2
1890 #define LDAP_CN_ATTR 3
1891 {"electronicmail", N_("Email Address")},
1892 #define LDAP_EMAIL_ATTR 4
1893 {"o", N_("Organization")},
1895 {"c", N_("Country")},
1896 {"st", N_("State or Province")},
1897 {"l", N_("Locality")},
1898 {"objectClass", N_("Object Class")},
1899 {"title", N_("Title")},
1900 {"departmentNumber", N_("Department")},
1901 {"postalAddress", N_("Postal Address")},
1902 {"homePostalAddress", N_("Home Address")},
1903 {"mailStop", N_("Mail Stop")},
1904 {"telephoneNumber", N_("Voice Telephone")},
1905 {"homePhone", N_("Home Telephone")},
1906 {"officePhone", N_("Office Telephone")},
1907 {"facsimileTelephoneNumber", N_("FAX Telephone")},
1908 {"mobile", N_("Mobile Telephone")},
1909 {"pager", N_("Pager")},
1910 {"roomNumber", N_("Room Number")},
1911 {"uid", N_("User ID")},
1916 ldap_translate(char *a
, LDAP_SERV_S
*info_used
)
1921 if(info_used
->mailattr
&& strucmp(info_used
->mailattr
, a
) == 0)
1922 return(_(ldap_trans_table
[LDAP_MAIL_ATTR
].translated
));
1923 else if(info_used
->snattr
&& strucmp(info_used
->snattr
, a
) == 0)
1924 return(_(ldap_trans_table
[LDAP_SN_ATTR
].translated
));
1925 else if(info_used
->gnattr
&& strucmp(info_used
->gnattr
, a
) == 0)
1926 return(_(ldap_trans_table
[LDAP_GN_ATTR
].translated
));
1927 else if(info_used
->cnattr
&& strucmp(info_used
->cnattr
, a
) == 0)
1928 return(_(ldap_trans_table
[LDAP_CN_ATTR
].translated
));
1931 for(i
= 0; ldap_trans_table
[i
].ldap_ese
; i
++){
1934 case LDAP_MAIL_ATTR
:
1938 case LDAP_EMAIL_ATTR
:
1942 if(strucmp(ldap_trans_table
[i
].ldap_ese
, a
) == 0)
1943 return(_(ldap_trans_table
[i
].translated
));
1950 berval_to_array(struct berval
**v
)
1955 if(v
== NULL
) return rv
;
1956 len
= ldap_count_values_len(v
);
1958 rv
= fs_get((len
+1)*sizeof(char *));
1959 for(i
= 0; i
< len
; i
++)
1960 if(ALPINE_LDAP_can_use_num(v
, i
))
1961 rv
[i
] = cpystr(v
[i
]->bv_val
);
1969 #endif /* ENABLE_LDAP */