/*
- $Id: ldap.c,v 1.7 2010-04-23 11:37:06 franklahm Exp $
Copyright (c) 2008,2009 Frank Lahm <franklahm@gmail.com>
This program is free software; you can redistribute it and/or modify
#include "config.h"
#endif /* HAVE_CONFIG_H */
+#ifdef HAVE_LDAP
+
#include <stdio.h>
#include <stdlib.h>
#include <sys/time.h>
#include <string.h>
#include <errno.h>
+#define LDAP_DEPRECATED 1
#include <ldap.h>
#include <atalk/logger.h>
char **attribute_values = NULL;
struct timeval timeout;
- LOG(log_maxdebug, logtype_afpd,"ldap_getattr_fromfilter_withbase_scope: BEGIN");
+ LOG(log_maxdebug, logtype_afpd,"ldap: BEGIN");
timeout.tv_sec = 3;
timeout.tv_usec = 0;
ret = 0;
if (ld == NULL) {
- LOG(log_maxdebug, logtype_default, "ldap_getattr_fromfilter_withbase_scope: LDAP server: \"%s\"",
+ LOG(log_maxdebug, logtype_default, "ldap: server: \"%s\"",
ldap_server);
if ((ld = ldap_init(ldap_server, LDAP_PORT)) == NULL ) {
- LOG(log_error, logtype_default, "ldap_getattr_fromfilter_withbase_scope: ldap_init error: %s",
+ LOG(log_error, logtype_default, "ldap: ldap_init error: %s",
strerror(errno));
return -1;
}
if (ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &desired_version) != 0) {
/* LDAP_OPT_SUCCESS is not in the proposed standard, so we check for 0
http://tools.ietf.org/id/draft-ietf-ldapext-ldap-c-api-05.txt */
- LOG(log_error, logtype_default, "ldap_getattr_fromfilter_withbase_scope: ldap_set_option failed!");
+ LOG(log_error, logtype_default, "ldap: ldap_set_option failed!");
free(ld);
ld = NULL;
return -1;
if (!ldapconnected) {
if (LDAP_AUTH_NONE == ldap_auth_method) {
if (ldap_bind_s(ld, "", "", LDAP_AUTH_SIMPLE) != LDAP_SUCCESS ) {
- LOG(log_error, logtype_default, "ldap_getattr_fromfilter_withbase_scope: ldap_bind failed!");
- LOG(log_error, logtype_default, "ldap_auth_method: \'%d\'", ldap_auth_method);
+ LOG(log_error, logtype_default, "ldap: ldap_bind failed, auth_method: \'%d\'",
+ ldap_auth_method);
free(ld);
ld = NULL;
return -1;
} else if (LDAP_AUTH_SIMPLE == ldap_auth_method) {
if (ldap_bind_s(ld, ldap_auth_dn, ldap_auth_pw, ldap_auth_method) != LDAP_SUCCESS ) {
- LOG(log_error, logtype_default, "ldap_getattr_fromfilter_withbase_scope: ldap_bind failed!");
- LOG(log_error, logtype_default, "ldap_auth_dn: \'%s\', ldap_auth_pw: \'%s\', ldap_auth_method: \'%d\'",
+ LOG(log_error, logtype_default,
+ "ldap: ldap_bind failed: ldap_auth_dn: \'%s\', ldap_auth_pw: \'%s\', ldap_auth_method: \'%d\'",
ldap_auth_dn, ldap_auth_pw, ldap_auth_method);
free(ld);
ld = NULL;
ldapconnected = 1;
}
}
- /* ldapconnected and ld are now always 1 and != NULL which is important when dealing w. errors*/
- LOG(log_maxdebug, logtype_afpd, "LDAP start search: base: %s, filter: %s, attr: %s",
+ LOG(log_maxdebug, logtype_afpd, "ldap: start search: base: %s, filter: %s, attr: %s",
searchbase, filter, attributes[0]);
/* start LDAP search */
ldaperr = ldap_search_st(ld, searchbase, scope, filter, attributes, 0, &timeout, &msg);
- LOG(log_maxdebug, logtype_default, "ldap_getattr_fromfilter_withbase_scope: ldap_search_st returned: %s, %u",
- ldap_err2string(ldaperr), ldaperr);
+ LOG(log_maxdebug, logtype_default, "ldap: ldap_search_st returned: %s",
+ ldap_err2string(ldaperr));
if (ldaperr != LDAP_SUCCESS) {
- if (retrycount >= 1)
- LOG(log_error, logtype_default, "ldap_getattr_fromfilter_withbase_scope: ldap_search_st failed: %s", ldap_err2string(ldaperr));
+ LOG(log_error, logtype_default, "ldap: ldap_search_st failed: %s, retrycount: %i",
+ ldap_err2string(ldaperr), retrycount);
ret = -1;
goto cleanup;
}
/* parse search result */
- LOG(log_maxdebug, logtype_default, "ldap_getuuidfromname: got %d entries from ldap search",
+ LOG(log_maxdebug, logtype_default, "ldap: got %d entries from ldap search",
ldap_count_entries(ld, msg));
- if (ldap_count_entries(ld, msg) != 1) {
+ if ((ret = ldap_count_entries(ld, msg)) != 1) {
ret = 0;
goto cleanup;
}
entry = ldap_first_entry(ld, msg);
if (entry == NULL) {
- LOG(log_error, logtype_default, "ldap_getattr_fromfilter_withbase_scope: error in ldap_first_entry");
+ LOG(log_error, logtype_default, "ldap: ldap_first_entry error");
ret = -1;
goto cleanup;
}
attribute_values = ldap_get_values(ld, entry, attributes[0]);
if (attribute_values == NULL) {
- LOG(log_error, logtype_default, "ldap_getattr_fromfilter_withbase_scope: error in ldap_get_values");
+ LOG(log_error, logtype_default, "ldap: ldap_get_values error");
ret = -1;
goto cleanup;
}
* Interface
********************************************************/
-/*
- * returns allocated storage in uuid_string, caller must free it
- * returns 0 on success, -1 on error or not found
+/*!
+ * Search UUID for name in LDAP
+ *
+ * Caller must free uuid_string when done with it
+ *
+ * @param name (r) name to search
+ * @param type (r) type of USER or GROUP
+ * @param uuid_string (w) result as pointer to allocated UUID-string
+ *
+ * @returns 0 on success, -1 on error or not found
*/
int ldap_getuuidfromname( const char *name, uuidtype_t type, char **uuid_string) {
int ret;
char *attributes[] = { ldap_uuid_attr, NULL};
char *ldap_attr;
+ if (!ldap_config_valid)
+ return -1;
+
/* make filter */
if (type == UUID_GROUP)
ldap_attr = ldap_group_attr;
* LDAP search wrapper
* returns allocated storage in name, caller must free it
* returns 0 on success, -1 on error or not found
+ *
+ * @param uuidstr (r) uuid to search as ascii string
+ * @param name (w) return pointer to name as allocated string
+ * @param type (w) return type: USER or GROUP
+ *
+ * returns 0 on success, -1 on errror
*/
-int ldap_getnamefromuuid( char *uuidstr, char **name, uuidtype_t *type) {
+int ldap_getnamefromuuid( const char *uuidstr, char **name, uuidtype_t *type) {
int ret;
int len;
char filter[256]; /* this should really be enough. we dont want to malloc everything! */
char *attributes[] = { NULL, NULL};
+ if (!ldap_config_valid)
+ return -1;
+
/* make filter */
len = snprintf( filter, 256, "%s=%s", ldap_uuid_attr, uuidstr);
if (len >= 256 || len == -1) {
return -1;
}
+#endif /* HAVE_LDAP */