freebsd-skq/usr.sbin/ypldap/aldap.c
rodrigc d2078e379a Import ypldap from OpenBSD.
ypldap -- Intended to be a drop-in replacement for ypserv, gluing in a
LDAP directory and thus providing support for users and groups stored in
LDAP for the get{pw,gr}ent family of functions.
2015-11-16 16:48:43 +00:00

1274 lines
25 KiB
C

/* $Id: aldap.c,v 1.30 2012/04/30 21:40:03 jmatthew Exp $ */
/* $OpenBSD: aldap.c,v 1.30 2012/04/30 21:40:03 jmatthew Exp $ */
/* $FreeBSD$ */
/*
* Copyright (c) 2008 Alexander Schrijver <aschrijver@openbsd.org>
* Copyright (c) 2006, 2007 Marc Balmer <mbalmer@openbsd.org>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
#include <errno.h>
#include <inttypes.h>
#include <string.h>
#include <stdlib.h>
#include <unistd.h>
#include "aldap.h"
#if 0
#define DEBUG
#endif
#define VERSION 3
static struct ber_element *ldap_parse_search_filter(struct ber_element *,
char *);
static struct ber_element *ldap_do_parse_search_filter(
struct ber_element *, char **);
char **aldap_get_stringset(struct ber_element *);
char *utoa(char *);
char *parseval(char *, size_t);
int aldap_create_page_control(struct ber_element *,
int, struct aldap_page_control *);
#ifdef DEBUG
void ldap_debug_elements(struct ber_element *);
#endif
#ifdef DEBUG
#define DPRINTF(x...) printf(x)
#define LDAP_DEBUG(x, y) do { fprintf(stderr, "*** " x "\n"); ldap_debug_elements(y); } while (0)
#else
#define DPRINTF(x...) do { } while (0)
#define LDAP_DEBUG(x, y) do { } while (0)
#endif
int
aldap_close(struct aldap *al)
{
if (close(al->ber.fd) == -1)
return (-1);
ber_free(&al->ber);
free(al);
return (0);
}
struct aldap *
aldap_init(int fd)
{
struct aldap *a;
if ((a = calloc(1, sizeof(*a))) == NULL)
return NULL;
a->ber.fd = fd;
return a;
}
int
aldap_bind(struct aldap *ldap, char *binddn, char *bindcred)
{
struct ber_element *root = NULL, *elm;
int error;
if (binddn == NULL)
binddn = "";
if (bindcred == NULL)
bindcred = "";
if ((root = ber_add_sequence(NULL)) == NULL)
goto fail;
elm = ber_printf_elements(root, "d{tdsst", ++ldap->msgid, BER_CLASS_APP,
(unsigned long)LDAP_REQ_BIND, VERSION, binddn, bindcred,
BER_CLASS_CONTEXT, (unsigned long)LDAP_AUTH_SIMPLE);
if (elm == NULL)
goto fail;
LDAP_DEBUG("aldap_bind", root);
error = ber_write_elements(&ldap->ber, root);
ber_free_elements(root);
root = NULL;
if (error == -1)
goto fail;
return (ldap->msgid);
fail:
if (root != NULL)
ber_free_elements(root);
ldap->err = ALDAP_ERR_OPERATION_FAILED;
return (-1);
}
int
aldap_unbind(struct aldap *ldap)
{
struct ber_element *root = NULL, *elm;
int error;
if ((root = ber_add_sequence(NULL)) == NULL)
goto fail;
elm = ber_printf_elements(root, "d{t", ++ldap->msgid, BER_CLASS_APP,
LDAP_REQ_UNBIND_30);
if (elm == NULL)
goto fail;
LDAP_DEBUG("aldap_unbind", root);
error = ber_write_elements(&ldap->ber, root);
ber_free_elements(root);
root = NULL;
if (error == -1)
goto fail;
return (ldap->msgid);
fail:
if (root != NULL)
ber_free_elements(root);
ldap->err = ALDAP_ERR_OPERATION_FAILED;
return (-1);
}
int
aldap_search(struct aldap *ldap, char *basedn, enum scope scope, char *filter,
char **attrs, int typesonly, int sizelimit, int timelimit,
struct aldap_page_control *page)
{
struct ber_element *root = NULL, *ber, *c;
int i, error;
if ((root = ber_add_sequence(NULL)) == NULL)
goto fail;
ber = ber_printf_elements(root, "d{t", ++ldap->msgid, BER_CLASS_APP,
(unsigned long) LDAP_REQ_SEARCH);
if (ber == NULL) {
ldap->err = ALDAP_ERR_OPERATION_FAILED;
goto fail;
}
c = ber;
ber = ber_printf_elements(ber, "sEEddb", basedn, (long long)scope,
(long long)LDAP_DEREF_NEVER, sizelimit,
timelimit, typesonly);
if (ber == NULL) {
ldap->err = ALDAP_ERR_OPERATION_FAILED;
goto fail;
}
if ((ber = ldap_parse_search_filter(ber, filter)) == NULL) {
ldap->err = ALDAP_ERR_PARSER_ERROR;
goto fail;
}
if ((ber = ber_add_sequence(ber)) == NULL)
goto fail;
if (attrs != NULL)
for (i = 0; attrs[i] != NULL; i++) {
if ((ber = ber_add_string(ber, attrs[i])) == NULL)
goto fail;
}
aldap_create_page_control(c, 100, page);
LDAP_DEBUG("aldap_search", root);
error = ber_write_elements(&ldap->ber, root);
ber_free_elements(root);
root = NULL;
if (error == -1) {
ldap->err = ALDAP_ERR_OPERATION_FAILED;
goto fail;
}
return (ldap->msgid);
fail:
if (root != NULL)
ber_free_elements(root);
return (-1);
}
int
aldap_create_page_control(struct ber_element *elm, int size,
struct aldap_page_control *page)
{
int len;
struct ber c;
struct ber_element *ber = NULL;
c.br_wbuf = NULL;
c.fd = -1;
ber = ber_add_sequence(NULL);
if (page == NULL) {
if (ber_printf_elements(ber, "ds", 50, "") == NULL)
goto fail;
} else {
if (ber_printf_elements(ber, "dx", 50, page->cookie,
page->cookie_len) == NULL)
goto fail;
}
if ((len = ber_write_elements(&c, ber)) < 1)
goto fail;
if (ber_printf_elements(elm, "{t{sx", 2, 0, LDAP_PAGED_OID,
c.br_wbuf, (size_t)len) == NULL)
goto fail;
ber_free_elements(ber);
ber_free(&c);
return len;
fail:
if (ber != NULL)
ber_free_elements(ber);
ber_free(&c);
return (-1);
}
struct aldap_message *
aldap_parse(struct aldap *ldap)
{
int class;
unsigned long type;
long long msgid = 0;
struct aldap_message *m;
struct ber_element *a = NULL, *ep;
if ((m = calloc(1, sizeof(struct aldap_message))) == NULL)
return NULL;
if ((m->msg = ber_read_elements(&ldap->ber, NULL)) == NULL)
goto parsefail;
LDAP_DEBUG("message", m->msg);
if (ber_scanf_elements(m->msg, "{ite", &msgid, &class, &type, &a) != 0)
goto parsefail;
m->msgid = msgid;
m->message_type = type;
m->protocol_op = a;
switch (m->message_type) {
case LDAP_RES_BIND:
case LDAP_RES_MODIFY:
case LDAP_RES_ADD:
case LDAP_RES_DELETE:
case LDAP_RES_MODRDN:
case LDAP_RES_COMPARE:
case LDAP_RES_SEARCH_RESULT:
if (ber_scanf_elements(m->protocol_op, "{EeSeSe",
&m->body.res.rescode, &m->dn, &m->body.res.diagmsg, &a) != 0)
goto parsefail;
if (m->body.res.rescode == LDAP_REFERRAL)
if (ber_scanf_elements(a, "{e", &m->references) != 0)
goto parsefail;
if (m->msg->be_sub) {
for (ep = m->msg->be_sub; ep != NULL; ep = ep->be_next) {
ber_scanf_elements(ep, "t", &class, &type);
if (class == 2 && type == 0)
m->page = aldap_parse_page_control(ep->be_sub->be_sub,
ep->be_sub->be_sub->be_len);
}
} else
m->page = NULL;
break;
case LDAP_RES_SEARCH_ENTRY:
if (ber_scanf_elements(m->protocol_op, "{eS{e", &m->dn,
&m->body.search.attrs) != 0)
goto parsefail;
break;
case LDAP_RES_SEARCH_REFERENCE:
if (ber_scanf_elements(m->protocol_op, "{e", &m->references) != 0)
goto parsefail;
break;
}
return m;
parsefail:
ldap->err = ALDAP_ERR_PARSER_ERROR;
aldap_freemsg(m);
return NULL;
}
struct aldap_page_control *
aldap_parse_page_control(struct ber_element *control, size_t len)
{
char *oid, *s;
char *encoded;
struct ber b;
struct ber_element *elm;
struct aldap_page_control *page;
b.br_wbuf = NULL;
b.fd = -1;
ber_scanf_elements(control, "ss", &oid, &encoded);
ber_set_readbuf(&b, encoded, control->be_next->be_len);
elm = ber_read_elements(&b, NULL);
if ((page = malloc(sizeof(struct aldap_page_control))) == NULL) {
if (elm != NULL)
ber_free_elements(elm);
ber_free(&b);
return NULL;
}
ber_scanf_elements(elm->be_sub, "is", &page->size, &s);
page->cookie_len = elm->be_sub->be_next->be_len;
if ((page->cookie = malloc(page->cookie_len)) == NULL) {
if (elm != NULL)
ber_free_elements(elm);
ber_free(&b);
free(page);
return NULL;
}
memcpy(page->cookie, s, page->cookie_len);
ber_free_elements(elm);
ber_free(&b);
return page;
}
void
aldap_freepage(struct aldap_page_control *page)
{
if (page->cookie)
free(page->cookie);
free(page);
}
void
aldap_freemsg(struct aldap_message *msg)
{
if (msg->msg)
ber_free_elements(msg->msg);
free(msg);
}
int
aldap_get_resultcode(struct aldap_message *msg)
{
return msg->body.res.rescode;
}
char *
aldap_get_dn(struct aldap_message *msg)
{
char *dn;
if (msg->dn == NULL)
return NULL;
if (ber_get_string(msg->dn, &dn) == -1)
return NULL;
return utoa(dn);
}
char **
aldap_get_references(struct aldap_message *msg)
{
if (msg->references == NULL)
return NULL;
return aldap_get_stringset(msg->references);
}
void
aldap_free_references(char **values)
{
int i;
if (values == NULL)
return;
for (i = 0; values[i] != NULL; i++)
free(values[i]);
free(values);
}
char *
aldap_get_diagmsg(struct aldap_message *msg)
{
char *s;
if (msg->body.res.diagmsg == NULL)
return NULL;
if (ber_get_string(msg->body.res.diagmsg, &s) == -1)
return NULL;
return utoa(s);
}
int
aldap_count_attrs(struct aldap_message *msg)
{
int i;
struct ber_element *a;
if (msg->body.search.attrs == NULL)
return (-1);
for (i = 0, a = msg->body.search.attrs;
a != NULL && ber_get_eoc(a) != 0;
i++, a = a->be_next)
;
return i;
}
int
aldap_first_attr(struct aldap_message *msg, char **outkey, char ***outvalues)
{
struct ber_element *b, *c;
char *key;
char **ret;
if (msg->body.search.attrs == NULL)
goto fail;
if (ber_scanf_elements(msg->body.search.attrs, "{s(e)}e",
&key, &b, &c) != 0)
goto fail;
msg->body.search.iter = msg->body.search.attrs->be_next;
if ((ret = aldap_get_stringset(b)) == NULL)
goto fail;
(*outvalues) = ret;
(*outkey) = utoa(key);
return (1);
fail:
(*outkey) = NULL;
(*outvalues) = NULL;
return (-1);
}
int
aldap_next_attr(struct aldap_message *msg, char **outkey, char ***outvalues)
{
struct ber_element *a, *b;
char *key;
char **ret;
if (msg->body.search.iter == NULL)
goto notfound;
LDAP_DEBUG("attr", msg->body.search.iter);
if (ber_get_eoc(msg->body.search.iter) == 0)
goto notfound;
if (ber_scanf_elements(msg->body.search.iter, "{s(e)}e", &key, &a, &b)
!= 0)
goto fail;
msg->body.search.iter = msg->body.search.iter->be_next;
if ((ret = aldap_get_stringset(a)) == NULL)
goto fail;
(*outvalues) = ret;
(*outkey) = utoa(key);
return (1);
fail:
notfound:
(*outkey) = NULL;
(*outvalues) = NULL;
return (-1);
}
int
aldap_match_attr(struct aldap_message *msg, char *inkey, char ***outvalues)
{
struct ber_element *a, *b;
char *descr = NULL;
char **ret;
if (msg->body.search.attrs == NULL)
goto fail;
LDAP_DEBUG("attr", msg->body.search.attrs);
for (a = msg->body.search.attrs;;) {
if (a == NULL)
goto notfound;
if (ber_get_eoc(a) == 0)
goto notfound;
if (ber_scanf_elements(a, "{s(e", &descr, &b) != 0)
goto fail;
if (strcasecmp(descr, inkey) == 0)
goto attrfound;
a = a->be_next;
}
attrfound:
if ((ret = aldap_get_stringset(b)) == NULL)
goto fail;
(*outvalues) = ret;
return (1);
fail:
notfound:
(*outvalues) = NULL;
return (-1);
}
int
aldap_free_attr(char **values)
{
int i;
if (values == NULL)
return -1;
for (i = 0; values[i] != NULL; i++)
free(values[i]);
free(values);
return (1);
}
#if 0
void
aldap_free_url(struct aldap_url *lu)
{
free(lu->buffer);
free(lu->filter);
}
int
aldap_parse_url(char *url, struct aldap_url *lu)
{
char *p, *forward, *forward2;
const char *errstr = NULL;
int i;
if ((lu->buffer = p = strdup(url)) == NULL)
return (-1);
/* protocol */
if (strncasecmp(LDAP_URL, p, strlen(LDAP_URL)) != 0)
goto fail;
lu->protocol = LDAP;
p += strlen(LDAP_URL);
/* host and optional port */
if ((forward = strchr(p, '/')) != NULL)
*forward = '\0';
/* find the optional port */
if ((forward2 = strchr(p, ':')) != NULL) {
*forward2 = '\0';
/* if a port is given */
if (*(forward2+1) != '\0') {
#define PORT_MAX UINT16_MAX
lu->port = strtonum(++forward2, 0, PORT_MAX, &errstr);
if (errstr)
goto fail;
}
}
/* fail if no host is given */
if (strlen(p) == 0)
goto fail;
lu->host = p;
if (forward == NULL)
goto done;
/* p is assigned either a pointer to a character or to '\0' */
p = ++forward;
if (strlen(p) == 0)
goto done;
/* dn */
if ((forward = strchr(p, '?')) != NULL)
*forward = '\0';
lu->dn = p;
if (forward == NULL)
goto done;
/* p is assigned either a pointer to a character or to '\0' */
p = ++forward;
if (strlen(p) == 0)
goto done;
/* attributes */
if ((forward = strchr(p, '?')) != NULL)
*forward = '\0';
for (i = 0; i < MAXATTR; i++) {
if ((forward2 = strchr(p, ',')) == NULL) {
if (strlen(p) == 0)
break;
lu->attributes[i] = p;
break;
}
*forward2 = '\0';
lu->attributes[i] = p;
p = ++forward2;
}
if (forward == NULL)
goto done;
/* p is assigned either a pointer to a character or to '\0' */
p = ++forward;
if (strlen(p) == 0)
goto done;
/* scope */
if ((forward = strchr(p, '?')) != NULL)
*forward = '\0';
if (strcmp(p, "base") == 0)
lu->scope = LDAP_SCOPE_BASE;
else if (strcmp(p, "one") == 0)
lu->scope = LDAP_SCOPE_ONELEVEL;
else if (strcmp(p, "sub") == 0)
lu->scope = LDAP_SCOPE_SUBTREE;
else
goto fail;
if (forward == NULL)
goto done;
p = ++forward;
if (strlen(p) == 0)
goto done;
/* filter */
if (p)
lu->filter = p;
done:
free(url);
return (1);
fail:
free(lu->buffer);
lu->buffer = NULL;
return (-1);
}
int
aldap_search_url(struct aldap *ldap, char *url, int typesonly, int sizelimit,
int timelimit)
{
struct aldap_url *lu;
if ((lu = calloc(1, sizeof(*lu))) == NULL)
return (-1);
if (aldap_parse_url(url, lu))
goto fail;
if (aldap_search(ldap, lu->dn, lu->scope, lu->filter, lu->attributes,
typesonly, sizelimit, timelimit) == -1)
goto fail;
aldap_free_url(lu);
return (ldap->msgid);
fail:
aldap_free_url(lu);
return (-1);
}
#endif /* 0 */
/*
* internal functions
*/
char **
aldap_get_stringset(struct ber_element *elm)
{
struct ber_element *a;
int i;
char **ret;
char *s;
if (elm->be_type != BER_TYPE_OCTETSTRING)
return NULL;
for (a = elm, i = 1; i > 0 && a != NULL && a->be_type ==
BER_TYPE_OCTETSTRING; a = a->be_next, i++)
;
if (i == 1)
return NULL;
if ((ret = calloc(i + 1, sizeof(char *))) == NULL)
return NULL;
for (a = elm, i = 0; a != NULL && a->be_type == BER_TYPE_OCTETSTRING;
a = a->be_next, i++) {
ber_get_string(a, &s);
ret[i] = utoa(s);
}
ret[i + 1] = NULL;
return ret;
}
/*
* Base case for ldap_do_parse_search_filter
*
* returns:
* struct ber_element *, ber_element tree
* NULL, parse failed
*/
static struct ber_element *
ldap_parse_search_filter(struct ber_element *ber, char *filter)
{
struct ber_element *elm;
char *cp;
cp = filter;
if (cp == NULL || *cp == '\0') {
errno = EINVAL;
return (NULL);
}
if ((elm = ldap_do_parse_search_filter(ber, &cp)) == NULL)
return (NULL);
if (*cp != '\0') {
ber_free_elements(elm);
ber_link_elements(ber, NULL);
errno = EINVAL;
return (NULL);
}
return (elm);
}
/*
* Translate RFC4515 search filter string into ber_element tree
*
* returns:
* struct ber_element *, ber_element tree
* NULL, parse failed
*
* notes:
* when cp is passed to a recursive invocation, it is updated
* to point one character beyond the filter that was passed
* i.e., cp jumps to "(filter)" upon return
* ^
* goto's used to discriminate error-handling based on error type
* doesn't handle extended filters (yet)
*
*/
static struct ber_element *
ldap_do_parse_search_filter(struct ber_element *prev, char **cpp)
{
struct ber_element *elm, *root = NULL;
char *attr_desc, *attr_val, *parsed_val, *cp;
size_t len;
unsigned long type;
root = NULL;
/* cpp should pass in pointer to opening parenthesis of "(filter)" */
cp = *cpp;
if (*cp != '(')
goto syntaxfail;
switch (*++cp) {
case '&': /* AND */
case '|': /* OR */
if (*cp == '&')
type = LDAP_FILT_AND;
else
type = LDAP_FILT_OR;
if ((elm = ber_add_set(prev)) == NULL)
goto callfail;
root = elm;
ber_set_header(elm, BER_CLASS_CONTEXT, type);
if (*++cp != '(') /* opening `(` of filter */
goto syntaxfail;
while (*cp == '(') {
if ((elm =
ldap_do_parse_search_filter(elm, &cp)) == NULL)
goto bad;
}
if (*cp != ')') /* trailing `)` of filter */
goto syntaxfail;
break;
case '!': /* NOT */
if ((root = ber_add_sequence(prev)) == NULL)
goto callfail;
ber_set_header(root, BER_CLASS_CONTEXT, LDAP_FILT_NOT);
cp++; /* now points to sub-filter */
if ((elm = ldap_do_parse_search_filter(root, &cp)) == NULL)
goto bad;
if (*cp != ')') /* trailing `)` of filter */
goto syntaxfail;
break;
default: /* SIMPLE || PRESENCE */
attr_desc = cp;
len = strcspn(cp, "()<>~=");
cp += len;
switch (*cp) {
case '~':
type = LDAP_FILT_APPR;
cp++;
break;
case '<':
type = LDAP_FILT_LE;
cp++;
break;
case '>':
type = LDAP_FILT_GE;
cp++;
break;
case '=':
type = LDAP_FILT_EQ; /* assume EQ until disproven */
break;
case '(':
case ')':
default:
goto syntaxfail;
}
attr_val = ++cp;
/* presence filter */
if (strncmp(attr_val, "*)", 2) == 0) {
cp++; /* point to trailing `)` */
if ((root =
ber_add_nstring(prev, attr_desc, len)) == NULL)
goto bad;
ber_set_header(root, BER_CLASS_CONTEXT, LDAP_FILT_PRES);
break;
}
if ((root = ber_add_sequence(prev)) == NULL)
goto callfail;
ber_set_header(root, BER_CLASS_CONTEXT, type);
if ((elm = ber_add_nstring(root, attr_desc, len)) == NULL)
goto callfail;
len = strcspn(attr_val, "*)");
if (len == 0 && *cp != '*')
goto syntaxfail;
cp += len;
if (*cp == '\0')
goto syntaxfail;
if (*cp == '*') { /* substring filter */
int initial;
cp = attr_val;
ber_set_header(root, BER_CLASS_CONTEXT, LDAP_FILT_SUBS);
if ((elm = ber_add_sequence(elm)) == NULL)
goto callfail;
for (initial = 1;; cp++, initial = 0) {
attr_val = cp;
len = strcspn(attr_val, "*)");
if (len == 0) {
if (*cp == ')')
break;
else
continue;
}
cp += len;
if (*cp == '\0')
goto syntaxfail;
if (initial)
type = LDAP_FILT_SUBS_INIT;
else if (*cp == ')')
type = LDAP_FILT_SUBS_FIN;
else
type = LDAP_FILT_SUBS_ANY;
if ((parsed_val = parseval(attr_val, len)) ==
NULL)
goto callfail;
elm = ber_add_nstring(elm, parsed_val,
strlen(parsed_val));
free(parsed_val);
if (elm == NULL)
goto callfail;
ber_set_header(elm, BER_CLASS_CONTEXT, type);
if (type == LDAP_FILT_SUBS_FIN)
break;
}
break;
}
if ((parsed_val = parseval(attr_val, len)) == NULL)
goto callfail;
elm = ber_add_nstring(elm, parsed_val, strlen(parsed_val));
free(parsed_val);
if (elm == NULL)
goto callfail;
break;
}
cp++; /* now points one char beyond the trailing `)` */
*cpp = cp;
return (root);
syntaxfail: /* XXX -- error reporting */
callfail:
bad:
if (root != NULL)
ber_free_elements(root);
ber_link_elements(prev, NULL);
return (NULL);
}
#ifdef DEBUG
/*
* Display a list of ber elements.
*
*/
void
ldap_debug_elements(struct ber_element *root)
{
static int indent = 0;
long long v;
int d;
char *buf;
size_t len;
u_int i;
int constructed;
struct ber_oid o;
/* calculate lengths */
ber_calc_len(root);
switch (root->be_encoding) {
case BER_TYPE_SEQUENCE:
case BER_TYPE_SET:
constructed = root->be_encoding;
break;
default:
constructed = 0;
break;
}
fprintf(stderr, "%*slen %lu ", indent, "", root->be_len);
switch (root->be_class) {
case BER_CLASS_UNIVERSAL:
fprintf(stderr, "class: universal(%u) type: ", root->be_class);
switch (root->be_type) {
case BER_TYPE_EOC:
fprintf(stderr, "end-of-content");
break;
case BER_TYPE_BOOLEAN:
fprintf(stderr, "boolean");
break;
case BER_TYPE_INTEGER:
fprintf(stderr, "integer");
break;
case BER_TYPE_BITSTRING:
fprintf(stderr, "bit-string");
break;
case BER_TYPE_OCTETSTRING:
fprintf(stderr, "octet-string");
break;
case BER_TYPE_NULL:
fprintf(stderr, "null");
break;
case BER_TYPE_OBJECT:
fprintf(stderr, "object");
break;
case BER_TYPE_ENUMERATED:
fprintf(stderr, "enumerated");
break;
case BER_TYPE_SEQUENCE:
fprintf(stderr, "sequence");
break;
case BER_TYPE_SET:
fprintf(stderr, "set");
break;
}
break;
case BER_CLASS_APPLICATION:
fprintf(stderr, "class: application(%u) type: ",
root->be_class);
switch (root->be_type) {
case LDAP_REQ_BIND:
fprintf(stderr, "bind");
break;
case LDAP_RES_BIND:
fprintf(stderr, "bind");
break;
case LDAP_REQ_UNBIND_30:
break;
case LDAP_REQ_SEARCH:
fprintf(stderr, "search");
break;
case LDAP_RES_SEARCH_ENTRY:
fprintf(stderr, "search_entry");
break;
case LDAP_RES_SEARCH_RESULT:
fprintf(stderr, "search_result");
break;
case LDAP_REQ_MODIFY:
fprintf(stderr, "modify");
break;
case LDAP_RES_MODIFY:
fprintf(stderr, "modify");
break;
case LDAP_REQ_ADD:
fprintf(stderr, "add");
break;
case LDAP_RES_ADD:
fprintf(stderr, "add");
break;
case LDAP_REQ_DELETE_30:
fprintf(stderr, "delete");
break;
case LDAP_RES_DELETE:
fprintf(stderr, "delete");
break;
case LDAP_REQ_MODRDN:
fprintf(stderr, "modrdn");
break;
case LDAP_RES_MODRDN:
fprintf(stderr, "modrdn");
break;
case LDAP_REQ_COMPARE:
fprintf(stderr, "compare");
break;
case LDAP_RES_COMPARE:
fprintf(stderr, "compare");
break;
case LDAP_REQ_ABANDON_30:
fprintf(stderr, "abandon");
break;
}
break;
case BER_CLASS_PRIVATE:
fprintf(stderr, "class: private(%u) type: ", root->be_class);
fprintf(stderr, "encoding (%lu) type: ", root->be_encoding);
break;
case BER_CLASS_CONTEXT:
/* XXX: this is not correct */
fprintf(stderr, "class: context(%u) type: ", root->be_class);
switch(root->be_type) {
case LDAP_AUTH_SIMPLE:
fprintf(stderr, "auth simple");
break;
}
break;
default:
fprintf(stderr, "class: <INVALID>(%u) type: ", root->be_class);
break;
}
fprintf(stderr, "(%lu) encoding %lu ",
root->be_type, root->be_encoding);
if (constructed)
root->be_encoding = constructed;
switch (root->be_encoding) {
case BER_TYPE_BOOLEAN:
if (ber_get_boolean(root, &d) == -1) {
fprintf(stderr, "<INVALID>\n");
break;
}
fprintf(stderr, "%s(%d)\n", d ? "true" : "false", d);
break;
case BER_TYPE_INTEGER:
if (ber_get_integer(root, &v) == -1) {
fprintf(stderr, "<INVALID>\n");
break;
}
fprintf(stderr, "value %lld\n", v);
break;
case BER_TYPE_ENUMERATED:
if (ber_get_enumerated(root, &v) == -1) {
fprintf(stderr, "<INVALID>\n");
break;
}
fprintf(stderr, "value %lld\n", v);
break;
case BER_TYPE_BITSTRING:
if (ber_get_bitstring(root, (void *)&buf, &len) == -1) {
fprintf(stderr, "<INVALID>\n");
break;
}
fprintf(stderr, "hexdump ");
for (i = 0; i < len; i++)
fprintf(stderr, "%02x", buf[i]);
fprintf(stderr, "\n");
break;
case BER_TYPE_OBJECT:
if (ber_get_oid(root, &o) == -1) {
fprintf(stderr, "<INVALID>\n");
break;
}
fprintf(stderr, "\n");
break;
case BER_TYPE_OCTETSTRING:
if (ber_get_nstring(root, (void *)&buf, &len) == -1) {
fprintf(stderr, "<INVALID>\n");
break;
}
fprintf(stderr, "string \"%.*s\"\n", len, buf);
break;
case BER_TYPE_NULL: /* no payload */
case BER_TYPE_EOC:
case BER_TYPE_SEQUENCE:
case BER_TYPE_SET:
default:
fprintf(stderr, "\n");
break;
}
if (constructed && root->be_sub) {
indent += 2;
ldap_debug_elements(root->be_sub);
indent -= 2;
}
if (root->be_next)
ldap_debug_elements(root->be_next);
}
#endif
/*
* Convert UTF-8 to ASCII.
* notes:
* non-ASCII characters are displayed as '?'
* the argument u should be a NULL terminated sequence of UTF-8 bytes.
*/
char *
utoa(char *u)
{
int len, i, j;
char *str;
/* calculate the length to allocate */
for (len = 0, i = 0; u[i] != '\0'; ) {
if ((u[i] & 0xF0) == 0xF0)
i += 4;
else if ((u[i] & 0xE0) == 0xE0)
i += 3;
else if ((u[i] & 0xC0) == 0xC0)
i += 2;
else
i += 1;
len++;
}
if ((str = calloc(len + 1, sizeof(char))) == NULL)
return NULL;
/* copy the ASCII characters to the newly allocated string */
for (i = 0, j = 0; u[i] != '\0'; j++) {
if ((u[i] & 0xF0) == 0xF0) {
str[j] = '?';
i += 4;
} else if ((u[i] & 0xE0) == 0xE0) {
str[j] = '?';
i += 3;
} else if ((u[i] & 0xC0) == 0xC0) {
str[j] = '?';
i += 2;
} else {
str[j] = u[i];
i += 1;
}
}
return str;
}
/*
* Parse a LDAP value
* notes:
* the argument u should be a NULL terminated sequence of ASCII bytes.
*/
char *
parseval(char *p, size_t len)
{
char hex[3];
char *cp = p, *buffer, *newbuffer;
size_t size, newsize, i, j;
size = 50;
if ((buffer = calloc(1, size)) == NULL)
return NULL;
for (i = j = 0; j < len; i++) {
if (i >= size) {
newsize = size + 1024;
if ((newbuffer = realloc(buffer, newsize)) == NULL) {
free(buffer);
return (NULL);
}
buffer = newbuffer;
size = newsize;
}
if (cp[j] == '\\') {
strlcpy(hex, cp + j + 1, sizeof(hex));
buffer[i] = (char)strtoumax(hex, NULL, 16);
j += 3;
} else {
buffer[i] = cp[j];
j++;
}
}
return buffer;
}
int
aldap_get_errno(struct aldap *a, const char **estr)
{
switch (a->err) {
case ALDAP_ERR_SUCCESS:
*estr = "success";
break;
case ALDAP_ERR_PARSER_ERROR:
*estr = "parser failed";
break;
case ALDAP_ERR_INVALID_FILTER:
*estr = "invalid filter";
break;
case ALDAP_ERR_OPERATION_FAILED:
*estr = "operation failed";
break;
default:
*estr = "unknown";
break;
}
return (a->err);
}