diff options
| author | Arthur de Jong <arthur@arthurdejong.org> | 2007-09-08 21:15:12 +0200 |
|---|---|---|
| committer | Arthur de Jong <arthur@arthurdejong.org> | 2007-09-08 21:15:12 +0200 |
| commit | 78028ef3928c05573826daa726ffde40db291e83 (patch) | |
| tree | 7ef92dd3689aa05091e2f79fc46545b410223111 | |
| parent | 4b539318232ffc077eaa882963b9788d686610cb (diff) | |
move base and scope handling to database specific modules, gettting rid of ldap_service_search_descriptor
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@384 ef36b2f9-881f-0410-afb5-c4e39611909c
| -rw-r--r-- | nslcd/alias.c | 19 | ||||
| -rw-r--r-- | nslcd/attmap.c | 79 | ||||
| -rw-r--r-- | nslcd/attmap.h | 120 | ||||
| -rw-r--r-- | nslcd/cfg.c | 181 | ||||
| -rw-r--r-- | nslcd/cfg.h | 10 | ||||
| -rw-r--r-- | nslcd/ether.c | 28 | ||||
| -rw-r--r-- | nslcd/group.c | 42 | ||||
| -rw-r--r-- | nslcd/host.c | 25 | ||||
| -rw-r--r-- | nslcd/ldap-nss.c | 129 | ||||
| -rw-r--r-- | nslcd/ldap-nss.h | 20 | ||||
| -rw-r--r-- | nslcd/netgroup.c | 15 | ||||
| -rw-r--r-- | nslcd/network.c | 28 | ||||
| -rw-r--r-- | nslcd/passwd.c | 30 | ||||
| -rw-r--r-- | nslcd/protocol.c | 28 | ||||
| -rw-r--r-- | nslcd/rpc.c | 28 | ||||
| -rw-r--r-- | nslcd/service.c | 28 | ||||
| -rw-r--r-- | nslcd/shadow.c | 21 | ||||
| -rw-r--r-- | nslcd/util.c | 2 |
18 files changed, 418 insertions, 415 deletions
diff --git a/nslcd/alias.c b/nslcd/alias.c index 6933a2b..e71bc18 100644 --- a/nslcd/alias.c +++ b/nslcd/alias.c @@ -83,8 +83,15 @@ static int mkfilter_alias_byname(const char *name, attmap_alias_cn,buf2); } -static void alias_attrs_init(void) +static void alias_init(void) { + /* set up base */ + if (alias_base==NULL) + alias_base=nslcd_cfg->ldc_base; + /* set up scope */ + if (alias_scope==LDAP_SCOPE_DEFAULT) + alias_scope=nslcd_cfg->ldc_scope; + /* set up attribute list */ alias_attrs[0]=attmap_alias_cn; alias_attrs[1]=attmap_alias_rfc822MailMember; alias_attrs[2]=NULL; @@ -141,8 +148,9 @@ int nslcd_alias_byname(TFILE *fp) WRITE_INT32(fp,NSLCD_ACTION_ALIAS_BYNAME); /* do the LDAP request */ mkfilter_alias_byname(name,filter,sizeof(filter)); - alias_attrs_init(); - _nss_ldap_searchbyname(NULL,filter,LM_ALIASES,alias_attrs,fp,write_alias); + alias_init(); + _nss_ldap_searchbyname(alias_base,alias_scope,filter,alias_attrs, + fp,write_alias); WRITE_FLUSH(fp); /* we're done */ return 0; @@ -165,9 +173,10 @@ int nslcd_alias_all(TFILE *fp) /* initialize context */ _nss_ldap_ent_context_init(&context); /* loop over all results */ - alias_attrs_init(); + alias_init(); while ((retv=_nss_ldap_getent(&context,&result,buffer,sizeof(buffer),&errnop, - NULL,alias_filter,alias_attrs,LM_ALIASES,_nss_ldap_parse_alias))==NSLCD_RESULT_SUCCESS) + alias_base,alias_scope,alias_filter,alias_attrs, + _nss_ldap_parse_alias))==NSLCD_RESULT_SUCCESS) { /* write the result */ WRITE_INT32(fp,retv); diff --git a/nslcd/attmap.c b/nslcd/attmap.c index f3cd025..4f9222c 100644 --- a/nslcd/attmap.c +++ b/nslcd/attmap.c @@ -29,6 +29,85 @@ const char *attmap_objectClass = "objectClass"; +/* these are the bases that are defined per database */ +extern const char *alias_base; +extern const char *ether_base; +extern const char *group_base; +extern const char *host_base; +extern const char *netgroup_base; +extern const char *network_base; +extern const char *passwd_base; +extern const char *protocol_base; +extern const char *rpc_base; +extern const char *service_base; +extern const char *shadow_base; + +const char **base_get_var(enum ldap_map_selector map) +{ + switch (map) + { + case LM_ALIASES: return &alias_base; + case LM_ETHERS: return ðer_base; + case LM_GROUP: return &group_base; + case LM_HOSTS: return &host_base; + case LM_NETGROUP: return &netgroup_base; + case LM_NETWORKS: return &network_base; + case LM_PASSWD: return &passwd_base; + case LM_PROTOCOLS: return &protocol_base; + case LM_RPC: return &rpc_base; + case LM_SERVICES: return &service_base; + case LM_SHADOW: return &shadow_base; + case LM_NONE: + default: return NULL; + } +} + +/* these are the scopes that are defined per database */ +extern int alias_scope; +extern int ether_scope; +extern int group_scope; +extern int host_scope; +extern int netgroup_scope; +extern int network_scope; +extern int passwd_scope; +extern int protocol_scope; +extern int rpc_scope; +extern int service_scope; +extern int shadow_scope; + +int *scope_get_var(enum ldap_map_selector map) +{ + switch (map) + { + case LM_ALIASES: return &alias_scope; + case LM_ETHERS: return ðer_scope; + case LM_GROUP: return &group_scope; + case LM_HOSTS: return &host_scope; + case LM_NETGROUP: return &netgroup_scope; + case LM_NETWORKS: return &network_scope; + case LM_PASSWD: return &passwd_scope; + case LM_PROTOCOLS: return &protocol_scope; + case LM_RPC: return &rpc_scope; + case LM_SERVICES: return &service_scope; + case LM_SHADOW: return &shadow_scope; + case LM_NONE: + default: return NULL; + } +} + +/* these are the filters that are defined per database */ +extern const char *alias_filter; +extern const char *ether_filter; +extern const char *group_filter; +extern const char *host_filter; +extern const char *netgroup_filter; +extern const char *network_filter; +extern const char *passwd_filter; +extern const char *protocol_filter; +extern const char *rpc_filter; +extern const char *service_filter; +extern const char *shadow_filter; + const char **filter_get_var(enum ldap_map_selector map) { switch (map) diff --git a/nslcd/attmap.h b/nslcd/attmap.h index 3b3bc84..6ba4287 100644 --- a/nslcd/attmap.h +++ b/nslcd/attmap.h @@ -25,97 +25,25 @@ #include "ldap-nss.h" -/* These are the filters that are defined per database. */ - -/* TODO: move these to a per-database header file */ -extern const char *alias_filter; -extern const char *ether_filter; -extern const char *group_filter; -extern const char *host_filter; -extern const char *netgroup_filter; -extern const char *network_filter; -extern const char *passwd_filter; -extern const char *protocol_filter; -extern const char *rpc_filter; -extern const char *service_filter; -extern const char *shadow_filter; - -/* What follows is a list of attribute names per database. */ - -/* TODO: replace the objectClass name mapping with filter definitions */ - -extern const char *attmap_objectClass; - -/** - * Vendor-specific attributes and object classes. - * (Mainly from Sun.) - * ( 1.3.6.1.4.1.42.2.27.1.2.5 NAME 'nisMailAlias' SUP top STRUCTURAL - * DESC 'NIS mail alias' - * MUST cn - * MAY rfc822MailMember ) - */ +/* these are the attribute names per database */ extern const char *attmap_alias_cn; extern const char *attmap_alias_rfc822MailMember; - -/* - * ( nisSchema.2.11 NAME 'ieee802Device' SUP top AUXILIARY - * DESC 'A device with a MAC address; device SHOULD be - * used as a structural class' - * MAY macAddress ) - */ extern const char *attmap_ether_cn; extern const char *attmap_ether_macAddress; - -/* - * ( nisSchema.2.2 NAME 'posixGroup' SUP top STRUCTURAL - * DESC 'Abstraction of a group of accounts' - * MUST ( cn $ gidNumber ) - * MAY ( userPassword $ uidMember $ description ) ) - */ extern const char *attmap_group_cn; extern const char *attmap_group_userPassword; extern const char *attmap_group_gidNumber; extern const char *attmap_group_memberUid; extern const char *attmap_group_uniqueMember; extern const char *attmap_group_memberOf; - -/* - * ( nisSchema.2.6 NAME 'ipHost' SUP top AUXILIARY - * DESC 'Abstraction of a host,An IP device. The distinguished - * value of the cn attribute denotes the host's canonical - * name. Device SHOULD be used as a structural class' - * MUST ( cn $ ipHostNumber ) - * MAY ( l $ description $ manager ) ) - */ extern const char *attmap_host_cn; extern const char *attmap_host_ipHostNumber; - -/* - * ( nisSchema.2.8 NAME 'nisNetgroup' SUP top STRUCTURAL - * DESC 'Abstraction of a netgroup. May refer to other netgroups' - * MUST cn - * MAY ( nisNetgroupTriple $ memberNisNetgroup $ description ) ) - */ extern const char *attmap_netgroup_cn; extern const char *attmap_netgroup_nisNetgroupTriple; extern const char *attmap_netgroup_memberNisNetgroup; - -/* - * ( nisSchema.2.7 NAME 'ipNetwork' SUP top STRUCTURAL - * DESC 'Abstraction of a network. The distinguished value of - * MUST ( cn $ ipNetworkNumber ) - * MAY ( ipNetmaskNumber $ l $ description $ manager ) ) - */ extern const char *attmap_network_cn; extern const char *attmap_network_ipNetworkNumber; /*extern const char *attmap_network_ipNetmaskNumber; */ - -/* - * ( nisSchema.2.0 NAME 'posixAccount' SUP top AUXILIARY - * DESC 'Abstraction of an account with POSIX attributes' - * MUST ( cn $ uid $ uidNumber $ gidNumber $ homeDirectory ) - * MAY ( userPassword $ loginShell $ gecos $ description ) ) - */ extern const char *attmap_passwd_uid; extern const char *attmap_passwd_userPassword; extern const char *attmap_passwd_uidNumber; @@ -124,53 +52,13 @@ extern const char *attmap_passwd_gecos; extern const char *attmap_passwd_cn; extern const char *attmap_passwd_homeDirectory; extern const char *attmap_passwd_loginShell; - -/* - * ( nisSchema.2.4 NAME 'ipProtocol' SUP top STRUCTURAL - * DESC 'Abstraction of an IP protocol. Maps a protocol number - * to one or more names. The distinguished value of the cn - * attribute denotes the protocol's canonical name' - * MUST ( cn $ ipProtocolNumber ) - * MAY description ) - */ extern const char *attmap_protocol_cn; extern const char *attmap_protocol_ipProtocolNumber; - -/* - * ( nisSchema.2.5 NAME 'oncRpc' SUP top STRUCTURAL - * DESC 'Abstraction of an Open Network Computing (ONC) - * [RFC1057] Remote Procedure Call (RPC) binding. - * This class maps an ONC RPC number to a name. - * The distinguished value of the cn attribute denotes - * the RPC service's canonical name' - * MUST ( cn $ oncRpcNumber ) - * MAY description ) - */ extern const char *attmap_rpc_cn; extern const char *attmap_rpc_oncRpcNumber; - -/* - * ( nisSchema.2.3 NAME 'ipService' SUP top STRUCTURAL - * DESC 'Abstraction an Internet Protocol service. - * Maps an IP port and protocol (such as tcp or udp) - * to one or more names; the distinguished value of - * the cn attribute denotes the service's canonical - * name' - * MUST ( cn $ ipServicePort $ ipServiceProtocol ) - * MAY ( description ) ) - */ extern const char *attmap_service_cn; extern const char *attmap_service_ipServicePort; extern const char *attmap_service_ipServiceProtocol; - -/* - * ( nisSchema.2.1 NAME 'shadowAccount' SUP top AUXILIARY - * DESC 'Additional attributes for shadow passwords' - * MUST uid - * MAY ( userPassword $ shadowLastChange $ shadowMin - * shadowMax $ shadowWarning $ shadowInactive $ - * shadowExpire $ shadowFlag $ description ) ) - */ extern const char *attmap_shadow_uid; extern const char *attmap_shadow_userPassword; extern const char *attmap_shadow_shadowLastChange; @@ -181,6 +69,12 @@ extern const char *attmap_shadow_shadowInactive; extern const char *attmap_shadow_shadowExpire; extern const char *attmap_shadow_shadowFlag; +/* return a reference to the map specific base variable */ +const char **base_get_var(enum ldap_map_selector map); + +/* return a reference to the map specific scope variable */ +int *scope_get_var(enum ldap_map_selector map); + /* return a reference to the map specific filter variable */ const char **filter_get_var(enum ldap_map_selector map); diff --git a/nslcd/cfg.c b/nslcd/cfg.c index 30548ac..d9d32f6 100644 --- a/nslcd/cfg.c +++ b/nslcd/cfg.c @@ -93,8 +93,6 @@ static void cfg_defaults(struct ldap_config *cfg) cfg->ldc_scope=LDAP_SCOPE_SUBTREE; cfg->ldc_deref=LDAP_DEREF_NEVER; cfg->ldc_referrals=1; - for (i=0;i<LM_NONE;i++) - cfg->ldc_sds[i]=NULL; cfg->ldc_timelimit=LDAP_NO_LIMIT; cfg->ldc_bind_timelimit=30; cfg->ldc_reconnect_pol=LP_RECONNECT_HARD_OPEN; @@ -223,12 +221,107 @@ static enum ldap_map_selector parse_map(const char *filename,int lnr,const char } } +/* check that the condition is true and otherwise log an error + and bail out */ +static inline void check_argumentcount(const char *filename,int lnr, + const char *keyword,int condition) +{ + if (!condition) + { + log_log(LOG_ERR,"%s:%d: %s: wrong number of arguments",filename,lnr,keyword); + exit(EXIT_FAILURE); + } +} + +static void parse_base_statement(const char *filename,int lnr, + const char **opts,int nopts, + struct ldap_config *cfg) +{ + enum ldap_map_selector map; + const char **var; + if (nopts==2) + cfg->ldc_base=xstrdup(opts[1]); + else if (nopts==3) + { + /* get the map */ + map=parse_map(filename,lnr,opts[1]); + /* get the base variable to set */ + var=base_get_var(map); + if (var==NULL) + { + log_log(LOG_ERR,"%s:%d: unknown map: '%s'",filename,lnr,opts[1]); + exit(EXIT_FAILURE); + } + /* check if the value will be changed */ + if ((*var==NULL)||(strcmp(*var,opts[2])!=0)) + { + /* Note: we have a memory leak here if a single mapping is changed + multiple times in one config (deemed not a problem) */ + *var=xstrdup(opts[2]); + } + } + else + check_argumentcount(filename,lnr,opts[0],0); +} + +static void parse_scope_statement(const char *filename,int lnr, + const char **opts,int nopts, + struct ldap_config *cfg) +{ + enum ldap_map_selector map; + int *var; + if (nopts==2) + cfg->ldc_scope=parse_scope(filename,lnr,opts[1]); + else if (nopts==3) + { + /* get the map */ + map=parse_map(filename,lnr,opts[1]); + /* get the scope variable to set */ + var=scope_get_var(map); + if (var==NULL) + { + log_log(LOG_ERR,"%s:%d: unknown map: '%s'",filename,lnr,opts[1]); + exit(EXIT_FAILURE); + } + /* set the scope */ + *var=parse_scope(filename,lnr,opts[2]); + } + else + check_argumentcount(filename,lnr,opts[0],0); +} + +static void parse_filter_statement(const char *filename,int lnr, + const char **opts,int nopts) +{ + enum ldap_map_selector map; + const char **var; + check_argumentcount(filename,lnr,opts[0],nopts==3); + /* get the map */ + map=parse_map(filename,lnr,opts[1]); + /* get the filter variable to set */ + var=filter_get_var(map); + if (var==NULL) + { + log_log(LOG_ERR,"%s:%d: unknown map: '%s'",filename,lnr,opts[1]); + exit(EXIT_FAILURE); + } + /* check if the value will be changed */ + if (strcmp(*var,opts[2])!=0) + { + /* Note: we have a memory leak here if a single mapping is changed + multiple times in one config (deemed not a problem) */ + *var=xstrdup(opts[2]); + } +} + /* this function modifies the statement argument passed */ static void parse_map_statement(const char *filename,int lnr, - struct ldap_config *cfg,const char **opts) + const char **opts,int nopts, + struct ldap_config *cfg) { enum ldap_map_selector map; const char **var; + check_argumentcount(filename,lnr,opts[0],nopts==4); /* get the map */ map=parse_map(filename,lnr,opts[1]); /* special handling for some attribute mappings */ @@ -265,56 +358,6 @@ static void parse_map_statement(const char *filename,int lnr, } } -static void parse_filter_statement(const char *filename,int lnr, - const char **opts) -{ - enum ldap_map_selector map; - const char **var; - /* get the map */ - map=parse_map(filename,lnr,opts[1]); - /* get the filter variable to set */ - var=filter_get_var(map); - if (var==NULL) - { - log_log(LOG_ERR,"%s:%d: unknown map: '%s'",filename,lnr,opts[1]); - exit(EXIT_FAILURE); - } - /* check if the value will be changed */ - if (strcmp(*var,opts[2])!=0) - { - /* Note: we have a memory leak here if a single mapping is changed - multiple times in one config (deemed not a problem) */ - *var=xstrdup(opts[2]); - } -} - -static void alloc_lsd(struct ldap_service_search_descriptor **lsd) -{ - if (*lsd!=NULL) - return; - *lsd=(struct ldap_service_search_descriptor *)malloc(sizeof(struct ldap_service_search_descriptor)); - if (*lsd==NULL) - { - log_log(LOG_CRIT,"malloc() failed to allocate memory"); - exit(EXIT_FAILURE); - } - /* initialize fields */ - (*lsd)->lsd_base=NULL; - (*lsd)->lsd_scope=-1; -} - -static void do_setbase(struct ldap_service_search_descriptor **lsd,const char *base) -{ - alloc_lsd(lsd); - (*lsd)->lsd_base=xstrdup(base); -} - -static void do_setscope(struct ldap_service_search_descriptor **lsd,int scope) -{ - alloc_lsd(lsd); - (*lsd)->lsd_scope=scope; -} - /* split a line from the configuration file note that this code is not thread safe! the line value will be rewritten! */ @@ -359,18 +402,6 @@ static const char **tokenize(const char *filename,int lnr,char *line,int *nopt) return retv; } -/* check that the condition is true and otherwise log an error - and bail out */ -static inline void check_argumentcount(const char *filename,int lnr, - const char *keyword,int condition) -{ - if (!condition) - { - log_log(LOG_ERR,"%s:%d: %s: wrong number of arguments",filename,lnr,keyword); - exit(EXIT_FAILURE); - } -} - static void cfg_read(const char *filename,struct ldap_config *cfg) { FILE *fp; @@ -477,21 +508,11 @@ static void cfg_read(const char *filename,struct ldap_config *cfg) /* search/mapping options */ else if (strcasecmp(opts[0],"base")==0) { - if (nopts==2) - cfg->ldc_base=xstrdup(opts[1]); - else if (nopts==3) - do_setbase(&(cfg->ldc_sds[parse_map(filename,lnr,opts[1])]),opts[2]); - else - check_argumentcount(filename,lnr,opts[0],0); + parse_base_statement(filename,lnr,opts,nopts,cfg); } else if (strcasecmp(opts[0],"scope")==0) { - if (nopts==2) - cfg->ldc_scope=parse_scope(filename,lnr,opts[1]); - else if (nopts==3) - do_setscope(&(cfg->ldc_sds[parse_map(filename,lnr,opts[1])]),parse_scope(filename,lnr,opts[2])); - else - check_argumentcount(filename,lnr,opts[0],0); + parse_scope_statement(filename,lnr,opts,nopts,cfg); } else if (strcasecmp(opts[0],"deref")==0) { @@ -517,13 +538,11 @@ static void cfg_read(const char *filename,struct ldap_config *cfg) } else if (strcasecmp(opts[0],"filter")==0) { - check_argumentcount(filename,lnr,opts[0],nopts==3); - parse_filter_statement(filename,lnr,opts); + parse_filter_statement(filename,lnr,opts,nopts); } else if (strcasecmp(opts[0],"map")==0) { - check_argumentcount(filename,lnr,opts[0],nopts==4); - parse_map_statement(filename,lnr,cfg,opts); + parse_map_statement(filename,lnr,opts,nopts,cfg); } /* timing/reconnect options */ else if (strcasecmp(opts[0],"timelimit")==0) diff --git a/nslcd/cfg.h b/nslcd/cfg.h index 6a2ed8c..ee4e2b9 100644 --- a/nslcd/cfg.h +++ b/nslcd/cfg.h @@ -76,14 +76,6 @@ enum ldap_map_selector LM_NONE }; -struct ldap_service_search_descriptor -{ - /* search base, qualified */ - char *lsd_base; - /* scope */ - int lsd_scope; -}; - struct ldap_config { /* NULL terminated list of URIs */ @@ -120,8 +112,6 @@ struct ldap_config int ldc_deref; /* Chase referrals */ int ldc_referrals; - /* naming contexts */ - struct ldap_service_search_descriptor *ldc_sds[LM_NONE]; /* search timelimit */ int ldc_timelimit; /* bind timelimit */ diff --git a/nslcd/ether.c b/nslcd/ether.c index a45a64e..1f15f12 100644 --- a/nslcd/ether.c +++ b/nslcd/ether.c @@ -127,8 +127,15 @@ static int mkfilter_ether_byether(const struct ether_addr *addr, attmap_ether_macAddress,buf2); } -static void ether_attrs_init(void) +static void ether_init(void) { + /* set up base */ + if (ether_base==NULL) + ether_base=nslcd_cfg->ldc_base; + /* set up scope */ + if (ether_scope==LDAP_SCOPE_DEFAULT) + ether_scope=nslcd_cfg->ldc_scope; + /* set up attribute list */ ether_attrs[0]=attmap_ether_cn; ether_attrs[1]=attmap_ether_macAddress; ether_attrs[2]=NULL; @@ -185,9 +192,10 @@ int nslcd_ether_byname(TFILE *fp) WRITE_INT32(fp,NSLCD_ACTION_ETHER_BYNAME); /* do the LDAP request */ mkfilter_ether_byname(name,filter,sizeof(filter)); - ether_attrs_init(); - retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop,LM_ETHERS, - NULL,filter,ether_attrs,_nss_ldap_parse_ether); + ether_init(); + retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop, + ether_base,ether_scope,filter,ether_attrs, + _nss_ldap_parse_ether); /* write the response */ WRITE_INT32(fp,retv); if (retv==NSLCD_RESULT_SUCCESS) @@ -218,9 +226,10 @@ int nslcd_ether_byether(TFILE *fp) WRITE_INT32(fp,NSLCD_ACTION_ETHER_BYETHER); /* do the LDAP request */ mkfilter_ether_byether(&addr,filter,sizeof(filter)); - ether_attrs_init(); - retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop,LM_ETHERS, - NULL,filter,ether_attrs,_nss_ldap_parse_ether); + ether_init(); + retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop, + ether_base,ether_scope,filter,ether_attrs, + _nss_ldap_parse_ether); /* write the response */ WRITE_INT32(fp,retv); if (retv==NSLCD_RESULT_SUCCESS) @@ -249,9 +258,10 @@ int nslcd_ether_all(TFILE *fp) /* initialize context */ _nss_ldap_ent_context_init(&context); /* loop over all results */ - ether_attrs_init(); + ether_init(); while ((retv=_nss_ldap_getent(&context,&result,buffer,sizeof(buffer),&errnop, - NULL,ether_filter,ether_attrs,LM_ETHERS,_nss_ldap_parse_ether))==NSLCD_RESULT_SUCCESS) + ether_base,ether_scope,ether_filter,ether_attrs, + _nss_ldap_parse_ether))==NSLCD_RESULT_SUCCESS) { /* write the result */ WRITE_INT32(fp,retv); diff --git a/nslcd/group.c b/nslcd/group.c index b4fb1c8..10bd5bb 100644 --- a/nslcd/group.c +++ b/nslcd/group.c @@ -181,7 +181,7 @@ static char *user2dn(const char *user) char filter[1024]; LDAPMessage *res, *e; mkfilter_passwd_byname(user,filter,sizeof(filter)); - if (_nss_ldap_search_s(NULL,filter,LM_PASSWD,no_attrs,1,&res)==NSS_STATUS_SUCCESS) + if (_nss_ldap_search_s(group_base,group_scope,filter,no_attrs,1,&res)==NSS_STATUS_SUCCESS) { e=_nss_ldap_first_entry(res); if (e!=NULL) @@ -224,8 +224,15 @@ static int mkfilter_group_bymember(const char *user, } } -static void group_attrs_init(void) +static void group_init(void) { + /* set up base */ + if (group_base==NULL) + group_base=nslcd_cfg->ldc_base; + /* set up scope */ + if (group_scope==LDAP_SCOPE_DEFAULT) + group_scope=nslcd_cfg->ldc_scope; + /* set up attribute list */ group_attrs[0]=attmap_group_cn; group_attrs[1]=attmap_group_userPassword; group_attrs[2]=attmap_group_memberUid; @@ -1012,8 +1019,8 @@ static enum nss_status ng_chase(const char *dn, ldap_initgroups_args_t * lia) _nss_ldap_ent_context_init_locked(&context); mkfilter_getgroupsbydn(dn,filter,sizeof(filter)); stat=_nss_ldap_getent_locked(&context,lia,NULL,0,&erange, - NULL,filter,gidnumber_attrs, - LM_GROUP,do_parse_initgroups_nested); + group_base,group_scope,filter,gidnumber_attrs, + do_parse_initgroups_nested); if (stat==NSS_STATUS_SUCCESS) stat=_nss_ldap_namelist_push(&lia->known_groups,dn); @@ -1073,8 +1080,8 @@ static enum nss_status ng_chase_backlink(const char ** membersOf, ldap_initgroup /* FIXME: the search filter is wrong here, we should figure out what it's supposed to be */ stat=_nss_ldap_getent_locked(&context,lia,NULL,0,&erange, - NULL,"(distinguishedName=%s)",gidnumber_attrs, - LM_GROUP,do_parse_initgroups_nested); + group_base,group_scope,"(distinguishedName=%s)",gidnumber_attrs, + do_parse_initgroups_nested); if (stat == NSS_STATUS_SUCCESS) { @@ -1124,8 +1131,8 @@ static int group_bymember(const char *user, long int *start, gidnumber_attrs[1] = NULL; _nss_ldap_ent_context_init_locked(&context); stat=_nss_ldap_getent_locked(&context,(void *)&lia,NULL,0,errnop, - NULL,filter,gidnumber_attrs, - LM_GROUP,do_parse_initgroups_nested); + group_base,group_scope,filter,gidnumber_attrs, + do_parse_initgroups_nested); _nss_ldap_namelist_destroy(&lia.known_groups); _nss_ldap_ent_context_cleanup(&context); _nss_ldap_leave(); @@ -1169,9 +1176,10 @@ int nslcd_group_byname(TFILE *fp) } /* do the LDAP request */ mkfilter_group_byname(name,filter,sizeof(filter)); - group_attrs_init(); - retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop,LM_GROUP, - NULL,filter,group_attrs,_nss_ldap_parse_gr); + group_init(); + retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop, + group_base,group_scope,filter,group_attrs, + _nss_ldap_parse_gr); /* write the response */ WRITE_INT32(fp,NSLCD_VERSION); WRITE_INT32(fp,NSLCD_ACTION_GROUP_BYNAME); @@ -1207,9 +1215,10 @@ int nslcd_group_bygid(TFILE *fp) } /* do the LDAP request */ mkfilter_group_bygid(gid,filter,sizeof(filter)); - group_attrs_init(); - retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop,LM_GROUP, - NULL,filter,group_attrs,_nss_ldap_parse_gr); + group_init(); + retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop, + group_base,group_scope,filter, + group_attrs,_nss_ldap_parse_gr); /* write the response */ WRITE_INT32(fp,NSLCD_VERSION); WRITE_INT32(fp,NSLCD_ACTION_GROUP_BYGID); @@ -1296,9 +1305,10 @@ int nslcd_group_all(TFILE *fp) /* initialize context */ _nss_ldap_ent_context_init(&context); /* loop over all results */ - group_attrs_init(); + group_init(); while ((retv=_nss_ldap_getent(&context,&result,buffer,sizeof(buffer),&errnop, - NULL,group_filter,group_attrs,LM_GROUP,_nss_ldap_parse_gr))==NSLCD_RESULT_SUCCESS) + group_base,group_scope,group_filter,group_attrs, + _nss_ldap_parse_gr))==NSLCD_RESULT_SUCCESS) { /* write the result */ WRITE_INT32(fp,retv); diff --git a/nslcd/host.c b/nslcd/host.c index 535b0e6..43e528e 100644 --- a/nslcd/host.c +++ b/nslcd/host.c @@ -113,8 +113,15 @@ static int mkfilter_host_byaddr(const char *name, attmap_host_ipHostNumber,buf2); } -static void host_attrs_init(void) +static void host_init(void) { + /* set up base */ + if (host_base==NULL) + host_base=nslcd_cfg->ldc_base; + /* set up scope */ + if (host_scope==LDAP_SCOPE_DEFAULT) + host_scope=nslcd_cfg->ldc_scope; + /* set up attribute list */ host_attrs[0]=attmap_host_cn; host_attrs[1]=attmap_host_ipHostNumber; host_attrs[2]=NULL; @@ -324,9 +331,9 @@ int nslcd_host_byname(TFILE *fp) WRITE_INT32(fp,NSLCD_ACTION_HOST_BYNAME); /* do the LDAP request */ mkfilter_host_byname(name,filter,sizeof(filter)); - host_attrs_init(); - retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop,LM_HOSTS, - NULL,filter,host_attrs, + host_init(); + retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop, + host_base,host_scope,filter,host_attrs, #ifdef INET6 (af == AF_INET6)?_nss_ldap_parse_hostv6:_nss_ldap_parse_hostv4); #else @@ -381,9 +388,9 @@ int nslcd_host_byaddr(TFILE *fp) WRITE_INT32(fp,NSLCD_ACTION_HOST_BYADDR); /* do the LDAP request */ mkfilter_host_byaddr(name,filter,sizeof(filter)); - host_attrs_init(); - retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop,LM_HOSTS, - NULL,filter,host_attrs, + host_init(); + retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop, + host_base,host_scope,filter,host_attrs, #ifdef INET6 (af == AF_INET6)?_nss_ldap_parse_hostv6:_nss_ldap_parse_hostv4); #else @@ -415,9 +422,9 @@ int nslcd_host_all(TFILE *fp) /* initialize context */ _nss_ldap_ent_context_init(&context); /* loop over all results */ - host_attrs_init(); + host_init(); while ((retv=_nss_ldap_getent(&context,&result,buffer,sizeof(buffer),&errnop, - NULL,host_filter,host_attrs,LM_HOSTS, + host_base,host_scope,host_filter,host_attrs, #ifdef INET6 (_res.options&RES_USE_INET6)?_nss_ldap_parse_hostv6:_nss_ldap_parse_hostv4 #else diff --git a/nslcd/ldap-nss.c b/nslcd/ldap-nss.c index e28cd23..c435ead 100644 --- a/nslcd/ldap-nss.c +++ b/nslcd/ldap-nss.c @@ -202,7 +202,7 @@ do_map_error (int rc) #if defined(HAVE_LDAP_SASL_INTERACTIVE_BIND_S) && (defined(HAVE_SASL_H) ||defined (HAVE_SASL_SASL_H)) static int -do_sasl_interact (LDAP * ld, unsigned flags, void *defaults, void *_interact) +do_sasl_interact (LDAP *ld, unsigned flags, void *defaults, void *_interact) { char *authzid = (char *) defaults; sasl_interact_t *interact = (sasl_interact_t *) _interact; @@ -461,7 +461,7 @@ static int do_start_tls (struct ldap_session * session) #if defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000) #if LDAP_SET_REBIND_PROC_ARGS == 3 static int -do_rebind (LDAP * ld, LDAP_CONST char *url, ber_tag_t request, +do_rebind (LDAP *ld, LDAP_CONST char *url, ber_tag_t request, ber_int_t msgid, void *arg) #else static int @@ -1277,7 +1277,6 @@ void _nss_ldap_ent_context_init_locked(struct ent_context *context) context->ec_cookie=NULL; context->ec_res=NULL; context->ec_msgid=-1; - context->ec_sd=NULL; LS_INIT(context->ec_state); } @@ -1307,7 +1306,6 @@ void _nss_ldap_ent_context_cleanup(struct ent_context *context) ber_bvfree(context->ec_cookie); context->ec_cookie=NULL; } - context->ec_sd=NULL; LS_INIT(context->ec_state); if (_nss_ldap_test_config_flag(NSS_LDAP_FLAGS_CONNECT_POLICY_ONESHOT)) do_close (); @@ -1791,13 +1789,10 @@ _nss_ldap_next_attribute (LDAPMessage * entry, BerElement * ber) * Assumes caller holds lock. */ enum nss_status _nss_ldap_search_s( - const char *base,const char *filter, - enum ldap_map_selector sel, + const char *base,int scope,const char *filter, const char **attrs,int sizelimit,LDAPMessage **res) { - int scope; enum nss_status stat; - struct ldap_service_search_descriptor *sd=NULL; log_log(LOG_DEBUG,"==> _nss_ldap_search_s (base=\"%s\", filter=\"%s\")",base,filter); /* initilize session */ if ((stat=do_init())!=NSS_STATUS_SUCCESS) @@ -1805,33 +1800,9 @@ enum nss_status _nss_ldap_search_s( log_log(LOG_DEBUG,"<== _nss_ldap_search_s"); return stat; } - /* if args includes a base, use that */ - if (base!=NULL) - { - sel=LM_NONE; - } - /* Set some reasonable defaults. */ - if (base==NULL) - base=nslcd_cfg->ldc_base; - scope=nslcd_cfg->ldc_scope; - if (sel<LM_NONE) - { - /* get search descriptor */ - sd=nslcd_cfg->ldc_sds[sel]; - if (sd!=NULL) - { - if (sd->lsd_base!=NULL) - base=sd->lsd_base; - if (sd->lsd_scope!=-1) - scope=sd->lsd_scope; - } - } - - stat=do_with_reconnect( base,scope,filter,attrs, sizelimit,res,(search_func_t)do_search_s); - return stat; } @@ -1840,14 +1811,10 @@ enum nss_status _nss_ldap_search_s( * Assumes caller holds lock. */ static enum nss_status -_nss_ldap_search (const char *base,const char *filter,const char **attrs, - enum ldap_map_selector sel, - int sizelimit, int *msgid, - struct ldap_service_search_descriptor **csd) +_nss_ldap_search (const char *base,int scope,const char *filter,const char **attrs, + int sizelimit, int *msgid) { - int scope; enum nss_status stat; - struct ldap_service_search_descriptor *sd=NULL; log_log(LOG_DEBUG,"==> _nss_ldap_search"); *msgid = -1; stat=do_init(); @@ -1856,29 +1823,6 @@ _nss_ldap_search (const char *base,const char *filter,const char **attrs, log_log(LOG_DEBUG,"<== _nss_ldap_search"); return stat; } - /* Set some reasonable defaults. */ - if (base==NULL) - base=nslcd_cfg->ldc_base; - scope=nslcd_cfg->ldc_scope; - if (sel<LM_NONE || *csd!=NULL) - { - /* - * If we were chasing multiple descriptors and there are none left, - * just quit with NSS_STATUS_NOTFOUND. - */ - if (*csd != NULL) - return NSS_STATUS_NOTFOUND; - else - sd = nslcd_cfg->ldc_sds[sel]; - *csd = sd; - if (sd != NULL) - { - if (sd->lsd_base!=NULL) - base=sd->lsd_base; - if (sd->lsd_scope!=-1) - scope=sd->lsd_scope; - } - } stat=do_with_reconnect(base,scope,filter,attrs, sizelimit,msgid,(search_func_t)do_search); log_log(LOG_DEBUG,"<== _nss_ldap_search"); @@ -1886,31 +1830,12 @@ _nss_ldap_search (const char *base,const char *filter,const char **attrs, } static enum nss_status -do_next_page (const char *base,const char *filter,const char **attrs, - enum ldap_map_selector sel, +do_next_page (const char *base,int scope,const char *filter,const char **attrs, int sizelimit, int *msgid, struct berval *pCookie) { - int scope=-1; enum nss_status stat; - struct ldap_service_search_descriptor *sd=NULL; LDAPControl *serverctrls[2]={ NULL, NULL }; - if (sel<LM_NONE) - { - sd=nslcd_cfg->ldc_sds[sel]; - if (sd!=NULL) - { - if ((sd->lsd_base!=NULL)&&(base=NULL)) - base=sd->lsd_base; - if (sd->lsd_scope!=-1) - scope=sd->lsd_scope; - } - } - /* set some reasonable defaults */ - if (base==NULL) - base=nslcd_cfg->ldc_base; - if (scope==-1) - scope=nslcd_cfg->ldc_scope; stat=ldap_create_page_control(__session.ls_conn, nslcd_cfg->ldc_pagesize, pCookie,0,&serverctrls[0]); @@ -1918,9 +1843,8 @@ do_next_page (const char *base,const char *filter,const char **attrs, { return NSS_STATUS_UNAVAIL; } - stat=ldap_search_ext(__session.ls_conn,base, - nslcd_cfg->ldc_scope, - filter, + stat=ldap_search_ext(__session.ls_conn, + base,scope,filter, (char **)attrs,0,serverctrls,NULL,LDAP_NO_LIMIT, sizelimit,msgid); ldap_control_free(serverctrls[0]); @@ -1937,8 +1861,8 @@ do_next_page (const char *base,const char *filter,const char **attrs, int _nss_ldap_getent(struct ent_context *context, void *result,char *buffer,size_t buflen,int *errnop, - const char *base,const char *filter, - const char **attrs, enum ldap_map_selector sel, parser_t parser) + const char *base,int scope,const char *filter, + const char **attrs, parser_t parser) { int status; /* @@ -1948,8 +1872,8 @@ _nss_ldap_getent(struct ent_context *context, */ _nss_ldap_enter(); status=nss2nslcd(_nss_ldap_getent_locked(context,result, - buffer,buflen, - errnop,base,filter,attrs,sel,parser)); + buffer,buflen,errnop, + base,scope,filter,attrs,parser)); _nss_ldap_leave(); return status; } @@ -1961,9 +1885,8 @@ _nss_ldap_getent(struct ent_context *context, enum nss_status _nss_ldap_getent_locked(struct ent_context *context, void *result,char *buffer,size_t buflen,int *errnop, - const char *base,const char *filter, - const char **attrs, - enum ldap_map_selector sel,parser_t parser) + const char *base,int scope,const char *filter,const char **attrs, + parser_t parser) { enum nss_status stat = NSS_STATUS_SUCCESS; int msgid; @@ -1972,8 +1895,8 @@ next: /* if context->ec_msgid < 0, then we haven't searched yet */ if (context->ec_msgid<0) { - stat=_nss_ldap_search(base,filter,attrs,sel, - LDAP_NO_LIMIT,&msgid,&(context->ec_sd)); + stat=_nss_ldap_search(base,scope,filter,attrs, + LDAP_NO_LIMIT,&msgid); if (stat != NSS_STATUS_SUCCESS) { log_log(LOG_DEBUG,"<== _nss_ldap_getent_locked"); @@ -1989,7 +1912,7 @@ next: /* Is there another page of results? */ if ((context->ec_cookie!=NULL)&&(context->ec_cookie->bv_len!=0)) { - stat=do_next_page(base,filter,attrs,sel,LDAP_NO_LIMIT,&msgid, + stat=do_next_page(base,scope,filter,attrs,LDAP_NO_LIMIT,&msgid, context->ec_cookie); if (stat!=NSS_STATUS_SUCCESS) { @@ -2000,7 +1923,7 @@ next: stat=do_parse(context,result,buffer,buflen,errnop,parser); } } - if ((stat==NSS_STATUS_NOTFOUND)&&(context->ec_sd!=NULL)) + if (stat==NSS_STATUS_NOTFOUND) { context->ec_msgid = -1; goto next; @@ -2013,10 +1936,8 @@ next: * General match function. * Locks mutex. */ -int _nss_ldap_getbyname(void *result, char *buffer, size_t buflen, - int *errnop, enum ldap_map_selector sel, - const char *base, const char *filter, - const char **attrs, +int _nss_ldap_getbyname(void *result, char *buffer, size_t buflen,int *errnop, + const char *base,int scope,const char *filter,const char **attrs, parser_t parser) { @@ -2029,7 +1950,7 @@ int _nss_ldap_getbyname(void *result, char *buffer, size_t buflen, _nss_ldap_ent_context_init_locked(&context); - stat=_nss_ldap_search_s(base,filter,sel,attrs,1,&context.ec_res); + stat=_nss_ldap_search_s(base,scope,filter,attrs,1,&context.ec_res); if (stat!=NSS_STATUS_SUCCESS) { _nss_ldap_leave (); @@ -2106,8 +2027,8 @@ static int NEW_do_parse_s(struct ent_context *context,TFILE *fp,NEWparser_t pars int _nss_ldap_searchbyname( - const char *base,const char *filter, - enum ldap_map_selector sel,const char **attrs,TFILE *fp,NEWparser_t parser) + const char *base,int scope,const char *filter,const char **attrs, + TFILE *fp,NEWparser_t parser) { int stat; struct ent_context context; @@ -2117,7 +2038,7 @@ int _nss_ldap_searchbyname( _nss_ldap_ent_context_init_locked(&context); - stat=nss2nslcd(_nss_ldap_search_s(base,filter,sel,attrs,1,&context.ec_res)); + stat=nss2nslcd(_nss_ldap_search_s(base,scope,filter,attrs,1,&context.ec_res)); /* write the result code */ WRITE_INT32(fp,stat); /* bail on nothing found */ @@ -2410,7 +2331,7 @@ int has_objectclass(LDAPMessage *entry,const char *objectclass) ld=__session.ls_conn; if (ld==NULL) return 0; - vals=ldap_get_values(ld,entry,attmap_objectClass); + vals=ldap_get_values(ld,entry,"objectClass"); if (vals==NULL) return 0; for (i=0;vals[i]!=NULL;i++) diff --git a/nslcd/ldap-nss.h b/nslcd/ldap-nss.h index 1b0e529..4b18ffa 100644 --- a/nslcd/ldap-nss.h +++ b/nslcd/ldap-nss.h @@ -104,7 +104,6 @@ struct ent_context struct ldap_state ec_state; /* eg. for services */ int ec_msgid; /* message ID */ LDAPMessage *ec_res; /* result chain */ - struct ldap_service_search_descriptor *ec_sd; /* current sd */ struct berval *ec_cookie; /* cookie for paged searches */ }; @@ -178,13 +177,14 @@ char *_nss_ldap_next_attribute (LDAPMessage * entry, BerElement *ber); * Synchronous search cover (caller acquires lock). */ enum nss_status _nss_ldap_search_s( - const char *base,const char *filter, - enum ldap_map_selector sel, + const char *base,int scope,const char *filter, const char **attrs,int sizelimit,LDAPMessage **res); int _nss_ldap_searchbyname( - const char *base,const char *filter, - enum ldap_map_selector sel,const char **attrs,TFILE *fp,NEWparser_t parser); + const char *base,int scope,const char *filter, + const char **attrs,TFILE *fp,NEWparser_t parser); + +int _nss_ldap_write_attrvals(TFILE *fp,LDAPMessage *e,const char *attr); /* * Emulate X.500 read operation. @@ -204,9 +204,9 @@ enum nss_status _nss_ldap_getent_locked ( size_t buflen, /* IN */ int *errnop, /* OUT */ const char *base, /* IN */ + int scope, /* IN */ const char *filter, /* IN */ const char **attrs, /* IN */ - enum ldap_map_selector sel, /* IN */ parser_t parser /* IN */ ); /* @@ -219,18 +219,16 @@ int _nss_ldap_getent(struct ent_context *context, /* IN/OUT */ size_t buflen, /* IN */ int *errnop, /* OUT */ const char *base, /* IN */ + int scope, /* IN */ const char *filter, /* IN */ const char **attrs, /* IN */ - enum ldap_map_selector sel, /* IN */ parser_t parser /* IN */ ); /* * common lookup routine; uses synchronous API. */ -int _nss_ldap_getbyname(void *result, char *buffer, size_t buflen, - int *errnop, enum ldap_map_selector sel, - const char *base, const char *filter, - const char **attrs, +int _nss_ldap_getbyname(void *result, char *buffer, size_t buflen,int *errnop, + const char *base,int scope,const char *filter,const char **attrs, parser_t parser); /* parsing utility functions */ diff --git a/nslcd/netgroup.c b/nslcd/netgroup.c index 623dbaa..7f7c496 100644 --- a/nslcd/netgroup.c +++ b/nslcd/netgroup.c @@ -150,8 +150,15 @@ static int mkfilter_netgroup_byname(const char *name, attmap_netgroup_cn,buf2); } -static void netgroup_attrs_init(void) +static void netgroup_init(void) { + /* set up base */ + if (netgroup_base==NULL) + netgroup_base=nslcd_cfg->ldc_base; + /* set up scope */ + if (netgroup_scope==LDAP_SCOPE_DEFAULT) + netgroup_scope=nslcd_cfg->ldc_scope; + /* set up attribute list */ netgroup_attrs[0]=attmap_netgroup_cn; netgroup_attrs[1]=attmap_netgroup_nisNetgroupTriple; netgroup_attrs[2]=attmap_netgroup_memberNisNetgroup; @@ -351,9 +358,9 @@ int nslcd_netgroup_byname(TFILE *fp) result.data_size = 0; /* do initial ldap request */ mkfilter_netgroup_byname(name,filter,sizeof(filter)); - netgroup_attrs_init(); - if (_nss_ldap_getbyname(&result,buffer,1024,&errnop,LM_NETGROUP, - NULL,filter,netgroup_attrs,_nss_ldap_load_netgr)) + netgroup_init(); + if (_nss_ldap_getbyname(&result,buffer,1024,&errnop, + netgroup_base,netgroup_scope,filter,netgroup_attrs,_nss_ldap_load_netgr)) return -1; /* loop over all results */ while ((stat=_nss_ldap_parse_netgr(&result,buffer,1024))==NSS_STATUS_SUCCESS) diff --git a/nslcd/network.c b/nslcd/network.c index 2d6c4fe..c30c3d2 100644 --- a/nslcd/network.c +++ b/nslcd/network.c @@ -109,8 +109,15 @@ static int mkfilter_network_byaddr(const char *name, attmap_network_ipNetworkNumber,buf2); } -static void network_attrs_init(void) +static void network_init(void) { + /* set up base */ + if (network_base==NULL) + network_base=nslcd_cfg->ldc_base; + /* set up scope */ + if (network_scope==LDAP_SCOPE_DEFAULT) + network_scope=nslcd_cfg->ldc_scope; + /* set up attribute list */ network_attrs[0]=attmap_network_cn; network_attrs[1]=attmap_network_ipNetworkNumber; network_attrs[2]=NULL; @@ -186,9 +193,10 @@ int nslcd_network_byname(TFILE *fp) WRITE_INT32(fp,NSLCD_ACTION_NETWORK_BYNAME); /* do the LDAP request */ mkfilter_network_byname(name,filter,sizeof(filter)); - network_attrs_init(); - retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop,LM_NETWORKS, - NULL,filter,network_attrs,_nss_ldap_parse_net); + network_init(); + retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop, + network_base,network_scope,filter,network_attrs, + _nss_ldap_parse_net); /* write the response */ WRITE_INT32(fp,retv); if (retv==NSLCD_RESULT_SUCCESS) @@ -242,9 +250,10 @@ int nslcd_network_byaddr(TFILE *fp) { /* do the request */ mkfilter_network_byaddr(name,filter,sizeof(filter)); - network_attrs_init(); - retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop,LM_NETWORKS, - NULL,filter,network_attrs,_nss_ldap_parse_net); + network_init(); + retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop, + network_base,network_scope,filter,network_attrs, + _nss_ldap_parse_net); /* if no entry was found, retry with .0 stripped from the end */ if ((retv==NSLCD_RESULT_NOTFOUND) && (strlen(name)>2) && @@ -281,9 +290,10 @@ int nslcd_network_all(TFILE *fp) /* initialize context */ _nss_ldap_ent_context_init(&context); /* loop over all results */ - network_attrs_init(); + network_init(); while ((retv=_nss_ldap_getent(&context,&result,buffer,sizeof(buffer),&errnop, - NULL,network_filter,network_attrs,LM_NETWORKS,_nss_ldap_parse_net))==NSLCD_RESULT_SUCCESS) + network_base,network_scope,network_filter,network_attrs, + _nss_ldap_parse_net))==NSLCD_RESULT_SUCCESS) { /* write the result */ WRITE_INT32(fp,retv); diff --git a/nslcd/passwd.c b/nslcd/passwd.c index 6a39cb5..43fb816 100644 --- a/nslcd/passwd.c +++ b/nslcd/passwd.c @@ -112,8 +112,15 @@ static int mkfilter_passwd_byuid(uid_t uid, attmap_passwd_uidNumber,uid); } -static void passwd_attrs_init(void) +static void passwd_init(void) { + /* set up base */ + if (passwd_base==NULL) + passwd_base=nslcd_cfg->ldc_base; + /* set up scope */ + if (passwd_scope==LDAP_SCOPE_DEFAULT) + passwd_scope=nslcd_cfg->ldc_scope; + /* set up attribute list */ passwd_attrs[0]=attmap_passwd_uid; passwd_attrs[1]=attmap_passwd_userPassword; passwd_attrs[2]=attmap_passwd_uidNumber; @@ -122,7 +129,7 @@ static void passwd_attrs_init(void) passwd_attrs[5]=attmap_passwd_homeDirectory; passwd_attrs[6]=attmap_passwd_loginShell; passwd_attrs[7]=attmap_passwd_gecos; - passwd_attrs[8]=attmap_objectClass; + passwd_attrs[8]="objectClass"; passwd_attrs[9]=NULL; } @@ -259,9 +266,10 @@ int nslcd_passwd_byname(TFILE *fp) log_log(LOG_DEBUG,"nslcd_passwd_byname(%s)",name); /* do the LDAP request */ mkfilter_passwd_byname(name,filter,sizeof(filter)); - passwd_attrs_init(); - retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop,LM_PASSWD, - NULL,filter,passwd_attrs,_nss_ldap_parse_pw); + passwd_init(); + retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop, + passwd_base,passwd_scope,filter,passwd_attrs, + _nss_ldap_parse_pw); /* write the response */ WRITE_INT32(fp,NSLCD_VERSION); WRITE_INT32(fp,NSLCD_ACTION_PASSWD_BYNAME); @@ -291,9 +299,10 @@ int nslcd_passwd_byuid(TFILE *fp) log_log(LOG_DEBUG,"nslcd_passwd_byuid(%d)",(int)uid); /* do the LDAP request */ mkfilter_passwd_byuid(uid,filter,sizeof(filter)); - passwd_attrs_init(); - retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop,LM_PASSWD, - NULL,filter,passwd_attrs,_nss_ldap_parse_pw); + passwd_init(); + retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop, + passwd_base,passwd_scope,filter,passwd_attrs, + _nss_ldap_parse_pw); /* write the response */ WRITE_INT32(fp,NSLCD_VERSION); WRITE_INT32(fp,NSLCD_ACTION_PASSWD_BYUID); @@ -324,9 +333,10 @@ int nslcd_passwd_all(TFILE *fp) /* initialize context */ _nss_ldap_ent_context_init(&context); /* go over results */ - passwd_attrs_init(); + passwd_init(); while ((retv=_nss_ldap_getent(&context,&result,buffer,sizeof(buffer),&errnop, - NULL,passwd_filter,passwd_attrs,LM_PASSWD,_nss_ldap_parse_pw))==NSLCD_RESULT_SUCCESS) + passwd_base,passwd_scope,passwd_filter,passwd_attrs, + _nss_ldap_parse_pw))==NSLCD_RESULT_SUCCESS) { /* write the result */ WRITE_INT32(fp,retv); diff --git a/nslcd/protocol.c b/nslcd/protocol.c index 65d2c84..75be238 100644 --- a/nslcd/protocol.c +++ b/nslcd/protocol.c @@ -102,8 +102,15 @@ static int mkfilter_protocol_bynumber(int protocol, attmap_protocol_ipProtocolNumber,protocol); } -static void protocol_attrs_init(void) +static void protocol_init(void) { + /* set up base */ + if (protocol_base==NULL) + protocol_base=nslcd_cfg->ldc_base; + /* set up scope */ + if (protocol_scope==LDAP_SCOPE_DEFAULT) + protocol_scope=nslcd_cfg->ldc_scope; + /* set up attribute list */ protocol_attrs[0]=attmap_protocol_cn; protocol_attrs[1]=attmap_protocol_ipProtocolNumber; protocol_attrs[2]=NULL; @@ -168,9 +175,10 @@ int nslcd_protocol_byname(TFILE *fp) WRITE_INT32(fp,NSLCD_ACTION_PROTOCOL_BYNAME); /* do the LDAP request */ mkfilter_protocol_byname(name,filter,sizeof(filter)); - protocol_attrs_init(); - retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop,LM_PROTOCOLS, - NULL,filter,protocol_attrs,_nss_ldap_parse_proto); + protocol_init(); + retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop, + protocol_base,protocol_scope,filter,protocol_attrs, + _nss_ldap_parse_proto); /* write the response */ WRITE_INT32(fp,retv); if (retv==NSLCD_RESULT_SUCCESS) @@ -201,9 +209,10 @@ int nslcd_protocol_bynumber(TFILE *fp) WRITE_INT32(fp,NSLCD_ACTION_PROTOCOL_BYNUMBER); /* do the LDAP request */ mkfilter_protocol_bynumber(protocol,filter,sizeof(filter)); - protocol_attrs_init(); - retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop,LM_PROTOCOLS, - NULL,filter,protocol_attrs,_nss_ldap_parse_proto); + protocol_init(); + retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop, + protocol_base,protocol_scope,filter,protocol_attrs, + _nss_ldap_parse_proto); /* write the response */ WRITE_INT32(fp,retv); if (retv==NSLCD_RESULT_SUCCESS) @@ -232,9 +241,10 @@ int nslcd_protocol_all(TFILE *fp) /* initialize context */ _nss_ldap_ent_context_init(&context); /* loop over all results */ - protocol_attrs_init(); + protocol_init(); while ((retv=_nss_ldap_getent(&context,&result,buffer,sizeof(buffer),&errnop, - NULL,protocol_filter,protocol_attrs,LM_PROTOCOLS,_nss_ldap_parse_proto))==NSLCD_RESULT_SUCCESS) + protocol_base,protocol_scope,protocol_filter,protocol_attrs, + _nss_ldap_parse_proto))==NSLCD_RESULT_SUCCESS) { /* write the result code */ WRITE_INT32(fp,retv); diff --git a/nslcd/rpc.c b/nslcd/rpc.c index 24ea77b..e502d56 100644 --- a/nslcd/rpc.c +++ b/nslcd/rpc.c @@ -116,8 +116,15 @@ static int mkfilter_rpc_bynumber(int number, attmap_rpc_oncRpcNumber,number); } -static void rpc_attrs_init(void) +static void rpc_init(void) { + /* set up base */ + if (rpc_base==NULL) + rpc_base=nslcd_cfg->ldc_base; + /* set up scope */ + if (rpc_scope==LDAP_SCOPE_DEFAULT) + rpc_scope=nslcd_cfg->ldc_scope; + /* set up attribute list */ rpc_attrs[0]=attmap_rpc_cn; rpc_attrs[1]=attmap_rpc_oncRpcNumber; rpc_attrs[2]=NULL; @@ -182,9 +189,10 @@ int nslcd_rpc_byname(TFILE *fp) WRITE_INT32(fp,NSLCD_ACTION_RPC_BYNAME); /* do the LDAP request */ mkfilter_rpc_byname(name,filter,sizeof(filter)); - rpc_attrs_init(); - retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop,LM_RPC, - NULL,filter,rpc_attrs,_nss_ldap_parse_rpc); + rpc_init(); + retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop, + rpc_base,rpc_scope,filter,rpc_attrs, + _nss_ldap_parse_rpc); /* write the response */ WRITE_INT32(fp,retv); if (retv==NSLCD_RESULT_SUCCESS) @@ -213,9 +221,10 @@ int nslcd_rpc_bynumber(TFILE *fp) WRITE_INT32(fp,NSLCD_ACTION_RPC_BYNUMBER); /* do the LDAP request */ mkfilter_rpc_bynumber(number,filter,sizeof(filter)); - rpc_attrs_init(); - retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop,LM_RPC, - NULL,filter,rpc_attrs,_nss_ldap_parse_rpc); + rpc_init(); + retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop, + rpc_base,rpc_scope,filter,rpc_attrs, + _nss_ldap_parse_rpc); /* write the response */ WRITE_INT32(fp,retv); if (retv==NSLCD_RESULT_SUCCESS) @@ -242,9 +251,10 @@ int nslcd_rpc_all(TFILE *fp) /* initialize context */ _nss_ldap_ent_context_init(&context); /* loop over all results */ - rpc_attrs_init(); + rpc_init(); while ((retv=_nss_ldap_getent(&context,&result,buffer,sizeof(buffer),&errnop, - NULL,rpc_filter,rpc_attrs,LM_RPC,_nss_ldap_parse_rpc))==NSLCD_RESULT_SUCCESS) + rpc_base,rpc_scope,rpc_filter,rpc_attrs, + _nss_ldap_parse_rpc))==NSLCD_RESULT_SUCCESS) { /* write the result code */ WRITE_INT32(fp,retv); diff --git a/nslcd/service.c b/nslcd/service.c index 3dde1bc..5e3e79f 100644 --- a/nslcd/service.c +++ b/nslcd/service.c @@ -142,8 +142,15 @@ static int mkfilter_service_bynumber(int number, attmap_service_ipServicePort,number); } -static void service_attrs_init(void) +static void service_init(void) { + /* set up base */ + if (service_base==NULL) + service_base=nslcd_cfg->ldc_base; + /* set up scope */ + if (service_scope==LDAP_SCOPE_DEFAULT) + service_scope=nslcd_cfg->ldc_scope; + /* set up attribute list */ service_attrs[0]=attmap_service_cn; service_attrs[1]=attmap_service_ipServicePort; service_attrs[2]=attmap_service_ipServiceProtocol; @@ -293,9 +300,10 @@ int nslcd_service_byname(TFILE *fp) WRITE_INT32(fp,NSLCD_ACTION_SERVICE_BYNAME); /* do the LDAP request */ mkfilter_service_byname(name,protocol,filter,sizeof(filter)); - service_attrs_init(); - retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop,LM_SERVICES, - NULL,filter,service_attrs,_nss_ldap_parse_serv); + service_init(); + retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop, + service_base,service_scope,filter,service_attrs, + _nss_ldap_parse_serv); /* write the response */ WRITE_INT32(fp,retv); if (retv==NSLCD_RESULT_SUCCESS) @@ -326,9 +334,10 @@ int nslcd_service_bynumber(TFILE *fp) WRITE_INT32(fp,NSLCD_ACTION_SERVICE_BYNUMBER); /* do the LDAP request */ mkfilter_service_bynumber(number,protocol,filter,sizeof(filter)); - service_attrs_init(); - retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop,LM_SERVICES, - NULL,filter,service_attrs,_nss_ldap_parse_serv); + service_init(); + retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop, + service_base,service_scope,filter,service_attrs, + _nss_ldap_parse_serv); /* write the response */ WRITE_INT32(fp,retv); if (retv==NSLCD_RESULT_SUCCESS) @@ -355,9 +364,10 @@ int nslcd_service_all(TFILE *fp) /* initialize context */ _nss_ldap_ent_context_init(&context); /* loop over all results */ - service_attrs_init(); + service_init(); while ((retv=_nss_ldap_getent(&context,&result,buffer,sizeof(buffer),&errnop, - NULL,service_filter,service_attrs,LM_SERVICES,_nss_ldap_parse_serv))==NSLCD_RESULT_SUCCESS) + service_base,service_scope,service_filter,service_attrs, + _nss_ldap_parse_serv))==NSLCD_RESULT_SUCCESS) { /* write the result code */ WRITE_INT32(fp,retv); diff --git a/nslcd/shadow.c b/nslcd/shadow.c index bc7c0d5..1e79a04 100644 --- a/nslcd/shadow.c +++ b/nslcd/shadow.c @@ -96,8 +96,15 @@ static int mkfilter_shadow_byname(const char *name, attmap_shadow_uid,buf2); } -static void shadow_attrs_init(void) +static void shadow_init(void) { + /* set up base */ + if (shadow_base==NULL) + shadow_base=nslcd_cfg->ldc_base; + /* set up scope */ + if (shadow_scope==LDAP_SCOPE_DEFAULT) + shadow_scope=nslcd_cfg->ldc_scope; + /* set up attribute list */ shadow_attrs[0]=attmap_shadow_uid; shadow_attrs[1]=attmap_shadow_userPassword; shadow_attrs[2]=attmap_shadow_shadowLastChange; @@ -231,9 +238,10 @@ int nslcd_shadow_byname(TFILE *fp) WRITE_INT32(fp,NSLCD_ACTION_SHADOW_BYNAME); /* do the LDAP request */ mkfilter_shadow_byname(name,filter,sizeof(filter)); - shadow_attrs_init(); - retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop,LM_SHADOW, - NULL,filter,shadow_attrs,_nss_ldap_parse_sp); + shadow_init(); + retv=_nss_ldap_getbyname(&result,buffer,1024,&errnop, + shadow_base,shadow_scope,filter,shadow_attrs, + _nss_ldap_parse_sp); /* write the response */ WRITE_INT32(fp,retv); if (retv==NSLCD_RESULT_SUCCESS) @@ -262,9 +270,10 @@ int nslcd_shadow_all(TFILE *fp) /* initialize context */ _nss_ldap_ent_context_init(&context); /* loop over all results */ - shadow_attrs_init(); + shadow_init(); while ((retv=_nss_ldap_getent(&context,&result,buffer,sizeof(buffer),&errnop, - NULL,shadow_filter,shadow_attrs,LM_SHADOW,_nss_ldap_parse_sp))==NSLCD_RESULT_SUCCESS) + shadow_base,shadow_scope,shadow_filter,shadow_attrs, + _nss_ldap_parse_sp))==NSLCD_RESULT_SUCCESS) { /* write the result */ WRITE_INT32(fp,retv); diff --git a/nslcd/util.c b/nslcd/util.c index 96fa256..3ff4f45 100644 --- a/nslcd/util.c +++ b/nslcd/util.c @@ -301,7 +301,7 @@ enum nss_status _nss_ldap_dn2uid(const char *dn,char **uid,char **buffer, attrs[0] = attmap_passwd_uid; attrs[1] = attmap_group_uniqueMember; - attrs[2] = attmap_objectClass; + attrs[2] = "objectClass"; attrs[3] = NULL; if (_nss_ldap_read (dn, attrs, &res) == NSS_STATUS_SUCCESS) |