openldap/clients/tools/ldapmodify.c

1184 lines
28 KiB
C
Raw Normal View History

2003-11-26 07:17:08 +08:00
/* ldapmodify.c - generic program to modify or add entries using LDAP */
/* $OpenLDAP$ */
2003-11-26 07:17:08 +08:00
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
2005-01-02 04:49:32 +08:00
* Copyright 1998-2005 The OpenLDAP Foundation.
2003-11-26 07:17:08 +08:00
* Portions Copyright 1998-2003 Kurt D. Zeilenga.
* Portions Copyright 1998-2001 Net Boolean Incorporated.
* Portions Copyright 2001-2003 IBM Corporation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted only as authorized by the OpenLDAP
* Public License.
*
* A copy of this license is available in the file LICENSE in the
* top-level directory of the distribution or, alternatively, at
* <http://www.OpenLDAP.org/license.html>.
*/
/* Portions Copyright (c) 1992-1996 Regents of the University of Michigan.
* All rights reserved.
*
* Redistribution and use in source and binary forms are permitted
* provided that this notice is preserved and that due credit is given
* to the University of Michigan at Ann Arbor. The name of the
* University may not be used to endorse or promote products derived
* from this software without specific prior written permission. This
* software is provided ``as is'' without express or implied warranty.
*/
2003-11-26 10:58:56 +08:00
/* ACKNOWLEDGEMENTS:
* This work was originally developed by the University of Michigan
2003-11-26 07:17:08 +08:00
* (as part of U-MICH LDAP). Additional significant contributors
* include:
* Kurt D. Zeilenga
2003-11-26 16:31:36 +08:00
* Norbert Klasen
Vienna Bulk Commit This commit includes many changes. All changes compile under NT but have not been tested under UNIX. A Summary of changes (likely incomplete): NT changes: Removed lint. Clean up configuration support for "Debug", "Release", "SDebug", and "SRelease" configurations. Share output directories for clients, libraries, and slapd. (maybe they should be combined further and moved to build/{,S}{Debug,Release}). Enable threading when _MT is defined. Enable debuging when _DEBUG is defined. Disable setting of NDEBUG under Release/SRelease. Asserts are disabled in <ac/assert.h> when LDAP_DEBUG is not defined. Added 'build/main.dsp' Master project. Removed non-slapd projects from slapd.dsp (see main.dsp). Removed replaced many uses of _WIN32 macro with feature based macros. ldap_cdefs.h changes #define LDAP_CONST const (see below) #define LDAP_F(type) LDAP_F_PRE type LDAP_F_POST To allow specifiers to be added before and after the type declaration. (For DLL handling) LBER/LDAP changes Namespace changes: s/lber_/ber_/ for here and there. s/NAME_ERROR/LDAP_NAME_ERROR/g Deleted NULLMSG and other NULL* macros for namespace reasons. "const" libraries. Installed headers (ie: lber.h, ldap.h) use LDAP_CONST macro. Normally set to 'const' when __STDC__. Can be set externally to enable/disable 'constification' of external interface. Internal interface always uses 'const'. Did not fix warnings in -lldif (in lieu of new LDIF parser). Added _ext API implementations (excepting search and bind). Need to implement ldap_int_get_controls() for reponses with controls. Added numberous assert() checks. LDAP_R _MT defines HAVE_NT_THREADS Added numberous assert() checks. Changed ldap_pthread_t back to unsigned long. Used cast to HANDLE in _join(). LDBM Replaced _WIN32 with HAVE_SYSLOG ud Added version string if MKVERSION is not defined. (MKVERSION needs to be set under UNIX). slapd Made connection sockbuf field a pointer to a sockbuf. This removed slap.h dependency on lber-int.h. lber-int.h now only included by those files needing to mess with the sockbuf. Used ber_* functions/macros to access sockbuf internals whenever possible. Added version string if MKVERSION is not defined. (MKVERSION needs to be set under UNIX). Removed FD_SET unsigned lint slapd/tools Used EXEEXT to added ".exe" to routines. Need to define EXEEXT under UNIX. ldappasswd Added ldappasswd.dsp. Ported to NT. Used getpid() to seed rand(). nt_debug Minor cleanup. Added "portable.h" include and used <ac/*.h> where appropriate. Added const to char* format argument.
1999-05-19 09:12:33 +08:00
*/
1998-08-09 08:43:13 +08:00
1998-10-25 09:41:42 +08:00
#include "portable.h"
1998-08-09 08:43:13 +08:00
#include <stdio.h>
1999-06-03 08:37:44 +08:00
#include <ac/stdlib.h>
1998-11-15 14:54:30 +08:00
#include <ac/ctype.h>
1998-10-25 09:41:42 +08:00
#include <ac/string.h>
#include <ac/unistd.h>
#ifdef HAVE_SYS_STAT_H
1998-08-09 08:43:13 +08:00
#include <sys/stat.h>
#endif
1998-10-25 09:41:42 +08:00
#ifdef HAVE_SYS_FILE_H
1998-08-09 08:43:13 +08:00
#include <sys/file.h>
1998-10-25 09:41:42 +08:00
#endif
#ifdef HAVE_FCNTL_H
1998-08-09 08:43:13 +08:00
#include <fcntl.h>
1998-10-25 09:41:42 +08:00
#endif
1998-08-09 08:43:13 +08:00
#include <ldap.h>
#include "lutil.h"
#include "lutil_ldap.h"
#include "ldif.h"
#include "ldap_defaults.h"
2001-12-20 05:19:41 +08:00
#include "ldap_log.h"
2002-09-04 10:14:12 +08:00
#include "ldap_pvt.h"
#include "common.h"
static int ldapadd, force = 0;
static char *rejfile = NULL;
2000-08-25 13:31:29 +08:00
static LDAP *ld = NULL;
1998-08-09 08:43:13 +08:00
#define LDAPMOD_MAXLINE 4096
/* strings found in replog/LDIF entries (mostly lifted from slurpd/slurp.h) */
#define T_VERSION_STR "version"
1998-08-09 08:43:13 +08:00
#define T_REPLICA_STR "replica"
#define T_DN_STR "dn"
#define T_CONTROL_STR "control"
#define T_CHANGETYPESTR "changetype"
#define T_ADDCTSTR "add"
1998-08-09 08:43:13 +08:00
#define T_MODIFYCTSTR "modify"
#define T_DELETECTSTR "delete"
#define T_MODRDNCTSTR "modrdn"
#define T_MODDNCTSTR "moddn"
#define T_RENAMECTSTR "rename"
1998-08-09 08:43:13 +08:00
#define T_MODOPADDSTR "add"
#define T_MODOPREPLACESTR "replace"
#define T_MODOPDELETESTR "delete"
#define T_MODOPINCREMENTSTR "increment"
#define T_MODSEPSTR "-"
#define T_NEWRDNSTR "newrdn"
1998-08-09 08:43:13 +08:00
#define T_DELETEOLDRDNSTR "deleteoldrdn"
#define T_NEWSUPSTR "newsuperior"
1998-08-09 08:43:13 +08:00
static int process_ldif_rec LDAP_P(( char *rbuf, int count ));
static int parse_ldif_control LDAP_P(( char *line, LDAPControl ***pctrls ));
2000-06-30 03:35:51 +08:00
static void addmodifyop LDAP_P((
LDAPMod ***pmodsp, int modop,
const char *attr,
struct berval *value ));
static int domodify LDAP_P((
const char *dn,
LDAPMod **pmods,
LDAPControl **pctrls,
2000-06-30 03:35:51 +08:00
int newentry ));
static int dodelete LDAP_P((
const char *dn,
LDAPControl **pctrls ));
2000-06-30 03:35:51 +08:00
static int dorename LDAP_P((
const char *dn,
const char *newrdn,
const char *newsup,
int deleteoldrdn,
LDAPControl **pctrls ));
static int process_response(
LDAP *ld,
int msgid,
const char *opstr,
const char *dn );
1998-10-25 09:41:42 +08:00
static char *read_one_record LDAP_P(( FILE *fp ));
#ifdef LDAP_GROUP_TRANSACTION
static int txn = 0;
static int txnabort = 0;
#endif
void
usage( void )
{
fprintf( stderr, _("Add or modify entries from an LDAP server\n\n"));
fprintf( stderr, _("usage: %s [options]\n"), prog);
fprintf( stderr, _(" The list of desired operations are read from stdin"
" or from the file\n"));
fprintf( stderr, _(" specified by \"-f file\".\n"));
fprintf( stderr, _("Add or modify options:\n"));
fprintf( stderr, _(" -a add values (%s)\n"),
2003-04-06 11:27:52 +08:00
(ldapadd ? _("default") : _("default is to replace")));
fprintf( stderr, _(" -E [!]ext=extparam modify extensions"
" (! indicate s criticality)\n"));
#ifdef LDAP_GROUP_TRANSACTION
fprintf( stderr,
_(" [!]txn (transaction)\n"));
#endif
fprintf( stderr, _(" -F force all changes records to be used\n"));
fprintf( stderr, _(" -S file write skipped modifications to `file'\n"));
tool_common_usage();
exit( EXIT_FAILURE );
}
const char options[] = "aE:FrS:"
"cd:D:e:f:h:H:IkKMnO:p:P:QR:U:vVw:WxX:y:Y:Z";
1998-11-04 21:15:18 +08:00
int
handle_private_option( int i )
1998-08-09 08:43:13 +08:00
{
char *control, *cvalue;
int crit;
switch ( i ) {
2004-03-13 06:34:07 +08:00
case 'E': /* modify extensions */
if( protocol == LDAP_VERSION2 ) {
2003-04-06 10:59:15 +08:00
fprintf( stderr, _("%s: -E incompatible with LDAPv%d\n"),
prog, protocol );
exit( EXIT_FAILURE );
2002-08-29 18:41:10 +08:00
}
/* should be extended to support comma separated list of
* [!]key[=value] parameters, e.g. -E !foo,bar=567
2002-08-29 18:41:10 +08:00
*/
crit = 0;
cvalue = NULL;
if( optarg[0] == '!' ) {
crit = 1;
optarg++;
2002-08-29 18:41:10 +08:00
}
control = ber_strdup( optarg );
if ( (cvalue = strchr( control, '=' )) != NULL ) {
*cvalue++ = '\0';
2002-08-29 18:41:10 +08:00
}
2004-03-13 06:34:07 +08:00
#ifdef LDAP_GROUP_TRANSACTION
if( strcasecmp( control, "txn" ) == 0 ) {
/* Transaction */
if( txn ) {
fprintf( stderr,
_("txn control previously specified\n"));
exit( EXIT_FAILURE );
}
if( cvalue != NULL ) {
if( strcasecmp( cvalue, "abort" ) == 0 ) {
txnabort=1;
} else if( strcasecmp( cvalue, "commit" ) != 0 ) {
fprintf( stderr, _("Invalid value for txn control, %s\n"),
cvalue );
exit( EXIT_FAILURE );
}
}
txn = 1 + crit;
} else
#endif
{
fprintf( stderr, _("Invalid modify extension name: %s\n"),
control );
usage();
}
case 'a': /* add */
ldapadd = 1;
break;
case 'F': /* force all changes records to be used */
force = 1;
break;
case 'r': /* replace (obsolete) */
break;
case 'S': /* skipped modifications to file */
if( rejfile != NULL ) {
2003-04-06 10:59:15 +08:00
fprintf( stderr, _("%s: -S previously specified\n"), prog );
exit( EXIT_FAILURE );
}
rejfile = ber_strdup( optarg );
break;
default:
return 0;
1998-08-09 08:43:13 +08:00
}
return 1;
}
1998-08-09 08:43:13 +08:00
int
main( int argc, char **argv )
{
#ifdef LDAP_GROUP_TRANSACTION
BerElement *txnber;
struct berval txnCookie = { 0, NULL };
#endif
char *rbuf, *start, *rejbuf = NULL;
FILE *fp, *rejfp;
char *matched_msg, *error_msg;
int rc, retval;
int count, len;
tool_init();
prog = lutil_progname( "ldapmodify", argc, argv );
/* strncmp instead of strcmp since NT binaries carry .exe extension */
ldapadd = ( strncasecmp( prog, "ldapadd", sizeof("ldapadd")-1 ) == 0 );
tool_args( argc, argv );
if ( argc != optind ) usage();
if ( rejfile != NULL ) {
if (( rejfp = fopen( rejfile, "w" )) == NULL ) {
perror( rejfile );
return( EXIT_FAILURE );
}
} else {
rejfp = NULL;
}
if ( infile != NULL ) {
if (( fp = fopen( infile, "r" )) == NULL ) {
perror( infile );
return( EXIT_FAILURE );
}
} else {
fp = stdin;
1998-08-09 08:43:13 +08:00
}
if ( debug ) ldif_debug = debug;
1998-08-09 08:43:13 +08:00
ld = tool_conn_setup( not, 0 );
if ( !not ) {
if ( pw_file || want_bindpw ) {
if ( pw_file ) {
rc = lutil_get_filed_password( pw_file, &passwd );
if( rc ) return EXIT_FAILURE;
} else {
passwd.bv_val = getpassphrase( _("Enter LDAP Password: ") );
passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
}
Patch: 'ldapmodify -y file' reads password from file (ITS#2031) ================ Written by Hallvard B. Furuseth and placed into the public domain. This software is not subject to any license of the University of Oslo. ================ Adapted by Kurt Zeilenga for inclusion in OpenLDAP. My comments are marked with enclosed with square brackets (e.g. [Kurt's comment] below. ================ If I run ldapmodify & co from a script, I don't want to use '-W password' because the password shows up in the output of 'ps' for everyone, and I can't pipe the password to 'ldapmodify -w' because -w uses getpassphrase() which reads from the tty instead of stdin. So I added '-y file' which reads the password from file. The programs exit if the file cannot be read. [Complete contents of file is used as password. Use: echo -n "secret" > password to create a file with "secret" as the password. The -n avoids adding a newline (which would invalidate the password). Note that echo is a builtin and hence its arguments are not visible to 'ps'.] I changed ldapmodify, ldapmodrdn, ldapdelete, ldapsearch, ldapcompare. I did not bother to change ldappasswd and ldapwhoami, because they prompt for many passwords. [I fixed up ldapwhoami.] Rerun autoconf after applying this patch. [Done.] Note: I do not know if Windows NT has fstat(), so I set HAVE_FSTAT to undef in portable.nt. (fstat() is used to warn if the file is publicly readable or writeable.) [I used fstat() to set the buffer size to read.] [Note: using the contents of a file extends the tools to support passwords which could not normally be provided using getpassphrase() or via the command line.] Hallvard B. Furuseth <h.b.furuseth@usit.uio.no>, Aug 2002. [Kurt D. Zeilenga <kurt@openldap.org>, Aug 2002.]
2002-08-24 13:47:17 +08:00
}
tool_bind( ld );
2000-06-14 11:07:33 +08:00
}
#ifdef LDAP_GROUP_TRANSACTION
if( txn ) {
struct berval *txnCookiep = &txnCookie;
/* create transaction */
rc = ldap_txn_create_s( ld, &txnCookiep, NULL, NULL );
if( rc != LDAP_SUCCESS ) {
ldap_perror( ld, "ldap_txn_create_s" );
if( txn > 2 ) return EXIT_FAILURE;
txn = 0;
}
}
#endif
if ( assertion || authzid || manageDSAit || noop || preread || postread
#ifdef LDAP_GROUP_TRANSACTION
|| txn
#endif
)
{
int err;
2004-07-26 07:05:29 +08:00
int i = 0;
LDAPControl c[1];
#ifdef LDAP_GROUP_TRANSACTION
if( txn ) {
txnber = ber_alloc_t( LBER_USE_DER );
if( txnber == NULL ) return EXIT_FAILURE;
err = ber_printf( txnber, "{o}", &txnCookie );
if( err == -1 ) {
ber_free( txnber, 1 );
fprintf( stderr, _("txn grouping control encoding error!\n") );
return EXIT_FAILURE;
}
err = ber_flatten2( txnber, &c[i].ldctl_value, 0 );
if( err == -1 ) return EXIT_FAILURE;
c[i].ldctl_oid = LDAP_CONTROL_GROUPING;
c[i].ldctl_iscritical = 1;
i++;
}
#endif
1998-08-09 08:43:13 +08:00
tool_server_controls( ld, c, i );
}
rc = 0;
count = 0;
retval = 0;
while (( rc == 0 || contoper ) &&
( rbuf = read_one_record( fp )) != NULL )
{
count++;
start = rbuf;
if ( rejfp ) {
len = strlen( rbuf );
if (( rejbuf = (char *)ber_memalloc( len+1 )) == NULL ) {
perror( "malloc" );
exit( EXIT_FAILURE );
}
memcpy( rejbuf, rbuf, len+1 );
}
rc = process_ldif_rec( start, count );
1998-08-09 08:43:13 +08:00
if ( rc ) retval = rc;
if ( rc && rejfp ) {
fprintf(rejfp, _("# Error: %s (%d)"), ldap_err2string(rc), rc);
matched_msg = NULL;
ldap_get_option(ld, LDAP_OPT_MATCHED_DN, &matched_msg);
if ( matched_msg != NULL ) {
if ( *matched_msg != '\0' ) {
fprintf( rejfp, _(", matched DN: %s"), matched_msg );
}
ldap_memfree( matched_msg );
}
error_msg = NULL;
ldap_get_option(ld, LDAP_OPT_ERROR_STRING, &error_msg);
if ( error_msg != NULL ) {
if ( *error_msg != '\0' ) {
fprintf( rejfp, _(", additional info: %s"), error_msg );
}
ldap_memfree( error_msg );
}
fprintf( rejfp, "\n%s\n", rejbuf );
}
if (rejfp) free( rejbuf );
free( rbuf );
}
1998-08-09 08:43:13 +08:00
#ifdef LDAP_GROUP_TRANSACTION
if( txn ) {
/* create transaction */
rc = ldap_txn_end_s( ld, &txnCookie, !txnabort, NULL, NULL );
if( rc != LDAP_SUCCESS ) {
ldap_perror( ld, "ldap_txn_create_s" );
if( txn > 2 ) return EXIT_FAILURE;
txn = 0;
}
}
#endif
if ( !not ) {
2003-12-19 03:15:57 +08:00
ldap_unbind_ext( ld, NULL, NULL );
}
1998-08-09 08:43:13 +08:00
if ( rejfp != NULL ) {
fclose( rejfp );
}
return( retval );
1998-08-09 08:43:13 +08:00
}
static int
process_ldif_rec( char *rbuf, int count )
1998-08-09 08:43:13 +08:00
{
char *line, *dn, *type, *newrdn, *newsup, *p;
int rc, linenum, modop, replicaport;
int expect_modop, expect_sep, expect_ct, expect_newrdn, expect_newsup;
int expect_deleteoldrdn, deleteoldrdn;
int saw_replica, use_record, new_entry, delete_entry, got_all;
LDAPMod **pmods;
int version;
2000-06-30 03:35:51 +08:00
struct berval val;
LDAPControl **pctrls;
1998-08-09 08:43:13 +08:00
new_entry = ldapadd;
1998-08-09 08:43:13 +08:00
rc = got_all = saw_replica = delete_entry = modop = expect_modop = 0;
expect_deleteoldrdn = expect_newrdn = expect_newsup = 0;
expect_sep = expect_ct = 0;
linenum = 0;
version = 0;
deleteoldrdn = 1;
use_record = force;
pmods = NULL;
pctrls = NULL;
dn = newrdn = newsup = NULL;
while ( rc == 0 && ( line = ldif_getline( &rbuf )) != NULL ) {
++linenum;
if ( expect_sep && strcasecmp( line, T_MODSEPSTR ) == 0 ) {
expect_sep = 0;
expect_ct = 1;
continue;
}
1998-08-09 08:43:13 +08:00
if ( ldif_parse_line( line, &type, &val.bv_val, &val.bv_len ) < 0 ) {
fprintf( stderr, _("%s: invalid format (line %d) entry: \"%s\"\n"),
prog, linenum, dn == NULL ? "" : dn );
rc = LDAP_PARAM_ERROR;
break;
1998-08-09 08:43:13 +08:00
}
if ( dn == NULL ) {
if ( !use_record && strcasecmp( type, T_REPLICA_STR ) == 0 ) {
++saw_replica;
if (( p = strchr( val.bv_val, ':' )) == NULL ) {
replicaport = 0;
} else {
*p++ = '\0';
replicaport = atoi( p );
}
if ( ldaphost != NULL &&
strcasecmp( val.bv_val, ldaphost ) == 0 &&
replicaport == ldapport )
{
use_record = 1;
}
} else if ( count == 1 && linenum == 1 &&
strcasecmp( type, T_VERSION_STR ) == 0 )
{
if( val.bv_len == 0 || atoi(val.bv_val) != 1 ) {
fprintf( stderr,
_("%s: invalid version %s, line %d (ignored)\n"),
prog, val.bv_val, linenum );
}
version++;
} else if ( strcasecmp( type, T_DN_STR ) == 0 ) {
if (( dn = ber_strdup( val.bv_val )) == NULL ) {
perror( "strdup" );
exit( EXIT_FAILURE );
}
expect_ct = 1;
}
goto end_line; /* skip all lines until we see "dn:" */
1998-08-09 08:43:13 +08:00
}
if ( expect_ct ) {
/* Check for "control" tag after dn and before changetype. */
if (strcasecmp(type, T_CONTROL_STR) == 0) {
/* Parse and add it to the list of controls */
rc = parse_ldif_control( line, &pctrls );
if (rc != 0) {
fprintf( stderr,
_("%s: Error processing %s line, line %d: %s\n"),
prog, T_CONTROL_STR, linenum, ldap_err2string(rc) );
}
goto end_line;
}
1998-08-09 08:43:13 +08:00
expect_ct = 0;
if ( !use_record && saw_replica ) {
printf(_("%s: skipping change record for entry: %s\n"),
prog, dn);
printf(_("\t(LDAP host/port does not match replica: lines)\n"));
free( dn );
ber_memfree( type );
ber_memfree( val.bv_val );
return( 0 );
}
if ( strcasecmp( type, T_CHANGETYPESTR ) == 0 ) {
#ifdef LIBERAL_CHANGETYPE_MODOP
/* trim trailing spaces (and log warning ...) */
int icnt;
for ( icnt = val.bv_len; --icnt > 0; ) {
if ( !isspace( (unsigned char) val.bv_val[icnt] ) ) {
break;
}
}
if ( ++icnt != val.bv_len ) {
fprintf( stderr, _("%s: illegal trailing space after"
" \"%s: %s\" trimmed (line %d of entry \"%s\")\n"),
prog, T_CHANGETYPESTR, val.bv_val, linenum, dn );
val.bv_val[icnt] = '\0';
}
#endif /* LIBERAL_CHANGETYPE_MODOP */
if ( strcasecmp( val.bv_val, T_MODIFYCTSTR ) == 0 ) {
new_entry = 0;
expect_modop = 1;
} else if ( strcasecmp( val.bv_val, T_ADDCTSTR ) == 0 ) {
new_entry = 1;
} else if ( strcasecmp( val.bv_val, T_MODRDNCTSTR ) == 0
|| strcasecmp( val.bv_val, T_MODDNCTSTR ) == 0
|| strcasecmp( val.bv_val, T_RENAMECTSTR ) == 0)
{
expect_newrdn = 1;
} else if ( strcasecmp( val.bv_val, T_DELETECTSTR ) == 0 ) {
got_all = delete_entry = 1;
} else {
fprintf( stderr,
_("%s: unknown %s \"%s\" (line %d of entry \"%s\")\n"),
prog, T_CHANGETYPESTR, val.bv_val, linenum, dn );
rc = LDAP_PARAM_ERROR;
}
goto end_line;
} else if ( ldapadd ) { /* missing changetype => add */
new_entry = 1;
modop = LDAP_MOD_ADD;
} else {
expect_modop = 1; /* missing changetype => modify */
}
1998-08-09 08:43:13 +08:00
}
if ( expect_modop ) {
#ifdef LIBERAL_CHANGETYPE_MODOP
/* trim trailing spaces (and log warning ...) */
int icnt;
for ( icnt = val.bv_len; --icnt > 0; ) {
if ( !isspace( (unsigned char) val.bv_val[icnt] ) ) break;
}
if ( ++icnt != val.bv_len ) {
fprintf( stderr, _("%s: illegal trailing space after"
" \"%s: %s\" trimmed (line %d of entry \"%s\")\n"),
prog, type, val.bv_val, linenum, dn );
val.bv_val[icnt] = '\0';
}
#endif /* LIBERAL_CHANGETYPE_MODOP */
expect_modop = 0;
expect_sep = 1;
if ( strcasecmp( type, T_MODOPADDSTR ) == 0 ) {
modop = LDAP_MOD_ADD;
goto end_line;
} else if ( strcasecmp( type, T_MODOPREPLACESTR ) == 0 ) {
modop = LDAP_MOD_REPLACE;
addmodifyop( &pmods, modop, val.bv_val, NULL );
goto end_line;
} else if ( strcasecmp( type, T_MODOPDELETESTR ) == 0 ) {
modop = LDAP_MOD_DELETE;
addmodifyop( &pmods, modop, val.bv_val, NULL );
goto end_line;
} else if ( strcasecmp( type, T_MODOPINCREMENTSTR ) == 0 ) {
modop = LDAP_MOD_INCREMENT;
addmodifyop( &pmods, modop, val.bv_val, NULL );
goto end_line;
} else { /* no modify op: use default */
modop = ldapadd ? LDAP_MOD_ADD : LDAP_MOD_REPLACE;
}
}
if ( expect_newrdn ) {
if ( strcasecmp( type, T_NEWRDNSTR ) == 0 ) {
if (( newrdn = ber_strdup( val.bv_val )) == NULL ) {
perror( "strdup" );
exit( EXIT_FAILURE );
}
expect_deleteoldrdn = 1;
expect_newrdn = 0;
} else {
fprintf( stderr, _("%s: expecting \"%s:\" but saw"
" \"%s:\" (line %d of entry \"%s\")\n"),
prog, T_NEWRDNSTR, type, linenum, dn );
rc = LDAP_PARAM_ERROR;
}
} else if ( expect_deleteoldrdn ) {
if ( strcasecmp( type, T_DELETEOLDRDNSTR ) == 0 ) {
deleteoldrdn = ( *val.bv_val == '0' ) ? 0 : 1;
expect_deleteoldrdn = 0;
expect_newsup = 1;
got_all = 1;
} else {
fprintf( stderr, _("%s: expecting \"%s:\" but saw"
" \"%s:\" (line %d of entry \"%s\")\n"),
prog, T_DELETEOLDRDNSTR, type, linenum, dn );
rc = LDAP_PARAM_ERROR;
}
} else if ( expect_newsup ) {
if ( strcasecmp( type, T_NEWSUPSTR ) == 0 ) {
if (( newsup = ber_strdup( val.bv_val )) == NULL ) {
perror( "strdup" );
exit( EXIT_FAILURE );
}
expect_newsup = 0;
} else {
fprintf( stderr, _("%s: expecting \"%s:\" but saw"
" \"%s:\" (line %d of entry \"%s\")\n"),
prog, T_NEWSUPSTR, type, linenum, dn );
rc = LDAP_PARAM_ERROR;
}
} else if ( got_all ) {
fprintf( stderr,
_("%s: extra lines at end (line %d of entry \"%s\")\n"),
prog, linenum, dn );
rc = LDAP_PARAM_ERROR;
} else {
addmodifyop( &pmods, modop, type, &val );
}
1999-08-20 08:55:22 +08:00
end_line:
ber_memfree( type );
ber_memfree( val.bv_val );
}
1998-08-09 08:43:13 +08:00
if( linenum == 0 ) {
return 0;
}
if( version && linenum == 1 ) {
return 0;
}
/* If default controls are set (as with -M option) and controls are
specified in the LDIF file, we must add the default controls to
the list of controls sent with the ldap operation.
*/
if ( rc == 0 ) {
if (pctrls) {
LDAPControl **defctrls = NULL; /* Default server controls */
LDAPControl **newctrls = NULL;
ldap_get_option(ld, LDAP_OPT_SERVER_CONTROLS, &defctrls);
if (defctrls) {
int npc=0; /* Num of LDIF controls */
int ndefc=0; /* Num of default controls */
while (pctrls[npc]) npc++; /* Count LDIF controls */
while (defctrls[ndefc]) ndefc++; /* Count default controls */
newctrls = ber_memrealloc(pctrls,
(npc+ndefc+1)*sizeof(LDAPControl*));
if (newctrls == NULL) {
rc = LDAP_NO_MEMORY;
} else {
int i;
pctrls = newctrls;
for (i=npc; i<npc+ndefc; i++) {
pctrls[i] = ldap_control_dup(defctrls[i-npc]);
if (pctrls[i] == NULL) {
rc = LDAP_NO_MEMORY;
break;
}
}
pctrls[npc+ndefc] = NULL;
}
ldap_controls_free(defctrls); /* Must be freed by library */
}
}
}
if ( rc == 0 ) {
if ( delete_entry ) {
rc = dodelete( dn, pctrls );
} else if ( newrdn != NULL ) {
rc = dorename( dn, newrdn, newsup, deleteoldrdn, pctrls );
} else {
rc = domodify( dn, pmods, pctrls, new_entry );
}
1998-08-09 08:43:13 +08:00
if ( rc == LDAP_SUCCESS ) {
rc = 0;
}
1998-08-09 08:43:13 +08:00
}
if ( dn != NULL ) {
free( dn );
}
if ( newrdn != NULL ) {
free( newrdn );
}
if ( pmods != NULL ) {
ldap_mods_free( pmods, 1 );
}
if (pctrls != NULL) {
ldap_controls_free( pctrls );
}
return( rc );
}
/* Parse an LDIF control line of the form
control: oid [true/false] [: value] or
control: oid [true/false] [:: base64-value] or
control: oid [true/false] [:< url]
The control is added to the list of controls in *ppctrls.
*/
static int
parse_ldif_control(
char *line,
LDAPControl ***ppctrls )
{
char *oid = NULL;
int criticality = 0; /* Default is false if not present */
char *type=NULL;
char *val = NULL;
ber_len_t value_len = 0;
int i, rc=0;
char *s, *oidStart, *pcolon;
LDAPControl *newctrl = NULL;
LDAPControl **pctrls = NULL;
if (ppctrls) pctrls = *ppctrls;
s = line + strlen(T_CONTROL_STR); /* Skip over "control" */
pcolon = s; /* Save this position for later */
if (*s++ != ':') { /* Make sure colon follows */
return ( LDAP_PARAM_ERROR );
}
while (*s && isspace((unsigned char)*s)) {
s++; /* Skip white space before OID */
}
/* OID should come next. Validate and extract it. */
if (*s == 0) return ( LDAP_PARAM_ERROR );
oidStart = s;
while (isdigit((unsigned char)*s) || *s == '.') {
s++; /* OID should be digits or . */
}
if (s == oidStart) {
return ( LDAP_PARAM_ERROR ); /* OID was not present */
}
if (*s) { /* End of OID should be space or NULL */
if (!isspace((unsigned char)*s)) {
return ( LDAP_PARAM_ERROR ); /* else OID contained invalid chars */
}
*s++ = 0; /* Replace space with null to terminate */
}
oid = ber_strdup(oidStart);
if (oid == NULL) return ( LDAP_NO_MEMORY );
/* Optional Criticality field is next. */
while (*s && isspace((unsigned char)*s)) {
s++; /* Skip white space before criticality */
}
if (strncasecmp(s, "true", 4) == 0) {
criticality = 1;
s += 4;
}
else if (strncasecmp(s, "false", 5) == 0) {
criticality = 0;
s += 5;
}
/* Optional value field is next */
while (*s && isspace((unsigned char)*s)) {
s++; /* Skip white space before value */
}
if (*s) {
if (*s != ':') { /* If value is present, must start with : */
rc = LDAP_PARAM_ERROR;
goto cleanup;
}
/* Shift value down over OID and criticality so it's in the form
control: value
control:: base64-value
control:< url
Then we can use ldif_parse_line to extract and decode the value
*/
while ( (*pcolon++ = *s++) != 0) { /* Shift value */
/* EMPTY */;
}
rc = ldif_parse_line(line, &type, &val, &value_len);
if (type) ber_memfree(type); /* Don't need this field*/
if (rc < 0) {
rc = LDAP_PARAM_ERROR;
goto cleanup;
}
}
/* Create a new LDAPControl structure. */
newctrl = (LDAPControl *)ber_memalloc(sizeof(LDAPControl));
if ( newctrl == NULL ) {
rc = LDAP_NO_MEMORY;
goto cleanup;
}
newctrl->ldctl_oid = oid;
oid = NULL;
newctrl->ldctl_iscritical = criticality;
newctrl->ldctl_value.bv_len = value_len;
newctrl->ldctl_value.bv_val = val;
val = NULL;
/* Add the new control to the passed-in list of controls. */
i = 0;
if (pctrls) {
while ( pctrls[i] ) { /* Count the # of controls passed in */
i++;
}
}
/* Allocate 1 more slot for the new control and 1 for the NULL. */
pctrls = (LDAPControl **) ber_memrealloc(pctrls,
(i+2)*(sizeof(LDAPControl *)));
if (pctrls == NULL) {
rc = LDAP_NO_MEMORY;
goto cleanup;
}
pctrls[i] = newctrl;
newctrl = NULL;
pctrls[i+1] = NULL;
*ppctrls = pctrls;
cleanup:
if (newctrl) {
if (newctrl->ldctl_oid) ber_memfree(newctrl->ldctl_oid);
if (newctrl->ldctl_value.bv_val) {
ber_memfree(newctrl->ldctl_value.bv_val);
}
ber_memfree(newctrl);
}
if (val) ber_memfree(val);
if (oid) ber_memfree(oid);
return( rc );
1998-08-09 08:43:13 +08:00
}
static void
2000-06-30 03:35:51 +08:00
addmodifyop(
LDAPMod ***pmodsp,
int modop,
const char *attr,
struct berval *val )
1998-08-09 08:43:13 +08:00
{
LDAPMod **pmods;
int i, j;
pmods = *pmodsp;
modop |= LDAP_MOD_BVALUES;
i = 0;
if ( pmods != NULL ) {
for ( ; pmods[ i ] != NULL; ++i ) {
if ( strcasecmp( pmods[ i ]->mod_type, attr ) == 0 &&
pmods[ i ]->mod_op == modop )
{
break;
}
}
1998-08-09 08:43:13 +08:00
}
if ( pmods == NULL || pmods[ i ] == NULL ) {
if (( pmods = (LDAPMod **)ber_memrealloc( pmods, (i + 2) *
sizeof( LDAPMod * ))) == NULL )
{
perror( "realloc" );
exit( EXIT_FAILURE );
1998-08-09 08:43:13 +08:00
}
*pmodsp = pmods;
pmods[ i + 1 ] = NULL;
1998-08-09 08:43:13 +08:00
pmods[ i ] = (LDAPMod *)ber_memcalloc( 1, sizeof( LDAPMod ));
if ( pmods[ i ] == NULL ) {
perror( "calloc" );
exit( EXIT_FAILURE );
1998-08-09 08:43:13 +08:00
}
pmods[ i ]->mod_op = modop;
pmods[ i ]->mod_type = ber_strdup( attr );
if ( pmods[ i ]->mod_type == NULL ) {
perror( "strdup" );
exit( EXIT_FAILURE );
}
1998-08-09 08:43:13 +08:00
}
2000-06-30 03:35:51 +08:00
if ( val != NULL ) {
j = 0;
if ( pmods[ i ]->mod_bvalues != NULL ) {
for ( ; pmods[ i ]->mod_bvalues[ j ] != NULL; ++j ) {
/* Empty */;
}
}
1998-08-09 08:43:13 +08:00
pmods[ i ]->mod_bvalues = (struct berval **) ber_memrealloc(
pmods[ i ]->mod_bvalues, (j + 2) * sizeof( struct berval * ));
if ( pmods[ i ]->mod_bvalues == NULL ) {
perror( "ber_realloc" );
exit( EXIT_FAILURE );
}
1998-08-09 08:43:13 +08:00
pmods[ i ]->mod_bvalues[ j + 1 ] = NULL;
2000-06-30 03:35:51 +08:00
pmods[ i ]->mod_bvalues[ j ] = ber_bvdup( val );
if ( pmods[ i ]->mod_bvalues[ j ] == NULL ) {
perror( "ber_bvdup" );
exit( EXIT_FAILURE );
}
1998-08-09 08:43:13 +08:00
}
}
static int
2000-06-30 03:35:51 +08:00
domodify(
const char *dn,
LDAPMod **pmods,
LDAPControl **pctrls,
2000-06-30 03:35:51 +08:00
int newentry )
1998-08-09 08:43:13 +08:00
{
int rc, i, j, k, notascii, op;
struct berval *bvp;
1998-08-09 08:43:13 +08:00
2003-08-10 01:45:34 +08:00
if ( dn == NULL ) {
fprintf( stderr, _("%s: no DN specified\n"), prog );
return( LDAP_PARAM_ERROR );
2003-08-10 01:45:34 +08:00
}
if ( pmods == NULL ) {
2000-10-04 06:05:28 +08:00
fprintf( stderr,
_("%s: no attributes to change or add (entry=\"%s\")\n"),
prog, dn );
return( LDAP_PARAM_ERROR );
}
1998-08-09 08:43:13 +08:00
for ( i = 0; pmods[ i ] != NULL; ++i ) {
op = pmods[ i ]->mod_op & ~LDAP_MOD_BVALUES;
if( op == LDAP_MOD_ADD && ( pmods[i]->mod_bvalues == NULL )) {
fprintf( stderr,
_("%s: attribute \"%s\" has no values (entry=\"%s\")\n"),
prog, pmods[i]->mod_type, dn );
return LDAP_PARAM_ERROR;
1998-08-09 08:43:13 +08:00
}
}
if ( verbose ) {
for ( i = 0; pmods[ i ] != NULL; ++i ) {
op = pmods[ i ]->mod_op & ~LDAP_MOD_BVALUES;
printf( "%s %s:\n",
op == LDAP_MOD_REPLACE ? _("replace") :
op == LDAP_MOD_ADD ? _("add") :
op == LDAP_MOD_INCREMENT ? _("increment") :
op == LDAP_MOD_DELETE ? _("delete") :
_("unknown"),
pmods[ i ]->mod_type );
if ( pmods[ i ]->mod_bvalues != NULL ) {
for ( j = 0; pmods[ i ]->mod_bvalues[ j ] != NULL; ++j ) {
bvp = pmods[ i ]->mod_bvalues[ j ];
notascii = 0;
for ( k = 0; (unsigned long) k < bvp->bv_len; ++k ) {
if ( !isascii( bvp->bv_val[ k ] )) {
notascii = 1;
break;
}
}
if ( notascii ) {
printf( _("\tNOT ASCII (%ld bytes)\n"), bvp->bv_len );
} else {
printf( "\t%s\n", bvp->bv_val );
}
}
}
}
}
1998-08-09 08:43:13 +08:00
if ( newentry ) {
printf( "%sadding new entry \"%s\"\n", not ? "!" : "", dn );
1998-08-09 08:43:13 +08:00
} else {
printf( "%smodifying entry \"%s\"\n", not ? "!" : "", dn );
1998-08-09 08:43:13 +08:00
}
if ( !not ) {
int msgid;
if ( newentry ) {
rc = ldap_add_ext( ld, dn, pmods, pctrls, NULL, &msgid );
} else {
rc = ldap_modify_ext( ld, dn, pmods, pctrls, NULL, &msgid );
}
if ( rc != LDAP_SUCCESS ) {
/* print error message about failed update including DN */
fprintf( stderr, _("%s: update failed: %s\n"), prog, dn );
ldap_perror( ld, newentry ? "ldap_add" : "ldap_modify" );
goto done;
} else if ( verbose ) {
printf( _("modify complete\n") );
}
rc = process_response( ld, msgid,
newentry ? "ldap_add" : "ldap_modify", dn );
} else {
rc = LDAP_SUCCESS;
}
1998-08-09 08:43:13 +08:00
done:
putchar( '\n' );
return rc;
1998-08-09 08:43:13 +08:00
}
static int
2000-06-30 03:35:51 +08:00
dodelete(
const char *dn,
LDAPControl **pctrls )
1998-08-09 08:43:13 +08:00
{
int rc;
int msgid;
1998-08-09 08:43:13 +08:00
printf( _("%sdeleting entry \"%s\"\n"), not ? "!" : "", dn );
if ( !not ) {
rc = ldap_delete_ext( ld, dn, pctrls, NULL, &msgid );
if ( rc != LDAP_SUCCESS ) {
fprintf( stderr, _("%s: delete failed: %s\n"), prog, dn );
ldap_perror( ld, "ldap_delete" );
goto done;
} else if ( verbose ) {
printf( _("delete complete") );
}
rc = process_response( ld, msgid, "ldap_delete", dn );
} else {
rc = LDAP_SUCCESS;
}
1998-08-09 08:43:13 +08:00
done:
putchar( '\n' );
return( rc );
1998-08-09 08:43:13 +08:00
}
static int
2000-06-30 03:35:51 +08:00
dorename(
const char *dn,
const char *newrdn,
const char* newsup,
int deleteoldrdn,
LDAPControl **pctrls )
1998-08-09 08:43:13 +08:00
{
int rc;
int msgid;
1998-08-09 08:43:13 +08:00
printf( _("%smodifying rdn of entry \"%s\"\n"), not ? "!" : "", dn );
if ( verbose ) {
printf( _("\tnew RDN: \"%s\" (%skeep existing values)\n"),
newrdn, deleteoldrdn ? _("do not ") : "" );
}
if ( !not ) {
rc = ldap_rename( ld, dn, newrdn, newsup, deleteoldrdn,
pctrls, NULL, &msgid );
if ( rc != LDAP_SUCCESS ) {
fprintf( stderr, _("%s: rename failed: %s\n"), prog, dn );
ldap_perror( ld, "ldap_modrdn" );
goto done;
} else {
printf( _("modrdn completed\n") );
}
rc = process_response( ld, msgid, "ldap_rename", dn );
1998-08-09 08:43:13 +08:00
} else {
rc = LDAP_SUCCESS;
1998-08-09 08:43:13 +08:00
}
done:
putchar( '\n' );
return( rc );
1998-08-09 08:43:13 +08:00
}
static int process_response(
LDAP *ld,
int msgid,
const char *opstr,
const char *dn )
{
LDAPMessage *res;
int rc = LDAP_OTHER;
if( ldap_result( ld, msgid,
#ifdef LDAP_GROUP_TRANSACTION
txn ? 0 : 1,
#else
1,
#endif
NULL, &res ) == -1 ) {
ldap_get_option( ld, LDAP_OPT_ERROR_NUMBER, &rc );
return rc;
}
if( ldap_msgtype( res ) != LDAP_RES_INTERMEDIATE ) {
2004-04-05 23:29:35 +08:00
rc = ldap_result2error( ld, res, 1 );
2004-04-05 23:40:07 +08:00
if( rc != LDAP_SUCCESS ) ldap_perror( ld, opstr );
2004-04-05 23:29:35 +08:00
return rc;
}
2004-03-17 11:13:00 +08:00
#ifdef LDAP_GROUP_TRANSACTION
/* assume (successful) transaction intermediate response */
return LDAP_SUCCESS;
2004-03-17 11:13:00 +08:00
#else
/* intermediate response? */
return LDAP_DECODING_ERROR;
#endif
}
1998-08-09 08:43:13 +08:00
static char *
read_one_record( FILE *fp )
{
char *buf, line[ LDAPMOD_MAXLINE ];
int lcur, lmax;
1998-08-09 08:43:13 +08:00
lcur = lmax = 0;
buf = NULL;
1998-08-09 08:43:13 +08:00
while ( fgets( line, sizeof(line), fp ) != NULL ) {
int len = strlen( line );
if( len < 2 || ( len == 2 && *line == '\r' )) {
if( buf == NULL ) {
continue;
} else {
break;
}
}
if ( lcur + len + 1 > lmax ) {
lmax = LDAPMOD_MAXLINE
* (( lcur + len + 1 ) / LDAPMOD_MAXLINE + 1 );
if (( buf = (char *)ber_memrealloc( buf, lmax )) == NULL ) {
perror( "realloc" );
exit( EXIT_FAILURE );
}
}
strcpy( buf + lcur, line );
lcur += len;
}
1998-08-09 08:43:13 +08:00
return( buf );
1998-08-09 08:43:13 +08:00
}