openldap/clients/tools/ldapmodify.c

1301 lines
31 KiB
C
Raw Normal View History

2003-11-26 07:17:08 +08:00
/* ldapmodify.c - generic program to modify or add entries using LDAP */
/* $OpenLDAP$ */
2003-11-26 07:17:08 +08:00
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
2007-01-03 04:00:42 +08:00
* Copyright 1998-2007 The OpenLDAP Foundation.
* Portions Copyright 2006 Howard Chu.
2003-11-26 07:17:08 +08:00
* Portions Copyright 1998-2003 Kurt D. Zeilenga.
* Portions Copyright 1998-2001 Net Boolean Incorporated.
* Portions Copyright 2001-2003 IBM Corporation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted only as authorized by the OpenLDAP
* Public License.
*
* A copy of this license is available in the file LICENSE in the
* top-level directory of the distribution or, alternatively, at
* <http://www.OpenLDAP.org/license.html>.
*/
/* Portions Copyright (c) 1992-1996 Regents of the University of Michigan.
* All rights reserved.
*
* Redistribution and use in source and binary forms are permitted
* provided that this notice is preserved and that due credit is given
* to the University of Michigan at Ann Arbor. The name of the
* University may not be used to endorse or promote products derived
* from this software without specific prior written permission. This
* software is provided ``as is'' without express or implied warranty.
*/
2003-11-26 10:58:56 +08:00
/* ACKNOWLEDGEMENTS:
* This work was originally developed by the University of Michigan
2003-11-26 07:17:08 +08:00
* (as part of U-MICH LDAP). Additional significant contributors
* include:
* Kurt D. Zeilenga
2003-11-26 16:31:36 +08:00
* Norbert Klasen
* Howard Chu
Vienna Bulk Commit This commit includes many changes. All changes compile under NT but have not been tested under UNIX. A Summary of changes (likely incomplete): NT changes: Removed lint. Clean up configuration support for "Debug", "Release", "SDebug", and "SRelease" configurations. Share output directories for clients, libraries, and slapd. (maybe they should be combined further and moved to build/{,S}{Debug,Release}). Enable threading when _MT is defined. Enable debuging when _DEBUG is defined. Disable setting of NDEBUG under Release/SRelease. Asserts are disabled in <ac/assert.h> when LDAP_DEBUG is not defined. Added 'build/main.dsp' Master project. Removed non-slapd projects from slapd.dsp (see main.dsp). Removed replaced many uses of _WIN32 macro with feature based macros. ldap_cdefs.h changes #define LDAP_CONST const (see below) #define LDAP_F(type) LDAP_F_PRE type LDAP_F_POST To allow specifiers to be added before and after the type declaration. (For DLL handling) LBER/LDAP changes Namespace changes: s/lber_/ber_/ for here and there. s/NAME_ERROR/LDAP_NAME_ERROR/g Deleted NULLMSG and other NULL* macros for namespace reasons. "const" libraries. Installed headers (ie: lber.h, ldap.h) use LDAP_CONST macro. Normally set to 'const' when __STDC__. Can be set externally to enable/disable 'constification' of external interface. Internal interface always uses 'const'. Did not fix warnings in -lldif (in lieu of new LDIF parser). Added _ext API implementations (excepting search and bind). Need to implement ldap_int_get_controls() for reponses with controls. Added numberous assert() checks. LDAP_R _MT defines HAVE_NT_THREADS Added numberous assert() checks. Changed ldap_pthread_t back to unsigned long. Used cast to HANDLE in _join(). LDBM Replaced _WIN32 with HAVE_SYSLOG ud Added version string if MKVERSION is not defined. (MKVERSION needs to be set under UNIX). slapd Made connection sockbuf field a pointer to a sockbuf. This removed slap.h dependency on lber-int.h. lber-int.h now only included by those files needing to mess with the sockbuf. Used ber_* functions/macros to access sockbuf internals whenever possible. Added version string if MKVERSION is not defined. (MKVERSION needs to be set under UNIX). Removed FD_SET unsigned lint slapd/tools Used EXEEXT to added ".exe" to routines. Need to define EXEEXT under UNIX. ldappasswd Added ldappasswd.dsp. Ported to NT. Used getpid() to seed rand(). nt_debug Minor cleanup. Added "portable.h" include and used <ac/*.h> where appropriate. Added const to char* format argument.
1999-05-19 09:12:33 +08:00
*/
1998-08-09 08:43:13 +08:00
1998-10-25 09:41:42 +08:00
#include "portable.h"
1998-08-09 08:43:13 +08:00
#include <stdio.h>
1999-06-03 08:37:44 +08:00
#include <ac/stdlib.h>
1998-11-15 14:54:30 +08:00
#include <ac/ctype.h>
1998-10-25 09:41:42 +08:00
#include <ac/string.h>
#include <ac/unistd.h>
2006-09-14 15:58:02 +08:00
#include <ac/socket.h>
2005-05-06 07:04:49 +08:00
#include <ac/time.h>
1998-10-25 09:41:42 +08:00
#ifdef HAVE_SYS_STAT_H
1998-08-09 08:43:13 +08:00
#include <sys/stat.h>
#endif
1998-10-25 09:41:42 +08:00
#ifdef HAVE_SYS_FILE_H
1998-08-09 08:43:13 +08:00
#include <sys/file.h>
1998-10-25 09:41:42 +08:00
#endif
#ifdef HAVE_FCNTL_H
1998-08-09 08:43:13 +08:00
#include <fcntl.h>
1998-10-25 09:41:42 +08:00
#endif
1998-08-09 08:43:13 +08:00
#include <ldap.h>
#include "lutil.h"
#include "lutil_ldap.h"
#include "ldif.h"
#include "ldap_defaults.h"
2001-12-20 05:19:41 +08:00
#include "ldap_log.h"
2002-09-04 10:14:12 +08:00
#include "ldap_pvt.h"
#include "lber_pvt.h"
#include "common.h"
static int ldapadd, force = 0;
static char *rejfile = NULL;
2000-08-25 13:31:29 +08:00
static LDAP *ld = NULL;
1998-08-09 08:43:13 +08:00
#define M_SEP 0x7f
1998-08-09 08:43:13 +08:00
/* strings found in replog/LDIF entries (mostly lifted from slurpd/slurp.h) */
static struct berval BV_VERSION = BER_BVC("version");
static struct berval BV_REPLICA = BER_BVC("replica");
static struct berval BV_DN = BER_BVC("dn");
static struct berval BV_CONTROL = BER_BVC("control");
static struct berval BV_CHANGETYPE = BER_BVC("changetype");
static struct berval BV_ADDCT = BER_BVC("add");
static struct berval BV_MODIFYCT = BER_BVC("modify");
static struct berval BV_DELETECT = BER_BVC("delete");
static struct berval BV_MODRDNCT = BER_BVC("modrdn");
static struct berval BV_MODDNCT = BER_BVC("moddn");
static struct berval BV_RENAMECT = BER_BVC("rename");
static struct berval BV_MODOPADD = BER_BVC("add");
static struct berval BV_MODOPREPLACE = BER_BVC("replace");
static struct berval BV_MODOPDELETE = BER_BVC("delete");
static struct berval BV_MODOPINCREMENT = BER_BVC("increment");
static struct berval BV_MODSEP = BER_BVC("-");
static struct berval BV_NEWRDN = BER_BVC("newrdn");
static struct berval BV_DELETEOLDRDN = BER_BVC("deleteoldrdn");
static struct berval BV_NEWSUP = BER_BVC("newsuperior");
#define BVICMP(a,b) ((a)->bv_len != (b)->bv_len ? \
(a)->bv_len - (b)->bv_len : strcasecmp((a)->bv_val, (b)->bv_val))
static int process_ldif_rec LDAP_P(( char *rbuf, int lineno ));
static int parse_ldif_control LDAP_P(( struct berval *val, LDAPControl ***pctrls ));
2000-06-30 03:35:51 +08:00
static int domodify LDAP_P((
const char *dn,
LDAPMod **pmods,
LDAPControl **pctrls,
2000-06-30 03:35:51 +08:00
int newentry ));
static int dodelete LDAP_P((
const char *dn,
LDAPControl **pctrls ));
2000-06-30 03:35:51 +08:00
static int dorename LDAP_P((
const char *dn,
const char *newrdn,
const char *newsup,
int deleteoldrdn,
LDAPControl **pctrls ));
static int process_response(
LDAP *ld,
int msgid,
int res,
const char *dn );
1998-10-25 09:41:42 +08:00
#ifdef LDAP_X_TXN
static int txn = 0;
static int txnabort = 0;
struct berval *txn_id = NULL;
#endif
void
usage( void )
{
fprintf( stderr, _("Add or modify entries from an LDAP server\n\n"));
fprintf( stderr, _("usage: %s [options]\n"), prog);
fprintf( stderr, _(" The list of desired operations are read from stdin"
" or from the file\n"));
fprintf( stderr, _(" specified by \"-f file\".\n"));
fprintf( stderr, _("Add or modify options:\n"));
fprintf( stderr, _(" -a add values (%s)\n"),
2003-04-06 11:27:52 +08:00
(ldapadd ? _("default") : _("default is to replace")));
fprintf( stderr, _(" -E [!]ext=extparam modify extensions"
" (! indicate s criticality)\n"));
#ifdef LDAP_X_TXN
fprintf( stderr,
_(" [!]txn=<commit|abort> (transaction)\n"));
#endif
fprintf( stderr, _(" -F force all changes records to be used\n"));
fprintf( stderr, _(" -S file write skipped modifications to `file'\n"));
tool_common_usage();
exit( EXIT_FAILURE );
}
const char options[] = "aE:FrS:"
"cd:D:e:f:h:H:IkKMnO:o:p:P:QR:U:vVw:WxX:y:Y:Z";
1998-11-04 21:15:18 +08:00
int
handle_private_option( int i )
1998-08-09 08:43:13 +08:00
{
char *control, *cvalue;
int crit;
switch ( i ) {
2004-03-13 06:34:07 +08:00
case 'E': /* modify extensions */
if( protocol == LDAP_VERSION2 ) {
2003-04-06 10:59:15 +08:00
fprintf( stderr, _("%s: -E incompatible with LDAPv%d\n"),
prog, protocol );
exit( EXIT_FAILURE );
2002-08-29 18:41:10 +08:00
}
/* should be extended to support comma separated list of
* [!]key[=value] parameters, e.g. -E !foo,bar=567
2002-08-29 18:41:10 +08:00
*/
crit = 0;
cvalue = NULL;
if( optarg[0] == '!' ) {
crit = 1;
optarg++;
2002-08-29 18:41:10 +08:00
}
control = ber_strdup( optarg );
if ( (cvalue = strchr( control, '=' )) != NULL ) {
*cvalue++ = '\0';
2002-08-29 18:41:10 +08:00
}
2004-03-13 06:34:07 +08:00
#ifdef LDAP_X_TXN
if( strcasecmp( control, "txn" ) == 0 ) {
/* Transaction */
if( txn ) {
fprintf( stderr,
_("txn control previously specified\n"));
exit( EXIT_FAILURE );
}
if( cvalue != NULL ) {
if( strcasecmp( cvalue, "abort" ) == 0 ) {
txnabort=1;
} else if( strcasecmp( cvalue, "commit" ) != 0 ) {
fprintf( stderr, _("Invalid value for txn control, %s\n"),
cvalue );
exit( EXIT_FAILURE );
}
}
txn = 1 + crit;
} else
#endif
{
fprintf( stderr, _("Invalid modify extension name: %s\n"),
control );
usage();
}
2006-03-07 06:47:06 +08:00
break;
case 'a': /* add */
ldapadd = 1;
break;
case 'F': /* force all changes records to be used */
force = 1;
break;
case 'r': /* replace (obsolete) */
break;
case 'S': /* skipped modifications to file */
if( rejfile != NULL ) {
2003-04-06 10:59:15 +08:00
fprintf( stderr, _("%s: -S previously specified\n"), prog );
exit( EXIT_FAILURE );
}
rejfile = ber_strdup( optarg );
break;
default:
return 0;
1998-08-09 08:43:13 +08:00
}
return 1;
}
1998-08-09 08:43:13 +08:00
int
main( int argc, char **argv )
{
char *rbuf = NULL, *rejbuf = NULL;
FILE *rejfp;
struct LDIFFP *ldiffp, ldifdummy = {0};
char *matched_msg, *error_msg;
int rc, retval;
int len;
2006-01-10 07:00:28 +08:00
int i = 0;
int lineno, nextline = 0, lmax = 0;
2006-01-10 07:00:28 +08:00
LDAPControl c[1];
prog = lutil_progname( "ldapmodify", argc, argv );
/* strncmp instead of strcmp since NT binaries carry .exe extension */
ldapadd = ( strncasecmp( prog, "ldapadd", sizeof("ldapadd")-1 ) == 0 );
2006-01-09 03:51:28 +08:00
tool_init( ldapadd ? TOOL_ADD : TOOL_MODIFY );
tool_args( argc, argv );
if ( argc != optind ) usage();
if ( rejfile != NULL ) {
if (( rejfp = fopen( rejfile, "w" )) == NULL ) {
perror( rejfile );
return( EXIT_FAILURE );
}
} else {
rejfp = NULL;
}
if ( infile != NULL ) {
if (( ldiffp = ldif_open( infile, "r" )) == NULL ) {
perror( infile );
return( EXIT_FAILURE );
}
} else {
ldifdummy.fp = stdin;
ldiffp = &ldifdummy;
1998-08-09 08:43:13 +08:00
}
if ( debug ) ldif_debug = debug;
1998-08-09 08:43:13 +08:00
2006-01-09 03:51:28 +08:00
ld = tool_conn_setup( dont, 0 );
2006-01-09 03:51:28 +08:00
if ( !dont ) {
if ( pw_file || want_bindpw ) {
if ( pw_file ) {
rc = lutil_get_filed_password( pw_file, &passwd );
if( rc ) return EXIT_FAILURE;
} else {
passwd.bv_val = getpassphrase( _("Enter LDAP Password: ") );
passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
}
Patch: 'ldapmodify -y file' reads password from file (ITS#2031) ================ Written by Hallvard B. Furuseth and placed into the public domain. This software is not subject to any license of the University of Oslo. ================ Adapted by Kurt Zeilenga for inclusion in OpenLDAP. My comments are marked with enclosed with square brackets (e.g. [Kurt's comment] below. ================ If I run ldapmodify & co from a script, I don't want to use '-W password' because the password shows up in the output of 'ps' for everyone, and I can't pipe the password to 'ldapmodify -w' because -w uses getpassphrase() which reads from the tty instead of stdin. So I added '-y file' which reads the password from file. The programs exit if the file cannot be read. [Complete contents of file is used as password. Use: echo -n "secret" > password to create a file with "secret" as the password. The -n avoids adding a newline (which would invalidate the password). Note that echo is a builtin and hence its arguments are not visible to 'ps'.] I changed ldapmodify, ldapmodrdn, ldapdelete, ldapsearch, ldapcompare. I did not bother to change ldappasswd and ldapwhoami, because they prompt for many passwords. [I fixed up ldapwhoami.] Rerun autoconf after applying this patch. [Done.] Note: I do not know if Windows NT has fstat(), so I set HAVE_FSTAT to undef in portable.nt. (fstat() is used to warn if the file is publicly readable or writeable.) [I used fstat() to set the buffer size to read.] [Note: using the contents of a file extends the tools to support passwords which could not normally be provided using getpassphrase() or via the command line.] Hallvard B. Furuseth <h.b.furuseth@usit.uio.no>, Aug 2002. [Kurt D. Zeilenga <kurt@openldap.org>, Aug 2002.]
2002-08-24 13:47:17 +08:00
}
tool_bind( ld );
2000-06-14 11:07:33 +08:00
}
#ifdef LDAP_X_TXN
if( txn ) {
/* start transaction */
rc = ldap_txn_start_s( ld, NULL, NULL, &txn_id );
if( rc != LDAP_SUCCESS ) {
tool_perror( "ldap_txn_start_s", rc, NULL, NULL, NULL, NULL );
if( txn > 1 ) return EXIT_FAILURE;
txn = 0;
}
}
#endif
2006-01-10 07:00:28 +08:00
if ( 0
#ifdef LDAP_X_TXN
|| txn
#endif
2006-01-10 07:00:28 +08:00
)
{
#ifdef LDAP_X_TXN
if( txn ) {
c[i].ldctl_oid = LDAP_CONTROL_X_TXN_SPEC;
c[i].ldctl_value = *txn_id;
c[i].ldctl_iscritical = 1;
i++;
}
#endif
}
2006-01-10 07:00:28 +08:00
tool_server_controls( ld, c, i );
rc = 0;
retval = 0;
lineno = 1;
while (( rc == 0 || contoper ) && ldif_read_record( ldiffp, &nextline,
&rbuf, &lmax ))
{
if ( rejfp ) {
len = strlen( rbuf );
if (( rejbuf = (char *)ber_memalloc( len+1 )) == NULL ) {
perror( "malloc" );
exit( EXIT_FAILURE );
}
memcpy( rejbuf, rbuf, len+1 );
}
rc = process_ldif_rec( rbuf, lineno );
lineno = nextline+1;
1998-08-09 08:43:13 +08:00
if ( rc ) retval = rc;
if ( rc && rejfp ) {
fprintf(rejfp, _("# Error: %s (%d)"), ldap_err2string(rc), rc);
matched_msg = NULL;
ldap_get_option(ld, LDAP_OPT_MATCHED_DN, &matched_msg);
if ( matched_msg != NULL ) {
if ( *matched_msg != '\0' ) {
fprintf( rejfp, _(", matched DN: %s"), matched_msg );
}
ldap_memfree( matched_msg );
}
error_msg = NULL;
ldap_get_option(ld, LDAP_OPT_DIAGNOSTIC_MESSAGE, &error_msg);
if ( error_msg != NULL ) {
if ( *error_msg != '\0' ) {
fprintf( rejfp, _(", additional info: %s"), error_msg );
}
ldap_memfree( error_msg );
}
fprintf( rejfp, "\n%s\n", rejbuf );
}
if (rejfp) free( rejbuf );
}
free( rbuf );
1998-08-09 08:43:13 +08:00
#ifdef LDAP_X_TXN
if( retval == 0 && txn ) {
rc = ldap_set_option( ld, LDAP_OPT_SERVER_CONTROLS, NULL );
if ( rc != LDAP_OPT_SUCCESS ) {
fprintf( stderr, "Could not unset controls for ldap_txn_end\n");
}
/* create transaction */
rc = ldap_txn_end_s( ld, !txnabort, txn_id, NULL, NULL, NULL );
if( rc != LDAP_SUCCESS ) {
tool_perror( "ldap_txn_end_s", rc, NULL, NULL, NULL, NULL );
retval = rc;
}
}
#endif
2006-01-09 03:51:28 +08:00
if ( !dont ) {
tool_unbind( ld );
}
1998-08-09 08:43:13 +08:00
if ( rejfp != NULL ) {
fclose( rejfp );
}
tool_destroy();
return( retval );
1998-08-09 08:43:13 +08:00
}
static int
process_ldif_rec( char *rbuf, int linenum )
1998-08-09 08:43:13 +08:00
{
char *line, *dn, *newrdn, *newsup;
int rc, modop, replicaport;
int expect_modop, expect_sep;
int deleteoldrdn;
int saw_replica, use_record, new_entry, delete_entry, got_all;
LDAPMod **pmods, *lm = NULL;
int version;
LDAPControl **pctrls;
int i, j, k, lines, idn, nmods;
struct berval *btype, *vals, **bvl, bv;
char *freeval;
unsigned char *mops = NULL;
1998-08-09 08:43:13 +08:00
new_entry = ldapadd;
1998-08-09 08:43:13 +08:00
rc = got_all = saw_replica = delete_entry = modop = expect_modop = 0;
expect_sep = 0;
version = 0;
deleteoldrdn = 1;
use_record = force;
pmods = NULL;
pctrls = NULL;
dn = newrdn = newsup = NULL;
lines = ldif_countlines( rbuf );
btype = ber_memcalloc( 1, (lines+1)*2*sizeof(struct berval)+lines );
vals = btype+lines+1;
freeval = (char *)(vals+lines+1);
i = -1;
while ( rc == 0 && ( line = ldif_getline( &rbuf )) != NULL ) {
int freev;
if ( *line == '\n' || *line == '\0' ) {
break;
}
++i;
if ( line[0] == '-' && !line[1] ) {
BER_BVZERO( btype+i );
freeval[i] = 0;
continue;
}
1998-08-09 08:43:13 +08:00
2006-12-18 16:21:06 +08:00
if ( ( rc = ldif_parse_line2( line, btype+i, vals+i, &freev ) ) < 0 ) {
fprintf( stderr, _("%s: invalid format (line %d) entry: \"%s\"\n"),
prog, linenum+i, dn == NULL ? "" : dn );
rc = LDAP_PARAM_ERROR;
break;
1998-08-09 08:43:13 +08:00
}
freeval[i] = freev;
if ( dn == NULL ) {
if ( !use_record && !BVICMP( btype+i, &BV_REPLICA )) {
char *p;
++saw_replica;
if (( p = strchr( vals[i].bv_val, ':' )) == NULL ) {
replicaport = 0;
} else {
*p++ = '\0';
2005-11-24 09:10:05 +08:00
if ( lutil_atoi( &replicaport, p ) != 0 ) {
fprintf( stderr, _("%s: unable to parse replica port \"%s\" (line %d) entry: \"%s\"\n"),
prog, p, linenum+i, dn == NULL ? "" : dn );
2005-11-24 09:10:05 +08:00
rc = LDAP_PARAM_ERROR;
break;
}
}
if ( ldaphost != NULL &&
strcasecmp( vals[i].bv_val, ldaphost ) == 0 &&
replicaport == ldapport )
{
use_record = 1;
}
} else if ( linenum+i == 1 && !BVICMP( btype+i, &BV_VERSION )) {
2005-11-24 09:10:05 +08:00
int v;
if( vals[i].bv_len == 0 || lutil_atoi( &v, vals[i].bv_val) != 0 || v != 1 ) {
fprintf( stderr,
_("%s: invalid version %s, line %d (ignored)\n"),
prog, vals[i].bv_val, linenum );
}
version++;
} else if ( !BVICMP( btype+i, &BV_DN )) {
dn = vals[i].bv_val;
idn = i;
if ( !use_record && saw_replica ) {
printf(_("%s: skipping change record for entry: %s at line %d\n"),
prog, dn, linenum+i);
printf(_("\t(LDAP host/port does not match replica: lines)\n"));
rc = 0;
goto leave;
}
}
/* skip all lines until we see "dn:" */
1998-08-09 08:43:13 +08:00
}
}
/* check to make sure there was a dn: line */
if ( !dn ) {
rc = 0;
goto leave;
}
1998-08-09 08:43:13 +08:00
lines = i+1;
if( lines == 0 ) {
rc = 0;
goto leave;
}
if( version && lines == 1 ) {
rc = 0;
goto leave;
}
i = idn+1;
/* Check for "control" tag after dn and before changetype. */
if (!BVICMP( btype+i, &BV_CONTROL)) {
/* Parse and add it to the list of controls */
rc = parse_ldif_control( vals+i, &pctrls );
if (rc != 0) {
fprintf( stderr,
_("%s: Error processing %s line, line %d: %s\n"),
prog, BV_CONTROL.bv_val, linenum+i, ldap_err2string(rc) );
}
i++;
if ( i>= lines ) {
short_input:
fprintf( stderr,
_("%s: Expecting more input after %s line, line %d\n"),
prog, btype[i-1].bv_val, linenum+i );
rc = LDAP_PARAM_ERROR;
goto leave;
}
}
/* Check for changetype */
if ( !BVICMP( btype+i, &BV_CHANGETYPE )) {
#ifdef LIBERAL_CHANGETYPE_MODOP
/* trim trailing spaces (and log warning ...) */
int icnt;
for ( icnt = vals[i].bv_len; --icnt > 0; ) {
if ( !isspace( (unsigned char) vals[i].bv_val[icnt] ) ) {
break;
}
}
if ( ++icnt != vals[i].bv_len ) {
fprintf( stderr, _("%s: illegal trailing space after"
" \"%s: %s\" trimmed (line %d, entry \"%s\")\n"),
prog, BV_CHANGETYPE.bv_val, vals[i].bv_val, linenum+i, dn );
vals[i].bv_val[icnt] = '\0';
}
#endif /* LIBERAL_CHANGETYPE_MODOP */
if ( BVICMP( vals+i, &BV_MODIFYCT ) == 0 ) {
new_entry = 0;
expect_modop = 1;
} else if ( BVICMP( vals+i, &BV_ADDCT ) == 0 ) {
new_entry = 1;
modop = LDAP_MOD_ADD;
} else if ( BVICMP( vals+i, &BV_MODRDNCT ) == 0
|| BVICMP( vals+i, &BV_MODDNCT ) == 0
|| BVICMP( vals+i, &BV_RENAMECT ) == 0)
{
i++;
if ( i >= lines )
goto short_input;
if ( BVICMP( btype+i, &BV_NEWRDN )) {
fprintf( stderr, _("%s: expecting \"%s:\" but saw"
" \"%s:\" (line %d, entry \"%s\")\n"),
prog, BV_NEWRDN.bv_val, btype[i].bv_val, linenum+i, dn );
rc = LDAP_PARAM_ERROR;
goto leave;
}
newrdn = vals[i].bv_val;
i++;
if ( i >= lines )
goto short_input;
if ( BVICMP( btype+i, &BV_DELETEOLDRDN )) {
fprintf( stderr, _("%s: expecting \"%s:\" but saw"
" \"%s:\" (line %d, entry \"%s\")\n"),
prog, BV_DELETEOLDRDN.bv_val, btype[i].bv_val, linenum+i, dn );
rc = LDAP_PARAM_ERROR;
goto leave;
}
deleteoldrdn = ( vals[i].bv_val[0] == '0' ) ? 0 : 1;
i++;
if ( i < lines ) {
if ( BVICMP( btype+i, &BV_NEWSUP )) {
fprintf( stderr, _("%s: expecting \"%s:\" but saw"
" \"%s:\" (line %d, entry \"%s\")\n"),
prog, BV_NEWSUP.bv_val, btype[i].bv_val, linenum+i, dn );
rc = LDAP_PARAM_ERROR;
goto leave;
}
newsup = vals[i].bv_val;
i++;
}
got_all = 1;
} else if ( BVICMP( vals+i, &BV_DELETECT ) == 0 ) {
got_all = delete_entry = 1;
} else {
fprintf( stderr,
_("%s: unknown %s \"%s\" (line %d, entry \"%s\")\n"),
prog, BV_CHANGETYPE.bv_val, vals[i].bv_val, linenum+i, dn );
rc = LDAP_PARAM_ERROR;
goto leave;
}
i++;
} else if ( ldapadd ) { /* missing changetype => add */
new_entry = 1;
modop = LDAP_MOD_ADD;
} else {
expect_modop = 1; /* missing changetype => modify */
}
if ( got_all ) {
if ( i < lines ) {
fprintf( stderr,
_("%s: extra lines at end (line %d, entry \"%s\")\n"),
prog, linenum+i, dn );
rc = LDAP_PARAM_ERROR;
goto leave;
}
goto doit;
}
nmods = lines - i;
idn = i;
if ( new_entry ) {
int fv;
/* Make sure all attributes with multiple values are contiguous */
for (; i<lines; i++) {
for (j=i+1; j<lines; j++) {
if ( !BVICMP( btype+i, btype+j )) {
nmods--;
/* out of order, move intervening attributes down */
if ( j != i+1 ) {
bv = vals[j];
fv = freeval[j];
for (k=j; k>i; k--) {
btype[k] = btype[k-1];
vals[k] = vals[k-1];
freeval[k] = freeval[k-1];
}
k++;
btype[k] = btype[i];
vals[k] = bv;
freeval[k] = fv;
}
i++;
}
}
1998-08-09 08:43:13 +08:00
}
/* Allocate space for array of mods, array of pointers to mods,
* and array of pointers to values, allowing for NULL terminators
* for the pointer arrays...
*/
lm = ber_memalloc( nmods * sizeof(LDAPMod) +
(nmods+1) * sizeof(LDAPMod*) +
(lines + nmods - idn) * sizeof(struct berval *));
pmods = (LDAPMod **)(lm+nmods);
bvl = (struct berval **)(pmods+nmods+1);
1998-08-09 08:43:13 +08:00
j = 0;
k = -1;
BER_BVZERO(&bv);
for (i=idn; i<lines; i++) {
if ( !BVICMP( btype+i, &BV_DN )) {
fprintf( stderr, _("%s: attributeDescription \"%s\":"
" (possible missing newline"
" after line %d, entry \"%s\"?)\n"),
2006-12-18 16:21:06 +08:00
prog, btype[i].bv_val, linenum+i - 1, dn );
}
if ( BVICMP(btype+i,&bv)) {
bvl[k++] = NULL;
bv = btype[i];
lm[j].mod_op = LDAP_MOD_ADD | LDAP_MOD_BVALUES;
lm[j].mod_type = bv.bv_val;
lm[j].mod_bvalues = bvl+k;
pmods[j] = lm+j;
j++;
}
bvl[k++] = vals+i;
}
bvl[k] = NULL;
pmods[j] = NULL;
goto doit;
}
mops = ber_memalloc( lines+1 );
mops[lines] = M_SEP;
mops[i-1] = M_SEP;
for ( ; i<lines; i++ ) {
if ( expect_modop ) {
#ifdef LIBERAL_CHANGETYPE_MODOP
/* trim trailing spaces (and log warning ...) */
int icnt;
for ( icnt = vals[i].bv_len; --icnt > 0; ) {
if ( !isspace( (unsigned char) vals[i].bv_val[icnt] ) ) break;
}
if ( ++icnt != vals[i].bv_len ) {
fprintf( stderr, _("%s: illegal trailing space after"
" \"%s: %s\" trimmed (line %d, entry \"%s\")\n"),
prog, type, vals[i].bv_val, linenum+i, dn );
vals[i].bv_val[icnt] = '\0';
}
#endif /* LIBERAL_CHANGETYPE_MODOP */
expect_modop = 0;
expect_sep = 1;
if ( BVICMP( btype+i, &BV_MODOPADD ) == 0 ) {
modop = LDAP_MOD_ADD;
mops[i] = M_SEP;
nmods--;
} else if ( BVICMP( btype+i, &BV_MODOPREPLACE ) == 0 ) {
/* defer handling these since they might have no values.
* Use the BVALUES flag to signal that these were
* deferred. If values are provided later, this
* flag will be switched off.
*/
modop = LDAP_MOD_REPLACE;
mops[i] = modop | LDAP_MOD_BVALUES;
btype[i] = vals[i];
} else if ( BVICMP( btype+i, &BV_MODOPDELETE ) == 0 ) {
modop = LDAP_MOD_DELETE;
mops[i] = modop | LDAP_MOD_BVALUES;
btype[i] = vals[i];
} else if ( BVICMP( btype+i, &BV_MODOPINCREMENT ) == 0 ) {
modop = LDAP_MOD_INCREMENT;
mops[i] = M_SEP;
nmods--;
} else { /* no modify op: invalid LDIF */
fprintf( stderr, _("%s: modify operation type is missing at"
" line %d, entry \"%s\"\n"),
prog, linenum+i, dn );
rc = LDAP_PARAM_ERROR;
goto leave;
}
bv = vals[i];
} else if ( expect_sep && BER_BVISEMPTY( btype+i )) {
mops[i] = M_SEP;
expect_sep = 0;
expect_modop = 1;
nmods--;
} else {
if ( BVICMP( btype+i, &bv )) {
fprintf( stderr, _("%s: wrong attributeType at"
" line %d, entry \"%s\"\n"),
prog, linenum+i, dn );
rc = LDAP_PARAM_ERROR;
goto leave;
}
mops[i] = modop;
/* If prev op was deferred and matches this type,
* clear the flag
*/
if ( (mops[i-1]&LDAP_MOD_BVALUES) && !BVICMP(btype+i,
btype+i-1)) {
mops[i-1] = M_SEP;
nmods--;
}
}
}
1998-08-09 08:43:13 +08:00
#if 0 /* we should faithfully encode the LDIF, not combine */
/* Make sure all modops with multiple values are contiguous */
for (i=idn; i<lines; i++) {
if ( mops[i] == M_SEP )
continue;
for (j=i+1; j<lines; j++) {
if ( mops[j] == M_SEP || mops[i] != mops[j] )
continue;
if ( !BVICMP( btype+i, btype+j )) {
nmods--;
/* out of order, move intervening attributes down */
if ( j != i+1 ) {
int c;
struct berval bv;
char fv;
c = mops[j];
bv = vals[j];
fv = freeval[j];
for (k=j; k>i; k--) {
btype[k] = btype[k-1];
vals[k] = vals[k-1];
freeval[k] = freeval[k-1];
mops[k] = mops[k-1];
}
k++;
btype[k] = btype[i];
vals[k] = bv;
freeval[k] = fv;
mops[k] = c;
}
i++;
}
}
}
#endif
/* Allocate space for array of mods, array of pointers to mods,
* and array of pointers to values, allowing for NULL terminators
* for the pointer arrays...
*/
lm = ber_memalloc( nmods * sizeof(LDAPMod) +
(nmods+1) * sizeof(LDAPMod*) +
(lines + nmods - idn) * sizeof(struct berval *));
pmods = (LDAPMod **)(lm+nmods);
bvl = (struct berval **)(pmods+nmods+1);
j = 0;
k = -1;
BER_BVZERO(&bv);
mops[idn-1] = M_SEP;
for (i=idn; i<lines; i++) {
if ( mops[i] == M_SEP )
continue;
if ( mops[i] != mops[i-1] || BVICMP(btype+i,&bv)) {
bvl[k++] = NULL;
bv = btype[i];
lm[j].mod_op = mops[i] | LDAP_MOD_BVALUES;
lm[j].mod_type = bv.bv_val;
if ( mops[i] & LDAP_MOD_BVALUES ) {
lm[j].mod_bvalues = NULL;
} else {
lm[j].mod_bvalues = bvl+k;
}
pmods[j] = lm+j;
j++;
}
bvl[k++] = vals+i;
}
bvl[k] = NULL;
pmods[j] = NULL;
doit:
/* If default controls are set (as with -M option) and controls are
specified in the LDIF file, we must add the default controls to
the list of controls sent with the ldap operation.
*/
if ( rc == 0 ) {
if (pctrls) {
LDAPControl **defctrls = NULL; /* Default server controls */
LDAPControl **newctrls = NULL;
ldap_get_option(ld, LDAP_OPT_SERVER_CONTROLS, &defctrls);
if (defctrls) {
int npc=0; /* Num of LDIF controls */
int ndefc=0; /* Num of default controls */
while (pctrls[npc]) npc++; /* Count LDIF controls */
while (defctrls[ndefc]) ndefc++; /* Count default controls */
newctrls = ber_memrealloc(pctrls,
(npc+ndefc+1)*sizeof(LDAPControl*));
if (newctrls == NULL) {
rc = LDAP_NO_MEMORY;
} else {
int i;
pctrls = newctrls;
for (i=npc; i<npc+ndefc; i++) {
pctrls[i] = ldap_control_dup(defctrls[i-npc]);
if (pctrls[i] == NULL) {
rc = LDAP_NO_MEMORY;
break;
}
}
pctrls[npc+ndefc] = NULL;
}
ldap_controls_free(defctrls); /* Must be freed by library */
}
}
}
if ( rc == 0 ) {
if ( delete_entry ) {
rc = dodelete( dn, pctrls );
} else if ( newrdn != NULL ) {
rc = dorename( dn, newrdn, newsup, deleteoldrdn, pctrls );
} else {
rc = domodify( dn, pmods, pctrls, new_entry );
}
1998-08-09 08:43:13 +08:00
if ( rc == LDAP_SUCCESS ) {
rc = 0;
}
1998-08-09 08:43:13 +08:00
}
leave:
if (pctrls != NULL) {
ldap_controls_free( pctrls );
}
if ( lm != NULL ) {
ber_memfree( lm );
}
if ( mops != NULL ) {
ber_memfree( mops );
}
for (i=lines-1; i>=0; i--)
if ( freeval[i] ) ber_memfree( vals[i].bv_val );
ber_memfree( btype );
return( rc );
}
/* Parse an LDIF control line of the form
control: oid [true/false] [: value] or
control: oid [true/false] [:: base64-value] or
control: oid [true/false] [:< url]
The control is added to the list of controls in *ppctrls.
*/
static int
parse_ldif_control(
struct berval *bval,
LDAPControl ***ppctrls )
{
char *oid = NULL;
int criticality = 0; /* Default is false if not present */
int i, rc=0;
char *s, *oidStart;
LDAPControl *newctrl = NULL;
LDAPControl **pctrls = NULL;
struct berval type, bv;
int freeval;
if (ppctrls) pctrls = *ppctrls;
/* OID should come first. Validate and extract it. */
if (*s == 0) return ( LDAP_PARAM_ERROR );
oidStart = s;
while (isdigit((unsigned char)*s) || *s == '.') {
s++; /* OID should be digits or . */
}
if (s == oidStart) {
return ( LDAP_PARAM_ERROR ); /* OID was not present */
}
if (*s) { /* End of OID should be space or NULL */
if (!isspace((unsigned char)*s)) {
return ( LDAP_PARAM_ERROR ); /* else OID contained invalid chars */
}
*s++ = 0; /* Replace space with null to terminate */
}
oid = ber_strdup(oidStart);
if (oid == NULL) return ( LDAP_NO_MEMORY );
/* Optional Criticality field is next. */
while (*s && isspace((unsigned char)*s)) {
s++; /* Skip white space before criticality */
}
if (strncasecmp(s, "true", 4) == 0) {
criticality = 1;
s += 4;
}
else if (strncasecmp(s, "false", 5) == 0) {
criticality = 0;
s += 5;
}
/* Optional value field is next */
while (*s && isspace((unsigned char)*s)) {
s++; /* Skip white space before value */
}
if (*s) {
if (*s != ':') { /* If value is present, must start with : */
rc = LDAP_PARAM_ERROR;
goto cleanup;
}
/* Back up so value is in the form
a: value
a:: base64-value
a:< url
Then we can use ldif_parse_line2 to extract and decode the value
*/
s--;
*s = 'a';
rc = ldif_parse_line2(s, &type, &bv, &freeval);
if (rc < 0) {
rc = LDAP_PARAM_ERROR;
goto cleanup;
}
}
/* Create a new LDAPControl structure. */
newctrl = (LDAPControl *)ber_memalloc(sizeof(LDAPControl));
if ( newctrl == NULL ) {
rc = LDAP_NO_MEMORY;
goto cleanup;
}
newctrl->ldctl_oid = oid;
oid = NULL;
newctrl->ldctl_iscritical = criticality;
if ( freeval )
newctrl->ldctl_value = bv;
else
ber_dupbv( &newctrl->ldctl_value, &bv );
/* Add the new control to the passed-in list of controls. */
i = 0;
if (pctrls) {
while ( pctrls[i] ) { /* Count the # of controls passed in */
i++;
}
}
/* Allocate 1 more slot for the new control and 1 for the NULL. */
pctrls = (LDAPControl **) ber_memrealloc(pctrls,
(i+2)*(sizeof(LDAPControl *)));
if (pctrls == NULL) {
rc = LDAP_NO_MEMORY;
goto cleanup;
}
pctrls[i] = newctrl;
newctrl = NULL;
pctrls[i+1] = NULL;
*ppctrls = pctrls;
cleanup:
if (newctrl) {
if (newctrl->ldctl_oid) ber_memfree(newctrl->ldctl_oid);
if (newctrl->ldctl_value.bv_val) {
ber_memfree(newctrl->ldctl_value.bv_val);
}
ber_memfree(newctrl);
}
if (oid) ber_memfree(oid);
return( rc );
1998-08-09 08:43:13 +08:00
}
static int
2000-06-30 03:35:51 +08:00
domodify(
const char *dn,
LDAPMod **pmods,
LDAPControl **pctrls,
2000-06-30 03:35:51 +08:00
int newentry )
1998-08-09 08:43:13 +08:00
{
int rc, i, j, k, notascii, op;
struct berval *bvp;
1998-08-09 08:43:13 +08:00
2003-08-10 01:45:34 +08:00
if ( dn == NULL ) {
fprintf( stderr, _("%s: no DN specified\n"), prog );
return( LDAP_PARAM_ERROR );
2003-08-10 01:45:34 +08:00
}
if ( pmods == NULL ) {
/* implement "touch" (empty sequence)
* modify operation (note that there
* is no symmetry with the UNIX command,
* since \"touch\" on a non-existent entry
* will fail)*/
printf( "warning: no attributes to %sadd (entry=\"%s\")\n",
newentry ? "" : "change or ", dn );
1998-08-09 08:43:13 +08:00
} else {
for ( i = 0; pmods[ i ] != NULL; ++i ) {
op = pmods[ i ]->mod_op & ~LDAP_MOD_BVALUES;
if( op == LDAP_MOD_ADD && ( pmods[i]->mod_bvalues == NULL )) {
fprintf( stderr,
_("%s: attribute \"%s\" has no values (entry=\"%s\")\n"),
prog, pmods[i]->mod_type, dn );
return LDAP_PARAM_ERROR;
}
}
if ( verbose ) {
for ( i = 0; pmods[ i ] != NULL; ++i ) {
op = pmods[ i ]->mod_op & ~LDAP_MOD_BVALUES;
printf( "%s %s:\n",
op == LDAP_MOD_REPLACE ? _("replace") :
op == LDAP_MOD_ADD ? _("add") :
op == LDAP_MOD_INCREMENT ? _("increment") :
op == LDAP_MOD_DELETE ? _("delete") :
_("unknown"),
pmods[ i ]->mod_type );
if ( pmods[ i ]->mod_bvalues != NULL ) {
for ( j = 0; pmods[ i ]->mod_bvalues[ j ] != NULL; ++j ) {
bvp = pmods[ i ]->mod_bvalues[ j ];
notascii = 0;
for ( k = 0; (unsigned long) k < bvp->bv_len; ++k ) {
if ( !isascii( bvp->bv_val[ k ] )) {
notascii = 1;
break;
}
}
if ( notascii ) {
printf( _("\tNOT ASCII (%ld bytes)\n"), bvp->bv_len );
} else {
printf( "\t%s\n", bvp->bv_val );
}
}
}
}
}
}
1998-08-09 08:43:13 +08:00
if ( newentry ) {
2006-01-09 03:51:28 +08:00
printf( "%sadding new entry \"%s\"\n", dont ? "!" : "", dn );
1998-08-09 08:43:13 +08:00
} else {
2006-01-09 03:51:28 +08:00
printf( "%smodifying entry \"%s\"\n", dont ? "!" : "", dn );
1998-08-09 08:43:13 +08:00
}
2006-01-09 03:51:28 +08:00
if ( !dont ) {
2005-04-20 05:21:51 +08:00
int msgid;
if ( newentry ) {
rc = ldap_add_ext( ld, dn, pmods, pctrls, NULL, &msgid );
} else {
rc = ldap_modify_ext( ld, dn, pmods, pctrls, NULL, &msgid );
}
if ( rc != LDAP_SUCCESS ) {
/* print error message about failed update including DN */
fprintf( stderr, _("%s: update failed: %s\n"), prog, dn );
tool_perror( newentry ? "ldap_add" : "ldap_modify",
rc, NULL, NULL, NULL, NULL );
goto done;
} else if ( verbose ) {
printf( _("modify complete\n") );
}
rc = process_response( ld, msgid,
newentry ? LDAP_RES_ADD : LDAP_RES_MODIFY, dn );
} else {
rc = LDAP_SUCCESS;
}
1998-08-09 08:43:13 +08:00
done:
putchar( '\n' );
return rc;
1998-08-09 08:43:13 +08:00
}
static int
2000-06-30 03:35:51 +08:00
dodelete(
const char *dn,
LDAPControl **pctrls )
1998-08-09 08:43:13 +08:00
{
int rc;
int msgid;
1998-08-09 08:43:13 +08:00
2006-01-09 03:51:28 +08:00
printf( _("%sdeleting entry \"%s\"\n"), dont ? "!" : "", dn );
if ( !dont ) {
rc = ldap_delete_ext( ld, dn, pctrls, NULL, &msgid );
if ( rc != LDAP_SUCCESS ) {
fprintf( stderr, _("%s: delete failed: %s\n"), prog, dn );
tool_perror( "ldap_delete", rc, NULL, NULL, NULL, NULL );
goto done;
} else if ( verbose ) {
printf( _("delete complete") );
}
rc = process_response( ld, msgid, LDAP_RES_DELETE, dn );
} else {
rc = LDAP_SUCCESS;
}
1998-08-09 08:43:13 +08:00
done:
putchar( '\n' );
return( rc );
1998-08-09 08:43:13 +08:00
}
static int
2000-06-30 03:35:51 +08:00
dorename(
const char *dn,
const char *newrdn,
const char* newsup,
int deleteoldrdn,
LDAPControl **pctrls )
1998-08-09 08:43:13 +08:00
{
int rc;
int msgid;
1998-08-09 08:43:13 +08:00
2006-01-09 03:51:28 +08:00
printf( _("%smodifying rdn of entry \"%s\"\n"), dont ? "!" : "", dn );
if ( verbose ) {
printf( _("\tnew RDN: \"%s\" (%skeep existing values)\n"),
newrdn, deleteoldrdn ? _("do not ") : "" );
}
2006-01-09 03:51:28 +08:00
if ( !dont ) {
rc = ldap_rename( ld, dn, newrdn, newsup, deleteoldrdn,
pctrls, NULL, &msgid );
if ( rc != LDAP_SUCCESS ) {
fprintf( stderr, _("%s: rename failed: %s\n"), prog, dn );
tool_perror( "ldap_rename", rc, NULL, NULL, NULL, NULL );
goto done;
} else {
printf( _("rename completed\n") );
}
rc = process_response( ld, msgid, LDAP_RES_RENAME, dn );
1998-08-09 08:43:13 +08:00
} else {
rc = LDAP_SUCCESS;
1998-08-09 08:43:13 +08:00
}
done:
putchar( '\n' );
return( rc );
1998-08-09 08:43:13 +08:00
}
static const char *
res2str( int res ) {
switch ( res ) {
case LDAP_RES_ADD:
return "ldap_add";
case LDAP_RES_DELETE:
return "ldap_delete";
case LDAP_RES_MODIFY:
return "ldap_modify";
case LDAP_RES_MODRDN:
return "ldap_rename";
default:
assert( 0 );
}
return "ldap_unknown";
}
static int process_response(
LDAP *ld,
int msgid,
int op,
const char *dn )
{
2005-04-20 05:21:51 +08:00
LDAPMessage *res;
2006-03-07 06:32:11 +08:00
int rc = LDAP_OTHER, msgtype;
2005-08-01 02:05:51 +08:00
struct timeval tv = { 0, 0 };
2006-03-07 06:30:12 +08:00
int err;
char *text = NULL, *matched = NULL, **refs = NULL;
LDAPControl **ctrls = NULL;
2005-04-20 05:21:51 +08:00
for ( ; ; ) {
tv.tv_sec = 0;
tv.tv_usec = 100000;
2006-03-07 06:30:12 +08:00
rc = ldap_result( ld, msgid, LDAP_MSG_ALL, &tv, &res );
2005-04-20 05:21:51 +08:00
if ( tool_check_abandon( ld, msgid ) ) {
return LDAP_CANCELLED;
}
if ( rc == -1 ) {
ldap_get_option( ld, LDAP_OPT_RESULT_CODE, &rc );
2005-04-20 05:21:51 +08:00
return rc;
}
if ( rc != 0 ) {
break;
}
}
2006-03-07 06:32:11 +08:00
msgtype = ldap_msgtype( res );
2006-03-07 06:30:12 +08:00
rc = ldap_parse_result( ld, res, &err, &matched, &text, &refs, &ctrls, 1 );
if ( rc == LDAP_SUCCESS ) rc = err;
#ifdef LDAP_X_TXN
if ( rc == LDAP_X_TXN_SPECIFY_OKAY ) {
rc = LDAP_SUCCESS;
} else
#endif
2006-03-07 06:30:12 +08:00
if ( rc != LDAP_SUCCESS ) {
tool_perror( res2str( op ), rc, NULL, matched, text, refs );
} else if ( msgtype != op ) {
fprintf( stderr, "%s: msgtype: expected %d got %d\n",
res2str( op ), op, msgtype );
rc = LDAP_OTHER;
}
2006-03-07 06:30:12 +08:00
if ( text ) ldap_memfree( text );
if ( matched ) ldap_memfree( matched );
if ( text ) ber_memvfree( (void **)refs );
2004-03-17 11:13:00 +08:00
2006-03-07 06:30:12 +08:00
if ( ctrls != NULL ) {
tool_print_ctrls( ld, ctrls );
ldap_controls_free( ctrls );
}
return rc;
}