mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-01-18 11:05:48 +08:00
Code Issues Packages Projects Releases Wiki Activity

Import -H support and other misc. changes

Browse Source
This commit is contained in:
Kurt Zeilenga 2000-08-26 19:04:33 +00:00
parent 92115eb352
commit 681209a7c2
14 changed files with 319 additions and 108 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
clients/tools/ldapdelete.c
View File

@ -23,6 +23,7 @@
static char *prog;
static char *binddn = NULL;
static struct berval passwd = { 0, NULL };
static char *ldapuri = NULL;
static char *ldaphost = NULL;
static int ldapport = 0;
static int prune = 0;
@ -36,7 +37,7 @@ static char *sasl_secprops = NULL;
#endif
static int use_tls = 0;
static int not, verbose, contoper;
static LDAP *ld;
static LDAP *ld = NULL;
static int dodelete LDAP_P((
LDAP *ld,
@ -100,7 +101,7 @@ main( int argc, char **argv )
prog = (prog = strrchr(argv[0], *LDAP_DIRSEP)) == NULL ? argv[0] : prog + 1;
while (( i = getopt( argc, argv, "cf:r" "Cd:D:h:IkKMnO:p:P:QRU:vw:WxX:Y:Z" )) != EOF ) {
while (( i = getopt( argc, argv, "cf:r" "Cd:D:h:H:IkKMnO:p:P:QRU:vw:WxX:Y:Z" )) != EOF ) {
switch( i ) {
/* Delete Specific Options */
case 'c': /* continuous operation mode */
@ -135,12 +136,31 @@ main( int argc, char **argv )
binddn = strdup( optarg );
break;
case 'h': /* ldap host */
if( ldapuri != NULL ) {
fprintf( stderr, "%s: -h incompatible with -H\n" );
return EXIT_FAILURE;
}
if( ldaphost != NULL ) {
fprintf( stderr, "%s: -h previously specified\n" );
return EXIT_FAILURE;
}
ldaphost = strdup( optarg );
break;
case 'H': /* ldap URI */
if( ldaphost != NULL ) {
fprintf( stderr, "%s: -H incompatible with -h\n" );
return EXIT_FAILURE;
}
if( ldapport ) {
fprintf( stderr, "%s: -H incompatible with -p\n" );
return EXIT_FAILURE;
}
if( ldapuri != NULL ) {
fprintf( stderr, "%s: -H previously specified\n" );
return EXIT_FAILURE;
}
ldapuri = strdup( optarg );
break;
case 'I':
#ifdef HAVE_CYRUS_SASL
if( version == LDAP_VERSION2 ) {
@ -472,10 +492,27 @@ main( int argc, char **argv )
(void) SIGNAL( SIGPIPE, SIG_IGN );
#endif
if (( ld = ldap_init( ldaphost, ldapport )) == NULL ) {
perror( "ldap_init" );
return( EXIT_FAILURE );
}
if( ( ldaphost != NULL || ldapport ) && ( ldapuri == NULL ) ) {
if ( verbose ) {
fprintf( stderr, "ldap_init( %s, %d )\n",
ldaphost != NULL ? ldaphost : "<DEFAULT>",
ldapport );
}
ld = ldap_init( ldaphost, ldapport );
} else {
if ( verbose ) {
fprintf( stderr, "ldap_initialize( %s )\n",
ldapuri != NULL ? ldapuri : "<DEFAULT>" );
}
(void) ldap_initialize( &ld, ldapuri );
}
if( ld == NULL ) {
fprintf( stderr, "Could not create LDAP session handle (%d): %s\n",
rc, ldap_err2string(rc) );
return EXIT_FAILURE;
}
{
/* this seems prudent for searches below */

47
clients/tools/ldapmodify.c
View File

@ -36,6 +36,7 @@
static char *prog;
static char *binddn = NULL;
static struct berval passwd = { 0, NULL };
static char *ldapuri = NULL;
static char *ldaphost = NULL;
static int ldapport = 0;
#ifdef HAVE_CYRUS_SASL
@ -48,7 +49,7 @@ static char *sasl_secprops = NULL;
#endif
static int use_tls = 0;
static int ldapadd, replace, not, verbose, contoper, force;
static LDAP *ld;
static LDAP *ld = NULL;
#define LDAPMOD_MAXLINE 4096
@ -157,7 +158,7 @@ main( int argc, char **argv )
authmethod = -1;
version = -1;
while (( i = getopt( argc, argv, "acrf:F" "Cd:D:h:IkKMnO:p:P:QRU:vw:WxX:Y:Z" )) != EOF ) {
while (( i = getopt( argc, argv, "acrf:F" "Cd:D:h:H:IkKMnO:p:P:QRU:vw:WxX:Y:Z" )) != EOF ) {
switch( i ) {
/* Modify Options */
case 'a': /* add */
@ -195,12 +196,31 @@ main( int argc, char **argv )
binddn = strdup( optarg );
break;
case 'h': /* ldap host */
if( ldapuri != NULL ) {
fprintf( stderr, "%s: -h incompatible with -H\n" );
return EXIT_FAILURE;
}
if( ldaphost != NULL ) {
fprintf( stderr, "%s: -h previously specified\n" );
return EXIT_FAILURE;
}
ldaphost = strdup( optarg );
break;
case 'H': /* ldap URI */
if( ldaphost != NULL ) {
fprintf( stderr, "%s: -H incompatible with -h\n" );
return EXIT_FAILURE;
}
if( ldapport ) {
fprintf( stderr, "%s: -H incompatible with -p\n" );
return EXIT_FAILURE;
}
if( ldapuri != NULL ) {
fprintf( stderr, "%s: -H previously specified\n" );
return EXIT_FAILURE;
}
ldapuri = strdup( optarg );
break;
case 'I':
#ifdef HAVE_CYRUS_SASL
if( version == LDAP_VERSION2 ) {
@ -539,9 +559,26 @@ main( int argc, char **argv )
#endif
if ( !not ) {
if (( ld = ldap_init( ldaphost, ldapport )) == NULL ) {
perror( "ldap_init" );
return( EXIT_FAILURE );
if( ( ldaphost != NULL || ldapport ) && ( ldapuri == NULL ) ) {
if ( verbose ) {
fprintf( stderr, "ldap_init( %s, %d )\n",
ldaphost != NULL ? ldaphost : "<DEFAULT>",
ldapport );
}
ld = ldap_init( ldaphost, ldapport );
} else {
if ( verbose ) {
fprintf( stderr, "ldap_initialize( %s )\n",
ldapuri != NULL ? ldapuri : "<DEFAULT>" );
}
(void) ldap_initialize( &ld, ldapuri );
}
if( ld == NULL ) {
fprintf( stderr, "Could not create LDAP session handle (%d): %s\n",
rc, ldap_err2string(rc) );
return EXIT_FAILURE;
}
/* referrals */

49
clients/tools/ldapmodrdn.c
View File

@ -35,6 +35,7 @@
static char *prog = NULL;
static char *binddn = NULL;
static struct berval passwd = { 0, NULL };
static char *ldapuri = NULL;
static char *ldaphost = NULL;
static int ldapport = 0;
#ifdef HAVE_CYRUS_SASL
@ -47,7 +48,7 @@ static char *sasl_secprops = NULL;
#endif
static int use_tls = 0;
static int not, verbose, contoper;
static LDAP *ld;
static LDAP *ld = NULL;
static int domodrdn(
LDAP *ld,
@ -116,7 +117,7 @@ main(int argc, char **argv)
prog = (prog = strrchr(argv[0], *LDAP_DIRSEP)) == NULL ? argv[0] : prog + 1;
while (( i = getopt( argc, argv, "cf:rs:" "Cd:D:h:IkKMnO:p:P:QRU:vw:WxX:Y:Z" )) != EOF ) {
while (( i = getopt( argc, argv, "cf:rs:" "Cd:D:h:H:IkKMnO:p:P:QRU:vw:WxX:Y:Z" )) != EOF ) {
switch( i ) {
/* Modrdn Options */
case 'c':
@ -157,12 +158,31 @@ main(int argc, char **argv)
binddn = strdup( optarg );
break;
case 'h': /* ldap host */
if( ldapuri != NULL ) {
fprintf( stderr, "%s: -h incompatible with -H\n" );
return EXIT_FAILURE;
}
if( ldaphost != NULL ) {
fprintf( stderr, "%s: -h previously specified\n" );
return EXIT_FAILURE;
}
ldaphost = strdup( optarg );
break;
case 'H': /* ldap URI */
if( ldaphost != NULL ) {
fprintf( stderr, "%s: -H incompatible with -h\n" );
return EXIT_FAILURE;
}
if( ldapport ) {
fprintf( stderr, "%s: -H incompatible with -p\n" );
return EXIT_FAILURE;
}
if( ldapuri != NULL ) {
fprintf( stderr, "%s: -H previously specified\n" );
return EXIT_FAILURE;
}
ldapuri = strdup( optarg );
break;
case 'I':
#ifdef HAVE_CYRUS_SASL
if( version == LDAP_VERSION2 ) {
@ -515,10 +535,27 @@ main(int argc, char **argv)
(void) SIGNAL( SIGPIPE, SIG_IGN );
#endif
if (( ld = ldap_init( ldaphost, ldapport )) == NULL ) {
perror( "ldap_init" );
return( EXIT_FAILURE );
}
if( ( ldaphost != NULL || ldapport ) && ( ldapuri == NULL ) ) {
if ( verbose ) {
fprintf( stderr, "ldap_init( %s, %d )\n",
ldaphost != NULL ? ldaphost : "<DEFAULT>",
ldapport );
}
ld = ldap_init( ldaphost, ldapport );
} else {
if ( verbose ) {
fprintf( stderr, "ldap_initialize( %s )\n",
ldapuri != NULL ? ldapuri : "<DEFAULT>" );
}
(void) ldap_initialize( &ld, ldapuri );
}
if( ld == NULL ) {
fprintf( stderr, "Could not create LDAP session handle (%d): %s\n",
rc, ldap_err2string(rc) );
return EXIT_FAILURE;
}
/* referrals */
if( ldap_set_option( ld, LDAP_OPT_REFERRALS,

48
clients/tools/ldappasswd.c
View File

@ -41,7 +41,8 @@ usage(const char *s)
" -d level set LDAP debugging level to `level'\n"
" -D binddn bind DN\n"
" -f file read operations from `file'\n"
" -h host LDAP server\n"
" -h host LDAP server(s)\n"
" -H URI LDAP Uniform Resource Indentifier(s)\n"
" -I use SASL Interactive mode\n"
" -n show what would be done but don't actually search\n"
" -O props SASL security properties\n"
@ -67,6 +68,7 @@ main( int argc, char *argv[] )
int rc;
char *prog = NULL;
char *ldaphost = NULL;
char *ldapuri = NULL;
char *dn = NULL;
char *binddn = NULL;
@ -96,7 +98,7 @@ main( int argc, char *argv[] )
#endif
int use_tls = 0;
int referrals = 0;
LDAP *ld;
LDAP *ld = NULL;
struct berval *bv = NULL;
int id, code;
@ -111,7 +113,7 @@ main( int argc, char *argv[] )
usage (argv[0]);
while( (i = getopt( argc, argv,
"Aa:Ss:" "Cd:D:h:InO:p:QRU:vw:WxX:Y:Z" )) != EOF )
"Aa:Ss:" "Cd:D:h:H:InO:p:QRU:vw:WxX:Y:Z" )) != EOF )
{
switch (i) {
/* Password Options */
@ -161,12 +163,31 @@ main( int argc, char *argv[] )
binddn = strdup( optarg );
break;
case 'h': /* ldap host */
if( ldapuri != NULL ) {
fprintf( stderr, "%s: -h incompatible with -H\n" );
return EXIT_FAILURE;
}
if( ldaphost != NULL ) {
fprintf( stderr, "%s: -h previously specified\n" );
return EXIT_FAILURE;
}
ldaphost = strdup( optarg );
break;
case 'H': /* ldap URI */
if( ldaphost != NULL ) {
fprintf( stderr, "%s: -H incompatible with -h\n" );
return EXIT_FAILURE;
}
if( ldapport ) {
fprintf( stderr, "%s: -H incompatible with -p\n" );
return EXIT_FAILURE;
}
if( ldapuri != NULL ) {
fprintf( stderr, "%s: -H previously specified\n" );
return EXIT_FAILURE;
}
ldapuri = strdup( optarg );
break;
case 'I':
#ifdef HAVE_CYRUS_SASL
if( version == LDAP_VERSION2 ) {
@ -542,8 +563,25 @@ main( int argc, char *argv[] )
#endif
/* connect to server */
if ((ld = ldap_init( ldaphost, ldapport )) == NULL) {
perror("ldap_init");
if( ( ldaphost != NULL || ldapport ) && ( ldapuri == NULL ) ) {
if ( verbose ) {
fprintf( stderr, "ldap_init( %s, %d )\n",
ldaphost != NULL ? ldaphost : "<DEFAULT>",
ldapport );
}
ld = ldap_init( ldaphost, ldapport );
} else {
if ( verbose ) {
fprintf( stderr, "ldap_initialize( %s )\n",
ldapuri != NULL ? ldapuri : "<DEFAULT>" );
}
(void) ldap_initialize( &ld, ldapuri );
}
if( ld == NULL ) {
fprintf( stderr, "Could not create LDAP session handle (%d): %s\n",
rc, ldap_err2string(rc) );
return EXIT_FAILURE;
}

49
clients/tools/ldapsearch.c
View File

@ -145,6 +145,7 @@ static char *binddn = NULL;
static struct berval passwd = { 0, NULL };
static char *base = NULL;
static char *ldaphost = NULL;
static char *ldapuri = NULL;
static int ldapport = 0;
#ifdef HAVE_CYRUS_SASL
static unsigned sasl_flags = LDAP_SASL_AUTOMATIC;
@ -166,7 +167,7 @@ main( int argc, char **argv )
int rc, i, first, scope, deref, attrsonly, manageDSAit;
int referrals, timelimit, sizelimit, debug;
int authmethod, version, want_bindpw;
LDAP *ld;
LDAP *ld = NULL;
infile = NULL;
debug = verbose = not = vals2tmp = referrals =
@ -180,7 +181,7 @@ main( int argc, char **argv )
prog = (prog = strrchr(argv[0], *LDAP_DIRSEP)) == NULL ? argv[0] : prog + 1;
while (( i = getopt( argc, argv,
"Aa:b:f:Ll:S:s:T:tuV:z:" "Cd:D:h:IkKMnO:p:P:QRU:vw:WxX:Y:Z")) != EOF )
"Aa:b:f:Ll:S:s:T:tuV:z:" "Cd:D:h:H:IkKMnO:p:P:QRU:vw:WxX:Y:Z")) != EOF )
{
switch( i ) {
/* Search Options */
@ -265,12 +266,31 @@ main( int argc, char **argv )
binddn = strdup( optarg );
break;
case 'h': /* ldap host */
if( ldapuri != NULL ) {
fprintf( stderr, "%s: -h incompatible with -H\n" );
return EXIT_FAILURE;
}
if( ldaphost != NULL ) {
fprintf( stderr, "%s: -h previously specified\n" );
return EXIT_FAILURE;
}
ldaphost = strdup( optarg );
break;
case 'H': /* ldap URI */
if( ldaphost != NULL ) {
fprintf( stderr, "%s: -H incompatible with -h\n" );
return EXIT_FAILURE;
}
if( ldapport ) {
fprintf( stderr, "%s: -H incompatible with -p\n" );
return EXIT_FAILURE;
}
if( ldapuri != NULL ) {
fprintf( stderr, "%s: -H previously specified\n" );
return EXIT_FAILURE;
}
ldapuri = strdup( optarg );
break;
case 'I':
#ifdef HAVE_CYRUS_SASL
if( version == LDAP_VERSION2 ) {
@ -642,15 +662,26 @@ main( int argc, char **argv )
(void) SIGNAL( SIGPIPE, SIG_IGN );
#endif
if ( verbose ) {
fprintf( stderr,
(ldapport ? "ldap_init( %s, %d )\n" : "ldap_init( %s, <DEFAULT> )\n"),
(ldaphost != NULL) ? ldaphost : "<DEFAULT>",
ldapport );
if( ( ldaphost != NULL || ldapport ) && ( ldapuri == NULL ) ) {
if ( verbose ) {
fprintf( stderr, "ldap_init( %s, %d )\n",
ldaphost != NULL ? ldaphost : "<DEFAULT>",
ldapport );
}
ld = ldap_init( ldaphost, ldapport );
} else {
if ( verbose ) {
fprintf( stderr, "ldap_initialize( %s )\n",
ldapuri != NULL ? ldapuri : "<DEFAULT>" );
}
(void) ldap_initialize( &ld, ldapuri );
}
if (( ld = ldap_init( ldaphost, ldapport )) == NULL ) {
perror( "ldap_init" );
if( ld == NULL ) {
fprintf( stderr, "Could not create LDAP session handle (%d): %s\n",
rc, ldap_err2string(rc) );
return EXIT_FAILURE;
}

7
doc/man/man1/ldapdelete.1
View File

@ -31,6 +31,8 @@ ldapdelete \- LDAP delete entry tool
[\c
.BI \-w \ passwd\fR]
[\c
.BI \-H \ ldapuri\fR]
[\c
.BI \-h \ ldaphost\fR]
[\c
.BI \-P \ 2\fR\||\|\fI3\fR]
@ -127,11 +129,16 @@ This is used instead of specifying the password on the command line.
.BI \-w \ passwd
Use \fIpasswd\fP as the password for simple authentication.
.TP
.BI \-H \ ldapuri
Specify URI(s) referring to the ldap server(s).
.TP
.BI \-h \ ldaphost
Specify an alternate host on which the ldap server is running.
Deprecated in favor of -H.
.TP
.BI \-p \ ldapport
Specify an alternate TCP port where the ldap server is listening.
Deprecated in favor of -H.
.TP
.BI \-P \ 2\fR\||\|\fI3
Specify the LDAP protocol version to use.

7
doc/man/man1/ldapmodify.1
View File

@ -35,6 +35,8 @@ ldapmodify, ldapadd \- LDAP modify entry and LDAP add entry tools
[\c
.BI \-w \ passwd\fR]
[\c
.BI \-H \ ldapuri\fR]
[\c
.BI \-h \ ldaphost\fR]
[\c
.BI \-p \ ldapport\fR]
@ -197,11 +199,16 @@ This is used instead of specifying the password on the command line.
.BI \-w \ passwd
Use \fIpasswd\fP as the password for simple authentication.
.TP
.BI \-H \ ldapuri
Specify URI(s) referring to the ldap server(s).
.TP
.BI \-h \ ldaphost
Specify an alternate host on which the ldap server is running.
Deprecated in favor of -H.
.TP
.BI \-p \ ldapport
Specify an alternate TCP port where the ldap server is listening.
Deprecated in favor of -H.
.TP
.BI \-P \ 2\fR\||\|\fI3
Specify the LDAP protocol version to use.

13
doc/man/man1/ldapmodrdn.1
View File

@ -31,6 +31,8 @@ ldapmodrdn \- LDAP rename entry tool
[\c
.BI \-w \ passwd\fR]
[\c
.BI \-H \ ldapuri\fR]
[\c
.BI \-h \ ldaphost\fR]
[\c
.BI \-p \ ldapport\fR]
@ -128,11 +130,16 @@ This is used instead of specifying the password on the command line.
.B \-w passwd
Use \fIpasswd\fP as the password for simple authentication.
.TP
.B \-h ldaphost
Specify an alternate host on which the ldap server is running.
.BI \-H \ ldapuri
Specify URI(s) referring to the ldap server(s).
.TP
.B \-p ldapport
.BI \-h \ ldaphost
Specify an alternate host on which the ldap server is running.
Deprecated in favor of -H.
.TP
.BI \-p \ ldapport
Specify an alternate TCP port where the ldap server is listening.
Deprecated in favor of -H.
.TP
.BI \-P \ 2\fR\||\|\fI3
Specify the LDAP protocol version to use.

13
doc/man/man1/ldappasswd.1
View File

@ -17,6 +17,8 @@ ldappasswd \- change the password of an LDAP entry
[\c
.BI \-d \ debuglevel\fR]
[\c
.BI \-H \ ldapuri\fR]
[\c
.BI \-h \ ldaphost\fR]
[\c
.BR \-n ]
@ -87,8 +89,16 @@ Set the LDAP debugging level to \fIdebuglevel\fP.
.B ldappasswd
must be compiled with LDAP_DEBUG defined for this option to have any effect.
.TP
.BI \-H \ ldapuri
Specify URI(s) referring to the ldap server(s).
.TP
.BI \-h \ ldaphost
Specify an alternate host on which the ldap server is running.
Deprecated in favor of -H.
.TP
.BI \-p \ ldapport
Specify an alternate TCP port where the ldap server is listening.
Deprecated in favor of -H.
.TP
.B \-n
Do not set password. (Can be useful when used in conjunction with
@ -102,9 +112,6 @@ This is used instead of specifying the password on the command line.
.BI \-s \ newPasswd
Set the new password to \fInewPasswd\fP.
.TP
.BI \-p \ ldapport
Specify an alternate port on which the ldap server is running.
.TP
.B \-v
Increase the verbosity of output. Can be specified multiple times.
.TP

7
doc/man/man1/ldapsearch.1
View File

@ -37,6 +37,8 @@ ldapsearch \- LDAP search tool
[\c
.BI \-w \ bindpasswd\fR]
[\c
.BI \-H \ ldapuri\fR]
[\c
.BI \-h \ ldaphost\fR]
[\c
.BI \-p \ ldapport\fR]
@ -176,11 +178,16 @@ This is used instead of specifying the password on the command line.
.BI \-w \ bindpasswd
Use \fIbindpasswd\fP as the password for simple authentication.
.TP
.BI \-H \ ldapuri
Specify URI(s) referring to the ldap server(s).
.TP
.BI \-h \ ldaphost
Specify an alternate host on which the ldap server is running.
Deprecated in favor of -H.
.TP
.BI \-p \ ldapport
Specify an alternate TCP port where the ldap server is listening.
Deprecated in favor of -H.
.TP
.BI \-b \ searchbase
Use \fIsearchbase\fP as the starting point for the search instead of

44
doc/man/man8/slappasswd.8
View File

@ -6,8 +6,8 @@
slappasswd \- OpenLDAP password utility
.SH SYNOPSIS
.B SBINDIR/slappasswd
.B [\-a]
.B [\-v]
.B [\-u]
.B [\-s secret]
.B [\-h hash]
.B
@ -15,24 +15,28 @@ slappasswd \- OpenLDAP password utility
.SH DESCRIPTION
.LP
.B Slappasswd
is used to compute a hashed password suitable for use
as a userPassword value
is used to generate an userPassword value
suitable for use with
.BR ldapmodify (1)
or
.BR slapd.conf (5)
.BR rootpw .
.I rootpw
coniguration directive.
.SH OPTIONS
.TP
.B \-a
generate authPassword values instead of RFC2307 passwords
.TP
.B \-v
enable verbose mode.
.B \-u
generate RFC2307 userPassword values (the default). Future
versions of this program may generate alternative syntaxes
by default. This option is provided for forward compatibility.
.TP
.BI \-s " secret"
The secret to hash. If not provided, the user will be prompted
for the secret to hash.
.TP
.BI \-h " scheme"
The hash scheme to use. RFC2307 schemes supported include
If -h is specified, one of the following RFC2307 schemes may
be specified:
.IR {CRYPT} ,
.IR {MD5} ,
.IR {SMD5} ,
@ -41,17 +45,11 @@ The hash scheme to use. RFC2307 schemes supported include
The default is
.IR {SSHA} .
.LP
If \-a is specified, the following authPassword schemes
may be specified:
.IR MD5 ,
.IR SHA1 ", and"
.IR X-CRYPT .
The default is
.IR SHA1 .
.SH LIMITATIONS
The practice storing hashed passwords in userPassword
violates Standard Track schema and may hinder
interoperability. authPassword is not yet widely supported.
The practice storing hashed passwords in userPassword violates
Standard Track (RFC2256) schema specifications and may hinder
interoperability. A new attribute type to hold hashed
passwords is needed.
.SH "SECURITY CONSIDERATIONS"
Use of hashed passwords does not protect passwords during
protocol transfer. TLS or other eavesdropping protections
@ -62,10 +60,10 @@ were clear text passwords.
.BR ldappasswd (1),
.BR ldapmodify (1),
.BR slapd (8)
.BR slapd.conf (5)
.LP
"OpenLDAP Administrator's Guide" (http://www.OpenLDAP.org/doc/admin/)
.SH ACKNOWLEDGEMENTS
.B OpenLDAP
is developed and maintained by The OpenLDAP Project (http://www.openldap.org/).
.B OpenLDAP
is derived from University of Michigan LDAP 3.3 Release.
OpenLDAP is developed and maintained by
The OpenLDAP Project (http://www.openldap.org/).
OpenLDAP is derived from University of Michigan LDAP 3.3 Release.

4
libraries/libldap/ldap.conf
View File

@ -6,8 +6,8 @@
# See ldap.conf(5) for details
# This file should be world readable.
#BASE dc=OpenLDAP, dc=Org
#URI ldap://ldap.openldap.org ldap://ldap-master.openldap.org:666
#BASE dc=example, dc=com
#URI ldap://ldap.example.com ldap://ldap-master.example.com:666
#SIZELIMIT 12
#TIMELIMIT 15

41
libraries/libldap/open.c
View File

@ -240,47 +240,6 @@ ldap_initialize( LDAP **ldp, LDAP_CONST char *url )
return LDAP_SUCCESS;
}
int
ldap_start_tls_s ( LDAP *ld,
LDAPControl **serverctrls,
LDAPControl **clientctrls )
{
#ifdef HAVE_TLS
LDAPConn *lc;
int rc;
char *rspoid = NULL;
struct berval *rspdata = NULL;
if (ld->ld_conns == NULL) {
rc = ldap_open_defconn( ld );
if (rc != LDAP_SUCCESS)
return(rc);
}
for (lc = ld->ld_conns; lc != NULL; lc = lc->lconn_next) {
if (ldap_pvt_tls_inplace(lc->lconn_sb) != 0)
return LDAP_OPERATIONS_ERROR;
/* XXYYZ: this initiates operaton only on default connection! */
rc = ldap_extended_operation_s(ld, LDAP_EXOP_START_TLS,
NULL, serverctrls, clientctrls, &rspoid, &rspdata);
if (rc != LDAP_SUCCESS)
return rc;
if (rspoid != NULL)
LDAP_FREE(rspoid);
if (rspdata != NULL)
ber_bvfree(rspdata);
rc = ldap_pvt_tls_start( ld, lc->lconn_sb, ld->ld_options.ldo_tls_ctx );
if (rc != LDAP_SUCCESS)
return rc;
}
return LDAP_SUCCESS;
#else
return LDAP_NOT_SUPPORTED;
#endif
}
int
ldap_int_open_connection(
LDAP *ld,

49
libraries/libldap/tls.c
View File

@ -8,8 +8,6 @@
#include "portable.h"
#ifdef HAVE_TLS
#include <stdio.h>
#include <ac/stdlib.h>
@ -21,6 +19,8 @@
#include "ldap-int.h"
#ifdef HAVE_TLS
#ifdef LDAP_R_COMPILE
#include <ldap_pvt_thread.h>
#endif
@ -1033,7 +1033,46 @@ tls_tmp_dh_cb( SSL *ssl, int is_export, int key_length )
return NULL;
}
#endif
#else
static int dummy;
#endif
int
ldap_start_tls_s ( LDAP *ld,
LDAPControl **serverctrls,
LDAPControl **clientctrls )
{
#ifdef HAVE_TLS
LDAPConn *lc;
int rc;
char *rspoid = NULL;
struct berval *rspdata = NULL;
if (ld->ld_conns == NULL) {
rc = ldap_open_defconn( ld );
if (rc != LDAP_SUCCESS)
return(rc);
}
for (lc = ld->ld_conns; lc != NULL; lc = lc->lconn_next) {
if (ldap_pvt_tls_inplace(lc->lconn_sb) != 0)
return LDAP_OPERATIONS_ERROR;
/* XXYYZ: this initiates operaton only on default connection! */
rc = ldap_extended_operation_s(ld, LDAP_EXOP_START_TLS,
NULL, serverctrls, clientctrls, &rspoid, &rspdata);
if (rc != LDAP_SUCCESS)
return rc;
if (rspoid != NULL)
LDAP_FREE(rspoid);
if (rspdata != NULL)
ber_bvfree(rspdata);
rc = ldap_pvt_tls_start( ld, lc->lconn_sb, ld->ld_options.ldo_tls_ctx );
if (rc != LDAP_SUCCESS)
return rc;
}
return LDAP_SUCCESS;
#else
return LDAP_NOT_SUPPORTED;
#endif
}