mirror of
https://git.openldap.org/openldap/openldap.git
synced 2025-01-18 11:05:48 +08:00
Updated Kerberos code, password prompting, detailed usage(). <dave@tamos.net>
This commit is contained in:
Dave Storey
parent
5da5771bd9
commit
84c774854f
@ -12,17 +12,32 @@
|
||||
#include <lber.h>
|
||||
#include <ldap.h>
|
||||
|
||||
static char *binddn = NULL;
|
||||
static char *passwd = NULL;
|
||||
static char *base = NULL;
|
||||
static char *ldaphost = NULL;
|
||||
static int ldapport = 0;
|
||||
static int not, verbose, contoper;
|
||||
static LDAP *ld;
|
||||
|
||||
#define safe_realloc( ptr, size ) ( ptr == NULL ? malloc( size ) : \
|
||||
realloc( ptr, size ))
|
||||
|
||||
static void
|
||||
usage(char *s)
|
||||
{
|
||||
fprintf(stderr, "Usage: %s [options] [dn]...", s);
|
||||
fprintf(stderr, " -c\t\tcontinuous operation mode\n");
|
||||
fprintf(stderr, " -D bindnd\tbind dn\n");
|
||||
fprintf(stderr, " -d level\tdebugging level\n");
|
||||
fprintf(stderr, " -f file\t\t\n");
|
||||
fprintf(stderr, " -h host\tldap sever\n");
|
||||
#ifdef HAVE_KERBEROS
|
||||
fprintf(stderr, " -K\t\tuse Kerberos step 1\n");
|
||||
fprintf(stderr, " -k\t\tuse Kerberos instead of Simple Password authentication\n");
|
||||
#endif
|
||||
fprintf(stderr, " -n\t\t make no modifications\n");
|
||||
fprintf(stderr, " -p port\tldap port\n");
|
||||
fprintf(stderr, " -v\t\tverbose\n");
|
||||
fprintf(stderr, " -W\t\tprompt for bind password\n");
|
||||
fprintf(stderr, " -w passwd\tbind password (for simple authentication)\n");
|
||||
exit(1);
|
||||
}
|
||||
|
||||
static int dodelete LDAP_P((
|
||||
LDAP *ld,
|
||||
char *dn));
|
||||
@ -30,132 +45,146 @@ static int dodelete LDAP_P((
|
||||
int
|
||||
main( int argc, char **argv )
|
||||
{
|
||||
char *usage = "usage: %s [-n] [-v] [-k] [-d debug-level] [-f file] [-h ldaphost] [-p ldapport] [-D binddn] [-w passwd] [dn]...\n";
|
||||
char buf[ 4096 ];
|
||||
FILE *fp;
|
||||
int i, rc, kerberos, authmethod;
|
||||
FILE *fp = NULL;
|
||||
LDAP *ld = NULL;
|
||||
char buf[4096];
|
||||
char *binddn = NULL;
|
||||
char *passwd = NULL;
|
||||
char *ldaphost = NULL;
|
||||
int authmethod = LDAP_AUTH_SIMPLE;
|
||||
int deref = LDAP_DEREF_NEVER;
|
||||
int i, rc, want_passwd;
|
||||
int ldapport = LDAP_PORT;
|
||||
|
||||
kerberos = not = verbose = contoper = 0;
|
||||
fp = NULL;
|
||||
rc = not = verbose = contoper = want_passwd = 0;
|
||||
|
||||
while (( i = getopt( argc, argv, "nvkKch:p:D:w:d:f:" )) != EOF ) {
|
||||
switch( i ) {
|
||||
case 'k': /* kerberos bind */
|
||||
kerberos = 2;
|
||||
break;
|
||||
case 'K': /* kerberos bind, part one only */
|
||||
kerberos = 1;
|
||||
break;
|
||||
while ((i = getopt( argc, argv, "cD:d:f:h:Kknp:vWw:")) != EOF )
|
||||
{
|
||||
switch(i)
|
||||
{
|
||||
case 'c': /* continuous operation mode */
|
||||
++contoper;
|
||||
contoper++;
|
||||
break;
|
||||
case 'h': /* ldap host */
|
||||
ldaphost = strdup( optarg );
|
||||
|
||||
case 'D': /* bind DN */
|
||||
binddn = strdup(optarg);
|
||||
break;
|
||||
case 'D': /* bind DN */
|
||||
binddn = strdup( optarg );
|
||||
|
||||
case 'd':
|
||||
#ifdef LDAP_DEBUG
|
||||
ldap_debug = lber_debug = atoi(optarg);
|
||||
#else
|
||||
fprintf( stderr, "compile with -DLDAP_DEBUG for debugging\n" );
|
||||
#endif
|
||||
break;
|
||||
case 'w': /* password */
|
||||
passwd = strdup( optarg );
|
||||
break;
|
||||
case 'f': /* read DNs from a file */
|
||||
if (( fp = fopen( optarg, "r" )) == NULL ) {
|
||||
perror( optarg );
|
||||
exit( 1 );
|
||||
|
||||
case 'f': /* read DNs from a file */
|
||||
if ((fp = fopen(optarg, "r")) == NULL)
|
||||
{
|
||||
perror(optarg);
|
||||
return(1);
|
||||
}
|
||||
break;
|
||||
case 'd':
|
||||
#ifdef LDAP_DEBUG
|
||||
ldap_debug = lber_debug = atoi( optarg ); /* */
|
||||
#else /* LDAP_DEBUG */
|
||||
fprintf( stderr, "compile with -DLDAP_DEBUG for debugging\n" );
|
||||
#endif /* LDAP_DEBUG */
|
||||
|
||||
case 'h': /* ldap host */
|
||||
ldaphost = strdup(optarg);
|
||||
break;
|
||||
case 'p':
|
||||
|
||||
case 'K': /* kerberos bind, part one only */
|
||||
#ifdef HAVE_KERBEROS
|
||||
authmethod = LDAP_AUTH_KRBV41;
|
||||
#else
|
||||
fprintf(stderr, "%s was not compiled with Kerberos support\n", argv[0]);
|
||||
#endif
|
||||
break;
|
||||
|
||||
case 'k': /* kerberos bind */
|
||||
#ifdef HAVE_KERBEROS
|
||||
authmethod = LDAP_AUTH_KRBV4;
|
||||
#else
|
||||
fprintf(stderr, "%s was not compiled with Kerberos support\n", argv[0]);
|
||||
#endif
|
||||
break;
|
||||
|
||||
case 'n': /* print deletes, don't actually do them */
|
||||
not++;
|
||||
break;
|
||||
|
||||
case 'p':
|
||||
ldapport = atoi( optarg );
|
||||
break;
|
||||
case 'n': /* print deletes, don't actually do them */
|
||||
++not;
|
||||
break;
|
||||
case 'v': /* verbose mode */
|
||||
|
||||
case 'v': /* verbose mode */
|
||||
verbose++;
|
||||
break;
|
||||
default:
|
||||
fprintf( stderr, usage, argv[0] );
|
||||
exit( 1 );
|
||||
|
||||
case 'W':
|
||||
want_passwd++;
|
||||
break;
|
||||
|
||||
case 'w': /* password */
|
||||
passwd = strdup(optarg);
|
||||
break;
|
||||
|
||||
default:
|
||||
usage(argv[0]);
|
||||
}
|
||||
}
|
||||
|
||||
if ( fp == NULL ) {
|
||||
if ( optind >= argc ) {
|
||||
fp = stdin;
|
||||
}
|
||||
if (want_passwd && !passwd)
|
||||
passwd = strdup(getpass("Enter LDAP Password: "));
|
||||
|
||||
if (fp == NULL && optind >= argc)
|
||||
fp = stdin;
|
||||
|
||||
if ((ld = ldap_open(ldaphost, ldapport)) == NULL) {
|
||||
perror("ldap_open");
|
||||
return(1);
|
||||
}
|
||||
|
||||
if (( ld = ldap_open( ldaphost, ldapport )) == NULL ) {
|
||||
perror( "ldap_open" );
|
||||
exit( 1 );
|
||||
/* this seems prudent */
|
||||
ldap_set_option(ld, LDAP_OPT_DEREF, &deref);
|
||||
|
||||
if (ldap_bind_s(ld, binddn, passwd, authmethod) != LDAP_SUCCESS) {
|
||||
ldap_perror(ld, "ldap_bind");
|
||||
return(1);
|
||||
}
|
||||
|
||||
{
|
||||
/* this seems prudent */
|
||||
int deref = LDAP_DEREF_NEVER;
|
||||
ldap_set_option( ld, LDAP_OPT_DEREF, &deref );
|
||||
}
|
||||
|
||||
if ( !kerberos ) {
|
||||
authmethod = LDAP_AUTH_SIMPLE;
|
||||
} else if ( kerberos == 1 ) {
|
||||
authmethod = LDAP_AUTH_KRBV41;
|
||||
} else {
|
||||
authmethod = LDAP_AUTH_KRBV4;
|
||||
}
|
||||
if ( ldap_bind_s( ld, binddn, passwd, authmethod ) != LDAP_SUCCESS ) {
|
||||
ldap_perror( ld, "ldap_bind" );
|
||||
exit( 1 );
|
||||
}
|
||||
|
||||
if ( fp == NULL ) {
|
||||
for ( ; optind < argc; ++optind ) {
|
||||
rc = dodelete( ld, argv[ optind ] );
|
||||
}
|
||||
if (fp == NULL) {
|
||||
for (; optind < argc; ++optind)
|
||||
rc = dodelete(ld, argv[optind]);
|
||||
} else {
|
||||
rc = 0;
|
||||
while ((rc == 0 || contoper) && fgets(buf, sizeof(buf), fp) != NULL) {
|
||||
buf[ strlen( buf ) - 1 ] = '\0'; /* remove trailing newline */
|
||||
if ( *buf != '\0' ) {
|
||||
rc = dodelete( ld, buf );
|
||||
}
|
||||
buf[strlen(buf) - 1] = '\0'; /* remove trailing newline */
|
||||
if ( *buf != '\0' )
|
||||
rc = dodelete( ld, buf );
|
||||
}
|
||||
}
|
||||
|
||||
ldap_unbind( ld );
|
||||
ldap_unbind(ld);
|
||||
|
||||
exit( rc );
|
||||
|
||||
/* UNREACHABLE */
|
||||
return(0);
|
||||
return(rc);
|
||||
}
|
||||
|
||||
|
||||
static int dodelete(
|
||||
static int
|
||||
dodelete(
|
||||
LDAP *ld,
|
||||
char *dn)
|
||||
{
|
||||
int rc;
|
||||
|
||||
if ( verbose ) {
|
||||
if (verbose)
|
||||
printf( "%sdeleting entry %s\n", not ? "!" : "", dn );
|
||||
}
|
||||
if ( not ) {
|
||||
|
||||
if (not)
|
||||
rc = LDAP_SUCCESS;
|
||||
} else {
|
||||
if (( rc = ldap_delete_s( ld, dn )) != LDAP_SUCCESS ) {
|
||||
ldap_perror( ld, "ldap_delete" );
|
||||
} else if ( verbose ) {
|
||||
printf( "entry removed\n" );
|
||||
}
|
||||
else {
|
||||
if ((rc = ldap_delete_s(ld, dn)) != LDAP_SUCCESS)
|
||||
ldap_perror(ld, "ldap_delete");
|
||||
else if (verbose)
|
||||
printf("entry removed\n");
|
||||
}
|
||||
|
||||
return( rc );
|
||||
return(rc);
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user