nss_ldap.c revision c1ecd8b9404ee0d96d93f02e82c441b9bb149a3d
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2008 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#pragma ident "%Z%%M% %I% %E% SMI"
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <string.h>
#include <stdarg.h>
#include <fcntl.h>
#include <syslog.h>
#include <errno.h>
#include <pwd.h>
#include <libintl.h>
#include <netdb.h> /* for rcmd() */
#include <ns.h>
#include <list.h>
#define LDAP_REFERRALS
#include <lber.h>
#include <ldap.h>
#include <sys/systeminfo.h>
/*
* This modules contains the code required to manipulate printer objects in
* a LDAP directory for the Naming Service (NS) switch.
* It can "add", "modify" and "delete" the objects on the given ldap server
* and in the given NS domain DN, eg. "dc=mkg,dc=sun,dc=com".
* Note: printers known to the naming service are contained in the RDN
* "ou=printers" under the NS domain DN
*/
#define PCONTAINER "ou=printers"
/* attribute keywords */
#define ATTR_DN "dn"
#define ATTR_OCLASS "objectClass"
#define ATTR_URI "printer-uri"
#define ATTR_PNAME "printer-name"
#define ATTR_XRISUP "printer-xri-supported"
#define ATTR_BSDADDR "sun-printer-bsdaddr"
#define ATTR_KVP "sun-printer-kvp"
/* objectClass values */
#define OCV_TOP "top"
#define OCV_PSERVICE "printerService"
#define OCV_SUNPRT "sunPrinter"
#define OCV_PABSTRACT "printerAbstract"
/* xri-supported attribute value */
#define AV_UNKNOWN "unknown"
/*
* LDAP objectclass atributes that the user can explicity change
*/
static const char *nsl_attr_printerService[] = {
"printer-uri",
"printer-xri-supported",
/* Not allowed "printer-name", */
"printer-natural-language-configured",
"printer-location",
"printer-info",
"printer-more-info",
"printer-make-and-model",
"printer-charset-configured",
"printer-charset-supported",
"printer-generated-natural-language-supported",
"printer-document-format-supported",
"printer-color-supported",
"printer-compression-supported",
"printer-pages-per-minute",
"printer-pages-per-minute-color",
"printer-finishings-supported",
"printer-number-up-supported",
"printer-sides-supported",
"printer-media-supported",
"printer-media-local-supported",
"printer-resolution-supported",
"printer-print-quality-supported",
"printer-job-priority-supported",
"printer-copies-supported",
"printer-job-k-octets-supported",
"printer-current-operator",
"printer-service-person",
"printer-delivery-orientation-supported",
"printer-stacking-order-supported",
"printer-output-features-supported",
(char *)NULL
};
static const char *nsl_attr_printerIPP[] = {
"printer-ipp-versions-supported",
"printer-multiple-document-jobs-supported",
(char *)NULL
};
static const char *nsl_attr_sunPrinter[] = {
/* Not allowed "sun-printer-bsdaddr", */
/* Not allowed "sun-printer-kvp", */
(char *)NULL
};
/*
* List of LDAP attributes that user is not allowed to explicitly change
*/
static const char *nsl_attr_notAllowed[] = {
ATTR_OCLASS, /* objectclass */
ATTR_PNAME, /* printer-name */
(char *)NULL
};
static uchar_t *_getThisNSDomainDN(void);
static int _attrInLDAPList(char *attr);
/*
* *****************************************************************************
*
* Function: ldap_put_printer()
*
* Description: Action the request to change a printer object in the LDAP
* directory DIT. The object is either added, modified or deleted
* depending on the request's attribute list. A null list indicates
* the request is a delete.
* The object's DN is constructed from the supplied domain DN and
* a check is done to see if the object exists already, if it
* doesn't exist then this is a request to add a new object
* If a URI is given in the attribute list and it is different to
* the existing printing object's DN then the request will be
* rejected.
*
*
* Parameters:
* Input: const ns_printer_t *printer
* - this structure contains the following :
* char *printerName - name of the printer
* ns_cred_t *cred - structure containing the ldap host and
* port, user, password and NS domain DN for the
* directory server to be updated.
* char **attrList - pointer to a list of attribute key values
* for the printer object. If the object does
* not already exist then this list contains the
* values for the new object, otherwise this list
* is a list of attributes to modify. For modify
* a null attribute value is a attribute delete
* request. A NULL ptr = delete the object.
* Output: None
*
* Returns: int - 0 = request actioned okay
* !0 = error - see NSL_RESULT codes
*
* *****************************************************************************
*/
int
{
char *printerName = NULL;
/* -------- */
/*
* Note: the "attributes" list should be null for ldap as the attribute
* values are passed in the nsdata field
*/
{
/* extract required pointer values from structure */
{
}
/* connect and bind to the ldap directory server */
{
/*
* check if the NS domain DN was given, if not use the
* current NS domain
*/
{
}
else
{
/* get DN of current domain */
}
if (printerExists != LDAP_SUCCESS)
{
/*
* could not find the printer by printer-name,
* but there could be a non sunPrinter object
* so if the printer-uri was given check if
* an object for that exists
*/
{
}
}
#ifdef DEBUG
if (printerExists == NSL_OK)
{
}
#endif
{
/*
* a null list indicates that this is a DELETE
* object request, so if object exists delete
* it, otherwise report an error.
*/
if (printerExists == LDAP_SUCCESS)
{
(char *)printerDN);
if (result != LDAP_SUCCESS)
{
#ifdef DEBUG
#endif
}
}
else
{
}
}
else
{
/*
* if object exists then this is a
* modify request otherwise is is an add request
*/
if (printerExists == LDAP_SUCCESS)
{
/*
* Modify the printer object to
* give it the new attribute values
* specified by the user
*/
result =
(uchar_t *)printerName,
}
else
{
/*
* add new printer object into the
* ldap directory with the user
* specified attribute values
*/
result =
(uchar_t *)printerName,
}
}
{
}
{
}
/* disconnect from LDAP server */
(void) ldap_unbind(ld);
}
}
else
{
/* no printerName given */
}
return ((int)result);
} /* ldap_put_printer */
/*
* *****************************************************************************
*
* Function: _connectToLDAP()
*
* Description: Setup the connection and bind to the LDAP directory server.
* The function returns the ldap connection descriptor
*
* Note: Currently the native ldap functions do not support secure
* passwords, when this is supported this function will require
* updating to allow the type passed in cred->passwdType to
* be used with the ldap_simple_bind()
*
* Parameters:
* Input: ns_cred_t *cred - structure containing the credentials (host,
* port, user and password) required to bind
* to the directory server to be updated.
* char *printerName - printer name used only for error messages
* Output: LDAP** - ldap connection descriptor pointer. NULL = failed
*
* Returns: NSL_RESULT - NSL_OK = connected okay
*
* *****************************************************************************
*/
static NSL_RESULT
{
int lresult = 0;
int protoVersion = LDAP_VERSION3;
int derefOption = LDAP_DEREF_NEVER;
int referrals = 1;
char hostname[MAXHOSTNAMELEN];
/* -------- */
{
}
else
{
/* if host was not given then bind to local host */
{
}
else
{
(void) sysinfo(SI_HOSTNAME,
}
/* initialise the connection to the ldap server */
{
}
{
/* connection setup failed */
#ifdef DEBUG
(void) perror("ldap_init");
#endif
}
else
{
/* set ldap options */
&derefOption);
&protoVersion);
&referrals);
/* bind to the user DN in the directory */
/* cred->passwdType is currently not supported */
/*
* before doing anything else, set up the function to
* call to get authentication details if the
* ldap update function calls (eg. ldap_add_s()) get a
* "referral" (to another ldap server) from the
* original ldap server, eg. if we are trying to do
* a update on a LDAP replica server.
*/
(void) _manageReferralCredentials(*ld,
&tmpMethod, -1);
if (lresult != LDAP_SUCCESS)
{
#ifdef DEBUG
#endif
}
}
}
return (result);
} /* _connectToLDAP */
/*
* *****************************************************************************
*
* Function: _constructPrinterDN()
*
* Description: Construct the DN for the printer object from its name and NS
* domain DN. If the printer-uri is given in the attrList then
* that is used instead of the printerName.
*
* Parameters:
* Input: uchar_t *printerName
* uchar_t *domainDN
* char **attrList - this list is searched for printer-uri
* Output: None
*
* Returns: uchar_t* - pointer to the DN, this memory is malloced so
* must be freed using free() when finished with.
*
* *****************************************************************************
*/
static uchar_t *
{
char **p = NULL;
int len = 0;
/* ------- */
/* first search for printer-uri in the attribute list */
{
/* get length of this key word */
{
}
}
/* malloc memory for the DN and then construct it */
{
/* use the printerName for the RDN */
strlen((char *)printerName) +
strlen(PCONTAINER) +
10; /* plus a few extra */
}
else
{
/* use the URI for the RDN */
strlen(PCONTAINER) +
10; /* plus a few extra */
}
/*
* else
* {
* printName not given so return null
* }
*/
}
return (dn); /* caller must free this memory */
} /* _constructPrinterDN */
/*
* *****************************************************************************
*
* Function: _checkPrinterExists()
*
* Description: Check that the printer object for the printerName exists in the
* directory DIT and then extract the object's DN
* The function uses an exiting ldap connection and does a
* search for the printerName in the supplied domain DN.
*
* Parameters:
* Input: LDAP *ld - existing ldap connection descriptor
* uchar_t *printerName - printer name
* uchar_t *domainDN - DN of domain to search in
* Output: uchar_t **printerDN - DN of the printer - the caller should
* free this memory using free()
*
* Result: NSL_RESULT - NSL_OK = object exists
*
* *****************************************************************************
*/
static NSL_RESULT
{
int sresult = LDAP_NO_SUCH_OBJECT;
/* ---------- */
{
{
}
/* search for this Printer in the directory */
2);
ATTR_PNAME, (char *)printerName);
PCONTAINER, (char *)domainDN);
if (sresult == LDAP_SUCCESS)
{
/* check that the object exists and extract its DN */
{
/* object found - there should only be one */
{
}
}
(void) ldap_msgfree(ldapMsg);
}
}
else
{
}
return (result);
} /* _checkPrinterExists */
/*
* *****************************************************************************
*
* Function: _checkPrinterDNExists()
*
* Description: Check that the printer object for the DN exists in the
* directory DIT.
* The function uses an exiting ldap connection and does a
* search for the DN supplied.
*
* Parameters: LDAP *ld - existing ldap connection descriptor
* char *objectDN - DN to search for
*
* Result: NSL_RESULT - NSL_OK = object exists
*
* *****************************************************************************
*/
static NSL_RESULT
{
int sresult = LDAP_NO_SUCH_OBJECT;
/* ---------- */
{
/* search for this Printer in the directory */
if (sresult == LDAP_SUCCESS)
{
/* check that the object exists */
{
/* object found */
}
(void) ldap_msgfree(ldapMsg);
}
}
else
{
}
return (result);
} /* _checkPrinterDNExists */
/*
* *****************************************************************************
*
* Function: _checkSunPrinter()
*
* Description: Check that the printer object for the printerDN is a sunPrinter
* ie. it has the required objectclass attribute value.
*
* Parameters:
* Input: LDAP *ld - existing ldap connection descriptor
* Output: uchar_t *printerDN - DN of the printer
*
* Result: NSL_RESULT - NSL_OK = object exists and is a sunPrinter
*
* *****************************************************************************
*/
static NSL_RESULT
{
int sresult = LDAP_NO_SUCH_OBJECT;
/* ---------- */
{
/* search for this Printer in the directory */
requiredAttrs, 0, &ldapMsg);
if (sresult == LDAP_SUCCESS)
{
/* check that the printer object exists */
{
/* object is a sunPrinter */
}
(void) ldap_msgfree(ldapMsg);
}
}
else
{
}
return (result);
} /* _checkSunPrinter */
/*
* *****************************************************************************
*
* Function: _addNewPrinterObject()
*
* Description: For the given printerName add a printer object into the
* LDAP directory NS domain. The object is created with the
* supplied attribute values. Note: if the printer's uri is
* given that is used as the RDN otherwise the printer's
* name is used as the RDN
*
* Parameters:
* Input: LDAP *ld - existing ldap connection descriptor
* uchar_t *printerName - Name of printer to be added
* uchar_t *domainDN - DN of the domain to add the printer
* char **attrList - user specified attribute values list
* Output: None
*
* Returns: NSL_RESULT - NSL_OK = request actioned okay
* !NSL_OK = error
*
* *****************************************************************************
*/
static NSL_RESULT
{
int lresult = 0;
/* ---------- */
{
{
/*
* construct a DN for the printer from the
* printerName and printer-uri if given.
*/
{
/*
* setup attribute values in an LDAPMod
* structure and then add the object
*/
{
if (lresult == LDAP_SUCCESS)
{
}
else
{
#ifdef DEBUG
#endif
}
}
}
else
{
}
}
}
else
{
}
return (result);
} /* _addNewPrinterObject */
/*
* *****************************************************************************
*
* Function: _modifyPrinterObject()
*
* Description: Modify the given LDAP printer object to set the new attributes
* in the attribute list. If the printer's URI (specified in the
* attrList) changes the URI of the object the request is rejected.
*
* Parameters:
* Input: LDAP *ld - existing ldap connection descriptor
* uchar_t *printerDN - DN of printer object to modify
* uchar_t *printerName - Name of printer to be modified
* uchar_t *domainDN - DN of the domain the printer is in
* char **attrList - user specified attribute values list
* Output: None
*
* Returns: NSL_RESULT - NSL_OK = object modified okay
*
* *****************************************************************************
*/
static NSL_RESULT
{
int lresult = 0;
int sunPrinter = 0;
/* ---------- */
{
{
/*
* The user may have requested that the printer object
* be given a new URI RDN, so construct a DN for the
* printer from the printerName or the printer-uri (if
* given).
*/
/*
* compare the 2 DNs to see if the URI has changed,
* if uriDN is null then the DN hasn't changed
*/
{
/*
* setup the modify object LDAPMod
* structure and then do the modify
*/
{
sunPrinter = 1;
}
(void) _getCurrentKVPValues(ld,
{
if (lresult == LDAP_SUCCESS)
{
}
else
{
#ifdef DEBUG
#endif
}
}
}
else
{
/*
* printer-uri name change has been requested
* this is NOT allowed as it requires that
* a new printer object is created
*/
}
{
}
}
}
return (result);
} /* _modifyPrinterObject */
/*
* *****************************************************************************
*
* Function: _checkAttributes()
*
* Description: Check that the given attribute lists does not contain any
* key words that are not allowed.
*
* Parameters:
* Input: char **list - attribute list to check
* Output: None
*
* Returns: NSL_RESULT - NSL_OK = checked okay
*
* *****************************************************************************
*/
static NSL_RESULT
_checkAttributes(char **list)
{
int len = 0;
char **p = NULL;
/* ------ */
{
/* get length of this key word */
/* check if the key word is allowed */
{
/* not supported through this interface */
}
else
{
/* not supported through this interface */
}
else
{
/* not supported through this interface */
}
else
{
/* check for any others */
{
}
}
}
return (result);
} /* _checkAttributes */
/*
* *****************************************************************************
*
* Function: _addLDAPmodValue()
*
* Description: Add the given attribute and its value to the LDAPMod array.
* If this is the first entry in the array then create it.
*
* Parameters:
* Input: LDAPMod ***attrs - array to update
* char *type - attribute to add into array
* char *value - attribute value
* Output: None
*
* Returns: NSL_RESULT - NSL_OK = added okay
*
* *****************************************************************************
*/
static NSL_RESULT
{
int i = 0;
int j = 0;
/* ---------- */
{
#ifdef DEBUG
#endif
/* search the existing LDAPMod array for the attribute */
{
{
break;
}
}
{
/* array empty so create it */
{
i = 0;
}
else
{
}
}
else
{
{
}
}
}
else
{
}
{
{
/* We've got a new slot. Create the new mod. */
{
(*attrs)[i]->mod_values = (char **)
malloc(2 * sizeof (char *));
{
(*attrs)[i]->mod_values[0] =
}
else
{
}
}
else
{
}
}
else
{
/* Found an existing entry so add value to it */
(*attrs)[i]->mod_values =
(j + 2) * sizeof (char *));
{
}
else
{
}
}
}
return (result);
} /* _addLDAPmodValue */
/*
* *****************************************************************************
*
* Function: _modLDAPmodValue()
*
* Description: Add the given attribute modify operation and its value into
* the LDAPMod array. This will either be a "replace" or a
* "delete"; value = null implies a "delete".
* If this is the first entry in the array then create it.
*
* Parameters:
* Input: LDAPMod ***attrs - array to update
* char *type - attribute to modify
* char *value - attribute value, null implies "delete"
* Output: None
*
* Returns: NSL_RESULT - NSL_OK = added okay
*
* *****************************************************************************
*/
static NSL_RESULT
{
int i = 0;
int j = 0;
/* ---------- */
{
#ifdef DEBUG
else
#endif
/* search the existing LDAPMod array for the attribute */
{
{
break;
}
}
{
/* array empty so create it */
{
i = 0;
}
else
{
}
}
else
{
/* attribute not found in array so add slot for it */
{
}
}
}
else
{
}
{
{
/* We've got a new slot. Create the new mod entry */
{
/* Do an attribute replace */
(*attrs)[i]->mod_values = (char **)
malloc(2 * sizeof (char *));
{
(*attrs)[i]->mod_values[0] =
}
else
{
}
}
else
{
/* value is null so do an attribute delete */
}
else
{
}
}
else
{
/* Found an existing entry so add value to it */
{
/* add value to attribute's replace list */
{
for (j = 0;
(*attrs)[i]->mod_values =
(j + 2) * sizeof (char *));
{
(*attrs)[i]->mod_values[j] =
}
else
{
}
}
else
{
/* Delete and replace not allowed */
}
}
else
{
/*
* attribute delete - so free any existing
* entries in the value array
*/
{
for (j = 0;
j++)
{
}
}
}
}
}
return (result);
} /* _modLDAPmodValue */
/*
* *****************************************************************************
*
* Function: _constructAddLDAPMod()
*
* Description: For the given attribute list construct an
* LDAPMod array for the printer object to be added. Default
* attribute values are included.
*
* Parameters:
* Input:
* uchar_t *printerName - Name of printer to be added
* char **attrList - user specified attribute values list
* Output: LDAPMod ***attrs - pointer to the constructed array
*
* Returns: NSL_RESULT - NSL_OK = constructed okay
*
* *****************************************************************************
*/
static NSL_RESULT
{
int len = 0;
char **p = NULL;
/* ---------- */
if ((printerName != NULL) &&
{
/*
* setup printer object attribute values in an LDAPMod structure
*/
{
/* Structural Objectclass */
result =
}
{
}
{
}
{
ATTR_PNAME, (char *)printerName);
}
/*
* Now work through the user supplied attribute
* values list and add them into the LDAPMod array
*/
for (p = attrList;
{
/* get length of this key word */
for (len = 0;
{
/* handle specific Key Value Pairs (KVP) */
{
/* use LDAP attribute name */
}
else
if (_attrInLDAPList(attr) == 0)
{
/*
* Non-LDAP attribute so use LDAP
* KVP attribute and the given KVP
* as the value, ie.
* sun-printer-kvp=description=printer
*/
}
/* add it into the LDAPMod array */
}
} /* for */
{
}
}
else
{
}
return (result);
} /* _constructAddLDAPMod */
/*
* *****************************************************************************
*
* Function: _constructModLDAPMod()
*
* Description: For the given modify attribute list, construct an
* LDAPMod array for the printer object to be modified
*
* Parameters:
* Input: uchar_t *printerName - name of printer to be modified
* int sunPrinter - Boolean; object is a sunPrinter
* char **attrList - user specified attribute values list
* char ***oldKVPList - current list of KVP values on object
* Output: LDAPMod ***attrs - pointer to the constructed array
*
* Returns: NSL_RESULT - NSL_OK = constructed okay
*
* *****************************************************************************
*/
static NSL_RESULT
{
int len = 0;
int kvpUpdated = 0;
int kvpExists = 0;
char **p = NULL;
/* ---------- */
if ((printerName != NULL) &&
{
{
kvpExists = 1;
}
if (!sunPrinter)
{
/*
* The object was previously not a sunPrinter, so
* add the required objectclass attribute value, and
* ensure it has the printername attribute.
*/
{
ATTR_PNAME, (char *)printerName);
}
}
/*
* work through the user supplied attribute
* values list and add them into the LDAPMod array depending
* on if they are a replace or delete attribute operation,
* a "null value" means delete.
*/
for (p = attrList;
{
/* get length of this key word */
for (len = 0;
{
/* handle specific Key Value Pairs (KVP) */
if ((_attrInLDAPList(attr) == 0) &&
{
/*
* Non-LDAP attribute so use LDAP
* KVP attribute and the given KVP as
* the value, ie.
* sun-printer-kvp=description=printer
*/
kvpUpdated = 1;
}
else
{
0)
{
/*
* use LDAP bsdaddr attribute
* name
*/
}
/*
* else
* use the supplied attribute name
*/
/* add it into the LDAPMod array */
}
}
else
if (strlen(*p) >= 1)
{
/* handle attribute DELETE request */
{
/* terminate "attribute=" */
}
/* handle specific Key Value Pairs (KVP) */
{
/* use LDAP bsdaddr attribute name */
ATTR_BSDADDR, NULL);
}
else
if (_attrInLDAPList(attr) == 0)
{
/*
* Non-LDAP kvp, so sort items
* in the kvp list
*/
kvpUpdated = 1;
}
else
{
}
}
} /* for */
{
}
{
}
}
else
{
}
return (result);
} /* _constructModLDAPMod */
/*
* *****************************************************************************
*
* Function: _compareURIinDNs()
*
* Description: For the 2 given printer object DNs compare the naming part
* part of the DN (printer-uri) to see if they are the same.
*
* Note: This function only returns "compare failed" if their URI don't
* compare. Problems with the dn etc., return a good compare
* because I don't want us to create a new object for these
*
* Parameters:
* Input: uchar_t *dn1
* uchar_t *dn2
* Output: None
*
* Returns: NSL_RESULT - NSL_OK = URIs are the same
*
* *****************************************************************************
*/
static NSL_RESULT
{
/* --------- */
{
/* terminate each string after the printer-uri */
/* move back to the comma */
{
p1--;
}
/* move back to the comma */
{
p2--;
}
{
/* do the compare */
/*
* Note: SHOULD really normalise the 2 DNs before
* doing the compare
*/
#ifdef DEBUG
#endif
{
}
}
}
return (result);
} /* _compareURIinDNs */
/*
* *****************************************************************************
*
* Function: _getThisNSDomainDN()
*
* Description: Get the current Name Service Domain DN
* This is extracted from the result of executing ldaplist.
*
* Note: Do it this way until the NS LDAP library interface is
* made public.
*
* Parameters:
* Input: None
* Output: None
*
* Returns: uchar_t* - pointer to NS Domain DN (The caller should free this
* returned memory).
*
* *****************************************************************************
*/
#define LDAPLIST_D "/usr/bin/ldaplist -d 2>&1"
#define DNID "dn: "
static uchar_t *
_getThisNSDomainDN(void)
{
/* --------- */
{
{
{
}
}
}
return (domainDN);
} /* _getThisNSDomainDN */
/*
* *****************************************************************************
*
* Function: _popen()
*
* Description: General popen function. The caller should always use a full
* path cmd.
*
* Parameters:
* Input: char *cmd - command line to execute
* char *buffer - ptr to buffer to put result in
* int size - size of result buffer
* Output: None
*
* Returns: int - 0 = opened okay
*
* *****************************************************************************
*/
static int
{
int result = -1;
int rsize = 0;
/* -------- */
{
{
{
{
/* result is too long */
}
}
{
result = 0;
}
}
}
return (result);
} /* popen */
/*
* *****************************************************************************
*
* Function: _attrInList()
*
* Description: For the given list check if the attribute is it
*
* Parameters:
* Input: char *attr - attribute to check
* char **list - list of attributes to check against
* Output: None
*
* Returns: int - TRUE = attr found in list
*
* *****************************************************************************
*/
static int
{
int result = 0;
int j;
/* ------- */
{
{
{
}
}
}
return (result);
} /* _attrInList */
/*
* *****************************************************************************
*
* Function: _attrInLDAPList()
*
* Description: Checks to see if the given attribute is an LDAP printing
* attribute, ie. is either in an IPP objectclass or the
* sun printer objectclass. Note: some attributes are handled
* specifically outside this function, so are excluded from
* the lists that are checked.
*
* Parameters:
* Input: char *attr - attribute to check
* Output: None
*
* Returns: int - TRUE = attr found in list
*
* *****************************************************************************
*/
static int
_attrInLDAPList(char *attr)
{
int result = 0;
/* ------- */
{
}
else
{
}
else
{
}
return (result);
} /* _attrInLDAPList */
/*
* *****************************************************************************
*
* Function: _getCurrentKVPValues()
*
* Description: For the given printer object read the current set of values
* the object has for the sun-printer-kvp (Key Value pair)
*
* Parameters:
* Input: LDAP *ld - existing ldap connection descriptor
* char *objectDN - DN to search for
* Output: char ***list - returned set of kvp values
*
* Result: NSL_RESULT - NSL_OK = object exists
*
* *****************************************************************************
*/
static NSL_RESULT
{
int sresult = LDAP_NO_SUCH_OBJECT;
int i = 0;
char *entryAttrib = NULL;
char **attribValues = NULL;
/* ---------- */
{
/* search for this Printer in the directory */
if (sresult == LDAP_SUCCESS)
{
/*
* check that the object exists and extract its
* KVP attribute values
*/
{
ldapEntry, &berElement);
if ((entryAttrib != NULL) &&
{
#ifdef DEBUG
#endif
/*
* add each KVP value to the list
* that we will return
*/
for (i = 0;
attribValues[i] != NULL; i++)
{
*list = (char **)
list_append((void **)*list,
strdup(attribValues[i]));
#ifdef DEBUG
#endif
}
(void) ldap_value_free(attribValues);
}
if ((entryAttrib != NULL) &&
(berElement != NULL))
{
ber_free(berElement, 0);
}
/* object found */
}
(void) ldap_msgfree(ldapMsg);
}
}
else
{
}
return (result);
} /* _getCurrentKVPValues */
/*
* *****************************************************************************
*
* Function: _freeList()
*
* Description: Free the list created by list_append() where the items in
* the list have been strdup'ed.
*
* Parameters:
* Input: char ***list - returned set of kvp values
*
* Result: void
*
* *****************************************************************************
*/
static void
{
int i = 0;
/* ------ */
{
{
{
}
}
}
} /* _freeList */
/*
* *****************************************************************************
*
* Function: _modAttrKVP()
*
* Description: Sort out the KVP attribute value list, such that this new
* value takes precidence over any existing value in the list.
* The current list is updated to remove this key, and the new
* key "value" is added to the list, eg. for
* value: bbb=ddddd
* and kvpList:
* aaa=yyyy
* bbb=zzzz
* ccc=xxxx
* the resulting kvpList is:
* aaa=yyyy
* ccc=xxxx
* bbb=ddddd
*
* Note: When all new values have been handled the function _attrAddKVP()
* must be called to add the "new list" values into the
* LDAPMod array.
*
* Parameters:
* Input: char *value - Key Value Pair to process,
* eg. aaaaa=hhhhh, where aaaaa is the key
* char ***kvpList - list of current KVP values
* Output: char ***kvpList - updated list of KVP values
*
* Returns: NSL_RESULT - NSL_OK = done okay
*
* *****************************************************************************
*/
static NSL_RESULT
{
int i = 0;
int inList = 0;
int keyDelete = 0;
char **p = NULL;
/* ------- */
{
/* extract "key" from value */
/* Is this a request to delete a "key" value */
{
/* this is a request to delete the key */
keyDelete = 1;
}
{
/*
* for each item in the list remove it if the keys match
*/
{
for (i = 0;
((*p)[i] != '=') && ((*p)[i] != '\0'); i++);
(strncasecmp(*p, key, i) == 0))
{
inList = 1;
}
else
{
/* no match so add value to new list */
newList = (char **)list_append(
(void **)newList,
strdup(*p));
}
}
}
/*
* if it was not a DELETE request add the new key value into
* the newList, otherwise we have already removed the key
*/
if (!keyDelete)
{
}
{
/* replace old list with the newList */
}
}
return (result);
} /* modAttrKVP */
/*
* *****************************************************************************
*
* Function: _attrAddKVP()
*
* Description: Process KVP items in the kvpList adding them to the
* LDAPMod modify array. If the list is empty but there were
* previously LDAP KVP values delete them.
*
* Note: This function should only be called when all the new KVP
* items have been processed by _modAttrKVP()
*
* Parameters:
* Input: LDAPMod ***attrs - array to update
* char **kvpList - list KVP values
* int kvpExists - object currently has LDAP KVP values
* Output: None
*
* Returns: NSL_RESULT - NSL_OK = done okay
*
* *****************************************************************************
*/
static NSL_RESULT
{
/* ------- */
{
{
{
/* add item to LDAPMod array */
result =
kvpList++;
}
}
else
if (kvpExists)
{
/*
* We now have no LDAP KVP values but there were
* some previously, so delete them
*/
}
}
else
{
}
return (result);
} /* _attrAddKVP */
/*
* *****************************************************************************
*
* Function: _manageReferralCredentials()
*
* Description: This function is called if a referral request is returned by
* the origonal LDAP server during the ldap update request call,
* eg. ldap_add_s(), ldap_modify_s() or ldap_delete_s().
* Parameters:
* Input: LDAP *ld - LDAP descriptor
* int freeit - 0 = first call to get details
* - 1 = second call to free details
* - -1 = initial store of authentication details
* char **credp - returns password for DN
* int *methodp - returns authentication type, eg. simple
*
* Returns: int - 0 = okay
*
* *****************************************************************************
*/
{
int result = 0;
static int sMethod = LDAP_AUTH_SIMPLE;
/* -------- */
if (freeit == 1)
{
/* second call - free memory */
{
}
{
}
}
else
{
{
/* first call - get the saved bind credentials */
}
else
if (freeit == -1)
{
/* initial call - save the saved bind credentials */
}
else
{
}
}
else
{
}
return (result);
} /* _manageReferralCredentials */