#include "ldaptool.h"

#include "fileurl.h"

#ifdef SOLARIS_LDAP_CMD

#include <locale.h>

#include "solaris-int.h"

#endif /* SOLARIS_LDAP_CMD */

#define VLV_PARAM_SEP ':'

#ifndef SOLARIS_LDAP_CMD

#define gettext(s) s

#endif

static void usage( void );

static int dosearch( LDAP *ld, char *base, int scope, char **attrs,

int attrsonly, char *filtpatt, char *value);

static void write_string_attr_value( char *attrname, char *strval,

unsigned long opts );

#define LDAPTOOL_WRITEVALOPT_SUPPRESS_NAME 0x01

static int write_ldif_value( char *type, char *value, unsigned long vallen,

unsigned long ldifoptions );

static void print_entry( LDAP *ld, LDAPMessage *entry, int attrsonly );

static void options_callback( int option, char *optarg );

static void parse_and_display_reference( LDAP *ld, LDAPMessage *ref );

static char *sortresult2string(unsigned long result);

static char *changetype_num2string( int chgtype );

static char *msgtype2str( int msgtype );

static char **get_effectiverights_attrlist(char * optarg);

#ifdef SOLARIS_LDAP_CMD

static void fill_ldapsearch_msgtypes( void );

#endif /* SOLARIS_LDAP_CMD */

#define LDAPTOOL_PSEARCH_ATTR_PREFIX "persistentSearch-"

static void

usage( void )

{

fprintf( stderr, gettext("usage: %s -b basedn [options] filter [attributes...]\n"), ldaptool_progname );

fprintf( stderr, gettext(" %s -b basedn [options] -f file [attributes...]\nwhere:\n"), ldaptool_progname );

fprintf( stderr, gettext(" basedn\tbase dn for search\n") );

fprintf( stderr, gettext("\t\t(if the environment variable LDAP_BASEDN is set,\n") );

fprintf( stderr, gettext("\t\tthen the -b flag is not required)\n") );

fprintf( stderr, gettext(" filter\tRFC-2254 compliant LDAP search filter\n") );

fprintf( stderr, gettext(" file\tfile containing a sequence of LDAP search filters to use\n") );

fprintf( stderr, gettext(" attributes\twhitespace-separated list of attributes to retrieve\n") );

fprintf( stderr, gettext("\t\t(if no attribute list is given, all are retrieved)\n") );

fprintf( stderr, gettext("options:\n") );

ldaptool_common_usage( 0 );

#if defined( XP_WIN32 )

fprintf( stderr, gettext(" -t\t\twrite values to files in temp directory.\n") );

#else

fprintf( stderr, gettext(" -t\t\twrite values to files in /tmp\n") );

#endif

fprintf( stderr, gettext(" -U\t\tproduce file URLs in conjunction with -t\n") );

fprintf( stderr, gettext(" -e\t\tminimize base-64 encoding of values\n") );

fprintf( stderr, gettext(" -u\t\tinclude User Friendly entry names in the output\n") );

#ifndef HAVE_SASL_OPTIONS

fprintf( stderr, gettext(" -o\t\tprint entries using old format (default is LDIF)\n") );

#endif

fprintf( stderr, gettext(" -T\t\tdon't fold (wrap) long lines (default is to fold)\n") );

fprintf( stderr, gettext(" -1\t\tomit leading \"version: %d\" line in LDIF output\n"), LDIF_VERSION_ONE );

fprintf( stderr, gettext(" -A\t\tretrieve attribute names only (no values)\n") );

fprintf( stderr, gettext(" -B\t\tprint non-ASCII values and use old output format (attr=value)\n") );

fprintf( stderr, gettext(" -x\t\tperforming sorting on server\n") );

#ifdef SOLARIS_LDAP_CMD

fprintf( stderr, gettext(" -r\t\tprint entries using old format (default is LDIF)\n") );

#endif /* SOLARIS_LDAP_CMD */

fprintf( stderr, gettext(" -F sep\tprint `sep' instead of `%s' between attribute names\n"), LDAPTOOL_DEFSEP );

fprintf( stderr, gettext(" \tand values\n") );

fprintf( stderr, gettext(" -S attr\tsort the results by attribute `attr'\n") );

fprintf( stderr, gettext(" -s scope\tone of base, one, or sub (default is sub)\n") );

fprintf( stderr, gettext(" -a deref\tone of never, always, search, or find (default: never)\n") );

fprintf( stderr, gettext(" \t(alias dereferencing)\n") );

fprintf( stderr, gettext(" -l timelim\ttime limit (in seconds) for search (default is no limit)\n") );

fprintf( stderr, gettext(" -z sizelim\tsize limit (in entries) for search (default is no limit)\n") );

fprintf( stderr, gettext(" -C ps:changetype[:changesonly[:entrychgcontrols]]\n") );

fprintf( stderr, gettext("\t\tchangetypes are add,delete,modify,moddn,any\n") );

fprintf( stderr, gettext("\t\tchangesonly and entrychgcontrols are boolean values\n") );

fprintf( stderr, gettext("\t\t(default is 1)\n") );

fprintf( stderr, gettext(" -G before%cafter%cindex%ccount | before%cafter%cvalue where 'before' and\n"), VLV_PARAM_SEP, VLV_PARAM_SEP, VLV_PARAM_SEP, VLV_PARAM_SEP, VLV_PARAM_SEP );

fprintf( stderr, gettext("\t\t'after' are the number of entries surrounding 'index.'\n"));

fprintf( stderr, gettext("\t\t'count' is the content count, 'value' is the search value.\n"));

#ifndef SOLARIS_LDAP_CMD

fprintf( stderr, gettext(" -c authzid\tspecifies the getEffectiveRights control authzid\n"));

fprintf( stderr, gettext("\t\t eg. dn:uid=bjensen,dc=example,dc=com\n"));

fprintf( stderr, gettext("\t\t A value of \"\" means \"the authorization id for the operation\".\n"));

fprintf( stderr, gettext("\t\t A value of \"dn:\" means \"anonymous\"\n"));

fprintf( stderr, gettext("\t\t (The aclRights operational attribute must be requested)\n"));

fprintf( stderr, gettext(" -X attrlist\tspecifies the getEffectiveRights control specific attribute list.\n"));

fprintf( stderr, gettext("\t\t eg. \"nsroledn userPassword\"\n"));

#endif /* SOLARIS_LDAP_CMD */

exit( LDAP_PARAM_ERROR );

}

static char *base = NULL;

static char *sep = LDAPTOOL_DEFSEP;

static char **sortattr = NULL;

static char *vlv_value = NULL;

static int sortsize = 0;

static int *skipsortattr = NULL;

static int includeufn, allow_binary, vals2tmp, ldif, scope, deref;

static int attrsonly, timelimit, sizelimit, server_sort, fold;

static int minimize_base64, produce_file_urls;

static int use_vlv = 0, vlv_before, vlv_after, vlv_index, vlv_count;

static int use_psearch=0;

static int write_ldif_version = 1;

#ifndef SOLARIS_LDAP_CMD

static char *get_effectiverights_control_target_dn = NULL; /* -c */

static char **get_effectiverights_control_attrlist = NULL; /* -X */

static int do_effective_rights_control = 0;

#endif /* SOLARIS_LDAP_CMD */

static int chgtype=0, changesonly=1, return_echg_ctls=1;

main( int argc, char **argv )

{

char *filtpattern, **attrs;

int rc, optind, i, first, free_filtpattern;

LDAP *ld;

#ifdef SOLARIS_LDAP_CMD

char *locale = setlocale(LC_ALL, "");

textdomain(TEXT_DOMAIN);

ldaptool_require_binddn = 0;

#endif /* SOLARIS_LDAP_CMD */

free_filtpattern = 0;

deref = LDAP_DEREF_NEVER;

allow_binary = vals2tmp = attrsonly = 0;

minimize_base64 = produce_file_urls = 0;

ldif = 1;

fold = 1;

sizelimit = timelimit = 0;

scope = LDAP_SCOPE_SUBTREE;

server_sort = 0;

#ifdef notdef

#ifdef HPUX11

#ifndef __LP64__

_main( argc, argv);

#endif /* __LP64_ */

#endif /* HPUX11 */

#endif

ldaptool_reset_control_array( ldaptool_request_ctrls );

#ifdef HAVE_SASL_OPTIONS

#ifdef SOLARIS_LDAP_CMD

optind = ldaptool_process_args( argc, argv, "ABLTU1etuxra:b:F:G:l:S:s:z:C:",

0, options_callback );

#else

optind = ldaptool_process_args( argc, argv, "ABLTU1etuxa:b:F:G:l:S:s:z:C:c:",

0, options_callback );

#endif /* SOLARIS_LDAP_CMD */

#else

optind = ldaptool_process_args( argc, argv, "ABLTU1eotuxa:b:F:G:l:S:s:z:C:c:",

0, options_callback );

#endif /* HAVE_SASL_OPTIONS */

if ( optind == -1 ) {

usage();

}

if ( base == NULL ) {

if (( base = getenv( "LDAP_BASEDN" )) == NULL ) {

usage();

}

}

if ( sortattr ) {

for ( sortsize = 0; sortattr[sortsize] != NULL; sortsize++ ) {

; /* NULL */

}

sortsize++; /* add in the final NULL field */

skipsortattr = (int *) malloc( sortsize * sizeof(int *) );

if ( skipsortattr == NULL ) {

fprintf( stderr, gettext("Out of memory\n") );

exit( LDAP_NO_MEMORY );

}

memset( (char *) skipsortattr, 0, sortsize * sizeof(int *) );

} else if ( server_sort ) {

server_sort = 0; /* ignore this option if no sortattrs were given */

}

if ( argc - optind < 1 ) {

if ( ldaptool_fp == NULL ) {

usage();

}

attrs = NULL;

filtpattern = "%s";

} else { /* there are additional args (filter + attrs) */

if ( ldaptool_fp == NULL || strstr( argv[ optind ], "%s" ) != NULL ) {

filtpattern = ldaptool_local2UTF8( argv[ optind ] );

/* since local2UTF8 always allocates something, we should free it */

free_filtpattern = 1;

++optind;

} else {

filtpattern = "%s";

}

if ( argv[ optind ] == NULL ) {

attrs = NULL;

} else if ( sortattr == NULL || *sortattr == '\0' || server_sort) {

attrs = &argv[ optind ];

} else {

attrs = ldap_charray_dup( &argv[ optind ] );

if ( attrs == NULL ) {

fprintf( stderr, gettext("Out of memory\n") );

exit( LDAP_NO_MEMORY );

}

for ( i = 0; i < (sortsize - 1); i++ ) {

if ( !ldap_charray_inlist( attrs, sortattr[i] ) ) {

if ( ldap_charray_add( &attrs, sortattr[i] ) != 0 ) {

fprintf( stderr, gettext("Out of memory\n") );

exit( LDAP_NO_MEMORY );

}

/*

skipsortattr[i] = 1;

}

}

}

}

ld = ldaptool_ldap_init( 0 );

if ( !ldaptool_not ) {

ldap_set_option( ld, LDAP_OPT_DEREF, &deref );

ldap_set_option( ld, LDAP_OPT_TIMELIMIT, &timelimit );

ldap_set_option( ld, LDAP_OPT_SIZELIMIT, &sizelimit );

}

ldaptool_bind( ld );

if ( ldaptool_verbose ) {

printf( gettext("filter pattern: %s\nreturning: "), filtpattern );

if ( attrs == NULL ) {

printf( gettext("ALL") );

} else {

for ( i = 0; attrs[ i ] != NULL; ++i ) {

printf( "%s ", attrs[ i ] );

}

}

putchar( '\n' );

}

if ( ldaptool_fp == NULL ) {

char *conv;

conv = ldaptool_local2UTF8( base );

rc = dosearch( ld, conv, scope, attrs, attrsonly, filtpattern, "" );

if( conv != NULL )

free( conv );

} else {

int done = 0;

rc = LDAP_SUCCESS;

first = 1;

while ( rc == LDAP_SUCCESS && !done ) {

char *linep = NULL;

int increment = 0;

int c, index;

/* allocate initial block of memory */

if ((linep = (char *)malloc(BUFSIZ)) == NULL) {

fprintf( stderr, gettext("Out of memory\n") );

exit( LDAP_NO_MEMORY );

}

increment++;

index = 0;

while ((c = fgetc( ldaptool_fp )) != '\n' && c != EOF) {

/* check if we will overflow the buffer */

if ((c != EOF) && (index == ((increment * BUFSIZ) -1))) {

/* if we did, add another BUFSIZ worth of bytes */

if ((linep = (char *)

realloc(linep, (increment + 1) * BUFSIZ)) == NULL) {

fprintf( stderr, gettext("Out of memory\n") );

exit( LDAP_NO_MEMORY );

}

increment++;

}

linep[index++] = c;

}

if (c == EOF) {

done = 1;

break;

}

linep[index] = '\0';

if ( !first ) {

putchar( '\n' );

} else {

first = 0;

}

rc = dosearch( ld, base, scope, attrs, attrsonly, filtpattern,

linep );

free (linep);

}

}

ldaptool_cleanup( ld );

if (free_filtpattern != 0 && filtpattern != NULL) {

free (filtpattern);

}

/* check for and report output error */

fflush( stdout );

rc = ldaptool_check_ferror( stdout, rc,

gettext("output error (output might be incomplete)") );

return( rc );

}

static void

options_callback( int option, char *optarg )

{

char *s, *temp_arg, *ps_ptr, *ps_arg;

switch( option ) {

case 'u': /* include UFN */

++includeufn;

break;

case 't': /* write attribute values to /tmp files */

++vals2tmp;

break;

case 'U': /* produce file URLs in conjunction with -t */

++produce_file_urls;

break;

case 'e': /* minimize base-64 encoding of values */

++minimize_base64;

break;

case 'A': /* retrieve attribute names only -- no values */

++attrsonly;

break;

case 'L': /* print entries in LDIF format -- now the default */

break;

#ifdef SOLARIS_LDAP_CMD

case 'r': /* print entries in the old format */

ldif = 0;

break;

#endif /* SOLARIS_LDAP_CMD */

#ifdef HAVE_SASL_OPTIONS

#ifdef HAVE_SASL_OPTIONS_2

case 'o': /* print entries using old ldapsearch format */

ldif = 0;

break;

#endif

#else

case 'o': /* print entries using old ldapsearch format */

ldif = 0;

break;

#endif

case 'B': /* allow binary values to be printed, use old format */

++allow_binary;

ldif = 0;

break;

case '1': /* omit leading "version: #" line from LDIF output */

write_ldif_version = 0;

break;

case 's': /* search scope */

if ( strncasecmp( optarg, "base", 4 ) == 0 ) {

scope = LDAP_SCOPE_BASE;

} else if ( strncasecmp( optarg, "one", 3 ) == 0 ) {

scope = LDAP_SCOPE_ONELEVEL;

} else if ( strncasecmp( optarg, "sub", 3 ) == 0 ) {

scope = LDAP_SCOPE_SUBTREE;

} else {

fprintf( stderr, gettext("scope should be base, one, or sub\n") );

usage();

}

break;

case 'a': /* set alias deref option */

if ( strncasecmp( optarg, "never", 5 ) == 0 ) {

deref = LDAP_DEREF_NEVER;

} else if ( strncasecmp( optarg, "search", 5 ) == 0 ) {

deref = LDAP_DEREF_SEARCHING;

} else if ( strncasecmp( optarg, "find", 4 ) == 0 ) {

deref = LDAP_DEREF_FINDING;

} else if ( strncasecmp( optarg, "always", 6 ) == 0 ) {

deref = LDAP_DEREF_ALWAYS;

} else {

fprintf( stderr, gettext("alias deref should be never, search, find, or always\n") );

usage();

}

break;

case 'F': /* field separator */

sep = strdup( optarg );

ldif = 0;

break;

#ifndef SOLARIS_LDAP_CMD

case 'c':

if ( optarg && optarg[0] == '\0' ) {

/* -c ""

get_effectiverights_control_target_dn = NULL;

do_effective_rights_control = 1;

}else if ( strlen(optarg) < 3 || (strncasecmp(optarg, "dn:", 3) != 0) ) {

fprintf(stderr, gettext("-c wrong format--should be \"\" or \"dn:...\".\n"

"\"dn:\" means anonymous user."));

usage();

} else {

get_effectiverights_control_target_dn = strdup(optarg);

do_effective_rights_control = 1;

}

break;

case 'X':

get_effectiverights_control_attrlist = get_effectiverights_attrlist(optarg);

do_effective_rights_control = 1;

break;

#endif /* SOLARIS_LDAP_CMD */

case 'b': /* searchbase */

base = strdup( optarg );

break;

case 'l': /* time limit */

timelimit = atoi( optarg );

break;

case 'x': /* server sorting requested */

server_sort = 1;

break;

case 'z': /* size limit */

sizelimit = atoi( optarg );

break;

case 'S': /* sort attribute */

ldap_charray_add( &sortattr, strdup( optarg ) );

break;

case 'T': /* don't fold lines */

fold = 0;

break;

case 'G': /* do the virtual list setup */

use_vlv++;

s = strchr(optarg, VLV_PARAM_SEP );

if (s != NULL)

{

vlv_before = atoi(optarg);

s++;

vlv_after = atoi( s );

s = strchr(s, VLV_PARAM_SEP );

if (s != NULL)

{

s++;

/* below is a small set of logic to implement the following cases

if (*s == '\'' || *s == '"')

{

vlv_value = strdup( s );

}

else

{

if (strchr( s, VLV_PARAM_SEP ))

{

/* we have an index + count option */

vlv_index = atoi( s );

vlv_count = atoi( strchr( s, VLV_PARAM_SEP) + 1);

}

else

{

/* we don't have a quote surrounding the assertion value

vlv_value = strdup( s );

}

}

}

else

{

fprintf( stderr,gettext("Illegal 'after' parameter for virtual list\n") );

exit( LDAP_PARAM_ERROR );

}

}

else

{

fprintf( stderr,gettext("Illegal 'before' parameter for virtual list\n") );

exit( LDAP_PARAM_ERROR );

}

break;

case 'C':

use_psearch++;

if ( (ps_arg = strdup( optarg)) == NULL ) {

perror ("strdup");

exit (LDAP_NO_MEMORY);

}

ps_ptr=strtok(ps_arg, ":");

if (ps_ptr == NULL || (strcasecmp(ps_ptr, "ps")) ) {

fprintf (stderr, gettext("Invalid argument for -C\n"));

usage();

}

if (NULL != (ps_ptr=strtok(NULL, ":"))) {

if ( (temp_arg = strdup( ps_ptr )) == NULL ) {

perror ("strdup");

exit (LDAP_NO_MEMORY);

}

} else {

fprintf (stderr, gettext("Invalid argument for -C\n"));

usage();

}

if (NULL != (ps_ptr=strtok(NULL, ":"))) {

if ( (changesonly = ldaptool_boolean_str2value(ps_ptr, 0)) == -1) {

fprintf(stderr, gettext("Invalid option value: %s\n"), ps_ptr);

usage();

}

}

if (NULL != (ps_ptr=strtok(NULL, ":"))) {

if ( (return_echg_ctls = ldaptool_boolean_str2value(ps_ptr, 0)) == -1) {

fprintf(stderr, gettext("Invalid option value: %s\n"), ps_ptr);

usage();

}

}

/* Now parse the temp_arg and build chgtype as

if ((ps_ptr = strtok( temp_arg, "," )) == NULL) {

usage();

} else {

while ( ps_ptr ) {

if ((strcasecmp(ps_ptr, "add"))==0)

chgtype |= LDAP_CHANGETYPE_ADD;

else if ((strcasecmp(ps_ptr, "delete"))==0)

chgtype |= LDAP_CHANGETYPE_DELETE;

else if ((strcasecmp(ps_ptr, "modify"))==0)

chgtype |= LDAP_CHANGETYPE_MODIFY;

else if ((strcasecmp(ps_ptr, "moddn"))==0)

chgtype |= LDAP_CHANGETYPE_MODDN;

else if ((strcasecmp(ps_ptr, "any"))==0)

chgtype = LDAP_CHANGETYPE_ANY;

else {

fprintf(stderr, gettext("Unknown changetype: %s\n"), ps_ptr);

usage();

}

ps_ptr = strtok( NULL, "," );

}

}

break;

default:

usage();

break;

}

}

static int

dosearch( ld, base, scope, attrs, attrsonly, filtpatt, value )

LDAP *ld;

char *base;

int scope;

char **attrs;

int attrsonly;

char *filtpatt;

char *value;

{

char **refs = NULL, filter[ BUFSIZ ], *filterp = NULL;

int rc, first, matches;

LDAPMessage *res, *e;

LDAPControl *ldctrl;

LDAPControl **ctrl_response_array = NULL;

LDAPVirtualList vlv_data;

int msgid = 0;

int length = 0;

int mallocd_filter = 0;

if ( strstr( filtpatt, "%s" ) == NULL ) { /* no need to sprintf() */

filterp = filtpatt;

} else {

length = strlen( filtpatt ) + strlen ( value ) +1;

if ( length > BUFSIZ ) {

if ((filterp = (char *)

malloc ( length )) == NULL) {

perror( gettext("filter and/or pattern too long?") );

exit (LDAP_PARAM_ERROR);

}

mallocd_filter = 1;

} else {

filterp = filter;

}

#ifdef HAVE_SNPRINTF

if ( snprintf( filterp, length, filtpatt, value ) < 0 ) {

perror( gettext("snprintf filter (filter and/or pattern too long?)") );

exit( LDAP_PARAM_ERROR );

}

#else

sprintf( filterp, filtpatt, value );

#endif

}

if ( *filterp == '\0' ) { /* treat empty filter is a shortcut for oc=* */

if (mallocd_filter) {

free(filterp);

mallocd_filter = 0;

}

filterp = "(objectclass=*)";

}

if ( ldaptool_verbose ) {

/*

if ( '(' == *filterp ) {

printf( "filter is: %s\n", filterp );

} else {

printf( "filter is: (%s)\n", filterp );

}

}

if ( ldaptool_not ) {

if (mallocd_filter) free(filterp);

return( LDAP_SUCCESS );

}

if (( ldctrl = ldaptool_create_manage_dsait_control()) != NULL ) {

ldaptool_add_control_to_array(ldctrl, ldaptool_request_ctrls);

}

if ((ldctrl = ldaptool_create_proxyauth_control(ld)) !=NULL) {

ldaptool_add_control_to_array(ldctrl, ldaptool_request_ctrls);

}

#ifndef SOLARIS_LDAP_CMD

if ( do_effective_rights_control ) {

if ((ldctrl = ldaptool_create_geteffectiveRights_control(ld,

get_effectiverights_control_target_dn,

(const char**) get_effectiverights_control_attrlist)) !=NULL) {

ldaptool_add_control_to_array(ldctrl, ldaptool_request_ctrls);

}

}

#endif /* SOLARIS_LDAP_CMD */

if (use_psearch) {

if ( ldap_create_persistentsearch_control( ld, chgtype,

changesonly, return_echg_ctls,

1, &ldctrl ) != LDAP_SUCCESS )

{

ldap_perror( ld, "ldap_create_persistentsearch_control" );

return (1);

}

ldaptool_add_control_to_array(ldctrl, ldaptool_request_ctrls);

}

if (server_sort) {

/* First make a sort key list from the attribute list we have */

LDAPsortkey **keylist = NULL;

int i = 0;

char *sortattrs = NULL;

char *s = NULL;

int string_length = 0;

/* Count the sort strings */

for (i = 0; i < sortsize - 1 ; i++) {

string_length += strlen(sortattr[i]) + 1;

}

sortattrs = (char *) malloc(string_length + 1);

if (NULL == sortattrs) {

fprintf( stderr, gettext("Out of memory\n") );

exit( LDAP_NO_MEMORY );

}

s = sortattrs;

for (i = 0; i < sortsize - 1 ; i++) {

memcpy(s, sortattr[i], strlen(sortattr[i]));

s += strlen(sortattr[i]);

*s++ = ' ';

}

sortattrs[string_length] = '\0';

ldap_create_sort_keylist(&keylist,sortattrs);

free(sortattrs);

sortattrs = NULL;

/* Then make a control for the sort attributes we have */

rc = ldap_create_sort_control(ld,keylist,0,&ldctrl);

ldap_free_sort_keylist(keylist);

if ( rc != LDAP_SUCCESS ) {

if (mallocd_filter) free(filterp);

return( ldaptool_print_lderror( ld, "ldap_create_sort_control",

LDAPTOOL_CHECK4SSL_IF_APPROP ));

}

ldaptool_add_control_to_array(ldctrl, ldaptool_request_ctrls);

}

/* remember server side sorting must be available for vlv!!!! */

if (use_vlv)

{

vlv_data.ldvlist_before_count = vlv_before;

vlv_data.ldvlist_after_count = vlv_after;

if ( ldaptool_verbose ) {

printf( gettext("vlv data %lu, %lu, "),

vlv_data.ldvlist_before_count,

vlv_data.ldvlist_after_count

);

}

if (vlv_value)

{

vlv_data.ldvlist_attrvalue = vlv_value;

vlv_data.ldvlist_size = 0;

vlv_data.ldvlist_index = 0;

if ( ldaptool_verbose ) {

printf( "%s, 0, 0\n", vlv_data.ldvlist_attrvalue);

}

}

else

{

vlv_data.ldvlist_attrvalue = NULL;

vlv_data.ldvlist_size = vlv_count;

vlv_data.ldvlist_index = vlv_index;

if ( ldaptool_verbose ) {

printf( "(null), %lu, %lu\n", vlv_data.ldvlist_size, vlv_data.ldvlist_index );

}

}

if ( rc != LDAP_SUCCESS ) {

if (mallocd_filter) free(filterp);

return( ldaptool_print_lderror( ld, "ldap_create_sort_control",

LDAPTOOL_CHECK4SSL_IF_APPROP ));

}

if (LDAP_SUCCESS != (rc = ldap_create_virtuallist_control(ld,

&vlv_data, &ldctrl)))

{

if (mallocd_filter) free(filterp);

return( ldaptool_print_lderror( ld,

"ldap_create_virtuallist_control",

LDAPTOOL_CHECK4SSL_IF_APPROP ));

}

ldaptool_add_control_to_array(ldctrl, ldaptool_request_ctrls);

}

if ( ldap_search_ext( ld, base, scope, filterp, attrs, attrsonly,

ldaptool_request_ctrls, NULL, NULL, -1, &msgid )

!= LDAP_SUCCESS ) {

if (mallocd_filter) free(filterp);

return( ldaptool_print_lderror( ld, "ldap_search",

LDAPTOOL_CHECK4SSL_IF_APPROP ));

}

matches = 0;

first = 1;

if ( sortattr && !server_sort ) {

rc = ldap_result( ld, LDAP_RES_ANY, 1, NULL, &res );

} else {

while ( (rc = ldap_result( ld, LDAP_RES_ANY, 0, NULL, &res )) !=

LDAP_RES_SEARCH_RESULT && rc != -1 ) {

if ( rc != LDAP_RES_SEARCH_ENTRY ) {

if ( rc == LDAP_RES_SEARCH_REFERENCE ) {

parse_and_display_reference( ld, res );

} else if ( rc == LDAP_RES_EXTENDED

&& ldap_msgid( res ) == LDAP_RES_UNSOLICITED ) {

ldaptool_print_extended_response( ld, res,

gettext("Unsolicited response") );

} else {

fprintf( stderr, gettext("%s: ignoring LDAP response message"

" type 0x%x (%s)\n"),

ldaptool_progname, rc, msgtype2str( rc ));

}

ldap_msgfree( res );

continue;

}

matches++;

e = ldap_first_entry( ld, res );

if ( !first ) {

putchar( '\n' );

} else {

first = 0;

}

print_entry( ld, e, attrsonly );

ldap_msgfree( res );

}

}

if ( rc == -1 ) {

if (mallocd_filter) free(filterp);

return( ldaptool_print_lderror( ld, "ldap_result",

LDAPTOOL_CHECK4SSL_IF_APPROP ));

}

if ( ldap_parse_result( ld, res, &rc, NULL, NULL, &refs,

&ctrl_response_array, 0 ) != LDAP_SUCCESS ) {

ldaptool_print_lderror( ld, "ldap_parse_result",

LDAPTOOL_CHECK4SSL_IF_APPROP );

} else if ( rc != LDAP_SUCCESS ) {

ldaptool_print_lderror( ld, "ldap_search",

LDAPTOOL_CHECK4SSL_IF_APPROP );

}

/* Parse the returned sort control */

if (server_sort) {

unsigned long result = 0;

char *attribute;

if ( LDAP_SUCCESS != ldap_parse_sort_control(ld,ctrl_response_array,&result,&attribute) ) {

ldaptool_print_lderror(ld, "ldap_parse_sort_control",

LDAPTOOL_CHECK4SSL_IF_APPROP );

ldap_controls_free(ctrl_response_array);

ldap_msgfree(res);

if (mallocd_filter) free(filterp);

return ( ldap_get_lderrno( ld, NULL, NULL ) );

}

if (0 == result) {

if ( ldaptool_verbose ) {

printf( gettext("Server indicated results sorted OK\n"));

}

} else {

if (NULL != attribute) {

printf(gettext("Server reported sorting error %ld: %s, attribute in error\"%s\"\n"),result,sortresult2string(result),attribute);

} else {

printf(gettext("Server reported sorting error %ld: %s\n"),result,sortresult2string(result));

}

}

}

if (use_vlv)

{

unsigned long vpos, vcount;

int vresult;

if ( LDAP_SUCCESS != ldap_parse_virtuallist_control(ld,ctrl_response_array,&vpos, &vcount,&vresult) ) {

ldaptool_print_lderror( ld, "ldap_parse_virtuallist_control",

LDAPTOOL_CHECK4SSL_IF_APPROP );

ldap_controls_free(ctrl_response_array);

ldap_msgfree(res);

if (mallocd_filter) free(filterp);

return ( ldap_get_lderrno( ld, NULL, NULL ) );

}

if (0 == vresult) {

if ( ldaptool_verbose ) {

printf( gettext("Server indicated virtual list positioning OK\n"));

}

printf(gettext("index %lu content count %lu\n"), vpos, vcount);

} else {

printf(gettext("Server reported sorting error %d: %s\n"),vresult,sortresult2string(vresult));

}

}

ldap_controls_free(ctrl_response_array);

if ( sortattr != NULL && !server_sort) {

(void) ldap_multisort_entries( ld, &res,

( *sortattr == NULL ) ? NULL : sortattr,

(LDAP_CMP_CALLBACK *)strcasecmp );

matches = 0;

first = 1;

for ( e = ldap_first_entry( ld, res ); e != NULLMSG;

e = ldap_next_entry( ld, e ) ) {

matches++;

if ( !first ) {

putchar( '\n' );

} else {

first = 0;

}

print_entry( ld, e, attrsonly );

}

}

if ( ldaptool_verbose ) {

printf( gettext("%d matches\n"), matches );

}

if ( refs != NULL ) {

ldaptool_print_referrals( refs );

ldap_value_free( refs );

}

if (mallocd_filter) free(filterp);

ldap_msgfree( res );

return( rc );

}

static void

print_entry( ld, entry, attrsonly )

LDAP *ld;

LDAPMessage *entry;

int attrsonly;

{

char *a, *dn, *ufn, tmpfname[ BUFSIZ ];

int i, notascii;

BerElement *ber;

struct berval **bvals;

FILE *tmpfp;

#if defined( XP_WIN32 )

char mode[20] = "w+b";

#else

char mode[20] = "w";

#endif

dn = ldap_get_dn( ld, entry );

write_string_attr_value( "dn", dn, LDAPTOOL_WRITEVALOPT_SUPPRESS_NAME );

if ( includeufn ) {

ufn = ldap_dn2ufn( dn );

write_string_attr_value( "ufn", ufn,

LDAPTOOL_WRITEVALOPT_SUPPRESS_NAME );

free( ufn );

}

ldap_memfree( dn );

if ( use_psearch ) {

LDAPControl **ectrls;

int chgtype, chgnumpresent;

#ifdef SOLARIS_LDAP_CMD

ber_int_t chgnum;

#else

long chgnum;

#endif /* SOLARIS_LDAP_CMD */

char *prevdn, longbuf[ 128 ];

if ( ldap_get_entry_controls( ld, entry, &ectrls ) == LDAP_SUCCESS ) {

if ( ldap_parse_entrychange_control( ld, ectrls, &chgtype,

&prevdn, &chgnumpresent, &chgnum ) == LDAP_SUCCESS ) {

write_string_attr_value(

LDAPTOOL_PSEARCH_ATTR_PREFIX "changeType",

changetype_num2string( chgtype ), 0 );

if ( chgnumpresent ) {

sprintf( longbuf, "%d", chgnum );

write_string_attr_value(

LDAPTOOL_PSEARCH_ATTR_PREFIX "changeNumber",

longbuf, 0 );

}

if ( NULL != prevdn ) {

write_string_attr_value(

LDAPTOOL_PSEARCH_ATTR_PREFIX "previousDN",

prevdn, 0 );

ldap_memfree( prevdn );

}

}

ldap_controls_free (ectrls);

}

}

for ( a = ldap_first_attribute( ld, entry, &ber ); a != NULL;

a = ldap_next_attribute( ld, entry, ber ) ) {

if ( ldap_charray_inlist(sortattr, a) && /* in the list*/

skipsortattr[ldap_charray_position(sortattr, a)] ) {/* and skip it*/

continue; /* so skip it! */

}

if ( attrsonly ) {

if ( ldif ) {

write_ldif_value( a, "", 0, 0 );

} else {

printf( "%s\n", a );

}

} else if (( bvals = ldap_get_values_len( ld, entry, a )) != NULL ) {

for ( i = 0; bvals[i] != NULL; i++ ) {

if ( vals2tmp ) {

#ifdef HAVE_SNPRINTF

if ( snprintf( tmpfname, sizeof(tmpfname),

"%s/ldapsearch-%s-XXXXXX",

ldaptool_get_tmp_dir(), a ) < 0 ) {

perror( gettext("snprintf tmpfname (attribute name too long?)") );

exit( LDAP_PARAM_ERROR );

}

#else

sprintf( tmpfname, "%s/ldapsearch-%s-XXXXXX",

ldaptool_get_tmp_dir(), a );

#endif

tmpfp = NULL;

if ( LDAPTOOL_MKTEMP( tmpfname ) == NULL ) {

perror( tmpfname );

} else if (( tmpfp = ldaptool_open_file( tmpfname, mode)) == NULL ) {

perror( tmpfname );

} else if ( bvals[ i ]->bv_len > 0 &&

fwrite( bvals[ i ]->bv_val,

bvals[ i ]->bv_len, 1, tmpfp ) == 0 ) {

perror( tmpfname );

} else if ( ldif ) {

if ( produce_file_urls ) {

char *url;

if ( ldaptool_path2fileurl( tmpfname, &url ) !=

LDAPTOOL_FILEURL_SUCCESS ) {

perror( "ldaptool_path2fileurl" );

} else {

write_ldif_value( a, url, strlen( url ),

LDIF_OPT_VALUE_IS_URL );

free( url );

}

} else {

write_ldif_value( a, tmpfname, strlen( tmpfname ),

0 );

}

} else {

printf( "%s%s%s\n", a, sep, tmpfname );

}

if ( tmpfp != NULL ) {

fclose( tmpfp );

}

} else {

notascii = 0;

if ( !ldif && !allow_binary ) {

notascii = !ldaptool_berval_is_ascii( bvals[i] );

}

if ( ldif ) {

write_ldif_value( a, bvals[ i ]->bv_val,

bvals[ i ]->bv_len, 0 );

} else {

printf( "%s%s%s\n", a, sep,

notascii ? gettext("NOT ASCII") : bvals[ i ]->bv_val );

}

}

}

ber_bvecfree( bvals );

}

ldap_memfree( a );

}

if ( ldap_get_lderrno( ld, NULL, NULL ) != LDAP_SUCCESS ) {

ldaptool_print_lderror( ld, "ldap_first_attribute/ldap_next_attribute",

LDAPTOOL_CHECK4SSL_IF_APPROP );

}

if ( ber != NULL ) {

ber_free( ber, 0 );

}

}

static void

write_string_attr_value( char *attrname, char *strval, unsigned long opts )

{

if ( strval == NULL ) {

strval = "";

}

if ( ldif ) {

write_ldif_value( attrname, strval, strlen( strval ), 0 );

} else if ( 0 != ( opts & LDAPTOOL_WRITEVALOPT_SUPPRESS_NAME )) {

printf( "%s\n", strval );

} else {

printf( "%s%s%s\n", attrname, sep, strval );

}

}

static int

write_ldif_value( char *type, char *value, unsigned long vallen,

unsigned long ldifoptions )

{

char *ldif;

static int wrote_version = 0;

if ( write_ldif_version && !wrote_version ) {

char versionbuf[ 64 ];

wrote_version = 1;

sprintf( versionbuf, "%d", LDIF_VERSION_ONE );

write_ldif_value( "version", versionbuf, strlen( versionbuf ), 0 );

}

if ( !fold ) {

ldifoptions |= LDIF_OPT_NOWRAP;

}

if ( minimize_base64 ) {

ldifoptions |= LDIF_OPT_MINIMAL_ENCODING;

}

if (( ldif = ldif_type_and_value_with_options( type, value, (int)vallen,

ldifoptions )) == NULL ) {

return( -1 );

}

fputs( ldif, stdout );

free( ldif );

return( 0 );

}

static char *

sortresult2string(unsigned long result)

{

/*

switch (result) {

case 0: return (gettext("success"));

case 1: return (gettext("operations error"));

case 3: return (gettext("time limit exceeded"));

case 8: return (gettext("strong auth required"));

case 11: return (gettext("admin limit exceeded"));

case 16: return (gettext("no such attribute"));

case 18: return (gettext("unrecognized or inappropriate matching rule"));

case 50: return (gettext("insufficient access rights"));

case 51: return (gettext("too busy"));

case 53: return (gettext("unable to sort"));

case 80:

default: return (gettext("Er...Other ?"));

}

}

static void

parse_and_display_reference( LDAP *ld, LDAPMessage *ref )

{

int i;

char **refs;

if ( ldap_parse_reference( ld, ref, &refs, NULL, 0 ) != LDAP_SUCCESS ) {

ldaptool_print_lderror( ld, "ldap_parse_reference",

LDAPTOOL_CHECK4SSL_IF_APPROP );

} else if ( refs != NULL && refs[ 0 ] != NULL ) {

fputs( gettext("Unfollowed continuation reference(s):\n"), stderr );

for ( i = 0; refs[ i ] != NULL; ++i ) {

fprintf( stderr, " %s\n", refs[ i ] );

}

ldap_value_free( refs );

}

}

#ifndef LDAP_REQ_BIND

#define LDAP_REQ_BIND 0x60L /* application + constructed */

#define LDAP_REQ_UNBIND 0x42L /* application + primitive */

#define LDAP_REQ_SEARCH 0x63L /* application + constructed */

#define LDAP_REQ_MODIFY 0x66L /* application + constructed */

#define LDAP_REQ_ADD 0x68L /* application + constructed */

#define LDAP_REQ_DELETE 0x4aL /* application + primitive */

#define LDAP_REQ_RENAME 0x6cL /* application + constructed */

#define LDAP_REQ_COMPARE 0x6eL /* application + constructed */

#define LDAP_REQ_ABANDON 0x50L /* application + primitive */

#define LDAP_REQ_EXTENDED 0x77L /* application + constructed */

#endif /* LDAP_REQ_BIND */

struct ldapsearch_type2str {

int ldst2s_type; /* message type */

char *ldst2s_string; /* descriptive string */

};

#ifdef SOLARIS_LDAP_CMD

static struct ldapsearch_type2str ldapsearch_msgtypes[] = {

/* results: */

{ LDAP_RES_BIND, NULL },

{ LDAP_RES_SEARCH_REFERENCE, NULL },

{ LDAP_RES_SEARCH_ENTRY, NULL },

{ LDAP_RES_SEARCH_RESULT, NULL },

{ LDAP_RES_MODIFY, NULL },

{ LDAP_RES_ADD, NULL },

{ LDAP_RES_DELETE, NULL },

{ LDAP_RES_MODDN, NULL },

{ LDAP_RES_COMPARE, NULL },

{ LDAP_RES_EXTENDED, NULL },

/* requests: */

{ LDAP_REQ_BIND, NULL },

{ LDAP_REQ_UNBIND, NULL },

{ LDAP_REQ_SEARCH, NULL },

{ LDAP_REQ_MODIFY, NULL },

{ LDAP_REQ_ADD, NULL },

{ LDAP_REQ_DELETE, NULL },

{ LDAP_REQ_RENAME, NULL },

{ LDAP_REQ_COMPARE, NULL },

{ LDAP_REQ_ABANDON, NULL },

{ LDAP_REQ_EXTENDED, NULL },

};

#else

static struct ldapsearch_type2str ldapsearch_msgtypes[] = {

/* results: */

{ LDAP_RES_BIND, "bind result" },

{ LDAP_RES_SEARCH_REFERENCE, "continuation reference" },

{ LDAP_RES_SEARCH_ENTRY, "entry" },

{ LDAP_RES_SEARCH_RESULT, "search result" },

{ LDAP_RES_MODIFY, "modify result" },

{ LDAP_RES_ADD, "add result" },

{ LDAP_RES_DELETE, "delete result" },

{ LDAP_RES_MODDN, "rename result" },

{ LDAP_RES_COMPARE, "compare result" },

{ LDAP_RES_EXTENDED, "extended operation result" },

/* requests: */

{ LDAP_REQ_BIND, "bind request" },

{ LDAP_REQ_UNBIND, "unbind request" },

{ LDAP_REQ_SEARCH, "search request" },

{ LDAP_REQ_MODIFY, "modify request" },

{ LDAP_REQ_ADD, "add request" },

{ LDAP_REQ_DELETE, "delete request" },

{ LDAP_REQ_RENAME, "rename request" },

{ LDAP_REQ_COMPARE, "compare request" },

{ LDAP_REQ_ABANDON, "abandon request" },

{ LDAP_REQ_EXTENDED, "extended request" },

};

#endif /* SOLARIS_LDAP_CMD */

#define LDAPSEARCHTOOL_NUMTYPES (sizeof(ldapsearch_msgtypes) \

/ sizeof(struct ldapsearch_type2str))

#ifdef SOLARIS_LDAP_CMD

static void

fill_ldapsearch_msgtypes( void )

{

int i = 0;

if (ldapsearch_msgtypes[LDAPSEARCHTOOL_NUMTYPES - 1].ldst2s_string

!= NULL)

return;

/* results: */

ldapsearch_msgtypes[i++].ldst2s_string = gettext(

"bind result");

ldapsearch_msgtypes[i++].ldst2s_string = gettext(

"continuation reference");

ldapsearch_msgtypes[i++].ldst2s_string = gettext(

"entry");

ldapsearch_msgtypes[i++].ldst2s_string = gettext(

"search result");

ldapsearch_msgtypes[i++].ldst2s_string = gettext(

"modify result");

ldapsearch_msgtypes[i++].ldst2s_string = gettext(

"add result");

ldapsearch_msgtypes[i++].ldst2s_string = gettext(

"delete result");

ldapsearch_msgtypes[i++].ldst2s_string = gettext(

"rename result");

ldapsearch_msgtypes[i++].ldst2s_string = gettext(

"compare result");

ldapsearch_msgtypes[i++].ldst2s_string = gettext(

"extended operation result");

/* requests: */

ldapsearch_msgtypes[i++].ldst2s_string = gettext(

"bind request");

ldapsearch_msgtypes[i++].ldst2s_string = gettext(

"unbind request");

ldapsearch_msgtypes[i++].ldst2s_string = gettext(

"search request");

ldapsearch_msgtypes[i++].ldst2s_string = gettext(

"modify request");

ldapsearch_msgtypes[i++].ldst2s_string = gettext(

"add request");

ldapsearch_msgtypes[i++].ldst2s_string = gettext(

"delete request");

ldapsearch_msgtypes[i++].ldst2s_string = gettext(

"rename request");

ldapsearch_msgtypes[i++].ldst2s_string = gettext(

"compare request");

ldapsearch_msgtypes[i++].ldst2s_string = gettext(

"abandon request");

ldapsearch_msgtypes[i++].ldst2s_string = gettext(

"extended request");

}

#endif /* SOLARIS_LDAP_CMD */

static char *

msgtype2str( int msgtype )

{

char *s = gettext("unknown");

int i;

#ifdef SOLARIS_LDAP_CMD

/* Make sure ldapsearch_msgtypes is initialized */

if (ldapsearch_msgtypes[LDAPSEARCHTOOL_NUMTYPES - 1].ldst2s_string

== NULL)

(void) fill_ldapsearch_msgtypes();

#endif /* SOLARIS_LDAP_CMD */

for ( i = 0; i < LDAPSEARCHTOOL_NUMTYPES; ++i ) {

if ( msgtype == ldapsearch_msgtypes[ i ].ldst2s_type ) {

s = ldapsearch_msgtypes[ i ].ldst2s_string;

}

}

return( s );

}

static char *

changetype_num2string( int chgtype )

{

char *s = gettext("unknown");

switch( chgtype ) {

case LDAP_CHANGETYPE_ADD:

s = gettext("add");

break;

case LDAP_CHANGETYPE_DELETE:

s = gettext("delete");

break;

case LDAP_CHANGETYPE_MODIFY:

s = gettext("modify");

break;

case LDAP_CHANGETYPE_MODDN:

s = gettext("moddn");

break;

}

return( s );

}

static char **get_effectiverights_attrlist(char * optarg) {

char * tmp_str = strdup(optarg);

char ** retArray = NULL;

int i = 0;

retArray = ldap_str2charray( tmp_str, " "); /* takes copies */

free(tmp_str);

/* Oops - somebody left this debug message in for the

i = 0;

while( retArray[i] != NULL ) {

fprintf(stderr,"%s ", retArray[i]);

i++;

}

fprintf(stderr, "\n");

return(retArray);

}