Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in / Register
Toggle navigation
Menu
Open sidebar
Joe Martin
OpenLDAP
Commits
4e32148a
Commit
4e32148a
authored
Sep 01, 2007
by
Quanah Gibson-Mount
Browse files
Sync with HEAD for OL 2.4.5
parent
5a9f4f49
Changes
463
Expand all
Hide whitespace changes
Inline
Side-by-side
COPYRIGHT
View file @
4e32148a
...
...
@@ -36,9 +36,11 @@ Public License.
---
Portions Copyright 1999-200
5
Howard Y.H. Chu.
Portions Copyright 1999-200
5
Symas Corporation.
Portions Copyright 1999-200
7
Howard Y.H. Chu.
Portions Copyright 1999-200
7
Symas Corporation.
Portions Copyright 1998-2003 Hallvard B. Furuseth.
Portions Copyright 2007 Gavin Henry
Portions Copyright 2007 Suretec Systems
All rights reserved.
Redistribution and use in source and binary forms, with or without
...
...
README
View file @
4e32148a
...
...
@@ -21,10 +21,6 @@ REQUIRED SOFTWARE
SLAPD:
BDB and HDB backends require Sleepycat Berkeley DB 4.2 or later
SLURPD:
LTHREAD compatible thread package
[POSIX threads, Mach Cthreads, select others]
CLIENTS/CONTRIB ware:
Depends on package. See per package README.
...
...
build/config.guess
View file @
4e32148a
...
...
@@ -29,7 +29,7 @@ timestamp='2003-07-02-OpenLDAP'
# configuration script generated by Autoconf, and is distributable
# under the same distributions terms as OpenLDAP itself.
## Copyright 1998-2007 The OpenLDAP Foundation.
##
Portions
Copyright 1998-2007 The OpenLDAP Foundation.
## All rights reserved.
##
## Redistribution and use in source and binary forms, with or without
...
...
build/config.sub
View file @
4e32148a
...
...
@@ -34,7 +34,7 @@ timestamp='2003-07-04-OpenLDAP'
# configuration script generated by Autoconf, and is distributable
# under the same distributions terms as OpenLDAP itself.
## Copyright 1998-2007 The OpenLDAP Foundation.
##
Portions
Copyright 1998-2007 The OpenLDAP Foundation.
## All rights reserved.
##
## Redistribution and use in source and binary forms, with or without
...
...
build/ltmain.sh
View file @
4e32148a
...
...
@@ -26,9 +26,9 @@
# This file is distributed with OpenLDAP Software, which contains a
# configuration script generated by Autoconf, and is distributable
# under the same distributions terms as OpenLDAP i
n
self.
# under the same distributions terms as OpenLDAP i
t
self.
## Copyright 1998-2007 The OpenLDAP Foundation.
##
Portions
Copyright 1998-2007 The OpenLDAP Foundation.
## All rights reserved.
##
## Redistribution and use in source and binary forms, with or without
...
...
build/openldap.m4
View file @
4e32148a
...
...
@@ -91,6 +91,7 @@ EOF
done
rm -f conftest*
])
test "$ol_cv_mkdep" = no && OL_MKDEP=":"
else
cc_cv_mkdep=yes
OL_MKDEP_FLAGS="${MKDEP_FLAGS}"
...
...
@@ -627,9 +628,9 @@ main()
}
#if (DB_VERSION_MAJOR > 3) || (DB_VERSION_MINOR >= 1)
rc = env->open( env, NULL, flags, 0 );
rc =
(
env->open
)
( env, NULL, flags, 0 );
#else
rc = env->open( env, NULL, NULL, flags, 0 );
rc =
(
env->open
)
( env, NULL, NULL, flags, 0 );
#endif
if ( rc == 0 ) {
...
...
@@ -736,152 +737,6 @@ fi
])
dnl
dnl ====================================================================
dnl Check if GDBM library exists
dnl Check for gdbm_open in standard libraries or -lgdbm
dnl
dnl defines ol_cv_lib_gdbm to 'yes' or '-lgdbm' or 'no'
dnl 'yes' implies gdbm_open is in $LIBS
dnl
dnl uses:
dnl AC_CHECK_FUNC(gdbm_open)
dnl AC_CHECK_LIB(gdbm,gdbm_open)
dnl
AC_DEFUN([OL_LIB_GDBM],
[AC_CACHE_CHECK(for GDBM library, [ol_cv_lib_gdbm],
[ ol_LIBS="$LIBS"
AC_CHECK_FUNC(gdbm_open,[ol_cv_lib_gdbm=yes], [
AC_CHECK_LIB(gdbm,gdbm_open,[ol_cv_lib_gdbm=-lgdbm],[ol_cv_lib_gdbm=no])
])
LIBS="$ol_LIBS"
])
])dnl
dnl
dnl --------------------------------------------------------------------
dnl Check if GDBM exists
dnl
dnl defines ol_cv_gdbm to 'yes' or 'no'
dnl
dnl uses:
dnl OL_LIB_GDBM
dnl AC_CHECK_HEADERS(gdbm.h)
dnl
AC_DEFUN([OL_GDBM],
[AC_REQUIRE([OL_LIB_GDBM])
AC_CHECK_HEADERS(gdbm.h)
AC_CACHE_CHECK(for db, [ol_cv_gdbm], [
if test $ol_cv_lib_gdbm = no || test $ac_cv_header_gdbm_h = no ; then
ol_cv_gdbm=no
else
ol_cv_gdbm=yes
fi
])
if test $ol_cv_gdbm = yes ; then
AC_DEFINE(HAVE_GDBM,1, [define if GNU DBM is available])
fi
])dnl
dnl
dnl ====================================================================
dnl Check if MDBM library exists
dnl Check for mdbm_open in standard libraries or -lmdbm
dnl
dnl defines ol_cv_lib_mdbm to 'yes' or '-lmdbm' or 'no'
dnl 'yes' implies mdbm_open is in $LIBS
dnl
dnl uses:
dnl AC_CHECK_FUNC(mdbm_set_chain)
dnl AC_CHECK_LIB(mdbm,mdbm_set_chain)
dnl
AC_DEFUN([OL_LIB_MDBM],
[AC_CACHE_CHECK(for MDBM library, [ol_cv_lib_mdbm],
[ ol_LIBS="$LIBS"
AC_CHECK_FUNC(mdbm_set_chain,[ol_cv_lib_mdbm=yes], [
AC_CHECK_LIB(mdbm,mdbm_set_chain,[ol_cv_lib_mdbm=-lmdbm],[ol_cv_lib_mdbm=no])
])
LIBS="$ol_LIBS"
])
])dnl
dnl
dnl --------------------------------------------------------------------
dnl Check if MDBM exists
dnl
dnl defines ol_cv_mdbm to 'yes' or 'no'
dnl
dnl uses:
dnl OL_LIB_MDBM
dnl AC_CHECK_HEADERS(mdbm.h)
dnl
AC_DEFUN([OL_MDBM],
[AC_REQUIRE([OL_LIB_MDBM])
AC_CHECK_HEADERS(mdbm.h)
AC_CACHE_CHECK(for db, [ol_cv_mdbm], [
if test $ol_cv_lib_mdbm = no || test $ac_cv_header_mdbm_h = no ; then
ol_cv_mdbm=no
else
ol_cv_mdbm=yes
fi
])
if test $ol_cv_mdbm = yes ; then
AC_DEFINE(HAVE_MDBM,1, [define if MDBM is available])
fi
])dnl
dnl
dnl ====================================================================
dnl Check if NDBM library exists
dnl Check for dbm_open in standard libraries or -lndbm or -ldbm
dnl
dnl defines ol_cv_lib_ndbm to 'yes' or '-lndbm' or -ldbm or 'no'
dnl 'yes' implies ndbm_open is in $LIBS
dnl
dnl uses:
dnl AC_CHECK_FUNC(dbm_open)
dnl AC_CHECK_LIB(ndbm,dbm_open)
dnl AC_CHECK_LIB(dbm,dbm_open)
dnl
dnl restrictions:
dnl should also check SVR4 case: dbm_open() in -lucb but that
dnl would requiring dealing with -L/usr/ucblib
dnl
AC_DEFUN([OL_LIB_NDBM],
[AC_CACHE_CHECK(for NDBM library, [ol_cv_lib_ndbm],
[ ol_LIBS="$LIBS"
AC_CHECK_FUNC(dbm_open,[ol_cv_lib_ndbm=yes], [
AC_CHECK_LIB(ndbm,dbm_open,[ol_cv_lib_ndbm=-lndbm], [
AC_CHECK_LIB(dbm,dbm_open,[ol_cv_lib_ndbm=-ldbm],
[ol_cv_lib_ndbm=no])dnl
])
])
LIBS="$ol_LIBS"
])
])dnl
dnl
dnl --------------------------------------------------------------------
dnl Check if NDBM exists
dnl
dnl defines ol_cv_ndbm to 'yes' or 'no'
dnl
dnl uses:
dnl OL_LIB_NDBM
dnl AC_CHECK_HEADERS(ndbm.h)
dnl
dnl restrictions:
dnl Doesn't handle SVR4 case (see above)
dnl
AC_DEFUN([OL_NDBM],
[AC_REQUIRE([OL_LIB_NDBM])
AC_CHECK_HEADERS(ndbm.h)
AC_CACHE_CHECK(for db, [ol_cv_ndbm], [
if test $ol_cv_lib_ndbm = no || test $ac_cv_header_ndbm_h = no ; then
ol_cv_ndbm=no
else
ol_cv_ndbm=yes
fi
])
if test $ol_cv_ndbm = yes ; then
AC_DEFINE(HAVE_NDBM,1, [define if NDBM is available])
fi
])dnl
dnl
dnl ====================================================================
dnl Check POSIX Thread version
dnl
dnl defines ol_cv_pthread_version to 4, 5, 6, 7, 8, 10, depending on the
...
...
build/top.mk
View file @
4e32148a
...
...
@@ -170,10 +170,8 @@ LDAP_LIBLUTIL_A = $(LDAP_LIBDIR)/liblutil/liblutil.a
LDAP_L
=
$(LDAP_LIBLUTIL_A)
\
$(LDAP_LIBLDAP_LA)
$(LDAP_LIBLBER_LA)
SLURPD_L
=
$(LDAP_LIBLUTIL_A)
\
$(LDAP_LIBLDAP_R_LA)
$(LDAP_LIBLBER_LA)
SLAPD_L
=
$(LDAP_LIBLUNICODE_A)
$(LDAP_LIBREWRITE_A)
\
$(
SLURPD_L
)
$(
LDAP_LIBLUTIL_A)
$(LDAP_LIBLDAP_R_LA)
$(LDAP_LIBLBER_LA
)
WRAP_LIBS
=
@WRAP_LIBS@
# AutoConfig generated
...
...
@@ -202,7 +200,6 @@ SLAPD_SQL_INCLUDES = @SLAPD_SQL_INCLUDES@
SLAPD_SQL_LIBS
=
@SLAPD_SQL_LIBS@
SLAPD_LIBS
=
@SLAPD_LIBS@ @SLAPD_PERL_LDFLAGS@ @SLAPD_SQL_LDFLAGS@ @SLAPD_SQL_LIBS@ @SLAPD_SLP_LIBS@ @SLAPD_GMP_LIBS@
$(ICU_LIBS)
SLURPD_LIBS
=
@SLURPD_LIBS@
# Our Defaults
CC
=
$(AC_CC)
...
...
clients/tools/common.c
View file @
4e32148a
...
...
@@ -33,6 +33,7 @@
#include
<ac/unistd.h>
#include
<ac/errno.h>
#include
<ac/time.h>
#include
<ac/socket.h>
#ifdef HAVE_CYRUS_SASL
#ifdef HAVE_SASL_SASL_H
...
...
@@ -113,6 +114,13 @@ int chaining = 0;
static
int
chainingResolve
=
-
1
;
static
int
chainingContinuation
=
-
1
;
#endif
/* LDAP_CONTROL_X_CHAINING_BEHAVIOR */
#ifdef LDAP_CONTROL_X_SESSION_TRACKING
static
int
sessionTracking
=
0
;
struct
berval
stValue
;
#endif
/* LDAP_CONTROL_X_SESSION_TRACKING */
LDAPControl
*
unknown_ctrls
=
NULL
;
int
unknown_ctrls_num
=
0
;
/* options */
struct
timeval
nettimeout
=
{
-
1
,
0
};
...
...
@@ -144,6 +152,53 @@ static struct tool_ctrls_t {
static
int
gotintr
;
static
int
abcan
;
#ifdef LDAP_CONTROL_X_SESSION_TRACKING
static
int
st_value
(
LDAP
*
ld
,
struct
berval
*
value
)
{
char
*
ip
=
NULL
,
*
name
=
NULL
;
struct
berval
id
=
{
0
};
char
namebuf
[
MAXHOSTNAMELEN
];
if
(
gethostname
(
namebuf
,
sizeof
(
namebuf
)
)
==
0
)
{
struct
hostent
*
h
;
struct
in_addr
addr
;
name
=
namebuf
;
h
=
gethostbyname
(
name
);
if
(
h
!=
NULL
)
{
AC_MEMCPY
(
&
addr
,
h
->
h_addr
,
sizeof
(
addr
)
);
ip
=
inet_ntoa
(
addr
);
}
}
#ifdef HAVE_CYRUS_SASL
if
(
sasl_authz_id
!=
NULL
)
{
ber_str2bv
(
sasl_authz_id
,
0
,
0
,
&
id
);
}
else
if
(
sasl_authc_id
!=
NULL
)
{
ber_str2bv
(
sasl_authc_id
,
0
,
0
,
&
id
);
}
else
#endif
/* HAVE_CYRUS_SASL */
if
(
binddn
!=
NULL
)
{
ber_str2bv
(
binddn
,
0
,
0
,
&
id
);
}
if
(
ldap_create_session_tracking_value
(
ld
,
ip
,
name
,
LDAP_CONTROL_X_SESSION_TRACKING_USERNAME
,
&
id
,
&
stValue
)
)
{
fprintf
(
stderr
,
_
(
"Session tracking control encoding error!
\n
"
)
);
return
-
1
;
}
return
0
;
}
#endif
/* LDAP_CONTROL_X_SESSION_TRACKING */
RETSIGTYPE
do_sig
(
int
sig
)
{
...
...
@@ -175,7 +230,6 @@ tool_common_usage( void )
{
static
const
char
*
const
descriptions
[]
=
{
N_
(
" -c continuous operation mode (do not stop on errors)
\n
"
),
N_
(
" -C chase referrals (anonymously)
\n
"
),
N_
(
" -d level set LDAP debugging level to `level'
\n
"
),
N_
(
" -D binddn bind DN
\n
"
),
N_
(
" -e [!]<ext>[=<extparam>] general extensions (! indicates criticality)
\n
"
)
...
...
@@ -199,15 +253,16 @@ N_(" ppolicy\n")
#endif
N_
(
" [!]postread[=<attrs>] (a comma-separated attribute list)
\n
"
)
N_
(
" [!]preread[=<attrs>] (a comma-separated attribute list)
\n
"
)
#ifdef LDAP_DEVEL
N_
(
" [!]relax
\n
"
)
#endif
#ifdef LDAP_CONTROL_X_SESSION_TRACKING
N_
(
" [!]sessiontracking
\n
"
)
#endif
/* LDAP_CONTROL_X_SESSION_TRACKING */
N_
(
" abandon, cancel, ignore (SIGINT sends abandon/cancel,
\n
"
" or ignores response; if critical, doesn't wait for SIGINT.
\n
"
" not really controls)
\n
"
)
N_
(
" -f file read operations from `file'
\n
"
),
N_
(
" -h host LDAP server
\n
"
),
N_
(
" -H URI LDAP Uniform Resource I
n
dentifier(s)
\n
"
),
N_
(
" -H URI LDAP Uniform Resource Identifier(s)
\n
"
),
N_
(
" -I use SASL Interactive mode
\n
"
),
N_
(
" -M enable Manage DSA IT control (-MM to make critical)
\n
"
),
N_
(
" -n show what would be done but don't actually do it
\n
"
),
...
...
@@ -215,7 +270,7 @@ N_(" -O props SASL security properties\n"),
N_
(
" -o <opt>[=<optparam] general options
\n
"
),
N_
(
" nettimeout=<timeout> (in seconds, or
\"
none
\"
or
\"
max
\"
)
\n
"
),
N_
(
" -p port port on LDAP server
\n
"
),
N_
(
" -P version pro
cot
ol version (default: 3)
\n
"
),
N_
(
" -P version pro
toc
ol version (default: 3)
\n
"
),
N_
(
" -Q use SASL Quiet mode
\n
"
),
N_
(
" -R realm SASL realm
\n
"
),
N_
(
" -U authcid SASL authentication identity
\n
"
),
...
...
@@ -299,7 +354,7 @@ tool_args( int argc, char **argv )
}
binddn
=
ber_strdup
(
optarg
);
break
;
case
'e'
:
/* general extensions (controls and such) */
case
'e'
:
/* general extensions (controls and such) */
/* should be extended to support comma separated list of
* [!]key[=value] parameters, e.g. -e !foo,bar=567
*/
...
...
@@ -520,6 +575,55 @@ tool_args( int argc, char **argv )
gotintr
=
abcan
;
}
#ifdef LDAP_CONTROL_X_SESSION_TRACKING
}
else
if
(
strcasecmp
(
control
,
"sessiontracking"
)
==
0
)
{
if
(
sessionTracking
)
{
fprintf
(
stderr
,
"%s: session tracking can be only specified once
\n
"
,
prog
);
exit
(
EXIT_FAILURE
);
}
sessionTracking
=
1
;
#endif
/* LDAP_CONTROL_X_SESSION_TRACKING */
}
else
if
(
tool_is_oid
(
control
)
)
{
LDAPControl
*
tmpctrls
,
ctrl
;
tmpctrls
=
(
LDAPControl
*
)
realloc
(
unknown_ctrls
,
(
unknown_ctrls_num
+
1
)
*
sizeof
(
LDAPControl
)
);
if
(
tmpctrls
==
NULL
)
{
fprintf
(
stderr
,
"%s: no memory?
\n
"
,
prog
);
exit
(
EXIT_FAILURE
);
}
unknown_ctrls
=
tmpctrls
;
ctrl
.
ldctl_oid
=
control
;
ctrl
.
ldctl_value
.
bv_val
=
NULL
;
ctrl
.
ldctl_value
.
bv_len
=
0
;
ctrl
.
ldctl_iscritical
=
crit
;
if
(
cvalue
!=
NULL
)
{
struct
berval
bv
;
size_t
len
=
strlen
(
cvalue
);
int
retcode
;
bv
.
bv_len
=
LUTIL_BASE64_DECODE_LEN
(
len
);
bv
.
bv_val
=
ber_memalloc
(
bv
.
bv_len
+
1
);
retcode
=
lutil_b64_pton
(
cvalue
,
(
unsigned
char
*
)
bv
.
bv_val
,
bv
.
bv_len
);
if
(
retcode
==
-
1
||
retcode
>
bv
.
bv_len
)
{
fprintf
(
stderr
,
"Unable to parse value of general control %s
\n
"
,
control
);
usage
();
}
bv
.
bv_len
=
retcode
;
ctrl
.
ldctl_value
=
bv
;
}
unknown_ctrls
[
unknown_ctrls_num
]
=
ctrl
;
unknown_ctrls_num
++
;
}
else
{
fprintf
(
stderr
,
"Invalid general control name: %s
\n
"
,
control
);
...
...
@@ -893,6 +997,9 @@ tool_args( int argc, char **argv )
#ifdef LDAP_CONTROL_X_CHAINING_BEHAVIOR
chaining
||
#endif
#ifdef LDAP_CONTROL_X_SESSION_TRACKING
sessionTracking
||
#endif
/* LDAP_CONTROL_X_SESSION_TRACKING */
noop
||
ppolicy
||
preread
||
postread
)
{
fprintf
(
stderr
,
"%s: -e/-M incompatible with LDAPv2
\n
"
,
prog
);
...
...
@@ -957,6 +1064,137 @@ tool_conn_setup( int dont, void (*private_setup)( LDAP * ) )
url
.
lud_scope
=
LDAP_SCOPE_DEFAULT
;
ldapuri
=
ldap_url_desc2str
(
&
url
);
}
else
if
(
ldapuri
!=
NULL
)
{
LDAPURLDesc
*
ludlist
,
**
ludp
;
char
**
urls
=
NULL
;
int
nurls
=
0
;
rc
=
ldap_url_parselist
(
&
ludlist
,
ldapuri
);
if
(
rc
!=
LDAP_URL_SUCCESS
)
{
fprintf
(
stderr
,
"Could not parse LDAP URI(s)=%s (%d)
\n
"
,
ldapuri
,
rc
);
exit
(
EXIT_FAILURE
);
}
for
(
ludp
=
&
ludlist
;
*
ludp
!=
NULL
;
)
{
LDAPURLDesc
*
lud
=
*
ludp
;
char
**
tmp
;
if
(
lud
->
lud_dn
!=
NULL
&&
lud
->
lud_dn
[
0
]
!=
'\0'
&&
(
lud
->
lud_host
==
NULL
||
lud
->
lud_host
[
0
]
==
'\0'
)
)
{
/* if no host but a DN is provided,
* use DNS SRV to gather the host list
* and turn it into a list of URIs
* using the scheme provided */
char
*
domain
=
NULL
,
*
hostlist
=
NULL
,
**
hosts
=
NULL
;
int
i
,
len_proto
=
strlen
(
lud
->
lud_scheme
);
if
(
ldap_dn2domain
(
lud
->
lud_dn
,
&
domain
)
||
domain
==
NULL
)
{
fprintf
(
stderr
,
"DNS SRV: Could not turn "
"DN=
\"
%s
\"
into a domain
\n
"
,
lud
->
lud_dn
);
goto
dnssrv_free
;
}
rc
=
ldap_domain2hostlist
(
domain
,
&
hostlist
);
if
(
rc
)
{
fprintf
(
stderr
,
"DNS SRV: Could not turn "
"domain=%s into a hostlist
\n
"
,
domain
);
goto
dnssrv_free
;
}
hosts
=
ldap_str2charray
(
hostlist
,
" "
);
if
(
hosts
==
NULL
)
{
fprintf
(
stderr
,
"DNS SRV: Could not parse "
"hostlist=
\"
%s
\"\n
"
,
hostlist
);
goto
dnssrv_free
;
}
for
(
i
=
0
;
hosts
[
i
]
!=
NULL
;
i
++
)
/* count'em */
;
tmp
=
(
char
**
)
realloc
(
urls
,
sizeof
(
char
*
)
*
(
nurls
+
i
+
1
)
);
if
(
tmp
==
NULL
)
{
fprintf
(
stderr
,
"DNS SRV: out of memory?
\n
"
);
goto
dnssrv_free
;
}
urls
=
tmp
;
urls
[
nurls
]
=
NULL
;
for
(
i
=
0
;
hosts
[
i
]
!=
NULL
;
i
++
)
{
size_t
len
=
len_proto
+
STRLENOF
(
"://"
)
+
strlen
(
hosts
[
i
]
)
+
1
;
urls
[
nurls
+
i
+
1
]
=
NULL
;
urls
[
nurls
+
i
]
=
(
char
*
)
malloc
(
sizeof
(
char
)
*
len
);
if
(
urls
[
nurls
+
i
]
==
NULL
)
{
fprintf
(
stderr
,
"DNS SRV: out of memory?
\n
"
);
goto
dnssrv_free
;
}
snprintf
(
urls
[
nurls
+
i
],
len
,
"%s://%s"
,
lud
->
lud_scheme
,
hosts
[
i
]
);
}
nurls
+=
i
;
dnssrv_free:
;
ber_memvfree
(
(
void
**
)
hosts
);
ber_memfree
(
hostlist
);
ber_memfree
(
domain
);
}
else
{
tmp
=
(
char
**
)
realloc
(
urls
,
sizeof
(
char
*
)
*
(
nurls
+
2
)
);
if
(
tmp
==
NULL
)
{
fprintf
(
stderr
,
"DNS SRV: out of memory?
\n
"
);
break
;
}
urls
=
tmp
;
urls
[
nurls
+
1
]
=
NULL
;
urls
[
nurls
]
=
ldap_url_desc2str
(
lud
);
if
(
urls
[
nurls
]
==
NULL
)
{
fprintf
(
stderr
,
"DNS SRV: out of memory?
\n
"
);
break
;
}
nurls
++
;
}
*
ludp
=
lud
->
lud_next
;
lud
->
lud_next
=
NULL
;
ldap_free_urldesc
(
lud
);
}
if
(
ludlist
!=
NULL
)
{
ldap_free_urllist
(
ludlist
);
exit
(
EXIT_FAILURE
);
}
else
if
(
urls
==
NULL
)
{
exit
(
EXIT_FAILURE
);
}
ldap_memfree
(
ldapuri
);
ldapuri
=
ldap_charray2str
(
urls
,
" "
);
ber_memvfree
(
(
void
**
)
urls
);
}
if
(
verbose
)
{
...
...
@@ -1019,21 +1257,41 @@ void
tool_bind
(
LDAP
*
ld
)
{
LDAPControl
**
sctrlsp
=
NULL
;
LDAPControl
*
sctrls
[
2
];
LDAPControl
*
sctrls
[
3
];
LDAPControl
sctrl
[
3
];
int
nsctrls
=
0
;
#ifdef LDAP_CONTROL_PASSWORDPOLICYREQUEST
LDAPControl
c
;
if
(
ppolicy
)
{
LDAPControl
c
;
c
.
ldctl_oid
=
LDAP_CONTROL_PASSWORDPOLICYREQUEST
;
c
.
ldctl_value
.
bv_val
=
NULL
;
c
.
ldctl_value
.
bv_len
=
0
;
c
.
ldctl_iscritical
=
0
;
sctrls
[
nsctrls
]
=
&
c
;
sctrl
[
nsctrls
]
=
c
;
sctrls
[
nsctrls
]
=
&
sctrl
[
nsctrls
];
sctrls
[
++
nsctrls
]
=
NULL
;
}
#endif
#ifdef LDAP_CONTROL_X_SESSION_TRACKING
if
(
sessionTracking
)
{
LDAPControl
c
;
if
(
stValue
.
bv_val
==
NULL
&&
st_value
(
ld
,
&
stValue
)
)
{
exit
(
EXIT_FAILURE
);
}
c
.
ldctl_oid
=
LDAP_CONTROL_X_SESSION_TRACKING
;
c
.
ldctl_iscritical
=
0
;
ber_dupbv
(
&
c
.
ldctl_value
,
&
stValue
);
sctrl
[
nsctrls
]
=
c
;
sctrls
[
nsctrls
]
=
&
sctrl
[
nsctrls
];
sctrls
[
++
nsctrls
]
=
NULL
;
}
#endif
/* LDAP_CONTROL_X_SESSION_TRACKING */
if
(
nsctrls
)
{
sctrlsp
=
sctrls
;
}
...
...
@@ -1108,7 +1366,7 @@ tool_bind( LDAP *ld )
rc
=
ldap_parse_result
(
ld
,
result
,
&
err
,
&
matched
,
&
info
,
&
refs
,
&
ctrls
,
1
);
if
(
rc
!=
LDAP_SUCCESS
)
{
tool_perror
(
"ldap_bind parse result"
,
rc
,
NULL
,
NULL
,
NULL
,
NULL
);
tool_perror
(
"ldap_bind parse result"
,
rc
,
NULL
,
matched
,
info
,
refs
);
exit
(
LDAP_LOCAL_ERROR
);
}
...
...
@@ -1118,8 +1376,8 @@ tool_bind( LDAP *ld )
int
expire
,
grace
,
len
=
0
;
LDAPPasswordPolicyError
pErr
=
-
1
;
ctrl
=
ldap_
find_
control
(
LDAP_CONT