#ifdef HAVE_CONFIG_H #include <config.h> #endif #include <sys/stat.h> #include <unistd.h> #include <stdlib.h> #include <netdb.h> #include <netinet/in.h> #include <kdebug.h> #include <kinstance.h> #include <tdelocale.h> #ifdef HAVE_SASL_SASL_H //prefer libsasl2 #include <sasl/sasl.h> #else #ifdef HAVE_SASL_H #include <sasl.h> #endif #endif #include <tdeabc/ldif.h> #include "tdeio_ldap.h" using namespace TDEIO; using namespace TDEABC; extern "C" { int KDE_EXPORT kdemain(int argc, char **argv); } /** * The main program. */ int kdemain( int argc, char **argv ) { TDEInstance instance( "tdeio_ldap" ); kdDebug(7125) << "Starting " << getpid() << endl; if ( argc != 4 ) { kdError() << "Usage tdeio_ldap protocol pool app" << endl; return -1; } // let the protocol class do its work LDAPProtocol slave( argv[1], argv[ 2 ], argv[ 3 ] ); slave.dispatchLoop(); kdDebug( 7125 ) << "Done" << endl; return 0; } /** * Initialize the ldap slave */ LDAPProtocol::LDAPProtocol( const TQCString &protocol, const TQCString &pool, const TQCString &app ) : SlaveBase( protocol, pool, app ) { mLDAP = 0; mTLS = 0; mVer = 3; mAuthSASL = false; mRealm = ""; mBindName = ""; mTimeLimit = mSizeLimit = 0; kdDebug(7125) << "LDAPProtocol::LDAPProtocol (" << protocol << ")" << endl; } LDAPProtocol::~LDAPProtocol() { closeConnection(); } void LDAPProtocol::LDAPErr( const KURL &url, int err ) { char *errmsg = 0; if ( mLDAP ) { if ( err == LDAP_SUCCESS ) ldap_get_option( mLDAP, LDAP_OPT_ERROR_NUMBER, &err ); if ( err != LDAP_SUCCESS ) ldap_get_option( mLDAP, LDAP_OPT_ERROR_STRING, &errmsg ); } if ( err == LDAP_SUCCESS ) return; kdDebug(7125) << "error code: " << err << " msg: " << ldap_err2string(err) << " Additonal error message: '" << errmsg << "'" << endl; TQString msg; TQString extraMsg; if ( errmsg ) { if ( errmsg[0] ) extraMsg = i18n("\nAdditional info: ") + TQString::fromUtf8( errmsg ); free( errmsg ); } msg = url.prettyURL(); if ( !extraMsg.isEmpty() ) msg += extraMsg; /* FIXME: No need to close on all errors */ closeConnection(); switch (err) { /* FIXME: is it worth mapping the following error codes to tdeio errors? LDAP_OPERATIONS_ERROR LDAP_STRONG_AUTH_REQUIRED LDAP_PROTOCOL_ERROR LDAP_TIMELIMIT_EXCEEDED LDAP_SIZELIMIT_EXCEEDED LDAP_COMPARE_FALSE LDAP_COMPARE_TRUE LDAP_PARTIAL_RESULTS LDAP_NO_SUCH_ATTRIBUTE LDAP_UNDEFINED_TYPE LDAP_INAPPROPRIATE_MATCHING LDAP_CONSTRAINT_VIOLATION LDAP_INVALID_SYNTAX LDAP_NO_SUCH_OBJECT LDAP_ALIAS_PROBLEM LDAP_INVALID_DN_SYNTAX LDAP_IS_LEAF LDAP_ALIAS_DEREF_PROBLEM LDAP_INAPPROPRIATE_AUTH LDAP_BUSY LDAP_UNAVAILABLE LDAP_UNWILLING_TO_PERFORM LDAP_LOOP_DETECT LDAP_NAMING_VIOLATION LDAP_OBJECT_CLASS_VIOLATION LDAP_NOT_ALLOWED_ON_NONLEAF LDAP_NOT_ALLOWED_ON_RDN LDAP_NO_OBJECT_CLASS_MODS LDAP_OTHER LDAP_LOCAL_ERROR LDAP_ENCODING_ERROR LDAP_DECODING_ERROR LDAP_FILTER_ERROR */ case LDAP_AUTH_UNKNOWN: case LDAP_INVALID_CREDENTIALS: case LDAP_STRONG_AUTH_NOT_SUPPORTED: error(ERR_COULD_NOT_AUTHENTICATE, msg); break; case LDAP_ALREADY_EXISTS: error(ERR_FILE_ALREADY_EXIST, msg); break; case LDAP_INSUFFICIENT_ACCESS: error(ERR_ACCESS_DENIED, msg); break; case LDAP_CONNECT_ERROR: case LDAP_SERVER_DOWN: error(ERR_COULD_NOT_CONNECT,msg); break; case LDAP_TIMEOUT: error(ERR_SERVER_TIMEOUT,msg); break; case LDAP_PARAM_ERROR: error(ERR_INTERNAL,msg); break; case LDAP_NO_MEMORY: error(ERR_OUT_OF_MEMORY,msg); break; default: error( ERR_SLAVE_DEFINED, i18n( "LDAP server returned the error: %1 %2\nThe LDAP URL was: %3" ). arg( ldap_err2string(err)).arg( extraMsg ).arg( url.prettyURL() ) ); } } void LDAPProtocol::controlsFromMetaData( LDAPControl ***serverctrls, LDAPControl ***clientctrls ) { TQString oid; bool critical; TQByteArray value; int i = 0; while ( hasMetaData( TQString::fromLatin1("SERVER_CTRL%1").arg(i) ) ) { TQCString val = metaData( TQString::fromLatin1("SERVER_CTRL%1").arg(i) ).utf8(); LDIF::splitControl( val, oid, critical, value ); kdDebug(7125) << "server ctrl #" << i << " value: " << val << " oid: " << oid << " critical: " << critical << " value: " << TQString(TQString::fromUtf8( value, value.size() )) << endl; addControlOp( serverctrls, oid, value, critical ); i++; } i = 0; while ( hasMetaData( TQString::fromLatin1("CLIENT_CTRL%1").arg(i) ) ) { TQCString val = metaData( TQString::fromLatin1("CLIENT_CTRL%1").arg(i) ).utf8(); LDIF::splitControl( val, oid, critical, value ); kdDebug(7125) << "client ctrl #" << i << " value: " << val << " oid: " << oid << " critical: " << critical << " value: " << TQString(TQString::fromUtf8( value, value.size() )) << endl; addControlOp( clientctrls, oid, value, critical ); i++; } } int LDAPProtocol::asyncSearch( LDAPUrl &usrc ) { char **attrs = 0; int msgid; LDAPControl **serverctrls = 0, **clientctrls = 0; int count = usrc.attributes().count(); if ( count > 0 ) { attrs = static_cast<char**>( malloc((count+1) * sizeof(char*)) ); for (int i=0; i<count; i++) attrs[i] = strdup( (*usrc.attributes().at(i)).utf8() ); attrs[count] = 0; } int retval, scope = LDAP_SCOPE_BASE; switch ( usrc.scope() ) { case LDAPUrl::Base: scope = LDAP_SCOPE_BASE; break; case LDAPUrl::One: scope = LDAP_SCOPE_ONELEVEL; break; case LDAPUrl::Sub: scope = LDAP_SCOPE_SUBTREE; break; } controlsFromMetaData( &serverctrls, &clientctrls ); kdDebug(7125) << "asyncSearch() dn=\"" << usrc.dn() << "\" scope=" << usrc.scope() << " filter=\"" << usrc.filter() << "\" attrs=" << usrc.attributes() << endl; retval = ldap_search_ext( mLDAP, usrc.dn().utf8(), scope, usrc.filter().isEmpty() ? TQCString() : usrc.filter().utf8(), attrs, 0, serverctrls, clientctrls, 0, mSizeLimit, &msgid ); ldap_controls_free( serverctrls ); ldap_controls_free( clientctrls ); // free the attributes list again if ( count > 0 ) { for ( int i=0; i<count; i++ ) free( attrs[i] ); free(attrs); } if ( retval == 0 ) retval = msgid; return retval; } TQCString LDAPProtocol::LDAPEntryAsLDIF( LDAPMessage *message ) { TQCString result; char *name; struct berval **bvals; BerElement *entry; TQByteArray tmp; char *dn = ldap_get_dn( mLDAP, message ); if ( dn == NULL ) return TQCString( "" ); tmp.setRawData( dn, strlen( dn ) ); result += LDIF::assembleLine( "dn", tmp ) + '\n'; tmp.resetRawData( dn, strlen( dn ) ); ldap_memfree( dn ); // iterate over the attributes name = ldap_first_attribute(mLDAP, message, &entry); while ( name != 0 ) { // print the values bvals = ldap_get_values_len(mLDAP, message, name); if ( bvals ) { for ( int i = 0; bvals[i] != 0; i++ ) { char* val = bvals[i]->bv_val; unsigned long len = bvals[i]->bv_len; tmp.setRawData( val, len ); result += LDIF::assembleLine( TQString::fromUtf8( name ), tmp, 76 ) + '\n'; tmp.resetRawData( val, len ); } ldap_value_free_len(bvals); } ldap_memfree( name ); // next attribute name = ldap_next_attribute(mLDAP, message, entry); } return result; } void LDAPProtocol::addControlOp( LDAPControl ***pctrls, const TQString &oid, const TQByteArray &value, bool critical ) { LDAPControl **ctrls; LDAPControl *ctrl = (LDAPControl *) malloc( sizeof( LDAPControl ) ); ctrls = *pctrls; kdDebug(7125) << "addControlOp: oid:'" << oid << "' val: '" << TQString(TQString::fromUtf8(value, value.size())) << "'" << endl; int vallen = value.size(); ctrl->ldctl_value.bv_len = vallen; if ( vallen ) { ctrl->ldctl_value.bv_val = (char*) malloc( vallen ); memcpy( ctrl->ldctl_value.bv_val, value.data(), vallen ); } else { ctrl->ldctl_value.bv_val = 0; } ctrl->ldctl_iscritical = critical; ctrl->ldctl_oid = strdup( oid.utf8() ); uint i = 0; if ( ctrls == 0 ) { ctrls = (LDAPControl **) malloc ( 2 * sizeof( LDAPControl* ) ); ctrls[ 0 ] = 0; ctrls[ 1 ] = 0; } else { while ( ctrls[ i ] != 0 ) i++; ctrls[ i + 1 ] = 0; ctrls = (LDAPControl **) realloc( ctrls, (i + 2) * sizeof( LDAPControl * ) ); } ctrls[ i ] = ctrl; *pctrls = ctrls; } void LDAPProtocol::addModOp( LDAPMod ***pmods, int mod_type, const TQString &attr, const TQByteArray &value ) { // kdDebug(7125) << "type: " << mod_type << " attr: " << attr << // " value: " << TQString::fromUtf8(value,value.size()) << // " size: " << value.size() << endl; LDAPMod **mods; mods = *pmods; uint i = 0; if ( mods == 0 ) { mods = (LDAPMod **) malloc ( 2 * sizeof( LDAPMod* ) ); mods[ 0 ] = (LDAPMod*) malloc( sizeof( LDAPMod ) ); mods[ 1 ] = 0; memset( mods[ 0 ], 0, sizeof( LDAPMod ) ); } else { while( mods[ i ] != 0 && ( strcmp( attr.utf8(),mods[i]->mod_type ) != 0 || ( mods[ i ]->mod_op & ~LDAP_MOD_BVALUES ) != mod_type ) ) i++; if ( mods[ i ] == 0 ) { mods = ( LDAPMod ** )realloc( mods, (i + 2) * sizeof( LDAPMod * ) ); if ( mods == 0 ) { kdError() << "addModOp: realloc" << endl; return; } mods[ i + 1 ] = 0; mods[ i ] = ( LDAPMod* ) malloc( sizeof( LDAPMod ) ); memset( mods[ i ], 0, sizeof( LDAPMod ) ); } } mods[ i ]->mod_op = mod_type | LDAP_MOD_BVALUES; if ( mods[ i ]->mod_type == 0 ) mods[ i ]->mod_type = strdup( attr.utf8() ); *pmods = mods; int vallen = value.size(); if ( vallen == 0 ) return; BerValue *berval; berval = ( BerValue* ) malloc( sizeof( BerValue ) ); berval -> bv_val = (char*) malloc( vallen ); berval -> bv_len = vallen; memcpy( berval -> bv_val, value.data(), vallen ); if ( mods[ i ] -> mod_vals.modv_bvals == 0 ) { mods[ i ]->mod_vals.modv_bvals = ( BerValue** ) malloc( sizeof( BerValue* ) * 2 ); mods[ i ]->mod_vals.modv_bvals[ 0 ] = berval; mods[ i ]->mod_vals.modv_bvals[ 1 ] = 0; kdDebug(7125) << "addModOp: new bervalue struct " << endl; } else { uint j = 0; while ( mods[ i ]->mod_vals.modv_bvals[ j ] != 0 ) j++; mods[ i ]->mod_vals.modv_bvals = ( BerValue ** ) realloc( mods[ i ]->mod_vals.modv_bvals, (j + 2) * sizeof( BerValue* ) ); if ( mods[ i ]->mod_vals.modv_bvals == 0 ) { kdError() << "addModOp: realloc" << endl; return; } mods[ i ]->mod_vals.modv_bvals[ j ] = berval; mods[ i ]->mod_vals.modv_bvals[ j+1 ] = 0; kdDebug(7125) << j << ". new bervalue " << endl; } } void LDAPProtocol::LDAPEntry2UDSEntry( const TQString &dn, UDSEntry &entry, const LDAPUrl &usrc, bool dir ) { UDSAtom atom; int pos; entry.clear(); atom.m_uds = UDS_NAME; atom.m_long = 0; TQString name = dn; if ( (pos = name.find(",")) > 0 ) name = name.left( pos ); if ( (pos = name.find("=")) > 0 ) name.remove( 0, pos+1 ); name.replace(' ', "_"); if ( !dir ) name += ".ldif"; atom.m_str = name; entry.append( atom ); // the file type atom.m_uds = UDS_FILE_TYPE; atom.m_str = ""; atom.m_long = dir ? S_IFDIR : S_IFREG; entry.append( atom ); // the mimetype if (!dir) { atom.m_uds = UDS_MIME_TYPE; atom.m_long = 0; atom.m_str = "text/plain"; entry.append( atom ); } atom.m_uds = UDS_ACCESS; atom.m_long = dir ? 0500 : 0400; entry.append( atom ); // the url atom.m_uds = UDS_URL; atom.m_long = 0; LDAPUrl url; url=usrc; url.setPath("/"+dn); url.setScope( dir ? LDAPUrl::One : LDAPUrl::Base ); atom.m_str = url.prettyURL(); entry.append( atom ); } void LDAPProtocol::changeCheck( LDAPUrl &url ) { bool critical; bool tls = ( url.hasExtension( "x-tls" ) ); int ver = 3; if ( url.hasExtension( "x-ver" ) ) ver = url.extension( "x-ver", critical).toInt(); bool authSASL = url.hasExtension( "x-sasl" ); TQString mech; if ( url.hasExtension( "x-mech" ) ) mech = url.extension( "x-mech", critical).upper(); TQString realm; if ( url.hasExtension( "x-realm" ) ) mech = url.extension( "x-realm", critical).upper(); TQString bindname; if ( url.hasExtension( "bindname" ) ) bindname = url.extension( "bindname", critical).upper(); int timelimit = 0; if ( url.hasExtension( "x-timelimit" ) ) timelimit = url.extension( "x-timelimit", critical).toInt(); int sizelimit = 0; if ( url.hasExtension( "x-sizelimit" ) ) sizelimit = url.extension( "x-sizelimit", critical).toInt(); if ( !authSASL && bindname.isEmpty() ) bindname = mUser; if ( tls != mTLS || ver != mVer || authSASL != mAuthSASL || mech != mMech || mRealm != realm || mBindName != bindname || mTimeLimit != timelimit || mSizeLimit != sizelimit ) { closeConnection(); mTLS = tls; mVer = ver; mAuthSASL = authSASL; mMech = mech; mRealm = realm; mBindName = bindname; mTimeLimit = timelimit; mSizeLimit = sizelimit; kdDebug(7125) << "parameters changed: tls = " << mTLS << " version: " << mVer << "SASLauth: " << mAuthSASL << endl; openConnection(); if ( mAuthSASL ) { url.setUser( mUser ); } else { url.setUser( mBindName ); } } else { if ( !mLDAP ) openConnection(); } } void LDAPProtocol::setHost( const TQString& host, int port, const TQString& user, const TQString& password ) { if( mHost != host || mPort != port || mUser != user || mPassword != password ) closeConnection(); mHost = host; if( port > 0 ) mPort = port; else { struct servent *pse; if ( (pse = getservbyname(mProtocol, "tcp")) == NULL ) if ( mProtocol == "ldaps" ) mPort = 636; else mPort = 389; else mPort = ntohs( pse->s_port ); } mUser = user; mPassword = password; kdDebug(7125) << "setHost: " << host << " port: " << port << " user: " << mUser << " pass: [protected]" << endl; } static int kldap_sasl_interact( LDAP *, unsigned, void *slave, void *in ) { return ((LDAPProtocol*) slave)->saslInteract( in ); } void LDAPProtocol::fillAuthInfo( AuthInfo &info ) { info.url.setProtocol( mProtocol ); info.url.setHost( mHost ); info.url.setPort( mPort ); info.url.setUser( mUser ); info.caption = i18n("LDAP Login"); info.comment = TQString::fromLatin1( mProtocol ) + "://" + mHost + ":" + TQString::number( mPort ); info.commentLabel = i18n("site:"); info.username = mAuthSASL ? mUser : mBindName; info.password = mPassword; info.keepPassword = true; } int LDAPProtocol::saslInteract( void *in ) { #if defined HAVE_SASL_H || defined HAVE_SASL_SASL_H AuthInfo info; fillAuthInfo( info ); sasl_interact_t *interact = ( sasl_interact_t * ) in; //some mechanisms do not require username && pass, so it doesn't need a popup //window for getting this info for ( ; interact->id != SASL_CB_LIST_END; interact++ ) { if ( interact->id == SASL_CB_AUTHNAME || interact->id == SASL_CB_PASS ) { if ( info.username.isEmpty() || info.password.isEmpty() ) { const bool cached = checkCachedAuthentication( info ); if ( ! ( ( mFirstAuth && cached ) || ( mFirstAuth ? openPassDlg( info ) : openPassDlg( info, i18n("Invalid authorization information.") ) ) ) ) { kdDebug(7125) << "Dialog cancelled!" << endl; mCancel = true; return LDAP_USER_CANCELLED; } mUser = info.username; mPassword = info.password; } break; } } interact = ( sasl_interact_t * ) in; TQString value; while( interact->id != SASL_CB_LIST_END ) { value = ""; switch( interact->id ) { case SASL_CB_GETREALM: value = mRealm; kdDebug(7125) << "SASL_REALM=" << mRealm << endl; break; case SASL_CB_AUTHNAME: value = mUser; kdDebug(7125) << "SASL_AUTHNAME=" << mUser << endl; break; case SASL_CB_PASS: value = mPassword; kdDebug(7125) << "SASL_PASSWD=[hidden]" << endl; break; case SASL_CB_USER: value = mBindName; kdDebug(7125) << "SASL_AUTHZID=" << mBindName << endl; break; } if ( value.isEmpty() ) { interact->result = NULL; interact->len = 0; } else { interact->result = strdup( value.utf8() ); interact->len = strlen( (const char *) interact->result ); } interact++; } #endif return LDAP_SUCCESS; } void LDAPProtocol::openConnection() { if ( mLDAP ) return; int version,ret; version = ( mVer == 2 ) ? LDAP_VERSION2 : LDAP_VERSION3; KURL Url; Url.setProtocol( mProtocol ); Url.setHost( mHost ); Url.setPort( mPort ); AuthInfo info; fillAuthInfo( info ); /////////////////////////////////////////////////////////////////////////// kdDebug(7125) << "OpenConnection to " << mHost << ":" << mPort << endl; ret = ldap_initialize( &mLDAP, Url.htmlURL().utf8() ); if ( ret != LDAP_SUCCESS ) { LDAPErr( Url, ret ); return; } if ( (ldap_set_option( mLDAP, LDAP_OPT_PROTOCOL_VERSION, &version )) != LDAP_OPT_SUCCESS ) { closeConnection(); error( ERR_UNSUPPORTED_ACTION, i18n("Cannot set LDAP protocol version %1").arg(version) ); return; } if ( mTLS ) { kdDebug(7125) << "start TLS" << endl; if ( ( ret = ldap_start_tls_s( mLDAP, NULL, NULL ) ) != LDAP_SUCCESS ) { LDAPErr( Url ); return; } } if ( mSizeLimit ) { kdDebug(7125) << "sizelimit: " << mSizeLimit << endl; if ( ldap_set_option( mLDAP, LDAP_OPT_SIZELIMIT, &mSizeLimit ) != LDAP_SUCCESS ) { closeConnection(); error( ERR_UNSUPPORTED_ACTION, i18n("Cannot set size limit.")); return; } } if ( mTimeLimit ) { kdDebug(7125) << "timelimit: " << mTimeLimit << endl; if ( ldap_set_option( mLDAP, LDAP_OPT_TIMELIMIT, &mTimeLimit ) != LDAP_SUCCESS ) { closeConnection(); error( ERR_UNSUPPORTED_ACTION, i18n("Cannot set time limit.")); return; } } #if !defined HAVE_SASL_H && !defined HAVE_SASL_SASL_H if ( mAuthSASL ) { closeConnection(); error( ERR_SLAVE_DEFINED, i18n("SASL authentication not compiled into the ldap ioslave.") ); return; } #endif bool auth = false; TQString mechanism = mMech.isEmpty() ? "DIGEST-MD5" : mMech; mFirstAuth = true; mCancel = false; const bool cached = checkCachedAuthentication( info ); ret = LDAP_SUCCESS; while (!auth) { if ( !mAuthSASL && ( ( mFirstAuth && !( mBindName.isEmpty() && mPassword.isEmpty() ) && //For anonymous bind ( mBindName.isEmpty() || mPassword.isEmpty() ) ) || !mFirstAuth ) ) { if ( ( mFirstAuth && cached ) || ( mFirstAuth ? openPassDlg( info ) : openPassDlg( info, i18n("Invalid authorization information.") ) ) ) { mBindName = info.username; mPassword = info.password; } else { kdDebug(7125) << "Dialog cancelled!" << endl; error( ERR_USER_CANCELED, TQString::null ); closeConnection(); return; } } kdDebug(7125) << "user: " << mUser << " bindname: " << mBindName << endl; ret = #if defined HAVE_SASL_H || defined HAVE_SASL_SASL_H mAuthSASL ? ldap_sasl_interactive_bind_s( mLDAP, NULL, mechanism.utf8(), NULL, NULL, LDAP_SASL_INTERACTIVE, &kldap_sasl_interact, this ) : #endif ldap_simple_bind_s( mLDAP, mBindName.utf8(), mPassword.utf8() ); mFirstAuth = false; if ( ret != LDAP_INVALID_CREDENTIALS && ret != LDAP_INSUFFICIENT_ACCESS && ret != LDAP_INAPPROPRIATE_AUTH ) { kdDebug(7125) << "ldap_bind retval: " << ret << endl; auth = true; if ( ret != LDAP_SUCCESS ) { if ( mCancel ) error( ERR_USER_CANCELED, TQString::null ); else LDAPErr( Url ); closeConnection(); return; } } } kdDebug(7125) << "connected!" << endl; connected(); } void LDAPProtocol::closeConnection() { if (mLDAP) ldap_unbind(mLDAP); mLDAP = 0; kdDebug(7125) << "connection closed!" << endl; } /** * Get the information contained in the URL. */ void LDAPProtocol::get( const KURL &_url ) { kdDebug(7125) << "get(" << _url << ")" << endl; LDAPUrl usrc(_url); int ret, id; LDAPMessage *msg,*entry; changeCheck( usrc ); if ( !mLDAP ) { finished(); return; } if ( (id = asyncSearch( usrc )) == -1 ) { LDAPErr( _url ); return; } // tell the mimetype mimeType("text/plain"); // collect the result TQCString result; filesize_t processed_size = 0; TQByteArray array; while( true ) { ret = ldap_result( mLDAP, id, 0, NULL, &msg ); if ( ret == -1 ) { LDAPErr( _url ); return; } kdDebug(7125) << " ldap_result: " << ret << endl; if ( ret == LDAP_RES_SEARCH_RESULT ) break; if ( ret != LDAP_RES_SEARCH_ENTRY ) continue; entry = ldap_first_entry( mLDAP, msg ); while ( entry ) { result = LDAPEntryAsLDIF(entry); result += '\n'; uint len = result.length(); processed_size += len; array.setRawData( result.data(), len ); data(array); processedSize( processed_size ); array.resetRawData( result.data(), len ); entry = ldap_next_entry( mLDAP, entry ); } LDAPErr( _url ); ldap_msgfree(msg); // tell the length } totalSize(processed_size); array.resize(0); // tell we are finished data(array); // tell we are finished finished(); } /** * Test if the url contains a directory or a file. */ void LDAPProtocol::stat( const KURL &_url ) { kdDebug(7125) << "stat(" << _url << ")" << endl; TQStringList att,saveatt; LDAPUrl usrc(_url); LDAPMessage *msg; int ret, id; changeCheck( usrc ); if ( !mLDAP ) { finished(); return; } // look how many entries match saveatt = usrc.attributes(); att.append( "dn" ); usrc.setAttributes( att ); if ( _url.query().isEmpty() ) usrc.setScope( LDAPUrl::One ); if ( (id = asyncSearch( usrc )) == -1 ) { LDAPErr( _url ); return; } kdDebug(7125) << "stat() getting result" << endl; do { ret = ldap_result( mLDAP, id, 0, NULL, &msg ); if ( ret == -1 ) { LDAPErr( _url ); return; } if ( ret == LDAP_RES_SEARCH_RESULT ) { ldap_msgfree( msg ); error( ERR_DOES_NOT_EXIST, _url.prettyURL() ); return; } } while ( ret != LDAP_RES_SEARCH_ENTRY ); ldap_msgfree( msg ); ldap_abandon( mLDAP, id ); usrc.setAttributes( saveatt ); UDSEntry uds; bool critical; LDAPEntry2UDSEntry( usrc.dn(), uds, usrc, usrc.extension("x-dir", critical) != "base" ); statEntry( uds ); // we are done finished(); } /** * Deletes one entry; */ void LDAPProtocol::del( const KURL &_url, bool ) { kdDebug(7125) << "del(" << _url << ")" << endl; LDAPUrl usrc(_url); int ret; changeCheck( usrc ); if ( !mLDAP ) { finished(); return; } kdDebug(7125) << " del: " << usrc.dn().utf8() << endl ; if ( (ret = ldap_delete_s( mLDAP,usrc.dn().utf8() )) != LDAP_SUCCESS ) { LDAPErr( _url ); return; } finished(); } #define FREELDAPMEM { \ ldap_mods_free( lmod, 1 ); \ ldap_controls_free( serverctrls ); \ ldap_controls_free( clientctrls ); \ lmod = 0; serverctrls = 0; clientctrls = 0; \ } void LDAPProtocol::put( const KURL &_url, int, bool overwrite, bool ) { kdDebug(7125) << "put(" << _url << ")" << endl; LDAPUrl usrc(_url); changeCheck( usrc ); if ( !mLDAP ) { finished(); return; } LDAPMod **lmod = 0; LDAPControl **serverctrls = 0, **clientctrls = 0; TQByteArray buffer; int result = 0; LDIF::ParseVal ret; LDIF ldif; ret = LDIF::MoreData; int ldaperr; do { if ( ret == LDIF::MoreData ) { dataReq(); // Request for data result = readData( buffer ); ldif.setLDIF( buffer ); } if ( result < 0 ) { //error FREELDAPMEM; return; } if ( result == 0 ) { kdDebug(7125) << "EOF!" << endl; ldif.endLDIF(); } do { ret = ldif.nextItem(); kdDebug(7125) << "nextitem: " << ret << endl; switch ( ret ) { case LDIF::None: case LDIF::NewEntry: case LDIF::MoreData: break; case LDIF::EndEntry: ldaperr = LDAP_SUCCESS; switch ( ldif.entryType() ) { case LDIF::Entry_None: error( ERR_INTERNAL, i18n("The LDIF parser failed.") ); FREELDAPMEM; return; case LDIF::Entry_Del: kdDebug(7125) << "tdeio_ldap_del" << endl; controlsFromMetaData( &serverctrls, &clientctrls ); ldaperr = ldap_delete_ext_s( mLDAP, ldif.dn().utf8(), serverctrls, clientctrls ); FREELDAPMEM; break; case LDIF::Entry_Modrdn: kdDebug(7125) << "tdeio_ldap_modrdn olddn:" << ldif.dn() << " newRdn: " << ldif.newRdn() << " newSuperior: " << ldif.newSuperior() << " deloldrdn: " << ldif.delOldRdn() << endl; controlsFromMetaData( &serverctrls, &clientctrls ); ldaperr = ldap_rename_s( mLDAP, ldif.dn().utf8(), ldif.newRdn().utf8(), ldif.newSuperior().isEmpty() ? TQCString() : ldif.newSuperior().utf8(), ldif.delOldRdn(), serverctrls, clientctrls ); FREELDAPMEM; break; case LDIF::Entry_Mod: kdDebug(7125) << "tdeio_ldap_mod" << endl; if ( lmod ) { controlsFromMetaData( &serverctrls, &clientctrls ); ldaperr = ldap_modify_ext_s( mLDAP, ldif.dn().utf8(), lmod, serverctrls, clientctrls ); FREELDAPMEM; } break; case LDIF::Entry_Add: kdDebug(7125) << "tdeio_ldap_add " << ldif.dn() << endl; if ( lmod ) { controlsFromMetaData( &serverctrls, &clientctrls ); ldaperr = ldap_add_ext_s( mLDAP, ldif.dn().utf8(), lmod, serverctrls, clientctrls ); if ( ldaperr == LDAP_ALREADY_EXISTS && overwrite ) { kdDebug(7125) << ldif.dn() << " already exists, delete first" << endl; ldaperr = ldap_delete_s( mLDAP, ldif.dn().utf8() ); if ( ldaperr == LDAP_SUCCESS ) ldaperr = ldap_add_ext_s( mLDAP, ldif.dn().utf8(), lmod, serverctrls, clientctrls ); } FREELDAPMEM; } break; } if ( ldaperr != LDAP_SUCCESS ) { kdDebug(7125) << "put ldap error: " << ldap_err2string(ldaperr) << endl; LDAPErr( _url ); FREELDAPMEM; return; } break; case LDIF::Item: switch ( ldif.entryType() ) { case LDIF::Entry_Mod: { int modtype = 0; switch ( ldif.modType() ) { case LDIF::Mod_None: modtype = 0; break; case LDIF::Mod_Add: modtype = LDAP_MOD_ADD; break; case LDIF::Mod_Replace: modtype = LDAP_MOD_REPLACE; break; case LDIF::Mod_Del: modtype = LDAP_MOD_DELETE; break; } addModOp( &lmod, modtype, ldif.attr(), ldif.val() ); break; } case LDIF::Entry_Add: if ( ldif.val().size() > 0 ) addModOp( &lmod, 0, ldif.attr(), ldif.val() ); break; default: error( ERR_INTERNAL, i18n("The LDIF parser failed.") ); FREELDAPMEM; return; } break; case LDIF::Control: addControlOp( &serverctrls, ldif.oid(), ldif.val(), ldif.critical() ); break; case LDIF::Err: error( ERR_SLAVE_DEFINED, i18n( "Invalid LDIF file in line %1." ).arg( ldif.lineNo() ) ); FREELDAPMEM; return; } } while ( ret != LDIF::MoreData ); } while ( result > 0 ); FREELDAPMEM; finished(); } /** * List the contents of a directory. */ void LDAPProtocol::listDir( const KURL &_url ) { int ret, ret2, id, id2; unsigned long total=0; char *dn; TQStringList att,saveatt; LDAPMessage *entry,*msg,*entry2,*msg2; LDAPUrl usrc(_url),usrc2; bool critical; bool isSub = ( usrc.extension( "x-dir", critical ) == "sub" ); kdDebug(7125) << "listDir(" << _url << ")" << endl; changeCheck( usrc ); if ( !mLDAP ) { finished(); return; } usrc2 = usrc; saveatt = usrc.attributes(); // look up the entries if ( isSub ) { att.append("dn"); usrc.setAttributes(att); } if ( _url.query().isEmpty() ) usrc.setScope( LDAPUrl::One ); if ( (id = asyncSearch( usrc )) == -1 ) { LDAPErr( _url ); return; } usrc.setAttributes( "" ); usrc.setExtension( "x-dir", "base" ); // publish the results UDSEntry uds; while( true ) { ret = ldap_result( mLDAP, id, 0, NULL, &msg ); if ( ret == -1 ) { LDAPErr( _url ); return; } if ( ret == LDAP_RES_SEARCH_RESULT ) break; if ( ret != LDAP_RES_SEARCH_ENTRY ) continue; kdDebug(7125) << " ldap_result: " << ret << endl; entry = ldap_first_entry( mLDAP, msg ); while( entry ) { total++; uds.clear(); dn = ldap_get_dn( mLDAP, entry ); kdDebug(7125) << "dn: " << dn << endl; LDAPEntry2UDSEntry( TQString::fromUtf8(dn), uds, usrc ); listEntry( uds, false ); // processedSize( total ); kdDebug(7125) << " total: " << total << " " << usrc.prettyURL() << endl; // publish the sub-directories (if dirmode==sub) if ( isSub ) { usrc2.setDn( TQString::fromUtf8( dn ) ); usrc2.setScope( LDAPUrl::One ); usrc2.setAttributes( att ); usrc2.setFilter( TQString::null ); kdDebug(7125) << "search2 " << dn << endl; if ( (id2 = asyncSearch( usrc2 )) != -1 ) { while ( true ) { kdDebug(7125) << " next result " << endl; ret2 = ldap_result( mLDAP, id2, 0, NULL, &msg2 ); if ( ret2 == -1 ) break; if ( ret2 == LDAP_RES_SEARCH_RESULT ) { ldap_msgfree( msg2 ); break; } if ( ret2 == LDAP_RES_SEARCH_ENTRY ) { entry2=ldap_first_entry( mLDAP, msg2 ); if ( entry2 ) { usrc2.setAttributes( saveatt ); usrc2.setFilter( usrc.filter() ); LDAPEntry2UDSEntry( TQString::fromUtf8( dn ), uds, usrc2, true ); listEntry( uds, false ); total++; } ldap_msgfree( msg2 ); ldap_abandon( mLDAP, id2 ); break; } } } } free( dn ); entry = ldap_next_entry( mLDAP, entry ); } LDAPErr( _url ); ldap_msgfree( msg ); } // totalSize( total ); uds.clear(); listEntry( uds, true ); // we are done finished(); }