2 Unix SMB/CIFS implementation.
3 Infrastructure for async ldap client requests
4 Copyright (C) Volker Lendecke 2009
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
22 bool tevent_req_is_ldap_error(struct tevent_req *req, int *perr)
24 enum tevent_req_state state;
27 if (!tevent_req_is_error(req, &state, &err)) {
31 case TEVENT_REQ_TIMED_OUT:
32 *perr = TLDAP_TIMEOUT;
34 case TEVENT_REQ_NO_MEMORY:
35 *perr = TLDAP_NO_MEMORY;
37 case TEVENT_REQ_USER_ERROR:
41 *perr = TLDAP_OPERATIONS_ERROR;
47 struct tldap_ctx_attribute {
52 struct tldap_context {
57 struct tstream_context *conn;
60 struct tevent_queue *outgoing;
61 struct tevent_req **pending;
63 /* For the sync wrappers we need something like get_last_error... */
64 struct tldap_message *last_msg;
67 void (*log_fn)(void *context, enum tldap_debug_level level,
68 const char *fmt, va_list ap);
71 struct tldap_ctx_attribute *ctx_attrs;
74 struct tldap_message {
75 struct asn1_data *data;
82 struct tldap_attribute *attribs;
84 /* Error data sent by the server */
87 char *res_diagnosticmessage;
89 struct tldap_control *res_sctrls;
91 /* Controls sent by the server */
92 struct tldap_control *ctrls;
95 void tldap_set_debug(struct tldap_context *ld,
96 void (*log_fn)(void *log_private,
97 enum tldap_debug_level level,
99 va_list ap) PRINTF_ATTRIBUTE(3,0),
103 ld->log_private = log_private;
106 static void tldap_debug(struct tldap_context *ld,
107 enum tldap_debug_level level,
108 const char *fmt, ...)
114 if (ld->log_fn == NULL) {
118 ld->log_fn(ld->log_private, level, fmt, ap);
122 static int tldap_next_msgid(struct tldap_context *ld)
126 result = ld->msgid++;
127 if (ld->msgid == 2147483647) {
133 struct tldap_context *tldap_context_create(TALLOC_CTX *mem_ctx, int fd)
135 struct tldap_context *ctx;
138 ctx = talloc_zero(mem_ctx, struct tldap_context);
142 ret = tstream_bsd_existing_socket(ctx, fd, &ctx->conn);
149 ctx->outgoing = tevent_queue_create(ctx, "tldap_outgoing");
150 if (ctx->outgoing == NULL) {
157 bool tldap_connection_ok(struct tldap_context *ld)
162 return !ld->server_down;
165 static struct tldap_ctx_attribute *tldap_context_findattr(
166 struct tldap_context *ld, const char *name)
170 num_attrs = talloc_array_length(ld->ctx_attrs);
172 for (i=0; i<num_attrs; i++) {
173 if (strcmp(ld->ctx_attrs[i].name, name) == 0) {
174 return &ld->ctx_attrs[i];
180 bool tldap_context_setattr(struct tldap_context *ld,
181 const char *name, const void *_pptr)
183 struct tldap_ctx_attribute *tmp, *attr;
186 void **pptr = (void **)_pptr;
188 attr = tldap_context_findattr(ld, name);
191 * We don't actually delete attrs, we don't expect tons of
192 * attributes being shuffled around.
194 TALLOC_FREE(attr->ptr);
196 attr->ptr = talloc_move(ld->ctx_attrs, pptr);
202 tmpname = talloc_strdup(ld, name);
203 if (tmpname == NULL) {
207 num_attrs = talloc_array_length(ld->ctx_attrs);
209 tmp = talloc_realloc(ld, ld->ctx_attrs, struct tldap_ctx_attribute,
212 TALLOC_FREE(tmpname);
215 tmp[num_attrs].name = talloc_move(tmp, &tmpname);
217 tmp[num_attrs].ptr = talloc_move(tmp, pptr);
219 tmp[num_attrs].ptr = NULL;
226 void *tldap_context_getattr(struct tldap_context *ld, const char *name)
228 struct tldap_ctx_attribute *attr = tldap_context_findattr(ld, name);
236 struct read_ldap_state {
241 static ssize_t read_ldap_more(uint8_t *buf, size_t buflen, void *private_data);
242 static void read_ldap_done(struct tevent_req *subreq);
244 static struct tevent_req *read_ldap_send(TALLOC_CTX *mem_ctx,
245 struct tevent_context *ev,
246 struct tstream_context *conn)
248 struct tevent_req *req, *subreq;
249 struct read_ldap_state *state;
251 req = tevent_req_create(mem_ctx, &state, struct read_ldap_state);
257 subreq = tstream_read_packet_send(state, ev, conn, 2, read_ldap_more,
259 if (tevent_req_nomem(subreq, req)) {
260 return tevent_req_post(req, ev);
262 tevent_req_set_callback(subreq, read_ldap_done, req);
266 static ssize_t read_ldap_more(uint8_t *buf, size_t buflen, void *private_data)
268 struct read_ldap_state *state = talloc_get_type_abort(
269 private_data, struct read_ldap_state);
274 /* We've been here, we're done */
279 * From ldap.h: LDAP_TAG_MESSAGE is 0x30
281 if (buf[0] != 0x30) {
286 if ((len & 0x80) == 0) {
291 lensize = (len & 0x7f);
295 /* Please get us the full length */
298 if (buflen > 2 + lensize) {
302 if (buflen != 2 + lensize) {
306 for (i=0; i<lensize; i++) {
307 len = (len << 8) | buf[2+i];
312 static void read_ldap_done(struct tevent_req *subreq)
314 struct tevent_req *req = tevent_req_callback_data(
315 subreq, struct tevent_req);
316 struct read_ldap_state *state = tevent_req_data(
317 req, struct read_ldap_state);
321 nread = tstream_read_packet_recv(subreq, state, &state->buf, &err);
324 tevent_req_error(req, err);
327 tevent_req_done(req);
330 static ssize_t read_ldap_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
331 uint8_t **pbuf, int *perrno)
333 struct read_ldap_state *state = tevent_req_data(
334 req, struct read_ldap_state);
336 if (tevent_req_is_unix_error(req, perrno)) {
339 *pbuf = talloc_move(mem_ctx, &state->buf);
340 return talloc_get_size(*pbuf);
343 struct tldap_msg_state {
344 struct tldap_context *ld;
345 struct tevent_context *ev;
349 struct asn1_data *data;
353 static void tldap_push_controls(struct asn1_data *data,
354 struct tldap_control *sctrls,
359 if ((sctrls == NULL) || (num_sctrls == 0)) {
363 asn1_push_tag(data, ASN1_CONTEXT(0));
365 for (i=0; i<num_sctrls; i++) {
366 struct tldap_control *c = &sctrls[i];
367 asn1_push_tag(data, ASN1_SEQUENCE(0));
368 asn1_write_OctetString(data, c->oid, strlen(c->oid));
370 asn1_write_BOOLEAN(data, true);
372 if (c->value.data != NULL) {
373 asn1_write_OctetString(data, c->value.data,
376 asn1_pop_tag(data); /* ASN1_SEQUENCE(0) */
379 asn1_pop_tag(data); /* ASN1_CONTEXT(0) */
382 static void tldap_msg_sent(struct tevent_req *subreq);
383 static void tldap_msg_received(struct tevent_req *subreq);
385 static struct tevent_req *tldap_msg_send(TALLOC_CTX *mem_ctx,
386 struct tevent_context *ev,
387 struct tldap_context *ld,
388 int id, struct asn1_data *data,
389 struct tldap_control *sctrls,
392 struct tevent_req *req, *subreq;
393 struct tldap_msg_state *state;
396 tldap_debug(ld, TLDAP_DEBUG_TRACE, "tldap_msg_send: sending msg %d\n",
399 req = tevent_req_create(mem_ctx, &state, struct tldap_msg_state);
407 if (state->ld->server_down) {
408 tevent_req_error(req, TLDAP_SERVER_DOWN);
409 return tevent_req_post(req, ev);
412 tldap_push_controls(data, sctrls, num_sctrls);
416 if (!asn1_blob(data, &blob)) {
417 tevent_req_error(req, TLDAP_ENCODING_ERROR);
418 return tevent_req_post(req, ev);
421 state->iov.iov_base = blob.data;
422 state->iov.iov_len = blob.length;
424 subreq = tstream_writev_queue_send(state, ev, ld->conn, ld->outgoing,
426 if (tevent_req_nomem(subreq, req)) {
427 return tevent_req_post(req, ev);
429 tevent_req_set_callback(subreq, tldap_msg_sent, req);
433 static void tldap_msg_unset_pending(struct tevent_req *req)
435 struct tldap_msg_state *state = tevent_req_data(
436 req, struct tldap_msg_state);
437 struct tldap_context *ld = state->ld;
438 int num_pending = talloc_array_length(ld->pending);
441 if (num_pending == 1) {
442 TALLOC_FREE(ld->pending);
446 for (i=0; i<num_pending; i++) {
447 if (req == ld->pending[i]) {
451 if (i == num_pending) {
453 * Something's seriously broken. Just returning here is the
454 * right thing nevertheless, the point of this routine is to
455 * remove ourselves from cli->pending.
461 * Remove ourselves from the cli->pending array
463 if (num_pending > 1) {
464 ld->pending[i] = ld->pending[num_pending-1];
468 * No NULL check here, we're shrinking by sizeof(void *), and
469 * talloc_realloc just adjusts the size for this.
471 ld->pending = talloc_realloc(NULL, ld->pending, struct tevent_req *,
476 static int tldap_msg_destructor(struct tevent_req *req)
478 tldap_msg_unset_pending(req);
482 static bool tldap_msg_set_pending(struct tevent_req *req)
484 struct tldap_msg_state *state = tevent_req_data(
485 req, struct tldap_msg_state);
486 struct tldap_context *ld;
487 struct tevent_req **pending;
489 struct tevent_req *subreq;
492 num_pending = talloc_array_length(ld->pending);
494 pending = talloc_realloc(ld, ld->pending, struct tevent_req *,
496 if (pending == NULL) {
499 pending[num_pending] = req;
500 ld->pending = pending;
501 talloc_set_destructor(req, tldap_msg_destructor);
503 if (num_pending > 0) {
508 * We're the first ones, add the read_ldap request that waits for the
509 * answer from the server
511 subreq = read_ldap_send(ld->pending, state->ev, ld->conn);
512 if (subreq == NULL) {
513 tldap_msg_unset_pending(req);
516 tevent_req_set_callback(subreq, tldap_msg_received, ld);
520 static void tldap_msg_sent(struct tevent_req *subreq)
522 struct tevent_req *req = tevent_req_callback_data(
523 subreq, struct tevent_req);
524 struct tldap_msg_state *state = tevent_req_data(
525 req, struct tldap_msg_state);
529 nwritten = tstream_writev_queue_recv(subreq, &err);
531 if (nwritten == -1) {
532 state->ld->server_down = true;
533 tevent_req_error(req, TLDAP_SERVER_DOWN);
537 if (!tldap_msg_set_pending(req)) {
538 tevent_req_nomem(NULL, req);
543 static int tldap_msg_msgid(struct tevent_req *req)
545 struct tldap_msg_state *state = tevent_req_data(
546 req, struct tldap_msg_state);
551 static void tldap_msg_received(struct tevent_req *subreq)
553 struct tldap_context *ld = tevent_req_callback_data(
554 subreq, struct tldap_context);
555 struct tevent_req *req;
556 struct tldap_msg_state *state;
557 struct tevent_context *ev;
558 struct asn1_data *data;
567 received = read_ldap_recv(subreq, talloc_tos(), &inbuf, &err);
569 if (received == -1) {
570 status = TLDAP_SERVER_DOWN;
574 data = asn1_init(talloc_tos());
576 status = TLDAP_NO_MEMORY;
579 asn1_load_nocopy(data, inbuf, received);
582 ok &= asn1_start_tag(data, ASN1_SEQUENCE(0));
583 ok &= asn1_read_Integer(data, &id);
584 ok &= asn1_peek_uint8(data, &type);
587 status = TLDAP_PROTOCOL_ERROR;
591 tldap_debug(ld, TLDAP_DEBUG_TRACE, "tldap_msg_received: got msg %d "
592 "type %d\n", id, (int)type);
594 num_pending = talloc_array_length(ld->pending);
596 for (i=0; i<num_pending; i++) {
597 if (id == tldap_msg_msgid(ld->pending[i])) {
601 if (i == num_pending) {
602 /* Dump unexpected reply */
603 tldap_debug(ld, TLDAP_DEBUG_WARNING, "tldap_msg_received: "
604 "No request pending for msg %d\n", id);
610 req = ld->pending[i];
611 state = tevent_req_data(req, struct tldap_msg_state);
613 state->inbuf = talloc_move(state, &inbuf);
614 state->data = talloc_move(state, &data);
618 talloc_set_destructor(req, NULL);
619 tldap_msg_unset_pending(req);
620 num_pending = talloc_array_length(ld->pending);
622 tevent_req_done(req);
625 if (num_pending == 0) {
628 if (talloc_array_length(ld->pending) > num_pending) {
630 * The callback functions called from tevent_req_done() above
631 * have put something on the pending queue. We don't have to
632 * trigger the read_ldap_send(), tldap_msg_set_pending() has
633 * done it for us already.
638 state = tevent_req_data(ld->pending[0], struct tldap_msg_state);
639 subreq = read_ldap_send(ld->pending, state->ev, ld->conn);
640 if (subreq == NULL) {
641 status = TLDAP_NO_MEMORY;
644 tevent_req_set_callback(subreq, tldap_msg_received, ld);
648 while (talloc_array_length(ld->pending) > 0) {
649 req = ld->pending[0];
650 talloc_set_destructor(req, NULL);
651 tldap_msg_destructor(req);
652 tevent_req_error(req, status);
656 static int tldap_msg_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
657 struct tldap_message **pmsg)
659 struct tldap_msg_state *state = tevent_req_data(
660 req, struct tldap_msg_state);
661 struct tldap_message *msg;
665 if (tevent_req_is_ldap_error(req, &err)) {
669 if (!asn1_peek_uint8(state->data, &msgtype)) {
670 return TLDAP_PROTOCOL_ERROR;
674 return TLDAP_SUCCESS;
677 msg = talloc_zero(mem_ctx, struct tldap_message);
679 return TLDAP_NO_MEMORY;
683 msg->inbuf = talloc_move(msg, &state->inbuf);
684 msg->data = talloc_move(msg, &state->data);
688 return TLDAP_SUCCESS;
691 struct tldap_req_state {
693 struct asn1_data *out;
694 struct tldap_message *result;
697 static struct tevent_req *tldap_req_create(TALLOC_CTX *mem_ctx,
698 struct tldap_context *ld,
699 struct tldap_req_state **pstate)
701 struct tevent_req *req;
702 struct tldap_req_state *state;
704 req = tevent_req_create(mem_ctx, &state, struct tldap_req_state);
709 state->out = asn1_init(state);
710 if (state->out == NULL) {
714 state->result = NULL;
715 state->id = tldap_next_msgid(ld);
717 asn1_push_tag(state->out, ASN1_SEQUENCE(0));
718 asn1_write_Integer(state->out, state->id);
724 static void tldap_save_msg(struct tldap_context *ld, struct tevent_req *req)
726 struct tldap_req_state *state = tevent_req_data(
727 req, struct tldap_req_state);
729 TALLOC_FREE(ld->last_msg);
730 ld->last_msg = talloc_move(ld, &state->result);
733 static char *blob2string_talloc(TALLOC_CTX *mem_ctx, DATA_BLOB blob)
735 char *result = talloc_array(mem_ctx, char, blob.length+1);
736 memcpy(result, blob.data, blob.length);
737 result[blob.length] = '\0';
741 static bool asn1_read_OctetString_talloc(TALLOC_CTX *mem_ctx,
742 struct asn1_data *data,
746 if (!asn1_read_OctetString(data, mem_ctx, &string))
748 *result = blob2string_talloc(mem_ctx, string);
749 data_blob_free(&string);
753 static bool tldap_decode_controls(struct tldap_req_state *state);
755 static bool tldap_decode_response(struct tldap_req_state *state)
757 struct asn1_data *data = state->result->data;
758 struct tldap_message *msg = state->result;
761 ok &= asn1_read_enumerated(data, &msg->lderr);
762 ok &= asn1_read_OctetString_talloc(msg, data, &msg->res_matcheddn);
763 ok &= asn1_read_OctetString_talloc(msg, data,
764 &msg->res_diagnosticmessage);
765 if (asn1_peek_tag(data, ASN1_CONTEXT(3))) {
766 ok &= asn1_start_tag(data, ASN1_CONTEXT(3));
767 ok &= asn1_read_OctetString_talloc(msg, data,
769 ok &= asn1_end_tag(data);
771 msg->res_referral = NULL;
777 static void tldap_sasl_bind_done(struct tevent_req *subreq);
779 struct tevent_req *tldap_sasl_bind_send(TALLOC_CTX *mem_ctx,
780 struct tevent_context *ev,
781 struct tldap_context *ld,
783 const char *mechanism,
785 struct tldap_control *sctrls,
787 struct tldap_control *cctrls,
790 struct tevent_req *req, *subreq;
791 struct tldap_req_state *state;
793 req = tldap_req_create(mem_ctx, ld, &state);
802 asn1_push_tag(state->out, TLDAP_REQ_BIND);
803 asn1_write_Integer(state->out, ld->ld_version);
804 asn1_write_OctetString(state->out, dn, (dn != NULL) ? strlen(dn) : 0);
806 if (mechanism == NULL) {
807 asn1_push_tag(state->out, ASN1_CONTEXT_SIMPLE(0));
808 asn1_write(state->out, creds->data, creds->length);
809 asn1_pop_tag(state->out);
811 asn1_push_tag(state->out, ASN1_CONTEXT(3));
812 asn1_write_OctetString(state->out, mechanism,
814 if ((creds != NULL) && (creds->data != NULL)) {
815 asn1_write_OctetString(state->out, creds->data,
818 asn1_pop_tag(state->out);
821 if (!asn1_pop_tag(state->out)) {
822 tevent_req_error(req, TLDAP_ENCODING_ERROR);
823 return tevent_req_post(req, ev);
826 subreq = tldap_msg_send(state, ev, ld, state->id, state->out,
828 if (tevent_req_nomem(subreq, req)) {
829 return tevent_req_post(req, ev);
831 tevent_req_set_callback(subreq, tldap_sasl_bind_done, req);
835 static void tldap_sasl_bind_done(struct tevent_req *subreq)
837 struct tevent_req *req = tevent_req_callback_data(
838 subreq, struct tevent_req);
839 struct tldap_req_state *state = tevent_req_data(
840 req, struct tldap_req_state);
843 err = tldap_msg_recv(subreq, state, &state->result);
845 if (err != TLDAP_SUCCESS) {
846 tevent_req_error(req, err);
849 if (state->result->type != TLDAP_RES_BIND) {
850 tevent_req_error(req, TLDAP_PROTOCOL_ERROR);
853 if (!asn1_start_tag(state->result->data, state->result->type) ||
854 !tldap_decode_response(state) ||
855 !asn1_end_tag(state->result->data)) {
856 tevent_req_error(req, TLDAP_DECODING_ERROR);
860 * TODO: pull the reply blob
862 if (state->result->lderr != TLDAP_SUCCESS) {
863 tevent_req_error(req, state->result->lderr);
866 tevent_req_done(req);
869 int tldap_sasl_bind_recv(struct tevent_req *req)
873 if (tevent_req_is_ldap_error(req, &err)) {
876 return TLDAP_SUCCESS;
879 int tldap_sasl_bind(struct tldap_context *ld,
881 const char *mechanism,
883 struct tldap_control *sctrls,
885 struct tldap_control *cctrls,
888 TALLOC_CTX *frame = talloc_stackframe();
889 struct tevent_context *ev;
890 struct tevent_req *req;
893 ev = event_context_init(frame);
895 result = TLDAP_NO_MEMORY;
899 req = tldap_sasl_bind_send(frame, ev, ld, dn, mechanism, creds,
900 sctrls, num_sctrls, cctrls, num_cctrls);
902 result = TLDAP_NO_MEMORY;
906 if (!tevent_req_poll(req, ev)) {
907 result = TLDAP_OPERATIONS_ERROR;
911 result = tldap_sasl_bind_recv(req);
912 tldap_save_msg(ld, req);
918 struct tevent_req *tldap_simple_bind_send(TALLOC_CTX *mem_ctx,
919 struct tevent_context *ev,
920 struct tldap_context *ld,
926 if (passwd != NULL) {
927 cred.data = (uint8_t *)passwd;
928 cred.length = strlen(passwd);
930 cred.data = (uint8_t *)"";
933 return tldap_sasl_bind_send(mem_ctx, ev, ld, dn, NULL, &cred, NULL, 0,
937 int tldap_simple_bind_recv(struct tevent_req *req)
939 return tldap_sasl_bind_recv(req);
942 int tldap_simple_bind(struct tldap_context *ld, const char *dn,
947 if (passwd != NULL) {
948 cred.data = (uint8_t *)passwd;
949 cred.length = strlen(passwd);
951 cred.data = (uint8_t *)"";
954 return tldap_sasl_bind(ld, dn, NULL, &cred, NULL, 0, NULL, 0);
957 /*****************************************************************************/
959 /* can't use isalpha() as only a strict set is valid for LDAP */
961 static bool tldap_is_alpha(char c)
963 return (((c >= 'a') && (c <= 'z')) || \
964 ((c >= 'A') && (c <= 'Z')));
967 static bool tldap_is_adh(char c)
969 return tldap_is_alpha(c) || isdigit(c) || (c == '-');
972 #define TLDAP_FILTER_AND ASN1_CONTEXT(0)
973 #define TLDAP_FILTER_OR ASN1_CONTEXT(1)
974 #define TLDAP_FILTER_NOT ASN1_CONTEXT(2)
975 #define TLDAP_FILTER_EQ ASN1_CONTEXT(3)
976 #define TLDAP_FILTER_SUB ASN1_CONTEXT(4)
977 #define TLDAP_FILTER_LE ASN1_CONTEXT(5)
978 #define TLDAP_FILTER_GE ASN1_CONTEXT(6)
979 #define TLDAP_FILTER_PRES ASN1_CONTEXT_SIMPLE(7)
980 #define TLDAP_FILTER_APX ASN1_CONTEXT(8)
981 #define TLDAP_FILTER_EXT ASN1_CONTEXT(9)
983 #define TLDAP_SUB_INI ASN1_CONTEXT_SIMPLE(0)
984 #define TLDAP_SUB_ANY ASN1_CONTEXT_SIMPLE(1)
985 #define TLDAP_SUB_FIN ASN1_CONTEXT_SIMPLE(2)
988 /* oid's should be numerical only in theory,
989 * but apparently some broken servers may have alphanum aliases instead.
990 * Do like openldap libraries and allow alphanum aliases for oids, but
991 * do not allow Tagging options in that case.
993 static bool tldap_is_attrdesc(const char *s, int len, bool no_tagopts)
999 /* first char has stricter rules */
1002 } else if (!tldap_is_alpha(*s)) {
1003 /* bad first char */
1007 for (i = 1; i < len; i++) {
1010 if (isdigit(s[i])) {
1023 if (tldap_is_adh(s[i])) {
1030 /* no tagging options */
1037 if ((i + 1) == len) {
1055 /* this function copies the value until the closing parenthesis is found. */
1056 static char *tldap_get_val(TALLOC_CTX *memctx,
1057 const char *value, const char **_s)
1059 const char *s = value;
1061 /* find terminator */
1064 if (s && (*(s - 1) == '\\')) {
1069 if (!s || !(*s == ')')) {
1070 /* malformed filter */
1076 return talloc_strndup(memctx, value, s - value);
1079 static int tldap_hex2char(const char *x)
1081 if (isxdigit(x[0]) && isxdigit(x[1])) {
1082 const char h1 = x[0], h2 = x[1];
1085 if (h1 >= 'a') c = h1 - (int)'a' + 10;
1086 else if (h1 >= 'A') c = h1 - (int)'A' + 10;
1087 else if (h1 >= '0') c = h1 - (int)'0';
1089 if (h2 >= 'a') c += h2 - (int)'a' + 10;
1090 else if (h2 >= 'A') c += h2 - (int)'A' + 10;
1091 else if (h2 >= '0') c += h2 - (int)'0';
1099 static bool tldap_find_first_star(const char *val, const char **star)
1103 for (s = val; *s; s++) {
1106 if (isxdigit(s[1]) && isxdigit(s[2])) {
1110 /* not hex based escape, check older syntax */
1119 /* invalid escape sequence */
1124 /* end of val, nothing found */
1134 /* string ended without closing parenthesis, filter is malformed */
1138 static bool tldap_unescape_inplace(char *value, size_t *val_len)
1142 for (i = 0,p = 0; i < *val_len; i++) {
1148 /* these must be escaped */
1152 if (!value[i + 1]) {
1158 c = tldap_hex2char(&value[i]);
1159 if (c >= 0 && c < 256) {
1171 value[p] = value[i];
1180 value[p] = value[i];
1189 static bool tldap_push_filter_basic(struct tldap_context *ld,
1190 struct asn1_data *data,
1192 static bool tldap_push_filter_substring(struct tldap_context *ld,
1193 struct asn1_data *data,
1196 static bool tldap_push_filter_int(struct tldap_context *ld,
1197 struct asn1_data *data,
1200 const char *s = *_s;
1204 tldap_debug(ld, TLDAP_DEBUG_ERROR,
1205 "Incomplete or malformed filter\n");
1210 /* we are right after a parenthesis,
1211 * find out what op we have at hand */
1214 tldap_debug(ld, TLDAP_DEBUG_TRACE, "Filter op: AND\n");
1215 asn1_push_tag(data, TLDAP_FILTER_AND);
1220 tldap_debug(ld, TLDAP_DEBUG_TRACE, "Filter op: OR\n");
1221 asn1_push_tag(data, TLDAP_FILTER_OR);
1226 tldap_debug(ld, TLDAP_DEBUG_TRACE, "Filter op: NOT\n");
1227 asn1_push_tag(data, TLDAP_FILTER_NOT);
1229 ret = tldap_push_filter_int(ld, data, &s);
1238 tldap_debug(ld, TLDAP_DEBUG_ERROR,
1239 "Invalid parenthesis '%c'\n", *s);
1243 tldap_debug(ld, TLDAP_DEBUG_ERROR,
1244 "Invalid filter termination\n");
1248 ret = tldap_push_filter_basic(ld, data, &s);
1255 /* only and/or filters get here.
1256 * go through the list of filters */
1259 /* RFC 4526: empty and/or */
1265 ret = tldap_push_filter_int(ld, data, &s);
1271 /* end of list, return */
1279 tldap_debug(ld, TLDAP_DEBUG_ERROR,
1280 "Incomplete or malformed filter\n");
1285 if (data->has_error) {
1294 static bool tldap_push_filter_basic(struct tldap_context *ld,
1295 struct asn1_data *data,
1298 TALLOC_CTX *tmpctx = talloc_tos();
1299 const char *s = *_s;
1310 bool write_octect = true;
1313 eq = strchr(s, '=');
1315 tldap_debug(ld, TLDAP_DEBUG_ERROR,
1316 "Invalid filter, missing equal sign\n");
1325 asn1_push_tag(data, TLDAP_FILTER_LE);
1329 asn1_push_tag(data, TLDAP_FILTER_GE);
1333 asn1_push_tag(data, TLDAP_FILTER_APX);
1337 asn1_push_tag(data, TLDAP_FILTER_EXT);
1338 write_octect = false;
1344 if (*s == ':') { /* [:dn]:rule:= value */
1346 /* malformed filter */
1350 } else { /* type[:dn][:rule]:= value */
1352 dn = strchr(s, ':');
1353 type_len = dn - type;
1354 if (dn == e) { /* type:= value */
1361 rule = strchr(dn, ':');
1362 if ((rule == dn + 1) || rule + 1 == e) {
1363 /* malformed filter, contains "::" */
1367 if (StrnCaseCmp(dn, "dn:", 3) != 0) {
1372 /* malformed filter. With two
1373 * optionals, the first must be "dn"
1386 if (!type && !dn && !rule) {
1387 /* malformed filter, there must be at least one */
1392 MatchingRuleAssertion ::= SEQUENCE {
1393 matchingRule [1] MatchingRuleID OPTIONAL,
1394 type [2] AttributeDescription OPTIONAL,
1395 matchValue [3] AssertionValue,
1396 dnAttributes [4] BOOLEAN DEFAULT FALSE
1400 /* check and add rule */
1402 ret = tldap_is_attrdesc(rule, e - rule, true);
1406 asn1_push_tag(data, ASN1_CONTEXT_SIMPLE(1));
1407 asn1_write(data, rule, e - rule);
1411 /* check and add type */
1413 ret = tldap_is_attrdesc(type, type_len, false);
1417 asn1_push_tag(data, ASN1_CONTEXT_SIMPLE(2));
1418 asn1_write(data, type, type_len);
1422 uval = tldap_get_val(tmpctx, val, _s);
1426 uval_len = *_s - val;
1427 ret = tldap_unescape_inplace(uval, &uval_len);
1432 asn1_push_tag(data, ASN1_CONTEXT_SIMPLE(3));
1433 asn1_write(data, uval, uval_len);
1436 asn1_push_tag(data, ASN1_CONTEXT_SIMPLE(4));
1437 asn1_write_uint8(data, dn?1:0);
1444 ret = tldap_is_attrdesc(s, e - s, false);
1449 if (strncmp(val, "*)", 2) == 0) {
1451 asn1_push_tag(data, TLDAP_FILTER_PRES);
1452 asn1_write(data, s, e - s);
1454 write_octect = false;
1458 ret = tldap_find_first_star(val, &star);
1464 asn1_push_tag(data, TLDAP_FILTER_SUB);
1465 asn1_write_OctetString(data, s, e - s);
1466 ret = tldap_push_filter_substring(ld, data, val, &s);
1471 write_octect = false;
1475 /* if nothing else, then it is just equality */
1476 asn1_push_tag(data, TLDAP_FILTER_EQ);
1477 write_octect = true;
1482 uval = tldap_get_val(tmpctx, val, _s);
1486 uval_len = *_s - val;
1487 ret = tldap_unescape_inplace(uval, &uval_len);
1492 asn1_write_OctetString(data, s, e - s);
1493 asn1_write_OctetString(data, uval, uval_len);
1496 if (data->has_error) {
1503 static bool tldap_push_filter_substring(struct tldap_context *ld,
1504 struct asn1_data *data,
1508 TALLOC_CTX *tmpctx = talloc_tos();
1509 bool initial = true;
1516 SubstringFilter ::= SEQUENCE {
1517 type AttributeDescription,
1518 -- at least one must be present
1519 substrings SEQUENCE OF CHOICE {
1520 initial [0] LDAPString,
1522 final [2] LDAPString } }
1524 asn1_push_tag(data, ASN1_SEQUENCE(0));
1527 ret = tldap_find_first_star(val, &star);
1531 chunk_len = star - val;
1535 if (!initial && chunk_len == 0) {
1536 /* found '**', which is illegal */
1552 if (initial && chunk_len == 0) {
1558 chunk = talloc_strndup(tmpctx, val, chunk_len);
1562 ret = tldap_unescape_inplace(chunk, &chunk_len);
1569 asn1_push_tag(data, TLDAP_SUB_INI);
1572 asn1_push_tag(data, TLDAP_SUB_ANY);
1576 asn1_push_tag(data, TLDAP_SUB_FIN);
1582 asn1_write(data, chunk, chunk_len);
1587 } while (*star == '*');
1591 /* end of sequence */
1596 /* NOTE: although openldap libraries allow for spaces in some places, mosly
1597 * around parenthesis, we do not allow any spaces (except in values of
1598 * course) as I couldn't fine any place in RFC 4512 or RFC 4515 where
1599 * leading or trailing spaces where allowed.
1601 static bool tldap_push_filter(struct tldap_context *ld,
1602 struct asn1_data *data,
1605 const char *s = filter;
1608 ret = tldap_push_filter_int(ld, data, &s);
1610 tldap_debug(ld, TLDAP_DEBUG_ERROR,
1611 "Incomplete or malformed filter\n");
1617 /*****************************************************************************/
1619 static void tldap_search_done(struct tevent_req *subreq);
1621 struct tevent_req *tldap_search_send(TALLOC_CTX *mem_ctx,
1622 struct tevent_context *ev,
1623 struct tldap_context *ld,
1624 const char *base, int scope,
1629 struct tldap_control *sctrls,
1631 struct tldap_control *cctrls,
1637 struct tevent_req *req, *subreq;
1638 struct tldap_req_state *state;
1641 req = tldap_req_create(mem_ctx, ld, &state);
1646 asn1_push_tag(state->out, TLDAP_REQ_SEARCH);
1647 asn1_write_OctetString(state->out, base, strlen(base));
1648 asn1_write_enumerated(state->out, scope);
1649 asn1_write_enumerated(state->out, deref);
1650 asn1_write_Integer(state->out, sizelimit);
1651 asn1_write_Integer(state->out, timelimit);
1652 asn1_write_BOOLEAN(state->out, attrsonly);
1654 if (!tldap_push_filter(ld, state->out, filter)) {
1655 goto encoding_error;
1658 asn1_push_tag(state->out, ASN1_SEQUENCE(0));
1659 for (i=0; i<num_attrs; i++) {
1660 asn1_write_OctetString(state->out, attrs[i], strlen(attrs[i]));
1662 asn1_pop_tag(state->out);
1663 asn1_pop_tag(state->out);
1665 subreq = tldap_msg_send(state, ev, ld, state->id, state->out,
1666 sctrls, num_sctrls);
1667 if (tevent_req_nomem(subreq, req)) {
1668 return tevent_req_post(req, ev);
1670 tevent_req_set_callback(subreq, tldap_search_done, req);
1674 tevent_req_error(req, TLDAP_ENCODING_ERROR);
1675 return tevent_req_post(req, ev);
1678 static void tldap_search_done(struct tevent_req *subreq)
1680 struct tevent_req *req = tevent_req_callback_data(
1681 subreq, struct tevent_req);
1682 struct tldap_req_state *state = tevent_req_data(
1683 req, struct tldap_req_state);
1686 err = tldap_msg_recv(subreq, state, &state->result);
1687 if (err != TLDAP_SUCCESS) {
1688 tevent_req_error(req, err);
1691 switch (state->result->type) {
1692 case TLDAP_RES_SEARCH_ENTRY:
1693 case TLDAP_RES_SEARCH_REFERENCE:
1694 tevent_req_notify_callback(req);
1695 if (!tldap_msg_set_pending(subreq)) {
1696 tevent_req_nomem(NULL, req);
1700 case TLDAP_RES_SEARCH_RESULT:
1701 TALLOC_FREE(subreq);
1702 if (!asn1_start_tag(state->result->data,
1703 state->result->type) ||
1704 !tldap_decode_response(state) ||
1705 !asn1_end_tag(state->result->data) ||
1706 !tldap_decode_controls(state)) {
1707 tevent_req_error(req, TLDAP_DECODING_ERROR);
1710 tevent_req_done(req);
1713 tevent_req_error(req, TLDAP_PROTOCOL_ERROR);
1718 int tldap_search_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
1719 struct tldap_message **pmsg)
1721 struct tldap_req_state *state = tevent_req_data(
1722 req, struct tldap_req_state);
1725 if (!tevent_req_is_in_progress(req)
1726 && tevent_req_is_ldap_error(req, &err)) {
1730 if (tevent_req_is_in_progress(req)) {
1731 switch (state->result->type) {
1732 case TLDAP_RES_SEARCH_ENTRY:
1733 case TLDAP_RES_SEARCH_REFERENCE:
1736 return TLDAP_OPERATIONS_ERROR;
1740 *pmsg = talloc_move(mem_ctx, &state->result);
1741 return TLDAP_SUCCESS;
1744 struct tldap_sync_search_state {
1745 TALLOC_CTX *mem_ctx;
1746 struct tldap_message **entries;
1747 struct tldap_message **refs;
1751 static void tldap_search_cb(struct tevent_req *req)
1753 struct tldap_sync_search_state *state =
1754 (struct tldap_sync_search_state *)
1755 tevent_req_callback_data_void(req);
1756 struct tldap_message *msg, **tmp;
1757 int rc, num_entries, num_refs;
1759 rc = tldap_search_recv(req, talloc_tos(), &msg);
1760 if (rc != TLDAP_SUCCESS) {
1765 switch (tldap_msg_type(msg)) {
1766 case TLDAP_RES_SEARCH_ENTRY:
1767 num_entries = talloc_array_length(state->entries);
1768 tmp = talloc_realloc(state->mem_ctx, state->entries,
1769 struct tldap_message *, num_entries + 1);
1771 state->rc = TLDAP_NO_MEMORY;
1774 state->entries = tmp;
1775 state->entries[num_entries] = talloc_move(state->entries,
1778 case TLDAP_RES_SEARCH_REFERENCE:
1779 num_refs = talloc_array_length(state->refs);
1780 tmp = talloc_realloc(state->mem_ctx, state->refs,
1781 struct tldap_message *, num_refs + 1);
1783 state->rc = TLDAP_NO_MEMORY;
1787 state->refs[num_refs] = talloc_move(state->refs, &msg);
1789 case TLDAP_RES_SEARCH_RESULT:
1790 state->rc = TLDAP_SUCCESS;
1793 state->rc = TLDAP_PROTOCOL_ERROR;
1798 int tldap_search(struct tldap_context *ld,
1799 const char *base, int scope, const char *filter,
1800 const char **attrs, int num_attrs, int attrsonly,
1801 struct tldap_control *sctrls, int num_sctrls,
1802 struct tldap_control *cctrls, int num_cctrls,
1803 int timelimit, int sizelimit, int deref,
1804 TALLOC_CTX *mem_ctx, struct tldap_message ***entries,
1805 struct tldap_message ***refs)
1807 TALLOC_CTX *frame = talloc_stackframe();
1808 struct tevent_context *ev;
1809 struct tevent_req *req;
1810 struct tldap_sync_search_state state;
1813 state.mem_ctx = mem_ctx;
1814 state.rc = TLDAP_SUCCESS;
1816 ev = event_context_init(frame);
1818 state.rc = TLDAP_NO_MEMORY;
1822 req = tldap_search_send(frame, ev, ld, base, scope, filter,
1823 attrs, num_attrs, attrsonly,
1824 sctrls, num_sctrls, cctrls, num_cctrls,
1825 timelimit, sizelimit, deref);
1827 state.rc = TLDAP_NO_MEMORY;
1831 tevent_req_set_callback(req, tldap_search_cb, &state);
1833 if (!tevent_req_is_in_progress(req)) {
1834 /* an error happend before sending */
1835 if (tevent_req_is_ldap_error(req, &state.rc)) {
1840 while (tevent_req_is_in_progress(req)
1841 && (state.rc == TLDAP_SUCCESS)) {
1842 if (tevent_loop_once(ev) == -1) {
1843 return TLDAP_OPERATIONS_ERROR;
1847 if (state.rc != TLDAP_SUCCESS) {
1851 if (entries != NULL) {
1852 *entries = state.entries;
1854 TALLOC_FREE(state.entries);
1859 TALLOC_FREE(state.refs);
1861 tldap_save_msg(ld, req);
1867 static bool tldap_parse_search_entry(struct tldap_message *msg)
1869 int num_attribs = 0;
1871 asn1_start_tag(msg->data, msg->type);
1875 asn1_read_OctetString_talloc(msg, msg->data, &msg->dn);
1876 if (msg->dn == NULL) {
1881 * Attributes: We overallocate msg->attribs by one, so that while
1882 * looping over the attributes we can directly parse into the last
1883 * array element. Same for the values in the inner loop.
1886 msg->attribs = talloc_array(msg, struct tldap_attribute, 1);
1887 if (msg->attribs == NULL) {
1891 asn1_start_tag(msg->data, ASN1_SEQUENCE(0));
1892 while (asn1_peek_tag(msg->data, ASN1_SEQUENCE(0))) {
1893 struct tldap_attribute *attrib;
1896 attrib = &msg->attribs[num_attribs];
1897 attrib->values = talloc_array(msg->attribs, DATA_BLOB, 1);
1898 if (attrib->values == NULL) {
1901 asn1_start_tag(msg->data, ASN1_SEQUENCE(0));
1902 asn1_read_OctetString_talloc(msg->attribs, msg->data,
1904 asn1_start_tag(msg->data, ASN1_SET);
1906 while (asn1_peek_tag(msg->data, ASN1_OCTET_STRING)) {
1907 asn1_read_OctetString(msg->data, msg,
1908 &attrib->values[num_values]);
1910 attrib->values = talloc_realloc(
1911 msg->attribs, attrib->values, DATA_BLOB,
1913 if (attrib->values == NULL) {
1918 attrib->values = talloc_realloc(msg->attribs, attrib->values,
1919 DATA_BLOB, num_values);
1920 attrib->num_values = num_values;
1922 asn1_end_tag(msg->data); /* ASN1_SET */
1923 asn1_end_tag(msg->data); /* ASN1_SEQUENCE(0) */
1924 msg->attribs = talloc_realloc(
1925 msg, msg->attribs, struct tldap_attribute,
1927 if (msg->attribs == NULL) {
1932 msg->attribs = talloc_realloc(
1933 msg, msg->attribs, struct tldap_attribute, num_attribs);
1934 asn1_end_tag(msg->data);
1935 if (msg->data->has_error) {
1941 bool tldap_entry_dn(struct tldap_message *msg, char **dn)
1943 if ((msg->dn == NULL) && (!tldap_parse_search_entry(msg))) {
1950 bool tldap_entry_attributes(struct tldap_message *msg, int *num_attributes,
1951 struct tldap_attribute **attributes)
1953 if ((msg->dn == NULL) && (!tldap_parse_search_entry(msg))) {
1956 *attributes = msg->attribs;
1957 *num_attributes = talloc_array_length(msg->attribs);
1961 static bool tldap_decode_controls(struct tldap_req_state *state)
1963 struct tldap_message *msg = state->result;
1964 struct asn1_data *data = msg->data;
1965 struct tldap_control *sctrls = NULL;
1966 int num_controls = 0;
1968 msg->res_sctrls = NULL;
1970 if (!asn1_peek_tag(data, ASN1_CONTEXT(0))) {
1974 asn1_start_tag(data, ASN1_CONTEXT(0));
1976 while (asn1_peek_tag(data, ASN1_SEQUENCE(0))) {
1977 struct tldap_control *c;
1980 sctrls = talloc_realloc(msg, sctrls, struct tldap_control,
1982 if (sctrls == NULL) {
1985 c = &sctrls[num_controls];
1987 asn1_start_tag(data, ASN1_SEQUENCE(0));
1988 asn1_read_OctetString_talloc(msg, data, &oid);
1989 if ((data->has_error) || (oid == NULL)) {
1993 if (asn1_peek_tag(data, ASN1_BOOLEAN)) {
1994 asn1_read_BOOLEAN(data, &c->critical);
1996 c->critical = false;
1998 c->value = data_blob_null;
1999 if (asn1_peek_tag(data, ASN1_OCTET_STRING) &&
2000 !asn1_read_OctetString(data, msg, &c->value)) {
2003 asn1_end_tag(data); /* ASN1_SEQUENCE(0) */
2008 asn1_end_tag(data); /* ASN1_CONTEXT(0) */
2010 if (data->has_error) {
2011 TALLOC_FREE(sctrls);
2014 msg->res_sctrls = sctrls;
2018 static void tldap_simple_done(struct tevent_req *subreq, int type)
2020 struct tevent_req *req = tevent_req_callback_data(
2021 subreq, struct tevent_req);
2022 struct tldap_req_state *state = tevent_req_data(
2023 req, struct tldap_req_state);
2026 err = tldap_msg_recv(subreq, state, &state->result);
2027 TALLOC_FREE(subreq);
2028 if (err != TLDAP_SUCCESS) {
2029 tevent_req_error(req, err);
2032 if (state->result->type != type) {
2033 tevent_req_error(req, TLDAP_PROTOCOL_ERROR);
2036 if (!asn1_start_tag(state->result->data, state->result->type) ||
2037 !tldap_decode_response(state) ||
2038 !asn1_end_tag(state->result->data) ||
2039 !tldap_decode_controls(state)) {
2040 tevent_req_error(req, TLDAP_DECODING_ERROR);
2043 if (state->result->lderr != TLDAP_SUCCESS) {
2044 tevent_req_error(req, state->result->lderr);
2047 tevent_req_done(req);
2050 static int tldap_simple_recv(struct tevent_req *req)
2053 if (tevent_req_is_ldap_error(req, &err)) {
2056 return TLDAP_SUCCESS;
2059 static void tldap_add_done(struct tevent_req *subreq);
2061 struct tevent_req *tldap_add_send(TALLOC_CTX *mem_ctx,
2062 struct tevent_context *ev,
2063 struct tldap_context *ld,
2065 struct tldap_mod *attributes,
2067 struct tldap_control *sctrls,
2069 struct tldap_control *cctrls,
2072 struct tevent_req *req, *subreq;
2073 struct tldap_req_state *state;
2076 req = tldap_req_create(mem_ctx, ld, &state);
2081 asn1_push_tag(state->out, TLDAP_REQ_ADD);
2082 asn1_write_OctetString(state->out, dn, strlen(dn));
2083 asn1_push_tag(state->out, ASN1_SEQUENCE(0));
2085 for (i=0; i<num_attributes; i++) {
2086 struct tldap_mod *attrib = &attributes[i];
2087 asn1_push_tag(state->out, ASN1_SEQUENCE(0));
2088 asn1_write_OctetString(state->out, attrib->attribute,
2089 strlen(attrib->attribute));
2090 asn1_push_tag(state->out, ASN1_SET);
2091 for (j=0; j<attrib->num_values; j++) {
2092 asn1_write_OctetString(state->out,
2093 attrib->values[j].data,
2094 attrib->values[j].length);
2096 asn1_pop_tag(state->out);
2097 asn1_pop_tag(state->out);
2100 asn1_pop_tag(state->out);
2101 asn1_pop_tag(state->out);
2103 subreq = tldap_msg_send(state, ev, ld, state->id, state->out,
2104 sctrls, num_sctrls);
2105 if (tevent_req_nomem(subreq, req)) {
2106 return tevent_req_post(req, ev);
2108 tevent_req_set_callback(subreq, tldap_add_done, req);
2112 static void tldap_add_done(struct tevent_req *subreq)
2114 tldap_simple_done(subreq, TLDAP_RES_ADD);
2117 int tldap_add_recv(struct tevent_req *req)
2119 return tldap_simple_recv(req);
2122 int tldap_add(struct tldap_context *ld, const char *dn,
2123 int num_attributes, struct tldap_mod *attributes,
2124 struct tldap_control *sctrls, int num_sctrls,
2125 struct tldap_control *cctrls, int num_cctrls)
2127 TALLOC_CTX *frame = talloc_stackframe();
2128 struct tevent_context *ev;
2129 struct tevent_req *req;
2132 ev = event_context_init(frame);
2134 result = TLDAP_NO_MEMORY;
2138 req = tldap_add_send(frame, ev, ld, dn, attributes, num_attributes,
2139 sctrls, num_sctrls, cctrls, num_cctrls);
2141 result = TLDAP_NO_MEMORY;
2145 if (!tevent_req_poll(req, ev)) {
2146 result = TLDAP_OPERATIONS_ERROR;
2150 result = tldap_add_recv(req);
2151 tldap_save_msg(ld, req);
2157 static void tldap_modify_done(struct tevent_req *subreq);
2159 struct tevent_req *tldap_modify_send(TALLOC_CTX *mem_ctx,
2160 struct tevent_context *ev,
2161 struct tldap_context *ld,
2163 int num_mods, struct tldap_mod *mods,
2164 struct tldap_control *sctrls,
2166 struct tldap_control *cctrls,
2169 struct tevent_req *req, *subreq;
2170 struct tldap_req_state *state;
2173 req = tldap_req_create(mem_ctx, ld, &state);
2178 asn1_push_tag(state->out, TLDAP_REQ_MODIFY);
2179 asn1_write_OctetString(state->out, dn, strlen(dn));
2180 asn1_push_tag(state->out, ASN1_SEQUENCE(0));
2182 for (i=0; i<num_mods; i++) {
2183 struct tldap_mod *mod = &mods[i];
2184 asn1_push_tag(state->out, ASN1_SEQUENCE(0));
2185 asn1_write_enumerated(state->out, mod->mod_op),
2186 asn1_push_tag(state->out, ASN1_SEQUENCE(0));
2187 asn1_write_OctetString(state->out, mod->attribute,
2188 strlen(mod->attribute));
2189 asn1_push_tag(state->out, ASN1_SET);
2190 for (j=0; j<mod->num_values; j++) {
2191 asn1_write_OctetString(state->out,
2192 mod->values[j].data,
2193 mod->values[j].length);
2195 asn1_pop_tag(state->out);
2196 asn1_pop_tag(state->out);
2197 asn1_pop_tag(state->out);
2200 asn1_pop_tag(state->out);
2201 asn1_pop_tag(state->out);
2203 subreq = tldap_msg_send(state, ev, ld, state->id, state->out,
2204 sctrls, num_sctrls);
2205 if (tevent_req_nomem(subreq, req)) {
2206 return tevent_req_post(req, ev);
2208 tevent_req_set_callback(subreq, tldap_modify_done, req);
2212 static void tldap_modify_done(struct tevent_req *subreq)
2214 tldap_simple_done(subreq, TLDAP_RES_MODIFY);
2217 int tldap_modify_recv(struct tevent_req *req)
2219 return tldap_simple_recv(req);
2222 int tldap_modify(struct tldap_context *ld, const char *dn,
2223 int num_mods, struct tldap_mod *mods,
2224 struct tldap_control *sctrls, int num_sctrls,
2225 struct tldap_control *cctrls, int num_cctrls)
2227 TALLOC_CTX *frame = talloc_stackframe();
2228 struct tevent_context *ev;
2229 struct tevent_req *req;
2232 ev = event_context_init(frame);
2234 result = TLDAP_NO_MEMORY;
2238 req = tldap_modify_send(frame, ev, ld, dn, num_mods, mods,
2239 sctrls, num_sctrls, cctrls, num_cctrls);
2241 result = TLDAP_NO_MEMORY;
2245 if (!tevent_req_poll(req, ev)) {
2246 result = TLDAP_OPERATIONS_ERROR;
2250 result = tldap_modify_recv(req);
2251 tldap_save_msg(ld, req);
2257 static void tldap_delete_done(struct tevent_req *subreq);
2259 struct tevent_req *tldap_delete_send(TALLOC_CTX *mem_ctx,
2260 struct tevent_context *ev,
2261 struct tldap_context *ld,
2263 struct tldap_control *sctrls,
2265 struct tldap_control *cctrls,
2268 struct tevent_req *req, *subreq;
2269 struct tldap_req_state *state;
2271 req = tldap_req_create(mem_ctx, ld, &state);
2276 asn1_push_tag(state->out, TLDAP_REQ_DELETE);
2277 asn1_write(state->out, dn, strlen(dn));
2278 asn1_pop_tag(state->out);
2280 subreq = tldap_msg_send(state, ev, ld, state->id, state->out,
2281 sctrls, num_sctrls);
2282 if (tevent_req_nomem(subreq, req)) {
2283 return tevent_req_post(req, ev);
2285 tevent_req_set_callback(subreq, tldap_delete_done, req);
2289 static void tldap_delete_done(struct tevent_req *subreq)
2291 tldap_simple_done(subreq, TLDAP_RES_DELETE);
2294 int tldap_delete_recv(struct tevent_req *req)
2296 return tldap_simple_recv(req);
2299 int tldap_delete(struct tldap_context *ld, const char *dn,
2300 struct tldap_control *sctrls, int num_sctrls,
2301 struct tldap_control *cctrls, int num_cctrls)
2303 TALLOC_CTX *frame = talloc_stackframe();
2304 struct tevent_context *ev;
2305 struct tevent_req *req;
2308 ev = event_context_init(frame);
2310 result = TLDAP_NO_MEMORY;
2314 req = tldap_delete_send(frame, ev, ld, dn, sctrls, num_sctrls,
2315 cctrls, num_cctrls);
2317 result = TLDAP_NO_MEMORY;
2321 if (!tevent_req_poll(req, ev)) {
2322 result = TLDAP_OPERATIONS_ERROR;
2326 result = tldap_delete_recv(req);
2327 tldap_save_msg(ld, req);
2333 int tldap_msg_id(const struct tldap_message *msg)
2338 int tldap_msg_type(const struct tldap_message *msg)
2343 const char *tldap_msg_matcheddn(struct tldap_message *msg)
2348 return msg->res_matcheddn;
2351 const char *tldap_msg_diagnosticmessage(struct tldap_message *msg)
2356 return msg->res_diagnosticmessage;
2359 const char *tldap_msg_referral(struct tldap_message *msg)
2364 return msg->res_referral;
2367 void tldap_msg_sctrls(struct tldap_message *msg, int *num_sctrls,
2368 struct tldap_control **sctrls)
2374 *sctrls = msg->res_sctrls;
2375 *num_sctrls = talloc_array_length(msg->res_sctrls);
2378 struct tldap_message *tldap_ctx_lastmsg(struct tldap_context *ld)
2380 return ld->last_msg;
2383 const char *tldap_err2string(int rc)
2385 const char *res = NULL;
2388 * This would normally be a table, but the error codes are not fully
2389 * sequential. Let the compiler figure out the optimum implementation
2395 res = "TLDAP_SUCCESS";
2397 case TLDAP_OPERATIONS_ERROR:
2398 res = "TLDAP_OPERATIONS_ERROR";
2400 case TLDAP_PROTOCOL_ERROR:
2401 res = "TLDAP_PROTOCOL_ERROR";
2403 case TLDAP_TIMELIMIT_EXCEEDED:
2404 res = "TLDAP_TIMELIMIT_EXCEEDED";
2406 case TLDAP_SIZELIMIT_EXCEEDED:
2407 res = "TLDAP_SIZELIMIT_EXCEEDED";
2409 case TLDAP_COMPARE_FALSE:
2410 res = "TLDAP_COMPARE_FALSE";
2412 case TLDAP_COMPARE_TRUE:
2413 res = "TLDAP_COMPARE_TRUE";
2415 case TLDAP_STRONG_AUTH_NOT_SUPPORTED:
2416 res = "TLDAP_STRONG_AUTH_NOT_SUPPORTED";
2418 case TLDAP_STRONG_AUTH_REQUIRED:
2419 res = "TLDAP_STRONG_AUTH_REQUIRED";
2421 case TLDAP_REFERRAL:
2422 res = "TLDAP_REFERRAL";
2424 case TLDAP_ADMINLIMIT_EXCEEDED:
2425 res = "TLDAP_ADMINLIMIT_EXCEEDED";
2427 case TLDAP_UNAVAILABLE_CRITICAL_EXTENSION:
2428 res = "TLDAP_UNAVAILABLE_CRITICAL_EXTENSION";
2430 case TLDAP_CONFIDENTIALITY_REQUIRED:
2431 res = "TLDAP_CONFIDENTIALITY_REQUIRED";
2433 case TLDAP_SASL_BIND_IN_PROGRESS:
2434 res = "TLDAP_SASL_BIND_IN_PROGRESS";
2436 case TLDAP_NO_SUCH_ATTRIBUTE:
2437 res = "TLDAP_NO_SUCH_ATTRIBUTE";
2439 case TLDAP_UNDEFINED_TYPE:
2440 res = "TLDAP_UNDEFINED_TYPE";
2442 case TLDAP_INAPPROPRIATE_MATCHING:
2443 res = "TLDAP_INAPPROPRIATE_MATCHING";
2445 case TLDAP_CONSTRAINT_VIOLATION:
2446 res = "TLDAP_CONSTRAINT_VIOLATION";
2448 case TLDAP_TYPE_OR_VALUE_EXISTS:
2449 res = "TLDAP_TYPE_OR_VALUE_EXISTS";
2451 case TLDAP_INVALID_SYNTAX:
2452 res = "TLDAP_INVALID_SYNTAX";
2454 case TLDAP_NO_SUCH_OBJECT:
2455 res = "TLDAP_NO_SUCH_OBJECT";
2457 case TLDAP_ALIAS_PROBLEM:
2458 res = "TLDAP_ALIAS_PROBLEM";
2460 case TLDAP_INVALID_DN_SYNTAX:
2461 res = "TLDAP_INVALID_DN_SYNTAX";
2464 res = "TLDAP_IS_LEAF";
2466 case TLDAP_ALIAS_DEREF_PROBLEM:
2467 res = "TLDAP_ALIAS_DEREF_PROBLEM";
2469 case TLDAP_INAPPROPRIATE_AUTH:
2470 res = "TLDAP_INAPPROPRIATE_AUTH";
2472 case TLDAP_INVALID_CREDENTIALS:
2473 res = "TLDAP_INVALID_CREDENTIALS";
2475 case TLDAP_INSUFFICIENT_ACCESS:
2476 res = "TLDAP_INSUFFICIENT_ACCESS";
2481 case TLDAP_UNAVAILABLE:
2482 res = "TLDAP_UNAVAILABLE";
2484 case TLDAP_UNWILLING_TO_PERFORM:
2485 res = "TLDAP_UNWILLING_TO_PERFORM";
2487 case TLDAP_LOOP_DETECT:
2488 res = "TLDAP_LOOP_DETECT";
2490 case TLDAP_NAMING_VIOLATION:
2491 res = "TLDAP_NAMING_VIOLATION";
2493 case TLDAP_OBJECT_CLASS_VIOLATION:
2494 res = "TLDAP_OBJECT_CLASS_VIOLATION";
2496 case TLDAP_NOT_ALLOWED_ON_NONLEAF:
2497 res = "TLDAP_NOT_ALLOWED_ON_NONLEAF";
2499 case TLDAP_NOT_ALLOWED_ON_RDN:
2500 res = "TLDAP_NOT_ALLOWED_ON_RDN";
2502 case TLDAP_ALREADY_EXISTS:
2503 res = "TLDAP_ALREADY_EXISTS";
2505 case TLDAP_NO_OBJECT_CLASS_MODS:
2506 res = "TLDAP_NO_OBJECT_CLASS_MODS";
2508 case TLDAP_RESULTS_TOO_LARGE:
2509 res = "TLDAP_RESULTS_TOO_LARGE";
2511 case TLDAP_AFFECTS_MULTIPLE_DSAS:
2512 res = "TLDAP_AFFECTS_MULTIPLE_DSAS";
2515 res = "TLDAP_OTHER";
2517 case TLDAP_SERVER_DOWN:
2518 res = "TLDAP_SERVER_DOWN";
2520 case TLDAP_LOCAL_ERROR:
2521 res = "TLDAP_LOCAL_ERROR";
2523 case TLDAP_ENCODING_ERROR:
2524 res = "TLDAP_ENCODING_ERROR";
2526 case TLDAP_DECODING_ERROR:
2527 res = "TLDAP_DECODING_ERROR";
2530 res = "TLDAP_TIMEOUT";
2532 case TLDAP_AUTH_UNKNOWN:
2533 res = "TLDAP_AUTH_UNKNOWN";
2535 case TLDAP_FILTER_ERROR:
2536 res = "TLDAP_FILTER_ERROR";
2538 case TLDAP_USER_CANCELLED:
2539 res = "TLDAP_USER_CANCELLED";
2541 case TLDAP_PARAM_ERROR:
2542 res = "TLDAP_PARAM_ERROR";
2544 case TLDAP_NO_MEMORY:
2545 res = "TLDAP_NO_MEMORY";
2547 case TLDAP_CONNECT_ERROR:
2548 res = "TLDAP_CONNECT_ERROR";
2550 case TLDAP_NOT_SUPPORTED:
2551 res = "TLDAP_NOT_SUPPORTED";
2553 case TLDAP_CONTROL_NOT_FOUND:
2554 res = "TLDAP_CONTROL_NOT_FOUND";
2556 case TLDAP_NO_RESULTS_RETURNED:
2557 res = "TLDAP_NO_RESULTS_RETURNED";
2559 case TLDAP_MORE_RESULTS_TO_RETURN:
2560 res = "TLDAP_MORE_RESULTS_TO_RETURN";
2562 case TLDAP_CLIENT_LOOP:
2563 res = "TLDAP_CLIENT_LOOP";
2565 case TLDAP_REFERRAL_LIMIT_EXCEEDED:
2566 res = "TLDAP_REFERRAL_LIMIT_EXCEEDED";
2569 res = talloc_asprintf(talloc_tos(), "Unknown LDAP Error (%d)",
2574 res = "Unknown LDAP Error";
git.samba.org / bbaumbach / samba-autobuild / .git / blob