2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
23 * Use is subject to license terms.
24 */
25
26 #include <stdio.h>
27 #include <string.h>
28 #include <stdlib.h>
29 #include <ctype.h>
30 #include <fcntl.h>
31 #include <unistd.h>
32 #include <errno.h>
33 #include <locale.h>
34 #include <sys/stat.h>
35 #include <lber.h>
36 #include <ldap.h>
37 #include <deflt.h>
38
39 #include "ldap_map.h"
40
41 #include "ldap_parse.h"
67
68 /* high level parsing functions functions */
69 static int parse_ldap_cmd_line(const char *const *cmdline_options,
70 __nis_ldap_proxy_info *proxy_info, __nis_config_t *nis_config,
71 __nis_table_mapping_t **table_mapping, __nis_config_info_t *config_info,
72 __nisdb_table_mapping_t *table_info);
73 static int parse_ldap_default_conf(__nis_ldap_proxy_info *proxy_info,
74 __nis_config_t *nis_config, __nis_config_info_t *config_info,
75 __nisdb_table_mapping_t *table_info);
76 static int parse_ldap_config_file(const char *config_file,
77 __nis_ldap_proxy_info *proxy_info, __nis_config_t *nis_config,
78 __nis_table_mapping_t **table_mapping, __nis_config_info_t *config_info,
79 __nisdb_table_mapping_t *table_info);
80 static int parse_ldap_config_dn_attrs(__nis_ldap_proxy_info *proxy_info,
81 __nis_config_t *nis_config, __nis_table_mapping_t **table_mapping,
82 __nis_config_info_t *config_info, __nisdb_table_mapping_t *table_info);
83 static int yp_parse_ldap_default_conf(__nis_ldap_proxy_info *proxy_info,
84 __nis_config_t *nis_config, __nis_config_info_t *config_info,
85 __nisdb_table_mapping_t *table_info);
86
87
88 /* helper functions */
89 static config_key get_attrib_num_cmdline(const char *s,
90 const char **begin_s, const char **end_s);
91 static config_key get_file_attr_val(int fd, char **attr_val);
92 static void get_attribute_list(
93 const __nis_ldap_proxy_info *proxy_info,
94 const __nis_config_t *nis_config,
95 const __nis_config_info_t *config_info,
96 const __nisdb_table_mapping_t *table_info,
97 char **ldap_config_attributes);
98
99 /*
100 * FUNCTION: parse_ldap_migration
101 *
102 * Parses the information for LDAP. The values are first
103 * obtained from the command line, secondly from the preference
104 * file, and finally from an LDAP profile (if so configured in
105 * the command line or preference file). Any unset values will
106 * be set to their default values.
107 *
111 *
112 * RETURN VALUE:
113 * 0 Success
114 * -1 Config file stat/open or parse error
115 * 1 No mapping should be used.
116 *
117 * INPUT: command line parameters, configuration file
118 */
119
120 int
121 parse_ldap_migration(
122 const char *const *cmdline_options,
123 const char *config_file)
124 {
125 int rc = 0;
126 __nis_config_info_t config_info
127 = {NULL, NULL, (auth_method_t)NO_VALUE_SET,
128 (tls_method_t)NO_VALUE_SET, NULL,
129 NULL, NULL};
130 struct stat buf;
131 int i = 0;
132
133 p_error = no_parse_error;
134
135 if (verbose)
136 report_info("Getting LDAP configuration", NULL);
137
138 initialize_parse_structs(&proxyInfo, &ldapConfig, &ldapDBTableMapping);
139
140 if (yp2ldap)
141 initialize_yp_parse_structs(&ypDomains);
142
143 if (cmdline_options != NULL) {
144 got_config_data = TRUE;
145 /* NIS to LDAP does not read command line attributes */
146 if (!yp2ldap)
147 rc = parse_ldap_cmd_line(cmdline_options, &proxyInfo,
148 &ldapConfig, &ldapTableMapping, &config_info,
149 &ldapDBTableMapping);
150 else
151 rc = 0;
395 /* Close the /etc/default file */
396 defclose_r(defp);
397 }
398 return (rc);
399 }
400
401 static int
402 yp_parse_ldap_default_conf(
403 __nis_ldap_proxy_info *proxy_info,
404 __nis_config_t *nis_config,
405 __nis_config_info_t *config_info,
406 __nisdb_table_mapping_t *table_info)
407 {
408 int rc = 0;
409 char *ldap_config_attributes[n_config_keys];
410 char attr_buf[128];
411 char *attr;
412 char *attr_val;
413 int defflags;
414 config_key attrib_num;
415 int i, len, attr_len;
416 void *defp;
417
418 if ((defp = defopen_r(YP_ETCCONFFILE)) != NULL) {
419 file_source = YP_ETCCONFFILE;
420 if (verbose)
421 report_info("default configuration values: ", NULL);
422 /* Set defread_r() to be case insensitive */
423 defflags = defcntl_r(DC_GETFLAGS, 0, defp);
424 TURNOFF(defflags, DC_CASE);
425 (void) defcntl_r(DC_SETFLAGS, defflags, defp);
426
427 get_attribute_list(proxy_info, nis_config, config_info,
428 table_info, ldap_config_attributes);
429 i = 0;
430 while ((attr = ldap_config_attributes[i++]) != NULL) {
431 if ((strlcpy(attr_buf, attr, sizeof (attr_buf))) >=
432 sizeof (attr_buf)) {
433 report_error(
434 "Static buffer attr_buf overflow", NULL);
435 defclose_r(defp);
629 * Parses the information for LDAP from a configuration
630 * file. If no file is specified, /var/yp/NISLDAPmapping
631 * is used
632 *
633 * RETURN VALUE: 0 on success, -1 on failure
634 *
635 * INPUT: configuration file name
636 */
637
638 int
639 yp_parse_ldap_config_file(
640 const char *config_file,
641 __nis_ldap_proxy_info *proxy_info,
642 __nis_config_t *nis_config,
643 __nis_table_mapping_t **table_mapping,
644 __nis_config_info_t *config_info,
645 __nisdb_table_mapping_t *table_info,
646 __yp_domain_context_t *ypDomains)
647 {
648 int rc = 0;
649 int numDomains = 0;
650 config_key attrib_num;
651 int fd;
652 char *attr_val = NULL;
653 int len;
654
655 if ((fd = open(config_file, O_RDONLY)) == -1) {
656 p_error = parse_open_file_error;
657 report_error(config_file, NULL);
658 return (-1);
659 }
660
661 start_line_num = 1;
662 cur_line_num = 1;
663
664 if (verbose)
665 report_info("Reading configuration from ", config_file);
666
667 file_source = config_file;
668 while ((attrib_num = get_file_attr_val(fd, &attr_val)) > 0) {
669 len = attr_val == NULL ? 0 : strlen(attr_val);
716 * Gets the next attribute from the configuration file.
717 *
718 * RETURN VALUE: The config key if more attributes
719 * no_more_keys if eof
720 * key_bad if error
721 */
722
723 static config_key
724 get_file_attr_val(int fd, char **attr_val)
725 {
726 char buf[BUFSIZE];
727 char *start_tag;
728 char *start_val;
729 char *end_val;
730 char *cut_here;
731 char *s;
732 char *a;
733 char *attribute_value;
734 int ret;
735 config_key attrib_num = no_more_keys;
736 int found_quote = 0;
737
738 *attr_val = NULL;
739
740 if ((ret = read_line(fd, buf, sizeof (buf))) > 0) {
741 for (s = buf; is_whitespace(*s); s++)
742 ;
743
744 start_tag = s;
745 while (*s != '\0' && !is_whitespace(*s))
746 s++;
747
748 if (verbose)
749 report_info("\t", start_tag);
750 attrib_num = get_attrib_num(start_tag, s - start_tag);
751 if (attrib_num == key_bad)
752 return (key_bad);
753
754 while (is_whitespace(*s))
755 s++;
756 if (*s == '\0')
791 }
792 if (cut_here != 0)
793 end_val = cut_here;
794
795 for (s = start_val; s < end_val; s++)
796 *a++ = *s;
797 *a++ = '\0';
798 }
799 if (ret == -1)
800 return (key_bad);
801
802 return (attrib_num);
803 }
804
805 static LDAP *
806 connect_to_ldap_config_server(
807 char *sever_name,
808 int server_port,
809 __nis_config_info_t *config_info)
810 {
811 int rc = 0;
812 LDAP *ld = NULL;
813 int ldapVersion = LDAP_VERSION3;
814 int derefOption = LDAP_DEREF_ALWAYS;
815 int timelimit = LDAP_NO_LIMIT;
816 int sizelimit = LDAP_NO_LIMIT;
817 int errnum;
818 bool_t retrying = FALSE;
819 int sleep_seconds = 1;
820 struct berval cred;
821
822 if (config_info->tls_method == no_tls) {
823 ld = ldap_init(sever_name, server_port);
824 if (ld == NULL) {
825 p_error = parse_ldap_init_error;
826 report_error(strerror(errno), NULL);
827 return (NULL);
828 }
829 } else {
830 if ((errnum = ldapssl_client_init(
831 config_info->tls_cert_db, NULL)) < 0) {
|
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright 2015 Gary Mills
23 * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
24 * Use is subject to license terms.
25 */
26
27 #include <stdio.h>
28 #include <string.h>
29 #include <stdlib.h>
30 #include <ctype.h>
31 #include <fcntl.h>
32 #include <unistd.h>
33 #include <errno.h>
34 #include <locale.h>
35 #include <sys/stat.h>
36 #include <lber.h>
37 #include <ldap.h>
38 #include <deflt.h>
39
40 #include "ldap_map.h"
41
42 #include "ldap_parse.h"
68
69 /* high level parsing functions functions */
70 static int parse_ldap_cmd_line(const char *const *cmdline_options,
71 __nis_ldap_proxy_info *proxy_info, __nis_config_t *nis_config,
72 __nis_table_mapping_t **table_mapping, __nis_config_info_t *config_info,
73 __nisdb_table_mapping_t *table_info);
74 static int parse_ldap_default_conf(__nis_ldap_proxy_info *proxy_info,
75 __nis_config_t *nis_config, __nis_config_info_t *config_info,
76 __nisdb_table_mapping_t *table_info);
77 static int parse_ldap_config_file(const char *config_file,
78 __nis_ldap_proxy_info *proxy_info, __nis_config_t *nis_config,
79 __nis_table_mapping_t **table_mapping, __nis_config_info_t *config_info,
80 __nisdb_table_mapping_t *table_info);
81 static int parse_ldap_config_dn_attrs(__nis_ldap_proxy_info *proxy_info,
82 __nis_config_t *nis_config, __nis_table_mapping_t **table_mapping,
83 __nis_config_info_t *config_info, __nisdb_table_mapping_t *table_info);
84 static int yp_parse_ldap_default_conf(__nis_ldap_proxy_info *proxy_info,
85 __nis_config_t *nis_config, __nis_config_info_t *config_info,
86 __nisdb_table_mapping_t *table_info);
87
88 /* Forward declarations */
89 int yp_parse_ldap_config_file(const char *, __nis_ldap_proxy_info *,
90 __nis_config_t *, __nis_table_mapping_t **, __nis_config_info_t *,
91 __nisdb_table_mapping_t *, __yp_domain_context_t *);
92
93
94 /* helper functions */
95 static config_key get_attrib_num_cmdline(const char *s,
96 const char **begin_s, const char **end_s);
97 static config_key get_file_attr_val(int fd, char **attr_val);
98 static void get_attribute_list(
99 const __nis_ldap_proxy_info *proxy_info,
100 const __nis_config_t *nis_config,
101 const __nis_config_info_t *config_info,
102 const __nisdb_table_mapping_t *table_info,
103 char **ldap_config_attributes);
104
105 /*
106 * FUNCTION: parse_ldap_migration
107 *
108 * Parses the information for LDAP. The values are first
109 * obtained from the command line, secondly from the preference
110 * file, and finally from an LDAP profile (if so configured in
111 * the command line or preference file). Any unset values will
112 * be set to their default values.
113 *
117 *
118 * RETURN VALUE:
119 * 0 Success
120 * -1 Config file stat/open or parse error
121 * 1 No mapping should be used.
122 *
123 * INPUT: command line parameters, configuration file
124 */
125
126 int
127 parse_ldap_migration(
128 const char *const *cmdline_options,
129 const char *config_file)
130 {
131 int rc = 0;
132 __nis_config_info_t config_info
133 = {NULL, NULL, (auth_method_t)NO_VALUE_SET,
134 (tls_method_t)NO_VALUE_SET, NULL,
135 NULL, NULL};
136 struct stat buf;
137
138 p_error = no_parse_error;
139
140 if (verbose)
141 report_info("Getting LDAP configuration", NULL);
142
143 initialize_parse_structs(&proxyInfo, &ldapConfig, &ldapDBTableMapping);
144
145 if (yp2ldap)
146 initialize_yp_parse_structs(&ypDomains);
147
148 if (cmdline_options != NULL) {
149 got_config_data = TRUE;
150 /* NIS to LDAP does not read command line attributes */
151 if (!yp2ldap)
152 rc = parse_ldap_cmd_line(cmdline_options, &proxyInfo,
153 &ldapConfig, &ldapTableMapping, &config_info,
154 &ldapDBTableMapping);
155 else
156 rc = 0;
400 /* Close the /etc/default file */
401 defclose_r(defp);
402 }
403 return (rc);
404 }
405
406 static int
407 yp_parse_ldap_default_conf(
408 __nis_ldap_proxy_info *proxy_info,
409 __nis_config_t *nis_config,
410 __nis_config_info_t *config_info,
411 __nisdb_table_mapping_t *table_info)
412 {
413 int rc = 0;
414 char *ldap_config_attributes[n_config_keys];
415 char attr_buf[128];
416 char *attr;
417 char *attr_val;
418 int defflags;
419 config_key attrib_num;
420 int i, len;
421 void *defp;
422
423 if ((defp = defopen_r(YP_ETCCONFFILE)) != NULL) {
424 file_source = YP_ETCCONFFILE;
425 if (verbose)
426 report_info("default configuration values: ", NULL);
427 /* Set defread_r() to be case insensitive */
428 defflags = defcntl_r(DC_GETFLAGS, 0, defp);
429 TURNOFF(defflags, DC_CASE);
430 (void) defcntl_r(DC_SETFLAGS, defflags, defp);
431
432 get_attribute_list(proxy_info, nis_config, config_info,
433 table_info, ldap_config_attributes);
434 i = 0;
435 while ((attr = ldap_config_attributes[i++]) != NULL) {
436 if ((strlcpy(attr_buf, attr, sizeof (attr_buf))) >=
437 sizeof (attr_buf)) {
438 report_error(
439 "Static buffer attr_buf overflow", NULL);
440 defclose_r(defp);
634 * Parses the information for LDAP from a configuration
635 * file. If no file is specified, /var/yp/NISLDAPmapping
636 * is used
637 *
638 * RETURN VALUE: 0 on success, -1 on failure
639 *
640 * INPUT: configuration file name
641 */
642
643 int
644 yp_parse_ldap_config_file(
645 const char *config_file,
646 __nis_ldap_proxy_info *proxy_info,
647 __nis_config_t *nis_config,
648 __nis_table_mapping_t **table_mapping,
649 __nis_config_info_t *config_info,
650 __nisdb_table_mapping_t *table_info,
651 __yp_domain_context_t *ypDomains)
652 {
653 int rc = 0;
654 config_key attrib_num;
655 int fd;
656 char *attr_val = NULL;
657 int len;
658
659 if ((fd = open(config_file, O_RDONLY)) == -1) {
660 p_error = parse_open_file_error;
661 report_error(config_file, NULL);
662 return (-1);
663 }
664
665 start_line_num = 1;
666 cur_line_num = 1;
667
668 if (verbose)
669 report_info("Reading configuration from ", config_file);
670
671 file_source = config_file;
672 while ((attrib_num = get_file_attr_val(fd, &attr_val)) > 0) {
673 len = attr_val == NULL ? 0 : strlen(attr_val);
720 * Gets the next attribute from the configuration file.
721 *
722 * RETURN VALUE: The config key if more attributes
723 * no_more_keys if eof
724 * key_bad if error
725 */
726
727 static config_key
728 get_file_attr_val(int fd, char **attr_val)
729 {
730 char buf[BUFSIZE];
731 char *start_tag;
732 char *start_val;
733 char *end_val;
734 char *cut_here;
735 char *s;
736 char *a;
737 char *attribute_value;
738 int ret;
739 config_key attrib_num = no_more_keys;
740
741 *attr_val = NULL;
742
743 if ((ret = read_line(fd, buf, sizeof (buf))) > 0) {
744 for (s = buf; is_whitespace(*s); s++)
745 ;
746
747 start_tag = s;
748 while (*s != '\0' && !is_whitespace(*s))
749 s++;
750
751 if (verbose)
752 report_info("\t", start_tag);
753 attrib_num = get_attrib_num(start_tag, s - start_tag);
754 if (attrib_num == key_bad)
755 return (key_bad);
756
757 while (is_whitespace(*s))
758 s++;
759 if (*s == '\0')
794 }
795 if (cut_here != 0)
796 end_val = cut_here;
797
798 for (s = start_val; s < end_val; s++)
799 *a++ = *s;
800 *a++ = '\0';
801 }
802 if (ret == -1)
803 return (key_bad);
804
805 return (attrib_num);
806 }
807
808 static LDAP *
809 connect_to_ldap_config_server(
810 char *sever_name,
811 int server_port,
812 __nis_config_info_t *config_info)
813 {
814 LDAP *ld = NULL;
815 int ldapVersion = LDAP_VERSION3;
816 int derefOption = LDAP_DEREF_ALWAYS;
817 int timelimit = LDAP_NO_LIMIT;
818 int sizelimit = LDAP_NO_LIMIT;
819 int errnum;
820 bool_t retrying = FALSE;
821 int sleep_seconds = 1;
822 struct berval cred;
823
824 if (config_info->tls_method == no_tls) {
825 ld = ldap_init(sever_name, server_port);
826 if (ld == NULL) {
827 p_error = parse_ldap_init_error;
828 report_error(strerror(errno), NULL);
829 return (NULL);
830 }
831 } else {
832 if ((errnum = ldapssl_client_init(
833 config_info->tls_cert_db, NULL)) < 0) {
|