diff options
Diffstat (limited to 'pki/base/migrate/TpsTo80')
| -rw-r--r-- | pki/base/migrate/TpsTo80/Makefile | 36 | ||||
| -rwxr-xr-x | pki/base/migrate/TpsTo80/linux/migrateTPSData.i386 | bin | 0 -> 10408 bytes | |||
| -rwxr-xr-x | pki/base/migrate/TpsTo80/linux/migrateTPSData.x86_64 | bin | 0 -> 12616 bytes | |||
| -rw-r--r-- | pki/base/migrate/TpsTo80/migrateTPSData.c | 501 | ||||
| -rw-r--r-- | pki/base/migrate/TpsTo80/readme | 44 | ||||
| -rwxr-xr-x | pki/base/migrate/TpsTo80/solaris/migrateTPSData.sol9sparc | bin | 0 -> 15712 bytes |
6 files changed, 581 insertions, 0 deletions
diff --git a/pki/base/migrate/TpsTo80/Makefile b/pki/base/migrate/TpsTo80/Makefile new file mode 100644 index 000000000..99c0d275c --- /dev/null +++ b/pki/base/migrate/TpsTo80/Makefile @@ -0,0 +1,36 @@ +OS_ARCH := $(subst /,_,$(shell uname -s)) + +ifeq ($(OS_ARCH), Linux) + CC = gcc + CFLAGS = -g + LDFLAGS = -s -lldif60 -lplc4 -lplds4 -lnspr4 +else +ifeq ($(OS_ARCH), SunOS) + CC = cc + LINTFLAGS = -c + CFLAGS = -dalign -xO2 -xarch=v9 -DSOLARIS + INCLUDE_PATH = -I/usr/include/dirsec + LDFLAGS = -s -L/usr/lib/64 -lldif60 -L/usr/lib/64/dirsec -R/usr/lib/64/dirsec -lplc4 -lplds4 -lnspr4 +endif # SunOS +endif # Linux + +OBJS = migrateTPSData.o + +SRCS = migrateTPSData.c + +all: migrateTPSData + +$(OBJS): $(SRCS) + $(CC) $(CFLAGS) $(INCLUDE_PATH) -c $< \ + -o $*.o + +migrateTPSData: $(OBJS) + $(CC) $(CFLAGS) -o $@ $(OBJS) $(LDFLAGS) + +lint: $(SRCS) + lint $(LINTFLAGS) $(CFLAGS) $(INCLUDE_PATH) $(SRCS) + +clean: + -rm migrateTPSData.ln + -rm migrateTPSData.o + -rm migrateTPSData diff --git a/pki/base/migrate/TpsTo80/linux/migrateTPSData.i386 b/pki/base/migrate/TpsTo80/linux/migrateTPSData.i386 Binary files differnew file mode 100755 index 000000000..9fd4b3906 --- /dev/null +++ b/pki/base/migrate/TpsTo80/linux/migrateTPSData.i386 diff --git a/pki/base/migrate/TpsTo80/linux/migrateTPSData.x86_64 b/pki/base/migrate/TpsTo80/linux/migrateTPSData.x86_64 Binary files differnew file mode 100755 index 000000000..d89125c7e --- /dev/null +++ b/pki/base/migrate/TpsTo80/linux/migrateTPSData.x86_64 diff --git a/pki/base/migrate/TpsTo80/migrateTPSData.c b/pki/base/migrate/TpsTo80/migrateTPSData.c new file mode 100644 index 000000000..a4cf340ab --- /dev/null +++ b/pki/base/migrate/TpsTo80/migrateTPSData.c @@ -0,0 +1,501 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This library is free software; you can redistribute it and/or +// modify it under the terms of the GNU Lesser General Public +// License as published by the Free Software Foundation; +// version 2.1 of the License. +// +// This library is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +// Lesser General Public License for more details. +// +// You should have received a copy of the GNU Lesser General Public +// License along with this library; if not, write to the Free Software +// Foundation, Inc., 51 Franklin Street, Fifth Floor, +// Boston, MA 02110-1301 USA +// +// Copyright (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- + +#include <sys/types.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#ifdef SOLARIS +#include <mozldap6/ldif.h> +#else +#include <mozldap/ldif.h> +#endif +#include <ctype.h> +#include <nspr4/nspr.h> +#include <nspr4/plstr.h> +#include <nspr4/plhash.h> +#include <nspr4/prmem.h> +#include <nspr4/prprf.h> +#include <nspr4/prsystem.h> +#include <errno.h> +#include <string.h> + +#define SHORT_LEN 512 +#define NO_TOKEN_TYPE "no_token_type" + +static PLHashTable *token_set; +static FILE *infile; +static FILE *outfile; + +/* hash functions */ +static PR_CALLBACK void* +_AllocTable(void* pool, PRSize size) +{ + return PR_MALLOC(size); +} + +static PR_CALLBACK void +_FreeTable(void* pool, void* item) +{ + PR_DELETE(item); +} + +static PR_CALLBACK PLHashEntry* +_AllocEntry(void* pool, const void* key) +{ + return PR_NEW(PLHashEntry); +} + +static PR_CALLBACK void +_FreeEntry(void* pool, PLHashEntry* he, PRUintn flag) +{ + if( he == NULL ) { + return; + } + + if (flag == HT_FREE_VALUE) { + if( he->value != NULL ) { + PL_strfree( ( char* ) he->value ); + he->value = NULL; + } + } else if (flag == HT_FREE_ENTRY) { + if( he->key != NULL ) { + PL_strfree( ( char* ) he->key ); + he->key = NULL; + } + if( he->value != NULL ) { + PL_strfree( ( char* ) he->value ); + he->value = NULL; + } + PR_DELETE(he); + } +} + +static PLHashAllocOps _AllocOps = { + _AllocTable, + _FreeTable, + _AllocEntry, + _FreeEntry +}; + +/* utility functions */ +#ifdef SOLARIS +void do_free(char * buf) +{ + if (buf != NULL) { + PR_Free(buf); + buf = NULL; + } +} +#else +inline void do_free(char * buf) +{ + if (buf != NULL) { + PR_Free(buf); + buf = NULL; + } +} +#endif + + + +char *get_field( char *s, char* fname, int len) +{ + char *end = NULL; + int n; + + if( ( s = PL_strstr( s, fname ) ) == NULL ) { + return NULL; + } + + s += strlen(fname); + end = PL_strchr( s, ' ' ); + + if( end != NULL ) { + n = end - s; + } else { + n = PL_strlen( s ); + } + + if (n == 0) { + return NULL; + } else if (n > len) { + /* string too long */ + return NULL; + } else { + return PL_strndup( s, n ); + } +} + +/* + * Read the ldif, munge the entry and write to output. + */ +int read_and_modify_ldif() { + // user changes + static char agent_entry[] = "dn: cn=TUS Agents,ou=Groups"; + static int agent_ent_len = sizeof(agent_entry)-1; + static char admin_entry[] = "dn: cn=TUS Adminstrators,ou=Groups"; + static int admin_ent_len = sizeof(admin_entry)-1; + static char operator_entry[] = "dn: cn=TUS Officers,ou=Groups"; + static int operator_ent_len = sizeof(operator_entry)-1; + static char user_entry[] = "ou=People"; + + // token changes + static char token_entry[] = "ou=Tokens"; + + // activity changes + static char activity_entry[] = "ou=Activities"; + + char *entry = 0; + int lineno = 0; + + while ((entry = ldif_get_entry(infile, &lineno))) { + char *begin = entry; + + if (!PL_strncasecmp(entry, agent_entry, agent_ent_len)) { + process_agent_entry(entry); + } else if (!PL_strncasecmp(entry, admin_entry, admin_ent_len)) { + process_admin_entry(entry); + } else if (!PL_strncasecmp(entry, operator_entry, operator_ent_len)) { + process_operator_entry(entry); + } else if (PL_strstr(entry, token_entry) != NULL) { + process_token_entry(entry); + } else if (PL_strstr(entry, activity_entry) != NULL) { + process_activity_entry(entry); + } else if ((PL_strstr(entry, user_entry) != NULL) && + (PL_strstr(entry, "objectClass: organizationalunit") == NULL)) { + process_user_entry(entry); + } else { + process_unchanged_entry(entry); + fprintf(outfile, "\n"); + } + free(begin); + } + return 0; +} + +/** + * read the file, parse the activity records + * record the tokenTypes found for later use + */ +int parse_ldif_activities() { + // activity changes + static char activity_entry[] = "ou=Activities"; + + char *entry = 0; + int lineno = 0; + + while ((entry = ldif_get_entry(infile, &lineno))) { + char *begin = entry; + if (PL_strstr(entry, activity_entry) != NULL) { + parse_activity_entry(entry); + } + free(begin); + } + return 0; +} + +int parse_activity_entry(char* entry) { + static char tokenMsg_attr[] = "tokenMsg"; + static char tokenid_attr[] = "tokenID"; + char *line = entry; + char *tokenType = NULL; + char *cuid = NULL; + while ((line = ldif_getline(&entry))) { + char *type, *value; + int vlen = 0; + int rc; + + if ( *line == '\n' || *line == '\0' ) { + break; + } + + /* this call modifies line */ + rc = ldif_parse_line(line, &type, &value, &vlen); + if (rc != 0) { + printf("Unknown error processing ldif entry: %s\n", entry); + } else { + if (!PL_strncasecmp(type, tokenMsg_attr, SHORT_LEN)) { + tokenType = get_field(value, "tokenType=",SHORT_LEN); + } else if (!PL_strncasecmp(type, tokenid_attr, SHORT_LEN)) { + cuid = PL_strdup(value); + } + } + } + + if ((tokenType != NULL) && (cuid != NULL)) { + if ((char *) PL_HashTableLookupConst(token_set, cuid) == NULL) { + PL_HashTableAdd(token_set, PL_strdup(cuid), PL_strdup(tokenType)); + //printf("Adding entry: %s %s to hash\n", cuid, tokenType); + } + } + do_free(cuid); + do_free(tokenType); + return 0; +} + + + +/* change uniqueMember -> member */ +int process_agent_entry(char* entry) { + static char member_attr[] = "uniqueMember"; + + char *line = entry; + while ((line = ldif_getline(&entry))) { + char *type, *value; + int vlen = 0; + int rc; + + if ( *line == '\n' || *line == '\0' ) { + break; + } + + /* this call modifies line */ + rc = ldif_parse_line(line, &type, &value, &vlen); + if (rc != 0) { + printf("Unknown error processing ldif entry: %s\n", entry); + } else { + if (!PL_strncasecmp(type, member_attr, SHORT_LEN)) { + fprintf(outfile, "member: %s\n", value); + } else if ((!PL_strncasecmp(type, "objectClass", SHORT_LEN)) && (!PL_strncasecmp(value, "groupOfUniqueNames", SHORT_LEN))) { + fprintf(outfile, "objectClass: groupOfNames\n"); + } else { + fprintf(outfile, "%s", ldif_type_and_value(type, value, vlen)); + } + } + } + fprintf(outfile, "\n"); + return 0; +} + +/* same as agent */ +int process_operator_entry(char* entry) { + return process_agent_entry(entry); +} + +/* change uniqueMember -> member + * change typo in dn + */ +int process_admin_entry(char* entry) { + static char member_attr[] = "uniqueMember"; + static char dn_attr[] = "dn"; + + char *line = entry; + while ((line = ldif_getline(&entry))) { + char *type, *value; + int vlen = 0; + int rc; + + if ( *line == '\n' || *line == '\0' ) { + break; + } + + /* this call modifies line */ + rc = ldif_parse_line(line, &type, &value, &vlen); + if (rc != 0) { + printf("Unknown error processing ldif entry: %s", entry); + } else { + if (!PL_strncasecmp(type, member_attr, SHORT_LEN)) { + fprintf(outfile, "member: %s\n", value); + } else if (!PL_strncasecmp(type, dn_attr, SHORT_LEN)) { + int rep_size = PL_strlen("cn=TUS Adminstrators,ou=Groups,"); + fprintf(outfile, "dn: cn=TUS Administrators,ou=Groups,%s\n", value + rep_size); + } else if ((!PL_strncasecmp(type, "objectClass", SHORT_LEN)) && (!PL_strncasecmp(value, "groupOfUniqueNames", SHORT_LEN))) { + fprintf(outfile, "objectClass: groupOfNames\n"); + } else { + fprintf(outfile, "%s", ldif_type_and_value(type, value, vlen)); + } + } + } + fprintf(outfile, "\n"); + return 0; +} + +int process_user_entry(char *entry) { + process_unchanged_entry(entry); + fprintf(outfile, "objectClass: tpsProfileId\n"); + fprintf(outfile, "profileID: All Profiles\n"); + fprintf(outfile, "\n"); + return 0; +} + +int process_unchanged_entry(char *entry) { + char *line = entry; + while ((line = ldif_getline(&entry))) { + char *type, *value; + int vlen = 0; + int rc; + + if ( *line == '\n' || *line == '\0' ) { + break; + } + + /* this call modifies line */ + rc = ldif_parse_line(line, &type, &value, &vlen); + if (rc != 0) { + printf("Unknown error processing ldif entry: %s\n", entry); + } else { + fprintf(outfile, "%s", ldif_type_and_value(type, value, vlen)); + } + } + return 0; +} + +int process_activity_entry(char *entry) { + static char tokenmsg_attr[] = "tokenMsg"; + static char tokenid_attr[] = "tokenID"; + char *line = entry; + char *tokenType = NULL; + char *cuid = NULL; + char *dn = NULL; + while ((line = ldif_getline(&entry))) { + char *type, *value; + int vlen = 0; + int rc; + + if ( *line == '\n' || *line == '\0' ) { + break; + } + + /* this call modifies line */ + rc = ldif_parse_line(line, &type, &value, &vlen); + if (rc != 0) { + printf("Unknown error processing ldif entry: %s\n", entry); + } else { + fprintf(outfile, "%s", ldif_type_and_value(type, value, vlen)); + + if (!PL_strncasecmp(type, tokenmsg_attr, SHORT_LEN)) { + tokenType = get_field(value, "tokenType=",SHORT_LEN); + if (tokenType != NULL) { + fprintf(outfile, "tokenType: %s\n", tokenType); + } + } else if (!PL_strncasecmp(type, tokenid_attr, SHORT_LEN)) { + cuid = PL_strdup(value); + } else if (!PL_strncasecmp(type, tokenid_attr, SHORT_LEN)) { + dn = PL_strdup(value); + } + } + } + + if ((tokenType == NULL) && (cuid!= NULL)) { + // check hash for a value + if (PL_HashTableLookupConst(token_set, cuid) != NULL) { + fprintf(outfile, "tokenType: %s\n", (char *) PL_HashTableLookupConst(token_set, cuid)); + } else { + fprintf(outfile, "tokenType: %s\n", NO_TOKEN_TYPE); + // log error here - unable to set token type using dn + } + } + fprintf(outfile, "\n"); + do_free(cuid); + do_free(dn); + do_free(tokenType); + + return 0; +} + +int process_token_entry(char* entry) { + static char cn_attr[] = "cn"; + static char dn_attr[] = "dn"; + char *line = entry; + char *tokenType = NULL; + char *dn = NULL; + while ((line = ldif_getline(&entry))) { + char *type, *value; + int vlen = 0; + int rc; + + if ( *line == '\n' || *line == '\0' ) { + break; + } + + /* this call modifies line */ + rc = ldif_parse_line(line, &type, &value, &vlen); + if (rc != 0) { + printf("Unknown error processing ldif entry: %s\n", entry); + } else { + fprintf(outfile, "%s", ldif_type_and_value(type, value, vlen)); + + if (!PL_strncasecmp(type, cn_attr, SHORT_LEN)) { + if (value != NULL) { + tokenType = (char *) PL_HashTableLookupConst(token_set, value); + } + if (tokenType != NULL) { + fprintf(outfile, "tokenType: %s\n", tokenType); + } else { + fprintf(outfile, "tokenType: %s\n", NO_TOKEN_TYPE); + } + } else if (!PL_strncasecmp(type, dn_attr, SHORT_LEN)) { + dn = PL_strdup(value); + } + } + } + if ((tokenType == NULL) && (dn != NULL)) { + //log the error + } + fprintf(outfile, "\n"); + do_free(dn); + return 0; +} + + +int main (int argc, char *argv[]) { + char *in_fname = NULL; + char *out_fname = NULL; + + if (argc < 3) { + printf ("Usage:\n %s infile outfile\n", argv[0]); + return 1; + } + + in_fname = argv[1]; + infile = fopen(in_fname, "r"); + if (infile == NULL) { + perror("Error opening input file"); + return 1; + } + + out_fname = argv[2]; + outfile = fopen(out_fname, "w"); + if (outfile == NULL) { + perror("Error opening output file"); + return 1; + } + + //declare hash + token_set = PL_NewHashTable(3, PL_HashString, + PL_CompareStrings, PL_CompareValues, + &_AllocOps, NULL); + + printf("Parsing LDIF file for Token Activities\n"); + parse_ldif_activities(); + rewind(infile); + + printf("Parsing old LDIF file, and creating new LDIF file\n\n"); + read_and_modify_ldif(); + + printf("Operation is complete.\nA new LDIF file has been written at %s, \n", out_fname); + printf("to be imported into the database of your new TPS. \nPlease attend to any errors reported.\n\n"); + + fclose(infile); + fclose(outfile); + return 0; +} + diff --git a/pki/base/migrate/TpsTo80/readme b/pki/base/migrate/TpsTo80/readme new file mode 100644 index 000000000..aa98de930 --- /dev/null +++ b/pki/base/migrate/TpsTo80/readme @@ -0,0 +1,44 @@ +Date + + Tue May 12 14:37:14 EDT 2009 + +Version + + CMS 8.0 + +Overview + + In CMS8.0, the database schema for the TPS has changed. The following + changes were made: + 1. The objectclass of the LDAP groups TUS Administrators, TUS Agents and TUS Officers has been + changed from groupOfUniqueNames to groupOfNames. This also means that the attribute "uniqueMember" + must change to "member". + 2. The dn of the TUS Administrators group was originally misspelled. This has been fixed. + 3. A tokenType field has been added to the tokenRecord and tokenActivity tables. + 4. Users that have administrator, admin or officer access to the TUS are stored under ou=People, $basedn. + These users now require an auxilliary class tpsProfileId to be added, with the attribute profileID. + This multi-valued attribute profileID contains profiles for which this user has access in the TPS UI + pages. See the admin guide for more details. Because the previous versions of the TPS allowed + access to all profiles, a value for "All Profiles" will be added for all users by the migrateTpsData + program. If this is not desired, change the access of specific users using the UI. + +Program + + migrateTpsData(.x86_64 or .i386) will perform the above operations on an LDIF file and create a new + output LDIF file with the appropriate data to be imported into the new TPS instance. The input LDIF + file can be generated by running db2ldif on the old database for suffix containing the TPS data. + + The program requires two arguments - the location of the LDIF file containing a dump of the old data, + and the location of the output file. + + Any errors reported by the program should be investigated and fixed in the output LDIF file. Once + this file is corrected, it can be imported into the new TPS database. + + Note: This program should be run to migrate data into a configured TPS system. + +Example + + Here is an example of migrateTpsData usage + (for x86_64) + migrateTpsData.x86_64 old.ldif new.ldif + diff --git a/pki/base/migrate/TpsTo80/solaris/migrateTPSData.sol9sparc b/pki/base/migrate/TpsTo80/solaris/migrateTPSData.sol9sparc Binary files differnew file mode 100755 index 000000000..082201859 --- /dev/null +++ b/pki/base/migrate/TpsTo80/solaris/migrateTPSData.sol9sparc |