summaryrefslogtreecommitdiffstats
path: root/ldap_helper.c
diff options
context:
space:
mode:
Diffstat (limited to 'ldap_helper.c')
-rw-r--r--ldap_helper.c724
1 files changed, 449 insertions, 275 deletions
diff --git a/ldap_helper.c b/ldap_helper.c
index 526adfe..ac9be6e 100644
--- a/ldap_helper.c
+++ b/ldap_helper.c
@@ -49,6 +49,10 @@
#include "util.h"
+/* Max type length definitions, from lib/dns/master.c */
+#define MINTSIZ (65535 - 12 - 1 - 2 - 2 - 4 - 2)
+#define TOKENSIZ (8*1024)
+
/*
* LDAP related typedefs and structs.
*/
@@ -91,24 +95,6 @@ struct ldap_db {
ldap_auth_t auth_method;
};
-struct ldap_value {
- char *value;
- LINK(ldap_value_t) link;
-};
-
-struct ldap_attribute {
- char *name;
- char **ldap_values;
- ldap_value_list_t values;
- LINK(ldap_attribute_t) link;
-};
-
-struct ldap_entry {
- LDAPMessage *entry;
- ldap_attribute_list_t attributes;
- LINK(ldap_entry_t) link;
-};
-
struct ldap_instance {
ldap_db_t *database;
isc_mutex_t lock;
@@ -136,6 +122,27 @@ struct ldap_instance {
char *dn;
};
+struct ldap_entry {
+ LDAPMessage *entry;
+ ldap_attribute_t *last_attr;
+ ldap_attribute_list_t attributes;
+ LINK(ldap_entry_t) link;
+};
+
+struct ldap_attribute {
+ char *name;
+ char **ldap_values;
+ ldap_value_t *last_value;
+ ldap_value_list_t values;
+ LINK(ldap_attribute_t) link;
+};
+
+struct ldap_value {
+ char *value;
+ LINK(ldap_value_t) link;
+};
+
+
/*
* Constants.
*/
@@ -156,21 +163,38 @@ const ldap_auth_pair_t supported_ldap_auth[] = {
* Forward declarations.
*/
+/* TODO: reorganize this stuff & clean it up. */
static isc_result_t new_ldap_instance(ldap_db_t *ldap_db,
ldap_instance_t **ldap_instp);
static void destroy_ldap_instance(ldap_instance_t **ldap_instp);
static isc_result_t add_or_modify_zone(ldap_db_t *ldap_db, const char *dn,
const char *db_name, dns_zonemgr_t *zmgr);
-static ldap_instance_t * get_connection(ldap_db_t *ldap_db);
-static void put_connection(ldap_instance_t *ldap_inst);
-static isc_result_t ldap_connect(ldap_instance_t *ldap_inst);
-static isc_result_t ldap_query(ldap_instance_t *ldap_inst, int scope,
- char **attrs, int attrsonly, const char *filter, ...);
+static isc_result_t findrdatatype_or_create(isc_mem_t *mctx,
+ ldapdb_rdatalist_t *rdatalist, ldap_entry_t *entry,
+ dns_rdatatype_t rdtype, dns_rdatalist_t **rdlistp);
+static isc_result_t add_soa_record(isc_mem_t *mctx, ldap_instance_t *ldap_inst,
+ dns_name_t *name, ldap_entry_t *entry,
+ ldapdb_rdatalist_t *rdatalist);
+static dns_rdataclass_t get_rdataclass(ldap_entry_t *ldap_entry);
+static dns_ttl_t get_ttl(ldap_entry_t *ldap_entry);
+static isc_result_t get_values(const ldap_entry_t *entry,
+ const char *attr_name, ldap_value_list_t *values);
+static isc_result_t get_soa_record(ldap_entry_t *entry, ld_string_t *target);
+static ldap_attribute_t *get_next_attr(ldap_entry_t *entry,
+ const char **attr_list);
+static ldap_value_t *get_next_value(ldap_attribute_t *attr);
+static isc_boolean_t array_contains_nocase(const char **haystack,
+ const char *needle);
+static isc_result_t get_next_rdatatype(ldap_entry_t *entry,
+ ldap_attribute_t **attr, dns_rdatatype_t *rdtype);
+static isc_result_t get_next_rdatatext(ldap_attribute_t *attr,
+ ld_string_t *rdata_text);
+static isc_result_t parse_rdata(isc_mem_t *mctx, ldap_instance_t *ldap_inst,
+ dns_rdataclass_t rdclass, dns_rdatatype_t rdtype,
+ dns_name_t *origin, const char *rdata_text,
+ dns_rdata_t **rdatap);
-static ldap_attribute_t * next_named_attribute(ldap_attribute_t *ldap_attr,
- const char *name);
-static isc_result_t fill_cache_if_empty(ldap_instance_t *inst);
static isc_result_t cache_query_results(ldap_instance_t *inst);
static isc_result_t fill_ldap_entry(ldap_instance_t *inst,
ldap_entry_t *ldap_entry);
@@ -182,11 +206,15 @@ static void free_ldap_values(isc_mem_t *mctx, ldap_attribute_t *attr);
static const LDAPMessage *next_entry(ldap_instance_t *inst);
-static const char *next_attribute(ldap_instance_t *inst);
-static const char *get_attribute(ldap_instance_t *inst);
-static char **get_values(ldap_instance_t *inst);
static const char *get_dn(ldap_instance_t *inst);
+static ldap_instance_t * get_connection(ldap_db_t *ldap_db);
+static void put_connection(ldap_instance_t *ldap_inst);
+static isc_result_t ldap_connect(ldap_instance_t *ldap_inst);
+static isc_result_t ldap_query(ldap_instance_t *ldap_inst, const char *base,
+ int scope, char **attrs, int attrsonly, const char *filter, ...);
+
+
isc_result_t
new_ldap_db(isc_mem_t *mctx, dns_view_t *view, ldap_db_t **ldap_dbp,
const char * const *argv)
@@ -310,6 +338,9 @@ new_ldap_instance(ldap_db_t *ldap_db, ldap_instance_t **ldap_instp)
CHECK(str_new(ldap_db->mctx, &ldap_inst->query_string));
CHECK(str_new(ldap_db->mctx, &ldap_inst->base));
+ CHECK(isc_lex_create(ldap_db->mctx, TOKENSIZ, &ldap_inst->lex));
+ CHECKED_MEM_GET(ldap_db->mctx, ldap_inst->rdata_target_mem, MINTSIZ);
+
*ldap_instp = ldap_inst;
return ISC_R_SUCCESS;
@@ -335,6 +366,13 @@ destroy_ldap_instance(ldap_instance_t **ldap_instp)
str_destroy(&ldap_inst->query_string);
str_destroy(&ldap_inst->base);
+ if (ldap_inst->lex != NULL)
+ isc_lex_destroy(&ldap_inst->lex);
+ if (ldap_inst->rdata_target_mem != NULL) {
+ isc_mem_put(ldap_inst->database->mctx,
+ ldap_inst->rdata_target_mem, MINTSIZ);
+ }
+
isc_mem_put(ldap_inst->database->mctx, *ldap_instp, sizeof(ldap_instance_t));
*ldap_instp = NULL;
}
@@ -357,8 +395,8 @@ refresh_zones_from_ldap(ldap_db_t *ldap_db, const char *name,
ldap_inst = get_connection(ldap_db);
- ldap_query(ldap_inst, LDAP_SCOPE_SUBTREE, attrs, 0,
- "(objectClass=idnsZone)");
+ ldap_query(ldap_inst, str_buf(ldap_db->base), LDAP_SCOPE_SUBTREE,
+ attrs, 0, "(objectClass=idnsZone)");
while (next_entry(ldap_inst))
CHECK(add_or_modify_zone(ldap_db, get_dn(ldap_inst), name, zmgr));
@@ -371,6 +409,21 @@ cleanup:
return result;
}
+static const char *
+get_dn(ldap_instance_t *inst)
+{
+ if (inst->dn) {
+ ldap_memfree(inst->dn);
+ inst->dn = NULL;
+ }
+
+ if (inst->handle && inst->entry)
+ inst->dn = ldap_get_dn(inst->handle, inst->entry);
+
+ return inst->dn;
+
+}
+
static isc_result_t
add_or_modify_zone(ldap_db_t *ldap_db, const char *dn, const char *db_name,
dns_zonemgr_t *zmgr)
@@ -435,6 +488,53 @@ cleanup:
return result;
}
+static isc_result_t
+findrdatatype_or_create(isc_mem_t *mctx, ldapdb_rdatalist_t *rdatalist,
+ ldap_entry_t *entry, dns_rdatatype_t rdtype,
+ dns_rdatalist_t **rdlistp)
+{
+ isc_result_t result;
+ dns_rdatalist_t *rdlist = NULL;
+ dns_ttl_t ttl;
+
+ REQUIRE(rdatalist != NULL);
+ REQUIRE(entry != NULL);
+ REQUIRE(rdlistp != NULL);
+
+ *rdlistp = NULL;
+
+ ttl = get_ttl(entry);
+
+ result = ldapdb_rdatalist_findrdatatype(rdatalist, rdtype, &rdlist);
+ if (result != ISC_R_SUCCESS) {
+ CHECKED_MEM_GET_PTR(mctx, rdlist);
+
+ dns_rdatalist_init(rdlist);
+ rdlist->rdclass = get_rdataclass(entry);
+ rdlist->type = rdtype;
+ rdlist->ttl = ttl;
+ APPEND(*rdatalist, rdlist, link);
+ result = ISC_R_SUCCESS;
+ } else {
+ /*
+ * No support for different TTLs yet.
+ */
+ if (rdlist->ttl != ttl)
+ result = ISC_R_FAILURE;
+ }
+
+ *rdlistp = rdlist;
+ return ISC_R_SUCCESS;
+
+cleanup:
+ SAFE_MEM_PUT_PTR(mctx, rdlist);
+
+ return result;
+}
+
+/*
+ * ldapdb_rdatalist_t related functions.
+ */
isc_result_t
ldapdb_rdatalist_findrdatatype(ldapdb_rdatalist_t *rdatalist,
dns_rdatatype_t rdtype,
@@ -479,182 +579,350 @@ ldapdb_rdatalist_destroy(isc_mem_t *mctx, ldapdb_rdatalist_t *rdatalist)
}
isc_result_t
-ldapdb_rdatalist_get(isc_mem_t *mctx, dns_name_t *name,
+ldapdb_rdatalist_get(isc_mem_t *mctx, ldap_db_t *ldap_db, dns_name_t *name,
ldapdb_rdatalist_t *rdatalist)
{
-
- /* Max type length definitions, from lib/dns/master.c */
- #define MINTSIZ (65535 - 12 - 1 - 2 - 2 - 4 - 2)
- #define TOKENSIZ (8*1024) /* Could be smaller */
-
- isc_lex_t *lex = NULL;
isc_result_t result;
- isc_buffer_t target, lexbuffer;
- unsigned char *targetmem;
- isc_region_t rdatamem;
+ ldap_instance_t *ldap_inst;
+ ldap_entry_t *entry;
+ ldap_attribute_t *attr;
+ ld_string_t *string = NULL;
+
dns_rdataclass_t rdclass;
- dns_rdatatype_t rdtype;
- isc_textregion_t rdtype_text, rdclass_text, ttl_text, rdata_text;
dns_ttl_t ttl;
- isc_boolean_t seen_error = ISC_FALSE;
- dns_rdata_t *rdata;
+ dns_rdatatype_t rdtype;
+ dns_rdata_t *rdata = NULL;
dns_rdatalist_t *rdlist = NULL;
+ REQUIRE(mctx != NULL);
+ REQUIRE(ldap_db != NULL);
REQUIRE(name != NULL);
REQUIRE(rdatalist != NULL);
log_func_enter();
+ ldap_inst = get_connection(ldap_db);
+
+ INIT_LIST(*rdatalist);
+ CHECK(str_new(mctx, &string));
+ CHECK(dnsname_to_dn(mctx, name, str_buf(ldap_db->base), string));
+
+ CHECK(ldap_query(ldap_inst, str_buf(string), LDAP_SCOPE_BASE, NULL, 0,
+ "(objectClass=idnsRecord)"));
+ CHECK(cache_query_results(ldap_inst));
+
+ for (entry = HEAD(ldap_inst->ldap_entries);
+ entry != NULL;
+ entry = NEXT(entry, link)) {
+
+ result = add_soa_record(mctx, ldap_inst, name, entry,
+ rdatalist);
+ if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND)
+ goto cleanup;
+
+ rdclass = get_rdataclass(entry);
+ ttl = get_ttl(entry);
+
+ for (result = get_next_rdatatype(entry, &attr, &rdtype);
+ result == ISC_R_SUCCESS;
+ result = get_next_rdatatype(entry, &attr, &rdtype)) {
+
+ CHECK(findrdatatype_or_create(mctx, rdatalist, entry,
+ rdtype, &rdlist));
+ for (result = get_next_rdatatext(attr, string);
+ result == ISC_R_SUCCESS;
+ result = get_next_rdatatext(attr, string)) {
+ CHECK(parse_rdata(mctx, ldap_inst, rdclass,
+ rdtype, name, str_buf(string),
+ &rdata));
+ APPEND(rdlist->rdata, rdata, link);
+ rdata = NULL;
+ }
+ rdlist = NULL;
+ }
+ }
+
+ result = ISC_R_SUCCESS;
+
+cleanup:
+ put_connection(ldap_inst);
+ str_destroy(&string);
+
+ if (result != ISC_R_SUCCESS)
+ ldapdb_rdatalist_destroy(mctx, rdatalist);
+
+ return result;
+}
+
+static dns_rdataclass_t
+get_rdataclass(ldap_entry_t *ldap_entry)
+{
+ UNUSED(ldap_entry);
+
/*
- * Get info from ldap - name, type, class, TTL + value. Try avoid
- * ENOMEM as much as possible, if nothing found return ISC_R_NOTFOUND
+ * Not implemented for now.
+ * Probably won't ever be.
*/
- result = isc_lex_create(mctx, TOKENSIZ, &lex);
- if (result != ISC_R_SUCCESS)
- return result;
+ return dns_rdataclass_in;
+}
- targetmem = isc_mem_get(mctx, MINTSIZ);
- if (targetmem == NULL) {
- result = ISC_R_NOMEMORY;
- goto cleanup;
+static dns_ttl_t
+get_ttl(ldap_entry_t *ldap_entry)
+{
+ UNUSED(ldap_entry);
+
+ /*
+ * TODO: Not implemented yet.
+ */
+#if 0
+ isc_textregion_t ttl_text;
+
+ ttl_text.base = "86400";
+ ttl_text.length = strlen(ttl_text.base);
+ result = dns_ttl_fromtext(&ttl_text, &ttl);
+ if (result != ISC_R_SUCCESS) {
+ seen_error = ISC_TRUE;
+ break;
}
+#endif
- INIT_LIST(*rdatalist);
+ return 86400;
+}
- for (int i = 0; i < 1; i++) {
- /*
- * Note: if rdclass_text and rdtype_text are ttl_text are allocated
- * free() them correctly before break and before next iteration!
- */
- rdclass_text.base = "in";
- rdclass_text.length = strlen(rdclass_text.base);
- result = dns_rdataclass_fromtext(&rdclass, &rdclass_text);
- if (result != ISC_R_SUCCESS) {
- seen_error = ISC_TRUE;
- /* XXX write nice error message here */
- break;
- }
- /* Everything else than IN class is pretty bad */
- INSIST(rdclass == dns_rdataclass_in);
-
- //rdtype_text.base = "a";
- rdtype_text.base = "ns";
- rdtype_text.length = strlen(rdtype_text.base);
- result = dns_rdatatype_fromtext(&rdtype, &rdtype_text);
- if (result != ISC_R_SUCCESS) {
- seen_error = ISC_TRUE;
- /* XXX write something romantic here as well... */
- break;
- }
+static isc_result_t
+get_soa_record(ldap_entry_t *entry, ld_string_t *target)
+{
+ isc_result_t result;
+ ldap_value_list_t values;
- ttl_text.base = "86400";
- ttl_text.length = strlen(ttl_text.base);
- result = dns_ttl_fromtext(&ttl_text, &ttl);
- if (result != ISC_R_SUCCESS) {
- seen_error = ISC_TRUE;
- break;
- }
+ const char *soa_attrs[] = {
+ "idnsSOAmName", "idnsSOArName", "idnsSOAserial",
+ "idnsSOArefresh", "idnsSOAretry", "idnsSOAexpire",
+ "idnsSOAminimum", NULL
+ };
- /* put record in master file format here */
- //rdata_text.base = "192.168.1.1";
- rdata_text.base = "wolverine.englab.brq.redhat.com.";
- rdata_text.length = strlen(rdata_text.base);
+ REQUIRE(entry != NULL);
+ REQUIRE(target != NULL);
- isc_buffer_init(&lexbuffer, rdata_text.base, rdata_text.length);
- isc_buffer_add(&lexbuffer, rdata_text.length);
- isc_buffer_setactive(&lexbuffer, rdata_text.length);
+ str_clear(target);
+ for (unsigned i = 0; soa_attrs[i] != NULL; i++) {
+ CHECK(get_values(entry, soa_attrs[i], &values));
+ CHECK(str_cat_char(target, HEAD(values)->value));
+ CHECK(str_cat_char(target, " "));
+ }
- result = isc_lex_openbuffer(lex, &lexbuffer);
- if (result != ISC_R_SUCCESS) {
- seen_error = ISC_TRUE;
- break;
- }
+cleanup:
+ return result;
+}
+
+static isc_result_t
+add_soa_record(isc_mem_t *mctx, ldap_instance_t *ldap_inst, dns_name_t *name,
+ ldap_entry_t *entry, ldapdb_rdatalist_t *rdatalist)
+{
+ isc_result_t result;
+ ld_string_t *string = NULL;
+ dns_rdataclass_t rdclass;
+ dns_rdata_t *rdata = NULL;
+ dns_rdatalist_t *rdlist = NULL;
- isc_buffer_init(&target, targetmem, MINTSIZ);
+ CHECK(str_new(mctx, &string));
- /*
- * If ldap returns relative domain name then tune it here, via
- * "origin" parameter.
- *
- * We might want to use the last parameter - error callbacks but
- * use default ones for now.
- */
- result = dns_rdata_fromtext(NULL, rdclass, rdtype, lex, NULL,
- 0, mctx, &target, NULL);
+ CHECK(get_soa_record(entry, string));
+ rdclass = get_rdataclass(entry);
+
+ CHECK(get_soa_record(entry, string));
+ CHECK(parse_rdata(mctx, ldap_inst, rdclass, dns_rdatatype_soa, name,
+ str_buf(string), &rdata));
+
+ CHECK(findrdatatype_or_create(mctx, rdatalist, entry, dns_rdatatype_soa,
+ &rdlist));
+
+ APPEND(rdlist->rdata, rdata, link);
+
+cleanup:
+ str_destroy(&string);
+ if (result != ISC_R_SUCCESS)
+ SAFE_MEM_PUT_PTR(mctx, rdata);
+
+ return result;
+}
+
+static isc_result_t
+get_next_rdatatype(ldap_entry_t *entry, ldap_attribute_t **attrp,
+ dns_rdatatype_t *rdtype)
+{
+ isc_result_t result;
+ ldap_attribute_t *attr;
+
+ result = ISC_R_NOTFOUND;
- if (result != ISC_R_SUCCESS) {
- seen_error = ISC_TRUE;
+ for (attr = get_next_attr(entry, NULL);
+ attr != NULL;
+ attr = get_next_attr(entry, NULL)) {
+ result = ldap_record_to_rdatatype(attr->name, rdtype);
+ if (result == ISC_R_SUCCESS)
break;
- }
+ }
- result = isc_lex_close(lex);
- /* Use strong condition here, error is suspicious */
- INSIST(result == ISC_R_SUCCESS);
-
- /* Don't waste memory, use exact buffers for rdata */
- rdata = isc_mem_get(mctx, sizeof(*rdata));
- if (rdata == NULL)
- goto for_cleanup1;
- dns_rdata_init(rdata);
-
- rdatamem.length = isc_buffer_usedlength(&target);
- rdatamem.base = isc_mem_get(mctx, rdatamem.length);
- if (rdatamem.base == NULL)
- goto for_cleanup2;
-
- memcpy(rdatamem.base, isc_buffer_base(&target), rdatamem.length);
- dns_rdata_fromregion(rdata, rdclass, rdtype, &rdatamem);
-
- result = ldapdb_rdatalist_findrdatatype(rdatalist, rdtype,
- &rdlist);
-
- /* no rdata with rdtype exist in rdatalist => add it */
- if (result != ISC_R_SUCCESS) {
- rdlist = isc_mem_get(mctx, sizeof(*rdlist));
- if (rdlist == NULL)
- goto for_cleanup3;
-
- dns_rdatalist_init(rdlist);
- rdlist->rdclass = rdclass;
- rdlist->type = rdtype;
- rdlist->ttl = ttl;
- APPEND(*rdatalist, rdlist, link);
- result = ISC_R_SUCCESS;
- } else {
- /*
- * Use strong condition here, we are not allowing
- * different TTLs for one name.
- */
- INSIST(rdlist->ttl == ttl);
- }
+ if (result == ISC_R_SUCCESS)
+ *attrp = attr;
+ else if (result == ISC_R_NOTFOUND)
+ *attrp = NULL;
+
+ return result;
+}
- APPEND(rdlist->rdata, rdata, link);
+static isc_result_t
+get_next_rdatatext(ldap_attribute_t *attr, ld_string_t *rdata_text)
+{
+ ldap_value_t *value;
- continue;
+ REQUIRE(attr != NULL);
+ REQUIRE(rdata_text != NULL);
-for_cleanup3:
- isc_mem_put(mctx, rdatamem.base, rdatamem.length);
-for_cleanup2:
+ str_clear(rdata_text);
+
+ value = get_next_value(attr);
+ if (value == NULL)
+ return ISC_R_NOTFOUND;
+
+ str_init_char(rdata_text, value->value);
+
+ return ISC_R_SUCCESS;
+}
+
+static isc_result_t
+parse_rdata(isc_mem_t *mctx, ldap_instance_t *ldap_inst,
+ dns_rdataclass_t rdclass, dns_rdatatype_t rdtype,
+ dns_name_t *origin, const char *rdata_text, dns_rdata_t **rdatap)
+{
+ isc_result_t result;
+ isc_consttextregion_t text;
+ isc_buffer_t lex_buffer;
+ isc_region_t rdatamem;
+ dns_rdata_t *rdata;
+
+ REQUIRE(mctx != NULL);
+ REQUIRE(ldap_inst != NULL);
+ REQUIRE(rdata_text != NULL);
+ REQUIRE(rdatap != NULL);
+
+ rdata = NULL;
+ rdatamem.base = NULL;
+
+ text.base = rdata_text;
+ text.length = strlen(text.base);
+
+ isc_buffer_init(&lex_buffer, text.base, text.length);
+ isc_buffer_add(&lex_buffer, text.length);
+ isc_buffer_setactive(&lex_buffer, text.length);
+
+ CHECK(isc_lex_openbuffer(ldap_inst->lex, &lex_buffer));
+
+ isc_buffer_init(&ldap_inst->rdata_target, ldap_inst->rdata_target_mem,
+ MINTSIZ);
+ CHECK(dns_rdata_fromtext(NULL, rdclass, rdtype, ldap_inst->lex, origin,
+ 0, mctx, &ldap_inst->rdata_target, NULL));
+
+ CHECKED_MEM_GET_PTR(mctx, rdata);
+ dns_rdata_init(rdata);
+
+ rdatamem.length = isc_buffer_usedlength(&ldap_inst->rdata_target);
+ CHECKED_MEM_GET(mctx, rdatamem.base, rdatamem.length);
+
+ memcpy(rdatamem.base, isc_buffer_base(&ldap_inst->rdata_target),
+ rdatamem.length);
+ dns_rdata_fromregion(rdata, rdclass, rdtype, &rdatamem);
+
+ isc_lex_close(ldap_inst->lex);
+
+ *rdatap = rdata;
+ return ISC_R_SUCCESS;
+
+cleanup:
+ isc_lex_close(ldap_inst->lex);
+ if (rdata != NULL)
isc_mem_put(mctx, rdata, sizeof(*rdata));
-for_cleanup1:
- result = ISC_R_NOMEMORY;
- seen_error = ISC_TRUE;
- break;
+ if (rdatamem.base != NULL)
+ isc_mem_put(mctx, rdatamem.base, rdatamem.length);
+
+ return result;
+}
+
+static ldap_attribute_t *
+get_next_attr(ldap_entry_t *entry, const char **attr_list)
+{
+ ldap_attribute_t *attr;
+
+ REQUIRE(entry != NULL);
+
+ if (entry->last_attr == NULL)
+ attr = HEAD(entry->attributes);
+ else
+ attr = NEXT(entry->last_attr, link);
+
+ if (attr_list != NULL) {
+ while (attr != NULL && !array_contains_nocase(attr_list, attr->name))
+ attr = NEXT(attr, link);
}
- if (seen_error == ISC_TRUE)
- ldapdb_rdatalist_destroy(mctx, rdatalist);
+ if (attr != NULL)
+ entry->last_attr = attr;
-cleanup:
- isc_mem_put(mctx, targetmem, MINTSIZ);
- isc_lex_destroy(&lex);
+ return attr;
+}
- log_func_exit_result(result);
+static isc_result_t
+get_values(const ldap_entry_t *entry, const char *attr_name,
+ ldap_value_list_t *values)
+{
+ ldap_attribute_t *attr;
+
+ REQUIRE(entry != NULL);
+ REQUIRE(attr_name != NULL);
+ REQUIRE(values != NULL);
+
+ for (attr = HEAD(entry->attributes);
+ attr != NULL;
+ attr = NEXT(attr, link)) {
+ if (!strcasecmp(attr->name, attr_name)) {
+ *values = attr->values;
+ return ISC_R_SUCCESS;
+ }
+ }
- return result;
+ return ISC_R_NOTFOUND;
}
+static ldap_value_t *
+get_next_value(ldap_attribute_t *attr)
+{
+ ldap_value_t *value;
+
+ REQUIRE(attr != NULL);
+
+ if (attr->last_value == NULL)
+ value = HEAD(attr->values);
+ else
+ value = NEXT(attr->last_value, link);
+
+ if (value != NULL)
+ attr->last_value = value;
+
+ return value;
+}
+
+static isc_boolean_t
+array_contains_nocase(const char **haystack, const char *needle)
+{
+ for (unsigned int i = 0; haystack[i] != NULL; i++) {
+ if (strcasecmp(needle, haystack[i]) == 0)
+ return isc_boolean_true;
+ }
+
+ return isc_boolean_false;
+}
static ldap_instance_t *
get_connection(ldap_db_t *ldap_db)
@@ -710,7 +978,7 @@ put_connection(ldap_instance_t *ldap_inst)
static isc_result_t
-ldap_query(ldap_instance_t *ldap_inst, int scope, char **attrs,
+ldap_query(ldap_instance_t *ldap_inst, const char *base, int scope, char **attrs,
int attrsonly, const char *filter, ...)
{
va_list ap;
@@ -720,11 +988,11 @@ ldap_query(ldap_instance_t *ldap_inst, int scope, char **attrs,
str_vsprintf(ldap_inst->query_string, filter, ap);
va_end(ap);
- log_debug(2, "querying '%s' with '%s'", str_buf(ldap_inst->base),
+ log_debug(2, "querying '%s' with '%s'", base,
str_buf(ldap_inst->query_string));
- ret = ldap_search_ext_s(ldap_inst->handle, str_buf(ldap_inst->base),
- scope, str_buf(ldap_inst->query_string), attrs,
+ ret = ldap_search_ext_s(ldap_inst->handle, base, scope,
+ str_buf(ldap_inst->query_string), attrs,
attrsonly, NULL, NULL, NULL, LDAP_NO_LIMIT,
&ldap_inst->result);
@@ -734,33 +1002,6 @@ ldap_query(ldap_instance_t *ldap_inst, int scope, char **attrs,
return ISC_R_SUCCESS;
}
-static ldap_attribute_t *
-next_named_attribute(ldap_attribute_t *ldap_attr, const char *name)
-{
- ldap_attribute_t *iterator;
-
- REQUIRE(ldap_attr != NULL);
- REQUIRE(name != NULL);
-
- iterator = NEXT(ldap_attr, link);
- while (iterator != NULL) {
- if (strcasecmp(name, iterator->name) == 0)
- return iterator;
- iterator = NEXT(iterator, link);
- }
-
- return NULL;
-}
-
-static isc_result_t
-fill_cache_if_empty(ldap_instance_t *inst)
-{
- if (inst->cache_active)
- return ISC_R_SUCCESS;
-
- return cache_query_results(inst);
-}
-
static isc_result_t
cache_query_results(ldap_instance_t *inst)
{
@@ -774,6 +1015,8 @@ cache_query_results(ldap_instance_t *inst)
REQUIRE(EMPTY(inst->ldap_entries));
REQUIRE(inst->result != NULL);
+ log_func_enter();
+
INIT_LIST(inst->ldap_entries);
if (inst->cache_active)
@@ -796,11 +1039,13 @@ cache_query_results(ldap_instance_t *inst)
APPEND(inst->ldap_entries, ldap_entry, link);
}
+ log_func_exit_result(ISC_R_SUCCESS);
return ISC_R_SUCCESS;
cleanup:
free_query_cache(inst);
+ log_func_exit_result(result);
return result;
}
@@ -816,6 +1061,8 @@ fill_ldap_entry(ldap_instance_t *inst, ldap_entry_t *ldap_entry)
REQUIRE(inst != NULL);
REQUIRE(ldap_entry != NULL);
+ log_func_enter();
+
result = ISC_R_SUCCESS;
entry = ldap_entry->entry;
@@ -841,6 +1088,7 @@ cleanup:
free_ldap_attributes(inst->database->mctx, ldap_entry);
}
+ log_func_exit_result(result);
return result;
}
@@ -875,6 +1123,7 @@ cleanup:
free_ldap_values(inst->database->mctx, ldap_attr);
ldap_value_free(values);
+ log_func_exit_result(result);
return result;
}
@@ -926,6 +1175,7 @@ free_ldap_values(isc_mem_t *mctx, ldap_attribute_t *attr)
}
}
+/* FIXME: this function is obsolete, remove. */
static const LDAPMessage *
next_entry(ldap_instance_t *inst)
{
@@ -944,82 +1194,6 @@ next_entry(ldap_instance_t *inst)
return inst->entry;
}
-static const char *
-next_attribute(ldap_instance_t *inst)
-{
- if (inst->attribute) {
- ldap_memfree(inst->attribute);
- inst->attribute = NULL;
- }
-
- if (inst->handle && inst->entry && inst->ber)
- inst->attribute = ldap_next_attribute(inst->handle, inst->entry,
- inst->ber);
- else if (inst->handle && inst->entry)
- inst->attribute = ldap_first_attribute(inst->handle, inst->entry,
- &inst->ber);
-
- return inst->attribute;
-}
-
-static const char *
-get_attribute(ldap_instance_t *inst)
-{
- return inst->attribute;
-}
-
-static char **
-get_values(ldap_instance_t *inst)
-{
- if (inst->values) {
- ldap_value_free(inst->values);
- inst->values = NULL;
- }
-
- if (inst->handle && inst->entry && inst->attribute)
- inst->values = ldap_get_values(inst->handle, inst->entry,
- inst->attribute);
-
- return inst->values;
-}
-
-static const char *
-get_dn(ldap_instance_t *inst)
-{
- if (inst->dn) {
- ldap_memfree(inst->dn);
- inst->dn = NULL;
- }
-
- if (inst->handle && inst->entry)
- inst->dn = ldap_get_dn(inst->handle, inst->entry);
-
- return inst->dn;
-
-}
-
-#if 0
-static const char *
-next_value(ldap_instance_t *inst)
-{
- if (inst->values == NULL)
- get_values(inst);
-
- if (inst->values[inst->value_cnt])
- inst->value_cnt++;
-
- return inst->values[inst->value_cnt - 1];
-}
-
-static const char *
-get_value(ldap_instance_t *inst)
-{
- if (inst->values)
- return inst->values[inst->value_cnt - 1];
- else
- return NULL;
-}
-#endif
static isc_result_t
ldap_connect(ldap_instance_t *ldap_inst)
generated by cgit (git 2.34.1) at 2025-07-03 16:41:28 +0000