xref: /titanic_52/usr/src/cmd/ldap/common/ldaptest.c (revision c2580b931007758eab8cb5ae8726ebe1588e259b)
1 /*
2  *
3  * Portions Copyright %G% Sun Microsystems, Inc. All Rights Reserved
4  *
5  */
6 
7 #pragma ident	"%Z%%M%	%I%	%E% SMI"
8 
9 #include <stdio.h>
10 #include <ctype.h>
11 #include <string.h>
12 #include <sys/types.h>
13 #include <sys/socket.h>
14 #include <sys/time.h>
15 #include <sys/stat.h>
16 #include <sys/file.h>
17 #include <fcntl.h>
18 #include <unistd.h>
19 
20 #include "lber.h"
21 #include "ldap.h"
22 
23 #define MOD_USE_BVALS
24 
25 #ifdef NEEDPROTOS
26 static void handle_result( LDAP *ld, LDAPMessage *lm );
27 static void print_ldap_result( LDAP *ld, LDAPMessage *lm, char *s );
28 static void print_search_entry( LDAP *ld, LDAPMessage *res );
29 static void free_list( char **list );
30 #else
31 static void handle_result();
32 static void print_ldap_result();
33 static void print_search_entry();
34 static void free_list();
35 #endif /* NEEDPROTOS */
36 
37 #define NOCACHEERRMSG	"don't compile with -DNO_CACHE if you desire local caching"
38 
39 char *dnsuffix;
40 
41 static char *
42 getline( char *line, int len, FILE *fp, char *prompt )
43 {
44 	printf(prompt);
45 
46 	if ( fgets( line, len, fp ) == NULL )
47 		return( NULL );
48 
49 	line[ strlen( line ) - 1 ] = '\0';
50 
51 	return( line );
52 }
53 
54 static char **
55 get_list( char *prompt )
56 {
57 	static char	buf[256];
58 	int		num;
59 	char		**result;
60 
61 	num = 0;
62 	result = (char **) 0;
63 	while ( 1 ) {
64 		getline( buf, sizeof(buf), stdin, prompt );
65 
66 		if ( *buf == '\0' )
67 			break;
68 
69 		if ( result == (char **) 0 )
70 			result = (char **) malloc( sizeof(char *) );
71 		else
72 			result = (char **) realloc( result,
73 			    sizeof(char *) * (num + 1) );
74 
75 		result[num++] = (char *) strdup( buf );
76 	}
77 	if ( result == (char **) 0 )
78 		return( NULL );
79 	result = (char **) realloc( result, sizeof(char *) * (num + 1) );
80 	result[num] = NULL;
81 
82 	return( result );
83 }
84 
85 
86 static void
87 free_list( char **list )
88 {
89 	int	i;
90 
91 	if ( list != NULL ) {
92 		for ( i = 0; list[ i ] != NULL; ++i ) {
93 			free( list[ i ] );
94 		}
95 		free( (char *)list );
96 	}
97 }
98 
99 
100 #ifdef MOD_USE_BVALS
101 static int
102 file_read( char *path, struct berval *bv )
103 {
104 	FILE		*fp;
105 	long		rlen;
106 	int		eof;
107 
108 	if (( fp = fopen( path, "r" )) == NULL ) {
109 	    	perror( path );
110 		return( -1 );
111 	}
112 
113 	if ( fseek( fp, 0L, SEEK_END ) != 0 ) {
114 		perror( path );
115 		fclose( fp );
116 		return( -1 );
117 	}
118 
119 	bv->bv_len = ftell( fp );
120 
121 	if (( bv->bv_val = (char *)malloc( bv->bv_len )) == NULL ) {
122 		perror( "malloc" );
123 		fclose( fp );
124 		return( -1 );
125 	}
126 
127 	if ( fseek( fp, 0L, SEEK_SET ) != 0 ) {
128 		perror( path );
129 		fclose( fp );
130 		return( -1 );
131 	}
132 
133 	rlen = fread( bv->bv_val, 1, bv->bv_len, fp );
134 	eof = feof( fp );
135 	fclose( fp );
136 
137 	if ( rlen != bv->bv_len ) {
138 		perror( path );
139 		free( bv->bv_val );
140 		return( -1 );
141 	}
142 
143 	return( bv->bv_len );
144 }
145 #endif /* MOD_USE_BVALS */
146 
147 
148 static LDAPMod **
149 get_modlist( char *prompt1, char *prompt2, char *prompt3 )
150 {
151 	static char	buf[256];
152 	int		num;
153 	LDAPMod		tmp;
154 	LDAPMod		**result;
155 #ifdef MOD_USE_BVALS
156 	struct berval	**bvals;
157 #endif /* MOD_USE_BVALS */
158 
159 	num = 0;
160 	result = NULL;
161 	while ( 1 ) {
162 		if ( prompt1 ) {
163 			getline( buf, sizeof(buf), stdin, prompt1 );
164 			tmp.mod_op = atoi( buf );
165 
166 			if ( tmp.mod_op == -1 || buf[0] == '\0' )
167 				break;
168 		}
169 
170 		getline( buf, sizeof(buf), stdin, prompt2 );
171 		if ( buf[0] == '\0' )
172 			break;
173 		tmp.mod_type = strdup( buf );
174 
175 		tmp.mod_values = get_list( prompt3 );
176 #ifdef MOD_USE_BVALS
177 		if ( tmp.mod_values != NULL ) {
178 			int	i;
179 
180 			for ( i = 0; tmp.mod_values[i] != NULL; ++i )
181 				;
182 			bvals = (struct berval **)calloc( i + 1,
183 			    sizeof( struct berval *));
184 			for ( i = 0; tmp.mod_values[i] != NULL; ++i ) {
185 				bvals[i] = (struct berval *)malloc(
186 				    sizeof( struct berval ));
187 				if ( strncmp( tmp.mod_values[i], "{FILE}",
188 				    6 ) == 0 ) {
189 					if ( file_read( tmp.mod_values[i] + 6,
190 					    bvals[i] ) < 0 ) {
191 						return( NULL );
192 					}
193 				} else {
194 					bvals[i]->bv_val = tmp.mod_values[i];
195 					bvals[i]->bv_len =
196 					    strlen( tmp.mod_values[i] );
197 				}
198 			}
199 			tmp.mod_bvalues = bvals;
200 			tmp.mod_op |= LDAP_MOD_BVALUES;
201 		}
202 #endif /* MOD_USE_BVALS */
203 
204 		if ( result == NULL )
205 			result = (LDAPMod **) malloc( sizeof(LDAPMod *) );
206 		else
207 			result = (LDAPMod **) realloc( result,
208 			    sizeof(LDAPMod *) * (num + 1) );
209 
210 		result[num] = (LDAPMod *) malloc( sizeof(LDAPMod) );
211 		*(result[num]) = tmp;	/* struct copy */
212 		num++;
213 	}
214 	if ( result == NULL )
215 		return( NULL );
216 	result = (LDAPMod **) realloc( result, sizeof(LDAPMod *) * (num + 1) );
217 	result[num] = NULL;
218 
219 	return( result );
220 }
221 
222 
223 int
224 bind_prompt( LDAP *ld, char **dnp, char **passwdp, int *authmethodp,
225 	int freeit )
226 {
227 	static char	dn[256], passwd[256];
228 
229 	if ( !freeit ) {
230 #ifdef KERBEROS
231 		getline( dn, sizeof(dn), stdin,
232 		    "re-bind method (0->simple, 1->krbv41, 2->krbv42, 3->krbv41&2)? " );
233 		if (( *authmethodp = atoi( dn )) == 3 ) {
234 			*authmethodp = LDAP_AUTH_KRBV4;
235 		} else {
236 			*authmethodp |= 0x80;
237 		}
238 #else /* KERBEROS */
239 		*authmethodp = LDAP_AUTH_SIMPLE;
240 #endif /* KERBEROS */
241 
242 		getline( dn, sizeof(dn), stdin, "re-bind dn? " );
243 		strcat( dn, dnsuffix );
244 		*dnp = dn;
245 
246 		if ( *authmethodp == LDAP_AUTH_SIMPLE && dn[0] != '\0' ) {
247 			getline( passwd, sizeof(passwd), stdin,
248 			    "re-bind password? " );
249 		} else {
250 			passwd[0] = '\0';
251 		}
252 		*passwdp = passwd;
253 	}
254 
255 	return( LDAP_SUCCESS );
256 }
257 
258 
259 int
260 main(int argc, char **argv )
261 {
262 	LDAP	*ld;
263 	int		i, c, port, cldapflg, errflg, method, id,
264 		msgtype, delrdn, theInt, sizelimit, err;
265 	char	line[256], command1, command2, command3;
266 	char	passwd[64], dn[256], rdn[64], attr[64], value[256];
267 	char	filter[256], *host, **types;
268 	char 	*mechanism;
269 
270 	char	**exdn;
271 	char	*usage = "usage: %s [-u] [-h host] [-d level] [-s dnsuffix] [-p port] [-t file] [-T file]\n";
272 	int		bound, all, scope, attrsonly;
273 	LDAPMessage	*res;
274 	LDAPMod	**mods, **attrs;
275 	struct timeval	timeout, timelimit;
276 	char	*copyfname = NULL;
277 	int		copyoptions = 0, resultusetimelimit = 0;
278 	LDAPURLDesc	*ludp;
279 	struct berval bv, cred, *srvcrds = NULL;
280 	extern char	*optarg;
281 	extern int	optind;
282 	LDAPControl *ctrls[2];
283 	LDAPControl aCtrl;
284 
285 
286 #ifdef MACOS
287 	if (( argv = get_list( "cmd line arg?" )) == NULL ) {
288 		exit( 1 );
289 	}
290 	for ( argc = 0; argv[ argc ] != NULL; ++argc ) {
291 		;
292 	}
293 #endif /* MACOS */
294 
295 	host = NULL;
296 	port = LDAP_PORT;
297 	dnsuffix = "";
298 	cldapflg = errflg = 0;
299 	ctrls[0] = &aCtrl;
300 	ctrls[1] = NULL;
301 
302 	while (( c = getopt( argc, argv, "uh:d:s:p:t:T:" )) != -1 ) {
303 		switch( c ) {
304 		case 'u':
305 #ifdef CLDAP
306 			cldapflg++;
307 #else /* CLDAP */
308 			printf( "Compile with -DCLDAP for UDP support\n" );
309 #endif /* CLDAP */
310 			break;
311 
312 		case 'd':
313 #ifdef LDAP_DEBUG
314 			ldap_debug = atoi( optarg );
315 			if ( ldap_debug & LDAP_DEBUG_PACKETS ) {
316 				lber_debug = ldap_debug;
317 			}
318 #else
319 			printf( "Compile with -DLDAP_DEBUG for debugging\n" );
320 #endif
321 			break;
322 
323 		case 'h':
324 			host = optarg;
325 			break;
326 
327 		case 's':
328 			dnsuffix = optarg;
329 			break;
330 
331 		case 'p':
332 			port = atoi( optarg );
333 			break;
334 
335 #if !defined(MACOS) && !defined(DOS)
336 		case 't':	/* copy ber's to given file */
337 			copyfname = strdup( optarg );
338 			copyoptions = LBER_TO_FILE;
339 			break;
340 
341 		case 'T':	/* only output ber's to given file */
342 			copyfname = strdup( optarg );
343 			copyoptions = (LBER_TO_FILE | LBER_TO_FILE_ONLY);
344 			break;
345 #endif
346 
347 		default:
348 		    ++errflg;
349 		}
350 	}
351 
352 	if ( host == NULL && optind == argc - 1 ) {
353 		host = argv[ optind ];
354 		++optind;
355 	}
356 
357 	if ( errflg || optind < argc - 1 ) {
358 		fprintf( stderr, usage, argv[ 0 ] );
359 		exit( 1 );
360 	}
361 
362 	printf( "%s( %s, %d )\n", cldapflg ? "cldap_open" : "ldap_init",
363 		host == NULL ? "(null)" : host, port );
364 
365 	if ( cldapflg ) {
366 #ifdef CLDAP
367 		ld = cldap_open( host, port );
368 #endif /* CLDAP */
369 	} else {
370 		ld = ldap_init( host, port );
371 	}
372 
373 	if ( ld == NULL ) {
374 		perror( "ldap_init" );
375 		exit(1);
376 	}
377 
378 #if !defined(MACOS) && !defined(DOS)
379 	if ( copyfname != NULL ) {
380 		if ( (ld->ld_sb.sb_fd = open( copyfname, O_WRONLY | O_CREAT,
381 		    0600 ))  == -1 ) {
382 			perror( copyfname );
383 			exit ( 1 );
384 		}
385 		ld->ld_sb.sb_options = copyoptions;
386 	}
387 #endif
388 
389 	bound = 0;
390 	timeout.tv_sec = 0;
391 	timeout.tv_usec = 0;
392 	timelimit.tv_sec = 0;
393 	timelimit.tv_usec = 0;
394 
395 	(void) memset( line, '\0', sizeof(line) );
396 	while ( getline( line, sizeof(line), stdin, "\ncommand? " ) != NULL ) {
397 		command1 = line[0];
398 		command2 = line[1];
399 		command3 = line[2];
400 
401 		switch ( command1 ) {
402 		case 'a':	/* add or abandon */
403 			switch ( command2 ) {
404 			case 'd':	/* add */
405 				getline( dn, sizeof(dn), stdin, "dn? " );
406 				strcat( dn, dnsuffix );
407 				if ( (attrs = get_modlist( NULL, "attr? ",
408 				    "value? " )) == NULL )
409 					break;
410 				if (ldap_get_option(ld, LDAP_OPT_PROTOCOL_VERSION, &i) == LDAP_SUCCESS && i == LDAP_VERSION3){
411 					if ((err = ldap_add_ext( ld, dn, attrs, NULL, NULL, &id )) != LDAP_SUCCESS )
412 						printf( "Error in ldap_add_ext: %s\n", ldap_err2string(err) );
413 					else
414 						printf( "Add initiated with id %d\n", id );
415 				}
416 				else {
417 					if ( (id = ldap_add( ld, dn, attrs )) == -1 )
418 						ldap_perror( ld, "ldap_add" );
419 					else
420 						printf( "Add initiated with id %d\n", id );
421 				}
422 
423 				break;
424 
425 			case 'b':	/* abandon */
426 				getline( line, sizeof(line), stdin, "msgid? " );
427 				id = atoi( line );
428 				if ( ldap_abandon( ld, id ) != 0 )
429 					ldap_perror( ld, "ldap_abandon" );
430 				else
431 					printf( "Abandon successful\n" );
432 				break;
433 			default:
434 				printf( "Possibilities: [ad]d, [ab]ort\n" );
435 			}
436 			break;
437 
438 		case 'b':	/* asynch bind */
439 #ifdef KERBEROS
440 			getline( line, sizeof(line), stdin,
441 			    "method (0->simple, 1->krbv41, 2->krbv42)? " );
442 			method = atoi( line ) | 0x80;
443 #else /* KERBEROS */
444 			method = LDAP_AUTH_SIMPLE;
445 #endif /* KERBEROS */
446 			getline( dn, sizeof(dn), stdin, "dn? " );
447 			strcat( dn, dnsuffix );
448 
449 			if ( method == LDAP_AUTH_SIMPLE && dn[0] != '\0' )
450 				getline( passwd, sizeof(passwd), stdin,
451 				    "password? " );
452 			else
453 				passwd[0] = '\0';
454 
455 			if ( ldap_bind( ld, dn, passwd, method ) == -1 ) {
456 				fprintf( stderr, "ldap_bind failed\n" );
457 				ldap_perror( ld, "ldap_bind" );
458 			} else {
459 				printf( "Bind initiated\n" );
460 				bound = 1;
461 			}
462 			break;
463 
464 		case 'B':	/* synch bind */
465 #ifdef KERBEROS
466 			getline( line, sizeof(line), stdin,
467 			    "method 0->simple 1->krbv41 2->krbv42 3->krb? " );
468 			method = atoi( line );
469 			if ( method == 3 )
470 				method = LDAP_AUTH_KRBV4;
471 			else
472 				method = method | 0x80;
473 #else /* KERBEROS */
474 			getline( line, sizeof(line), stdin,
475 					 "method 0->simple, 1->SASL? ");
476 			method = atoi (line);
477 			if (method == 1){
478 				method = LDAP_AUTH_SASL;
479 				getline( line, sizeof(line), stdin,
480 						 "mechanism 0->CRAM_MD5, 1->TLS? ");
481 				theInt = atoi(line);
482 				if (theInt == 0){
483 					mechanism = LDAP_SASL_CRAM_MD5;
484 				}
485 				else{
486 					mechanism = LDAP_SASL_X511_STRONG;
487 				}
488 			} else {
489 				method = LDAP_AUTH_SIMPLE;
490 			}
491 
492 #endif /* KERBEROS */
493 			getline( dn, sizeof(dn), stdin, "dn? " );
494 			strcat( dn, dnsuffix );
495 
496 			if ( dn[0] != '\0' )
497 				getline( passwd, sizeof(passwd), stdin,
498 				    "password? " );
499 			else
500 				passwd[0] = '\0';
501 
502 			if (method == LDAP_AUTH_SIMPLE) {
503 				if ( ldap_bind_s( ld, dn, passwd, method ) !=
504 					 LDAP_SUCCESS ) {
505 					fprintf( stderr, "ldap_bind_s failed\n" );
506 					ldap_perror( ld, "ldap_bind_s" );
507 				} else {
508 					printf( "Bind successful\n" );
509 					bound = 1;
510 				}
511 			} else {
512 				if (strcmp(mechanism, LDAP_SASL_CRAM_MD5) == 0){
513 					cred.bv_val = passwd;
514 					cred.bv_len = strlen(passwd);
515 
516 					if ( ldap_sasl_cram_md5_bind_s(ld, dn, &cred, NULL, NULL) != LDAP_SUCCESS ){
517 						fprintf( stderr, "ldap_sasl_cram_md5_bind_s failed\n" );
518 						ldap_perror( ld, "ldap_sasl_cram_md5_bind_s" );
519 					} else {
520 						printf ( "Bind successful\n");
521 						bound = 1;
522 					}
523 				} else {
524 					if (ldap_sasl_bind_s(ld, dn, mechanism, &cred, NULL, NULL, &srvcrds ) != LDAP_SUCCESS){
525 						fprintf( stderr, "ldap_sasl_bind_s failed\n" );
526 						ldap_perror( ld, "ldap_sasl_bind_s" );
527 					}
528 				}
529 			}
530 			break;
531 
532 		case 'c':	/* compare */
533 			getline( dn, sizeof(dn), stdin, "dn? " );
534 			strcat( dn, dnsuffix );
535 			getline( attr, sizeof(attr), stdin, "attr? " );
536 			getline( value, sizeof(value), stdin, "value? " );
537 
538 			if (ldap_get_option(ld, LDAP_OPT_PROTOCOL_VERSION, &i) == LDAP_SUCCESS && i == LDAP_VERSION3){
539 				bv.bv_val = value;
540 				bv.bv_len = strlen(value);
541 				if ((err = ldap_compare_ext( ld, dn, attr, &bv, NULL, NULL, &id )) != LDAP_SUCCESS )
542 					printf( "Error in ldap_compare_ext: %s\n", ldap_err2string(err) );
543 				else
544 					printf( "Compare initiated with id %d\n", id );
545 			} else {
546 				if ( (id = ldap_compare( ld, dn, attr, value )) == -1 )
547 					ldap_perror( ld, "ldap_compare" );
548 				else
549 					printf( "Compare initiated with id %d\n", id );
550 			}
551 			break;
552 
553 		case 'd':	/* turn on debugging */
554 #ifdef LDAP_DEBUG
555 			getline( line, sizeof(line), stdin, "debug level? " );
556 			ldap_debug = atoi( line );
557 			if ( ldap_debug & LDAP_DEBUG_PACKETS ) {
558 				lber_debug = ldap_debug;
559 			}
560 #else
561 			printf( "Compile with -DLDAP_DEBUG for debugging\n" );
562 #endif
563 			break;
564 
565 		case 'E':	/* explode a dn */
566 			getline( line, sizeof(line), stdin, "dn? " );
567 			exdn = ldap_explode_dn( line, 0 );
568 			for ( i = 0; exdn != NULL && exdn[i] != NULL; i++ ) {
569 				printf( "\t%s\n", exdn[i] );
570 			}
571 			break;
572 
573 		case 'g':	/* set next msgid */
574 			getline( line, sizeof(line), stdin, "msgid? " );
575 			ld->ld_msgid = atoi( line );
576 			break;
577 
578 		case 'v':	/* set version number */
579 			getline( line, sizeof(line), stdin, "version? " );
580 			theInt = atoi(line);
581 			ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &theInt);
582 			break;
583 
584 		case 'm':	/* modify or modifyrdn */
585 			if ( strncmp( line, "modify", 4 ) == 0 ) {
586 				getline( dn, sizeof(dn), stdin, "dn? " );
587 				strcat( dn, dnsuffix );
588 				if ( (mods = get_modlist(
589 				    "mod (0=>add, 1=>delete, 2=>replace -1=>done)? ",
590 				    "attribute type? ", "attribute value? " ))
591 				    == NULL )
592 					break;
593 				if (ldap_get_option(ld, LDAP_OPT_PROTOCOL_VERSION, &i) == LDAP_SUCCESS && i == LDAP_VERSION3){
594 					if ((err = ldap_modify_ext( ld, dn, mods, NULL, NULL, &id )) != LDAP_SUCCESS )
595 						printf( "Error in ldap_modify_ext: %s\n", ldap_err2string(err) );
596 					else
597 						printf( "Modify initiated with id %d\n", id );
598 				}
599 				else {
600 					if ( (id = ldap_modify( ld, dn, mods )) == -1 )
601 						ldap_perror( ld, "ldap_modify" );
602 					else
603 						printf( "Modify initiated with id %d\n", id );
604 				}
605 			} else if ( strncmp( line, "modrdn", 4 ) == 0 ) {
606 				getline( dn, sizeof(dn), stdin, "dn? " );
607 				strcat( dn, dnsuffix );
608 				getline( rdn, sizeof(rdn), stdin, "newrdn? " );
609 				getline( line, sizeof(line), stdin, "delete old rdn (0=>no, 1=>yes)?");
610 				delrdn = atoi(line);
611 				if (ldap_get_option(ld, LDAP_OPT_PROTOCOL_VERSION, &i) == LDAP_SUCCESS && i == LDAP_VERSION3){
612 					if ((err = ldap_rename(ld, dn, rdn, NULL, delrdn, NULL,NULL, &id)) != LDAP_SUCCESS){
613 						printf( "Error in ldap_rename (modrdn): %s\n", ldap_err2string(err));
614 					}
615 					else
616 						printf( "Modrdn initiated with id %d\n", id );
617 				}
618 				else {
619 					if ( (id = ldap_modrdn( ld, dn, rdn, delrdn )) == -1 )
620 						ldap_perror( ld, "ldap_modrdn" );
621 					else
622 						printf( "Modrdn initiated with id %d\n", id );
623 				}
624 			} else {
625 				printf( "Possibilities: [modi]fy, [modr]dn\n" );
626 			}
627 			break;
628 
629 		case 'q':	/* quit */
630 #ifdef CLDAP
631 			if ( cldapflg )
632 				cldap_close( ld );
633 #endif /* CLDAP */
634 			if ( !cldapflg )
635 				ldap_unbind( ld );
636 			exit( 0 );
637 			break;
638 
639 		case 'r':	/* result or remove */
640 			switch ( command3 ) {
641 			case 's':	/* result */
642 				getline( line, sizeof(line), stdin,
643 				    "msgid (-1=>any)? " );
644 				if ( line[0] == '\0' )
645 					id = -1;
646 				else
647 					id = atoi( line );
648 				getline( line, sizeof(line), stdin,
649 				    "all (0=>any, 1=>all)? " );
650 				if ( line[0] == '\0' )
651 					all = 1;
652 				else
653 					all = atoi( line );
654 
655 				if (( msgtype = ldap_result( ld, id, all,
656 				    resultusetimelimit ? &timelimit : &timeout, &res )) < 1 ) {
657 					ldap_perror( ld, "ldap_result" );
658 					break;
659 				}
660 				printf( "\nresult: msgtype %d msgid %d\n",
661 				    msgtype, res->lm_msgid );
662 				handle_result( ld, res );
663 				if (all || msgtype == LDAP_RES_SEARCH_RESULT)
664 					resultusetimelimit = 0;
665 				res = NULLMSG;
666 				break;
667 
668 			case 'm':	/* remove */
669 				getline( dn, sizeof(dn), stdin, "dn? " );
670 				strcat( dn, dnsuffix );
671 				if (ldap_get_option(ld, LDAP_OPT_PROTOCOL_VERSION, &i) == LDAP_SUCCESS && i == LDAP_VERSION3){
672 					if ((err = ldap_delete_ext( ld, dn, NULL, NULL, &id )) != LDAP_SUCCESS )
673 						printf( "Error in ldap_delete_ext: %s\n", ldap_err2string(err) );
674 					else
675 						printf( "Remove initiated with id %d\n", id );
676 				} else {
677 					if ( (id = ldap_delete( ld, dn )) == -1 )
678 						ldap_perror( ld, "ldap_delete" );
679 					else
680 						printf( "Remove initiated with id %d\n", id );
681 				}
682 				break;
683 
684 			default:
685 				printf( "Possibilities: [rem]ove, [res]ult\n" );
686 				break;
687 			}
688 			break;
689 
690 		case 's':	/* search */
691 			getline( dn, sizeof(dn), stdin, "searchbase? " );
692 			strcat( dn, dnsuffix );
693 			getline( line, sizeof(line), stdin,
694 			    "scope (0=Base, 1=One Level, 2=Subtree)? " );
695 			scope = atoi( line );
696 			getline( filter, sizeof(filter), stdin,
697 			    "search filter (e.g. sn=jones)? " );
698 			types = get_list( "attrs to return? " );
699 			getline( line, sizeof(line), stdin,
700 			    "attrsonly (0=attrs&values, 1=attrs only)? " );
701 			attrsonly = atoi( line );
702 
703 			if ( cldapflg ) {
704 #ifdef CLDAP
705 			    getline( line, sizeof(line), stdin,
706 				"Requestor DN (for logging)? " );
707 			    if ( cldap_search_s( ld, dn, scope, filter, types,
708 				    attrsonly, &res, line ) != 0 ) {
709 				ldap_perror( ld, "cldap_search_s" );
710 			    } else {
711 				printf( "\nresult: msgid %d\n",
712 				    res->lm_msgid );
713 				handle_result( ld, res );
714 				res = NULLMSG;
715 			    }
716 #endif /* CLDAP */
717 			} else {
718 				theInt = 0;
719 				if (ldap_get_option(ld, LDAP_OPT_PROTOCOL_VERSION, &i) == LDAP_SUCCESS && i == LDAP_VERSION3){
720 					resultusetimelimit = 1;
721 					getline( line, sizeof(line), stdin,
722 							 "ldap_search_ext (0=>no, 1=>yes - default: yes)? " );
723 					if (line[0] == '\0')
724 						theInt = 1;
725 					else
726 						theInt = atoi( line );
727 				}
728 				if (theInt){
729 					getline(line, sizeof(line), stdin, "time limit?");
730 					timelimit.tv_sec = atoi(line);
731 					resultusetimelimit = 1;
732 					getline(line, sizeof(line), stdin, "size limit?");
733 					sizelimit = atoi(line);
734 					if (( err = ldap_search_ext(ld, dn, scope, filter, types, attrsonly, NULL, NULL,
735 												&timelimit, sizelimit, &id)) != LDAP_SUCCESS){
736 						printf( "Error in ldap_search_ext: %s\n", ldap_err2string(err));
737 					} else {
738 						printf( "Search initiated with id %d\n", id );
739 					}
740 				} else {
741 					if (( id = ldap_search( ld, dn, scope, filter,
742 											types, attrsonly  )) == -1 ) {
743 						ldap_perror( ld, "ldap_search" );
744 					} else {
745 						printf( "Search initiated with id %d\n", id );
746 					}
747 				}
748 			}
749 			free_list( types );
750 			break;
751 
752 		case 't':	/* set timeout value */
753 			getline( line, sizeof(line), stdin, "timeout? " );
754 			timeout.tv_sec = atoi( line );
755 			break;
756 
757 		case 'U':	/* set ufn search prefix */
758 			getline( line, sizeof(line), stdin, "ufn prefix? " );
759 			ldap_ufn_setprefix( ld, line );
760 			break;
761 
762 		case 'u':	/* user friendly search w/optional timeout */
763 			getline( dn, sizeof(dn), stdin, "ufn? " );
764 			strcat( dn, dnsuffix );
765 			types = get_list( "attrs to return? " );
766 			getline( line, sizeof(line), stdin,
767 			    "attrsonly (0=attrs&values, 1=attrs only)? " );
768 			attrsonly = atoi( line );
769 
770 			if ( command2 == 't' ) {
771 				id = ldap_ufn_search_c( ld, dn, types,
772 				    attrsonly, &res, ldap_ufn_timeout,
773 				    &timeout );
774 			} else {
775 				id = ldap_ufn_search_s( ld, dn, types,
776 				    attrsonly, &res );
777 			}
778 			if ( res == NULL )
779 				ldap_perror( ld, "ldap_ufn_search" );
780 			else {
781 				printf( "\nresult: err %d\n", id );
782 				handle_result( ld, res );
783 				res = NULLMSG;
784 			}
785 			free_list( types );
786 			break;
787 
788 		case 'l':	/* URL search */
789 			getline( line, sizeof(line), stdin,
790 			    "attrsonly (0=attrs&values, 1=attrs only)? " );
791 			attrsonly = atoi( line );
792 			getline( line, sizeof(line), stdin, "LDAP URL? " );
793 			if (( id = ldap_url_search( ld, line, attrsonly  ))
794 				== -1 ) {
795 			    ldap_perror( ld, "ldap_url_search" );
796 			} else {
797 			    printf( "URL search initiated with id %d\n", id );
798 			}
799 			break;
800 
801 		case 'p':	/* parse LDAP URL */
802 			getline( line, sizeof(line), stdin, "LDAP URL? " );
803 			if (( i = ldap_url_parse( line, &ludp )) != 0 ) {
804 			    fprintf( stderr, "ldap_url_parse: error %d\n", i );
805 			} else {
806 			    printf( "\t  host: " );
807 			    if ( ludp->lud_host == NULL ) {
808 				printf( "DEFAULT\n" );
809 			    } else {
810 				printf( "<%s>\n", ludp->lud_host );
811 			    }
812 			    printf( "\t  port: " );
813 			    if ( ludp->lud_port == 0 ) {
814 				printf( "DEFAULT\n" );
815 			    } else {
816 				printf( "%d\n", ludp->lud_port );
817 			    }
818 			    printf( "\t    dn: <%s>\n", ludp->lud_dn );
819 			    printf( "\t attrs:" );
820 			    if ( ludp->lud_attrs == NULL ) {
821 				printf( " ALL" );
822 			    } else {
823 				for ( i = 0; ludp->lud_attrs[ i ] != NULL; ++i ) {
824 				    printf( " <%s>", ludp->lud_attrs[ i ] );
825 				}
826 			    }
827 			    printf( "\n\t scope: %s\n", ludp->lud_scope == LDAP_SCOPE_UNKNOWN ? "DEFAULT (base)" :
828 						ludp->lud_scope == LDAP_SCOPE_ONELEVEL ? "ONE" :
829 						ludp->lud_scope == LDAP_SCOPE_BASE ? "BASE" :
830 						ludp->lud_scope == LDAP_SCOPE_SUBTREE ? "SUB" : "**invalid**" );
831 			    printf( "\tfilter: <%s>\n", ludp->lud_filter ? ludp->lud_filter : "NONE");
832 				if (ludp->lud_extensions){
833 					printf("\textensions: \n");
834 					for (i = 0; ludp->lud_extensions[i] != NULL; i++)
835 						printf("\t\t%s (%s)\n", ludp->lud_extensions[i]->lue_type,
836 							   ludp->lud_extensions[i]->lue_iscritical ? "Critical" : "Non critical");
837 				}
838 
839 			    ldap_free_urldesc( ludp );
840 			}
841 			    break;
842 
843 		case 'n':	/* set dn suffix, for convenience */
844 			getline( line, sizeof(line), stdin, "DN suffix? " );
845 			strcpy( dnsuffix, line );
846 			break;
847 
848 		case 'e':	/* enable cache */
849 #ifdef NO_CACHE
850 			printf( NOCACHEERRMSG );
851 #else /* NO_CACHE */
852 			getline( line, sizeof(line), stdin, "Cache timeout (secs)? " );
853 			i = atoi( line );
854 			getline( line, sizeof(line), stdin, "Maximum memory to use (bytes)? " );
855 			if ( ldap_enable_cache( ld, i, atoi( line )) == 0 ) {
856 				printf( "local cache is on\n" );
857 			} else {
858 				printf( "ldap_enable_cache failed\n" );
859 			}
860 #endif /* NO_CACHE */
861 			break;
862 
863 		case 'x':	/* uncache entry */
864 #ifdef NO_CACHE
865 			printf( NOCACHEERRMSG );
866 #else /* NO_CACHE */
867 			getline( line, sizeof(line), stdin, "DN? " );
868 			ldap_uncache_entry( ld, line );
869 #endif /* NO_CACHE */
870 			break;
871 
872 		case 'X':	/* uncache request */
873 #ifdef NO_CACHE
874 			printf( NOCACHEERRMSG );
875 #else /* NO_CACHE */
876 			getline( line, sizeof(line), stdin, "request msgid? " );
877 			ldap_uncache_request( ld, atoi( line ));
878 #endif /* NO_CACHE */
879 			break;
880 
881 		case 'o':	/* set ldap options */
882 			getline( line, sizeof(line), stdin, "alias deref (0=never, 1=searching, 2=finding, 3=always)?" );
883 			theInt = atoi(line);
884 			ldap_set_option(ld, LDAP_OPT_DEREF, &theInt );
885 			getline( line, sizeof(line), stdin, "timelimit?" );
886 			theInt = atoi(line);
887 			ldap_set_option(ld, LDAP_OPT_TIMELIMIT,  &theInt);
888 			getline( line, sizeof(line), stdin, "sizelimit?" );
889 			theInt = atoi(line);
890 			ldap_set_option(ld, LDAP_OPT_SIZELIMIT, &theInt);
891 
892 			ld->ld_options = 0;
893 
894 #ifdef STR_TRANSLATION
895 			getline( line, sizeof(line), stdin,
896 				"Automatic translation of T.61 strings (0=no, 1=yes)?" );
897 			if ( atoi( line ) == 0 ) {
898 				ld->ld_lberoptions &= ~LBER_TRANSLATE_STRINGS;
899 			} else {
900 				ld->ld_lberoptions |= LBER_TRANSLATE_STRINGS;
901 #ifdef LDAP_CHARSET_8859
902 				getline( line, sizeof(line), stdin,
903 					"Translate to/from ISO-8859 (0=no, 1=yes?" );
904 				if ( atoi( line ) != 0 ) {
905 					ldap_set_string_translators( ld,
906 					    ldap_8859_to_t61,
907 					    ldap_t61_to_8859 );
908 				}
909 #endif /* LDAP_CHARSET_8859 */
910 			}
911 #endif /* STR_TRANSLATION */
912 
913 #ifdef LDAP_DNS
914 			getline( line, sizeof(line), stdin,
915 				"Use DN & DNS to determine where to send requests (0=no, 1=yes)?" );
916 			if ( atoi( line ) != 0 ) {
917 				ld->ld_options |= LDAP_OPT_DNS;
918 			}
919 #endif /* LDAP_DNS */
920 
921 			getline( line, sizeof(line), stdin,
922 				"Recognize and chase referrals (0=no, 1=yes)?" );
923 			if ( atoi( line ) != 0 ) {
924 				theInt = LDAP_OPT_ON;
925 				getline( line, sizeof(line), stdin,
926 						 "Prompt for bind credentials when chasing referrals (0=no, 1=yes)?" );
927 				if ( atoi( line ) != 0 ) {
928 					ldap_set_option( ld, LDAP_OPT_REBIND_FN, bind_prompt );
929 				}
930 			} else {
931 				theInt = LDAP_OPT_OFF;
932 			}
933 			ldap_set_option(ld, LDAP_OPT_REFERRALS, &theInt);
934 			break;
935 
936 		case 'k': /* Set some controls */
937 			getline( line, sizeof(line), stdin,
938 					 "Set control: (0 for none, 1 for ManageDSA, 2 for preferredLang, 3 for BAD)?");
939 			theInt = atoi(line);
940 			switch (theInt){
941 			case 0:
942 				ldap_set_option(ld, LDAP_OPT_SERVER_CONTROLS, NULL);
943 				break;
944 			case 1:
945 				aCtrl.ldctl_oid = "2.16.840.1.113730.3.4.2";
946 				aCtrl.ldctl_iscritical = 1;
947 				aCtrl.ldctl_value = NULL;
948 				ldap_set_option(ld, LDAP_OPT_SERVER_CONTROLS, ctrls);
949 				break;
950 			case 2:
951 				getline( line, sizeof(line), stdin,
952 						 "Preferred Language Control : lang ?");
953 				aCtrl.ldctl_oid = "1.3.6.1.4.1.1466.20035";
954 				aCtrl.ldctl_iscritical = 1;
955 				bv.bv_val = strdup(line);
956 				bv.bv_len = strlen(line);
957 				aCtrl.ldctl_value = &bv;
958 				ldap_set_option(ld, LDAP_OPT_SERVER_CONTROLS, ctrls);
959 				break;
960 			default:
961 				getline( line, sizeof(line), stdin,
962 						 "Bad Control is critical (0=false, 1=true)?");
963 				aCtrl.ldctl_oid = "1.1.1.1.1.1";
964 				aCtrl.ldctl_iscritical = atoi(line);
965 				aCtrl.ldctl_value = NULL;
966 				ldap_set_option(ld, LDAP_OPT_SERVER_CONTROLS, ctrls);
967 				break;
968 			}
969 			break;
970 
971 		case 'O':	/* set cache options */
972 #ifdef NO_CACHE
973 			printf( NOCACHEERRMSG );
974 #else /* NO_CACHE */
975 			getline( line, sizeof(line), stdin, "cache errors (0=smart, 1=never, 2=always)?" );
976 			switch( atoi( line )) {
977 			case 0:
978 				ldap_set_cache_options( ld, 0 );
979 				break;
980 			case 1:
981 				ldap_set_cache_options( ld,
982 					LDAP_CACHE_OPT_CACHENOERRS );
983 				break;
984 			case 2:
985 				ldap_set_cache_options( ld,
986 					LDAP_CACHE_OPT_CACHEALLERRS );
987 				break;
988 			default:
989 				printf( "not a valid cache option\n" );
990 			}
991 #endif /* NO_CACHE */
992 			break;
993 
994 		case '?':	/* help */
995     printf( "Commands: [ad]d         [ab]andon         [b]ind\n" );
996     printf( "          [B]ind async  [c]ompare         [l]URL search\n" );
997     printf( "          [modi]fy      [modr]dn          [rem]ove\n" );
998     printf( "          [res]ult      [s]earch          [q]uit/unbind\n\n" );
999     printf( "          [u]fn search  [ut]fn search with timeout\n" );
1000     printf( "          [d]ebug       [e]nable cache    set ms[g]id\n" );
1001     printf( "          d[n]suffix    [t]imeout         [v]ersion\n" );
1002     printf( "          [U]fn prefix  [x]uncache entry  [X]uncache request\n" );
1003     printf( "          [?]help       [o]ptions         [O]cache options\n" );
1004     printf( "          [E]xplode dn  [p]arse LDAP URL\n" );
1005 			break;
1006 
1007 		default:
1008 			printf( "Invalid command.  Type ? for help.\n" );
1009 			break;
1010 		}
1011 
1012 		(void) memset( line, '\0', sizeof(line) );
1013 	}
1014 
1015 	return( 0 );
1016 }
1017 
1018 static void
1019 handle_result( LDAP *ld, LDAPMessage *lm )
1020 {
1021 	switch ( lm->lm_msgtype ) {
1022 	case LDAP_RES_COMPARE:
1023 		printf( "Compare result\n" );
1024 		print_ldap_result( ld, lm, "compare" );
1025 		break;
1026 
1027 	case LDAP_RES_SEARCH_RESULT:
1028 		printf( "Search result\n" );
1029 		print_ldap_result( ld, lm, "search" );
1030 		break;
1031 
1032 	case LDAP_RES_SEARCH_REFERENCE:
1033 		printf( "Search reference\n" );
1034 		print_search_entry( ld, lm );
1035 		break;
1036 
1037 	case LDAP_RES_SEARCH_ENTRY:
1038 		printf( "Search entry\n" );
1039 		print_search_entry( ld, lm );
1040 		break;
1041 
1042 	case LDAP_RES_ADD:
1043 		printf( "Add result\n" );
1044 		print_ldap_result( ld, lm, "add" );
1045 		break;
1046 
1047 	case LDAP_RES_DELETE:
1048 		printf( "Delete result\n" );
1049 		print_ldap_result( ld, lm, "delete" );
1050 		break;
1051 
1052 	case LDAP_RES_MODIFY:
1053 		printf( "Modify result\n" );
1054 		print_ldap_result( ld, lm, "modify" );
1055 		break;
1056 
1057 	case LDAP_RES_MODRDN:
1058 		printf( "ModRDN result\n" );
1059 		print_ldap_result( ld, lm, "modrdn" );
1060 		break;
1061 
1062 	case LDAP_RES_BIND:
1063 		printf( "Bind result\n" );
1064 		print_ldap_result( ld, lm, "bind" );
1065 		break;
1066 
1067 	default:
1068 		printf( "Unknown result type 0x%x\n", lm->lm_msgtype );
1069 		print_ldap_result( ld, lm, "unknown" );
1070 	}
1071 }
1072 
1073 static void
1074 print_ldap_result( LDAP *ld, LDAPMessage *lm, char *s )
1075 {
1076 	int rc, i;
1077 	int errCode;
1078 	char *matched = NULL, *errMsg = NULL, **referrals = NULL;
1079 	LDAPControl **srvctrls = NULL;
1080 
1081 	if ((rc = ldap_parse_result(ld, lm, &errCode, &matched, &errMsg, &referrals, &srvctrls, 0)) != LDAP_SUCCESS){
1082 		fprintf(stderr, "%s: error while parsing result (%s)\n", s, ldap_err2string(rc));
1083 		return;
1084 	}
1085 
1086 
1087 	fprintf(stderr, "%s: %s\n", s, ldap_err2string(errCode));
1088 	if (errCode == LDAP_REFERRAL){
1089 		fprintf(stderr, "\tReferrals returned: \n");
1090 		for (i = 0; referrals[i] != NULL; i++)
1091 			fprintf(stderr, "\t\t%s\n", referrals[i]);
1092 	}
1093 	if (errMsg && *errMsg)
1094 		fprintf(stderr, "\tAdditional info: %s\n", errMsg);
1095 	free(errMsg);
1096 	if (NAME_ERROR(errCode) && matched && *matched){
1097 		fprintf(stderr, "\tMatched DN: %s\n", matched);
1098 		free(matched);
1099 	}
1100 	if (srvctrls != NULL){
1101 		fprintf(stderr, "\tLDAPControls returned: \n");
1102 		for (i=0;srvctrls[i] != NULL; i++)
1103 			fprintf(stderr, "\t\t%s (%s)\n", srvctrls[i]->ldctl_oid, srvctrls[i]->ldctl_iscritical ? "Critical" : "Not critical");
1104 	}
1105 	return;
1106 }
1107 
1108 static void
1109 print_search_entry( LDAP *ld, LDAPMessage *res )
1110 {
1111 	BerElement	*ber;
1112 	char		*a, *dn, *ufn;
1113 	struct berval	**vals;
1114 	int		i;
1115 	LDAPMessage	*e;
1116 
1117 	for ( e = ldap_first_message( ld, res ); e != NULLMSG;
1118 	    e = ldap_next_message( ld, e ) ) {
1119 		if ( e->lm_msgtype == LDAP_RES_SEARCH_RESULT )
1120 			break;
1121 
1122 		dn = ldap_get_dn( ld, e );
1123 		printf( "\tDN: %s\n", dn );
1124 
1125 		ufn = ldap_dn2ufn( dn );
1126 		printf( "\tUFN: %s\n", ufn );
1127 		free( dn );
1128 		free( ufn );
1129 
1130 		if ( e->lm_msgtype == LDAP_RES_SEARCH_REFERENCE ){
1131 			char **urls = ldap_get_reference_urls(ld, e);
1132 			if (urls == NULL){
1133 				printf("\t\tError with references: %s\n", ldap_err2string(ld->ld_errno));
1134 			} else {
1135 				for (i=0;urls[i] != NULL;i++)
1136 					printf("\t\tURL: %s\n", urls[i]);
1137 			}
1138 		} else {
1139 			for ( a = ldap_first_attribute( ld, e, &ber ); a != NULL;
1140 				  a = ldap_next_attribute( ld, e, ber ) ) {
1141 				printf( "\t\tATTR: %s\n", a );
1142 				if ( (vals = ldap_get_values_len( ld, e, a ))
1143 					 == NULL ) {
1144 					printf( "\t\t\t(no values)\n" );
1145 				} else {
1146 					for ( i = 0; vals[i] != NULL; i++ ) {
1147 						int	j, nonascii;
1148 
1149 						nonascii = 0;
1150 						for ( j = 0; j < vals[i]->bv_len; j++ )
1151 							if ( !isascii( vals[i]->bv_val[j] ) ) {
1152 							nonascii = 1;
1153 							break;
1154 							}
1155 
1156 						if ( nonascii ) {
1157 							printf( "\t\t\tlength (%ld) (not ascii)\n", vals[i]->bv_len );
1158 #ifdef BPRINT_NONASCII
1159 							lber_bprint( vals[i]->bv_val,
1160 										 vals[i]->bv_len );
1161 #endif /* BPRINT_NONASCII */
1162 							continue;
1163 						}
1164 						printf( "\t\t\tlength (%ld) %s\n",
1165 								vals[i]->bv_len, vals[i]->bv_val );
1166 					}
1167 					ber_bvecfree( vals );
1168 				}
1169 			}
1170 		}
1171 	}
1172 
1173 	if ( res->lm_msgtype == LDAP_RES_SEARCH_RESULT
1174 	    || res->lm_chain != NULLMSG )
1175 		print_ldap_result( ld, res, "search" );
1176 }
1177