17c478bd9Sstevel@tonic-gate /* 27c478bd9Sstevel@tonic-gate * CDDL HEADER START 37c478bd9Sstevel@tonic-gate * 47c478bd9Sstevel@tonic-gate * The contents of this file are subject to the terms of the 57800901eSjbeck * Common Development and Distribution License (the "License"). 67800901eSjbeck * You may not use this file except in compliance with the License. 77c478bd9Sstevel@tonic-gate * 87c478bd9Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 97c478bd9Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 107c478bd9Sstevel@tonic-gate * See the License for the specific language governing permissions 117c478bd9Sstevel@tonic-gate * and limitations under the License. 127c478bd9Sstevel@tonic-gate * 137c478bd9Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 147c478bd9Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 157c478bd9Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 167c478bd9Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 177c478bd9Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 187c478bd9Sstevel@tonic-gate * 197c478bd9Sstevel@tonic-gate * CDDL HEADER END 207c478bd9Sstevel@tonic-gate */ 217800901eSjbeck 227c478bd9Sstevel@tonic-gate /* 237800901eSjbeck * Copyright 2007 Sun Microsystems, Inc. All rights reserved. 247c478bd9Sstevel@tonic-gate * Use is subject to license terms. 25*528b7d8bSRichard Lowe * Copyright 2011 Nexenta Systems, Inc. All rights reserved. 267c478bd9Sstevel@tonic-gate */ 277c478bd9Sstevel@tonic-gate 287c478bd9Sstevel@tonic-gate #include <stdlib.h> 297c478bd9Sstevel@tonic-gate #include <libintl.h> 307c478bd9Sstevel@tonic-gate #include <stdio.h> 317c478bd9Sstevel@tonic-gate #include <errno.h> 327c478bd9Sstevel@tonic-gate #include <strings.h> 337c478bd9Sstevel@tonic-gate #include "ns_sldap.h" 347c478bd9Sstevel@tonic-gate #include "ns_internal.h" 357c478bd9Sstevel@tonic-gate 367c478bd9Sstevel@tonic-gate /* 377c478bd9Sstevel@tonic-gate * getldaplaliasbyname() retrieves the aliases information from the LDAP server. 387c478bd9Sstevel@tonic-gate * This is requires that the LDAP naming information (ie. LDAP_CLIENT_CACHE 397c478bd9Sstevel@tonic-gate * file) is configured properly on the client machine. 407c478bd9Sstevel@tonic-gate * 417c478bd9Sstevel@tonic-gate * Return value: 427c478bd9Sstevel@tonic-gate * 0 = success; 437c478bd9Sstevel@tonic-gate * 1 = alias not found; 447c478bd9Sstevel@tonic-gate * -1 = other failure. Contents in answer are undefined. 457c478bd9Sstevel@tonic-gate */ 467c478bd9Sstevel@tonic-gate 477c478bd9Sstevel@tonic-gate #define ALIAS_FILTER "(&(objectclass=mailgroup)(|(cn=%s)(mail=%s)))" 487c478bd9Sstevel@tonic-gate #define ALIAS_FILTER_SSD "(&(%%s)(|(cn=%s)(mail=%s)))" 497c478bd9Sstevel@tonic-gate #define MAIL_CN "cn" 507c478bd9Sstevel@tonic-gate #define MAIL_ATTRIBUTE "mail" 517c478bd9Sstevel@tonic-gate #define MAIL_MEMBER "mgrpRFC822MailMember" 527c478bd9Sstevel@tonic-gate 537c478bd9Sstevel@tonic-gate /* 547c478bd9Sstevel@tonic-gate * This is a generic filter call back function for 557c478bd9Sstevel@tonic-gate * merging the filter from service search descriptor with 567c478bd9Sstevel@tonic-gate * an existing search filter. This routine expects userdata 577c478bd9Sstevel@tonic-gate * contain a format string with a single %s in it, and will 587c478bd9Sstevel@tonic-gate * use the format string with sprintf() to insert the SSD filter. 597c478bd9Sstevel@tonic-gate * 607c478bd9Sstevel@tonic-gate * This routine is passed to the __ns_ldap_list() API as the 617c478bd9Sstevel@tonic-gate * filter call back together with filter and userdata. For example, 627c478bd9Sstevel@tonic-gate * "(&(objectclass=mailgroup)(|(cn=abc)(mail=abc)))" as filter 637c478bd9Sstevel@tonic-gate * and "(&(%s)(|(cn=abc)(mail=abc)))" as userdata. 647c478bd9Sstevel@tonic-gate * This routine will then be called by __ns_ldap_list() to output 657c478bd9Sstevel@tonic-gate * "(&(dept=sds)(|(cn=abc)(mail=abc)))" as the real search 667c478bd9Sstevel@tonic-gate * filter, if the input SSD contains a filter "dpet=sds". 677c478bd9Sstevel@tonic-gate */ 687c478bd9Sstevel@tonic-gate int 697c478bd9Sstevel@tonic-gate __s_api_merge_SSD_filter(const ns_ldap_search_desc_t *desc, 707c478bd9Sstevel@tonic-gate char **realfilter, 717c478bd9Sstevel@tonic-gate const void *userdata) 727c478bd9Sstevel@tonic-gate { 737c478bd9Sstevel@tonic-gate int len; 74*528b7d8bSRichard Lowe char *checker; 757c478bd9Sstevel@tonic-gate 767c478bd9Sstevel@tonic-gate /* sanity check */ 777c478bd9Sstevel@tonic-gate if (realfilter == NULL) 787c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 797c478bd9Sstevel@tonic-gate *realfilter = NULL; 807c478bd9Sstevel@tonic-gate 81*528b7d8bSRichard Lowe if (desc == NULL || desc->filter == NULL || userdata == NULL) 827c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 837c478bd9Sstevel@tonic-gate 84*528b7d8bSRichard Lowe /* Parameter check. We only want one %s here, otherwise bail. */ 85*528b7d8bSRichard Lowe len = 0; /* Reuse 'len' as "Number of %s hits"... */ 86*528b7d8bSRichard Lowe checker = (char *)userdata; 87*528b7d8bSRichard Lowe do { 88*528b7d8bSRichard Lowe checker = strchr(checker, '%'); 89*528b7d8bSRichard Lowe if (checker != NULL) { 90*528b7d8bSRichard Lowe if (len > 0 || *(checker + 1) != 's') 91*528b7d8bSRichard Lowe return (NS_LDAP_INVALID_PARAM); 92*528b7d8bSRichard Lowe len++; /* Got our %s. */ 93*528b7d8bSRichard Lowe checker += 2; 94*528b7d8bSRichard Lowe } else if (len != 1) 95*528b7d8bSRichard Lowe return (NS_LDAP_INVALID_PARAM); 96*528b7d8bSRichard Lowe } while (checker != NULL); 97*528b7d8bSRichard Lowe 987c478bd9Sstevel@tonic-gate len = strlen(userdata) + strlen(desc->filter) + 1; 997c478bd9Sstevel@tonic-gate 1007c478bd9Sstevel@tonic-gate *realfilter = (char *)malloc(len); 1017c478bd9Sstevel@tonic-gate if (*realfilter == NULL) 1027c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 1037c478bd9Sstevel@tonic-gate 104*528b7d8bSRichard Lowe (void) sprintf(*realfilter, (char *)userdata, desc->filter); 1057c478bd9Sstevel@tonic-gate 1067c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 1077c478bd9Sstevel@tonic-gate } 1087800901eSjbeck char * 1097800901eSjbeck __getldapaliasbyname(char *alias, int *retval) 1107c478bd9Sstevel@tonic-gate { 1117c478bd9Sstevel@tonic-gate char *service = "aliases"; 1127c478bd9Sstevel@tonic-gate char filter[BUFSIZE]; 1137c478bd9Sstevel@tonic-gate char userdata[BUFSIZE]; 1147c478bd9Sstevel@tonic-gate char *attribute[2]; 1157c478bd9Sstevel@tonic-gate ns_ldap_result_t *result = NULL; 1167c478bd9Sstevel@tonic-gate ns_ldap_error_t *errorp = NULL; 1177c478bd9Sstevel@tonic-gate int rc, i, j, len, comma; 1187c478bd9Sstevel@tonic-gate ns_ldap_entry_t *entry = NULL; 1197c478bd9Sstevel@tonic-gate char **attr_value = NULL; 1207800901eSjbeck char *answer, *new_answer; 1217800901eSjbeck size_t ans_size = BUFSIZE; 1227c478bd9Sstevel@tonic-gate 1237800901eSjbeck if (!alias || !*alias) { 1247c478bd9Sstevel@tonic-gate errno = EINVAL; 1257800901eSjbeck *retval = -1; 1267800901eSjbeck return (NULL); 1277c478bd9Sstevel@tonic-gate } 1287c478bd9Sstevel@tonic-gate 1297800901eSjbeck answer = malloc(ans_size); 1307800901eSjbeck if (answer == NULL) { 1317800901eSjbeck errno = ENOMEM; 1327800901eSjbeck *retval = -1; 1337800901eSjbeck return (NULL); 1347800901eSjbeck } 1357c478bd9Sstevel@tonic-gate answer[0] = '\0'; 1367c478bd9Sstevel@tonic-gate 1377c478bd9Sstevel@tonic-gate /* get the aliases */ 1387c478bd9Sstevel@tonic-gate if (snprintf(filter, sizeof (filter), ALIAS_FILTER, alias, alias) < 0) { 1397c478bd9Sstevel@tonic-gate errno = EINVAL; 1407800901eSjbeck *retval = -1; 1417800901eSjbeck return (NULL); 1427c478bd9Sstevel@tonic-gate } 1437c478bd9Sstevel@tonic-gate 1447c478bd9Sstevel@tonic-gate /* get the userdata for __ns_ldap_list filter call back */ 1457c478bd9Sstevel@tonic-gate if (snprintf(userdata, sizeof (userdata), ALIAS_FILTER_SSD, 1467c478bd9Sstevel@tonic-gate alias, alias) < 0) { 1477c478bd9Sstevel@tonic-gate errno = EINVAL; 1487800901eSjbeck *retval = -1; 1497800901eSjbeck return (NULL); 1507c478bd9Sstevel@tonic-gate } 1517c478bd9Sstevel@tonic-gate 1527c478bd9Sstevel@tonic-gate attribute[0] = MAIL_MEMBER; 1537c478bd9Sstevel@tonic-gate attribute[1] = NULL; 1547c478bd9Sstevel@tonic-gate 1557c478bd9Sstevel@tonic-gate /* should we do hardlookup */ 1567c478bd9Sstevel@tonic-gate rc = __ns_ldap_list(service, (const char *)filter, 1577c478bd9Sstevel@tonic-gate __s_api_merge_SSD_filter, 1587c478bd9Sstevel@tonic-gate (const char **)attribute, NULL, 0, &result, 1597c478bd9Sstevel@tonic-gate &errorp, NULL, userdata); 1607c478bd9Sstevel@tonic-gate 1617c478bd9Sstevel@tonic-gate if (rc == NS_LDAP_NOTFOUND) { 1627c478bd9Sstevel@tonic-gate errno = ENOENT; 1637800901eSjbeck *retval = 1; 1647800901eSjbeck return (NULL); 1657c478bd9Sstevel@tonic-gate } else if (rc != NS_LDAP_SUCCESS) { 1667c478bd9Sstevel@tonic-gate #ifdef DEBUG 1677c478bd9Sstevel@tonic-gate char *p; 1687c478bd9Sstevel@tonic-gate (void) __ns_ldap_err2str(rc, &p); 1697c478bd9Sstevel@tonic-gate if (errorp) { 1707c478bd9Sstevel@tonic-gate if (errorp->message) 1717c478bd9Sstevel@tonic-gate (void) fprintf(stderr, "%s (%s)\n", p, 1727c478bd9Sstevel@tonic-gate errorp->message); 1737c478bd9Sstevel@tonic-gate } else 1747c478bd9Sstevel@tonic-gate (void) fprintf(stderr, "%s\n", p); 1757c478bd9Sstevel@tonic-gate #endif /* DEBUG */ 1767c478bd9Sstevel@tonic-gate (void) __ns_ldap_freeError(&errorp); 1777800901eSjbeck *retval = -1; 1787800901eSjbeck return (NULL); 1797c478bd9Sstevel@tonic-gate } 1807c478bd9Sstevel@tonic-gate 1817c478bd9Sstevel@tonic-gate /* build the return value */ 1827c478bd9Sstevel@tonic-gate answer[0] = '\0'; 1837c478bd9Sstevel@tonic-gate len = 0; 1847c478bd9Sstevel@tonic-gate comma = 0; 1857c478bd9Sstevel@tonic-gate entry = result->entry; 1867c478bd9Sstevel@tonic-gate for (i = 0; i < result->entries_count; i++) { 1877c478bd9Sstevel@tonic-gate attr_value = __ns_ldap_getAttr(entry, MAIL_MEMBER); 1887c478bd9Sstevel@tonic-gate if (attr_value == NULL) { 1897c478bd9Sstevel@tonic-gate errno = ENOENT; 1907800901eSjbeck *retval = -1; 1917800901eSjbeck return (NULL); 1927c478bd9Sstevel@tonic-gate } 1937c478bd9Sstevel@tonic-gate for (j = 0; attr_value[j]; j++) { 1947c478bd9Sstevel@tonic-gate char *tmp, *newhead; 1957c478bd9Sstevel@tonic-gate 1967c478bd9Sstevel@tonic-gate tmp = attr_value[j]; 1977c478bd9Sstevel@tonic-gate while (*tmp == ' ' || *tmp == '\t' && *tmp != '\0') 1987c478bd9Sstevel@tonic-gate tmp++; 1997c478bd9Sstevel@tonic-gate newhead = tmp; 2007c478bd9Sstevel@tonic-gate while (*tmp != '\0') tmp++; 2017c478bd9Sstevel@tonic-gate while (*tmp == ' ' || *tmp == '\t' || *tmp == '\0' && 2027c478bd9Sstevel@tonic-gate tmp != newhead) { 2037c478bd9Sstevel@tonic-gate *tmp-- = '\0'; 2047c478bd9Sstevel@tonic-gate } 2057c478bd9Sstevel@tonic-gate len = len + comma + strlen(newhead); 2067800901eSjbeck if ((len + 1) > ans_size) { 2077800901eSjbeck ans_size += BUFSIZE; 2087800901eSjbeck new_answer = realloc(answer, ans_size); 2097800901eSjbeck if (new_answer == NULL) { 2107c478bd9Sstevel@tonic-gate (void) __ns_ldap_freeResult(&result); 2117800901eSjbeck errno = ENOMEM; 2127800901eSjbeck *retval = -1; 2137800901eSjbeck free(answer); 2147800901eSjbeck return (NULL); 2157800901eSjbeck } 2167800901eSjbeck answer = new_answer; 2177c478bd9Sstevel@tonic-gate } 2187c478bd9Sstevel@tonic-gate if (comma) 2197c478bd9Sstevel@tonic-gate (void) strcat(answer, ","); 2207c478bd9Sstevel@tonic-gate else 2217c478bd9Sstevel@tonic-gate comma = 1; 2227c478bd9Sstevel@tonic-gate (void) strcat(answer, newhead); 2237c478bd9Sstevel@tonic-gate } 2247c478bd9Sstevel@tonic-gate } 2257c478bd9Sstevel@tonic-gate 2267c478bd9Sstevel@tonic-gate (void) __ns_ldap_freeResult(&result); 2277c478bd9Sstevel@tonic-gate errno = 0; 2287800901eSjbeck *retval = 0; 2297800901eSjbeck return (answer); 2307c478bd9Sstevel@tonic-gate } 231