17c478bd9Sstevel@tonic-gate /*
27c478bd9Sstevel@tonic-gate * CDDL HEADER START
37c478bd9Sstevel@tonic-gate *
47c478bd9Sstevel@tonic-gate * The contents of this file are subject to the terms of the
5cb5caa98Sdjl * Common Development and Distribution License (the "License").
6cb5caa98Sdjl * You may not use this file except in compliance with the License.
77c478bd9Sstevel@tonic-gate *
87c478bd9Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
97c478bd9Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing.
107c478bd9Sstevel@tonic-gate * See the License for the specific language governing permissions
117c478bd9Sstevel@tonic-gate * and limitations under the License.
127c478bd9Sstevel@tonic-gate *
137c478bd9Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each
147c478bd9Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
157c478bd9Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the
167c478bd9Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying
177c478bd9Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner]
187c478bd9Sstevel@tonic-gate *
197c478bd9Sstevel@tonic-gate * CDDL HEADER END
207c478bd9Sstevel@tonic-gate */
217c478bd9Sstevel@tonic-gate /*
22dd1104fbSMichen Chang * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
237c478bd9Sstevel@tonic-gate * Use is subject to license terms.
247c478bd9Sstevel@tonic-gate */
257c478bd9Sstevel@tonic-gate
267c478bd9Sstevel@tonic-gate /*
277c478bd9Sstevel@tonic-gate * libsldap - library side configuration components
287c478bd9Sstevel@tonic-gate * Routines to manage the config structure
297c478bd9Sstevel@tonic-gate */
307c478bd9Sstevel@tonic-gate
317c478bd9Sstevel@tonic-gate #include <stdio.h>
327c478bd9Sstevel@tonic-gate #include <stdlib.h>
33e1dd0a2fSth #include <stddef.h>
347c478bd9Sstevel@tonic-gate #include <string.h>
357c478bd9Sstevel@tonic-gate #include <strings.h>
367c478bd9Sstevel@tonic-gate #include <libintl.h>
377c478bd9Sstevel@tonic-gate #include <locale.h>
387c478bd9Sstevel@tonic-gate #include <thread.h>
397c478bd9Sstevel@tonic-gate #include <synch.h>
407c478bd9Sstevel@tonic-gate #include <errno.h>
417c478bd9Sstevel@tonic-gate #include <unistd.h>
427c478bd9Sstevel@tonic-gate #include <fcntl.h>
437c478bd9Sstevel@tonic-gate #include <ctype.h>
447c478bd9Sstevel@tonic-gate #include <crypt.h>
457c478bd9Sstevel@tonic-gate #include <arpa/inet.h>
467c478bd9Sstevel@tonic-gate #include <sys/types.h>
477c478bd9Sstevel@tonic-gate #include <sys/stat.h>
487c478bd9Sstevel@tonic-gate #include <syslog.h>
497c478bd9Sstevel@tonic-gate #include <netdb.h>
507c478bd9Sstevel@tonic-gate #include <sys/systeminfo.h>
517c478bd9Sstevel@tonic-gate #include <sys/mman.h>
527c478bd9Sstevel@tonic-gate #include <sys/time.h>
537c478bd9Sstevel@tonic-gate #include <limits.h>
547c478bd9Sstevel@tonic-gate #include "ns_sldap.h"
557c478bd9Sstevel@tonic-gate #include "ns_internal.h"
567c478bd9Sstevel@tonic-gate #include "ns_cache_door.h"
57e1dd0a2fSth #include "ns_connmgmt.h"
587c478bd9Sstevel@tonic-gate
5929836b19Smichen #pragma fini(__s_api_shutdown_conn_mgmt, \
60e1dd0a2fSth _free_config, __ns_ldap_doorfd_close)
617c478bd9Sstevel@tonic-gate
627c478bd9Sstevel@tonic-gate static mutex_t ns_parse_lock = DEFAULTMUTEX;
637c478bd9Sstevel@tonic-gate static mutex_t ns_loadrefresh_lock = DEFAULTMUTEX;
647c478bd9Sstevel@tonic-gate static ns_config_t *current_config = NULL;
657c478bd9Sstevel@tonic-gate
667c478bd9Sstevel@tonic-gate static int cache_server = FALSE;
67e1dd0a2fSth extern thread_key_t ns_cmgkey;
687c478bd9Sstevel@tonic-gate
697c478bd9Sstevel@tonic-gate /*
707c478bd9Sstevel@tonic-gate * Parameter Index Type validation routines
717c478bd9Sstevel@tonic-gate */
727c478bd9Sstevel@tonic-gate static int
737c478bd9Sstevel@tonic-gate __s_val_postime(ParamIndexType i, ns_default_config *def,
74a4abf230SToomas Soome ns_param_t *param, char *errbuf);
757c478bd9Sstevel@tonic-gate static int
767c478bd9Sstevel@tonic-gate __s_val_basedn(ParamIndexType i, ns_default_config *def,
77a4abf230SToomas Soome ns_param_t *param, char *errbuf);
787c478bd9Sstevel@tonic-gate
797c478bd9Sstevel@tonic-gate static int
807c478bd9Sstevel@tonic-gate __s_val_binddn(ParamIndexType i, ns_default_config *def,
81a4abf230SToomas Soome ns_param_t *param, char *errbuf);
827c478bd9Sstevel@tonic-gate
837c478bd9Sstevel@tonic-gate static int
847c478bd9Sstevel@tonic-gate __s_val_bindpw(ParamIndexType i, ns_default_config *def,
85a4abf230SToomas Soome ns_param_t *param, char *errbuf);
867c478bd9Sstevel@tonic-gate
877c478bd9Sstevel@tonic-gate static int
887c478bd9Sstevel@tonic-gate __s_val_serverList(ParamIndexType i, ns_default_config *def,
89a4abf230SToomas Soome ns_param_t *param, char *errbuf);
907c478bd9Sstevel@tonic-gate
917c478bd9Sstevel@tonic-gate /*
927c478bd9Sstevel@tonic-gate * Forward declarations
937c478bd9Sstevel@tonic-gate */
947c478bd9Sstevel@tonic-gate
957c478bd9Sstevel@tonic-gate static ns_parse_status
967c478bd9Sstevel@tonic-gate verify_value(ns_config_t *cfg, char *name, char *value, char *errstr);
977c478bd9Sstevel@tonic-gate
987c478bd9Sstevel@tonic-gate static int
997c478bd9Sstevel@tonic-gate set_default_value(ns_config_t *configptr, char *name, char *value,
100a4abf230SToomas Soome ns_ldap_error_t **error);
1017c478bd9Sstevel@tonic-gate
1027c478bd9Sstevel@tonic-gate static void
1037c478bd9Sstevel@tonic-gate set_curr_config(ns_config_t *ptr);
1047c478bd9Sstevel@tonic-gate
1057c478bd9Sstevel@tonic-gate static int
1067c478bd9Sstevel@tonic-gate __door_getldapconfig(char **buffer, int *buflen, ns_ldap_error_t **error);
1077c478bd9Sstevel@tonic-gate
1087c478bd9Sstevel@tonic-gate static ns_config_t *
1097c478bd9Sstevel@tonic-gate SetDoorInfo(char *buffer, ns_ldap_error_t **errorp);
1107c478bd9Sstevel@tonic-gate
1117c478bd9Sstevel@tonic-gate static boolean_t
1127c478bd9Sstevel@tonic-gate timetorefresh(ns_config_t *cfg);
1137c478bd9Sstevel@tonic-gate
1147c478bd9Sstevel@tonic-gate static ns_config_t *
115e1dd0a2fSth LoadCacheConfiguration(ns_config_t *, ns_ldap_error_t **error);
1167c478bd9Sstevel@tonic-gate
1177c478bd9Sstevel@tonic-gate static void **
1187c478bd9Sstevel@tonic-gate dupParam(ns_param_t *ptr);
1197c478bd9Sstevel@tonic-gate
1207c478bd9Sstevel@tonic-gate static time_t
1217c478bd9Sstevel@tonic-gate conv_time(char *s);
1227c478bd9Sstevel@tonic-gate
1237c478bd9Sstevel@tonic-gate /*
1247c478bd9Sstevel@tonic-gate * Structures used in enum <-> string mapping routines
1257c478bd9Sstevel@tonic-gate */
1267c478bd9Sstevel@tonic-gate
1277c478bd9Sstevel@tonic-gate static ns_enum_map ns_auth_enum_v1[] = {
1287c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_EA_NONE), "NS_LDAP_AUTH_NONE" },
1297c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_EA_SIMPLE), "NS_LDAP_AUTH_SIMPLE" },
1307c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_EA_SASL_CRAM_MD5), "NS_LDAP_AUTH_SASL_CRAM_MD5" },
1317c478bd9Sstevel@tonic-gate { -1, NULL },
1327c478bd9Sstevel@tonic-gate };
1337c478bd9Sstevel@tonic-gate
1347c478bd9Sstevel@tonic-gate static ns_enum_map ns_auth_enum_v2[] = {
1357c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_EA_NONE), "none" },
1367c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_EA_SIMPLE), "simple" },
1377c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_EA_SASL_CRAM_MD5), "sasl/CRAM-MD5" },
1387c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_EA_SASL_DIGEST_MD5), "sasl/DIGEST-MD5" },
1397c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_EA_SASL_DIGEST_MD5_INT),
1407c478bd9Sstevel@tonic-gate "sasl/DIGEST-MD5:auth-int" },
1417c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_EA_SASL_DIGEST_MD5_CONF),
1427c478bd9Sstevel@tonic-gate "sasl/DIGEST-MD5:auth-conf" },
1437c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_EA_SASL_EXTERNAL), "sasl/EXTERNAL" },
144cb5caa98Sdjl { ENUM2INT(NS_LDAP_EA_SASL_GSSAPI), "sasl/GSSAPI" },
1457c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_EA_TLS_NONE), "tls:none" },
1467c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_EA_TLS_SIMPLE), "tls:simple" },
1477c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_EA_TLS_SASL_CRAM_MD5), "tls:sasl/CRAM-MD5" },
1487c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_EA_TLS_SASL_DIGEST_MD5), "tls:sasl/DIGEST-MD5" },
1497c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_EA_TLS_SASL_DIGEST_MD5_INT),
1507c478bd9Sstevel@tonic-gate "tls:sasl/DIGEST-MD5:auth-int" },
1517c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_EA_TLS_SASL_DIGEST_MD5_CONF),
1527c478bd9Sstevel@tonic-gate "tls:sasl/DIGEST-MD5:auth-conf" },
1537c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_EA_TLS_SASL_EXTERNAL), "tls:sasl/EXTERNAL" },
1547c478bd9Sstevel@tonic-gate { -1, NULL },
1557c478bd9Sstevel@tonic-gate };
1567c478bd9Sstevel@tonic-gate
1577c478bd9Sstevel@tonic-gate /* V1 ONLY */
1587c478bd9Sstevel@tonic-gate static ns_enum_map ns_sec_enum_v1[] = {
1597c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_TLS_NONE), "NS_LDAP_SEC_NONE" },
1607c478bd9Sstevel@tonic-gate { -1, NULL },
1617c478bd9Sstevel@tonic-gate };
1627c478bd9Sstevel@tonic-gate
1637c478bd9Sstevel@tonic-gate /* V2 ONLY */
1647c478bd9Sstevel@tonic-gate static ns_enum_map ns_cred_enum_v2[] = {
1657c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_CRED_ANON), "anonymous" },
1667c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_CRED_PROXY), "proxy" },
1677c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_CRED_SELF), "self" },
1687c478bd9Sstevel@tonic-gate { -1, NULL },
1697c478bd9Sstevel@tonic-gate };
1707c478bd9Sstevel@tonic-gate
1717c478bd9Sstevel@tonic-gate static ns_enum_map ns_ref_enum_v1[] = {
1727c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_FOLLOWREF), "NS_LDAP_FOLLOWREF" },
1737c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_NOREF), "NS_LDAP_NOREF" },
1747c478bd9Sstevel@tonic-gate { -1, NULL },
1757c478bd9Sstevel@tonic-gate };
1767c478bd9Sstevel@tonic-gate
1777c478bd9Sstevel@tonic-gate static ns_enum_map ns_ref_enum_v2[] = {
1787c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_FOLLOWREF), "TRUE" },
1797c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_NOREF), "FALSE" },
1807c478bd9Sstevel@tonic-gate { -1, NULL },
1817c478bd9Sstevel@tonic-gate };
1827c478bd9Sstevel@tonic-gate
1837c478bd9Sstevel@tonic-gate static ns_enum_map ns_scope_enum_v1[] = {
1847c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_SCOPE_BASE), "NS_LDAP_SCOPE_BASE" },
1857c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_SCOPE_ONELEVEL), "NS_LDAP_SCOPE_ONELEVEL" },
1867c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_SCOPE_SUBTREE), "NS_LDAP_SCOPE_SUBTREE" },
1877c478bd9Sstevel@tonic-gate { -1, NULL },
1887c478bd9Sstevel@tonic-gate };
1897c478bd9Sstevel@tonic-gate
1907c478bd9Sstevel@tonic-gate static ns_enum_map ns_scope_enum_v2[] = {
1917c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_SCOPE_BASE), "base" },
1927c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_SCOPE_ONELEVEL), "one" },
1937c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_SCOPE_SUBTREE), "sub" },
1947c478bd9Sstevel@tonic-gate { -1, NULL },
1957c478bd9Sstevel@tonic-gate };
1967c478bd9Sstevel@tonic-gate
1977c478bd9Sstevel@tonic-gate static ns_enum_map ns_pref_enum[] = {
1987c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_PREF_FALSE), "NS_LDAP_FALSE" },
1997c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_PREF_TRUE), "NS_LDAP_TRUE" },
2007c478bd9Sstevel@tonic-gate { -1, NULL },
2017c478bd9Sstevel@tonic-gate };
2027c478bd9Sstevel@tonic-gate
203dd1104fbSMichen Chang static ns_enum_map ns_shadow_update_enum[] = {
204dd1104fbSMichen Chang { ENUM2INT(NS_LDAP_ENABLE_SHADOW_UPDATE_FALSE), "FALSE" },
205dd1104fbSMichen Chang { ENUM2INT(NS_LDAP_ENABLE_SHADOW_UPDATE_TRUE), "TRUE" },
206dd1104fbSMichen Chang { -1, NULL },
207dd1104fbSMichen Chang };
208dd1104fbSMichen Chang
2097c478bd9Sstevel@tonic-gate static int ns_def_auth_v1[] = {
2107c478bd9Sstevel@tonic-gate ENUM2INT(NS_LDAP_EA_NONE),
2117c478bd9Sstevel@tonic-gate 0
2127c478bd9Sstevel@tonic-gate };
2137c478bd9Sstevel@tonic-gate
2147c478bd9Sstevel@tonic-gate static int ns_def_auth_v2[] = {
2157c478bd9Sstevel@tonic-gate ENUM2INT(NS_LDAP_EA_NONE),
2167c478bd9Sstevel@tonic-gate 0
2177c478bd9Sstevel@tonic-gate };
2187c478bd9Sstevel@tonic-gate
2197c478bd9Sstevel@tonic-gate static int ns_def_cred_v1[] = {
2207c478bd9Sstevel@tonic-gate ENUM2INT(NS_LDAP_CRED_PROXY),
2217c478bd9Sstevel@tonic-gate 0
2227c478bd9Sstevel@tonic-gate };
2237c478bd9Sstevel@tonic-gate
2247c478bd9Sstevel@tonic-gate static int ns_def_cred_v2[] = {
2257c478bd9Sstevel@tonic-gate ENUM2INT(NS_LDAP_CRED_ANON),
2267c478bd9Sstevel@tonic-gate 0
2277c478bd9Sstevel@tonic-gate };
2287c478bd9Sstevel@tonic-gate
2297c478bd9Sstevel@tonic-gate /*
2307c478bd9Sstevel@tonic-gate * The next macro places an integer in the first sizeof(int) bytes of a
2317c478bd9Sstevel@tonic-gate * void pointer location. For 32-bit, it is the same as "(void *) i". It
2327c478bd9Sstevel@tonic-gate * is used to solve a problem found during 64-bit testing. The problem
2337c478bd9Sstevel@tonic-gate * was that for a configuration parameter such as NS_LDAP_SEARCH_REF_P,
2347c478bd9Sstevel@tonic-gate * which is of type INT and has defined default value, an int
2357c478bd9Sstevel@tonic-gate * variable(ns_param.ns_pu.i) defined inside an union(ns_pu) structure, is
2367c478bd9Sstevel@tonic-gate * used to access the defined default value. This requires the default
2377c478bd9Sstevel@tonic-gate * value to be in the first sizeof(int) bytes of the union element. If
2387c478bd9Sstevel@tonic-gate * just using "(void *) intval" to declare the default value in the
2397c478bd9Sstevel@tonic-gate * following defconfig[] structure, the intval data will be placed is the
2407c478bd9Sstevel@tonic-gate * last sizeof(int) bytes. In which case, when accessing via ns_pu_i in
2417c478bd9Sstevel@tonic-gate * a 64-bit system, ZERO will be returned as the default value, not the
2427c478bd9Sstevel@tonic-gate * defined one.
2437c478bd9Sstevel@tonic-gate *
2447c478bd9Sstevel@tonic-gate * Note since amd64 is little-endian, the problem is not an issue.
2457c478bd9Sstevel@tonic-gate * INT2VOIDPTR will just leave the data (i) unchanged.
2467c478bd9Sstevel@tonic-gate */
2477c478bd9Sstevel@tonic-gate #if defined(__amd64)
2487c478bd9Sstevel@tonic-gate #define INT2VOIDPTR(i) (void *)i
2497c478bd9Sstevel@tonic-gate #else
2507c478bd9Sstevel@tonic-gate #define INT2VOIDPTR(i) \
2517c478bd9Sstevel@tonic-gate (void *)(((long)(i))<<(8*(sizeof (void *) - sizeof (int))))
2527c478bd9Sstevel@tonic-gate #endif
2537c478bd9Sstevel@tonic-gate /*
2547c478bd9Sstevel@tonic-gate * The default configuration table
2557c478bd9Sstevel@tonic-gate * Version 1 entries are first, V2 entries follow.
2567c478bd9Sstevel@tonic-gate */
2577c478bd9Sstevel@tonic-gate static ns_default_config defconfig[] = {
2587c478bd9Sstevel@tonic-gate /* optional V1 profile */
2597c478bd9Sstevel@tonic-gate {"NS_LDAP_FILE_VERSION", NS_LDAP_FILE_VERSION_P,
2607c478bd9Sstevel@tonic-gate CLIENTCONFIG, CHARPTR, TRUE, NS_LDAP_V1,
2617c478bd9Sstevel@tonic-gate NULL, /* No version number defined in V1 */
2627c478bd9Sstevel@tonic-gate { CHARPTR, 0, (void *)NS_LDAP_VERSION_1 },
2637c478bd9Sstevel@tonic-gate NULL, NULL },
2647c478bd9Sstevel@tonic-gate
2657c478bd9Sstevel@tonic-gate /* ---------- V1 profile ---------- */
2667c478bd9Sstevel@tonic-gate {"NS_LDAP_BINDDN", NS_LDAP_BINDDN_P,
2677c478bd9Sstevel@tonic-gate CREDCONFIG, CHARPTR, TRUE, NS_LDAP_V1,
2687c478bd9Sstevel@tonic-gate _P1_BINDDN,
2697c478bd9Sstevel@tonic-gate { CHARPTR, 0, NULL },
2707c478bd9Sstevel@tonic-gate __s_val_binddn, NULL },
2717c478bd9Sstevel@tonic-gate
2727c478bd9Sstevel@tonic-gate {"NS_LDAP_BINDPASSWD", NS_LDAP_BINDPASSWD_P,
2737c478bd9Sstevel@tonic-gate CREDCONFIG, CHARPTR, TRUE, NS_LDAP_V1,
2747c478bd9Sstevel@tonic-gate _P1_BINDPASSWORD,
2757c478bd9Sstevel@tonic-gate { CHARPTR, 0, NULL },
2767c478bd9Sstevel@tonic-gate __s_val_bindpw, NULL },
2777c478bd9Sstevel@tonic-gate
2787c478bd9Sstevel@tonic-gate {"NS_LDAP_SERVERS", NS_LDAP_SERVERS_P,
2797c478bd9Sstevel@tonic-gate SERVERCONFIG, ARRAYCP, FALSE, NS_LDAP_V1,
2807c478bd9Sstevel@tonic-gate _P1_SERVERS,
2817c478bd9Sstevel@tonic-gate { ARRAYCP, 0, NULL },
2827c478bd9Sstevel@tonic-gate __s_val_serverList, NULL },
2837c478bd9Sstevel@tonic-gate
2847c478bd9Sstevel@tonic-gate {"NS_LDAP_SEARCH_BASEDN", NS_LDAP_SEARCH_BASEDN_P,
2857c478bd9Sstevel@tonic-gate SERVERCONFIG, CHARPTR, TRUE, NS_LDAP_V1,
2867c478bd9Sstevel@tonic-gate _P1_SEARCHBASEDN,
2877c478bd9Sstevel@tonic-gate { CHARPTR, 0, NULL },
2887c478bd9Sstevel@tonic-gate __s_val_basedn, NULL },
2897c478bd9Sstevel@tonic-gate
2907c478bd9Sstevel@tonic-gate {"NS_LDAP_AUTH", NS_LDAP_AUTH_P,
2917c478bd9Sstevel@tonic-gate CLIENTCONFIG, ARRAYAUTH, FALSE, NS_LDAP_V1,
2927c478bd9Sstevel@tonic-gate _P1_AUTHMETHOD,
2937c478bd9Sstevel@tonic-gate { ARRAYAUTH, 1, (void *)&ns_def_auth_v1[0] },
2947c478bd9Sstevel@tonic-gate NULL, ns_auth_enum_v1 },
2957c478bd9Sstevel@tonic-gate
2967c478bd9Sstevel@tonic-gate {"NS_LDAP_TRANSPORT_SEC", NS_LDAP_TRANSPORT_SEC_P,
2977c478bd9Sstevel@tonic-gate CLIENTCONFIG, INT, TRUE, NS_LDAP_V1,
2987c478bd9Sstevel@tonic-gate _P1_TRANSPORTSECURITY,
2997c478bd9Sstevel@tonic-gate { INT, 0, INT2VOIDPTR(NS_LDAP_TLS_NONE) },
3007c478bd9Sstevel@tonic-gate NULL, ns_sec_enum_v1 },
3017c478bd9Sstevel@tonic-gate
3027c478bd9Sstevel@tonic-gate {"NS_LDAP_SEARCH_REF", NS_LDAP_SEARCH_REF_P,
3037c478bd9Sstevel@tonic-gate CLIENTCONFIG, INT, TRUE, NS_LDAP_V1,
3047c478bd9Sstevel@tonic-gate _P1_SEARCHREFERRAL,
3057c478bd9Sstevel@tonic-gate { INT, 0, INT2VOIDPTR(NS_LDAP_FOLLOWREF) },
3067c478bd9Sstevel@tonic-gate NULL, ns_ref_enum_v1 },
3077c478bd9Sstevel@tonic-gate
3087c478bd9Sstevel@tonic-gate {"NS_LDAP_DOMAIN", NS_LDAP_DOMAIN_P,
3097c478bd9Sstevel@tonic-gate CLIENTCONFIG, CHARPTR, TRUE, NS_LDAP_V1,
3107c478bd9Sstevel@tonic-gate NULL, /* not defined in the Profile */
3117c478bd9Sstevel@tonic-gate { CHARPTR, 0, NULL },
3127c478bd9Sstevel@tonic-gate NULL, NULL },
3137c478bd9Sstevel@tonic-gate
3147c478bd9Sstevel@tonic-gate {"NS_LDAP_EXP", NS_LDAP_EXP_P,
3157c478bd9Sstevel@tonic-gate SERVERCONFIG, TIMET, TRUE, NS_LDAP_V1,
3167c478bd9Sstevel@tonic-gate NULL, /* initialized by code to time+NS_LDAP_CACHETTL */
3177c478bd9Sstevel@tonic-gate { INT, 0, 0 },
3187c478bd9Sstevel@tonic-gate NULL, NULL },
3197c478bd9Sstevel@tonic-gate
3207c478bd9Sstevel@tonic-gate {"NS_LDAP_CERT_PATH", NS_LDAP_CERT_PATH_P,
3217c478bd9Sstevel@tonic-gate CREDCONFIG, CHARPTR, TRUE, NS_LDAP_V1,
3227c478bd9Sstevel@tonic-gate _P1_CERTIFICATEPATH,
3237c478bd9Sstevel@tonic-gate { CHARPTR, 0, NULL },
3247c478bd9Sstevel@tonic-gate NULL, NULL },
3257c478bd9Sstevel@tonic-gate
3267c478bd9Sstevel@tonic-gate {"NS_LDAP_CERT_PASS", NS_LDAP_CERT_PASS_P,
3277c478bd9Sstevel@tonic-gate CREDCONFIG, CHARPTR, TRUE, NS_LDAP_V1,
3287c478bd9Sstevel@tonic-gate _P1_CERTIFICATEPASSWORD,
3297c478bd9Sstevel@tonic-gate { CHARPTR, 0, NULL },
3307c478bd9Sstevel@tonic-gate NULL, NULL },
3317c478bd9Sstevel@tonic-gate
3327c478bd9Sstevel@tonic-gate {"NS_LDAP_SEARCH_DN", NS_LDAP_SEARCH_DN_P,
3337c478bd9Sstevel@tonic-gate CLIENTCONFIG, SSDLIST, FALSE, NS_LDAP_V1,
3347c478bd9Sstevel@tonic-gate _P1_DATASEARCHDN,
3357c478bd9Sstevel@tonic-gate { SSDLIST, 0, NULL },
3367c478bd9Sstevel@tonic-gate NULL, NULL },
3377c478bd9Sstevel@tonic-gate
3387c478bd9Sstevel@tonic-gate {"NS_LDAP_SEARCH_SCOPE", NS_LDAP_SEARCH_SCOPE_P,
3397c478bd9Sstevel@tonic-gate CLIENTCONFIG, INT, TRUE, NS_LDAP_V1,
3407c478bd9Sstevel@tonic-gate _P1_SEARCHSCOPE,
3417c478bd9Sstevel@tonic-gate { INT, 0, INT2VOIDPTR(NS_LDAP_SCOPE_ONELEVEL) },
3427c478bd9Sstevel@tonic-gate NULL, ns_scope_enum_v1 },
3437c478bd9Sstevel@tonic-gate
3447c478bd9Sstevel@tonic-gate {"NS_LDAP_SEARCH_TIME", NS_LDAP_SEARCH_TIME_P,
3457c478bd9Sstevel@tonic-gate CLIENTCONFIG, INT, TRUE, NS_LDAP_V1,
3467c478bd9Sstevel@tonic-gate _P1_SEARCHTIMELIMIT,
3477c478bd9Sstevel@tonic-gate { INT, 0, INT2VOIDPTR(NS_DEFAULT_SEARCH_TIMEOUT) },
3487c478bd9Sstevel@tonic-gate NULL, NULL },
3497c478bd9Sstevel@tonic-gate
3507c478bd9Sstevel@tonic-gate {"NS_LDAP_SERVER_PREF", NS_LDAP_SERVER_PREF_P,
3517c478bd9Sstevel@tonic-gate CLIENTCONFIG, ARRAYCP, FALSE, NS_LDAP_V1,
3527c478bd9Sstevel@tonic-gate _P1_PREFERREDSERVER,
3537c478bd9Sstevel@tonic-gate { ARRAYCP, 0, NULL },
3547c478bd9Sstevel@tonic-gate __s_val_serverList, NULL },
3557c478bd9Sstevel@tonic-gate
3567c478bd9Sstevel@tonic-gate {"NS_LDAP_PREF_ONLY", NS_LDAP_PREF_ONLY_P,
3577c478bd9Sstevel@tonic-gate CLIENTCONFIG, INT, TRUE, NS_LDAP_V1,
3587c478bd9Sstevel@tonic-gate _P1_PREFERREDSERVERONLY,
3597c478bd9Sstevel@tonic-gate { INT, 0, INT2VOIDPTR(NS_LDAP_PREF_FALSE) },
3607c478bd9Sstevel@tonic-gate NULL, ns_pref_enum },
3617c478bd9Sstevel@tonic-gate
3627c478bd9Sstevel@tonic-gate {"NS_LDAP_CACHETTL", NS_LDAP_CACHETTL_P,
3637c478bd9Sstevel@tonic-gate CLIENTCONFIG, CHARPTR, TRUE, NS_LDAP_V1,
3647c478bd9Sstevel@tonic-gate _P1_CACHETTL,
3657c478bd9Sstevel@tonic-gate { CHARPTR, 0, (void *)EXP_DEFAULT_TTL },
3667c478bd9Sstevel@tonic-gate __s_val_postime, NULL },
3677c478bd9Sstevel@tonic-gate
3687c478bd9Sstevel@tonic-gate {"NS_LDAP_PROFILE", NS_LDAP_PROFILE_P,
3697c478bd9Sstevel@tonic-gate CLIENTCONFIG, CHARPTR, TRUE, NS_LDAP_V1,
3707c478bd9Sstevel@tonic-gate _P_CN,
3717c478bd9Sstevel@tonic-gate { CHARPTR, 0, (void *)DEFAULTCONFIGNAME },
3727c478bd9Sstevel@tonic-gate NULL, NULL },
3737c478bd9Sstevel@tonic-gate
3747c478bd9Sstevel@tonic-gate {"NS_LDAP_BIND_TIME", NS_LDAP_BIND_TIME_P,
3757c478bd9Sstevel@tonic-gate CLIENTCONFIG, INT, TRUE, NS_LDAP_V1,
3767c478bd9Sstevel@tonic-gate _P1_BINDTIMELIMIT,
3777c478bd9Sstevel@tonic-gate { INT, 0, INT2VOIDPTR(NS_DEFAULT_BIND_TIMEOUT) },
3787c478bd9Sstevel@tonic-gate NULL, NULL },
3797c478bd9Sstevel@tonic-gate
3807c478bd9Sstevel@tonic-gate /* This configuration option is not visible in V1 */
3817c478bd9Sstevel@tonic-gate {"NS_LDAP_CREDENTIAL_LEVEL", NS_LDAP_CREDENTIAL_LEVEL_P,
3827c478bd9Sstevel@tonic-gate CLIENTCONFIG, ARRAYCRED, TRUE, NS_LDAP_V1,
3837c478bd9Sstevel@tonic-gate NULL, /* No version defined in V1 */
3847c478bd9Sstevel@tonic-gate { ARRAYCRED, 0, (void *)&ns_def_cred_v1[0] },
3857c478bd9Sstevel@tonic-gate NULL, NULL },
3867c478bd9Sstevel@tonic-gate
3877c478bd9Sstevel@tonic-gate /* ---------- V2 profile ---------- */
3887c478bd9Sstevel@tonic-gate {"NS_LDAP_FILE_VERSION", NS_LDAP_FILE_VERSION_P,
3897c478bd9Sstevel@tonic-gate CLIENTCONFIG, CHARPTR, TRUE, NS_LDAP_V2,
3907c478bd9Sstevel@tonic-gate NULL, /* No version number defined in V1 */
3917c478bd9Sstevel@tonic-gate { CHARPTR, 0, (void *)NS_LDAP_VERSION_2 },
3927c478bd9Sstevel@tonic-gate NULL, NULL },
3937c478bd9Sstevel@tonic-gate
3947c478bd9Sstevel@tonic-gate {"NS_LDAP_BINDDN", NS_LDAP_BINDDN_P,
3957c478bd9Sstevel@tonic-gate CREDCONFIG, CHARPTR, TRUE, NS_LDAP_V2,
3967c478bd9Sstevel@tonic-gate NULL, /* not defined in the Profile */
3977c478bd9Sstevel@tonic-gate { CHARPTR, 0, NULL },
3987c478bd9Sstevel@tonic-gate __s_val_binddn, NULL },
399dd1104fbSMichen Chang
4007c478bd9Sstevel@tonic-gate {"NS_LDAP_BINDPASSWD", NS_LDAP_BINDPASSWD_P,
4017c478bd9Sstevel@tonic-gate CREDCONFIG, CHARPTR, TRUE, NS_LDAP_V2,
4027c478bd9Sstevel@tonic-gate NULL, /* not defined in the Profile */
4037c478bd9Sstevel@tonic-gate { CHARPTR, 0, NULL },
4047c478bd9Sstevel@tonic-gate __s_val_bindpw, NULL },
405dd1104fbSMichen Chang
406dd1104fbSMichen Chang {"NS_LDAP_ENABLE_SHADOW_UPDATE", NS_LDAP_ENABLE_SHADOW_UPDATE_P,
407dd1104fbSMichen Chang CREDCONFIG, INT, TRUE, NS_LDAP_V2,
408dd1104fbSMichen Chang NULL, /* not defined in the Profile */
409dd1104fbSMichen Chang { INT, 0, INT2VOIDPTR(NS_LDAP_ENABLE_SHADOW_UPDATE_FALSE) },
410dd1104fbSMichen Chang NULL, ns_shadow_update_enum },
411dd1104fbSMichen Chang
412dd1104fbSMichen Chang {"NS_LDAP_ADMIN_BINDDN", NS_LDAP_ADMIN_BINDDN_P,
413dd1104fbSMichen Chang CREDCONFIG, CHARPTR, TRUE, NS_LDAP_V2,
414dd1104fbSMichen Chang NULL, /* not defined in the Profile */
415dd1104fbSMichen Chang { CHARPTR, 0, NULL },
416dd1104fbSMichen Chang __s_val_binddn, NULL },
417dd1104fbSMichen Chang
418dd1104fbSMichen Chang {"NS_LDAP_ADMIN_BINDPASSWD", NS_LDAP_ADMIN_BINDPASSWD_P,
419dd1104fbSMichen Chang CREDCONFIG, CHARPTR, TRUE, NS_LDAP_V2,
420dd1104fbSMichen Chang NULL, /* not defined in the Profile */
421dd1104fbSMichen Chang { CHARPTR, 0, NULL },
422dd1104fbSMichen Chang __s_val_bindpw, NULL },
423dd1104fbSMichen Chang
4247c478bd9Sstevel@tonic-gate {"NS_LDAP_EXP", NS_LDAP_EXP_P,
4257c478bd9Sstevel@tonic-gate SERVERCONFIG, TIMET, TRUE, NS_LDAP_V2,
4267c478bd9Sstevel@tonic-gate NULL, /* initialized by code to time+NS_LDAP_CACHETTL */
4277c478bd9Sstevel@tonic-gate { INT, 0, 0 },
4287c478bd9Sstevel@tonic-gate NULL, NULL },
4297c478bd9Sstevel@tonic-gate
4307c478bd9Sstevel@tonic-gate {"NS_LDAP_SERVER_PREF", NS_LDAP_SERVER_PREF_P,
4317c478bd9Sstevel@tonic-gate CLIENTCONFIG, SERVLIST, FALSE, NS_LDAP_V2,
4327c478bd9Sstevel@tonic-gate _P2_PREFERREDSERVER,
4337c478bd9Sstevel@tonic-gate { SERVLIST, 0, NULL },
4347c478bd9Sstevel@tonic-gate __s_val_serverList, NULL },
4357c478bd9Sstevel@tonic-gate
4367c478bd9Sstevel@tonic-gate {"NS_LDAP_SERVERS", NS_LDAP_SERVERS_P,
4377c478bd9Sstevel@tonic-gate SERVERCONFIG, SERVLIST, FALSE, NS_LDAP_V2,
4387c478bd9Sstevel@tonic-gate _P2_DEFAULTSERVER,
4397c478bd9Sstevel@tonic-gate { SERVLIST, 0, NULL },
4407c478bd9Sstevel@tonic-gate __s_val_serverList, NULL },
4417c478bd9Sstevel@tonic-gate
4427c478bd9Sstevel@tonic-gate {"NS_LDAP_SEARCH_BASEDN", NS_LDAP_SEARCH_BASEDN_P,
4437c478bd9Sstevel@tonic-gate SERVERCONFIG, CHARPTR, TRUE, NS_LDAP_V2,
4447c478bd9Sstevel@tonic-gate _P2_SEARCHBASEDN,
4457c478bd9Sstevel@tonic-gate { CHARPTR, 0, NULL },
4467c478bd9Sstevel@tonic-gate __s_val_basedn, NULL },
4477c478bd9Sstevel@tonic-gate
4487c478bd9Sstevel@tonic-gate {"NS_LDAP_SEARCH_SCOPE", NS_LDAP_SEARCH_SCOPE_P,
4497c478bd9Sstevel@tonic-gate CLIENTCONFIG, INT, TRUE, NS_LDAP_V2,
4507c478bd9Sstevel@tonic-gate _P2_SEARCHSCOPE,
4517c478bd9Sstevel@tonic-gate { INT, 0, INT2VOIDPTR(NS_LDAP_SCOPE_ONELEVEL) },
4527c478bd9Sstevel@tonic-gate NULL, ns_scope_enum_v2 },
4537c478bd9Sstevel@tonic-gate
4547c478bd9Sstevel@tonic-gate {"NS_LDAP_AUTH", NS_LDAP_AUTH_P,
4557c478bd9Sstevel@tonic-gate CLIENTCONFIG, ARRAYAUTH, FALSE, NS_LDAP_V2,
4567c478bd9Sstevel@tonic-gate _P2_AUTHMETHOD,
4577c478bd9Sstevel@tonic-gate { ARRAYAUTH, 2, (void *)&ns_def_auth_v2[0] },
4587c478bd9Sstevel@tonic-gate NULL, ns_auth_enum_v2 },
4597c478bd9Sstevel@tonic-gate
4607c478bd9Sstevel@tonic-gate {"NS_LDAP_CREDENTIAL_LEVEL", NS_LDAP_CREDENTIAL_LEVEL_P,
4617c478bd9Sstevel@tonic-gate CLIENTCONFIG, ARRAYCRED, FALSE, NS_LDAP_V2,
4627c478bd9Sstevel@tonic-gate _P2_CREDENTIALLEVEL,
4637c478bd9Sstevel@tonic-gate { ARRAYCRED, 0, (void *)&ns_def_cred_v2[0] },
4647c478bd9Sstevel@tonic-gate NULL, ns_cred_enum_v2 },
4657c478bd9Sstevel@tonic-gate
4667c478bd9Sstevel@tonic-gate {"NS_LDAP_SERVICE_SEARCH_DESC", NS_LDAP_SERVICE_SEARCH_DESC_P,
4677c478bd9Sstevel@tonic-gate CLIENTCONFIG, SSDLIST, FALSE, NS_LDAP_V2,
4687c478bd9Sstevel@tonic-gate _P2_SERVICESEARCHDESC,
4697c478bd9Sstevel@tonic-gate { SSDLIST, 0, NULL },
4707c478bd9Sstevel@tonic-gate NULL, NULL },
4717c478bd9Sstevel@tonic-gate
4727c478bd9Sstevel@tonic-gate {"NS_LDAP_SEARCH_TIME", NS_LDAP_SEARCH_TIME_P,
4737c478bd9Sstevel@tonic-gate CLIENTCONFIG, INT, TRUE, NS_LDAP_V2,
4747c478bd9Sstevel@tonic-gate _P2_SEARCHTIMELIMIT,
4757c478bd9Sstevel@tonic-gate { INT, 0, INT2VOIDPTR(NS_DEFAULT_SEARCH_TIMEOUT) },
4767c478bd9Sstevel@tonic-gate NULL, NULL },
4777c478bd9Sstevel@tonic-gate
4787c478bd9Sstevel@tonic-gate {"NS_LDAP_BIND_TIME", NS_LDAP_BIND_TIME_P,
4797c478bd9Sstevel@tonic-gate CLIENTCONFIG, INT, TRUE, NS_LDAP_V2,
4807c478bd9Sstevel@tonic-gate _P2_BINDTIMELIMIT,
4817c478bd9Sstevel@tonic-gate { INT, 0, INT2VOIDPTR(NS_DEFAULT_BIND_TIMEOUT) },
4827c478bd9Sstevel@tonic-gate NULL, NULL },
4837c478bd9Sstevel@tonic-gate
4847c478bd9Sstevel@tonic-gate {"NS_LDAP_SEARCH_REF", NS_LDAP_SEARCH_REF_P,
4857c478bd9Sstevel@tonic-gate CLIENTCONFIG, INT, TRUE, NS_LDAP_V2,
4867c478bd9Sstevel@tonic-gate _P2_FOLLOWREFERRALS,
4877c478bd9Sstevel@tonic-gate { INT, 0, INT2VOIDPTR(NS_LDAP_FOLLOWREF) },
4887c478bd9Sstevel@tonic-gate NULL, ns_ref_enum_v2 },
4897c478bd9Sstevel@tonic-gate
4907c478bd9Sstevel@tonic-gate {"NS_LDAP_CACHETTL", NS_LDAP_CACHETTL_P,
4917c478bd9Sstevel@tonic-gate CLIENTCONFIG, CHARPTR, TRUE, NS_LDAP_V2,
4927c478bd9Sstevel@tonic-gate _P2_PROFILETTL,
4937c478bd9Sstevel@tonic-gate { CHARPTR, 0, (void *)EXP_DEFAULT_TTL },
4947c478bd9Sstevel@tonic-gate __s_val_postime, NULL },
4957c478bd9Sstevel@tonic-gate
4967c478bd9Sstevel@tonic-gate {"NS_LDAP_ATTRIBUTEMAP", NS_LDAP_ATTRIBUTEMAP_P,
4977c478bd9Sstevel@tonic-gate CLIENTCONFIG, ATTRMAP, FALSE, NS_LDAP_V2,
4987c478bd9Sstevel@tonic-gate _P2_ATTRIBUTEMAP,
4997c478bd9Sstevel@tonic-gate { ATTRMAP, 0, NULL },
5007c478bd9Sstevel@tonic-gate NULL, NULL },
5017c478bd9Sstevel@tonic-gate
5027c478bd9Sstevel@tonic-gate {"NS_LDAP_OBJECTCLASSMAP", NS_LDAP_OBJECTCLASSMAP_P,
5037c478bd9Sstevel@tonic-gate CLIENTCONFIG, OBJMAP, FALSE, NS_LDAP_V2,
5047c478bd9Sstevel@tonic-gate _P2_OBJECTCLASSMAP,
5057c478bd9Sstevel@tonic-gate { OBJMAP, 0, NULL },
5067c478bd9Sstevel@tonic-gate NULL, NULL },
5077c478bd9Sstevel@tonic-gate
5087c478bd9Sstevel@tonic-gate {"NS_LDAP_PROFILE", NS_LDAP_PROFILE_P,
5097c478bd9Sstevel@tonic-gate CLIENTCONFIG, CHARPTR, TRUE, NS_LDAP_V2,
5107c478bd9Sstevel@tonic-gate _P_CN,
5117c478bd9Sstevel@tonic-gate { CHARPTR, 0, (void *)DEFAULTCONFIGNAME },
5127c478bd9Sstevel@tonic-gate NULL, NULL },
5137c478bd9Sstevel@tonic-gate
5147c478bd9Sstevel@tonic-gate {"NS_LDAP_SERVICE_AUTH_METHOD", NS_LDAP_SERVICE_AUTH_METHOD_P,
5157c478bd9Sstevel@tonic-gate CLIENTCONFIG, SAMLIST, FALSE, NS_LDAP_V2,
5167c478bd9Sstevel@tonic-gate _P2_SERVICEAUTHMETHOD,
5177c478bd9Sstevel@tonic-gate { SAMLIST, 0, NULL },
5187c478bd9Sstevel@tonic-gate NULL, NULL },
5197c478bd9Sstevel@tonic-gate
5207c478bd9Sstevel@tonic-gate {"NS_LDAP_SERVICE_CRED_LEVEL", NS_LDAP_SERVICE_CRED_LEVEL_P,
5217c478bd9Sstevel@tonic-gate CLIENTCONFIG, SCLLIST, FALSE, NS_LDAP_V2,
5227c478bd9Sstevel@tonic-gate _P2_SERVICECREDLEVEL,
5237c478bd9Sstevel@tonic-gate { SCLLIST, 0, NULL },
5247c478bd9Sstevel@tonic-gate NULL, NULL },
5257c478bd9Sstevel@tonic-gate
5267c478bd9Sstevel@tonic-gate {"NS_LDAP_HOST_CERTPATH", NS_LDAP_HOST_CERTPATH_P,
5277c478bd9Sstevel@tonic-gate CREDCONFIG, CHARPTR, TRUE, NS_LDAP_V2,
5287c478bd9Sstevel@tonic-gate NULL, /* not defined in the Profile */
5297c478bd9Sstevel@tonic-gate { CHARPTR, 0, (void *)NSLDAPDIRECTORY },
5307c478bd9Sstevel@tonic-gate NULL, NULL },
5317c478bd9Sstevel@tonic-gate
5327c478bd9Sstevel@tonic-gate /* array terminator [not an entry] */
5337c478bd9Sstevel@tonic-gate {NULL, NS_LDAP_FILE_VERSION_P,
534*51b02b29SToomas Soome CLIENTCONFIG, NS_UNKNOWN, TRUE, 0,
5357c478bd9Sstevel@tonic-gate NULL,
5367c478bd9Sstevel@tonic-gate { NS_UNKNOWN, 0, NULL },
5377c478bd9Sstevel@tonic-gate NULL, NULL },
5387c478bd9Sstevel@tonic-gate };
5397c478bd9Sstevel@tonic-gate
5407c478bd9Sstevel@tonic-gate static char *
__getdomainname()5417c478bd9Sstevel@tonic-gate __getdomainname()
5427c478bd9Sstevel@tonic-gate {
5437c478bd9Sstevel@tonic-gate /*
5447c478bd9Sstevel@tonic-gate * The sysinfo man page recommends using a buffer size
5457c478bd9Sstevel@tonic-gate * of 257 bytes. MAXHOSTNAMELEN is 256. So add 1 here.
5467c478bd9Sstevel@tonic-gate */
5477c478bd9Sstevel@tonic-gate char buf[MAXHOSTNAMELEN + 1];
5487c478bd9Sstevel@tonic-gate int status;
5497c478bd9Sstevel@tonic-gate
5507c478bd9Sstevel@tonic-gate status = sysinfo(SI_SRPC_DOMAIN, buf, MAXHOSTNAMELEN);
5517c478bd9Sstevel@tonic-gate if (status < 0)
5527c478bd9Sstevel@tonic-gate return (NULL);
5537c478bd9Sstevel@tonic-gate /* error: not enough space to hold returned value */
5547c478bd9Sstevel@tonic-gate if (status > sizeof (buf))
5557c478bd9Sstevel@tonic-gate return (NULL);
5567c478bd9Sstevel@tonic-gate return (strdup(buf));
5577c478bd9Sstevel@tonic-gate }
5587c478bd9Sstevel@tonic-gate
5597c478bd9Sstevel@tonic-gate void
__ns_ldap_setServer(int set)5607c478bd9Sstevel@tonic-gate __ns_ldap_setServer(int set)
5617c478bd9Sstevel@tonic-gate {
5627c478bd9Sstevel@tonic-gate cache_server = set;
5637c478bd9Sstevel@tonic-gate }
5647c478bd9Sstevel@tonic-gate
5657c478bd9Sstevel@tonic-gate static boolean_t
timetorefresh(ns_config_t * cfg)5667c478bd9Sstevel@tonic-gate timetorefresh(ns_config_t *cfg)
5677c478bd9Sstevel@tonic-gate {
5687c478bd9Sstevel@tonic-gate struct timeval tp;
5697c478bd9Sstevel@tonic-gate static time_t expire = 0;
5707c478bd9Sstevel@tonic-gate
5717c478bd9Sstevel@tonic-gate if (cfg == NULL || gettimeofday(&tp, NULL) == -1)
5727c478bd9Sstevel@tonic-gate return (B_TRUE);
5737c478bd9Sstevel@tonic-gate
5747c478bd9Sstevel@tonic-gate if (cfg->paramList[NS_LDAP_EXP_P].ns_ptype == TIMET)
5757c478bd9Sstevel@tonic-gate expire = cfg->paramList[NS_LDAP_EXP_P].ns_tm;
5767c478bd9Sstevel@tonic-gate else
5777c478bd9Sstevel@tonic-gate return (B_TRUE);
5787c478bd9Sstevel@tonic-gate
5797c478bd9Sstevel@tonic-gate return (expire != 0 && tp.tv_sec > expire);
5807c478bd9Sstevel@tonic-gate }
5817c478bd9Sstevel@tonic-gate
5827c478bd9Sstevel@tonic-gate int
__s_get_enum_value(ns_config_t * ptr,char * value,ParamIndexType i)5837c478bd9Sstevel@tonic-gate __s_get_enum_value(ns_config_t *ptr, char *value, ParamIndexType i)
5847c478bd9Sstevel@tonic-gate {
5857c478bd9Sstevel@tonic-gate register ns_enum_map *mapp;
5867c478bd9Sstevel@tonic-gate char *pstart = value;
5877c478bd9Sstevel@tonic-gate char *pend;
5887c478bd9Sstevel@tonic-gate int len;
5897c478bd9Sstevel@tonic-gate
5907c478bd9Sstevel@tonic-gate if (pstart == NULL)
5917c478bd9Sstevel@tonic-gate return (-1);
5927c478bd9Sstevel@tonic-gate
5937c478bd9Sstevel@tonic-gate /* skip leading spaces */
5947c478bd9Sstevel@tonic-gate while (*pstart == SPACETOK)
5957c478bd9Sstevel@tonic-gate pstart++;
5967c478bd9Sstevel@tonic-gate /* skip trailing spaces */
5977c478bd9Sstevel@tonic-gate pend = pstart + strlen(pstart) - 1;
5987ddae043Siz for (; pend >= pstart && *pend == SPACETOK; pend--)
5997ddae043Siz ;
6007c478bd9Sstevel@tonic-gate len = pend - pstart + 1;
6017c478bd9Sstevel@tonic-gate if (len == 0)
6027c478bd9Sstevel@tonic-gate return (-1);
6037c478bd9Sstevel@tonic-gate
6047c478bd9Sstevel@tonic-gate switch (i) {
6057c478bd9Sstevel@tonic-gate case NS_LDAP_AUTH_P:
6067c478bd9Sstevel@tonic-gate if (ptr->version == NS_LDAP_V1)
6077c478bd9Sstevel@tonic-gate mapp = &ns_auth_enum_v1[0];
6087c478bd9Sstevel@tonic-gate else
6097c478bd9Sstevel@tonic-gate mapp = &ns_auth_enum_v2[0];
6107c478bd9Sstevel@tonic-gate break;
6117c478bd9Sstevel@tonic-gate case NS_LDAP_TRANSPORT_SEC_P:
6127c478bd9Sstevel@tonic-gate return (-1);
6137c478bd9Sstevel@tonic-gate case NS_LDAP_SEARCH_SCOPE_P:
6147c478bd9Sstevel@tonic-gate if (ptr->version == NS_LDAP_V1)
6157c478bd9Sstevel@tonic-gate mapp = &ns_scope_enum_v1[0];
6167c478bd9Sstevel@tonic-gate else
6177c478bd9Sstevel@tonic-gate mapp = &ns_scope_enum_v2[0];
6187c478bd9Sstevel@tonic-gate break;
6197c478bd9Sstevel@tonic-gate case NS_LDAP_SEARCH_REF_P:
6207c478bd9Sstevel@tonic-gate if (ptr->version == NS_LDAP_V1)
6217c478bd9Sstevel@tonic-gate mapp = &ns_ref_enum_v1[0];
6227c478bd9Sstevel@tonic-gate else
6237c478bd9Sstevel@tonic-gate mapp = &ns_ref_enum_v2[0];
6247c478bd9Sstevel@tonic-gate break;
6257c478bd9Sstevel@tonic-gate case NS_LDAP_PREF_ONLY_P:
6267c478bd9Sstevel@tonic-gate mapp = &ns_pref_enum[0];
6277c478bd9Sstevel@tonic-gate break;
628dd1104fbSMichen Chang case NS_LDAP_ENABLE_SHADOW_UPDATE_P:
629dd1104fbSMichen Chang mapp = &ns_shadow_update_enum[0];
630dd1104fbSMichen Chang break;
6317c478bd9Sstevel@tonic-gate case NS_LDAP_CREDENTIAL_LEVEL_P:
6327c478bd9Sstevel@tonic-gate if (ptr->version == NS_LDAP_V1)
6337c478bd9Sstevel@tonic-gate return (-1);
6347c478bd9Sstevel@tonic-gate else
6357c478bd9Sstevel@tonic-gate mapp = &ns_cred_enum_v2[0];
6367c478bd9Sstevel@tonic-gate break;
6377c478bd9Sstevel@tonic-gate case NS_LDAP_SERVICE_AUTH_METHOD_P:
6387c478bd9Sstevel@tonic-gate mapp = &ns_auth_enum_v2[0];
6397c478bd9Sstevel@tonic-gate break;
6407c478bd9Sstevel@tonic-gate case NS_LDAP_SERVICE_CRED_LEVEL_P:
6417c478bd9Sstevel@tonic-gate mapp = &ns_cred_enum_v2[0];
6427c478bd9Sstevel@tonic-gate break;
6437c478bd9Sstevel@tonic-gate default:
6447c478bd9Sstevel@tonic-gate return (-1);
6457c478bd9Sstevel@tonic-gate }
6467c478bd9Sstevel@tonic-gate
6477c478bd9Sstevel@tonic-gate for (; mapp->name != NULL; mapp++) {
6487c478bd9Sstevel@tonic-gate if (strncasecmp(pstart, mapp->name, len) == 0 &&
6497ddae043Siz (strlen(mapp->name) == len)) {
6507c478bd9Sstevel@tonic-gate return (mapp->value);
6517c478bd9Sstevel@tonic-gate }
6527c478bd9Sstevel@tonic-gate }
6537c478bd9Sstevel@tonic-gate return (-1);
6547c478bd9Sstevel@tonic-gate }
6557c478bd9Sstevel@tonic-gate
6567c478bd9Sstevel@tonic-gate char *
__s_get_auth_name(ns_config_t * ptr,AuthType_t type)6577c478bd9Sstevel@tonic-gate __s_get_auth_name(ns_config_t *ptr, AuthType_t type)
6587c478bd9Sstevel@tonic-gate {
6597c478bd9Sstevel@tonic-gate register ns_enum_map *mapp;
6607c478bd9Sstevel@tonic-gate
6617c478bd9Sstevel@tonic-gate if (ptr->version == NS_LDAP_V1)
6627c478bd9Sstevel@tonic-gate mapp = &ns_auth_enum_v1[0];
6637c478bd9Sstevel@tonic-gate else
6647c478bd9Sstevel@tonic-gate mapp = &ns_auth_enum_v2[0];
6657c478bd9Sstevel@tonic-gate
6667c478bd9Sstevel@tonic-gate for (; mapp->name != NULL; mapp++) {
6677c478bd9Sstevel@tonic-gate if (type == INT2AUTHENUM(mapp->value)) {
6687c478bd9Sstevel@tonic-gate return (mapp->name);
6697c478bd9Sstevel@tonic-gate }
6707c478bd9Sstevel@tonic-gate }
6717c478bd9Sstevel@tonic-gate return ("Unknown AuthType_t type specified");
6727c478bd9Sstevel@tonic-gate }
6737c478bd9Sstevel@tonic-gate
6747c478bd9Sstevel@tonic-gate
6757c478bd9Sstevel@tonic-gate char *
__s_get_security_name(ns_config_t * ptr,TlsType_t type)6767c478bd9Sstevel@tonic-gate __s_get_security_name(ns_config_t *ptr, TlsType_t type)
6777c478bd9Sstevel@tonic-gate {
6787c478bd9Sstevel@tonic-gate register ns_enum_map *mapp;
6797c478bd9Sstevel@tonic-gate
6807c478bd9Sstevel@tonic-gate if (ptr->version == NS_LDAP_V1) {
6817c478bd9Sstevel@tonic-gate mapp = &ns_sec_enum_v1[0];
6827c478bd9Sstevel@tonic-gate
6837c478bd9Sstevel@tonic-gate for (; mapp->name != NULL; mapp++) {
6847c478bd9Sstevel@tonic-gate if (type == INT2SECENUM(mapp->value)) {
6857c478bd9Sstevel@tonic-gate return (mapp->name);
6867c478bd9Sstevel@tonic-gate }
6877c478bd9Sstevel@tonic-gate }
6887c478bd9Sstevel@tonic-gate }
6897c478bd9Sstevel@tonic-gate return ("Unknown TlsType_t type specified");
6907c478bd9Sstevel@tonic-gate }
6917c478bd9Sstevel@tonic-gate
6927c478bd9Sstevel@tonic-gate
6937c478bd9Sstevel@tonic-gate char *
__s_get_scope_name(ns_config_t * ptr,ScopeType_t type)6947c478bd9Sstevel@tonic-gate __s_get_scope_name(ns_config_t *ptr, ScopeType_t type)
6957c478bd9Sstevel@tonic-gate {
6967c478bd9Sstevel@tonic-gate register ns_enum_map *mapp;
6977c478bd9Sstevel@tonic-gate
6987c478bd9Sstevel@tonic-gate if (ptr->version == NS_LDAP_V1)
6997c478bd9Sstevel@tonic-gate mapp = &ns_scope_enum_v1[0];
7007c478bd9Sstevel@tonic-gate else
7017c478bd9Sstevel@tonic-gate mapp = &ns_scope_enum_v2[0];
7027c478bd9Sstevel@tonic-gate
7037c478bd9Sstevel@tonic-gate for (; mapp->name != NULL; mapp++) {
7047c478bd9Sstevel@tonic-gate if (type == INT2SCOPEENUM(mapp->value)) {
7057c478bd9Sstevel@tonic-gate return (mapp->name);
7067c478bd9Sstevel@tonic-gate }
7077c478bd9Sstevel@tonic-gate }
7087c478bd9Sstevel@tonic-gate return ("Unknown ScopeType_t type specified");
7097c478bd9Sstevel@tonic-gate }
7107c478bd9Sstevel@tonic-gate
7117c478bd9Sstevel@tonic-gate
7127c478bd9Sstevel@tonic-gate char *
__s_get_pref_name(PrefOnly_t type)7137c478bd9Sstevel@tonic-gate __s_get_pref_name(PrefOnly_t type)
7147c478bd9Sstevel@tonic-gate {
7157c478bd9Sstevel@tonic-gate register ns_enum_map *mapp = &ns_pref_enum[0];
7167c478bd9Sstevel@tonic-gate
7177c478bd9Sstevel@tonic-gate for (; mapp->name != NULL; mapp++) {
7187c478bd9Sstevel@tonic-gate if (type == INT2PREFONLYENUM(mapp->value)) {
7197c478bd9Sstevel@tonic-gate return (mapp->name);
7207c478bd9Sstevel@tonic-gate }
7217c478bd9Sstevel@tonic-gate }
7227c478bd9Sstevel@tonic-gate return ("Unknown PrefOnly_t type specified");
7237c478bd9Sstevel@tonic-gate }
7247c478bd9Sstevel@tonic-gate
7257c478bd9Sstevel@tonic-gate char *
__s_get_searchref_name(ns_config_t * ptr,SearchRef_t type)7267c478bd9Sstevel@tonic-gate __s_get_searchref_name(ns_config_t *ptr, SearchRef_t type)
7277c478bd9Sstevel@tonic-gate {
7287c478bd9Sstevel@tonic-gate register ns_enum_map *mapp;
7297c478bd9Sstevel@tonic-gate
7307c478bd9Sstevel@tonic-gate if (ptr->version == NS_LDAP_V1)
7317c478bd9Sstevel@tonic-gate mapp = &ns_ref_enum_v1[0];
7327c478bd9Sstevel@tonic-gate else
7337c478bd9Sstevel@tonic-gate mapp = &ns_ref_enum_v2[0];
7347c478bd9Sstevel@tonic-gate
7357c478bd9Sstevel@tonic-gate for (; mapp->name != NULL; mapp++) {
7367c478bd9Sstevel@tonic-gate if (type == INT2SEARCHREFENUM(mapp->value)) {
7377c478bd9Sstevel@tonic-gate return (mapp->name);
7387c478bd9Sstevel@tonic-gate }
7397c478bd9Sstevel@tonic-gate }
7407c478bd9Sstevel@tonic-gate return ("Unknown SearchRef_t type specified");
7417c478bd9Sstevel@tonic-gate }
7427c478bd9Sstevel@tonic-gate
743dd1104fbSMichen Chang char *
__s_get_shadowupdate_name(enableShadowUpdate_t type)744dd1104fbSMichen Chang __s_get_shadowupdate_name(enableShadowUpdate_t type)
745dd1104fbSMichen Chang {
746dd1104fbSMichen Chang register ns_enum_map *mapp;
747dd1104fbSMichen Chang
748dd1104fbSMichen Chang mapp = &ns_shadow_update_enum[0];
749dd1104fbSMichen Chang
750dd1104fbSMichen Chang for (; mapp->name != NULL; mapp++) {
751dd1104fbSMichen Chang if (type == INT2SHADOWUPDATENUM(mapp->value)) {
752dd1104fbSMichen Chang return (mapp->name);
753dd1104fbSMichen Chang }
754dd1104fbSMichen Chang }
755dd1104fbSMichen Chang return ("Unknown enableShadowUpdate_t type specified");
756dd1104fbSMichen Chang }
757dd1104fbSMichen Chang
7587c478bd9Sstevel@tonic-gate static char *
__s_get_credlvl_name(ns_config_t * ptr,CredLevel_t type)7597c478bd9Sstevel@tonic-gate __s_get_credlvl_name(ns_config_t *ptr, CredLevel_t type)
7607c478bd9Sstevel@tonic-gate {
7617c478bd9Sstevel@tonic-gate register ns_enum_map *mapp;
7627c478bd9Sstevel@tonic-gate
7637c478bd9Sstevel@tonic-gate if (ptr->version == NS_LDAP_V2) {
7647c478bd9Sstevel@tonic-gate mapp = &ns_cred_enum_v2[0];
7657c478bd9Sstevel@tonic-gate for (; mapp->name != NULL; mapp++) {
7667c478bd9Sstevel@tonic-gate if (type == INT2CREDLEVELENUM(mapp->value)) {
7677c478bd9Sstevel@tonic-gate return (mapp->name);
7687c478bd9Sstevel@tonic-gate }
7697c478bd9Sstevel@tonic-gate }
7707c478bd9Sstevel@tonic-gate }
7717c478bd9Sstevel@tonic-gate return ("Unknown CredLevel_t type specified");
7727c478bd9Sstevel@tonic-gate }
7737c478bd9Sstevel@tonic-gate
7747c478bd9Sstevel@tonic-gate static void
destroy_param(ns_config_t * ptr,ParamIndexType type)7757c478bd9Sstevel@tonic-gate destroy_param(ns_config_t *ptr, ParamIndexType type)
7767c478bd9Sstevel@tonic-gate {
7777c478bd9Sstevel@tonic-gate int i, j;
7787c478bd9Sstevel@tonic-gate char **ppc;
7797c478bd9Sstevel@tonic-gate
7807c478bd9Sstevel@tonic-gate if (ptr == NULL)
7817c478bd9Sstevel@tonic-gate return;
7827c478bd9Sstevel@tonic-gate
7837c478bd9Sstevel@tonic-gate /*
7847c478bd9Sstevel@tonic-gate * This routine is not lock protected because
7857c478bd9Sstevel@tonic-gate * the config param it may be destroying is not
7867c478bd9Sstevel@tonic-gate * necessarily THE config. Mutex protect elsewhere.
7877c478bd9Sstevel@tonic-gate */
7887c478bd9Sstevel@tonic-gate switch (ptr->paramList[type].ns_ptype) {
7897c478bd9Sstevel@tonic-gate case CHARPTR:
7907c478bd9Sstevel@tonic-gate if (ptr->paramList[type].ns_pc) {
7917c478bd9Sstevel@tonic-gate free(ptr->paramList[type].ns_pc);
7927c478bd9Sstevel@tonic-gate ptr->paramList[type].ns_pc = NULL;
7937c478bd9Sstevel@tonic-gate }
7947c478bd9Sstevel@tonic-gate break;
7957c478bd9Sstevel@tonic-gate case SAMLIST:
7967c478bd9Sstevel@tonic-gate case SCLLIST:
7977c478bd9Sstevel@tonic-gate case SSDLIST:
7987c478bd9Sstevel@tonic-gate case ARRAYCP:
7997c478bd9Sstevel@tonic-gate case SERVLIST:
8007c478bd9Sstevel@tonic-gate if (ptr->paramList[type].ns_ppc) {
8017c478bd9Sstevel@tonic-gate ppc = ptr->paramList[type].ns_ppc;
8027c478bd9Sstevel@tonic-gate j = ptr->paramList[type].ns_acnt;
8037c478bd9Sstevel@tonic-gate for (i = 0; i < j && ppc[i] != NULL; i++) {
8047c478bd9Sstevel@tonic-gate free((void *)ppc[i]);
8057c478bd9Sstevel@tonic-gate }
8067c478bd9Sstevel@tonic-gate free((void *)ppc);
8077c478bd9Sstevel@tonic-gate ptr->paramList[type].ns_ppc = NULL;
8087c478bd9Sstevel@tonic-gate }
8097c478bd9Sstevel@tonic-gate break;
8107c478bd9Sstevel@tonic-gate case ARRAYAUTH:
8117c478bd9Sstevel@tonic-gate case ARRAYCRED:
8127c478bd9Sstevel@tonic-gate if (ptr->paramList[type].ns_pi) {
8137c478bd9Sstevel@tonic-gate free(ptr->paramList[type].ns_pi);
8147c478bd9Sstevel@tonic-gate ptr->paramList[type].ns_pi = NULL;
8157c478bd9Sstevel@tonic-gate }
8167c478bd9Sstevel@tonic-gate break;
8177c478bd9Sstevel@tonic-gate case INT:
8187c478bd9Sstevel@tonic-gate ptr->paramList[type].ns_i = 0;
8197c478bd9Sstevel@tonic-gate break;
8207c478bd9Sstevel@tonic-gate case ATTRMAP:
8217c478bd9Sstevel@tonic-gate break;
8227c478bd9Sstevel@tonic-gate case OBJMAP:
8237c478bd9Sstevel@tonic-gate break;
8247c478bd9Sstevel@tonic-gate default:
8257c478bd9Sstevel@tonic-gate break;
8267c478bd9Sstevel@tonic-gate }
8277c478bd9Sstevel@tonic-gate ptr->paramList[type].ns_ptype = NS_UNKNOWN;
8287c478bd9Sstevel@tonic-gate }
8297c478bd9Sstevel@tonic-gate
8307c478bd9Sstevel@tonic-gate static void
destroy_config(ns_config_t * ptr)8317c478bd9Sstevel@tonic-gate destroy_config(ns_config_t *ptr)
8327c478bd9Sstevel@tonic-gate {
8337c478bd9Sstevel@tonic-gate ParamIndexType i;
8347c478bd9Sstevel@tonic-gate
8357c478bd9Sstevel@tonic-gate if (ptr != NULL) {
836e1dd0a2fSth if (ptr == current_config)
837e1dd0a2fSth current_config = NULL;
838a4abf230SToomas Soome free(ptr->domainName);
839a4abf230SToomas Soome ptr->domainName = NULL;
8407c478bd9Sstevel@tonic-gate for (i = 0; i <= LAST_VALUE; i++) {
8417c478bd9Sstevel@tonic-gate destroy_param(ptr, i);
8427c478bd9Sstevel@tonic-gate }
8437c478bd9Sstevel@tonic-gate __s_api_destroy_hash(ptr);
8447c478bd9Sstevel@tonic-gate free(ptr);
8457c478bd9Sstevel@tonic-gate }
8467c478bd9Sstevel@tonic-gate }
8477c478bd9Sstevel@tonic-gate
8487c478bd9Sstevel@tonic-gate /*
8497c478bd9Sstevel@tonic-gate * Marks the ns_config_t to be deleted and then releases it. (If no other
8507c478bd9Sstevel@tonic-gate * caller is using, then __s_api_release_config will destroy it.)
8517c478bd9Sstevel@tonic-gate *
8527c478bd9Sstevel@tonic-gate * Note that __s_api_destroy_config should only be called if the caller has
8537c478bd9Sstevel@tonic-gate * created the ns_config_t with __s_api_create_config (with the exception
8547c478bd9Sstevel@tonic-gate * of set_curr_config). The ns_config_t should be private to the caller.
8557c478bd9Sstevel@tonic-gate *
8567c478bd9Sstevel@tonic-gate * This function should not be called with the current_config except by
8577c478bd9Sstevel@tonic-gate * set_curr_config which locks ns_parse_lock to ensure that no thread
8587c478bd9Sstevel@tonic-gate * will be waiting on current_config->config_mutex. This ensures that
8597c478bd9Sstevel@tonic-gate * no caller with be waiting on cfg->config_mutex while it is being
8607c478bd9Sstevel@tonic-gate * destroyed by __s_api_release_config.
8617c478bd9Sstevel@tonic-gate */
8627c478bd9Sstevel@tonic-gate
8637c478bd9Sstevel@tonic-gate void
__s_api_destroy_config(ns_config_t * cfg)8647c478bd9Sstevel@tonic-gate __s_api_destroy_config(ns_config_t *cfg)
8657c478bd9Sstevel@tonic-gate {
8667c478bd9Sstevel@tonic-gate if (cfg != NULL) {
8677c478bd9Sstevel@tonic-gate (void) mutex_lock(&cfg->config_mutex);
8687c478bd9Sstevel@tonic-gate cfg->delete = TRUE;
8697c478bd9Sstevel@tonic-gate (void) mutex_unlock(&cfg->config_mutex);
8707c478bd9Sstevel@tonic-gate __s_api_release_config(cfg);
8717c478bd9Sstevel@tonic-gate }
8727c478bd9Sstevel@tonic-gate }
8737c478bd9Sstevel@tonic-gate
8747c478bd9Sstevel@tonic-gate
8757c478bd9Sstevel@tonic-gate /*
8767c478bd9Sstevel@tonic-gate * Increment the configuration use count by one - assumes ns_parse_lock has
877e1dd0a2fSth * been obtained.
8787c478bd9Sstevel@tonic-gate */
8797c478bd9Sstevel@tonic-gate
8807c478bd9Sstevel@tonic-gate static ns_config_t *
get_curr_config_unlocked(ns_config_t * cfg,boolean_t global)881ca190d8dSmichen get_curr_config_unlocked(ns_config_t *cfg, boolean_t global)
8827c478bd9Sstevel@tonic-gate {
8837c478bd9Sstevel@tonic-gate ns_config_t *ret;
8847c478bd9Sstevel@tonic-gate
8857c478bd9Sstevel@tonic-gate ret = cfg;
8867c478bd9Sstevel@tonic-gate if (cfg != NULL) {
8877c478bd9Sstevel@tonic-gate (void) mutex_lock(&cfg->config_mutex);
888ca190d8dSmichen /*
889ca190d8dSmichen * allow access to per connection management (non-global)
890ca190d8dSmichen * config so operations on connection being closed can still
891ca190d8dSmichen * be completed
892ca190d8dSmichen */
893ca190d8dSmichen if (cfg->delete && global == B_TRUE)
8947c478bd9Sstevel@tonic-gate ret = NULL;
8957c478bd9Sstevel@tonic-gate else
8967c478bd9Sstevel@tonic-gate cfg->nUse++;
8977c478bd9Sstevel@tonic-gate (void) mutex_unlock(&cfg->config_mutex);
8987c478bd9Sstevel@tonic-gate }
8997c478bd9Sstevel@tonic-gate return (ret);
9007c478bd9Sstevel@tonic-gate }
9017c478bd9Sstevel@tonic-gate
9027c478bd9Sstevel@tonic-gate /*
903e1dd0a2fSth * set_curr_config_global sets the current global config to the
904e1dd0a2fSth * specified ns_config_t. Note that this function is similar
905e1dd0a2fSth * to the project private function __s_api_init_config_global
906e1dd0a2fSth * except that it does not release the new ns_config_t.
9077c478bd9Sstevel@tonic-gate */
9087c478bd9Sstevel@tonic-gate static void
set_curr_config_global(ns_config_t * ptr)909e1dd0a2fSth set_curr_config_global(ns_config_t *ptr)
9107c478bd9Sstevel@tonic-gate {
911e1dd0a2fSth ns_config_t *cfg;
912e1dd0a2fSth ns_config_t *cur_cfg;
9137c478bd9Sstevel@tonic-gate
9147c478bd9Sstevel@tonic-gate (void) mutex_lock(&ns_parse_lock);
915e1dd0a2fSth cur_cfg = current_config;
916ca190d8dSmichen cfg = get_curr_config_unlocked(cur_cfg, B_TRUE);
9177c478bd9Sstevel@tonic-gate if (cfg != ptr) {
9187c478bd9Sstevel@tonic-gate __s_api_destroy_config(cfg);
9197c478bd9Sstevel@tonic-gate current_config = ptr;
9207c478bd9Sstevel@tonic-gate }
9217c478bd9Sstevel@tonic-gate (void) mutex_unlock(&ns_parse_lock);
9227c478bd9Sstevel@tonic-gate }
9237c478bd9Sstevel@tonic-gate
924e1dd0a2fSth
925e1dd0a2fSth /*
926e1dd0a2fSth * set_curr_config sets the current config or the per connection
927e1dd0a2fSth * management one to the specified ns_config_t. Note that this function
928e1dd0a2fSth * is similar to the project private function __s_api_init_config
929e1dd0a2fSth * except that it does not release the new ns_config_t. Also note
930e1dd0a2fSth * that if there's no per connection management one to set, the
931e1dd0a2fSth * global current config will be set.
932e1dd0a2fSth */
933e1dd0a2fSth
934e1dd0a2fSth static void
set_curr_config(ns_config_t * ptr)935e1dd0a2fSth set_curr_config(ns_config_t *ptr)
936e1dd0a2fSth {
937e1dd0a2fSth ns_config_t *cfg;
938e1dd0a2fSth ns_config_t *cur_cfg;
939e1dd0a2fSth ns_conn_mgmt_t *cmg;
940e1dd0a2fSth int rc;
941e1dd0a2fSth
942e1dd0a2fSth rc = thr_getspecific(ns_cmgkey, (void **)&cmg);
943e1dd0a2fSth
944e1dd0a2fSth /* set the per connection management config if possible */
945e1dd0a2fSth if (rc == 0 && cmg != NULL && cmg->config != NULL) {
946e1dd0a2fSth (void) mutex_lock(&cmg->cfg_lock);
947e1dd0a2fSth cur_cfg = cmg->config;
948ca190d8dSmichen cfg = get_curr_config_unlocked(cur_cfg, B_FALSE);
949e1dd0a2fSth if (cfg != ptr) {
950e1dd0a2fSth __s_api_destroy_config(cfg);
951e1dd0a2fSth cmg->config = ptr;
952e1dd0a2fSth }
953e1dd0a2fSth (void) mutex_unlock(&cmg->cfg_lock);
954e1dd0a2fSth return;
955e1dd0a2fSth }
956e1dd0a2fSth
957e1dd0a2fSth /* else set the global current config */
958e1dd0a2fSth set_curr_config_global(ptr);
959e1dd0a2fSth }
960e1dd0a2fSth
9617c478bd9Sstevel@tonic-gate /*
9627c478bd9Sstevel@tonic-gate * Decrements the ns_config_t usage count by one. Delete if delete flag
9637c478bd9Sstevel@tonic-gate * is set and no other callers are using.
9647c478bd9Sstevel@tonic-gate */
9657c478bd9Sstevel@tonic-gate
9667c478bd9Sstevel@tonic-gate void
__s_api_release_config(ns_config_t * cfg)9677c478bd9Sstevel@tonic-gate __s_api_release_config(ns_config_t *cfg)
9687c478bd9Sstevel@tonic-gate {
9697c478bd9Sstevel@tonic-gate if (cfg != NULL) {
9707c478bd9Sstevel@tonic-gate (void) mutex_lock(&cfg->config_mutex);
9717c478bd9Sstevel@tonic-gate cfg->nUse--;
9727c478bd9Sstevel@tonic-gate if (cfg->nUse == 0 && cfg->delete) {
9737c478bd9Sstevel@tonic-gate destroy_config(cfg);
9747c478bd9Sstevel@tonic-gate } else
9757c478bd9Sstevel@tonic-gate (void) mutex_unlock(&cfg->config_mutex);
9767c478bd9Sstevel@tonic-gate }
9777c478bd9Sstevel@tonic-gate }
9787c478bd9Sstevel@tonic-gate
979e1dd0a2fSth /*
980e1dd0a2fSth * __s_api_init_config function destroys the previous global configuration
981e1dd0a2fSth * sets the new global configuration and then releases it
982e1dd0a2fSth */
983e1dd0a2fSth void
__s_api_init_config_global(ns_config_t * ptr)984e1dd0a2fSth __s_api_init_config_global(ns_config_t *ptr)
985e1dd0a2fSth {
986e1dd0a2fSth set_curr_config_global(ptr);
987e1dd0a2fSth __s_api_release_config(ptr);
988e1dd0a2fSth }
989e1dd0a2fSth
9907c478bd9Sstevel@tonic-gate /*
9917c478bd9Sstevel@tonic-gate * __s_api_init_config function destroys the previous configuration
992e1dd0a2fSth * sets the new configuration and then releases it. The configuration
993e1dd0a2fSth * may be the global one or the per connection management one.
9947c478bd9Sstevel@tonic-gate */
9957c478bd9Sstevel@tonic-gate void
__s_api_init_config(ns_config_t * ptr)9967c478bd9Sstevel@tonic-gate __s_api_init_config(ns_config_t *ptr)
9977c478bd9Sstevel@tonic-gate {
9987c478bd9Sstevel@tonic-gate set_curr_config(ptr);
9997c478bd9Sstevel@tonic-gate __s_api_release_config(ptr);
10007c478bd9Sstevel@tonic-gate }
10017c478bd9Sstevel@tonic-gate
10027c478bd9Sstevel@tonic-gate
10037c478bd9Sstevel@tonic-gate /*
10047c478bd9Sstevel@tonic-gate * Create an ns_config_t, set the usage count to one
10057c478bd9Sstevel@tonic-gate */
10067c478bd9Sstevel@tonic-gate
10077c478bd9Sstevel@tonic-gate ns_config_t *
__s_api_create_config(void)10087c478bd9Sstevel@tonic-gate __s_api_create_config(void)
10097c478bd9Sstevel@tonic-gate {
10107c478bd9Sstevel@tonic-gate ns_config_t *ret;
10117c478bd9Sstevel@tonic-gate ret = (ns_config_t *)calloc(1, sizeof (ns_config_t));
10127c478bd9Sstevel@tonic-gate if (ret == NULL)
10137c478bd9Sstevel@tonic-gate return (NULL);
10147c478bd9Sstevel@tonic-gate
10157c478bd9Sstevel@tonic-gate ret->domainName = __getdomainname();
10167c478bd9Sstevel@tonic-gate if (ret->domainName == NULL) {
10177c478bd9Sstevel@tonic-gate free(ret);
10187c478bd9Sstevel@tonic-gate return (NULL);
10197c478bd9Sstevel@tonic-gate }
10207c478bd9Sstevel@tonic-gate ret->version = NS_LDAP_V1;
10217c478bd9Sstevel@tonic-gate (void) mutex_init(&ret->config_mutex, USYNC_THREAD, NULL);
10227c478bd9Sstevel@tonic-gate ret->nUse = 1;
10237c478bd9Sstevel@tonic-gate ret->delete = B_FALSE;
10247c478bd9Sstevel@tonic-gate return (ret);
10257c478bd9Sstevel@tonic-gate }
10267c478bd9Sstevel@tonic-gate
1027e1dd0a2fSth /*
1028e1dd0a2fSth * __s_api_get_default_config_global returns the current global config
1029e1dd0a2fSth */
10307c478bd9Sstevel@tonic-gate ns_config_t *
__s_api_get_default_config_global(void)1031e1dd0a2fSth __s_api_get_default_config_global(void)
10327c478bd9Sstevel@tonic-gate {
1033e1dd0a2fSth ns_config_t *cfg;
1034e1dd0a2fSth ns_config_t *cur_cfg;
10357c478bd9Sstevel@tonic-gate
10367c478bd9Sstevel@tonic-gate (void) mutex_lock(&ns_parse_lock);
1037e1dd0a2fSth cur_cfg = current_config;
1038ca190d8dSmichen cfg = get_curr_config_unlocked(cur_cfg, B_TRUE);
10397c478bd9Sstevel@tonic-gate (void) mutex_unlock(&ns_parse_lock);
10407c478bd9Sstevel@tonic-gate
10417c478bd9Sstevel@tonic-gate return (cfg);
10427c478bd9Sstevel@tonic-gate }
10437c478bd9Sstevel@tonic-gate
1044e1dd0a2fSth /*
1045e1dd0a2fSth * __s_api_get_default_config returns the current global config or the
1046e1dd0a2fSth * per connection management one.
1047e1dd0a2fSth */
1048e1dd0a2fSth ns_config_t *
__s_api_get_default_config(void)1049e1dd0a2fSth __s_api_get_default_config(void)
1050e1dd0a2fSth {
1051e1dd0a2fSth ns_config_t *cfg;
1052e1dd0a2fSth ns_config_t *cur_cfg;
1053e1dd0a2fSth ns_conn_mgmt_t *cmg;
1054e1dd0a2fSth int rc;
1055e1dd0a2fSth
1056e1dd0a2fSth rc = thr_getspecific(ns_cmgkey, (void **)&cmg);
1057e1dd0a2fSth
1058e1dd0a2fSth /* get the per connection management config if available */
1059e1dd0a2fSth if (rc == 0 && cmg != NULL && cmg->config != NULL) {
1060e1dd0a2fSth (void) mutex_lock(&cmg->cfg_lock);
1061e1dd0a2fSth cur_cfg = cmg->config;
1062ca190d8dSmichen cfg = get_curr_config_unlocked(cur_cfg, B_FALSE);
1063e1dd0a2fSth (void) mutex_unlock(&cmg->cfg_lock);
1064e1dd0a2fSth return (cfg);
1065e1dd0a2fSth }
1066e1dd0a2fSth
1067e1dd0a2fSth /* else get the global current config */
1068e1dd0a2fSth return (__s_api_get_default_config_global());
1069e1dd0a2fSth }
1070e1dd0a2fSth
10717c478bd9Sstevel@tonic-gate static char *
stripdup(const char * instr)10727c478bd9Sstevel@tonic-gate stripdup(const char *instr)
10737c478bd9Sstevel@tonic-gate {
10747c478bd9Sstevel@tonic-gate char *pstart = (char *)instr;
10757c478bd9Sstevel@tonic-gate char *pend, *ret;
10767c478bd9Sstevel@tonic-gate int len;
10777c478bd9Sstevel@tonic-gate
10787c478bd9Sstevel@tonic-gate if (pstart == NULL)
10797c478bd9Sstevel@tonic-gate return (NULL);
10807c478bd9Sstevel@tonic-gate /* remove leading spaces */
10817c478bd9Sstevel@tonic-gate while (*pstart == SPACETOK)
10827c478bd9Sstevel@tonic-gate pstart++;
10837c478bd9Sstevel@tonic-gate /* remove trailing spaces */
10847c478bd9Sstevel@tonic-gate pend = pstart + strlen(pstart) - 1;
10857ddae043Siz for (; pend >= pstart && *pend == SPACETOK; pend--)
10867ddae043Siz ;
10877c478bd9Sstevel@tonic-gate len = pend - pstart + 1;
10887c478bd9Sstevel@tonic-gate if ((ret = malloc(len + 1)) == NULL)
10897c478bd9Sstevel@tonic-gate return (NULL);
10907c478bd9Sstevel@tonic-gate if (len != 0) {
10917c478bd9Sstevel@tonic-gate (void) strncpy(ret, pstart, len);
10927c478bd9Sstevel@tonic-gate }
10937c478bd9Sstevel@tonic-gate ret[len] = '\0';
10947c478bd9Sstevel@tonic-gate return (ret);
10957c478bd9Sstevel@tonic-gate }
10967c478bd9Sstevel@tonic-gate
10977c478bd9Sstevel@tonic-gate /*
10987c478bd9Sstevel@tonic-gate * Note that __s_api_crosscheck is assumed to be called with an ns_config_t
10997c478bd9Sstevel@tonic-gate * that is properly protected - so that it will not change during the
11007c478bd9Sstevel@tonic-gate * duration of the call
11017c478bd9Sstevel@tonic-gate */
11027c478bd9Sstevel@tonic-gate
11037c478bd9Sstevel@tonic-gate /* Size of errstr needs to be MAXERROR */
11047c478bd9Sstevel@tonic-gate ns_parse_status
__s_api_crosscheck(ns_config_t * ptr,char * errstr,int check_dn)11057c478bd9Sstevel@tonic-gate __s_api_crosscheck(ns_config_t *ptr, char *errstr, int check_dn)
11067c478bd9Sstevel@tonic-gate {
11077c478bd9Sstevel@tonic-gate int value, j;
11087c478bd9Sstevel@tonic-gate time_t tm;
11097c478bd9Sstevel@tonic-gate const char *str, *str1;
1110e1dd0a2fSth int i, cnt;
1111e1dd0a2fSth int self, gssapi;
11127c478bd9Sstevel@tonic-gate
11137c478bd9Sstevel@tonic-gate if (ptr == NULL)
11147c478bd9Sstevel@tonic-gate return (NS_SUCCESS);
11157c478bd9Sstevel@tonic-gate
11167c478bd9Sstevel@tonic-gate /* check for no server specified */
11177c478bd9Sstevel@tonic-gate if (ptr->paramList[NS_LDAP_SERVERS_P].ns_ppc == NULL) {
11187c478bd9Sstevel@tonic-gate if (ptr->version == NS_LDAP_V1) {
11197c478bd9Sstevel@tonic-gate str = NULL_OR_STR(__s_api_get_configname(
11207ddae043Siz NS_LDAP_SERVERS_P));
11217c478bd9Sstevel@tonic-gate (void) snprintf(errstr, MAXERROR,
11227ddae043Siz gettext("Configuration Error: No entry for "
11237ddae043Siz "'%s' found"), str);
11247c478bd9Sstevel@tonic-gate return (NS_PARSE_ERR);
11257c478bd9Sstevel@tonic-gate } else if (ptr->paramList[NS_LDAP_SERVER_PREF_P].ns_ppc ==
11267ddae043Siz NULL) {
11277c478bd9Sstevel@tonic-gate str = NULL_OR_STR(__s_api_get_configname(
11287ddae043Siz NS_LDAP_SERVERS_P));
11297c478bd9Sstevel@tonic-gate str1 = NULL_OR_STR(__s_api_get_configname(
11307ddae043Siz NS_LDAP_SERVER_PREF_P));
11317c478bd9Sstevel@tonic-gate (void) snprintf(errstr, MAXERROR,
11327ddae043Siz gettext("Configuration Error: "
11337ddae043Siz "Neither '%s' nor '%s' is defined"), str, str1);
11347c478bd9Sstevel@tonic-gate return (NS_PARSE_ERR);
11357c478bd9Sstevel@tonic-gate }
11367c478bd9Sstevel@tonic-gate }
11377c478bd9Sstevel@tonic-gate if (ptr->paramList[NS_LDAP_CERT_PASS_P].ns_pc != NULL &&
11387ddae043Siz ptr->paramList[NS_LDAP_CERT_PATH_P].ns_pc == NULL) {
11397c478bd9Sstevel@tonic-gate str = NULL_OR_STR(__s_api_get_configname(
11407ddae043Siz NS_LDAP_CERT_PASS_P));
11417c478bd9Sstevel@tonic-gate str1 = NULL_OR_STR(__s_api_get_configname(
11427ddae043Siz NS_LDAP_CERT_PATH_P));
11437c478bd9Sstevel@tonic-gate (void) snprintf(errstr, MAXERROR,
11447c478bd9Sstevel@tonic-gate gettext("Configuration Error: %s specified "
11457ddae043Siz "but no value for '%s' found"), str, str1);
11467c478bd9Sstevel@tonic-gate return (NS_PARSE_ERR);
11477c478bd9Sstevel@tonic-gate }
11487c478bd9Sstevel@tonic-gate if (ptr->paramList[NS_LDAP_CERT_PASS_P].ns_pc == NULL &&
11497ddae043Siz ptr->paramList[NS_LDAP_CERT_PATH_P].ns_pc != NULL) {
11507c478bd9Sstevel@tonic-gate str = NULL_OR_STR(__s_api_get_configname(
11517ddae043Siz NS_LDAP_CERT_PATH_P));
11527c478bd9Sstevel@tonic-gate str1 = NULL_OR_STR(__s_api_get_configname(
11537ddae043Siz NS_LDAP_CERT_PASS_P));
11547c478bd9Sstevel@tonic-gate (void) snprintf(errstr, MAXERROR,
11557c478bd9Sstevel@tonic-gate gettext("Configuration Error: %s specified "
11567ddae043Siz "but no value for '%s' found"), str, str1);
11577c478bd9Sstevel@tonic-gate return (NS_PARSE_ERR);
11587c478bd9Sstevel@tonic-gate }
11597c478bd9Sstevel@tonic-gate /* check if search basedn has been specified */
11607c478bd9Sstevel@tonic-gate if (ptr->paramList[NS_LDAP_SEARCH_BASEDN_P].ns_ppc == NULL) {
11617c478bd9Sstevel@tonic-gate str = NULL_OR_STR(__s_api_get_configname(
11627ddae043Siz NS_LDAP_SEARCH_BASEDN_P));
11637c478bd9Sstevel@tonic-gate (void) snprintf(errstr, MAXERROR,
11647ddae043Siz gettext("Configuration Error: No entry for "
11657ddae043Siz "'%s' found"), str);
11667c478bd9Sstevel@tonic-gate return (NS_PARSE_ERR);
11677c478bd9Sstevel@tonic-gate }
11687c478bd9Sstevel@tonic-gate
11697c478bd9Sstevel@tonic-gate if (check_dn) {
11707c478bd9Sstevel@tonic-gate /* check for auth value....passwd/bindn if necessary */
11717c478bd9Sstevel@tonic-gate
11727ddae043Siz for (j = 0; ptr->paramList[NS_LDAP_AUTH_P].ns_pi != NULL &&
1173*51b02b29SToomas Soome ptr->paramList[NS_LDAP_AUTH_P].ns_pi[j] != 0; j++) {
11747c478bd9Sstevel@tonic-gate value = ptr->paramList[NS_LDAP_AUTH_P].ns_pi[j];
11757c478bd9Sstevel@tonic-gate switch (value) {
11767ddae043Siz case NS_LDAP_EA_SIMPLE:
11777ddae043Siz case NS_LDAP_EA_SASL_CRAM_MD5:
11787ddae043Siz case NS_LDAP_EA_SASL_DIGEST_MD5:
11797ddae043Siz case NS_LDAP_EA_SASL_DIGEST_MD5_INT:
11807ddae043Siz case NS_LDAP_EA_SASL_DIGEST_MD5_CONF:
11817ddae043Siz case NS_LDAP_EA_TLS_SIMPLE:
11827ddae043Siz case NS_LDAP_EA_TLS_SASL_CRAM_MD5:
11837ddae043Siz case NS_LDAP_EA_TLS_SASL_DIGEST_MD5:
11847ddae043Siz case NS_LDAP_EA_TLS_SASL_DIGEST_MD5_INT:
11857ddae043Siz case NS_LDAP_EA_TLS_SASL_DIGEST_MD5_CONF:
11867c478bd9Sstevel@tonic-gate if (ptr->paramList[NS_LDAP_BINDDN_P].ns_ppc == NULL) {
11877c478bd9Sstevel@tonic-gate str = NULL_OR_STR(__s_api_get_configname(
11887ddae043Siz NS_LDAP_BINDDN_P));
11897c478bd9Sstevel@tonic-gate (void) snprintf(errstr, MAXERROR,
11907c478bd9Sstevel@tonic-gate gettext("Configuration Error: No entry for "
11917c478bd9Sstevel@tonic-gate "'%s' found"), str);
11927c478bd9Sstevel@tonic-gate return (NS_PARSE_ERR);
11937c478bd9Sstevel@tonic-gate }
11947c478bd9Sstevel@tonic-gate if (ptr->paramList[NS_LDAP_BINDPASSWD_P].ns_ppc
11957ddae043Siz == NULL) {
11967c478bd9Sstevel@tonic-gate str = NULL_OR_STR(__s_api_get_configname(
11977ddae043Siz NS_LDAP_BINDPASSWD_P));
11987c478bd9Sstevel@tonic-gate (void) snprintf(errstr, MAXERROR,
11997c478bd9Sstevel@tonic-gate gettext("Configuration Error: No entry for "
12007ddae043Siz "'%s' found"), str);
12017c478bd9Sstevel@tonic-gate return (NS_PARSE_ERR);
12027c478bd9Sstevel@tonic-gate }
12037c478bd9Sstevel@tonic-gate break;
12047c478bd9Sstevel@tonic-gate }
12057ddae043Siz }
12067c478bd9Sstevel@tonic-gate }
12077c478bd9Sstevel@tonic-gate
12087c478bd9Sstevel@tonic-gate /*
12097c478bd9Sstevel@tonic-gate * If NS_LDAP_CACHETTL is not specified,
12107c478bd9Sstevel@tonic-gate * init NS_LDAP_EXP_P here. Otherwise,
12117c478bd9Sstevel@tonic-gate * ldap_cachemgr will never refresh the profile.
12127c478bd9Sstevel@tonic-gate * Set it to current time + default
12137c478bd9Sstevel@tonic-gate * NS_LDAP_CACHETTL
12147c478bd9Sstevel@tonic-gate */
12157c478bd9Sstevel@tonic-gate if (ptr->paramList[NS_LDAP_CACHETTL_P].ns_pc == NULL) {
12167c478bd9Sstevel@tonic-gate tm = conv_time(
12177ddae043Siz defconfig[NS_LDAP_CACHETTL_P].defval.ns_pc);
12187c478bd9Sstevel@tonic-gate ptr->paramList[NS_LDAP_EXP_P].ns_ptype = TIMET;
12197c478bd9Sstevel@tonic-gate if (tm != 0) {
12207c478bd9Sstevel@tonic-gate tm += time(NULL);
12217c478bd9Sstevel@tonic-gate }
12227c478bd9Sstevel@tonic-gate ptr->paramList[NS_LDAP_EXP_P].ns_tm = tm;
12237c478bd9Sstevel@tonic-gate }
1224cb5caa98Sdjl /*
1225cb5caa98Sdjl * If credential level self is defined, there should be
1226cb5caa98Sdjl * at least an auth method sasl/GSSAPI and vice versa.
1227cb5caa98Sdjl */
1228cb5caa98Sdjl self = 0;
1229cb5caa98Sdjl cnt = ptr->paramList[NS_LDAP_CREDENTIAL_LEVEL_P].ns_acnt;
1230cb5caa98Sdjl for (i = 0; i < cnt; i++) {
1231cb5caa98Sdjl if (ptr->paramList[NS_LDAP_CREDENTIAL_LEVEL_P].ns_pi[i] ==
12327ddae043Siz NS_LDAP_CRED_SELF)
1233cb5caa98Sdjl self++;
1234cb5caa98Sdjl }
1235cb5caa98Sdjl gssapi = 0;
1236cb5caa98Sdjl cnt = ptr->paramList[NS_LDAP_AUTH_P].ns_acnt;
1237cb5caa98Sdjl for (i = 0; i < cnt; i++) {
1238cb5caa98Sdjl if (ptr->paramList[NS_LDAP_AUTH_P].ns_pi[i] ==
12397ddae043Siz NS_LDAP_EA_SASL_GSSAPI)
1240cb5caa98Sdjl gssapi++;
1241cb5caa98Sdjl }
1242cb5caa98Sdjl if (gssapi == 0 && self > 0) {
1243cb5caa98Sdjl (void) snprintf(errstr, MAXERROR,
12447ddae043Siz gettext("Configuration Error: "
12457ddae043Siz "Credential level self requires "
12467ddae043Siz "authentication method sasl/GSSAPI"));
1247cb5caa98Sdjl return (NS_PARSE_ERR);
1248cb5caa98Sdjl }
1249cb5caa98Sdjl if (gssapi > 0 && self == 0) {
1250cb5caa98Sdjl (void) snprintf(errstr, MAXERROR,
12517ddae043Siz gettext("Configuration Error: "
12527ddae043Siz "Authentication method sasl/GSSAPI "
12537ddae043Siz "requires credential level self"));
1254cb5caa98Sdjl return (NS_PARSE_ERR);
1255cb5caa98Sdjl }
12567c478bd9Sstevel@tonic-gate return (NS_SUCCESS);
12577c478bd9Sstevel@tonic-gate }
12587c478bd9Sstevel@tonic-gate
12597c478bd9Sstevel@tonic-gate
12607c478bd9Sstevel@tonic-gate int
__s_api_get_type(const char * value,ParamIndexType * type)12617c478bd9Sstevel@tonic-gate __s_api_get_type(const char *value, ParamIndexType *type)
12627c478bd9Sstevel@tonic-gate {
12637c478bd9Sstevel@tonic-gate int i;
12647c478bd9Sstevel@tonic-gate
12657c478bd9Sstevel@tonic-gate for (i = 0; defconfig[i].name != NULL; i++) {
12667c478bd9Sstevel@tonic-gate if (strcasecmp(defconfig[i].name, value) == 0) {
12677c478bd9Sstevel@tonic-gate *type = defconfig[i].index;
12687c478bd9Sstevel@tonic-gate return (0);
12697c478bd9Sstevel@tonic-gate }
12707c478bd9Sstevel@tonic-gate }
12717c478bd9Sstevel@tonic-gate return (-1);
12727c478bd9Sstevel@tonic-gate }
12737c478bd9Sstevel@tonic-gate
12747c478bd9Sstevel@tonic-gate /*
12757c478bd9Sstevel@tonic-gate * Externally defined version of get_type.
12767c478bd9Sstevel@tonic-gate * Includes extra error checking
12777c478bd9Sstevel@tonic-gate */
12787c478bd9Sstevel@tonic-gate
12797c478bd9Sstevel@tonic-gate int
__ns_ldap_getParamType(const char * value,ParamIndexType * type)12807c478bd9Sstevel@tonic-gate __ns_ldap_getParamType(const char *value, ParamIndexType *type)
12817c478bd9Sstevel@tonic-gate {
12827c478bd9Sstevel@tonic-gate if (value == NULL || type == NULL)
12837c478bd9Sstevel@tonic-gate return (-1);
12847c478bd9Sstevel@tonic-gate return (__s_api_get_type(value, type));
12857c478bd9Sstevel@tonic-gate }
12867c478bd9Sstevel@tonic-gate
12877c478bd9Sstevel@tonic-gate int
__s_api_get_versiontype(ns_config_t * ptr,char * value,ParamIndexType * type)12887c478bd9Sstevel@tonic-gate __s_api_get_versiontype(ns_config_t *ptr, char *value, ParamIndexType *type)
12897c478bd9Sstevel@tonic-gate {
12907c478bd9Sstevel@tonic-gate ns_version_t ver;
12917c478bd9Sstevel@tonic-gate int i;
12927c478bd9Sstevel@tonic-gate
12937c478bd9Sstevel@tonic-gate if (ptr == NULL)
12947c478bd9Sstevel@tonic-gate return (-1);
12957c478bd9Sstevel@tonic-gate
12967c478bd9Sstevel@tonic-gate ver = ptr->version;
12977c478bd9Sstevel@tonic-gate
12987c478bd9Sstevel@tonic-gate for (i = 0; defconfig[i].name != NULL; i++) {
12997c478bd9Sstevel@tonic-gate if (strcasecmp(defconfig[i].name, value) == 0) {
13007c478bd9Sstevel@tonic-gate if (defconfig[i].version == ver) {
13017c478bd9Sstevel@tonic-gate *type = defconfig[i].index;
13027c478bd9Sstevel@tonic-gate return (0);
13037c478bd9Sstevel@tonic-gate }
13047c478bd9Sstevel@tonic-gate }
13057c478bd9Sstevel@tonic-gate }
13067c478bd9Sstevel@tonic-gate return (-1);
13077c478bd9Sstevel@tonic-gate }
13087c478bd9Sstevel@tonic-gate
13097c478bd9Sstevel@tonic-gate int
__s_api_get_profiletype(char * value,ParamIndexType * type)13107c478bd9Sstevel@tonic-gate __s_api_get_profiletype(char *value, ParamIndexType *type)
13117c478bd9Sstevel@tonic-gate {
13127c478bd9Sstevel@tonic-gate int i;
13137c478bd9Sstevel@tonic-gate
13147c478bd9Sstevel@tonic-gate for (i = 0; defconfig[i].name != NULL; i++) {
13157c478bd9Sstevel@tonic-gate if (defconfig[i].profile_name == NULL)
13167c478bd9Sstevel@tonic-gate continue;
13177c478bd9Sstevel@tonic-gate if (strcasecmp(defconfig[i].profile_name, value) == 0) {
13187c478bd9Sstevel@tonic-gate *type = defconfig[i].index;
13197c478bd9Sstevel@tonic-gate return (0);
13207c478bd9Sstevel@tonic-gate }
13217c478bd9Sstevel@tonic-gate }
13227c478bd9Sstevel@tonic-gate return (-1);
13237c478bd9Sstevel@tonic-gate }
13247c478bd9Sstevel@tonic-gate
13257c478bd9Sstevel@tonic-gate int
__s_api_get_configtype(ParamIndexType type)13267c478bd9Sstevel@tonic-gate __s_api_get_configtype(ParamIndexType type)
13277c478bd9Sstevel@tonic-gate {
13287c478bd9Sstevel@tonic-gate int i;
13297c478bd9Sstevel@tonic-gate
13307c478bd9Sstevel@tonic-gate for (i = 0; defconfig[i].name != NULL; i++) {
13317c478bd9Sstevel@tonic-gate if (defconfig[i].index == type) {
13327c478bd9Sstevel@tonic-gate return (defconfig[i].config_type);
13337c478bd9Sstevel@tonic-gate }
13347c478bd9Sstevel@tonic-gate }
13357c478bd9Sstevel@tonic-gate return (-1);
13367c478bd9Sstevel@tonic-gate }
13377c478bd9Sstevel@tonic-gate
13387c478bd9Sstevel@tonic-gate const char *
__s_api_get_configname(ParamIndexType type)13397c478bd9Sstevel@tonic-gate __s_api_get_configname(ParamIndexType type)
13407c478bd9Sstevel@tonic-gate {
13417c478bd9Sstevel@tonic-gate int i;
13427c478bd9Sstevel@tonic-gate
13437c478bd9Sstevel@tonic-gate for (i = 0; defconfig[i].name != NULL; i++) {
13447c478bd9Sstevel@tonic-gate if (defconfig[i].index == type) {
13457c478bd9Sstevel@tonic-gate if (defconfig[i].name[0] == '\0')
13467c478bd9Sstevel@tonic-gate return (NULL);
13477c478bd9Sstevel@tonic-gate else
13487c478bd9Sstevel@tonic-gate return (defconfig[i].name);
13497c478bd9Sstevel@tonic-gate }
13507c478bd9Sstevel@tonic-gate }
13517c478bd9Sstevel@tonic-gate return (NULL);
13527c478bd9Sstevel@tonic-gate }
13537c478bd9Sstevel@tonic-gate
13547c478bd9Sstevel@tonic-gate static ns_default_config *
get_defconfig(ns_config_t * ptr,ParamIndexType type)13557c478bd9Sstevel@tonic-gate get_defconfig(ns_config_t *ptr, ParamIndexType type)
13567c478bd9Sstevel@tonic-gate {
13577c478bd9Sstevel@tonic-gate ns_version_t ver;
13587c478bd9Sstevel@tonic-gate int i;
13597c478bd9Sstevel@tonic-gate
13607c478bd9Sstevel@tonic-gate ver = ptr->version;
13617c478bd9Sstevel@tonic-gate
13627c478bd9Sstevel@tonic-gate for (i = 0; defconfig[i].name != NULL; i++) {
13637c478bd9Sstevel@tonic-gate if (defconfig[i].index == type &&
13647c478bd9Sstevel@tonic-gate defconfig[i].version == ver) {
13657c478bd9Sstevel@tonic-gate return (&defconfig[i]);
13667c478bd9Sstevel@tonic-gate }
13677c478bd9Sstevel@tonic-gate }
13687c478bd9Sstevel@tonic-gate return (NULL);
13697c478bd9Sstevel@tonic-gate }
13707c478bd9Sstevel@tonic-gate
13717c478bd9Sstevel@tonic-gate static int
set_default_value(ns_config_t * configptr,char * name,char * value,ns_ldap_error_t ** error)13727c478bd9Sstevel@tonic-gate set_default_value(ns_config_t *configptr, char *name,
1373a4abf230SToomas Soome char *value, ns_ldap_error_t **error)
13747c478bd9Sstevel@tonic-gate {
13757c478bd9Sstevel@tonic-gate ParamIndexType i;
13767c478bd9Sstevel@tonic-gate int ret;
13777c478bd9Sstevel@tonic-gate char errstr[MAXERROR];
13787c478bd9Sstevel@tonic-gate
13797c478bd9Sstevel@tonic-gate if (__s_api_get_type(name, &i) < 0) {
13807c478bd9Sstevel@tonic-gate (void) snprintf(errstr, sizeof (errstr), gettext(
13817ddae043Siz "Illegal type name (%s).\n"), name);
13827c478bd9Sstevel@tonic-gate MKERROR(LOG_ERR, *error, NS_CONFIG_SYNTAX, strdup(errstr),
1383*51b02b29SToomas Soome NS_LDAP_MEMORY);
13847c478bd9Sstevel@tonic-gate return (NS_LDAP_CONFIG);
13857c478bd9Sstevel@tonic-gate }
13867c478bd9Sstevel@tonic-gate
13877c478bd9Sstevel@tonic-gate if (i != NS_LDAP_SERVERS_P &&
13887ddae043Siz i != NS_LDAP_SERVICE_AUTH_METHOD_P &&
13897ddae043Siz i != NS_LDAP_SERVICE_CRED_LEVEL_P &&
13907ddae043Siz i != NS_LDAP_SERVICE_SEARCH_DESC_P &&
13917ddae043Siz i != NS_LDAP_SERVER_PREF_P &&
13927ddae043Siz i != NS_LDAP_SEARCH_DN_P) {
13937c478bd9Sstevel@tonic-gate if (configptr->paramList[i].ns_ptype != NS_UNKNOWN) {
13947c478bd9Sstevel@tonic-gate destroy_param(configptr, i);
13957c478bd9Sstevel@tonic-gate }
13967c478bd9Sstevel@tonic-gate }
13977c478bd9Sstevel@tonic-gate
13987c478bd9Sstevel@tonic-gate ret = __ns_ldap_setParamValue(configptr, i, value, error);
13997c478bd9Sstevel@tonic-gate return (ret);
14007c478bd9Sstevel@tonic-gate }
14017c478bd9Sstevel@tonic-gate
14027c478bd9Sstevel@tonic-gate
14037c478bd9Sstevel@tonic-gate /*
14047c478bd9Sstevel@tonic-gate * Initialize config to a default state
14057c478bd9Sstevel@tonic-gate * By default leave configuration empty
14067c478bd9Sstevel@tonic-gate * getParam will automatically get the
14077c478bd9Sstevel@tonic-gate * appropriate default value if none exists
14087c478bd9Sstevel@tonic-gate */
14097c478bd9Sstevel@tonic-gate
14107c478bd9Sstevel@tonic-gate void
__ns_ldap_default_config()14117c478bd9Sstevel@tonic-gate __ns_ldap_default_config()
14127c478bd9Sstevel@tonic-gate {
14137c478bd9Sstevel@tonic-gate ns_config_t *ptr;
14147c478bd9Sstevel@tonic-gate
14157c478bd9Sstevel@tonic-gate ptr = __s_api_create_config();
14167c478bd9Sstevel@tonic-gate if (ptr == NULL)
14177c478bd9Sstevel@tonic-gate return;
14187c478bd9Sstevel@tonic-gate
14197c478bd9Sstevel@tonic-gate set_curr_config(ptr);
14207c478bd9Sstevel@tonic-gate __s_api_release_config(ptr);
14217c478bd9Sstevel@tonic-gate }
14227c478bd9Sstevel@tonic-gate
14237c478bd9Sstevel@tonic-gate /*
14247c478bd9Sstevel@tonic-gate * Get the current configuration pointer and return it.
14257c478bd9Sstevel@tonic-gate * If necessary initialize or refresh the current
1426e1dd0a2fSth * configuration as applicable. If global is set, returns
1427e1dd0a2fSth * the global one.
14287c478bd9Sstevel@tonic-gate */
14297c478bd9Sstevel@tonic-gate
1430e1dd0a2fSth static ns_config_t *
loadrefresh_config(boolean_t global)1431e1dd0a2fSth loadrefresh_config(boolean_t global)
14327c478bd9Sstevel@tonic-gate {
14337c478bd9Sstevel@tonic-gate ns_config_t *cfg;
14347c478bd9Sstevel@tonic-gate ns_config_t *new_cfg;
14357c478bd9Sstevel@tonic-gate ns_ldap_error_t *errorp;
14367c478bd9Sstevel@tonic-gate
14377c478bd9Sstevel@tonic-gate /* We want to refresh only one configuration at a time */
14387c478bd9Sstevel@tonic-gate (void) mutex_lock(&ns_loadrefresh_lock);
1439e1dd0a2fSth if (global == B_TRUE)
1440e1dd0a2fSth cfg = __s_api_get_default_config_global();
1441e1dd0a2fSth else
1442e1dd0a2fSth cfg = __s_api_get_default_config();
14437c478bd9Sstevel@tonic-gate
14447c478bd9Sstevel@tonic-gate /* (re)initialize configuration if necessary */
1445e1dd0a2fSth if (!__s_api_isStandalone() && timetorefresh(cfg)) {
1446e1dd0a2fSth new_cfg = LoadCacheConfiguration(cfg, &errorp);
1447e1dd0a2fSth if (new_cfg != NULL && new_cfg != cfg) {
14487c478bd9Sstevel@tonic-gate __s_api_release_config(cfg);
1449e1dd0a2fSth if (global == B_TRUE)
1450e1dd0a2fSth set_curr_config_global(new_cfg);
1451e1dd0a2fSth else
1452e1dd0a2fSth set_curr_config(new_cfg);
14537c478bd9Sstevel@tonic-gate cfg = new_cfg;
14547c478bd9Sstevel@tonic-gate }
14557c478bd9Sstevel@tonic-gate if (errorp != NULL)
14567c478bd9Sstevel@tonic-gate (void) __ns_ldap_freeError(&errorp);
14577c478bd9Sstevel@tonic-gate }
14587c478bd9Sstevel@tonic-gate (void) mutex_unlock(&ns_loadrefresh_lock);
14597c478bd9Sstevel@tonic-gate return (cfg);
14607c478bd9Sstevel@tonic-gate }
14617c478bd9Sstevel@tonic-gate
1462e1dd0a2fSth /*
1463e1dd0a2fSth * Get the current global configuration pointer and return it.
1464e1dd0a2fSth * If necessary initialize or refresh the current
1465e1dd0a2fSth * configuration as applicable.
1466e1dd0a2fSth */
1467e1dd0a2fSth
1468e1dd0a2fSth ns_config_t *
__s_api_loadrefresh_config_global()1469e1dd0a2fSth __s_api_loadrefresh_config_global()
1470e1dd0a2fSth {
1471e1dd0a2fSth return (loadrefresh_config(B_TRUE));
1472e1dd0a2fSth }
1473e1dd0a2fSth
1474e1dd0a2fSth /*
1475e1dd0a2fSth * Get the current configuration pointer and return it.
1476e1dd0a2fSth * If necessary initialize or refresh the current
1477e1dd0a2fSth * configuration as applicable. The configuration may
1478e1dd0a2fSth * be the global one or the per connection management one.
1479e1dd0a2fSth */
1480e1dd0a2fSth
1481e1dd0a2fSth ns_config_t *
__s_api_loadrefresh_config()1482e1dd0a2fSth __s_api_loadrefresh_config()
1483e1dd0a2fSth {
1484e1dd0a2fSth return (loadrefresh_config(B_FALSE));
1485e1dd0a2fSth }
1486e1dd0a2fSth
14877c478bd9Sstevel@tonic-gate /*
14887c478bd9Sstevel@tonic-gate * In general this routine is not very usefull. Individual routines can be
14897c478bd9Sstevel@tonic-gate * created to do this job. Once that is done, this function can be removed.
14907c478bd9Sstevel@tonic-gate * Size of errstr buffer needs to be MAXERROR.
14917c478bd9Sstevel@tonic-gate */
14927c478bd9Sstevel@tonic-gate static ns_parse_status
verify_value(ns_config_t * cfg,char * name,char * value,char * errstr)14937c478bd9Sstevel@tonic-gate verify_value(ns_config_t *cfg, char *name, char *value, char *errstr)
14947c478bd9Sstevel@tonic-gate {
14957c478bd9Sstevel@tonic-gate ParamIndexType index = 0;
14967c478bd9Sstevel@tonic-gate int found = 0, j;
14977c478bd9Sstevel@tonic-gate char *ptr = NULL, *strptr = NULL, buffer[BUFSIZE];
14987c478bd9Sstevel@tonic-gate char *rest;
14997c478bd9Sstevel@tonic-gate ns_default_config *def = NULL;
15007c478bd9Sstevel@tonic-gate
15017c478bd9Sstevel@tonic-gate if (__s_api_get_type(name, &index) != 0) {
15027c478bd9Sstevel@tonic-gate (void) snprintf(errstr, MAXERROR,
15037ddae043Siz gettext("Unknown keyword encountered '%s'."), name);
15047c478bd9Sstevel@tonic-gate return (NS_PARSE_ERR);
15057c478bd9Sstevel@tonic-gate }
15067c478bd9Sstevel@tonic-gate
15077c478bd9Sstevel@tonic-gate def = get_defconfig(cfg, index);
15087c478bd9Sstevel@tonic-gate
15097c478bd9Sstevel@tonic-gate /* eat up beginning quote, if any */
15107c478bd9Sstevel@tonic-gate while (value != NULL && (*value == QUOTETOK || *value == SPACETOK))
15117c478bd9Sstevel@tonic-gate value++;
15127c478bd9Sstevel@tonic-gate
15137c478bd9Sstevel@tonic-gate /* eat up space/quote at end of value */
15147c478bd9Sstevel@tonic-gate if (strlen(value) > 0)
15157c478bd9Sstevel@tonic-gate ptr = value + strlen(value) - 1;
15167c478bd9Sstevel@tonic-gate else
15177c478bd9Sstevel@tonic-gate ptr = value;
15187c478bd9Sstevel@tonic-gate for (; ptr != value && (*ptr == SPACETOK || *ptr == QUOTETOK); ptr--) {
15197c478bd9Sstevel@tonic-gate *ptr = '\0';
15207c478bd9Sstevel@tonic-gate }
15217c478bd9Sstevel@tonic-gate
15227c478bd9Sstevel@tonic-gate switch (index) {
15237c478bd9Sstevel@tonic-gate case NS_LDAP_EXP_P:
15247c478bd9Sstevel@tonic-gate case NS_LDAP_CACHETTL_P:
15257c478bd9Sstevel@tonic-gate case NS_LDAP_CERT_PATH_P:
15267c478bd9Sstevel@tonic-gate case NS_LDAP_CERT_PASS_P:
15277c478bd9Sstevel@tonic-gate case NS_LDAP_CERT_NICKNAME_P:
15287c478bd9Sstevel@tonic-gate case NS_LDAP_BINDDN_P:
15297c478bd9Sstevel@tonic-gate case NS_LDAP_BINDPASSWD_P:
1530dd1104fbSMichen Chang case NS_LDAP_ADMIN_BINDDN_P:
1531dd1104fbSMichen Chang case NS_LDAP_ADMIN_BINDPASSWD_P:
15327c478bd9Sstevel@tonic-gate case NS_LDAP_DOMAIN_P:
15337c478bd9Sstevel@tonic-gate case NS_LDAP_SEARCH_BASEDN_P:
15347c478bd9Sstevel@tonic-gate case NS_LDAP_SEARCH_TIME_P:
15357c478bd9Sstevel@tonic-gate case NS_LDAP_PROFILE_P:
15367c478bd9Sstevel@tonic-gate case NS_LDAP_AUTH_P:
15377c478bd9Sstevel@tonic-gate case NS_LDAP_SEARCH_SCOPE_P:
15387c478bd9Sstevel@tonic-gate case NS_LDAP_CREDENTIAL_LEVEL_P:
15397c478bd9Sstevel@tonic-gate case NS_LDAP_SERVICE_SEARCH_DESC_P:
15407c478bd9Sstevel@tonic-gate case NS_LDAP_BIND_TIME_P:
15417c478bd9Sstevel@tonic-gate case NS_LDAP_ATTRIBUTEMAP_P:
15427c478bd9Sstevel@tonic-gate case NS_LDAP_OBJECTCLASSMAP_P:
15437c478bd9Sstevel@tonic-gate case NS_LDAP_SERVICE_AUTH_METHOD_P:
15447c478bd9Sstevel@tonic-gate case NS_LDAP_SERVICE_CRED_LEVEL_P:
15457c478bd9Sstevel@tonic-gate case NS_LDAP_HOST_CERTPATH_P:
15467c478bd9Sstevel@tonic-gate break;
15477c478bd9Sstevel@tonic-gate case NS_LDAP_SEARCH_DN_P:
15487c478bd9Sstevel@tonic-gate /* depreciated because of service descriptors */
15497c478bd9Sstevel@tonic-gate /* Parse as appropriate at descriptor create time */
15507c478bd9Sstevel@tonic-gate break;
15517c478bd9Sstevel@tonic-gate case NS_LDAP_FILE_VERSION_P:
15527c478bd9Sstevel@tonic-gate if (value != NULL &&
15537ddae043Siz strcasecmp(value, NS_LDAP_VERSION_1) != 0 &&
15547ddae043Siz strcasecmp(value, NS_LDAP_VERSION_2) != 0) {
15557c478bd9Sstevel@tonic-gate (void) snprintf(errstr, MAXERROR,
15567ddae043Siz gettext("Version mismatch, expected "
15577ddae043Siz "cache version '%s' or '%s' but "
15587ddae043Siz "encountered version '%s'."),
15597ddae043Siz NS_LDAP_VERSION_1,
15607ddae043Siz NS_LDAP_VERSION_2, value);
15617c478bd9Sstevel@tonic-gate return (NS_PARSE_ERR);
15627c478bd9Sstevel@tonic-gate }
15637c478bd9Sstevel@tonic-gate break;
15647c478bd9Sstevel@tonic-gate case NS_LDAP_SERVERS_P:
15657c478bd9Sstevel@tonic-gate case NS_LDAP_SERVER_PREF_P:
15667c478bd9Sstevel@tonic-gate (void) strcpy(buffer, value);
15677c478bd9Sstevel@tonic-gate strptr = strtok_r(buffer, ",", &rest);
15687c478bd9Sstevel@tonic-gate while (strptr != NULL) {
15697c478bd9Sstevel@tonic-gate char *tmp = NULL;
15707c478bd9Sstevel@tonic-gate tmp = stripdup(strptr);
15717c478bd9Sstevel@tonic-gate if (tmp == NULL || (strchr(tmp, ' ') != NULL)) {
15727c478bd9Sstevel@tonic-gate (void) snprintf(errstr, MAXERROR,
15737c478bd9Sstevel@tonic-gate gettext("Invalid parameter values "
15747c478bd9Sstevel@tonic-gate "'%s' specified for keyword '%s'."),
15757c478bd9Sstevel@tonic-gate tmp, name);
15767c478bd9Sstevel@tonic-gate free(tmp);
15777c478bd9Sstevel@tonic-gate return (NS_PARSE_ERR);
15787c478bd9Sstevel@tonic-gate }
15797c478bd9Sstevel@tonic-gate free(tmp);
15807c478bd9Sstevel@tonic-gate strptr = strtok_r(NULL, ",", &rest);
15817c478bd9Sstevel@tonic-gate }
15827c478bd9Sstevel@tonic-gate break;
15837c478bd9Sstevel@tonic-gate default:
15847c478bd9Sstevel@tonic-gate found = 0; j = 0;
15857c478bd9Sstevel@tonic-gate while (def->allowed != NULL &&
15867ddae043Siz def->allowed[j].name != NULL && j < DEFMAX) {
15877c478bd9Sstevel@tonic-gate if (strcmp(def->allowed[j].name,
15887c478bd9Sstevel@tonic-gate value) == 0) {
15897c478bd9Sstevel@tonic-gate found = 1;
15907c478bd9Sstevel@tonic-gate break;
15917c478bd9Sstevel@tonic-gate }
15927c478bd9Sstevel@tonic-gate j++;
15937c478bd9Sstevel@tonic-gate }
15947c478bd9Sstevel@tonic-gate if (!found) {
15957ddae043Siz (void) snprintf(errstr, MAXERROR,
15967c478bd9Sstevel@tonic-gate gettext("Invalid option specified for "
15977c478bd9Sstevel@tonic-gate "'%s' keyword. '%s' is not a recognized "
15987c478bd9Sstevel@tonic-gate "keyword value."), name, value);
15997c478bd9Sstevel@tonic-gate return (NS_PARSE_ERR);
16007c478bd9Sstevel@tonic-gate }
16017c478bd9Sstevel@tonic-gate }
16027c478bd9Sstevel@tonic-gate
16037c478bd9Sstevel@tonic-gate return (NS_SUCCESS);
16047c478bd9Sstevel@tonic-gate }
16057c478bd9Sstevel@tonic-gate
16067c478bd9Sstevel@tonic-gate void
__s_api_split_key_value(char * buffer,char ** name,char ** value)16077c478bd9Sstevel@tonic-gate __s_api_split_key_value(char *buffer, char **name, char **value)
16087c478bd9Sstevel@tonic-gate {
16097c478bd9Sstevel@tonic-gate char *ptr;
16107c478bd9Sstevel@tonic-gate
16117c478bd9Sstevel@tonic-gate *name = buffer;
16127c478bd9Sstevel@tonic-gate /* split into name value pair */
16137c478bd9Sstevel@tonic-gate if ((ptr = strchr(buffer, TOKENSEPARATOR)) != NULL) {
16147c478bd9Sstevel@tonic-gate *ptr = '\0';
16157c478bd9Sstevel@tonic-gate ptr++;
16167c478bd9Sstevel@tonic-gate /* trim whitespace */
16177c478bd9Sstevel@tonic-gate while (*ptr == SPACETOK)
16187c478bd9Sstevel@tonic-gate ptr++;
16197c478bd9Sstevel@tonic-gate *value = ptr;
16207c478bd9Sstevel@tonic-gate }
16217c478bd9Sstevel@tonic-gate }
16227c478bd9Sstevel@tonic-gate
16237c478bd9Sstevel@tonic-gate /*
16247c478bd9Sstevel@tonic-gate * Set a parameter value in a generic configuration structure
16257c478bd9Sstevel@tonic-gate * Assume any necessary locks are in place. This routine would
16267c478bd9Sstevel@tonic-gate * be better named: __ns_ldap_translateString2Param
16277c478bd9Sstevel@tonic-gate *
16287c478bd9Sstevel@tonic-gate * This routine translates external string format into internal
16297c478bd9Sstevel@tonic-gate * param format and saves the result in the param table.
16307c478bd9Sstevel@tonic-gate */
16317c478bd9Sstevel@tonic-gate int
__ns_ldap_setParamValue(ns_config_t * ptr,const ParamIndexType type,const void * data,ns_ldap_error_t ** error)16327c478bd9Sstevel@tonic-gate __ns_ldap_setParamValue(ns_config_t *ptr, const ParamIndexType type,
1633a4abf230SToomas Soome const void *data, ns_ldap_error_t **error)
16347c478bd9Sstevel@tonic-gate {
16357c478bd9Sstevel@tonic-gate ns_default_config *def = NULL;
16367c478bd9Sstevel@tonic-gate ns_param_t conf;
16377c478bd9Sstevel@tonic-gate ns_mapping_t *map, *rmap;
16387c478bd9Sstevel@tonic-gate int i, j, len;
16397c478bd9Sstevel@tonic-gate char *cp, *cp2, *end;
16407c478bd9Sstevel@tonic-gate char *tcp = NULL;
16417c478bd9Sstevel@tonic-gate char errstr[2 * MAXERROR];
16427c478bd9Sstevel@tonic-gate char tbuf[100], *ptbuf;
16437c478bd9Sstevel@tonic-gate char *sid, *origA, **mapA;
16447c478bd9Sstevel@tonic-gate char **attr;
16457c478bd9Sstevel@tonic-gate time_t tm;
16467c478bd9Sstevel@tonic-gate int free_memory, exitrc;
16477c478bd9Sstevel@tonic-gate char **p;
16487c478bd9Sstevel@tonic-gate
16497c478bd9Sstevel@tonic-gate /* Find ParamIndexType default configuration data */
16507c478bd9Sstevel@tonic-gate def = get_defconfig(ptr, type);
16517c478bd9Sstevel@tonic-gate if (def == NULL) {
16527c478bd9Sstevel@tonic-gate (void) snprintf(errstr, sizeof (errstr),
16537ddae043Siz gettext("Unable to set value: "
16547ddae043Siz "invalid ParamIndexType (%d)"), type);
16557c478bd9Sstevel@tonic-gate MKERROR(LOG_ERR, *error, NS_CONFIG_SYNTAX, strdup(errstr),
1656*51b02b29SToomas Soome NS_LDAP_MEMORY);
16577c478bd9Sstevel@tonic-gate return (NS_LDAP_CONFIG);
16587c478bd9Sstevel@tonic-gate }
16597c478bd9Sstevel@tonic-gate
16607c478bd9Sstevel@tonic-gate (void) memset(&conf, 0, sizeof (conf));
16617c478bd9Sstevel@tonic-gate
16627c478bd9Sstevel@tonic-gate /* data is actually const char */
16637c478bd9Sstevel@tonic-gate cp = (char *)data;
16647c478bd9Sstevel@tonic-gate
16657c478bd9Sstevel@tonic-gate /* eat up beginning quote, if any */
16667c478bd9Sstevel@tonic-gate while (cp && (*cp == QUOTETOK || *cp == SPACETOK))
16677c478bd9Sstevel@tonic-gate cp++;
16687c478bd9Sstevel@tonic-gate
16697c478bd9Sstevel@tonic-gate /* eat up space/quote at end of value */
16707c478bd9Sstevel@tonic-gate end = cp2 = cp + strlen(cp) - 1;
16717c478bd9Sstevel@tonic-gate for (; cp2 > cp && (*cp2 == SPACETOK || *cp2 == QUOTETOK); cp2--)
16727c478bd9Sstevel@tonic-gate ;
16737c478bd9Sstevel@tonic-gate /* data is const, must duplicate */
16747c478bd9Sstevel@tonic-gate if (cp2 != end) {
16757c478bd9Sstevel@tonic-gate tcp = (char *)calloc((int)(cp2 - cp + 2), sizeof (char));
16767c478bd9Sstevel@tonic-gate if (tcp == NULL)
16777c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY);
16787c478bd9Sstevel@tonic-gate end = cp2;
16797c478bd9Sstevel@tonic-gate cp2 = tcp;
16807c478bd9Sstevel@tonic-gate while (cp <= end) {
16817c478bd9Sstevel@tonic-gate *cp2++ = *cp++;
16827c478bd9Sstevel@tonic-gate }
16837c478bd9Sstevel@tonic-gate *cp2 = '\0';
16847c478bd9Sstevel@tonic-gate cp = tcp;
16857c478bd9Sstevel@tonic-gate }
16867c478bd9Sstevel@tonic-gate
16877c478bd9Sstevel@tonic-gate /* Parse data according to type */
16887c478bd9Sstevel@tonic-gate switch (def->data_type) {
16897c478bd9Sstevel@tonic-gate case INT:
16907c478bd9Sstevel@tonic-gate switch (def->index) {
16917c478bd9Sstevel@tonic-gate case NS_LDAP_PREF_ONLY_P:
16927c478bd9Sstevel@tonic-gate case NS_LDAP_SEARCH_REF_P:
16937c478bd9Sstevel@tonic-gate case NS_LDAP_SEARCH_SCOPE_P:
1694dd1104fbSMichen Chang case NS_LDAP_ENABLE_SHADOW_UPDATE_P:
16957c478bd9Sstevel@tonic-gate i = __s_get_enum_value(ptr, cp, def->index);
16967c478bd9Sstevel@tonic-gate if (i < 0) {
16977c478bd9Sstevel@tonic-gate (void) snprintf(errstr, sizeof (errstr),
16987ddae043Siz gettext("Unable to set value: "
16997ddae043Siz "invalid %s (%d)"), def->name,
17007ddae043Siz def->index);
17017c478bd9Sstevel@tonic-gate MKERROR(LOG_ERR, *error, NS_CONFIG_SYNTAX,
1702*51b02b29SToomas Soome strdup(errstr), NS_LDAP_MEMORY);
17037c478bd9Sstevel@tonic-gate if (tcp != NULL)
17047c478bd9Sstevel@tonic-gate free(tcp);
17057c478bd9Sstevel@tonic-gate return (NS_LDAP_CONFIG);
17067c478bd9Sstevel@tonic-gate }
17077c478bd9Sstevel@tonic-gate conf.ns_i = i;
17087c478bd9Sstevel@tonic-gate break;
17097c478bd9Sstevel@tonic-gate case NS_LDAP_TRANSPORT_SEC_P: /* ignore TRANSPORT_SEC */
17107c478bd9Sstevel@tonic-gate break;
17117c478bd9Sstevel@tonic-gate default:
17127c478bd9Sstevel@tonic-gate cp2 = cp;
17137c478bd9Sstevel@tonic-gate if ((*cp2 == '+') || (*cp2 == '-'))
17147c478bd9Sstevel@tonic-gate cp2++;
17157c478bd9Sstevel@tonic-gate for (/* empty */; *cp2; cp2++) {
17167c478bd9Sstevel@tonic-gate if (isdigit(*cp2))
17177c478bd9Sstevel@tonic-gate continue;
17187c478bd9Sstevel@tonic-gate
17197c478bd9Sstevel@tonic-gate (void) snprintf(errstr, sizeof (errstr),
17207ddae043Siz gettext("Unable to set value: "
17217ddae043Siz "invalid %s (%d)"), def->name,
17227ddae043Siz def->index);
17237c478bd9Sstevel@tonic-gate MKERROR(LOG_ERR, *error, NS_CONFIG_SYNTAX,
1724*51b02b29SToomas Soome strdup(errstr), NS_LDAP_MEMORY);
17257c478bd9Sstevel@tonic-gate if (tcp != NULL)
17267c478bd9Sstevel@tonic-gate free(tcp);
17277c478bd9Sstevel@tonic-gate return (NS_LDAP_CONFIG);
17287c478bd9Sstevel@tonic-gate }
17297c478bd9Sstevel@tonic-gate i = atoi(cp);
17307c478bd9Sstevel@tonic-gate conf.ns_i = i;
17317c478bd9Sstevel@tonic-gate break;
17327c478bd9Sstevel@tonic-gate }
17337c478bd9Sstevel@tonic-gate break;
17347c478bd9Sstevel@tonic-gate case TIMET:
17357c478bd9Sstevel@tonic-gate /* Do nothing with a TIMET. Initialize it below */
17367c478bd9Sstevel@tonic-gate break;
17377c478bd9Sstevel@tonic-gate case CHARPTR:
17387c478bd9Sstevel@tonic-gate conf.ns_pc = (char *)strdup(cp);
17397c478bd9Sstevel@tonic-gate if (conf.ns_pc == NULL) {
17407c478bd9Sstevel@tonic-gate if (tcp != NULL)
17417c478bd9Sstevel@tonic-gate free(tcp);
17427c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY);
17437c478bd9Sstevel@tonic-gate }
17447c478bd9Sstevel@tonic-gate break;
17457c478bd9Sstevel@tonic-gate case SAMLIST:
17467c478bd9Sstevel@tonic-gate /* first check to see if colon (:) is there */
17477c478bd9Sstevel@tonic-gate if ((strchr(cp, COLONTOK)) == NULL) {
17487c478bd9Sstevel@tonic-gate (void) snprintf(errstr, sizeof (errstr),
17497ddae043Siz gettext("Unable to set value: "
17507ddae043Siz "invalid serviceAuthenticationMethod (%s)"),
17517ddae043Siz cp);
17527c478bd9Sstevel@tonic-gate MKERROR(LOG_ERR, *error, NS_CONFIG_SYNTAX,
1753*51b02b29SToomas Soome strdup(errstr), NS_LDAP_MEMORY);
17547c478bd9Sstevel@tonic-gate if (tcp != NULL)
17557c478bd9Sstevel@tonic-gate free(tcp);
17567c478bd9Sstevel@tonic-gate return (NS_LDAP_CONFIG);
17577c478bd9Sstevel@tonic-gate }
17587c478bd9Sstevel@tonic-gate /* Appends an entry to the existing list */
17597c478bd9Sstevel@tonic-gate if (ptr->paramList[type].ns_ptype != SAMLIST) {
17607c478bd9Sstevel@tonic-gate conf.ns_ppc = (char **)calloc(2, sizeof (char *));
17617c478bd9Sstevel@tonic-gate if (conf.ns_ppc == NULL) {
17627c478bd9Sstevel@tonic-gate if (tcp != NULL)
17637c478bd9Sstevel@tonic-gate free(tcp);
17647c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY);
17657c478bd9Sstevel@tonic-gate }
17667c478bd9Sstevel@tonic-gate conf.ns_acnt = 1;
17677c478bd9Sstevel@tonic-gate conf.ns_ppc[0] = (char *)strdup(cp);
17687c478bd9Sstevel@tonic-gate if (conf.ns_ppc[0] == NULL) {
17697c478bd9Sstevel@tonic-gate free(conf.ns_ppc);
17707c478bd9Sstevel@tonic-gate if (tcp != NULL)
17717c478bd9Sstevel@tonic-gate free(tcp);
17727c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY);
17737c478bd9Sstevel@tonic-gate }
17747c478bd9Sstevel@tonic-gate } else {
17757c478bd9Sstevel@tonic-gate char *dp, *dpend;
17767c478bd9Sstevel@tonic-gate int fnd = 0;
17777c478bd9Sstevel@tonic-gate
17787c478bd9Sstevel@tonic-gate /* Attempt to replace if possible */
17797c478bd9Sstevel@tonic-gate dpend = strchr(cp, COLONTOK);
17807c478bd9Sstevel@tonic-gate len = dpend - cp;
17817c478bd9Sstevel@tonic-gate dp = (char *)malloc(len+1);
17827c478bd9Sstevel@tonic-gate if (dp == NULL) {
17837c478bd9Sstevel@tonic-gate if (tcp != NULL)
17847c478bd9Sstevel@tonic-gate free(tcp);
17857c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY);
17867c478bd9Sstevel@tonic-gate }
17877c478bd9Sstevel@tonic-gate (void) strlcpy(dp, cp, len+1);
17887c478bd9Sstevel@tonic-gate fnd = 0;
17897c478bd9Sstevel@tonic-gate for (j = 0; j < ptr->paramList[type].ns_acnt; j++) {
17907c478bd9Sstevel@tonic-gate dpend = strchr(ptr->paramList[type].ns_ppc[j],
17917ddae043Siz COLONTOK);
17927c478bd9Sstevel@tonic-gate if (dpend == NULL)
17937c478bd9Sstevel@tonic-gate continue;
17947c478bd9Sstevel@tonic-gate i = dpend - ptr->paramList[type].ns_ppc[j];
17957c478bd9Sstevel@tonic-gate if (i != len)
17967c478bd9Sstevel@tonic-gate continue;
17977c478bd9Sstevel@tonic-gate if (strncmp(ptr->paramList[type].ns_ppc[j],
17987ddae043Siz dp, len) == 0) {
17997c478bd9Sstevel@tonic-gate conf.ns_acnt =
18007ddae043Siz ptr->paramList[type].ns_acnt;
18017c478bd9Sstevel@tonic-gate conf.ns_ppc =
18027ddae043Siz ptr->paramList[type].ns_ppc;
18037c478bd9Sstevel@tonic-gate ptr->paramList[type].ns_ppc = NULL;
18047c478bd9Sstevel@tonic-gate free(conf.ns_ppc[j]);
18057c478bd9Sstevel@tonic-gate conf.ns_ppc[j] = (char *)strdup(cp);
18067c478bd9Sstevel@tonic-gate if (conf.ns_ppc[j] == NULL) {
18077c478bd9Sstevel@tonic-gate free(dp);
18087c478bd9Sstevel@tonic-gate __s_api_free2dArray
18097ddae043Siz (conf.ns_ppc);
18107c478bd9Sstevel@tonic-gate if (tcp != NULL)
18117c478bd9Sstevel@tonic-gate free(tcp);
18127c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY);
18137c478bd9Sstevel@tonic-gate }
18147c478bd9Sstevel@tonic-gate fnd = 1;
18157c478bd9Sstevel@tonic-gate break;
18167c478bd9Sstevel@tonic-gate }
18177c478bd9Sstevel@tonic-gate }
18187c478bd9Sstevel@tonic-gate free(dp);
18197c478bd9Sstevel@tonic-gate
18207c478bd9Sstevel@tonic-gate if (fnd)
18217c478bd9Sstevel@tonic-gate break; /* Replaced completed */
18227c478bd9Sstevel@tonic-gate
18237c478bd9Sstevel@tonic-gate /* Append */
18247c478bd9Sstevel@tonic-gate len = ptr->paramList[type].ns_acnt + 1;
18257c478bd9Sstevel@tonic-gate if (len > 1) {
18267c478bd9Sstevel@tonic-gate p = (char **)dupParam(&ptr->paramList[type]);
18277c478bd9Sstevel@tonic-gate if (p == NULL) {
18287c478bd9Sstevel@tonic-gate if (tcp != NULL)
18297c478bd9Sstevel@tonic-gate free(tcp);
18307c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY);
18317c478bd9Sstevel@tonic-gate }
18327c478bd9Sstevel@tonic-gate } else
18337c478bd9Sstevel@tonic-gate p = NULL;
18347c478bd9Sstevel@tonic-gate conf.ns_ppc =
18357ddae043Siz (char **)realloc(p, (len+1) * sizeof (char *));
18367c478bd9Sstevel@tonic-gate if (conf.ns_ppc == NULL) {
18377c478bd9Sstevel@tonic-gate __s_api_free2dArray(p);
18387c478bd9Sstevel@tonic-gate if (tcp != NULL)
18397c478bd9Sstevel@tonic-gate free(tcp);
18407c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY);
18417c478bd9Sstevel@tonic-gate }
18427c478bd9Sstevel@tonic-gate conf.ns_acnt = len;
18437c478bd9Sstevel@tonic-gate conf.ns_ppc[len-1] = (char *)strdup(cp);
18447c478bd9Sstevel@tonic-gate if (conf.ns_ppc[len-1] == NULL) {
18457c478bd9Sstevel@tonic-gate __s_api_free2dArray(conf.ns_ppc);
18467c478bd9Sstevel@tonic-gate if (tcp != NULL)
18477c478bd9Sstevel@tonic-gate free(tcp);
18487c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY);
18497c478bd9Sstevel@tonic-gate }
18507c478bd9Sstevel@tonic-gate conf.ns_ppc[len] = NULL;
18517c478bd9Sstevel@tonic-gate }
18527c478bd9Sstevel@tonic-gate break;
18537c478bd9Sstevel@tonic-gate case SCLLIST:
18547c478bd9Sstevel@tonic-gate /* first check to see if colon (:) is there */
18557c478bd9Sstevel@tonic-gate if ((strchr(cp, COLONTOK)) == NULL) {
18567c478bd9Sstevel@tonic-gate (void) snprintf(errstr, sizeof (errstr),
18577ddae043Siz gettext("Unable to set value: "
18587ddae043Siz "invalid serviceCredentialLevel (%s)"),
18597ddae043Siz cp);
18607c478bd9Sstevel@tonic-gate MKERROR(LOG_ERR, *error, NS_CONFIG_SYNTAX,
1861*51b02b29SToomas Soome strdup(errstr), NS_LDAP_MEMORY);
18627c478bd9Sstevel@tonic-gate if (tcp != NULL)
18637c478bd9Sstevel@tonic-gate free(tcp);
18647c478bd9Sstevel@tonic-gate return (NS_LDAP_CONFIG);
18657c478bd9Sstevel@tonic-gate }
18667c478bd9Sstevel@tonic-gate /* Appends an entry to the existing list */
18677c478bd9Sstevel@tonic-gate if (ptr->paramList[type].ns_ptype != SCLLIST) {
18687c478bd9Sstevel@tonic-gate conf.ns_ppc = (char **)calloc(2, sizeof (char *));
18697c478bd9Sstevel@tonic-gate if (conf.ns_ppc == NULL) {
18707c478bd9Sstevel@tonic-gate if (tcp != NULL)
18717c478bd9Sstevel@tonic-gate free(tcp);
18727c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY);
18737c478bd9Sstevel@tonic-gate }
18747c478bd9Sstevel@tonic-gate conf.ns_acnt = 1;
18757c478bd9Sstevel@tonic-gate conf.ns_ppc[0] = (char *)strdup(cp);
18767c478bd9Sstevel@tonic-gate if (conf.ns_ppc[0] == NULL) {
18777c478bd9Sstevel@tonic-gate free(conf.ns_ppc);
18787c478bd9Sstevel@tonic-gate if (tcp != NULL)
18797c478bd9Sstevel@tonic-gate free(tcp);
18807c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY);
18817c478bd9Sstevel@tonic-gate }
18827c478bd9Sstevel@tonic-gate } else {
18837c478bd9Sstevel@tonic-gate char *dp, *dpend;
18847c478bd9Sstevel@tonic-gate int fnd = 0;
18857c478bd9Sstevel@tonic-gate
18867c478bd9Sstevel@tonic-gate /* Attempt to replace if possible */
18877c478bd9Sstevel@tonic-gate dpend = strchr(cp, COLONTOK);
18887c478bd9Sstevel@tonic-gate len = dpend - cp;
18897c478bd9Sstevel@tonic-gate dp = (char *)malloc(len+1);
18907c478bd9Sstevel@tonic-gate if (dp == NULL) {
18917c478bd9Sstevel@tonic-gate if (tcp != NULL)
18927c478bd9Sstevel@tonic-gate free(tcp);
18937c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY);
18947c478bd9Sstevel@tonic-gate }
18957c478bd9Sstevel@tonic-gate (void) strlcpy(dp, cp, len+1);
18967c478bd9Sstevel@tonic-gate fnd = 0;
18977c478bd9Sstevel@tonic-gate for (j = 0; j < ptr->paramList[type].ns_acnt; j++) {
18987c478bd9Sstevel@tonic-gate dpend = strchr(ptr->paramList[type].ns_ppc[j],
18997ddae043Siz COLONTOK);
19007c478bd9Sstevel@tonic-gate if (dpend == NULL)
19017c478bd9Sstevel@tonic-gate continue;
19027c478bd9Sstevel@tonic-gate i = dpend - ptr->paramList[type].ns_ppc[j];
19037c478bd9Sstevel@tonic-gate if (i != len)
19047c478bd9Sstevel@tonic-gate continue;
19057c478bd9Sstevel@tonic-gate if (strncmp(ptr->paramList[type].ns_ppc[j],
19067ddae043Siz dp, len) == 0) {
19077c478bd9Sstevel@tonic-gate conf.ns_acnt =
19087ddae043Siz ptr->paramList[type].ns_acnt;
19097c478bd9Sstevel@tonic-gate conf.ns_ppc =
19107ddae043Siz ptr->paramList[type].ns_ppc;
19117c478bd9Sstevel@tonic-gate ptr->paramList[type].ns_ppc = NULL;
19127c478bd9Sstevel@tonic-gate free(conf.ns_ppc[j]);
19137c478bd9Sstevel@tonic-gate conf.ns_ppc[j] = (char *)strdup(cp);
19147c478bd9Sstevel@tonic-gate if (conf.ns_ppc[j] == NULL) {
19157c478bd9Sstevel@tonic-gate free(dp);
19167c478bd9Sstevel@tonic-gate __s_api_free2dArray
19177ddae043Siz (conf.ns_ppc);
19187c478bd9Sstevel@tonic-gate if (tcp != NULL)
19197c478bd9Sstevel@tonic-gate free(tcp);
19207c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY);
19217c478bd9Sstevel@tonic-gate }
19227c478bd9Sstevel@tonic-gate fnd = 1;
19237c478bd9Sstevel@tonic-gate break;
19247c478bd9Sstevel@tonic-gate }
19257c478bd9Sstevel@tonic-gate }
19267c478bd9Sstevel@tonic-gate free(dp);
19277c478bd9Sstevel@tonic-gate
19287c478bd9Sstevel@tonic-gate if (fnd)
19297c478bd9Sstevel@tonic-gate break; /* Replaced completed */
19307c478bd9Sstevel@tonic-gate
19317c478bd9Sstevel@tonic-gate /* Append */
19327c478bd9Sstevel@tonic-gate len = ptr->paramList[type].ns_acnt + 1;
19337c478bd9Sstevel@tonic-gate if (len > 1) {
19347c478bd9Sstevel@tonic-gate p = (char **)dupParam(&ptr->paramList[type]);
19357c478bd9Sstevel@tonic-gate if (p == NULL) {
19367c478bd9Sstevel@tonic-gate if (tcp != NULL)
19377c478bd9Sstevel@tonic-gate free(tcp);
19387c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY);
19397c478bd9Sstevel@tonic-gate }
19407c478bd9Sstevel@tonic-gate } else
19417c478bd9Sstevel@tonic-gate p = NULL;
19427c478bd9Sstevel@tonic-gate conf.ns_ppc =
19437ddae043Siz (char **)realloc(p, (len+1) * sizeof (char *));
19447c478bd9Sstevel@tonic-gate if (conf.ns_ppc == NULL) {
19457c478bd9Sstevel@tonic-gate __s_api_free2dArray(p);
19467c478bd9Sstevel@tonic-gate if (tcp != NULL)
19477c478bd9Sstevel@tonic-gate free(tcp);
19487c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY);
19497c478bd9Sstevel@tonic-gate }
19507c478bd9Sstevel@tonic-gate conf.ns_acnt = len;
19517c478bd9Sstevel@tonic-gate conf.ns_ppc[len-1] = (char *)strdup(cp);
19527c478bd9Sstevel@tonic-gate if (conf.ns_ppc[len-1] == NULL) {
19537c478bd9Sstevel@tonic-gate __s_api_free2dArray(conf.ns_ppc);
19547c478bd9Sstevel@tonic-gate if (tcp != NULL)
19557c478bd9Sstevel@tonic-gate free(tcp);
19567c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY);
19577c478bd9Sstevel@tonic-gate }
19587c478bd9Sstevel@tonic-gate conf.ns_ppc[len] = NULL;
19597c478bd9Sstevel@tonic-gate }
19607c478bd9Sstevel@tonic-gate break;
19617c478bd9Sstevel@tonic-gate case SSDLIST:
19627c478bd9Sstevel@tonic-gate /*
19637c478bd9Sstevel@tonic-gate * first check to see if colon (:) is there,
19647c478bd9Sstevel@tonic-gate * if so, make sure the serviceId is specified,
19657c478bd9Sstevel@tonic-gate * i.e., colon is not the first character
19667c478bd9Sstevel@tonic-gate */
19677c478bd9Sstevel@tonic-gate if ((strchr(cp, COLONTOK)) == NULL || *cp == COLONTOK) {
19687c478bd9Sstevel@tonic-gate (void) snprintf(errstr, sizeof (errstr),
19697ddae043Siz gettext("Unable to set value: "
19707ddae043Siz "invalid serviceSearchDescriptor (%s)"),
19717ddae043Siz cp);
19727c478bd9Sstevel@tonic-gate MKERROR(LOG_ERR, *error, NS_CONFIG_SYNTAX,
1973*51b02b29SToomas Soome strdup(errstr), NS_LDAP_MEMORY);
19747c478bd9Sstevel@tonic-gate if (tcp != NULL)
19757c478bd9Sstevel@tonic-gate free(tcp);
19767c478bd9Sstevel@tonic-gate return (NS_LDAP_CONFIG);
19777c478bd9Sstevel@tonic-gate }
19787c478bd9Sstevel@tonic-gate /* Appends an entry to the existing list */
19797c478bd9Sstevel@tonic-gate if (ptr->paramList[type].ns_ptype != SSDLIST) {
19807c478bd9Sstevel@tonic-gate conf.ns_ppc = (char **)calloc(2, sizeof (char *));
19817c478bd9Sstevel@tonic-gate if (conf.ns_ppc == NULL) {
19827c478bd9Sstevel@tonic-gate if (tcp != NULL)
19837c478bd9Sstevel@tonic-gate free(tcp);
19847c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY);
19857c478bd9Sstevel@tonic-gate }
19867c478bd9Sstevel@tonic-gate conf.ns_acnt = 1;
19877c478bd9Sstevel@tonic-gate conf.ns_ppc[0] = (char *)strdup(cp);
19887c478bd9Sstevel@tonic-gate if (conf.ns_ppc[0] == NULL) {
19897c478bd9Sstevel@tonic-gate free(conf.ns_ppc);
19907c478bd9Sstevel@tonic-gate if (tcp != NULL)
19917c478bd9Sstevel@tonic-gate free(tcp);
19927c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY);
19937c478bd9Sstevel@tonic-gate }
19947c478bd9Sstevel@tonic-gate } else {
19957c478bd9Sstevel@tonic-gate char *dp, *dpend;
19967c478bd9Sstevel@tonic-gate int fnd = 0;
19977c478bd9Sstevel@tonic-gate
19987c478bd9Sstevel@tonic-gate /* Attempt to replace if possible */
19997c478bd9Sstevel@tonic-gate dpend = strchr(cp, COLONTOK);
20007c478bd9Sstevel@tonic-gate len = dpend - cp;
20017c478bd9Sstevel@tonic-gate dp = (char *)malloc(len+1);
20027c478bd9Sstevel@tonic-gate if (dp == NULL) {
20037c478bd9Sstevel@tonic-gate if (tcp != NULL)
20047c478bd9Sstevel@tonic-gate free(tcp);
20057c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY);
20067c478bd9Sstevel@tonic-gate }
20077c478bd9Sstevel@tonic-gate (void) strlcpy(dp, cp, len+1);
20087c478bd9Sstevel@tonic-gate fnd = 0;
20097c478bd9Sstevel@tonic-gate for (j = 0; j < ptr->paramList[type].ns_acnt; j++) {
20107c478bd9Sstevel@tonic-gate dpend = strchr(ptr->paramList[type].ns_ppc[j],
20117ddae043Siz COLONTOK);
20127c478bd9Sstevel@tonic-gate if (dpend == NULL)
20137c478bd9Sstevel@tonic-gate continue;
20147c478bd9Sstevel@tonic-gate i = dpend - ptr->paramList[type].ns_ppc[j];
20157c478bd9Sstevel@tonic-gate if (i != len)
20167c478bd9Sstevel@tonic-gate continue;
20177c478bd9Sstevel@tonic-gate if (strncmp(ptr->paramList[type].ns_ppc[j],
20187ddae043Siz dp, len) == 0) {
20197c478bd9Sstevel@tonic-gate conf.ns_acnt =
20207ddae043Siz ptr->paramList[type].ns_acnt;
20217c478bd9Sstevel@tonic-gate conf.ns_ppc =
20227ddae043Siz ptr->paramList[type].ns_ppc;
20237c478bd9Sstevel@tonic-gate ptr->paramList[type].ns_ppc = NULL;
20247c478bd9Sstevel@tonic-gate free(conf.ns_ppc[j]);
20257c478bd9Sstevel@tonic-gate conf.ns_ppc[j] = (char *)strdup(cp);
20267c478bd9Sstevel@tonic-gate if (conf.ns_ppc[j] == NULL) {
20277c478bd9Sstevel@tonic-gate free(dp);
20287c478bd9Sstevel@tonic-gate __s_api_free2dArray
20297ddae043Siz (conf.ns_ppc);
20307c478bd9Sstevel@tonic-gate if (tcp != NULL)
20317c478bd9Sstevel@tonic-gate free(tcp);
20327c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY);
20337c478bd9Sstevel@tonic-gate }
20347c478bd9Sstevel@tonic-gate fnd = 1;
20357c478bd9Sstevel@tonic-gate break;
20367c478bd9Sstevel@tonic-gate }
20377c478bd9Sstevel@tonic-gate }
20387c478bd9Sstevel@tonic-gate free(dp);
20397c478bd9Sstevel@tonic-gate
20407c478bd9Sstevel@tonic-gate if (fnd)
20417c478bd9Sstevel@tonic-gate break; /* Replaced completed */
20427c478bd9Sstevel@tonic-gate
20437c478bd9Sstevel@tonic-gate /* Append */
20447c478bd9Sstevel@tonic-gate len = ptr->paramList[type].ns_acnt + 1;
20457c478bd9Sstevel@tonic-gate if (len > 1) {
20467c478bd9Sstevel@tonic-gate p = (char **)dupParam(&ptr->paramList[type]);
20477c478bd9Sstevel@tonic-gate if (p == NULL) {
20487c478bd9Sstevel@tonic-gate if (tcp != NULL)
20497c478bd9Sstevel@tonic-gate free(tcp);
20507c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY);
20517c478bd9Sstevel@tonic-gate }
20527c478bd9Sstevel@tonic-gate } else
20537c478bd9Sstevel@tonic-gate p = NULL;
20547c478bd9Sstevel@tonic-gate conf.ns_ppc =
20557ddae043Siz (char **)realloc(p, (len+1) * sizeof (char *));
20567c478bd9Sstevel@tonic-gate if (conf.ns_ppc == NULL) {
20577c478bd9Sstevel@tonic-gate __s_api_free2dArray(p);
20587c478bd9Sstevel@tonic-gate if (tcp != NULL)
20597c478bd9Sstevel@tonic-gate free(tcp);
20607c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY);
20617c478bd9Sstevel@tonic-gate }
20627c478bd9Sstevel@tonic-gate conf.ns_acnt = len;
20637c478bd9Sstevel@tonic-gate conf.ns_ppc[len-1] = (char *)strdup(cp);
20647c478bd9Sstevel@tonic-gate if (conf.ns_ppc[len-1] == NULL) {
20657c478bd9Sstevel@tonic-gate __s_api_free2dArray(conf.ns_ppc);
20667c478bd9Sstevel@tonic-gate if (tcp != NULL)
20677c478bd9Sstevel@tonic-gate free(tcp);
20687c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY);
20697c478bd9Sstevel@tonic-gate }
20707c478bd9Sstevel@tonic-gate conf.ns_ppc[len] = NULL;
20717c478bd9Sstevel@tonic-gate }
20727c478bd9Sstevel@tonic-gate break;
20737c478bd9Sstevel@tonic-gate case ARRAYCP:
20747c478bd9Sstevel@tonic-gate len = 0;
20757c478bd9Sstevel@tonic-gate for (cp2 = cp; *cp2; cp2++) {
20767c478bd9Sstevel@tonic-gate if (*cp2 == COMMATOK)
20777c478bd9Sstevel@tonic-gate len++;
20787c478bd9Sstevel@tonic-gate }
20797c478bd9Sstevel@tonic-gate if (cp != cp2)
20807c478bd9Sstevel@tonic-gate len++;
20817c478bd9Sstevel@tonic-gate if (len == 0) {
20827c478bd9Sstevel@tonic-gate conf.ns_ppc = (char **)NULL;
20837c478bd9Sstevel@tonic-gate conf.ns_acnt = 0;
20847c478bd9Sstevel@tonic-gate break;
20857c478bd9Sstevel@tonic-gate }
20867c478bd9Sstevel@tonic-gate conf.ns_ppc = (char **)calloc(len + 1, sizeof (char *));
20877c478bd9Sstevel@tonic-gate if (conf.ns_ppc == NULL) {
20887c478bd9Sstevel@tonic-gate if (tcp != NULL)
20897c478bd9Sstevel@tonic-gate free(tcp);
20907c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY);
20917c478bd9Sstevel@tonic-gate }
20927c478bd9Sstevel@tonic-gate conf.ns_acnt = len;
20937c478bd9Sstevel@tonic-gate i = 0;
20947c478bd9Sstevel@tonic-gate for (cp2 = cp; *cp2; cp2++) {
20957c478bd9Sstevel@tonic-gate if (*cp2 == COMMATOK) {
20967c478bd9Sstevel@tonic-gate j = cp2 - cp + 1;
20977c478bd9Sstevel@tonic-gate conf.ns_ppc[i] = (char *)malloc(j + 1);
20987c478bd9Sstevel@tonic-gate if (conf.ns_ppc[i] == NULL) {
20997c478bd9Sstevel@tonic-gate __s_api_free2dArray(conf.ns_ppc);
21007c478bd9Sstevel@tonic-gate if (tcp != NULL)
21017c478bd9Sstevel@tonic-gate free(tcp);
21027c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY);
21037c478bd9Sstevel@tonic-gate }
21047c478bd9Sstevel@tonic-gate (void) strlcpy(conf.ns_ppc[i], cp, j);
21057c478bd9Sstevel@tonic-gate cp = cp2+1;
21067c478bd9Sstevel@tonic-gate while (*cp == SPACETOK || *cp == COMMATOK)
21077c478bd9Sstevel@tonic-gate cp++;
21087c478bd9Sstevel@tonic-gate cp2 = cp - 1;
21097c478bd9Sstevel@tonic-gate i++;
21107c478bd9Sstevel@tonic-gate }
21117c478bd9Sstevel@tonic-gate }
21127c478bd9Sstevel@tonic-gate j = cp2 - cp + 1;
21137c478bd9Sstevel@tonic-gate conf.ns_ppc[i] = (char *)malloc(j + 1);
21147c478bd9Sstevel@tonic-gate if (conf.ns_ppc[i] == NULL) {
21157c478bd9Sstevel@tonic-gate __s_api_free2dArray(conf.ns_ppc);
21167c478bd9Sstevel@tonic-gate if (tcp != NULL)
21177c478bd9Sstevel@tonic-gate free(tcp);
21187c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY);
21197c478bd9Sstevel@tonic-gate }
21207c478bd9Sstevel@tonic-gate (void) strlcpy(conf.ns_ppc[i], cp, j);
21217c478bd9Sstevel@tonic-gate break;
21227c478bd9Sstevel@tonic-gate case SERVLIST:
21237c478bd9Sstevel@tonic-gate len = 0;
21247c478bd9Sstevel@tonic-gate for (cp2 = cp; *cp2; cp2++) {
21257c478bd9Sstevel@tonic-gate if (*cp2 == SPACETOK || *cp2 == COMMATOK) {
21267c478bd9Sstevel@tonic-gate len++;
21277c478bd9Sstevel@tonic-gate for (; *(cp2 + 1) == SPACETOK ||
21287ddae043Siz *(cp2 +1) == COMMATOK; cp2++)
21297c478bd9Sstevel@tonic-gate ;
21307c478bd9Sstevel@tonic-gate }
21317c478bd9Sstevel@tonic-gate }
21327c478bd9Sstevel@tonic-gate if (cp != cp2)
21337c478bd9Sstevel@tonic-gate len++;
21347c478bd9Sstevel@tonic-gate if (len == 0) {
21357c478bd9Sstevel@tonic-gate conf.ns_ppc = (char **)NULL;
21367c478bd9Sstevel@tonic-gate conf.ns_acnt = 0;
21377c478bd9Sstevel@tonic-gate break;
21387c478bd9Sstevel@tonic-gate }
21397c478bd9Sstevel@tonic-gate conf.ns_ppc = (char **)calloc(len + 1, sizeof (char *));
21407c478bd9Sstevel@tonic-gate if (conf.ns_ppc == NULL) {
21417c478bd9Sstevel@tonic-gate if (tcp != NULL)
21427c478bd9Sstevel@tonic-gate free(tcp);
21437c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY);
21447c478bd9Sstevel@tonic-gate }
21457c478bd9Sstevel@tonic-gate conf.ns_acnt = len;
21467c478bd9Sstevel@tonic-gate i = 0;
21477c478bd9Sstevel@tonic-gate for (cp2 = cp; *cp2; cp2++) {
21487c478bd9Sstevel@tonic-gate if (*cp2 == SPACETOK || *cp2 == COMMATOK) {
21497c478bd9Sstevel@tonic-gate j = cp2 - cp + 1;
21507c478bd9Sstevel@tonic-gate conf.ns_ppc[i] = (char *)malloc(j + 1);
21517c478bd9Sstevel@tonic-gate if (conf.ns_ppc[i] == NULL) {
21527c478bd9Sstevel@tonic-gate __s_api_free2dArray(conf.ns_ppc);
21537c478bd9Sstevel@tonic-gate if (tcp != NULL)
21547c478bd9Sstevel@tonic-gate free(tcp);
21557c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY);
21567c478bd9Sstevel@tonic-gate }
21577c478bd9Sstevel@tonic-gate (void) strlcpy(conf.ns_ppc[i], cp, j);
21587c478bd9Sstevel@tonic-gate cp = cp2+1;
21597c478bd9Sstevel@tonic-gate while (*cp == SPACETOK || *cp == COMMATOK)
21607c478bd9Sstevel@tonic-gate cp++;
21617c478bd9Sstevel@tonic-gate cp2 = cp - 1;
21627c478bd9Sstevel@tonic-gate i++;
21637c478bd9Sstevel@tonic-gate }
21647c478bd9Sstevel@tonic-gate }
21657c478bd9Sstevel@tonic-gate j = cp2 - cp + 1;
21667c478bd9Sstevel@tonic-gate conf.ns_ppc[i] = (char *)malloc(j + 1);
21677c478bd9Sstevel@tonic-gate if (conf.ns_ppc[i] == NULL) {
21687c478bd9Sstevel@tonic-gate __s_api_free2dArray(conf.ns_ppc);
21697c478bd9Sstevel@tonic-gate if (tcp != NULL)
21707c478bd9Sstevel@tonic-gate free(tcp);
21717c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY);
21727c478bd9Sstevel@tonic-gate }
21737c478bd9Sstevel@tonic-gate (void) strlcpy(conf.ns_ppc[i], cp, j);
21747c478bd9Sstevel@tonic-gate break;
21757c478bd9Sstevel@tonic-gate case ARRAYAUTH:
21767c478bd9Sstevel@tonic-gate len = 0;
21777c478bd9Sstevel@tonic-gate for (cp2 = cp; *cp2; cp2++) {
21787c478bd9Sstevel@tonic-gate if (*cp2 == SEMITOK || *cp2 == COMMATOK)
21797c478bd9Sstevel@tonic-gate len++;
21807c478bd9Sstevel@tonic-gate }
21817c478bd9Sstevel@tonic-gate if (cp != cp2)
21827c478bd9Sstevel@tonic-gate len++;
21837c478bd9Sstevel@tonic-gate if (len == 0) {
21847c478bd9Sstevel@tonic-gate conf.ns_pi = (int *)NULL;
21857c478bd9Sstevel@tonic-gate conf.ns_acnt = 0;
21867c478bd9Sstevel@tonic-gate break;
21877c478bd9Sstevel@tonic-gate }
21887c478bd9Sstevel@tonic-gate conf.ns_pi = (int *)calloc(len + 1, sizeof (int));
21897c478bd9Sstevel@tonic-gate if (conf.ns_pi == NULL) {
21907c478bd9Sstevel@tonic-gate if (tcp != NULL)
21917c478bd9Sstevel@tonic-gate free(tcp);
21927c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY);
21937c478bd9Sstevel@tonic-gate }
21947c478bd9Sstevel@tonic-gate conf.ns_acnt = len;
21957c478bd9Sstevel@tonic-gate i = 0;
21967c478bd9Sstevel@tonic-gate for (cp2 = cp; *cp2; cp2++) {
21977c478bd9Sstevel@tonic-gate if (*cp2 == SEMITOK || *cp2 == COMMATOK) {
21987c478bd9Sstevel@tonic-gate j = cp2 - cp + 1;
21997c478bd9Sstevel@tonic-gate if (j > sizeof (tbuf)) {
22007c478bd9Sstevel@tonic-gate j = -1;
22017c478bd9Sstevel@tonic-gate ptbuf = cp;
22027c478bd9Sstevel@tonic-gate } else {
22037c478bd9Sstevel@tonic-gate (void) strlcpy(tbuf, cp, j);
22047c478bd9Sstevel@tonic-gate j = __s_get_enum_value(ptr, tbuf,
22057ddae043Siz def->index);
22067c478bd9Sstevel@tonic-gate ptbuf = tbuf;
22077c478bd9Sstevel@tonic-gate }
22087c478bd9Sstevel@tonic-gate if (j < 0) {
22097c478bd9Sstevel@tonic-gate (void) snprintf(errstr, sizeof (errstr),
22107ddae043Siz gettext("Unable to set value: "
22117ddae043Siz "invalid "
22127ddae043Siz "authenticationMethod (%s)"),
22137ddae043Siz ptbuf);
22147c478bd9Sstevel@tonic-gate MKERROR(LOG_ERR, *error,
22157ddae043Siz NS_CONFIG_SYNTAX,
2216*51b02b29SToomas Soome strdup(errstr), NS_LDAP_MEMORY);
22177c478bd9Sstevel@tonic-gate free(conf.ns_pi);
22187c478bd9Sstevel@tonic-gate if (tcp != NULL)
22197c478bd9Sstevel@tonic-gate free(tcp);
22207c478bd9Sstevel@tonic-gate return (NS_LDAP_CONFIG);
22217c478bd9Sstevel@tonic-gate }
22227c478bd9Sstevel@tonic-gate conf.ns_pi[i] = j;
22237c478bd9Sstevel@tonic-gate cp = cp2+1;
22247c478bd9Sstevel@tonic-gate i++;
22257c478bd9Sstevel@tonic-gate }
22267c478bd9Sstevel@tonic-gate }
22277c478bd9Sstevel@tonic-gate j = cp2 - cp + 1;
22287c478bd9Sstevel@tonic-gate if (j > sizeof (tbuf)) {
22297c478bd9Sstevel@tonic-gate j = -1;
22307c478bd9Sstevel@tonic-gate ptbuf = cp;
22317c478bd9Sstevel@tonic-gate } else {
22327c478bd9Sstevel@tonic-gate (void) strlcpy(tbuf, cp, j);
22337c478bd9Sstevel@tonic-gate j = __s_get_enum_value(ptr, tbuf, def->index);
22347c478bd9Sstevel@tonic-gate ptbuf = tbuf;
22357c478bd9Sstevel@tonic-gate }
22367c478bd9Sstevel@tonic-gate if (j < 0) {
22377c478bd9Sstevel@tonic-gate (void) snprintf(errstr, sizeof (errstr),
22387ddae043Siz gettext("Unable to set value: "
22397ddae043Siz "invalid authenticationMethod (%s)"), ptbuf);
22407c478bd9Sstevel@tonic-gate MKERROR(LOG_ERR, *error, NS_CONFIG_SYNTAX,
2241*51b02b29SToomas Soome strdup(errstr), NS_LDAP_MEMORY);
22427c478bd9Sstevel@tonic-gate if (tcp != NULL)
22437c478bd9Sstevel@tonic-gate free(tcp);
22447c478bd9Sstevel@tonic-gate return (NS_LDAP_CONFIG);
22457c478bd9Sstevel@tonic-gate }
22467c478bd9Sstevel@tonic-gate conf.ns_pi[i] = j;
22477c478bd9Sstevel@tonic-gate break;
22487c478bd9Sstevel@tonic-gate case ARRAYCRED:
22497c478bd9Sstevel@tonic-gate len = 0;
22507c478bd9Sstevel@tonic-gate for (cp2 = cp; *cp2; cp2++) {
22517c478bd9Sstevel@tonic-gate if (*cp2 == SPACETOK)
22527c478bd9Sstevel@tonic-gate len++;
22537c478bd9Sstevel@tonic-gate }
22547c478bd9Sstevel@tonic-gate if (cp != cp2)
22557c478bd9Sstevel@tonic-gate len++;
22567c478bd9Sstevel@tonic-gate if (len == 0) {
22577c478bd9Sstevel@tonic-gate conf.ns_pi = (int *)NULL;
22587c478bd9Sstevel@tonic-gate conf.ns_acnt = 0;
22597c478bd9Sstevel@tonic-gate break;
22607c478bd9Sstevel@tonic-gate }
22617c478bd9Sstevel@tonic-gate conf.ns_pi = (int *)calloc(len + 1, sizeof (int));
22627c478bd9Sstevel@tonic-gate if (conf.ns_pi == NULL) {
22637c478bd9Sstevel@tonic-gate if (tcp != NULL)
22647c478bd9Sstevel@tonic-gate free(tcp);
22657c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY);
22667c478bd9Sstevel@tonic-gate }
22677c478bd9Sstevel@tonic-gate conf.ns_acnt = len;
22687c478bd9Sstevel@tonic-gate i = 0;
22697c478bd9Sstevel@tonic-gate for (cp2 = cp; *cp2; cp2++) {
22707c478bd9Sstevel@tonic-gate if (*cp2 == SPACETOK) {
22717c478bd9Sstevel@tonic-gate j = cp2 - cp + 1;
22727c478bd9Sstevel@tonic-gate if (j > sizeof (tbuf)) {
22737c478bd9Sstevel@tonic-gate j = -1;
22747c478bd9Sstevel@tonic-gate ptbuf = cp;
22757c478bd9Sstevel@tonic-gate } else {
22767c478bd9Sstevel@tonic-gate (void) strlcpy(tbuf, cp, j);
22777c478bd9Sstevel@tonic-gate j = __s_get_enum_value(ptr, tbuf,
22787ddae043Siz def->index);
22797c478bd9Sstevel@tonic-gate ptbuf = tbuf;
22807c478bd9Sstevel@tonic-gate }
22817c478bd9Sstevel@tonic-gate if (j < 0) {
22827c478bd9Sstevel@tonic-gate (void) snprintf(errstr, sizeof (errstr),
22837ddae043Siz gettext("Unable to set value: "
22847ddae043Siz "invalid credentialLevel (%s)"),
22857ddae043Siz ptbuf);
22867c478bd9Sstevel@tonic-gate MKERROR(LOG_ERR, *error,
22877ddae043Siz NS_CONFIG_SYNTAX,
2288*51b02b29SToomas Soome strdup(errstr), NS_LDAP_MEMORY);
22897c478bd9Sstevel@tonic-gate free(conf.ns_pi);
22907c478bd9Sstevel@tonic-gate if (tcp != NULL)
22917c478bd9Sstevel@tonic-gate free(tcp);
22927c478bd9Sstevel@tonic-gate return (NS_LDAP_CONFIG);
22937c478bd9Sstevel@tonic-gate }
22947c478bd9Sstevel@tonic-gate conf.ns_pi[i] = j;
22957c478bd9Sstevel@tonic-gate cp = cp2+1;
22967c478bd9Sstevel@tonic-gate i++;
22977c478bd9Sstevel@tonic-gate }
22987c478bd9Sstevel@tonic-gate }
22997c478bd9Sstevel@tonic-gate j = cp2 - cp + 1;
23007c478bd9Sstevel@tonic-gate if (j > sizeof (tbuf)) {
23017c478bd9Sstevel@tonic-gate j = -1;
23027c478bd9Sstevel@tonic-gate ptbuf = cp;
23037c478bd9Sstevel@tonic-gate } else {
23047c478bd9Sstevel@tonic-gate (void) strlcpy(tbuf, cp, j);
23057c478bd9Sstevel@tonic-gate j = __s_get_enum_value(ptr, tbuf, def->index);
23067c478bd9Sstevel@tonic-gate ptbuf = tbuf;
23077c478bd9Sstevel@tonic-gate }
23087c478bd9Sstevel@tonic-gate if (j < 0) {
23097c478bd9Sstevel@tonic-gate (void) snprintf(errstr, sizeof (errstr),
23107ddae043Siz gettext("Unable to set value: "
23117ddae043Siz "invalid credentialLevel (%s)"), ptbuf);
23127c478bd9Sstevel@tonic-gate MKERROR(LOG_ERR, *error, NS_CONFIG_SYNTAX,
2313*51b02b29SToomas Soome strdup(errstr), NS_LDAP_MEMORY);
23147c478bd9Sstevel@tonic-gate if (tcp != NULL)
23157c478bd9Sstevel@tonic-gate free(tcp);
23167c478bd9Sstevel@tonic-gate return (NS_LDAP_CONFIG);
23177c478bd9Sstevel@tonic-gate }
23187c478bd9Sstevel@tonic-gate conf.ns_pi[i] = j;
23197c478bd9Sstevel@tonic-gate break;
23207c478bd9Sstevel@tonic-gate case ATTRMAP:
23217c478bd9Sstevel@tonic-gate case OBJMAP:
23227c478bd9Sstevel@tonic-gate i = __s_api_parse_map(cp, &sid, &origA, &mapA);
23237c478bd9Sstevel@tonic-gate if (i != NS_HASH_RC_SUCCESS) {
23247c478bd9Sstevel@tonic-gate if (i == NS_HASH_RC_NO_MEMORY) {
23257c478bd9Sstevel@tonic-gate exitrc = NS_LDAP_MEMORY;
23267c478bd9Sstevel@tonic-gate } else {
23277c478bd9Sstevel@tonic-gate (void) snprintf(errstr, sizeof (errstr),
23287c478bd9Sstevel@tonic-gate gettext("Unable to set value: "
23297c478bd9Sstevel@tonic-gate "invalid schema mapping (%s)"), cp);
23307c478bd9Sstevel@tonic-gate exitrc = NS_LDAP_CONFIG;
23317c478bd9Sstevel@tonic-gate MKERROR(LOG_ERR, *error, NS_CONFIG_SYNTAX,
2332*51b02b29SToomas Soome strdup(errstr), NS_LDAP_MEMORY);
23337c478bd9Sstevel@tonic-gate }
23347c478bd9Sstevel@tonic-gate if (tcp)
23357c478bd9Sstevel@tonic-gate free(tcp);
23367c478bd9Sstevel@tonic-gate return (exitrc);
23377c478bd9Sstevel@tonic-gate }
23387c478bd9Sstevel@tonic-gate
23397c478bd9Sstevel@tonic-gate /*
23407c478bd9Sstevel@tonic-gate * Add reverse map first.
23417c478bd9Sstevel@tonic-gate * There could be more than one.
23427c478bd9Sstevel@tonic-gate */
23437c478bd9Sstevel@tonic-gate for (attr = mapA; *attr; attr++) {
23447c478bd9Sstevel@tonic-gate
23457c478bd9Sstevel@tonic-gate free_memory = 1;
23467c478bd9Sstevel@tonic-gate exitrc = NS_LDAP_MEMORY;
23477c478bd9Sstevel@tonic-gate
23487c478bd9Sstevel@tonic-gate rmap = (ns_mapping_t *)calloc(1,
23497ddae043Siz sizeof (ns_mapping_t));
23507c478bd9Sstevel@tonic-gate if (rmap) {
23517c478bd9Sstevel@tonic-gate rmap->service = strdup(sid);
23527c478bd9Sstevel@tonic-gate if (rmap->service) {
23537c478bd9Sstevel@tonic-gate rmap->orig = strdup(*attr);
23547c478bd9Sstevel@tonic-gate if (rmap->orig) {
23557c478bd9Sstevel@tonic-gate rmap->map = (char **)calloc(2,
23567ddae043Siz sizeof (char *));
23577c478bd9Sstevel@tonic-gate if (rmap->map) {
23587c478bd9Sstevel@tonic-gate (rmap->map)[0] =
23597ddae043Siz strdup(origA);
23607c478bd9Sstevel@tonic-gate if ((rmap->map)[0])
23617c478bd9Sstevel@tonic-gate free_memory = 0;
23627c478bd9Sstevel@tonic-gate }
23637c478bd9Sstevel@tonic-gate }
23647c478bd9Sstevel@tonic-gate }
23657c478bd9Sstevel@tonic-gate }
23667c478bd9Sstevel@tonic-gate
23677c478bd9Sstevel@tonic-gate if (free_memory == 0) {
23687c478bd9Sstevel@tonic-gate if (def->data_type == ATTRMAP) {
23697c478bd9Sstevel@tonic-gate rmap->type = NS_ATTR_MAP;
23707c478bd9Sstevel@tonic-gate i = __s_api_add_map2hash(ptr,
23717ddae043Siz NS_HASH_RAMAP, rmap);
23727c478bd9Sstevel@tonic-gate } else {
23737c478bd9Sstevel@tonic-gate rmap->type = NS_OBJ_MAP;
23747c478bd9Sstevel@tonic-gate i = __s_api_add_map2hash(ptr,
23757ddae043Siz NS_HASH_ROMAP, rmap);
23767c478bd9Sstevel@tonic-gate }
23777c478bd9Sstevel@tonic-gate
23787c478bd9Sstevel@tonic-gate if (i != NS_HASH_RC_SUCCESS) {
23797c478bd9Sstevel@tonic-gate switch (i) {
23807c478bd9Sstevel@tonic-gate case NS_HASH_RC_CONFIG_ERROR:
23817c478bd9Sstevel@tonic-gate exitrc = NS_LDAP_INTERNAL;
23827c478bd9Sstevel@tonic-gate (void) snprintf(errstr,
23837ddae043Siz sizeof (errstr),
23847ddae043Siz gettext(
23857ddae043Siz "Unable to set value: "
23867ddae043Siz "no configuration info "
23877ddae043Siz "for schema map "
23887ddae043Siz "update (%s)"), cp);
23897c478bd9Sstevel@tonic-gate MKERROR(LOG_ERR, *error,
23907ddae043Siz NS_LDAP_INTERNAL,
23917ddae043Siz strdup(errstr),
2392*51b02b29SToomas Soome NS_LDAP_MEMORY);
23937c478bd9Sstevel@tonic-gate break;
23947c478bd9Sstevel@tonic-gate case NS_HASH_RC_EXISTED:
23957c478bd9Sstevel@tonic-gate exitrc = NS_LDAP_CONFIG;
23967c478bd9Sstevel@tonic-gate (void) snprintf(errstr,
23977ddae043Siz sizeof (errstr),
23987ddae043Siz gettext(
23997ddae043Siz "Unable to set value: "
24007ddae043Siz "schema map "
24017ddae043Siz "already existed for "
24027ddae043Siz "(%s, %s)."),
24037ddae043Siz *attr, origA);
24047c478bd9Sstevel@tonic-gate MKERROR(LOG_ERR, *error,
24057ddae043Siz NS_CONFIG_SYNTAX,
24067ddae043Siz strdup(errstr),
2407*51b02b29SToomas Soome NS_LDAP_MEMORY);
24087c478bd9Sstevel@tonic-gate break;
24097c478bd9Sstevel@tonic-gate case NS_HASH_RC_NO_MEMORY:
24107c478bd9Sstevel@tonic-gate exitrc = NS_LDAP_MEMORY;
24117c478bd9Sstevel@tonic-gate break;
24127c478bd9Sstevel@tonic-gate }
24137c478bd9Sstevel@tonic-gate free_memory = 1;
24147c478bd9Sstevel@tonic-gate }
24157c478bd9Sstevel@tonic-gate }
24167c478bd9Sstevel@tonic-gate
24177c478bd9Sstevel@tonic-gate if (free_memory) {
24187c478bd9Sstevel@tonic-gate if (tcp)
24197c478bd9Sstevel@tonic-gate free(tcp);
24207c478bd9Sstevel@tonic-gate free(sid);
24217c478bd9Sstevel@tonic-gate free(origA);
24227c478bd9Sstevel@tonic-gate __s_api_free2dArray(mapA);
24237c478bd9Sstevel@tonic-gate if (rmap) {
24247c478bd9Sstevel@tonic-gate if (rmap->service)
24257c478bd9Sstevel@tonic-gate free(rmap->service);
24267c478bd9Sstevel@tonic-gate if (rmap->orig)
24277c478bd9Sstevel@tonic-gate free(rmap->orig);
24287c478bd9Sstevel@tonic-gate if (rmap->map) {
24297c478bd9Sstevel@tonic-gate if ((rmap->map)[0])
24307c478bd9Sstevel@tonic-gate free((rmap->map)[0]);
24317c478bd9Sstevel@tonic-gate free(rmap->map);
24327c478bd9Sstevel@tonic-gate }
24337c478bd9Sstevel@tonic-gate free(rmap);
24347c478bd9Sstevel@tonic-gate }
24357c478bd9Sstevel@tonic-gate return (exitrc);
24367c478bd9Sstevel@tonic-gate }
24377c478bd9Sstevel@tonic-gate }
24387c478bd9Sstevel@tonic-gate
24397c478bd9Sstevel@tonic-gate /*
24407c478bd9Sstevel@tonic-gate * For performance gain,
24417c478bd9Sstevel@tonic-gate * add a "schema mapping existed" indicator
24427c478bd9Sstevel@tonic-gate * for the given service if not already added.
24437c478bd9Sstevel@tonic-gate * This dummy map needs not be removed, if
24447c478bd9Sstevel@tonic-gate * the next real map add operation fails.
24457c478bd9Sstevel@tonic-gate * since the caller, e.g. ldap_cachemgr.
24467c478bd9Sstevel@tonic-gate * should exit anyway.
24477c478bd9Sstevel@tonic-gate */
24487c478bd9Sstevel@tonic-gate free_memory = 1;
24497c478bd9Sstevel@tonic-gate exitrc = NS_LDAP_MEMORY;
24507c478bd9Sstevel@tonic-gate
24517c478bd9Sstevel@tonic-gate map = (ns_mapping_t *)calloc(1,
24527ddae043Siz sizeof (ns_mapping_t));
24537c478bd9Sstevel@tonic-gate if (map) {
24547c478bd9Sstevel@tonic-gate map->service = strdup(sid);
24557c478bd9Sstevel@tonic-gate if (map->service) {
24567c478bd9Sstevel@tonic-gate map->orig = strdup(
24577ddae043Siz NS_HASH_SCHEMA_MAPPING_EXISTED);
24587c478bd9Sstevel@tonic-gate if (map->orig) {
24597c478bd9Sstevel@tonic-gate map->map = (char **)calloc(2,
24607ddae043Siz sizeof (char *));
24617c478bd9Sstevel@tonic-gate if (map->map) {
24627c478bd9Sstevel@tonic-gate (map->map)[0] =
24637ddae043Siz strdup(sid);
24647c478bd9Sstevel@tonic-gate if ((map->map)[0])
24657c478bd9Sstevel@tonic-gate free_memory = 0;
24667c478bd9Sstevel@tonic-gate }
24677c478bd9Sstevel@tonic-gate }
24687c478bd9Sstevel@tonic-gate }
24697c478bd9Sstevel@tonic-gate }
24707c478bd9Sstevel@tonic-gate
24717c478bd9Sstevel@tonic-gate if (free_memory == 0) {
24727c478bd9Sstevel@tonic-gate map->type = NS_ATTR_MAP;
24737c478bd9Sstevel@tonic-gate /*
24747c478bd9Sstevel@tonic-gate * add to reverse map,
24757c478bd9Sstevel@tonic-gate * so that "ldapclient list"
24767c478bd9Sstevel@tonic-gate * would not show it
24777c478bd9Sstevel@tonic-gate */
24787c478bd9Sstevel@tonic-gate i = __s_api_add_map2hash(ptr,
24797ddae043Siz NS_HASH_RAMAP, map);
24807c478bd9Sstevel@tonic-gate
24817c478bd9Sstevel@tonic-gate /*
24827c478bd9Sstevel@tonic-gate * ignore "map already existed" error,
24837c478bd9Sstevel@tonic-gate * just need one per service.
24847c478bd9Sstevel@tonic-gate * Need however to free memory allocated
24857c478bd9Sstevel@tonic-gate * for map.
24867c478bd9Sstevel@tonic-gate */
24877c478bd9Sstevel@tonic-gate if (i != NS_HASH_RC_SUCCESS &&
24887ddae043Siz i != NS_HASH_RC_EXISTED) {
24897c478bd9Sstevel@tonic-gate switch (i) {
24907c478bd9Sstevel@tonic-gate case NS_HASH_RC_CONFIG_ERROR:
24917c478bd9Sstevel@tonic-gate exitrc = NS_LDAP_INTERNAL;
24927c478bd9Sstevel@tonic-gate (void) snprintf(errstr,
24937ddae043Siz sizeof (errstr),
24947ddae043Siz gettext(
24957ddae043Siz "Unable to set value: "
24967ddae043Siz "no configuration info "
24977ddae043Siz "for schema map "
24987ddae043Siz "update (%s)"), cp);
24997c478bd9Sstevel@tonic-gate MKERROR(LOG_ERR, *error,
25007ddae043Siz NS_LDAP_INTERNAL,
25017ddae043Siz strdup(errstr),
2502*51b02b29SToomas Soome NS_LDAP_MEMORY);
25037c478bd9Sstevel@tonic-gate break;
25047c478bd9Sstevel@tonic-gate case NS_HASH_RC_NO_MEMORY:
25057c478bd9Sstevel@tonic-gate exitrc = NS_LDAP_MEMORY;
25067c478bd9Sstevel@tonic-gate break;
25077c478bd9Sstevel@tonic-gate }
25087c478bd9Sstevel@tonic-gate free_memory = 1;
25097c478bd9Sstevel@tonic-gate } else if (i == NS_HASH_RC_EXISTED) {
25107c478bd9Sstevel@tonic-gate if (map->service)
25117c478bd9Sstevel@tonic-gate free(map->service);
25127c478bd9Sstevel@tonic-gate if (map->orig)
25137c478bd9Sstevel@tonic-gate free(map->orig);
25147c478bd9Sstevel@tonic-gate if (map->map) {
25157c478bd9Sstevel@tonic-gate if ((map->map)[0])
25167c478bd9Sstevel@tonic-gate free((map->map)[0]);
25177c478bd9Sstevel@tonic-gate free(map->map);
25187c478bd9Sstevel@tonic-gate }
25197c478bd9Sstevel@tonic-gate free(map);
25207c478bd9Sstevel@tonic-gate map = NULL;
25217c478bd9Sstevel@tonic-gate }
25227c478bd9Sstevel@tonic-gate }
25237c478bd9Sstevel@tonic-gate
25247c478bd9Sstevel@tonic-gate if (free_memory) {
25257c478bd9Sstevel@tonic-gate if (tcp)
25267c478bd9Sstevel@tonic-gate free(tcp);
25277c478bd9Sstevel@tonic-gate free(sid);
25287c478bd9Sstevel@tonic-gate free(origA);
25297c478bd9Sstevel@tonic-gate __s_api_free2dArray(mapA);
25307c478bd9Sstevel@tonic-gate if (map) {
25317c478bd9Sstevel@tonic-gate if (map->service)
25327c478bd9Sstevel@tonic-gate free(map->service);
25337c478bd9Sstevel@tonic-gate if (map->orig)
25347c478bd9Sstevel@tonic-gate free(map->orig);
25357c478bd9Sstevel@tonic-gate if (map->map) {
25367c478bd9Sstevel@tonic-gate if ((map->map)[0])
25377c478bd9Sstevel@tonic-gate free((map->map)[0]);
25387c478bd9Sstevel@tonic-gate free(map->map);
25397c478bd9Sstevel@tonic-gate }
25407c478bd9Sstevel@tonic-gate free(map);
25417c478bd9Sstevel@tonic-gate }
25427c478bd9Sstevel@tonic-gate return (exitrc);
25437c478bd9Sstevel@tonic-gate }
25447c478bd9Sstevel@tonic-gate
25457c478bd9Sstevel@tonic-gate /*
25467c478bd9Sstevel@tonic-gate * add the real schema map
25477c478bd9Sstevel@tonic-gate */
25487c478bd9Sstevel@tonic-gate free_memory = 1;
25497c478bd9Sstevel@tonic-gate exitrc = NS_LDAP_MEMORY;
25507c478bd9Sstevel@tonic-gate map = (ns_mapping_t *)calloc(1, sizeof (ns_mapping_t));
25517c478bd9Sstevel@tonic-gate if (map) {
25527c478bd9Sstevel@tonic-gate map->service = sid;
25537c478bd9Sstevel@tonic-gate map->orig = origA;
25547c478bd9Sstevel@tonic-gate map->map = mapA;
25557c478bd9Sstevel@tonic-gate
25567c478bd9Sstevel@tonic-gate if (def->data_type == ATTRMAP) {
25577c478bd9Sstevel@tonic-gate map->type = NS_ATTR_MAP;
25587c478bd9Sstevel@tonic-gate i = __s_api_add_map2hash(ptr,
25597ddae043Siz NS_HASH_AMAP, map);
25607c478bd9Sstevel@tonic-gate } else {
25617c478bd9Sstevel@tonic-gate map->type = NS_OBJ_MAP;
25627c478bd9Sstevel@tonic-gate i = __s_api_add_map2hash(ptr,
25637ddae043Siz NS_HASH_OMAP, map);
25647c478bd9Sstevel@tonic-gate }
25657c478bd9Sstevel@tonic-gate
25667c478bd9Sstevel@tonic-gate if (i != NS_HASH_RC_SUCCESS) {
25677c478bd9Sstevel@tonic-gate switch (i) {
25687c478bd9Sstevel@tonic-gate case NS_HASH_RC_CONFIG_ERROR:
25697c478bd9Sstevel@tonic-gate exitrc = NS_LDAP_INTERNAL;
25707c478bd9Sstevel@tonic-gate (void) snprintf(errstr,
25717ddae043Siz sizeof (errstr),
25727ddae043Siz gettext(
25737ddae043Siz "Unable to set value: "
25747ddae043Siz "no configuration info "
25757ddae043Siz "for schema map "
25767ddae043Siz "update (%s)"), cp);
25777c478bd9Sstevel@tonic-gate MKERROR(LOG_ERR, *error,
25787ddae043Siz NS_LDAP_INTERNAL,
25797ddae043Siz strdup(errstr),
2580*51b02b29SToomas Soome NS_LDAP_MEMORY);
25817c478bd9Sstevel@tonic-gate break;
25827c478bd9Sstevel@tonic-gate case NS_HASH_RC_EXISTED:
25837c478bd9Sstevel@tonic-gate exitrc = NS_LDAP_CONFIG;
25847c478bd9Sstevel@tonic-gate (void) snprintf(errstr,
25857ddae043Siz sizeof (errstr),
25867ddae043Siz gettext(
25877ddae043Siz "Unable to set value: "
25887ddae043Siz "schema map "
25897ddae043Siz "already existed for "
25907ddae043Siz "'%s'."), origA);
25917c478bd9Sstevel@tonic-gate MKERROR(LOG_ERR, *error,
25927ddae043Siz NS_CONFIG_SYNTAX,
25937ddae043Siz strdup(errstr),
2594*51b02b29SToomas Soome NS_LDAP_MEMORY);
25957c478bd9Sstevel@tonic-gate break;
25967c478bd9Sstevel@tonic-gate case NS_HASH_RC_NO_MEMORY:
25977c478bd9Sstevel@tonic-gate exitrc = NS_LDAP_MEMORY;
25987c478bd9Sstevel@tonic-gate break;
25997c478bd9Sstevel@tonic-gate }
26007c478bd9Sstevel@tonic-gate free_memory = 1;
26017c478bd9Sstevel@tonic-gate } else
26027c478bd9Sstevel@tonic-gate free_memory = 0;
26037c478bd9Sstevel@tonic-gate }
26047c478bd9Sstevel@tonic-gate
26057c478bd9Sstevel@tonic-gate if (free_memory) {
26067c478bd9Sstevel@tonic-gate if (tcp)
26077c478bd9Sstevel@tonic-gate free(tcp);
26087c478bd9Sstevel@tonic-gate free(sid);
26097c478bd9Sstevel@tonic-gate free(origA);
26107c478bd9Sstevel@tonic-gate __s_api_free2dArray(mapA);
26117c478bd9Sstevel@tonic-gate if (map)
26127c478bd9Sstevel@tonic-gate free(map);
26137c478bd9Sstevel@tonic-gate return (exitrc);
26147c478bd9Sstevel@tonic-gate }
26157c478bd9Sstevel@tonic-gate
26167c478bd9Sstevel@tonic-gate break;
26177c478bd9Sstevel@tonic-gate default:
26187c478bd9Sstevel@tonic-gate /* This should never happen. */
26197c478bd9Sstevel@tonic-gate (void) snprintf(errstr, sizeof (errstr),
26207ddae043Siz gettext("Unable to set value: invalid configuration "
26217ddae043Siz "type (%d)"), def->data_type);
26227c478bd9Sstevel@tonic-gate MKERROR(LOG_ERR, *error, NS_CONFIG_SYNTAX, strdup(errstr),
2623*51b02b29SToomas Soome NS_LDAP_MEMORY);
26247c478bd9Sstevel@tonic-gate if (tcp != NULL)
26257c478bd9Sstevel@tonic-gate free(tcp);
26267c478bd9Sstevel@tonic-gate return (NS_LDAP_CONFIG);
26277c478bd9Sstevel@tonic-gate }
26287c478bd9Sstevel@tonic-gate conf.ns_ptype = def->data_type;
26297c478bd9Sstevel@tonic-gate if (tcp != NULL)
26307c478bd9Sstevel@tonic-gate free(tcp);
26317c478bd9Sstevel@tonic-gate
26327c478bd9Sstevel@tonic-gate /* Individually written verify routines here can replace */
26337c478bd9Sstevel@tonic-gate /* verify_value. Verify conf (data) as appropriate here */
26347c478bd9Sstevel@tonic-gate if (def->ns_verify != NULL) {
26357c478bd9Sstevel@tonic-gate if ((*def->ns_verify)(type, def, &conf, errstr) != NS_SUCCESS) {
26367c478bd9Sstevel@tonic-gate ns_param_t sav_conf;
26377c478bd9Sstevel@tonic-gate
26387c478bd9Sstevel@tonic-gate (void) snprintf(errstr, sizeof (errstr),
26397ddae043Siz gettext("%s"), errstr);
26407c478bd9Sstevel@tonic-gate MKERROR(LOG_WARNING, *error, NS_CONFIG_SYNTAX,
2641*51b02b29SToomas Soome strdup(errstr), NS_LDAP_MEMORY);
26427c478bd9Sstevel@tonic-gate
26437c478bd9Sstevel@tonic-gate sav_conf = ptr->paramList[type];
26447c478bd9Sstevel@tonic-gate ptr->paramList[type] = conf;
26457c478bd9Sstevel@tonic-gate destroy_param(ptr, type);
26467c478bd9Sstevel@tonic-gate ptr->paramList[type] = sav_conf;
26477c478bd9Sstevel@tonic-gate
26487c478bd9Sstevel@tonic-gate return (NS_LDAP_CONFIG);
26497c478bd9Sstevel@tonic-gate }
26507c478bd9Sstevel@tonic-gate }
26517c478bd9Sstevel@tonic-gate
26527c478bd9Sstevel@tonic-gate /* post evaluate the data */
26537c478bd9Sstevel@tonic-gate
26547c478bd9Sstevel@tonic-gate /*
26557c478bd9Sstevel@tonic-gate * if this is for setting a password,
26567c478bd9Sstevel@tonic-gate * encrypt the password first.
26577c478bd9Sstevel@tonic-gate * NOTE evalue() is smart and will just return
26587c478bd9Sstevel@tonic-gate * the value passed if it is already encrypted.
26597c478bd9Sstevel@tonic-gate *
26607c478bd9Sstevel@tonic-gate * Init NS_LDAP_EXP_P here when CACHETTL is updated
26617c478bd9Sstevel@tonic-gate */
2662dd1104fbSMichen Chang if (type == NS_LDAP_BINDPASSWD_P ||
2663dd1104fbSMichen Chang type == NS_LDAP_ADMIN_BINDPASSWD_P) {
26647c478bd9Sstevel@tonic-gate cp = conf.ns_pc;
26657c478bd9Sstevel@tonic-gate cp2 = evalue((char *)cp);
26667c478bd9Sstevel@tonic-gate conf.ns_pc = cp2;
26677c478bd9Sstevel@tonic-gate free(cp);
26687c478bd9Sstevel@tonic-gate cp = NULL;
26697c478bd9Sstevel@tonic-gate } else if (type == NS_LDAP_FILE_VERSION_P) {
26707c478bd9Sstevel@tonic-gate ptr->version = NS_LDAP_V1;
26717c478bd9Sstevel@tonic-gate if (strcasecmp(conf.ns_pc, NS_LDAP_VERSION_2) == 0) {
26727c478bd9Sstevel@tonic-gate ptr->version = NS_LDAP_V2;
26737c478bd9Sstevel@tonic-gate }
26747c478bd9Sstevel@tonic-gate } else if (type == NS_LDAP_CACHETTL_P) {
26757c478bd9Sstevel@tonic-gate cp = conf.ns_pc;
26767c478bd9Sstevel@tonic-gate tm = conv_time(cp);
26777c478bd9Sstevel@tonic-gate ptr->paramList[NS_LDAP_EXP_P].ns_ptype = TIMET;
26787c478bd9Sstevel@tonic-gate if (tm != 0) {
26797c478bd9Sstevel@tonic-gate tm += time(NULL);
26807c478bd9Sstevel@tonic-gate }
26817c478bd9Sstevel@tonic-gate ptr->paramList[NS_LDAP_EXP_P].ns_tm = tm;
26827c478bd9Sstevel@tonic-gate }
26837c478bd9Sstevel@tonic-gate
26847c478bd9Sstevel@tonic-gate /* Everything checks out move new values into param */
26857c478bd9Sstevel@tonic-gate destroy_param(ptr, type);
26867c478bd9Sstevel@tonic-gate /* Assign new/updated value into paramList */
26877c478bd9Sstevel@tonic-gate ptr->paramList[type] = conf;
26887c478bd9Sstevel@tonic-gate
26897c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS);
26907c478bd9Sstevel@tonic-gate }
26917c478bd9Sstevel@tonic-gate
26927c478bd9Sstevel@tonic-gate
26937c478bd9Sstevel@tonic-gate /*
26947c478bd9Sstevel@tonic-gate * Set a parameter value in the 'config' configuration structure
26957c478bd9Sstevel@tonic-gate * Lock as appropriate
26967c478bd9Sstevel@tonic-gate */
26977c478bd9Sstevel@tonic-gate
26987c478bd9Sstevel@tonic-gate int
__ns_ldap_setParam(const ParamIndexType type,const void * data,ns_ldap_error_t ** error)26997c478bd9Sstevel@tonic-gate __ns_ldap_setParam(const ParamIndexType type,
2700a4abf230SToomas Soome const void *data, ns_ldap_error_t **error)
27017c478bd9Sstevel@tonic-gate {
27027c478bd9Sstevel@tonic-gate ns_ldap_error_t *errorp;
27037c478bd9Sstevel@tonic-gate int ret;
27047c478bd9Sstevel@tonic-gate char errstr[2 * MAXERROR];
27057c478bd9Sstevel@tonic-gate ns_config_t *cfg;
2706e1dd0a2fSth ns_config_t *cfg_g = (ns_config_t *)-1;
27077c478bd9Sstevel@tonic-gate ns_config_t *new_cfg;
2708e1dd0a2fSth boolean_t reinit_connmgmt = B_FALSE;
27097c478bd9Sstevel@tonic-gate
27107c478bd9Sstevel@tonic-gate /* We want to refresh only one configuration at a time */
27117c478bd9Sstevel@tonic-gate (void) mutex_lock(&ns_loadrefresh_lock);
27127c478bd9Sstevel@tonic-gate cfg = __s_api_get_default_config();
27137c478bd9Sstevel@tonic-gate
27147c478bd9Sstevel@tonic-gate if (cache_server == TRUE) {
27157c478bd9Sstevel@tonic-gate if (cfg == NULL) {
27167ddae043Siz __ns_ldap_default_config();
27177ddae043Siz cfg = __s_api_get_default_config();
27187ddae043Siz if (cfg == NULL) {
27197ddae043Siz (void) mutex_unlock(&ns_loadrefresh_lock);
27207ddae043Siz return (NS_LDAP_MEMORY);
27217ddae043Siz }
27227c478bd9Sstevel@tonic-gate }
27237c478bd9Sstevel@tonic-gate } else {
27247c478bd9Sstevel@tonic-gate /*
27257c478bd9Sstevel@tonic-gate * This code always return error here on client side,
27267c478bd9Sstevel@tonic-gate * this needs to change once libsldap is used by more
27277c478bd9Sstevel@tonic-gate * applications that need to set parameters.
27287c478bd9Sstevel@tonic-gate */
27297c478bd9Sstevel@tonic-gate (void) snprintf(errstr, sizeof (errstr),
27307ddae043Siz gettext("Unable to set parameter from a client in "
27317ddae043Siz "__ns_ldap_setParam()"));
27327c478bd9Sstevel@tonic-gate MKERROR(LOG_WARNING, *error, NS_CONFIG_SYNTAX, strdup(errstr),
2733*51b02b29SToomas Soome NS_LDAP_MEMORY);
27347c478bd9Sstevel@tonic-gate if (cfg != NULL)
27357c478bd9Sstevel@tonic-gate __s_api_release_config(cfg);
27367c478bd9Sstevel@tonic-gate (void) mutex_unlock(&ns_loadrefresh_lock);
27377c478bd9Sstevel@tonic-gate return (NS_LDAP_CONFIG);
27387c478bd9Sstevel@tonic-gate }
27397c478bd9Sstevel@tonic-gate
27407c478bd9Sstevel@tonic-gate /* (re)initialize configuration if necessary */
2741e1dd0a2fSth if (!__s_api_isStandalone() &&
2742e1dd0a2fSth cache_server == FALSE && timetorefresh(cfg))
2743e1dd0a2fSth cfg_g = __s_api_get_default_config_global();
2744e1dd0a2fSth /* only (re)initialize the global configuration */
2745e1dd0a2fSth if (cfg == cfg_g) {
2746e1dd0a2fSth if (cfg_g != NULL)
2747e1dd0a2fSth __s_api_release_config(cfg_g);
2748e1dd0a2fSth new_cfg = LoadCacheConfiguration(cfg, &errorp);
2749e1dd0a2fSth if (new_cfg != cfg)
2750e1dd0a2fSth __s_api_release_config(cfg);
27517c478bd9Sstevel@tonic-gate if (new_cfg == NULL) {
27527c478bd9Sstevel@tonic-gate (void) snprintf(errstr, sizeof (errstr),
27537ddae043Siz gettext("Unable to load configuration '%s' "
27547ddae043Siz "('%s')."), NSCONFIGFILE,
27557ddae043Siz errorp != NULL && errorp->message != NULL ?
27567ddae043Siz errorp->message : "");
27577c478bd9Sstevel@tonic-gate MKERROR(LOG_WARNING, *error, NS_CONFIG_NOTLOADED,
2758*51b02b29SToomas Soome strdup(errstr), NS_LDAP_MEMORY);
27597c478bd9Sstevel@tonic-gate if (errorp != NULL)
27607c478bd9Sstevel@tonic-gate (void) __ns_ldap_freeError(&errorp);
27617c478bd9Sstevel@tonic-gate (void) mutex_unlock(&ns_loadrefresh_lock);
27627c478bd9Sstevel@tonic-gate return (NS_LDAP_CONFIG);
27637c478bd9Sstevel@tonic-gate }
2764e1dd0a2fSth if (new_cfg != cfg) {
2765e1dd0a2fSth set_curr_config_global(new_cfg);
2766e1dd0a2fSth cfg = new_cfg;
2767e1dd0a2fSth reinit_connmgmt = B_TRUE;
2768e1dd0a2fSth }
27697c478bd9Sstevel@tonic-gate }
27707c478bd9Sstevel@tonic-gate (void) mutex_unlock(&ns_loadrefresh_lock);
27717c478bd9Sstevel@tonic-gate
2772e1dd0a2fSth if (reinit_connmgmt == B_TRUE)
2773e1dd0a2fSth __s_api_reinit_conn_mgmt_new_config(cfg);
2774e1dd0a2fSth
27757c478bd9Sstevel@tonic-gate /* translate input and save in the parameter list */
27767c478bd9Sstevel@tonic-gate ret = __ns_ldap_setParamValue(cfg, type, data, error);
27777c478bd9Sstevel@tonic-gate
27787c478bd9Sstevel@tonic-gate __s_api_release_config(cfg);
27797c478bd9Sstevel@tonic-gate
27807c478bd9Sstevel@tonic-gate return (ret);
27817c478bd9Sstevel@tonic-gate }
27827c478bd9Sstevel@tonic-gate
27837c478bd9Sstevel@tonic-gate
27847c478bd9Sstevel@tonic-gate /*
27857c478bd9Sstevel@tonic-gate * Make a copy of a parameter entry
27867c478bd9Sstevel@tonic-gate */
27877c478bd9Sstevel@tonic-gate
27887c478bd9Sstevel@tonic-gate static void **
dupParam(ns_param_t * ptr)27897c478bd9Sstevel@tonic-gate dupParam(ns_param_t *ptr)
27907c478bd9Sstevel@tonic-gate {
27917c478bd9Sstevel@tonic-gate int count, i;
27927c478bd9Sstevel@tonic-gate void **dupdata, *ret;
27937c478bd9Sstevel@tonic-gate int *intptr;
27947c478bd9Sstevel@tonic-gate char *cp, tmbuf[32];
27957c478bd9Sstevel@tonic-gate static time_t expire = 0;
27967c478bd9Sstevel@tonic-gate ns_auth_t *ap;
27977c478bd9Sstevel@tonic-gate
27987c478bd9Sstevel@tonic-gate switch (ptr->ns_ptype) {
27997c478bd9Sstevel@tonic-gate case ARRAYAUTH:
28007c478bd9Sstevel@tonic-gate case ARRAYCRED:
28017c478bd9Sstevel@tonic-gate case SAMLIST:
28027c478bd9Sstevel@tonic-gate case SCLLIST:
28037c478bd9Sstevel@tonic-gate case SSDLIST:
28047c478bd9Sstevel@tonic-gate case SERVLIST:
28057c478bd9Sstevel@tonic-gate case ARRAYCP:
28067c478bd9Sstevel@tonic-gate count = ptr->ns_acnt;
28077c478bd9Sstevel@tonic-gate if (count == 0)
28087c478bd9Sstevel@tonic-gate return (NULL);
28097c478bd9Sstevel@tonic-gate break;
28107c478bd9Sstevel@tonic-gate case CHARPTR:
28117c478bd9Sstevel@tonic-gate case INT:
28127c478bd9Sstevel@tonic-gate case TIMET:
28137c478bd9Sstevel@tonic-gate count = 1;
28147c478bd9Sstevel@tonic-gate }
28157c478bd9Sstevel@tonic-gate
28167c478bd9Sstevel@tonic-gate dupdata = (void **)calloc((count + 1), sizeof (void *));
28177c478bd9Sstevel@tonic-gate if (dupdata == NULL)
28187c478bd9Sstevel@tonic-gate return (NULL);
28197c478bd9Sstevel@tonic-gate
28207c478bd9Sstevel@tonic-gate switch (ptr->ns_ptype) {
28217c478bd9Sstevel@tonic-gate case ARRAYAUTH:
28227c478bd9Sstevel@tonic-gate for (i = 0; i < count; i++) {
28237c478bd9Sstevel@tonic-gate ap = __s_api_AuthEnumtoStruct(
28247ddae043Siz (EnumAuthType_t)ptr->ns_pi[i]);
28257c478bd9Sstevel@tonic-gate if (ap == NULL) {
28267c478bd9Sstevel@tonic-gate free(dupdata);
28277c478bd9Sstevel@tonic-gate return (NULL);
28287c478bd9Sstevel@tonic-gate }
28297c478bd9Sstevel@tonic-gate dupdata[i] = ap;
28307c478bd9Sstevel@tonic-gate }
28317c478bd9Sstevel@tonic-gate break;
28327c478bd9Sstevel@tonic-gate case ARRAYCRED:
28337c478bd9Sstevel@tonic-gate for (i = 0; i < count; i++) {
28347c478bd9Sstevel@tonic-gate intptr = (int *)malloc(sizeof (int));
28357c478bd9Sstevel@tonic-gate if (intptr == NULL) {
28367c478bd9Sstevel@tonic-gate free(dupdata);
28377c478bd9Sstevel@tonic-gate return (NULL);
28387c478bd9Sstevel@tonic-gate }
28397c478bd9Sstevel@tonic-gate dupdata[i] = (void *)intptr;
28407c478bd9Sstevel@tonic-gate *intptr = ptr->ns_pi[i];
28417c478bd9Sstevel@tonic-gate }
28427c478bd9Sstevel@tonic-gate break;
28437c478bd9Sstevel@tonic-gate case SAMLIST:
28447c478bd9Sstevel@tonic-gate case SCLLIST:
28457c478bd9Sstevel@tonic-gate case SSDLIST:
28467c478bd9Sstevel@tonic-gate case SERVLIST:
28477c478bd9Sstevel@tonic-gate case ARRAYCP:
28487c478bd9Sstevel@tonic-gate for (i = 0; i < count; i++) {
28497c478bd9Sstevel@tonic-gate ret = (void *)strdup(ptr->ns_ppc[i]);
28507c478bd9Sstevel@tonic-gate if (ret == NULL) {
28517c478bd9Sstevel@tonic-gate free(dupdata);
28527c478bd9Sstevel@tonic-gate return (NULL);
28537c478bd9Sstevel@tonic-gate }
28547c478bd9Sstevel@tonic-gate dupdata[i] = ret;
28557c478bd9Sstevel@tonic-gate }
28567c478bd9Sstevel@tonic-gate break;
28577c478bd9Sstevel@tonic-gate case CHARPTR:
28587c478bd9Sstevel@tonic-gate if (ptr->ns_pc == NULL) {
28597c478bd9Sstevel@tonic-gate free(dupdata);
28607c478bd9Sstevel@tonic-gate return (NULL);
28617c478bd9Sstevel@tonic-gate }
28627c478bd9Sstevel@tonic-gate ret = (void *)strdup(ptr->ns_pc);
28637c478bd9Sstevel@tonic-gate if (ret == NULL) {
28647c478bd9Sstevel@tonic-gate free(dupdata);
28657c478bd9Sstevel@tonic-gate return (NULL);
28667c478bd9Sstevel@tonic-gate }
28677c478bd9Sstevel@tonic-gate dupdata[0] = ret;
28687c478bd9Sstevel@tonic-gate break;
28697c478bd9Sstevel@tonic-gate case INT:
28707c478bd9Sstevel@tonic-gate intptr = (int *)malloc(sizeof (int));
28717c478bd9Sstevel@tonic-gate if (intptr == NULL) {
28727c478bd9Sstevel@tonic-gate free(dupdata);
28737c478bd9Sstevel@tonic-gate return (NULL);
28747c478bd9Sstevel@tonic-gate }
28757c478bd9Sstevel@tonic-gate *intptr = ptr->ns_i;
28767c478bd9Sstevel@tonic-gate dupdata[0] = (void *)intptr;
28777c478bd9Sstevel@tonic-gate break;
28787c478bd9Sstevel@tonic-gate case TIMET:
28797c478bd9Sstevel@tonic-gate expire = ptr->ns_tm;
28807c478bd9Sstevel@tonic-gate tmbuf[31] = '\0';
28817c478bd9Sstevel@tonic-gate cp = lltostr((long)expire, &tmbuf[31]);
28827c478bd9Sstevel@tonic-gate ret = (void *)strdup(cp);
28837c478bd9Sstevel@tonic-gate if (ret == NULL) {
28847c478bd9Sstevel@tonic-gate free(dupdata);
28857c478bd9Sstevel@tonic-gate return (NULL);
28867c478bd9Sstevel@tonic-gate }
28877c478bd9Sstevel@tonic-gate dupdata[0] = ret;
28887c478bd9Sstevel@tonic-gate break;
28897c478bd9Sstevel@tonic-gate }
28907c478bd9Sstevel@tonic-gate return (dupdata);
28917c478bd9Sstevel@tonic-gate }
28927c478bd9Sstevel@tonic-gate
28937c478bd9Sstevel@tonic-gate int
__ns_ldap_freeParam(void *** data)28947c478bd9Sstevel@tonic-gate __ns_ldap_freeParam(void ***data)
28957c478bd9Sstevel@tonic-gate {
28967c478bd9Sstevel@tonic-gate void **tmp;
28977c478bd9Sstevel@tonic-gate int i = 0;
28987c478bd9Sstevel@tonic-gate
28997c478bd9Sstevel@tonic-gate if (*data == NULL)
29007c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS);
29017c478bd9Sstevel@tonic-gate
29027c478bd9Sstevel@tonic-gate for (i = 0, tmp = *data; tmp[i] != NULL; i++)
29037c478bd9Sstevel@tonic-gate free(tmp[i]);
29047c478bd9Sstevel@tonic-gate
29057c478bd9Sstevel@tonic-gate free(*data);
29067c478bd9Sstevel@tonic-gate
29077c478bd9Sstevel@tonic-gate *data = NULL;
29087c478bd9Sstevel@tonic-gate
29097c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS);
29107c478bd9Sstevel@tonic-gate }
29117c478bd9Sstevel@tonic-gate
29127c478bd9Sstevel@tonic-gate /*
29137c478bd9Sstevel@tonic-gate * Get the internal format for a parameter value. This
29147c478bd9Sstevel@tonic-gate * routine makes a copy of an internal param value from
29157c478bd9Sstevel@tonic-gate * the currently active parameter list and returns it.
29167c478bd9Sstevel@tonic-gate */
29177c478bd9Sstevel@tonic-gate
29187c478bd9Sstevel@tonic-gate int
__ns_ldap_getParam(const ParamIndexType Param,void *** data,ns_ldap_error_t ** error)29197c478bd9Sstevel@tonic-gate __ns_ldap_getParam(const ParamIndexType Param,
2920a4abf230SToomas Soome void ***data, ns_ldap_error_t **error)
29217c478bd9Sstevel@tonic-gate {
29227c478bd9Sstevel@tonic-gate char errstr[2 * MAXERROR];
29237c478bd9Sstevel@tonic-gate ns_ldap_error_t *errorp;
29247c478bd9Sstevel@tonic-gate ns_default_config *def;
29257c478bd9Sstevel@tonic-gate ns_config_t *cfg;
2926e1dd0a2fSth ns_config_t *cfg_g = (ns_config_t *)-1;
29277c478bd9Sstevel@tonic-gate ns_config_t *new_cfg;
2928e1dd0a2fSth boolean_t reinit_connmgmt = B_FALSE;
29297c478bd9Sstevel@tonic-gate
29307c478bd9Sstevel@tonic-gate if (data == NULL)
29317c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM);
29327c478bd9Sstevel@tonic-gate
29337c478bd9Sstevel@tonic-gate *data = NULL;
29347c478bd9Sstevel@tonic-gate
29357c478bd9Sstevel@tonic-gate /* We want to refresh only one configuration at a time */
29367c478bd9Sstevel@tonic-gate (void) mutex_lock(&ns_loadrefresh_lock);
29377c478bd9Sstevel@tonic-gate cfg = __s_api_get_default_config();
29387c478bd9Sstevel@tonic-gate
29397c478bd9Sstevel@tonic-gate /* (re)initialize configuration if necessary */
2940e1dd0a2fSth if (!__s_api_isStandalone() &&
2941e1dd0a2fSth cache_server == FALSE && timetorefresh(cfg))
2942e1dd0a2fSth cfg_g = __s_api_get_default_config_global();
2943e1dd0a2fSth /* only (re)initialize the global configuration */
2944e1dd0a2fSth if (cfg == cfg_g) {
2945e1dd0a2fSth if (cfg_g != NULL)
2946e1dd0a2fSth __s_api_release_config(cfg_g);
2947e1dd0a2fSth new_cfg = LoadCacheConfiguration(cfg, &errorp);
2948e1dd0a2fSth if (new_cfg != cfg)
2949e1dd0a2fSth __s_api_release_config(cfg);
29507c478bd9Sstevel@tonic-gate if (new_cfg == NULL) {
29517c478bd9Sstevel@tonic-gate (void) snprintf(errstr, sizeof (errstr),
29527ddae043Siz gettext("Unable to load configuration "
29537ddae043Siz "'%s' ('%s')."),
29547ddae043Siz NSCONFIGFILE,
29557ddae043Siz errorp != NULL && errorp->message != NULL ?
29567ddae043Siz errorp->message : "");
29577c478bd9Sstevel@tonic-gate MKERROR(LOG_WARNING, *error, NS_CONFIG_NOTLOADED,
2958*51b02b29SToomas Soome strdup(errstr), NS_LDAP_MEMORY);
29597c478bd9Sstevel@tonic-gate if (errorp != NULL)
29607c478bd9Sstevel@tonic-gate (void) __ns_ldap_freeError(&errorp);
29617c478bd9Sstevel@tonic-gate (void) mutex_unlock(&ns_loadrefresh_lock);
29627c478bd9Sstevel@tonic-gate return (NS_LDAP_CONFIG);
29637c478bd9Sstevel@tonic-gate }
2964e1dd0a2fSth if (new_cfg != cfg) {
2965e1dd0a2fSth set_curr_config_global(new_cfg);
2966e1dd0a2fSth cfg = new_cfg;
2967e1dd0a2fSth reinit_connmgmt = B_TRUE;
2968e1dd0a2fSth }
29697c478bd9Sstevel@tonic-gate }
29707c478bd9Sstevel@tonic-gate (void) mutex_unlock(&ns_loadrefresh_lock);
29717c478bd9Sstevel@tonic-gate
2972e1dd0a2fSth if (reinit_connmgmt == B_TRUE)
2973e1dd0a2fSth __s_api_reinit_conn_mgmt_new_config(cfg);
2974e1dd0a2fSth
29757c478bd9Sstevel@tonic-gate if (cfg == NULL) {
29767c478bd9Sstevel@tonic-gate (void) snprintf(errstr, sizeof (errstr),
29777c478bd9Sstevel@tonic-gate gettext("No configuration information available."));
29787c478bd9Sstevel@tonic-gate MKERROR(LOG_ERR, *error, NS_CONFIG_NOTLOADED,
2979*51b02b29SToomas Soome strdup(errstr), NS_LDAP_MEMORY);
29807c478bd9Sstevel@tonic-gate return (NS_LDAP_CONFIG);
29817c478bd9Sstevel@tonic-gate }
29827c478bd9Sstevel@tonic-gate
29837c478bd9Sstevel@tonic-gate if (Param == NS_LDAP_DOMAIN_P) {
29847c478bd9Sstevel@tonic-gate *data = (void **)calloc(2, sizeof (void *));
29857c478bd9Sstevel@tonic-gate if (*data == NULL) {
29867c478bd9Sstevel@tonic-gate __s_api_release_config(cfg);
29877c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY);
29887c478bd9Sstevel@tonic-gate }
29897c478bd9Sstevel@tonic-gate (*data)[0] = (void *)strdup(cfg->domainName);
29907c478bd9Sstevel@tonic-gate if ((*data)[0] == NULL) {
29917c478bd9Sstevel@tonic-gate free(*data);
29927c478bd9Sstevel@tonic-gate __s_api_release_config(cfg);
29937c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY);
29947c478bd9Sstevel@tonic-gate }
29957c478bd9Sstevel@tonic-gate } else if (cfg->paramList[Param].ns_ptype == NS_UNKNOWN) {
29967c478bd9Sstevel@tonic-gate /* get default */
29977c478bd9Sstevel@tonic-gate def = get_defconfig(cfg, Param);
29987c478bd9Sstevel@tonic-gate if (def != NULL)
29997c478bd9Sstevel@tonic-gate *data = dupParam(&def->defval);
30007c478bd9Sstevel@tonic-gate } else {
30017c478bd9Sstevel@tonic-gate *data = dupParam(&(cfg->paramList[Param]));
30027c478bd9Sstevel@tonic-gate }
30037c478bd9Sstevel@tonic-gate __s_api_release_config(cfg);
30047c478bd9Sstevel@tonic-gate
30057c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS);
30067c478bd9Sstevel@tonic-gate }
30077c478bd9Sstevel@tonic-gate
30087c478bd9Sstevel@tonic-gate /*
30097c478bd9Sstevel@tonic-gate * This routine takes a parameter in internal format and
30107c478bd9Sstevel@tonic-gate * translates it into a variety of string formats for various
30117c478bd9Sstevel@tonic-gate * outputs (doors/file/ldif). This routine would be better
30127c478bd9Sstevel@tonic-gate * named: __ns_ldap_translateParam2String
30137c478bd9Sstevel@tonic-gate */
30147c478bd9Sstevel@tonic-gate
30157c478bd9Sstevel@tonic-gate char *
__s_api_strValue(ns_config_t * cfg,ParamIndexType index,ns_strfmt_t fmt)3016434c5a06SMilan Jurik __s_api_strValue(ns_config_t *cfg, ParamIndexType index, ns_strfmt_t fmt)
30177c478bd9Sstevel@tonic-gate {
30187c478bd9Sstevel@tonic-gate ns_default_config *def = NULL;
30197c478bd9Sstevel@tonic-gate ns_param_t *ptr;
30207c478bd9Sstevel@tonic-gate ns_hash_t *hptr;
30217c478bd9Sstevel@tonic-gate ns_mapping_t *mptr;
3022434c5a06SMilan Jurik char ibuf[14];
30237c478bd9Sstevel@tonic-gate char abuf[64], **cpp;
3024434c5a06SMilan Jurik int count, i;
3025434c5a06SMilan Jurik boolean_t first = B_TRUE;
3026434c5a06SMilan Jurik LineBuf lbuf;
3027434c5a06SMilan Jurik LineBuf *buffer = &lbuf;
3028434c5a06SMilan Jurik char *retstring;
3029434c5a06SMilan Jurik char *sepstr;
30307c478bd9Sstevel@tonic-gate
3031434c5a06SMilan Jurik if (cfg == NULL)
30327c478bd9Sstevel@tonic-gate return (NULL);
30337c478bd9Sstevel@tonic-gate
30347c478bd9Sstevel@tonic-gate /* NS_LDAP_EXP and TRANSPORT_SEC are not exported externally */
30357c478bd9Sstevel@tonic-gate if (index == NS_LDAP_EXP_P || index == NS_LDAP_TRANSPORT_SEC_P)
30367c478bd9Sstevel@tonic-gate return (NULL);
30377c478bd9Sstevel@tonic-gate
30387c478bd9Sstevel@tonic-gate /* Return nothing if the value is the default */
30397c478bd9Sstevel@tonic-gate if (cfg->paramList[index].ns_ptype == NS_UNKNOWN)
30407c478bd9Sstevel@tonic-gate return (NULL);
30417c478bd9Sstevel@tonic-gate
3042434c5a06SMilan Jurik (void) memset((char *)buffer, 0, sizeof (LineBuf));
3043434c5a06SMilan Jurik
30447c478bd9Sstevel@tonic-gate ptr = &(cfg->paramList[index]);
30457c478bd9Sstevel@tonic-gate
30467c478bd9Sstevel@tonic-gate abuf[0] = '\0';
30477c478bd9Sstevel@tonic-gate
30487c478bd9Sstevel@tonic-gate /* get default */
30497c478bd9Sstevel@tonic-gate def = get_defconfig(cfg, index);
30507c478bd9Sstevel@tonic-gate if (def == NULL)
30517c478bd9Sstevel@tonic-gate return (NULL);
30527c478bd9Sstevel@tonic-gate
30537c478bd9Sstevel@tonic-gate switch (fmt) {
30547c478bd9Sstevel@tonic-gate case NS_DOOR_FMT:
30557c478bd9Sstevel@tonic-gate (void) strlcpy(abuf, def->name, sizeof (abuf));
30567c478bd9Sstevel@tonic-gate (void) strlcat(abuf, EQUALSEP, sizeof (abuf));
30577c478bd9Sstevel@tonic-gate break;
30587c478bd9Sstevel@tonic-gate case NS_FILE_FMT:
30597c478bd9Sstevel@tonic-gate (void) strlcpy(abuf, def->name, sizeof (abuf));
30607c478bd9Sstevel@tonic-gate (void) strlcat(abuf, EQUSPSEP, sizeof (abuf));
30617c478bd9Sstevel@tonic-gate break;
30627c478bd9Sstevel@tonic-gate case NS_LDIF_FMT:
30637c478bd9Sstevel@tonic-gate /* If no LDIF attr exists ignore the entry */
30647c478bd9Sstevel@tonic-gate if (def->profile_name == NULL)
30657c478bd9Sstevel@tonic-gate return (NULL);
30667c478bd9Sstevel@tonic-gate (void) strlcpy(abuf, def->profile_name, sizeof (abuf));
30677c478bd9Sstevel@tonic-gate (void) strlcat(abuf, COLSPSEP, sizeof (abuf));
30687c478bd9Sstevel@tonic-gate break;
30697c478bd9Sstevel@tonic-gate default:
30707c478bd9Sstevel@tonic-gate break;
30717c478bd9Sstevel@tonic-gate }
30727c478bd9Sstevel@tonic-gate
3073434c5a06SMilan Jurik if (__print2buf(buffer, abuf, NULL))
3074434c5a06SMilan Jurik goto strValueError;
30757c478bd9Sstevel@tonic-gate
30767c478bd9Sstevel@tonic-gate switch (ptr->ns_ptype) {
30777c478bd9Sstevel@tonic-gate case ARRAYAUTH:
30787c478bd9Sstevel@tonic-gate count = ptr->ns_acnt;
30797c478bd9Sstevel@tonic-gate for (i = 0; i < count; i++) {
3080434c5a06SMilan Jurik sepstr = NULL;
30817c478bd9Sstevel@tonic-gate if (i != count-1) {
3082434c5a06SMilan Jurik if (cfg->version == NS_LDAP_V1) {
3083434c5a06SMilan Jurik sepstr = COMMASEP;
3084434c5a06SMilan Jurik } else {
3085434c5a06SMilan Jurik sepstr = SEMISEP;
3086434c5a06SMilan Jurik }
30877c478bd9Sstevel@tonic-gate }
3088434c5a06SMilan Jurik if (__print2buf(buffer, __s_get_auth_name(cfg,
3089434c5a06SMilan Jurik (AuthType_t)(ptr->ns_pi[i])), sepstr))
3090434c5a06SMilan Jurik goto strValueError;
30917c478bd9Sstevel@tonic-gate }
30927c478bd9Sstevel@tonic-gate break;
30937c478bd9Sstevel@tonic-gate case ARRAYCRED:
30947c478bd9Sstevel@tonic-gate count = ptr->ns_acnt;
30957c478bd9Sstevel@tonic-gate for (i = 0; i < count; i++) {
3096434c5a06SMilan Jurik sepstr = NULL;
30977c478bd9Sstevel@tonic-gate if (i != count-1) {
3098434c5a06SMilan Jurik sepstr = SPACESEP;
30997c478bd9Sstevel@tonic-gate }
3100434c5a06SMilan Jurik if (__print2buf(buffer, __s_get_credlvl_name(cfg,
3101434c5a06SMilan Jurik (CredLevel_t)ptr->ns_pi[i]), sepstr))
3102434c5a06SMilan Jurik goto strValueError;
31037c478bd9Sstevel@tonic-gate }
31047c478bd9Sstevel@tonic-gate break;
31057c478bd9Sstevel@tonic-gate case SAMLIST:
31067c478bd9Sstevel@tonic-gate case SCLLIST:
31077c478bd9Sstevel@tonic-gate case SSDLIST:
31087c478bd9Sstevel@tonic-gate count = ptr->ns_acnt;
31097c478bd9Sstevel@tonic-gate for (i = 0; i < count; i++) {
3110434c5a06SMilan Jurik if (__print2buf(buffer, ptr->ns_ppc[i], NULL))
3111434c5a06SMilan Jurik goto strValueError;
3112434c5a06SMilan Jurik
3113434c5a06SMilan Jurik if (i == count-1)
3114434c5a06SMilan Jurik continue;
3115434c5a06SMilan Jurik
3116434c5a06SMilan Jurik /* Separate items */
3117434c5a06SMilan Jurik switch (fmt) {
3118434c5a06SMilan Jurik case NS_DOOR_FMT:
3119434c5a06SMilan Jurik if (__print2buf(buffer, DOORLINESEP, NULL) ||
3120434c5a06SMilan Jurik __print2buf(buffer, def->name, EQUALSEP))
3121434c5a06SMilan Jurik goto strValueError;
3122434c5a06SMilan Jurik break;
3123434c5a06SMilan Jurik case NS_FILE_FMT:
3124434c5a06SMilan Jurik if (__print2buf(buffer, "\n", NULL) ||
3125434c5a06SMilan Jurik __print2buf(buffer, def->name, EQUSPSEP))
3126434c5a06SMilan Jurik goto strValueError;
3127434c5a06SMilan Jurik break;
3128434c5a06SMilan Jurik case NS_LDIF_FMT:
3129434c5a06SMilan Jurik if (__print2buf(buffer, "\n", NULL) ||
3130434c5a06SMilan Jurik __print2buf(buffer, def->profile_name,
3131434c5a06SMilan Jurik COLSPSEP))
3132434c5a06SMilan Jurik goto strValueError;
3133434c5a06SMilan Jurik break;
31347c478bd9Sstevel@tonic-gate }
31357c478bd9Sstevel@tonic-gate }
31367c478bd9Sstevel@tonic-gate break;
31377c478bd9Sstevel@tonic-gate case ARRAYCP:
31387c478bd9Sstevel@tonic-gate count = ptr->ns_acnt;
31397c478bd9Sstevel@tonic-gate for (i = 0; i < count; i++) {
3140434c5a06SMilan Jurik sepstr = NULL;
31417c478bd9Sstevel@tonic-gate if (i != count-1) {
3142434c5a06SMilan Jurik sepstr = COMMASEP;
31437c478bd9Sstevel@tonic-gate }
3144434c5a06SMilan Jurik if (__print2buf(buffer, ptr->ns_ppc[i], sepstr))
3145434c5a06SMilan Jurik goto strValueError;
31467c478bd9Sstevel@tonic-gate }
31477c478bd9Sstevel@tonic-gate break;
31487c478bd9Sstevel@tonic-gate case SERVLIST:
31497c478bd9Sstevel@tonic-gate count = ptr->ns_acnt;
31507c478bd9Sstevel@tonic-gate for (i = 0; i < count; i++) {
3151434c5a06SMilan Jurik sepstr = NULL;
31527c478bd9Sstevel@tonic-gate if (i != count-1) {
3153434c5a06SMilan Jurik if (fmt == NS_LDIF_FMT) {
3154434c5a06SMilan Jurik sepstr = SPACESEP;
3155434c5a06SMilan Jurik } else {
3156434c5a06SMilan Jurik sepstr = COMMASEP;
3157434c5a06SMilan Jurik }
31587c478bd9Sstevel@tonic-gate }
3159434c5a06SMilan Jurik if (__print2buf(buffer, ptr->ns_ppc[i], sepstr))
3160434c5a06SMilan Jurik goto strValueError;
31617c478bd9Sstevel@tonic-gate }
31627c478bd9Sstevel@tonic-gate break;
31637c478bd9Sstevel@tonic-gate case CHARPTR:
31647c478bd9Sstevel@tonic-gate if (ptr->ns_pc == NULL)
31657c478bd9Sstevel@tonic-gate break;
3166434c5a06SMilan Jurik if (__print2buf(buffer, ptr->ns_pc, NULL))
3167434c5a06SMilan Jurik goto strValueError;
31687c478bd9Sstevel@tonic-gate break;
31697c478bd9Sstevel@tonic-gate case INT:
31707c478bd9Sstevel@tonic-gate switch (def->index) {
31717c478bd9Sstevel@tonic-gate case NS_LDAP_PREF_ONLY_P:
3172434c5a06SMilan Jurik if (__print2buf(buffer,
3173434c5a06SMilan Jurik __s_get_pref_name((PrefOnly_t)ptr->ns_i), NULL))
3174434c5a06SMilan Jurik goto strValueError;
31757c478bd9Sstevel@tonic-gate break;
31767c478bd9Sstevel@tonic-gate case NS_LDAP_SEARCH_REF_P:
3177434c5a06SMilan Jurik if (__print2buf(buffer, __s_get_searchref_name(cfg,
3178434c5a06SMilan Jurik (SearchRef_t)ptr->ns_i), NULL))
3179434c5a06SMilan Jurik goto strValueError;
31807c478bd9Sstevel@tonic-gate break;
31817c478bd9Sstevel@tonic-gate case NS_LDAP_SEARCH_SCOPE_P:
3182434c5a06SMilan Jurik if (__print2buf(buffer, __s_get_scope_name(cfg,
3183434c5a06SMilan Jurik (ScopeType_t)ptr->ns_i), NULL))
3184434c5a06SMilan Jurik goto strValueError;
31857c478bd9Sstevel@tonic-gate break;
3186dd1104fbSMichen Chang case NS_LDAP_ENABLE_SHADOW_UPDATE_P:
3187434c5a06SMilan Jurik if (__print2buf(buffer, __s_get_shadowupdate_name(
3188434c5a06SMilan Jurik (enableShadowUpdate_t)ptr->ns_i), NULL))
3189434c5a06SMilan Jurik goto strValueError;
3190dd1104fbSMichen Chang break;
31917c478bd9Sstevel@tonic-gate default:
31927c478bd9Sstevel@tonic-gate (void) snprintf(ibuf, sizeof (ibuf),
31937ddae043Siz "%d", ptr->ns_i);
3194434c5a06SMilan Jurik if (__print2buf(buffer, ibuf, NULL))
3195434c5a06SMilan Jurik goto strValueError;
31967c478bd9Sstevel@tonic-gate break;
31977c478bd9Sstevel@tonic-gate }
31987c478bd9Sstevel@tonic-gate break;
31997c478bd9Sstevel@tonic-gate case ATTRMAP:
32007c478bd9Sstevel@tonic-gate for (hptr = cfg->llHead; hptr; hptr = hptr->h_llnext) {
32017c478bd9Sstevel@tonic-gate if (hptr->h_type != NS_HASH_AMAP) {
32027c478bd9Sstevel@tonic-gate continue;
32037c478bd9Sstevel@tonic-gate }
32047c478bd9Sstevel@tonic-gate if (!first) {
3205434c5a06SMilan Jurik /* print abuf as "separator" */
3206434c5a06SMilan Jurik if (fmt == NS_DOOR_FMT) {
3207434c5a06SMilan Jurik if (__print2buf(buffer, DOORLINESEP,
3208434c5a06SMilan Jurik abuf))
3209434c5a06SMilan Jurik goto strValueError;
3210434c5a06SMilan Jurik } else {
3211434c5a06SMilan Jurik if (__print2buf(buffer, "\n", abuf))
3212434c5a06SMilan Jurik goto strValueError;
3213434c5a06SMilan Jurik }
32147c478bd9Sstevel@tonic-gate }
32157c478bd9Sstevel@tonic-gate mptr = hptr->h_map;
3216434c5a06SMilan Jurik if (__print2buf(buffer, mptr->service, COLONSEP) ||
3217434c5a06SMilan Jurik __print2buf(buffer, mptr->orig, EQUALSEP))
3218434c5a06SMilan Jurik goto strValueError;
32197c478bd9Sstevel@tonic-gate for (cpp = mptr->map; cpp && *cpp; cpp++) {
3220434c5a06SMilan Jurik /* print *cpp as "separator" */
3221434c5a06SMilan Jurik sepstr = "";
32227c478bd9Sstevel@tonic-gate if (cpp != mptr->map)
3223434c5a06SMilan Jurik sepstr = SPACESEP;
3224434c5a06SMilan Jurik if (__print2buf(buffer, sepstr, *cpp))
3225434c5a06SMilan Jurik goto strValueError;
32267c478bd9Sstevel@tonic-gate }
3227434c5a06SMilan Jurik first = B_FALSE;
32287c478bd9Sstevel@tonic-gate }
32297c478bd9Sstevel@tonic-gate break;
32307c478bd9Sstevel@tonic-gate case OBJMAP:
32317c478bd9Sstevel@tonic-gate for (hptr = cfg->llHead; hptr; hptr = hptr->h_llnext) {
32327c478bd9Sstevel@tonic-gate if (hptr->h_type != NS_HASH_OMAP) {
32337c478bd9Sstevel@tonic-gate continue;
32347c478bd9Sstevel@tonic-gate }
32357c478bd9Sstevel@tonic-gate if (!first) {
3236434c5a06SMilan Jurik /* print abuf as "separator" */
3237434c5a06SMilan Jurik if (fmt == NS_DOOR_FMT) {
3238434c5a06SMilan Jurik if (__print2buf(buffer, DOORLINESEP,
3239434c5a06SMilan Jurik abuf))
3240434c5a06SMilan Jurik goto strValueError;
3241434c5a06SMilan Jurik } else {
3242434c5a06SMilan Jurik if (__print2buf(buffer, "\n", abuf))
3243434c5a06SMilan Jurik goto strValueError;
3244434c5a06SMilan Jurik }
32457c478bd9Sstevel@tonic-gate }
32467c478bd9Sstevel@tonic-gate mptr = hptr->h_map;
3247434c5a06SMilan Jurik if (__print2buf(buffer, mptr->service, COLONSEP) ||
3248434c5a06SMilan Jurik __print2buf(buffer, mptr->orig, EQUALSEP))
3249434c5a06SMilan Jurik goto strValueError;
32507c478bd9Sstevel@tonic-gate for (cpp = mptr->map; cpp && *cpp; cpp++) {
3251434c5a06SMilan Jurik /* print *cpp as "separator" */
3252434c5a06SMilan Jurik sepstr = "";
32537c478bd9Sstevel@tonic-gate if (cpp != mptr->map)
3254434c5a06SMilan Jurik sepstr = SPACESEP;
3255434c5a06SMilan Jurik if (__print2buf(buffer, sepstr, *cpp))
3256434c5a06SMilan Jurik goto strValueError;
32577c478bd9Sstevel@tonic-gate }
3258434c5a06SMilan Jurik first = B_FALSE;
32597c478bd9Sstevel@tonic-gate }
32607c478bd9Sstevel@tonic-gate break;
32617c478bd9Sstevel@tonic-gate }
3262434c5a06SMilan Jurik
3263434c5a06SMilan Jurik retstring = buffer->str;
3264434c5a06SMilan Jurik return (retstring);
3265434c5a06SMilan Jurik
3266434c5a06SMilan Jurik strValueError:
3267434c5a06SMilan Jurik if (buffer->len > 0)
3268434c5a06SMilan Jurik free(buffer->str);
3269434c5a06SMilan Jurik return (NULL);
32707c478bd9Sstevel@tonic-gate }
32717c478bd9Sstevel@tonic-gate
3272b57459abSJulian Pullen /* shared by __door_getldapconfig() and __door_getadmincred() */
3273b57459abSJulian Pullen int
__door_getconf(char ** buffer,int * buflen,ns_ldap_error_t ** error,int callnumber)3274b57459abSJulian Pullen __door_getconf(char **buffer, int *buflen, ns_ldap_error_t **error,
3275a4abf230SToomas Soome int callnumber)
32767c478bd9Sstevel@tonic-gate {
32777c478bd9Sstevel@tonic-gate typedef union {
32787c478bd9Sstevel@tonic-gate ldap_data_t s_d;
32797c478bd9Sstevel@tonic-gate char s_b[DOORBUFFERSIZE];
32807c478bd9Sstevel@tonic-gate } space_t;
32817ddae043Siz space_t *space;
32827c478bd9Sstevel@tonic-gate
32837ddae043Siz ldap_data_t *sptr;
32847ddae043Siz int ndata;
32857ddae043Siz int adata;
32867ddae043Siz char errstr[MAXERROR];
32877ddae043Siz char *domainname;
32887ddae043Siz ns_ldap_return_code retCode;
3289e1dd0a2fSth ldap_config_out_t *cfghdr;
32907ddae043Siz
32917ddae043Siz *error = NULL;
32927c478bd9Sstevel@tonic-gate
32937c478bd9Sstevel@tonic-gate domainname = __getdomainname();
32947c478bd9Sstevel@tonic-gate if (domainname == NULL || buffer == NULL || buflen == NULL ||
32957c478bd9Sstevel@tonic-gate (strlen(domainname) >= (sizeof (space_t)
32967ddae043Siz - sizeof (space->s_d.ldap_call.ldap_callnumber)))) {
32977c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED);
32987c478bd9Sstevel@tonic-gate }
32997c478bd9Sstevel@tonic-gate
33007c478bd9Sstevel@tonic-gate space = (space_t *)calloc(1, sizeof (space_t));
33017c478bd9Sstevel@tonic-gate if (space == NULL)
33027ddae043Siz return (NS_LDAP_MEMORY);
33037c478bd9Sstevel@tonic-gate
33047c478bd9Sstevel@tonic-gate adata = (sizeof (ldap_call_t) + strlen(domainname) +1);
33057c478bd9Sstevel@tonic-gate ndata = sizeof (space_t);
3306b57459abSJulian Pullen space->s_d.ldap_call.ldap_callnumber = callnumber;
33077c478bd9Sstevel@tonic-gate (void) strcpy(space->s_d.ldap_call.ldap_u.domainname, domainname);
33087c478bd9Sstevel@tonic-gate free(domainname);
33097c478bd9Sstevel@tonic-gate domainname = NULL;
33107c478bd9Sstevel@tonic-gate sptr = &space->s_d;
33117c478bd9Sstevel@tonic-gate
33127c478bd9Sstevel@tonic-gate switch (__ns_ldap_trydoorcall(&sptr, &ndata, &adata)) {
3313e1dd0a2fSth case NS_CACHE_SUCCESS:
33147c478bd9Sstevel@tonic-gate break;
3315e1dd0a2fSth case NS_CACHE_NOTFOUND:
33167c478bd9Sstevel@tonic-gate (void) snprintf(errstr, sizeof (errstr),
33177ddae043Siz gettext("Door call to "
33187ddae043Siz "ldap_cachemgr failed - error: %d."),
33197ddae043Siz space->s_d.ldap_ret.ldap_errno);
33207c478bd9Sstevel@tonic-gate MKERROR(LOG_WARNING, *error, NS_CONFIG_CACHEMGR,
3321*51b02b29SToomas Soome strdup(errstr), NS_LDAP_MEMORY);
33227c478bd9Sstevel@tonic-gate free(space);
33237c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED);
33247c478bd9Sstevel@tonic-gate default:
33257c478bd9Sstevel@tonic-gate free(space);
33267c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED);
33277c478bd9Sstevel@tonic-gate }
33287c478bd9Sstevel@tonic-gate
33297ddae043Siz retCode = NS_LDAP_SUCCESS;
33307ddae043Siz
33317c478bd9Sstevel@tonic-gate /* copy info from door call to buffer here */
3332e1dd0a2fSth cfghdr = &sptr->ldap_ret.ldap_u.config_str;
3333e1dd0a2fSth *buflen = offsetof(ldap_config_out_t, config_str) +
3334e1dd0a2fSth cfghdr->data_size + 1;
33357c478bd9Sstevel@tonic-gate *buffer = calloc(*buflen, sizeof (char));
33367c478bd9Sstevel@tonic-gate if (*buffer == NULL) {
33377ddae043Siz retCode = NS_LDAP_MEMORY;
3338e1dd0a2fSth } else
3339e1dd0a2fSth (void) memcpy(*buffer, cfghdr, *buflen - 1);
33407c478bd9Sstevel@tonic-gate
33417c478bd9Sstevel@tonic-gate if (sptr != &space->s_d) {
33427c478bd9Sstevel@tonic-gate (void) munmap((char *)sptr, ndata);
33437c478bd9Sstevel@tonic-gate }
33447ddae043Siz free(space);
33457c478bd9Sstevel@tonic-gate
33467ddae043Siz return (retCode);
33477c478bd9Sstevel@tonic-gate }
33487c478bd9Sstevel@tonic-gate
3349b57459abSJulian Pullen static int
__door_getldapconfig(char ** buffer,int * buflen,ns_ldap_error_t ** error)3350b57459abSJulian Pullen __door_getldapconfig(char **buffer, int *buflen, ns_ldap_error_t **error)
3351b57459abSJulian Pullen {
3352b57459abSJulian Pullen return (__door_getconf(buffer, buflen, error, GETLDAPCONFIGV1));
3353b57459abSJulian Pullen }
3354b57459abSJulian Pullen
3355b57459abSJulian Pullen /*
3356b57459abSJulian Pullen * SetDoorInfoToUnixCred parses ldapcachemgr configuration information
3357b57459abSJulian Pullen * for Admin credentials.
3358b57459abSJulian Pullen */
3359b57459abSJulian Pullen int
SetDoorInfoToUnixCred(char * buffer,ns_ldap_error_t ** errorp,UnixCred_t ** cred)3360b57459abSJulian Pullen SetDoorInfoToUnixCred(char *buffer, ns_ldap_error_t **errorp,
3361a4abf230SToomas Soome UnixCred_t **cred)
3362b57459abSJulian Pullen {
3363b57459abSJulian Pullen UnixCred_t *ptr;
3364b57459abSJulian Pullen char errstr[MAXERROR];
3365b57459abSJulian Pullen char *name, *value, valbuf[BUFSIZE];
3366b57459abSJulian Pullen char *bufptr = buffer;
3367b57459abSJulian Pullen char *strptr;
3368b57459abSJulian Pullen char *rest;
3369b57459abSJulian Pullen ParamIndexType index = 0;
3370b57459abSJulian Pullen ldap_config_out_t *cfghdr;
3371b57459abSJulian Pullen
3372b57459abSJulian Pullen if (errorp == NULL || cred == NULL || *cred == NULL)
3373b57459abSJulian Pullen return (NS_LDAP_INVALID_PARAM);
3374b57459abSJulian Pullen *errorp = NULL;
3375b57459abSJulian Pullen
3376b57459abSJulian Pullen ptr = *cred;
3377b57459abSJulian Pullen
3378b57459abSJulian Pullen cfghdr = (ldap_config_out_t *)bufptr;
3379b57459abSJulian Pullen bufptr = (char *)cfghdr->config_str;
3380b57459abSJulian Pullen
3381b57459abSJulian Pullen strptr = (char *)strtok_r(bufptr, DOORLINESEP, &rest);
3382b57459abSJulian Pullen for (; ; ) {
3383b57459abSJulian Pullen if (strptr == NULL)
3384b57459abSJulian Pullen break;
3385b57459abSJulian Pullen (void) strlcpy(valbuf, strptr, sizeof (valbuf));
3386b57459abSJulian Pullen __s_api_split_key_value(valbuf, &name, &value);
3387b57459abSJulian Pullen if (__ns_ldap_getParamType(name, &index) != 0) {
3388b57459abSJulian Pullen (void) snprintf(errstr, MAXERROR,
3389b57459abSJulian Pullen gettext("SetDoorInfoToUnixCred: "
3390b57459abSJulian Pullen "Unknown keyword encountered '%s'."), name);
3391b57459abSJulian Pullen MKERROR(LOG_ERR, *errorp, NS_CONFIG_SYNTAX,
3392*51b02b29SToomas Soome strdup(errstr), NS_LDAP_MEMORY);
3393b57459abSJulian Pullen return (NS_LDAP_CONFIG);
3394b57459abSJulian Pullen }
3395b57459abSJulian Pullen switch (index) {
3396b57459abSJulian Pullen case NS_LDAP_ADMIN_BINDDN_P:
3397b57459abSJulian Pullen ptr->userID = (char *)strdup(value);
3398b57459abSJulian Pullen break;
3399b57459abSJulian Pullen case NS_LDAP_ADMIN_BINDPASSWD_P:
3400b57459abSJulian Pullen ptr->passwd = (char *)strdup(value);
3401b57459abSJulian Pullen break;
3402b57459abSJulian Pullen default:
3403b57459abSJulian Pullen (void) snprintf(errstr, MAXERROR,
3404b57459abSJulian Pullen gettext("SetDoorInfoToUnixCred: "
3405b57459abSJulian Pullen "Unknown index encountered '%d'."), index);
3406b57459abSJulian Pullen MKERROR(LOG_ERR, *errorp, NS_CONFIG_SYNTAX,
3407*51b02b29SToomas Soome strdup(errstr), NS_LDAP_MEMORY);
3408b57459abSJulian Pullen return (NS_LDAP_CONFIG);
3409b57459abSJulian Pullen }
3410b57459abSJulian Pullen strptr = (char *)strtok_r(NULL, DOORLINESEP, &rest);
3411b57459abSJulian Pullen }
3412b57459abSJulian Pullen
3413b57459abSJulian Pullen return (NS_LDAP_SUCCESS);
3414b57459abSJulian Pullen }
3415b57459abSJulian Pullen
34167c478bd9Sstevel@tonic-gate /*
34177c478bd9Sstevel@tonic-gate * SetDoorInfo parses ldapcachemgr configuration information
34187c478bd9Sstevel@tonic-gate * and verifies that the profile is version 1 or version 2 based.
34197c478bd9Sstevel@tonic-gate * version 2 profiles must have a version number as the first profile
34207c478bd9Sstevel@tonic-gate * attribute in the configuration.
34217c478bd9Sstevel@tonic-gate */
34227c478bd9Sstevel@tonic-gate static ns_config_t *
SetDoorInfo(char * buffer,ns_ldap_error_t ** errorp)34237c478bd9Sstevel@tonic-gate SetDoorInfo(char *buffer, ns_ldap_error_t **errorp)
34247c478bd9Sstevel@tonic-gate {
34257c478bd9Sstevel@tonic-gate ns_config_t *ptr;
34267c478bd9Sstevel@tonic-gate char errstr[MAXERROR], errbuf[MAXERROR];
34277c478bd9Sstevel@tonic-gate char *name, *value, valbuf[BUFSIZE];
34287c478bd9Sstevel@tonic-gate char *strptr;
34297c478bd9Sstevel@tonic-gate char *rest;
34307c478bd9Sstevel@tonic-gate char *bufptr = buffer;
34317c478bd9Sstevel@tonic-gate ParamIndexType i;
34327c478bd9Sstevel@tonic-gate int ret;
34337c478bd9Sstevel@tonic-gate int first = 1;
34347c478bd9Sstevel@tonic-gate int errfnd = 0;
3435e1dd0a2fSth ldap_config_out_t *cfghdr;
34367c478bd9Sstevel@tonic-gate
34377c478bd9Sstevel@tonic-gate if (errorp == NULL)
34387c478bd9Sstevel@tonic-gate return (NULL);
34397c478bd9Sstevel@tonic-gate *errorp = NULL;
34407c478bd9Sstevel@tonic-gate
34417c478bd9Sstevel@tonic-gate ptr = __s_api_create_config();
34427c478bd9Sstevel@tonic-gate if (ptr == NULL) {
34437c478bd9Sstevel@tonic-gate return (NULL);
34447c478bd9Sstevel@tonic-gate }
34457c478bd9Sstevel@tonic-gate
3446e1dd0a2fSth /* get config cookie from the header */
3447e1dd0a2fSth cfghdr = (ldap_config_out_t *)bufptr;
3448e1dd0a2fSth ptr->config_cookie = cfghdr->cookie;
3449e1dd0a2fSth bufptr = (char *)cfghdr->config_str;
3450e1dd0a2fSth
34517c478bd9Sstevel@tonic-gate strptr = (char *)strtok_r(bufptr, DOORLINESEP, &rest);
34527c478bd9Sstevel@tonic-gate for (; ; ) {
34537c478bd9Sstevel@tonic-gate if (strptr == NULL)
34547c478bd9Sstevel@tonic-gate break;
34557c478bd9Sstevel@tonic-gate (void) strlcpy(valbuf, strptr, sizeof (valbuf));
34567c478bd9Sstevel@tonic-gate __s_api_split_key_value(valbuf, &name, &value);
34577c478bd9Sstevel@tonic-gate /* Use get_versiontype and check for V1 vs V2 prototypes */
34587c478bd9Sstevel@tonic-gate if (__s_api_get_versiontype(ptr, name, &i) < 0) {
34597c478bd9Sstevel@tonic-gate (void) snprintf(errstr, sizeof (errstr),
34607ddae043Siz "%s (%s)\n",
34617ddae043Siz gettext("Illegal profile entry "
34627ddae043Siz "line in configuration."),
34637ddae043Siz name);
34647c478bd9Sstevel@tonic-gate errfnd++;
34657c478bd9Sstevel@tonic-gate /* Write verify routines and get rid of verify_value here */
34667c478bd9Sstevel@tonic-gate } else if (verify_value(ptr, name,
34677ddae043Siz value, errbuf) != NS_SUCCESS) {
34687c478bd9Sstevel@tonic-gate (void) snprintf(errstr, sizeof (errstr),
34697ddae043Siz gettext("%s\n"), errbuf);
34707c478bd9Sstevel@tonic-gate errfnd++;
34717c478bd9Sstevel@tonic-gate } else if (!first && i == NS_LDAP_FILE_VERSION_P) {
34727c478bd9Sstevel@tonic-gate (void) snprintf(errstr, sizeof (errstr),
34737ddae043Siz gettext("Illegal NS_LDAP_FILE_VERSION "
34747ddae043Siz "line in configuration.\n"));
34757c478bd9Sstevel@tonic-gate errfnd++;
34767c478bd9Sstevel@tonic-gate }
34777c478bd9Sstevel@tonic-gate if (errfnd) {
34787c478bd9Sstevel@tonic-gate MKERROR(LOG_ERR, *errorp, NS_CONFIG_SYNTAX,
34797ddae043Siz strdup(errstr), NULL);
34807c478bd9Sstevel@tonic-gate } else {
34817c478bd9Sstevel@tonic-gate ret = set_default_value(ptr, name, value, errorp);
34827c478bd9Sstevel@tonic-gate }
34837c478bd9Sstevel@tonic-gate if (errfnd || ret != NS_SUCCESS) {
34847c478bd9Sstevel@tonic-gate __s_api_destroy_config(ptr);
34857c478bd9Sstevel@tonic-gate return (NULL);
34867c478bd9Sstevel@tonic-gate }
34877c478bd9Sstevel@tonic-gate first = 0;
34887c478bd9Sstevel@tonic-gate
34897c478bd9Sstevel@tonic-gate strptr = (char *)strtok_r(NULL, DOORLINESEP, &rest);
34907c478bd9Sstevel@tonic-gate }
34917c478bd9Sstevel@tonic-gate
34927c478bd9Sstevel@tonic-gate if (__s_api_crosscheck(ptr, errstr, B_TRUE) != NS_SUCCESS) {
34937c478bd9Sstevel@tonic-gate __s_api_destroy_config(ptr);
34947c478bd9Sstevel@tonic-gate MKERROR(LOG_WARNING, *errorp, NS_CONFIG_SYNTAX, strdup(errstr),
34957ddae043Siz NULL);
34967c478bd9Sstevel@tonic-gate return (NULL);
34977c478bd9Sstevel@tonic-gate }
34987c478bd9Sstevel@tonic-gate
34997c478bd9Sstevel@tonic-gate return (ptr);
35007c478bd9Sstevel@tonic-gate }
35017c478bd9Sstevel@tonic-gate
35027c478bd9Sstevel@tonic-gate static ns_config_t *
LoadCacheConfiguration(ns_config_t * oldcfg,ns_ldap_error_t ** error)3503e1dd0a2fSth LoadCacheConfiguration(ns_config_t *oldcfg, ns_ldap_error_t **error)
35047c478bd9Sstevel@tonic-gate {
35057c478bd9Sstevel@tonic-gate char *buffer = NULL;
35067c478bd9Sstevel@tonic-gate int buflen = 0;
35077c478bd9Sstevel@tonic-gate int ret;
35087c478bd9Sstevel@tonic-gate ns_config_t *cfg;
3509e1dd0a2fSth ldap_config_out_t *cfghdr;
3510e1dd0a2fSth ldap_get_chg_cookie_t old_cookie;
3511e1dd0a2fSth ldap_get_chg_cookie_t new_cookie;
35127c478bd9Sstevel@tonic-gate
35137c478bd9Sstevel@tonic-gate *error = NULL;
35147c478bd9Sstevel@tonic-gate ret = __door_getldapconfig(&buffer, &buflen, error);
35157c478bd9Sstevel@tonic-gate
35167c478bd9Sstevel@tonic-gate if (ret != NS_LDAP_SUCCESS) {
35177c478bd9Sstevel@tonic-gate if (*error != NULL && (*error)->message != NULL)
35187c478bd9Sstevel@tonic-gate syslog(LOG_WARNING, "libsldap: %s", (*error)->message);
35197c478bd9Sstevel@tonic-gate return (NULL);
35207c478bd9Sstevel@tonic-gate }
35217c478bd9Sstevel@tonic-gate
3522e1dd0a2fSth /* No need to reload configuration if config cookie is the same */
3523e1dd0a2fSth cfghdr = (ldap_config_out_t *)buffer;
3524e1dd0a2fSth new_cookie = cfghdr->cookie;
3525e1dd0a2fSth if (oldcfg != NULL)
3526e1dd0a2fSth old_cookie = oldcfg->config_cookie;
3527e1dd0a2fSth
3528e1dd0a2fSth if (oldcfg != NULL && old_cookie.mgr_pid == new_cookie.mgr_pid &&
3529e1dd0a2fSth old_cookie.seq_num == new_cookie.seq_num) {
3530e1dd0a2fSth free(buffer);
3531e1dd0a2fSth return (oldcfg);
3532e1dd0a2fSth }
3533e1dd0a2fSth
35347c478bd9Sstevel@tonic-gate /* now convert from door format */
35357c478bd9Sstevel@tonic-gate cfg = SetDoorInfo(buffer, error);
35367c478bd9Sstevel@tonic-gate free(buffer);
35377c478bd9Sstevel@tonic-gate
35387c478bd9Sstevel@tonic-gate if (cfg == NULL && *error != NULL && (*error)->message != NULL)
35397c478bd9Sstevel@tonic-gate syslog(LOG_WARNING, "libsldap: %s", (*error)->message);
35407c478bd9Sstevel@tonic-gate return (cfg);
35417c478bd9Sstevel@tonic-gate }
35427c478bd9Sstevel@tonic-gate
35437c478bd9Sstevel@tonic-gate /*
35447c478bd9Sstevel@tonic-gate * converts the time string into seconds. The time string can be specified
35457c478bd9Sstevel@tonic-gate * using one of the following time units:
35467c478bd9Sstevel@tonic-gate * #s (# of seconds)
35477c478bd9Sstevel@tonic-gate * #m (# of minutes)
35487c478bd9Sstevel@tonic-gate * #h (# of hours)
35497c478bd9Sstevel@tonic-gate * #d (# of days)
35507c478bd9Sstevel@tonic-gate * #w (# of weeks)
35517c478bd9Sstevel@tonic-gate * NOTE: you can only specify one the above. No combination of the above
35527c478bd9Sstevel@tonic-gate * units is allowed. If no unit specified, it will default to "seconds".
35537c478bd9Sstevel@tonic-gate */
35547c478bd9Sstevel@tonic-gate static time_t
conv_time(char * s)35557c478bd9Sstevel@tonic-gate conv_time(char *s)
35567c478bd9Sstevel@tonic-gate {
35577c478bd9Sstevel@tonic-gate time_t t;
35587c478bd9Sstevel@tonic-gate char c;
35597c478bd9Sstevel@tonic-gate int l, m;
35607c478bd9Sstevel@tonic-gate long tot;
35617c478bd9Sstevel@tonic-gate
35627c478bd9Sstevel@tonic-gate l = strlen(s);
35637c478bd9Sstevel@tonic-gate if (l == 0)
35647c478bd9Sstevel@tonic-gate return (0);
35657c478bd9Sstevel@tonic-gate c = s[--l];
35667c478bd9Sstevel@tonic-gate m = 0;
35677c478bd9Sstevel@tonic-gate switch (c) {
35687c478bd9Sstevel@tonic-gate case 'w': /* weeks */
35697c478bd9Sstevel@tonic-gate m = 604800;
35707c478bd9Sstevel@tonic-gate break;
35717c478bd9Sstevel@tonic-gate case 'd': /* days */
35727c478bd9Sstevel@tonic-gate m = 86400;
35737c478bd9Sstevel@tonic-gate break;
35747c478bd9Sstevel@tonic-gate case 'h': /* hours */
35757c478bd9Sstevel@tonic-gate m = 3600;
35767c478bd9Sstevel@tonic-gate break;
35777c478bd9Sstevel@tonic-gate case 'm': /* minutes */
35787c478bd9Sstevel@tonic-gate m = 60;
35797c478bd9Sstevel@tonic-gate break;
35807c478bd9Sstevel@tonic-gate case 's': /* seconds */
35817c478bd9Sstevel@tonic-gate m = 1;
35827c478bd9Sstevel@tonic-gate break;
35837c478bd9Sstevel@tonic-gate /* the default case is set to "second" */
35847c478bd9Sstevel@tonic-gate }
35857c478bd9Sstevel@tonic-gate if (m != 0)
35867c478bd9Sstevel@tonic-gate s[l] = '\0';
35877c478bd9Sstevel@tonic-gate else
35887c478bd9Sstevel@tonic-gate m = 1;
35897c478bd9Sstevel@tonic-gate errno = 0;
35907c478bd9Sstevel@tonic-gate tot = atol(s);
35917c478bd9Sstevel@tonic-gate if ((0 == tot) && (EINVAL == errno))
35927c478bd9Sstevel@tonic-gate return (0);
35937c478bd9Sstevel@tonic-gate if (((LONG_MAX == tot) || (LONG_MIN == tot)) && (EINVAL == errno))
35947c478bd9Sstevel@tonic-gate return (0);
35957c478bd9Sstevel@tonic-gate
35967c478bd9Sstevel@tonic-gate tot = tot * m;
35977c478bd9Sstevel@tonic-gate t = (time_t)tot;
35987c478bd9Sstevel@tonic-gate return (t);
35997c478bd9Sstevel@tonic-gate }
36007c478bd9Sstevel@tonic-gate
36017c478bd9Sstevel@tonic-gate
36027c478bd9Sstevel@tonic-gate ns_auth_t *
__s_api_AuthEnumtoStruct(const EnumAuthType_t i)36037c478bd9Sstevel@tonic-gate __s_api_AuthEnumtoStruct(const EnumAuthType_t i)
36047c478bd9Sstevel@tonic-gate {
36057c478bd9Sstevel@tonic-gate ns_auth_t *ap;
36067c478bd9Sstevel@tonic-gate
36077c478bd9Sstevel@tonic-gate ap = (ns_auth_t *)calloc(1, sizeof (ns_auth_t));
36087c478bd9Sstevel@tonic-gate if (ap == NULL)
36097c478bd9Sstevel@tonic-gate return (NULL);
36107c478bd9Sstevel@tonic-gate switch (i) {
36117c478bd9Sstevel@tonic-gate case NS_LDAP_EA_NONE:
36127c478bd9Sstevel@tonic-gate break;
36137c478bd9Sstevel@tonic-gate case NS_LDAP_EA_SIMPLE:
36147c478bd9Sstevel@tonic-gate ap->type = NS_LDAP_AUTH_SIMPLE;
36157c478bd9Sstevel@tonic-gate break;
36167c478bd9Sstevel@tonic-gate case NS_LDAP_EA_SASL_CRAM_MD5:
36177c478bd9Sstevel@tonic-gate ap->type = NS_LDAP_AUTH_SASL;
36187c478bd9Sstevel@tonic-gate ap->saslmech = NS_LDAP_SASL_CRAM_MD5;
36197c478bd9Sstevel@tonic-gate break;
36207c478bd9Sstevel@tonic-gate case NS_LDAP_EA_SASL_DIGEST_MD5:
36217c478bd9Sstevel@tonic-gate ap->type = NS_LDAP_AUTH_SASL;
36227c478bd9Sstevel@tonic-gate ap->saslmech = NS_LDAP_SASL_DIGEST_MD5;
36237c478bd9Sstevel@tonic-gate break;
36247c478bd9Sstevel@tonic-gate case NS_LDAP_EA_SASL_DIGEST_MD5_INT:
36257c478bd9Sstevel@tonic-gate ap->type = NS_LDAP_AUTH_SASL;
36267c478bd9Sstevel@tonic-gate ap->saslmech = NS_LDAP_SASL_DIGEST_MD5;
36277c478bd9Sstevel@tonic-gate ap->saslopt = NS_LDAP_SASLOPT_INT;
36287c478bd9Sstevel@tonic-gate break;
36297c478bd9Sstevel@tonic-gate case NS_LDAP_EA_SASL_DIGEST_MD5_CONF:
36307c478bd9Sstevel@tonic-gate ap->type = NS_LDAP_AUTH_SASL;
36317c478bd9Sstevel@tonic-gate ap->saslmech = NS_LDAP_SASL_DIGEST_MD5;
36327c478bd9Sstevel@tonic-gate ap->saslopt = NS_LDAP_SASLOPT_PRIV;
36337c478bd9Sstevel@tonic-gate break;
36347c478bd9Sstevel@tonic-gate case NS_LDAP_EA_SASL_EXTERNAL:
36357c478bd9Sstevel@tonic-gate ap->type = NS_LDAP_AUTH_SASL;
36367c478bd9Sstevel@tonic-gate ap->saslmech = NS_LDAP_SASL_EXTERNAL;
36377c478bd9Sstevel@tonic-gate break;
3638cb5caa98Sdjl case NS_LDAP_EA_SASL_GSSAPI:
3639cb5caa98Sdjl ap->type = NS_LDAP_AUTH_SASL;
3640cb5caa98Sdjl ap->saslmech = NS_LDAP_SASL_GSSAPI;
3641cb5caa98Sdjl ap->saslopt = NS_LDAP_SASLOPT_INT |
36427ddae043Siz NS_LDAP_SASLOPT_PRIV;
3643cb5caa98Sdjl break;
36447c478bd9Sstevel@tonic-gate case NS_LDAP_EA_TLS_NONE:
36457c478bd9Sstevel@tonic-gate ap->type = NS_LDAP_AUTH_TLS;
36467c478bd9Sstevel@tonic-gate ap->tlstype = NS_LDAP_TLS_NONE;
36477c478bd9Sstevel@tonic-gate break;
36487c478bd9Sstevel@tonic-gate case NS_LDAP_EA_TLS_SIMPLE:
36497c478bd9Sstevel@tonic-gate ap->type = NS_LDAP_AUTH_TLS;
36507c478bd9Sstevel@tonic-gate ap->tlstype = NS_LDAP_TLS_SIMPLE;
36517c478bd9Sstevel@tonic-gate break;
36527c478bd9Sstevel@tonic-gate case NS_LDAP_EA_TLS_SASL_CRAM_MD5:
36537c478bd9Sstevel@tonic-gate ap->type = NS_LDAP_AUTH_TLS;
36547c478bd9Sstevel@tonic-gate ap->tlstype = NS_LDAP_TLS_SASL;
36557c478bd9Sstevel@tonic-gate ap->saslmech = NS_LDAP_SASL_CRAM_MD5;
36567c478bd9Sstevel@tonic-gate break;
36577c478bd9Sstevel@tonic-gate case NS_LDAP_EA_TLS_SASL_DIGEST_MD5:
36587c478bd9Sstevel@tonic-gate ap->type = NS_LDAP_AUTH_TLS;
36597c478bd9Sstevel@tonic-gate ap->tlstype = NS_LDAP_TLS_SASL;
36607c478bd9Sstevel@tonic-gate ap->saslmech = NS_LDAP_SASL_DIGEST_MD5;
36617c478bd9Sstevel@tonic-gate break;
36627c478bd9Sstevel@tonic-gate case NS_LDAP_EA_TLS_SASL_DIGEST_MD5_INT:
36637c478bd9Sstevel@tonic-gate ap->type = NS_LDAP_AUTH_TLS;
36647c478bd9Sstevel@tonic-gate ap->tlstype = NS_LDAP_TLS_SASL;
36657c478bd9Sstevel@tonic-gate ap->saslmech = NS_LDAP_SASL_DIGEST_MD5;
36667c478bd9Sstevel@tonic-gate ap->saslopt = NS_LDAP_SASLOPT_INT;
36677c478bd9Sstevel@tonic-gate break;
36687c478bd9Sstevel@tonic-gate case NS_LDAP_EA_TLS_SASL_DIGEST_MD5_CONF:
36697c478bd9Sstevel@tonic-gate ap->type = NS_LDAP_AUTH_TLS;
36707c478bd9Sstevel@tonic-gate ap->tlstype = NS_LDAP_TLS_SASL;
36717c478bd9Sstevel@tonic-gate ap->saslmech = NS_LDAP_SASL_DIGEST_MD5;
36727c478bd9Sstevel@tonic-gate ap->saslopt = NS_LDAP_SASLOPT_PRIV;
36737c478bd9Sstevel@tonic-gate break;
36747c478bd9Sstevel@tonic-gate case NS_LDAP_EA_TLS_SASL_EXTERNAL:
36757c478bd9Sstevel@tonic-gate ap->type = NS_LDAP_AUTH_TLS;
36767c478bd9Sstevel@tonic-gate ap->tlstype = NS_LDAP_TLS_SASL;
36777c478bd9Sstevel@tonic-gate ap->saslmech = NS_LDAP_SASL_EXTERNAL;
36787c478bd9Sstevel@tonic-gate break;
36797c478bd9Sstevel@tonic-gate default:
36807c478bd9Sstevel@tonic-gate /* should never get here */
36817c478bd9Sstevel@tonic-gate free(ap);
36827c478bd9Sstevel@tonic-gate return (NULL);
36837c478bd9Sstevel@tonic-gate }
36847c478bd9Sstevel@tonic-gate return (ap);
36857c478bd9Sstevel@tonic-gate }
36867c478bd9Sstevel@tonic-gate
36877c478bd9Sstevel@tonic-gate
36887c478bd9Sstevel@tonic-gate /*
36897c478bd9Sstevel@tonic-gate * Parameter Index Type validation routines
36907c478bd9Sstevel@tonic-gate */
36917c478bd9Sstevel@tonic-gate
36927c478bd9Sstevel@tonic-gate /* Validate a positive integer */
36937c478bd9Sstevel@tonic-gate /* Size of errbuf needs to be MAXERROR */
36947c478bd9Sstevel@tonic-gate /* ARGSUSED */
36957c478bd9Sstevel@tonic-gate static int
__s_val_postime(ParamIndexType i,ns_default_config * def,ns_param_t * param,char * errbuf)36967c478bd9Sstevel@tonic-gate __s_val_postime(ParamIndexType i, ns_default_config *def,
3697a4abf230SToomas Soome ns_param_t *param, char *errbuf)
36987c478bd9Sstevel@tonic-gate {
36997c478bd9Sstevel@tonic-gate char *cp;
37007c478bd9Sstevel@tonic-gate long tot;
37017c478bd9Sstevel@tonic-gate
37027c478bd9Sstevel@tonic-gate if (param && param->ns_ptype == CHARPTR && param->ns_pc) {
37037c478bd9Sstevel@tonic-gate for (cp = param->ns_pc; cp && *cp; cp++) {
37047c478bd9Sstevel@tonic-gate if (*cp >= '0' && *cp <= '9')
37057c478bd9Sstevel@tonic-gate continue;
37067c478bd9Sstevel@tonic-gate switch (*cp) {
37077c478bd9Sstevel@tonic-gate case 'w': /* weeks */
37087c478bd9Sstevel@tonic-gate case 'd': /* days */
37097c478bd9Sstevel@tonic-gate case 'h': /* hours */
37107c478bd9Sstevel@tonic-gate case 'm': /* minutes */
37117c478bd9Sstevel@tonic-gate case 's': /* seconds */
37127c478bd9Sstevel@tonic-gate if (*(cp+1) == '\0') {
37137c478bd9Sstevel@tonic-gate break;
37147c478bd9Sstevel@tonic-gate }
3715a17ca6b1SToomas Soome /* FALLTHROUGH */
37167c478bd9Sstevel@tonic-gate default:
37177c478bd9Sstevel@tonic-gate (void) strcpy(errbuf, "Illegal time value");
37187c478bd9Sstevel@tonic-gate return (NS_PARSE_ERR);
37197c478bd9Sstevel@tonic-gate }
37207c478bd9Sstevel@tonic-gate }
37217c478bd9Sstevel@tonic-gate /* Valid form: [0-9][0-9]*[wdhms]* */
37227c478bd9Sstevel@tonic-gate tot = atol(param->ns_pc); /* check overflow */
37237c478bd9Sstevel@tonic-gate if (tot >= 0)
37247c478bd9Sstevel@tonic-gate return (NS_SUCCESS);
37257c478bd9Sstevel@tonic-gate }
37267c478bd9Sstevel@tonic-gate (void) snprintf(errbuf, MAXERROR,
37277ddae043Siz gettext("Illegal time value in %s"), def->name);
37287c478bd9Sstevel@tonic-gate return (NS_PARSE_ERR);
37297c478bd9Sstevel@tonic-gate }
37307c478bd9Sstevel@tonic-gate
37317c478bd9Sstevel@tonic-gate
37327c478bd9Sstevel@tonic-gate /* Validate the Base DN */
37337c478bd9Sstevel@tonic-gate /* It can be empty (RootDSE request) or needs to have an '=' */
37347c478bd9Sstevel@tonic-gate /* Size of errbuf needs to be MAXERROR */
37357c478bd9Sstevel@tonic-gate /* ARGSUSED */
37367c478bd9Sstevel@tonic-gate static int
__s_val_basedn(ParamIndexType i,ns_default_config * def,ns_param_t * param,char * errbuf)37377c478bd9Sstevel@tonic-gate __s_val_basedn(ParamIndexType i, ns_default_config *def,
3738a4abf230SToomas Soome ns_param_t *param, char *errbuf)
37397c478bd9Sstevel@tonic-gate {
37407c478bd9Sstevel@tonic-gate if (param && param->ns_ptype == CHARPTR &&
37417c478bd9Sstevel@tonic-gate i == NS_LDAP_SEARCH_BASEDN_P &&
37427ddae043Siz ((param->ns_pc == NULL) || /* empty */
37437ddae043Siz (*(param->ns_pc) == '\0') || /* empty */
37447ddae043Siz (strchr(param->ns_pc, '=') != NULL))) /* '=' */
37457c478bd9Sstevel@tonic-gate {
37467c478bd9Sstevel@tonic-gate return (NS_SUCCESS);
37477c478bd9Sstevel@tonic-gate }
37487c478bd9Sstevel@tonic-gate (void) snprintf(errbuf, MAXERROR,
37497ddae043Siz gettext("Non-existent or invalid DN in %s"),
37507ddae043Siz def->name);
37517c478bd9Sstevel@tonic-gate return (NS_PARSE_ERR);
37527c478bd9Sstevel@tonic-gate }
37537c478bd9Sstevel@tonic-gate
37547c478bd9Sstevel@tonic-gate
37557c478bd9Sstevel@tonic-gate /* Validate the serverList */
37567c478bd9Sstevel@tonic-gate /* For each server in list, check if valid IP or hostname */
37577c478bd9Sstevel@tonic-gate /* Size of errbuf needs to be MAXERROR */
37587c478bd9Sstevel@tonic-gate /* ARGSUSED */
37597c478bd9Sstevel@tonic-gate static int
__s_val_serverList(ParamIndexType i,ns_default_config * def,ns_param_t * param,char * errbuf)37607c478bd9Sstevel@tonic-gate __s_val_serverList(ParamIndexType i, ns_default_config *def,
3761a4abf230SToomas Soome ns_param_t *param, char *errbuf)
37627c478bd9Sstevel@tonic-gate {
37637c478bd9Sstevel@tonic-gate for (i = 0; i < param->ns_acnt; i++) {
37647c478bd9Sstevel@tonic-gate if ((__s_api_isipv4(param->ns_ppc[i])) ||
37657ddae043Siz (__s_api_isipv6(param->ns_ppc[i])) ||
37667ddae043Siz (__s_api_ishost(param->ns_ppc[i]))) {
37677c478bd9Sstevel@tonic-gate continue;
37687c478bd9Sstevel@tonic-gate }
37697c478bd9Sstevel@tonic-gate /* err */
37707c478bd9Sstevel@tonic-gate (void) snprintf(errbuf, MAXERROR,
37717ddae043Siz gettext("Invalid server (%s) in %s"),
37727ddae043Siz param->ns_ppc[i], def->name);
37737c478bd9Sstevel@tonic-gate return (NS_PARSE_ERR);
37747c478bd9Sstevel@tonic-gate }
37757c478bd9Sstevel@tonic-gate
37767c478bd9Sstevel@tonic-gate return (NS_SUCCESS);
37777c478bd9Sstevel@tonic-gate }
37787c478bd9Sstevel@tonic-gate
37797c478bd9Sstevel@tonic-gate
37807c478bd9Sstevel@tonic-gate /* Check for a BINDDN */
37817c478bd9Sstevel@tonic-gate /* It can not be empty and needs to have an '=' */
37827c478bd9Sstevel@tonic-gate /* Size of errbuf needs to be MAXERROR */
37837c478bd9Sstevel@tonic-gate /* ARGSUSED */
37847c478bd9Sstevel@tonic-gate static int
__s_val_binddn(ParamIndexType i,ns_default_config * def,ns_param_t * param,char * errbuf)37857c478bd9Sstevel@tonic-gate __s_val_binddn(ParamIndexType i, ns_default_config *def,
3786a4abf230SToomas Soome ns_param_t *param, char *errbuf)
37877c478bd9Sstevel@tonic-gate {
3788dd1104fbSMichen Chang char *dntype;
3789dd1104fbSMichen Chang
37907c478bd9Sstevel@tonic-gate if (param && param->ns_ptype == CHARPTR &&
3791dd1104fbSMichen Chang (i == NS_LDAP_BINDDN_P || i == NS_LDAP_ADMIN_BINDDN_P) &&
37927ddae043Siz ((param->ns_pc == NULL) ||
37937ddae043Siz ((*(param->ns_pc) != '\0') &&
37947ddae043Siz (strchr(param->ns_pc, '=') != NULL)))) {
37957c478bd9Sstevel@tonic-gate return (NS_SUCCESS);
37967c478bd9Sstevel@tonic-gate }
3797dd1104fbSMichen Chang if (i == NS_LDAP_BINDDN_P)
3798dd1104fbSMichen Chang dntype = "proxy";
3799dd1104fbSMichen Chang else
3800dd1104fbSMichen Chang dntype = "update";
38017c478bd9Sstevel@tonic-gate (void) snprintf(errbuf, MAXERROR,
3802dd1104fbSMichen Chang gettext("NULL or invalid %s bind DN"), dntype);
38037c478bd9Sstevel@tonic-gate return (NS_PARSE_ERR);
38047c478bd9Sstevel@tonic-gate }
38057c478bd9Sstevel@tonic-gate
38067c478bd9Sstevel@tonic-gate
38077c478bd9Sstevel@tonic-gate /* Check for a BINDPASSWD */
38087c478bd9Sstevel@tonic-gate /* The string can not be NULL or empty */
38097c478bd9Sstevel@tonic-gate /* Size of errbuf needs to be MAXERROR */
38107c478bd9Sstevel@tonic-gate /* ARGSUSED */
38117c478bd9Sstevel@tonic-gate static int
__s_val_bindpw(ParamIndexType i,ns_default_config * def,ns_param_t * param,char * errbuf)38127c478bd9Sstevel@tonic-gate __s_val_bindpw(ParamIndexType i, ns_default_config *def,
3813a4abf230SToomas Soome ns_param_t *param, char *errbuf)
38147c478bd9Sstevel@tonic-gate {
3815dd1104fbSMichen Chang char *pwtype;
3816dd1104fbSMichen Chang
38177c478bd9Sstevel@tonic-gate if (param && param->ns_ptype == CHARPTR &&
3818dd1104fbSMichen Chang (i == NS_LDAP_BINDPASSWD_P || i == NS_LDAP_ADMIN_BINDPASSWD_P) &&
38197ddae043Siz ((param->ns_pc == NULL) ||
38207ddae043Siz (*(param->ns_pc) != '\0'))) {
38217c478bd9Sstevel@tonic-gate return (NS_SUCCESS);
38227c478bd9Sstevel@tonic-gate }
3823dd1104fbSMichen Chang if (i == NS_LDAP_BINDPASSWD_P)
3824dd1104fbSMichen Chang pwtype = "proxy";
3825dd1104fbSMichen Chang else
3826dd1104fbSMichen Chang pwtype = "admin";
38277c478bd9Sstevel@tonic-gate (void) snprintf(errbuf, MAXERROR,
3828dd1104fbSMichen Chang gettext("NULL %s bind password"), pwtype);
38297c478bd9Sstevel@tonic-gate return (NS_PARSE_ERR);
38307c478bd9Sstevel@tonic-gate }
38317c478bd9Sstevel@tonic-gate
38327c478bd9Sstevel@tonic-gate /*
38337c478bd9Sstevel@tonic-gate * __s_get_hostcertpath returns either the configured host certificate path
38347c478bd9Sstevel@tonic-gate * or, if none, the default host certificate path (/var/ldap). Note that this
38357c478bd9Sstevel@tonic-gate * does not use __ns_ldap_getParam because it may be called during connection
38367c478bd9Sstevel@tonic-gate * setup. This can fail due to insufficient memory.
38377c478bd9Sstevel@tonic-gate */
38387c478bd9Sstevel@tonic-gate
38397c478bd9Sstevel@tonic-gate char *
__s_get_hostcertpath(void)38407c478bd9Sstevel@tonic-gate __s_get_hostcertpath(void)
38417c478bd9Sstevel@tonic-gate {
38427c478bd9Sstevel@tonic-gate ns_config_t *cfg;
38437c478bd9Sstevel@tonic-gate ns_param_t *param;
38447c478bd9Sstevel@tonic-gate char *ret = NULL;
38457c478bd9Sstevel@tonic-gate
38467c478bd9Sstevel@tonic-gate cfg = __s_api_get_default_config();
38477c478bd9Sstevel@tonic-gate if (cfg != NULL) {
38487c478bd9Sstevel@tonic-gate param = &cfg->paramList[NS_LDAP_HOST_CERTPATH_P];
38497c478bd9Sstevel@tonic-gate if (param->ns_ptype == CHARPTR)
38507c478bd9Sstevel@tonic-gate ret = strdup(param->ns_pc);
38517c478bd9Sstevel@tonic-gate __s_api_release_config(cfg);
38527c478bd9Sstevel@tonic-gate }
38537c478bd9Sstevel@tonic-gate if (ret == NULL)
38547c478bd9Sstevel@tonic-gate ret = strdup(NSLDAPDIRECTORY);
38557c478bd9Sstevel@tonic-gate return (ret);
38567c478bd9Sstevel@tonic-gate }
38577c478bd9Sstevel@tonic-gate
38587c478bd9Sstevel@tonic-gate static void
_free_config()38597c478bd9Sstevel@tonic-gate _free_config()
38607c478bd9Sstevel@tonic-gate {
38617c478bd9Sstevel@tonic-gate if (current_config != NULL)
38627c478bd9Sstevel@tonic-gate destroy_config(current_config);
38637c478bd9Sstevel@tonic-gate
38647c478bd9Sstevel@tonic-gate current_config = NULL;
38657c478bd9Sstevel@tonic-gate }
3866