17c478bd9Sstevel@tonic-gate /* 27c478bd9Sstevel@tonic-gate * CDDL HEADER START 37c478bd9Sstevel@tonic-gate * 47c478bd9Sstevel@tonic-gate * The contents of this file are subject to the terms of the 545916cd2Sjpk * Common Development and Distribution License (the "License"). 645916cd2Sjpk * You may not use this file except in compliance with the License. 77c478bd9Sstevel@tonic-gate * 87c478bd9Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 97c478bd9Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 107c478bd9Sstevel@tonic-gate * See the License for the specific language governing permissions 117c478bd9Sstevel@tonic-gate * and limitations under the License. 127c478bd9Sstevel@tonic-gate * 137c478bd9Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 147c478bd9Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 157c478bd9Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 167c478bd9Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 177c478bd9Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 187c478bd9Sstevel@tonic-gate * 197c478bd9Sstevel@tonic-gate * CDDL HEADER END 207c478bd9Sstevel@tonic-gate */ 21*225376fbSJulian Pullen 227c478bd9Sstevel@tonic-gate /* 23*225376fbSJulian Pullen * Copyright (c) 1999, 2010, Oracle and/or its affiliates. All rights reserved. 247c478bd9Sstevel@tonic-gate */ 257c478bd9Sstevel@tonic-gate 267c478bd9Sstevel@tonic-gate #include <stdio.h> 277c478bd9Sstevel@tonic-gate #include <sys/types.h> 287c478bd9Sstevel@tonic-gate #include <stdlib.h> 297c478bd9Sstevel@tonic-gate #include <libintl.h> 307c478bd9Sstevel@tonic-gate 317c478bd9Sstevel@tonic-gate #include <sys/stat.h> 327c478bd9Sstevel@tonic-gate #include <fcntl.h> 337c478bd9Sstevel@tonic-gate #include <unistd.h> 347c478bd9Sstevel@tonic-gate #include <string.h> 357c478bd9Sstevel@tonic-gate #include <strings.h> 367c478bd9Sstevel@tonic-gate #include <lber.h> 377c478bd9Sstevel@tonic-gate #include <ldap.h> 387c478bd9Sstevel@tonic-gate #include <syslog.h> 39dd1104fbSMichen Chang #include <stddef.h> 40dd1104fbSMichen Chang #include <sys/mman.h> 417c478bd9Sstevel@tonic-gate 427c478bd9Sstevel@tonic-gate #include "ns_sldap.h" 437c478bd9Sstevel@tonic-gate #include "ns_internal.h" 44e1dd0a2fSth #include "ns_connmgmt.h" 45dd1104fbSMichen Chang #include "ns_cache_door.h" 467c478bd9Sstevel@tonic-gate 477c478bd9Sstevel@tonic-gate /* Additional headers for addTypedEntry Conversion routines */ 487c478bd9Sstevel@tonic-gate #include <pwd.h> 49e1dd0a2fSth #include <project.h> 507c478bd9Sstevel@tonic-gate #include <shadow.h> 517c478bd9Sstevel@tonic-gate #include <grp.h> 527c478bd9Sstevel@tonic-gate #include <netinet/in.h> 537c478bd9Sstevel@tonic-gate #include <arpa/inet.h> 547c478bd9Sstevel@tonic-gate #include <netdb.h> 557c478bd9Sstevel@tonic-gate #include <rpc/rpcent.h> 567c478bd9Sstevel@tonic-gate #include <auth_attr.h> 577c478bd9Sstevel@tonic-gate #include <exec_attr.h> 587c478bd9Sstevel@tonic-gate #include <prof_attr.h> 597c478bd9Sstevel@tonic-gate #include <user_attr.h> 607c478bd9Sstevel@tonic-gate #include <bsm/libbsm.h> 6145916cd2Sjpk #include <sys/tsol/tndb.h> 6245916cd2Sjpk #include <tsol/label.h> 637c478bd9Sstevel@tonic-gate 64dd1104fbSMichen Chang static int send_to_cachemgr(const char *, 65dd1104fbSMichen Chang ns_ldap_attr_t **, ns_ldap_error_t **); 6650b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India 6750b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India static int escape_str(char *, char *); 6850b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India 697c478bd9Sstevel@tonic-gate /* 707c478bd9Sstevel@tonic-gate * If the rdn is a mapped attr: 717c478bd9Sstevel@tonic-gate * return NS_LDAP_SUCCESS and a new_dn. 727c478bd9Sstevel@tonic-gate * If no mapped attr is found in the rdn: 737c478bd9Sstevel@tonic-gate * return NS_LDAP_SUCCESS and *new_dn == NULL 747c478bd9Sstevel@tonic-gate * For example: 757c478bd9Sstevel@tonic-gate * service = abc 767c478bd9Sstevel@tonic-gate * dn = cn=foo,dc=bar,dc=com 777c478bd9Sstevel@tonic-gate * attributeMapping: abc:cn=sn 787c478bd9Sstevel@tonic-gate * Then: 797c478bd9Sstevel@tonic-gate * new_dn = sn=foo,dc=bar,dc=com 807c478bd9Sstevel@tonic-gate * 817c478bd9Sstevel@tonic-gate */ 827c478bd9Sstevel@tonic-gate static int 837c478bd9Sstevel@tonic-gate replace_mapped_attr_in_dn( 847c478bd9Sstevel@tonic-gate const char *service, const char *dn, char **new_dn) 857c478bd9Sstevel@tonic-gate { 867c478bd9Sstevel@tonic-gate char **mappedattr; 877c478bd9Sstevel@tonic-gate char **dnArray = NULL; 887c478bd9Sstevel@tonic-gate char *rservice; 897c478bd9Sstevel@tonic-gate char *cur = NULL; 907c478bd9Sstevel@tonic-gate int len = 0, orig_len = 0, mapped_len = 0; 917c478bd9Sstevel@tonic-gate int dn_len = 0; 927c478bd9Sstevel@tonic-gate 937c478bd9Sstevel@tonic-gate *new_dn = NULL; 947c478bd9Sstevel@tonic-gate 957c478bd9Sstevel@tonic-gate /* 96da6c28aaSamw * separate dn into individual componets 977c478bd9Sstevel@tonic-gate * e.g. 987c478bd9Sstevel@tonic-gate * "automountKey=user_01" , "automountMapName_test=auto_home", ... 997c478bd9Sstevel@tonic-gate */ 1007c478bd9Sstevel@tonic-gate dnArray = ldap_explode_dn(dn, 0); 1017c478bd9Sstevel@tonic-gate if (!dnArray || !*dnArray) 1027c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 1037c478bd9Sstevel@tonic-gate 1047c478bd9Sstevel@tonic-gate cur = strchr(dnArray[0], '='); 1057c478bd9Sstevel@tonic-gate if (!cur) { 1067c478bd9Sstevel@tonic-gate __s_api_free2dArray(dnArray); 1077c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 1087c478bd9Sstevel@tonic-gate } 1097c478bd9Sstevel@tonic-gate *cur = '\0'; 1107c478bd9Sstevel@tonic-gate 1117c478bd9Sstevel@tonic-gate /* we only check schema mapping for automount, not for auto_* */ 1127c478bd9Sstevel@tonic-gate if (strncasecmp(service, NS_LDAP_TYPE_AUTOMOUNT, 1137c478bd9Sstevel@tonic-gate sizeof (NS_LDAP_TYPE_AUTOMOUNT) - 1) == 0) 1147c478bd9Sstevel@tonic-gate rservice = "automount"; 1157c478bd9Sstevel@tonic-gate else 1167c478bd9Sstevel@tonic-gate rservice = (char *)service; 1177c478bd9Sstevel@tonic-gate 1187c478bd9Sstevel@tonic-gate mappedattr = __ns_ldap_getMappedAttributes(rservice, dnArray[0]); 1197c478bd9Sstevel@tonic-gate if (!mappedattr || !mappedattr[0]) { 1207c478bd9Sstevel@tonic-gate __s_api_free2dArray(dnArray); 1217c478bd9Sstevel@tonic-gate if (mappedattr) 1227c478bd9Sstevel@tonic-gate __s_api_free2dArray(mappedattr); 1237c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 1247c478bd9Sstevel@tonic-gate } 1257c478bd9Sstevel@tonic-gate orig_len = strlen(dnArray[0]); 1267c478bd9Sstevel@tonic-gate 1277c478bd9Sstevel@tonic-gate /* 1287c478bd9Sstevel@tonic-gate * The new length is *dn length + (difference between 1297c478bd9Sstevel@tonic-gate * orig attr and mapped attr) + 1 ; 1307c478bd9Sstevel@tonic-gate * e.g. 1317c478bd9Sstevel@tonic-gate * automountKey=aa,automountMapName=auto_home,dc=foo,dc=com 1327c478bd9Sstevel@tonic-gate * ==> 1337c478bd9Sstevel@tonic-gate * cn=aa,automountMapName=auto_home,dc=foo,dc=com 1347c478bd9Sstevel@tonic-gate */ 1357c478bd9Sstevel@tonic-gate mapped_len = strlen(mappedattr[0]); 1367c478bd9Sstevel@tonic-gate dn_len = strlen(dn); 1377c478bd9Sstevel@tonic-gate len = dn_len - orig_len + mapped_len + 1; 1387c478bd9Sstevel@tonic-gate *new_dn = (char *)calloc(1, len); 1397c478bd9Sstevel@tonic-gate if (*new_dn == NULL) { 1407c478bd9Sstevel@tonic-gate __s_api_free2dArray(dnArray); 1417c478bd9Sstevel@tonic-gate __s_api_free2dArray(mappedattr); 1427c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 1437c478bd9Sstevel@tonic-gate } 1447c478bd9Sstevel@tonic-gate 1457c478bd9Sstevel@tonic-gate (void) snprintf(*new_dn, len, "%s=%s", mappedattr[0], dn + orig_len +1); 1467c478bd9Sstevel@tonic-gate __s_api_free2dArray(dnArray); 1477c478bd9Sstevel@tonic-gate __s_api_free2dArray(mappedattr); 1487c478bd9Sstevel@tonic-gate 1497c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 1507c478bd9Sstevel@tonic-gate } 1517c478bd9Sstevel@tonic-gate 1527c478bd9Sstevel@tonic-gate 1537c478bd9Sstevel@tonic-gate /* 1547c478bd9Sstevel@tonic-gate * The following function is only used by the 1557c478bd9Sstevel@tonic-gate * "gecos" 1 to N attribute mapping code. It expects 1567c478bd9Sstevel@tonic-gate * and handle only one data/length pair. 1577c478bd9Sstevel@tonic-gate */ 1587c478bd9Sstevel@tonic-gate static int 1597c478bd9Sstevel@tonic-gate init_bval_mod( 1607c478bd9Sstevel@tonic-gate LDAPMod *mod, 1617c478bd9Sstevel@tonic-gate int mop, 1627c478bd9Sstevel@tonic-gate char *mtype, 1637c478bd9Sstevel@tonic-gate char *mvptr, 1647c478bd9Sstevel@tonic-gate int mvlen) 1657c478bd9Sstevel@tonic-gate { 1667c478bd9Sstevel@tonic-gate 1677c478bd9Sstevel@tonic-gate struct berval **bmodval; 1687c478bd9Sstevel@tonic-gate 1697c478bd9Sstevel@tonic-gate /* dup attribute name */ 1707c478bd9Sstevel@tonic-gate mod->mod_type = strdup(mtype); 1717c478bd9Sstevel@tonic-gate if (mod->mod_type == NULL) 1727c478bd9Sstevel@tonic-gate return (-1); 1737c478bd9Sstevel@tonic-gate 1747c478bd9Sstevel@tonic-gate /* 1757c478bd9Sstevel@tonic-gate * assume single value, 1767c478bd9Sstevel@tonic-gate * since only one value/length pair passed in 1777c478bd9Sstevel@tonic-gate */ 178e1dd0a2fSth bmodval = (struct berval **)calloc(2, sizeof (struct berval *)); 1797c478bd9Sstevel@tonic-gate if (bmodval == NULL) { 1807c478bd9Sstevel@tonic-gate free(mod->mod_type); 1817c478bd9Sstevel@tonic-gate mod->mod_type = NULL; 1827c478bd9Sstevel@tonic-gate return (-1); 1837c478bd9Sstevel@tonic-gate } 184e1dd0a2fSth bmodval[0] = (struct berval *)calloc(1, sizeof (struct berval)); 1857c478bd9Sstevel@tonic-gate if (bmodval[0] == NULL) { 1867c478bd9Sstevel@tonic-gate free(mod->mod_type); 1877c478bd9Sstevel@tonic-gate mod->mod_type = NULL; 1887c478bd9Sstevel@tonic-gate free(bmodval); 1897c478bd9Sstevel@tonic-gate return (-1); 1907c478bd9Sstevel@tonic-gate } 1917c478bd9Sstevel@tonic-gate 1927c478bd9Sstevel@tonic-gate /* set pointer to data */ 1937c478bd9Sstevel@tonic-gate bmodval[0]->bv_val = mvptr; 1947c478bd9Sstevel@tonic-gate 1957c478bd9Sstevel@tonic-gate /* set length */ 1967c478bd9Sstevel@tonic-gate bmodval[0]->bv_len = mvlen; 1977c478bd9Sstevel@tonic-gate 1987c478bd9Sstevel@tonic-gate /* 1997c478bd9Sstevel@tonic-gate * turn on the BVALUE bit to indicate 2007c478bd9Sstevel@tonic-gate * that the length of data is supplied 2017c478bd9Sstevel@tonic-gate */ 2027c478bd9Sstevel@tonic-gate mod->mod_op = mop | LDAP_MOD_BVALUES; 2037c478bd9Sstevel@tonic-gate 2047c478bd9Sstevel@tonic-gate mod->mod_bvalues = bmodval; 2057c478bd9Sstevel@tonic-gate 2067c478bd9Sstevel@tonic-gate return (0); 2077c478bd9Sstevel@tonic-gate } 2087c478bd9Sstevel@tonic-gate 2097c478bd9Sstevel@tonic-gate static void 2107c478bd9Sstevel@tonic-gate freeModList(LDAPMod **mods) 2117c478bd9Sstevel@tonic-gate { 2127c478bd9Sstevel@tonic-gate int i, j; 2137c478bd9Sstevel@tonic-gate int name_is_oc; 2147c478bd9Sstevel@tonic-gate 2157c478bd9Sstevel@tonic-gate if (mods == NULL) 2167c478bd9Sstevel@tonic-gate return; 2177c478bd9Sstevel@tonic-gate 2187c478bd9Sstevel@tonic-gate for (i = 0; mods[i]; i++) { 2197c478bd9Sstevel@tonic-gate 2207c478bd9Sstevel@tonic-gate /* free attribute name */ 2217c478bd9Sstevel@tonic-gate name_is_oc = FALSE; 2227c478bd9Sstevel@tonic-gate if (mods[i]->mod_type) { 223e1dd0a2fSth if (strcasecmp(mods[i]->mod_type, "objectclass") == 0) 2247c478bd9Sstevel@tonic-gate name_is_oc = TRUE; 2257c478bd9Sstevel@tonic-gate free(mods[i]->mod_type); 2267c478bd9Sstevel@tonic-gate } 2277c478bd9Sstevel@tonic-gate 2287c478bd9Sstevel@tonic-gate if (mods[i]->mod_bvalues == NULL) 2297c478bd9Sstevel@tonic-gate continue; 2307c478bd9Sstevel@tonic-gate /* 2317c478bd9Sstevel@tonic-gate * LDAP_MOD_BVALUES is only set by 2327c478bd9Sstevel@tonic-gate * the "gecos" 1 to N attribute mapping 2337c478bd9Sstevel@tonic-gate * code, and the attribute is single valued. 2347c478bd9Sstevel@tonic-gate */ 2357c478bd9Sstevel@tonic-gate if (mods[i]->mod_op & LDAP_MOD_BVALUES) { 2367c478bd9Sstevel@tonic-gate if (mods[i]->mod_bvalues[0]) 2377c478bd9Sstevel@tonic-gate free(mods[i]->mod_bvalues[0]); 2387c478bd9Sstevel@tonic-gate } else { 2397c478bd9Sstevel@tonic-gate if (name_is_oc) { 2407c478bd9Sstevel@tonic-gate /* 2417c478bd9Sstevel@tonic-gate * only values for the "objectclass" 2427c478bd9Sstevel@tonic-gate * were dupped using strdup. 2437c478bd9Sstevel@tonic-gate * other attribute values were 2447c478bd9Sstevel@tonic-gate * not dupped, but via pointer 2457c478bd9Sstevel@tonic-gate * assignment. So here the 2467c478bd9Sstevel@tonic-gate * values for "objectclass" 2477c478bd9Sstevel@tonic-gate * is freed one by one, 2487c478bd9Sstevel@tonic-gate * but the values for other 2497c478bd9Sstevel@tonic-gate * attributes need not be freed. 2507c478bd9Sstevel@tonic-gate */ 2517c478bd9Sstevel@tonic-gate for (j = 0; mods[i]->mod_values[j]; j++) 2527c478bd9Sstevel@tonic-gate free(mods[i]->mod_values[j]); 2537c478bd9Sstevel@tonic-gate } 2547c478bd9Sstevel@tonic-gate 2557c478bd9Sstevel@tonic-gate } 2567c478bd9Sstevel@tonic-gate free(mods[i]->mod_bvalues); 2577c478bd9Sstevel@tonic-gate } 2587c478bd9Sstevel@tonic-gate 2597c478bd9Sstevel@tonic-gate /* modlist */ 2607c478bd9Sstevel@tonic-gate free((char *)(mods[0])); 2617c478bd9Sstevel@tonic-gate free(mods); 2627c478bd9Sstevel@tonic-gate } 2637c478bd9Sstevel@tonic-gate 2647c478bd9Sstevel@tonic-gate static LDAPMod ** 2657c478bd9Sstevel@tonic-gate __s_api_makeModListCount( 2667c478bd9Sstevel@tonic-gate const char *service, 2677c478bd9Sstevel@tonic-gate const ns_ldap_attr_t * const *attr, 2687c478bd9Sstevel@tonic-gate const int mod_op, 2697c478bd9Sstevel@tonic-gate const int count, 2707c478bd9Sstevel@tonic-gate const int flags) 2717c478bd9Sstevel@tonic-gate { 2727c478bd9Sstevel@tonic-gate LDAPMod **mods, *modlist; 2737c478bd9Sstevel@tonic-gate char **modval; 2747c478bd9Sstevel@tonic-gate char **mapping; 2757c478bd9Sstevel@tonic-gate int i; 2767c478bd9Sstevel@tonic-gate int j; 2777c478bd9Sstevel@tonic-gate int k, rc, vlen; 2787c478bd9Sstevel@tonic-gate char *c, *comma1 = NULL, *comma2 = NULL; 2797c478bd9Sstevel@tonic-gate int schema_mapping_existed = FALSE; 2807c478bd9Sstevel@tonic-gate int auto_service = FALSE; 2817c478bd9Sstevel@tonic-gate 2827c478bd9Sstevel@tonic-gate 2837c478bd9Sstevel@tonic-gate /* 2847c478bd9Sstevel@tonic-gate * add 2 for "gecos" 1 to up to 3 attribute mapping 2857c478bd9Sstevel@tonic-gate */ 2867c478bd9Sstevel@tonic-gate mods = (LDAPMod **)calloc((count + 3), sizeof (LDAPMod *)); 2877c478bd9Sstevel@tonic-gate if (mods == NULL) { 2887c478bd9Sstevel@tonic-gate return (NULL); 2897c478bd9Sstevel@tonic-gate } 2907c478bd9Sstevel@tonic-gate /* 2917c478bd9Sstevel@tonic-gate * add 2 for "gecos" 1 to up to 3 attribute mapping 2927c478bd9Sstevel@tonic-gate */ 2937c478bd9Sstevel@tonic-gate modlist = (LDAPMod *)calloc(count + 2, sizeof (LDAPMod)); 2947c478bd9Sstevel@tonic-gate if (modlist == NULL) { 2957c478bd9Sstevel@tonic-gate free(mods); 2967c478bd9Sstevel@tonic-gate return (NULL); 2977c478bd9Sstevel@tonic-gate } 2987c478bd9Sstevel@tonic-gate 2997c478bd9Sstevel@tonic-gate if (service != NULL && strncasecmp(service, NS_LDAP_TYPE_AUTOMOUNT, 3007c478bd9Sstevel@tonic-gate sizeof (NS_LDAP_TYPE_AUTOMOUNT) - 1) == 0) 3017c478bd9Sstevel@tonic-gate auto_service = TRUE; 3027c478bd9Sstevel@tonic-gate 3037c478bd9Sstevel@tonic-gate /* 3047c478bd9Sstevel@tonic-gate * see if schema mapping existed for the given service 3057c478bd9Sstevel@tonic-gate */ 3067c478bd9Sstevel@tonic-gate mapping = __ns_ldap_getOrigAttribute(service, 3077c478bd9Sstevel@tonic-gate NS_HASH_SCHEMA_MAPPING_EXISTED); 3087c478bd9Sstevel@tonic-gate if (mapping) { 3097c478bd9Sstevel@tonic-gate schema_mapping_existed = TRUE; 3107c478bd9Sstevel@tonic-gate __s_api_free2dArray(mapping); 3117c478bd9Sstevel@tonic-gate mapping = NULL; 3127c478bd9Sstevel@tonic-gate } 3137c478bd9Sstevel@tonic-gate 3147c478bd9Sstevel@tonic-gate for (i = 0, k = 0; k < count && attr[k] != NULL; i++, k++) { 3157c478bd9Sstevel@tonic-gate mods[i] = &modlist[i]; 3167c478bd9Sstevel@tonic-gate mods[i]->mod_op = mod_op; 3177c478bd9Sstevel@tonic-gate /* 3187c478bd9Sstevel@tonic-gate * Perform attribute mapping if necessary. 3197c478bd9Sstevel@tonic-gate */ 320e1dd0a2fSth if (schema_mapping_existed && (flags & NS_LDAP_NOMAP) == 0) { 3217c478bd9Sstevel@tonic-gate mapping = __ns_ldap_getMappedAttributes(service, 3227c478bd9Sstevel@tonic-gate attr[k]->attrname); 3237c478bd9Sstevel@tonic-gate } else 3247c478bd9Sstevel@tonic-gate mapping = NULL; 3257c478bd9Sstevel@tonic-gate 3267c478bd9Sstevel@tonic-gate if (mapping == NULL && auto_service && 3277c478bd9Sstevel@tonic-gate (flags & NS_LDAP_NOMAP) == 0) { 3287c478bd9Sstevel@tonic-gate /* 3297c478bd9Sstevel@tonic-gate * if service == auto_xxx and 3307c478bd9Sstevel@tonic-gate * no mapped attribute is found 3317c478bd9Sstevel@tonic-gate * and NS_LDAP_NOMAP is not set 3327c478bd9Sstevel@tonic-gate * then try automount's mapped attribute 3337c478bd9Sstevel@tonic-gate */ 3347c478bd9Sstevel@tonic-gate mapping = __ns_ldap_getMappedAttributes("automount", 3357c478bd9Sstevel@tonic-gate attr[k]->attrname); 3367c478bd9Sstevel@tonic-gate } 3377c478bd9Sstevel@tonic-gate 3387c478bd9Sstevel@tonic-gate if (mapping == NULL) { 339e1dd0a2fSth mods[i]->mod_type = strdup(attr[k]->attrname); 340e1dd0a2fSth if (mods[i]->mod_type == NULL) 341e1dd0a2fSth goto free_memory; 3427c478bd9Sstevel@tonic-gate } else { 3437c478bd9Sstevel@tonic-gate /* 3447c478bd9Sstevel@tonic-gate * 1 to N attribute mapping is only done for "gecos", 3457c478bd9Sstevel@tonic-gate * and only 1 to 3 mapping. 3467c478bd9Sstevel@tonic-gate * nine cases here: 3477c478bd9Sstevel@tonic-gate * 3487c478bd9Sstevel@tonic-gate * A. attrMap=passwd:gecos=a 3497c478bd9Sstevel@tonic-gate * 1. gecos="xx,yy,zz" -> a="xx,yy,zz" 3507c478bd9Sstevel@tonic-gate * 2. gecos="xx,yy" -> a="xx,yy" 3517c478bd9Sstevel@tonic-gate * 3. gecos="xx" -> a="xx" 3527c478bd9Sstevel@tonic-gate * 3537c478bd9Sstevel@tonic-gate * B. attrMap=passwd:gecos=a b 3547c478bd9Sstevel@tonic-gate * 4. gecos="xx,yy,zz" -> a="xx" b="yy,zz" 3557c478bd9Sstevel@tonic-gate * 5. gecos="xx,yy" -> a="xx" b="yy" 3567c478bd9Sstevel@tonic-gate * 6. gecos="xx" -> a="xx" 3577c478bd9Sstevel@tonic-gate * 3587c478bd9Sstevel@tonic-gate * C. attrMap=passwd:gecos=a b c 3597c478bd9Sstevel@tonic-gate * 7. gecos="xx,yy,zz" -> a="xx" b="yy" c="zz" 3607c478bd9Sstevel@tonic-gate * 8. gecos="xx,yy" -> a="xx" b="yy" 3617c478bd9Sstevel@tonic-gate * 9. gecos="xx" -> a="xx" 3627c478bd9Sstevel@tonic-gate * 3637c478bd9Sstevel@tonic-gate * This can be grouped as: 3647c478bd9Sstevel@tonic-gate * 3657c478bd9Sstevel@tonic-gate * c1 cases: 1,2,3,6,9 3667c478bd9Sstevel@tonic-gate * if ((attrMap=passwd:gecos=a) || 3677c478bd9Sstevel@tonic-gate * (no "," in gecos value)) 3687c478bd9Sstevel@tonic-gate * same as other no-mapping attributes, 3697c478bd9Sstevel@tonic-gate * no special processing needed 3707c478bd9Sstevel@tonic-gate * else 3717c478bd9Sstevel@tonic-gate * 3727c478bd9Sstevel@tonic-gate * c2 cases: 4,5,8 3737c478bd9Sstevel@tonic-gate * if ((attrMap=passwd:gecos=a b) || 3747c478bd9Sstevel@tonic-gate * (only one "," in gecos value)) 3757c478bd9Sstevel@tonic-gate * a=xx b=yy[,...] 3767c478bd9Sstevel@tonic-gate * else 3777c478bd9Sstevel@tonic-gate * 3787c478bd9Sstevel@tonic-gate * c3 case: 7 3797c478bd9Sstevel@tonic-gate * a=xx b=yy c=... 3807c478bd9Sstevel@tonic-gate * 3817c478bd9Sstevel@tonic-gate * notes: in case c2 and c3, ... could still contain "," 3827c478bd9Sstevel@tonic-gate */ 383e1dd0a2fSth if (strcasecmp(service, "passwd") == 0 && 384e1dd0a2fSth strcasecmp(attr[k]->attrname, "gecos") == 0 && 385e1dd0a2fSth mapping[1] && attr[k]->attrvalue[0] && 386e1dd0a2fSth (comma1 = strchr(attr[k]->attrvalue[0], 387e1dd0a2fSth COMMATOK)) != NULL) { 3887c478bd9Sstevel@tonic-gate 3897c478bd9Sstevel@tonic-gate /* is there a second comma? */ 3907c478bd9Sstevel@tonic-gate if (*(comma1 + 1) != '\0') 3917c478bd9Sstevel@tonic-gate comma2 = strchr(comma1 + 1, COMMATOK); 3927c478bd9Sstevel@tonic-gate 3937c478bd9Sstevel@tonic-gate /* 3947c478bd9Sstevel@tonic-gate * Process case c2 or c3. 3957c478bd9Sstevel@tonic-gate * case c2: mapped to two attributes or just 3967c478bd9Sstevel@tonic-gate * one comma 3977c478bd9Sstevel@tonic-gate */ 398e1dd0a2fSth if (mapping[2] == NULL || comma2 == NULL) { 3997c478bd9Sstevel@tonic-gate /* case c2 */ 4007c478bd9Sstevel@tonic-gate 4017c478bd9Sstevel@tonic-gate /* 4027c478bd9Sstevel@tonic-gate * int mod structure for the first attribute 4037c478bd9Sstevel@tonic-gate */ 4047c478bd9Sstevel@tonic-gate vlen = comma1 - attr[k]->attrvalue[0]; 4057c478bd9Sstevel@tonic-gate c = attr[k]->attrvalue[0]; 4067c478bd9Sstevel@tonic-gate 4077c478bd9Sstevel@tonic-gate if (vlen > 0 && c) { 4087c478bd9Sstevel@tonic-gate rc = init_bval_mod(mods[i], mod_op, 409e1dd0a2fSth mapping[0], c, vlen); 4107c478bd9Sstevel@tonic-gate if (rc != 0) 4117c478bd9Sstevel@tonic-gate goto free_memory; 4127c478bd9Sstevel@tonic-gate } else { 4137c478bd9Sstevel@tonic-gate /* don't leave a hole in mods array */ 4147c478bd9Sstevel@tonic-gate mods[i] = NULL; 4157c478bd9Sstevel@tonic-gate i--; 4167c478bd9Sstevel@tonic-gate } 4177c478bd9Sstevel@tonic-gate 4187c478bd9Sstevel@tonic-gate 4197c478bd9Sstevel@tonic-gate /* 4207c478bd9Sstevel@tonic-gate * init mod structure for the 2nd attribute 4217c478bd9Sstevel@tonic-gate */ 4227c478bd9Sstevel@tonic-gate if (*(comma1 + 1) == '\0') { 4237c478bd9Sstevel@tonic-gate __s_api_free2dArray(mapping); 4247c478bd9Sstevel@tonic-gate mapping = NULL; 4257c478bd9Sstevel@tonic-gate continue; 4267c478bd9Sstevel@tonic-gate } 4277c478bd9Sstevel@tonic-gate 4287c478bd9Sstevel@tonic-gate i++; 4297c478bd9Sstevel@tonic-gate mods[i] = &modlist[i]; 4307c478bd9Sstevel@tonic-gate 4317c478bd9Sstevel@tonic-gate /* 4327c478bd9Sstevel@tonic-gate * get pointer to data. 4337c478bd9Sstevel@tonic-gate * Skip leading spaces. 4347c478bd9Sstevel@tonic-gate */ 435e1dd0a2fSth for (c = comma1 + 1; *c == SPACETOK; c++) { 436e1dd0a2fSth /* empty */ 437e1dd0a2fSth } 4387c478bd9Sstevel@tonic-gate 4397c478bd9Sstevel@tonic-gate /* get data length */ 4407c478bd9Sstevel@tonic-gate vlen = strlen(attr[k]->attrvalue[0]) - 441e1dd0a2fSth (c - attr[k]->attrvalue[0]); 4427c478bd9Sstevel@tonic-gate 4437c478bd9Sstevel@tonic-gate if (vlen > 0 && c) { 4447c478bd9Sstevel@tonic-gate rc = init_bval_mod(mods[i], mod_op, 445e1dd0a2fSth mapping[1], c, vlen); 4467c478bd9Sstevel@tonic-gate if (rc != 0) 4477c478bd9Sstevel@tonic-gate goto free_memory; 4487c478bd9Sstevel@tonic-gate } else { 4497c478bd9Sstevel@tonic-gate /* don't leave a hole in mods array */ 4507c478bd9Sstevel@tonic-gate mods[i] = NULL; 4517c478bd9Sstevel@tonic-gate i--; 4527c478bd9Sstevel@tonic-gate } 4537c478bd9Sstevel@tonic-gate 4547c478bd9Sstevel@tonic-gate /* done with the mapping array */ 4557c478bd9Sstevel@tonic-gate __s_api_free2dArray(mapping); 4567c478bd9Sstevel@tonic-gate mapping = NULL; 4577c478bd9Sstevel@tonic-gate 4587c478bd9Sstevel@tonic-gate continue; 4597c478bd9Sstevel@tonic-gate } else { 4607c478bd9Sstevel@tonic-gate /* case c3 */ 4617c478bd9Sstevel@tonic-gate 4627c478bd9Sstevel@tonic-gate /* 4637c478bd9Sstevel@tonic-gate * int mod structure for the first attribute 4647c478bd9Sstevel@tonic-gate */ 4657c478bd9Sstevel@tonic-gate vlen = comma1 - attr[k]->attrvalue[0]; 4667c478bd9Sstevel@tonic-gate c = attr[k]->attrvalue[0]; 4677c478bd9Sstevel@tonic-gate 4687c478bd9Sstevel@tonic-gate if (vlen > 0 && c) { 4697c478bd9Sstevel@tonic-gate rc = init_bval_mod(mods[i], mod_op, 470e1dd0a2fSth mapping[0], c, vlen); 4717c478bd9Sstevel@tonic-gate if (rc != 0) 4727c478bd9Sstevel@tonic-gate goto free_memory; 4737c478bd9Sstevel@tonic-gate } else { 4747c478bd9Sstevel@tonic-gate /* don't leave a hole in mods array */ 4757c478bd9Sstevel@tonic-gate mods[i] = NULL; 4767c478bd9Sstevel@tonic-gate i--; 4777c478bd9Sstevel@tonic-gate } 4787c478bd9Sstevel@tonic-gate 4797c478bd9Sstevel@tonic-gate /* 4807c478bd9Sstevel@tonic-gate * init mod structure for the 2nd attribute 4817c478bd9Sstevel@tonic-gate */ 4827c478bd9Sstevel@tonic-gate i++; 4837c478bd9Sstevel@tonic-gate mods[i] = &modlist[i]; 4847c478bd9Sstevel@tonic-gate 4857c478bd9Sstevel@tonic-gate /* 4867c478bd9Sstevel@tonic-gate * get pointer to data. 4877c478bd9Sstevel@tonic-gate * Skip leading spaces. 4887c478bd9Sstevel@tonic-gate */ 489e1dd0a2fSth for (c = comma1 + 1; *c == SPACETOK; c++) { 490e1dd0a2fSth /* empty */ 491e1dd0a2fSth }; 4927c478bd9Sstevel@tonic-gate 4937c478bd9Sstevel@tonic-gate /* get data length */ 4947c478bd9Sstevel@tonic-gate vlen = comma2 - c; 4957c478bd9Sstevel@tonic-gate 4967c478bd9Sstevel@tonic-gate if (vlen > 0 && c) { 4977c478bd9Sstevel@tonic-gate rc = init_bval_mod(mods[i], mod_op, 498e1dd0a2fSth mapping[1], c, vlen); 4997c478bd9Sstevel@tonic-gate if (rc != 0) 5007c478bd9Sstevel@tonic-gate goto free_memory; 5017c478bd9Sstevel@tonic-gate } else { 5027c478bd9Sstevel@tonic-gate /* don't leave a hole in mods array */ 5037c478bd9Sstevel@tonic-gate mods[i] = NULL; 5047c478bd9Sstevel@tonic-gate i--; 5057c478bd9Sstevel@tonic-gate } 5067c478bd9Sstevel@tonic-gate 5077c478bd9Sstevel@tonic-gate /* 5087c478bd9Sstevel@tonic-gate * init mod structure for the 3rd attribute 5097c478bd9Sstevel@tonic-gate */ 5107c478bd9Sstevel@tonic-gate if (*(comma2 + 1) == '\0') { 5117c478bd9Sstevel@tonic-gate __s_api_free2dArray(mapping); 5127c478bd9Sstevel@tonic-gate mapping = NULL; 5137c478bd9Sstevel@tonic-gate continue; 5147c478bd9Sstevel@tonic-gate } 5157c478bd9Sstevel@tonic-gate 5167c478bd9Sstevel@tonic-gate i++; 5177c478bd9Sstevel@tonic-gate mods[i] = &modlist[i]; 5187c478bd9Sstevel@tonic-gate /* 5197c478bd9Sstevel@tonic-gate * get pointer to data. 5207c478bd9Sstevel@tonic-gate * Skip leading spaces. 5217c478bd9Sstevel@tonic-gate */ 522e1dd0a2fSth for (c = comma2 + 1; *c == SPACETOK; c++) { 523e1dd0a2fSth /* empty */ 524e1dd0a2fSth } 5257c478bd9Sstevel@tonic-gate 5267c478bd9Sstevel@tonic-gate /* get data length */ 5277c478bd9Sstevel@tonic-gate vlen = strlen(attr[k]->attrvalue[0]) - 528e1dd0a2fSth (c - attr[k]->attrvalue[0]); 5297c478bd9Sstevel@tonic-gate 5307c478bd9Sstevel@tonic-gate if (vlen > 0 && c) { 5317c478bd9Sstevel@tonic-gate rc = init_bval_mod(mods[i], mod_op, 532e1dd0a2fSth mapping[2], c, vlen); 5337c478bd9Sstevel@tonic-gate if (rc != 0) 5347c478bd9Sstevel@tonic-gate goto free_memory; 5357c478bd9Sstevel@tonic-gate } else { 5367c478bd9Sstevel@tonic-gate /* don't leave a hole in mods array */ 5377c478bd9Sstevel@tonic-gate mods[i] = NULL; 5387c478bd9Sstevel@tonic-gate i--; 5397c478bd9Sstevel@tonic-gate } 5407c478bd9Sstevel@tonic-gate 5417c478bd9Sstevel@tonic-gate /* done with the mapping array */ 5427c478bd9Sstevel@tonic-gate __s_api_free2dArray(mapping); 5437c478bd9Sstevel@tonic-gate mapping = NULL; 5447c478bd9Sstevel@tonic-gate 5457c478bd9Sstevel@tonic-gate continue; 546e1dd0a2fSth } 5477c478bd9Sstevel@tonic-gate } 5487c478bd9Sstevel@tonic-gate 549e1dd0a2fSth /* case c1 */ 550e1dd0a2fSth mods[i]->mod_type = strdup(mapping[0]); 551e1dd0a2fSth if (mods[i]->mod_type == NULL) { 5527c478bd9Sstevel@tonic-gate goto free_memory; 553e1dd0a2fSth } 554e1dd0a2fSth __s_api_free2dArray(mapping); 555e1dd0a2fSth mapping = NULL; 5567c478bd9Sstevel@tonic-gate } 5577c478bd9Sstevel@tonic-gate 5587c478bd9Sstevel@tonic-gate modval = (char **)calloc(attr[k]->value_count+1, 559e1dd0a2fSth sizeof (char *)); 5607c478bd9Sstevel@tonic-gate if (modval == NULL) 5617c478bd9Sstevel@tonic-gate goto free_memory; 5627c478bd9Sstevel@tonic-gate /* 5637c478bd9Sstevel@tonic-gate * Perform objectclass mapping. 5647c478bd9Sstevel@tonic-gate * Note that the values for the "objectclass" attribute 5657c478bd9Sstevel@tonic-gate * will be dupped using strdup. Values for other 5667c478bd9Sstevel@tonic-gate * attributes will be referenced via pointer 5677c478bd9Sstevel@tonic-gate * assignments. 5687c478bd9Sstevel@tonic-gate */ 5697c478bd9Sstevel@tonic-gate if (strcasecmp(mods[i]->mod_type, "objectclass") == 0) { 5707c478bd9Sstevel@tonic-gate for (j = 0; j < attr[k]->value_count; j++) { 5717c478bd9Sstevel@tonic-gate if (schema_mapping_existed && 572e1dd0a2fSth (flags & NS_LDAP_NOMAP) == 0) 5737c478bd9Sstevel@tonic-gate mapping = 574e1dd0a2fSth __ns_ldap_getMappedObjectClass( 575e1dd0a2fSth service, attr[k]->attrvalue[j]); 5767c478bd9Sstevel@tonic-gate else 5777c478bd9Sstevel@tonic-gate mapping = NULL; 5787c478bd9Sstevel@tonic-gate 5797c478bd9Sstevel@tonic-gate if (mapping == NULL && auto_service && 580e1dd0a2fSth (flags & NS_LDAP_NOMAP) == 0) 5817c478bd9Sstevel@tonic-gate /* 5827c478bd9Sstevel@tonic-gate * if service == auto_xxx and 5837c478bd9Sstevel@tonic-gate * no mapped objectclass is found 5847c478bd9Sstevel@tonic-gate * then try automount 5857c478bd9Sstevel@tonic-gate */ 5867c478bd9Sstevel@tonic-gate mapping = 587e1dd0a2fSth __ns_ldap_getMappedObjectClass( 588e1dd0a2fSth "automount", attr[k]->attrvalue[j]); 5897c478bd9Sstevel@tonic-gate 5907c478bd9Sstevel@tonic-gate if (mapping && mapping[0]) { 5917c478bd9Sstevel@tonic-gate /* assume single mapping */ 5927c478bd9Sstevel@tonic-gate modval[j] = strdup(mapping[0]); 5937c478bd9Sstevel@tonic-gate } else { 5947c478bd9Sstevel@tonic-gate modval[j] = strdup(attr[k]-> 595e1dd0a2fSth attrvalue[j]); 5967c478bd9Sstevel@tonic-gate } 5977c478bd9Sstevel@tonic-gate if (modval[j] == NULL) 5987c478bd9Sstevel@tonic-gate goto free_memory; 5997c478bd9Sstevel@tonic-gate } 6007c478bd9Sstevel@tonic-gate } else { 6017c478bd9Sstevel@tonic-gate for (j = 0; j < attr[k]->value_count; j++) { 6027c478bd9Sstevel@tonic-gate /* ASSIGN NOT COPY */ 6037c478bd9Sstevel@tonic-gate modval[j] = attr[k]->attrvalue[j]; 6047c478bd9Sstevel@tonic-gate } 6057c478bd9Sstevel@tonic-gate } 6067c478bd9Sstevel@tonic-gate mods[i]->mod_values = modval; 6077c478bd9Sstevel@tonic-gate } 6087c478bd9Sstevel@tonic-gate 6097c478bd9Sstevel@tonic-gate return (mods); 6107c478bd9Sstevel@tonic-gate 6117c478bd9Sstevel@tonic-gate free_memory: 6127c478bd9Sstevel@tonic-gate freeModList(mods); 6137c478bd9Sstevel@tonic-gate if (mapping) 6147c478bd9Sstevel@tonic-gate __s_api_free2dArray(mapping); 6157c478bd9Sstevel@tonic-gate 6167c478bd9Sstevel@tonic-gate return (NULL); 6177c478bd9Sstevel@tonic-gate 6187c478bd9Sstevel@tonic-gate } 6197c478bd9Sstevel@tonic-gate 6207c478bd9Sstevel@tonic-gate static LDAPMod ** 6217c478bd9Sstevel@tonic-gate __s_api_makeModList( 6227c478bd9Sstevel@tonic-gate const char *service, 6237c478bd9Sstevel@tonic-gate const ns_ldap_attr_t * const *attr, 6247c478bd9Sstevel@tonic-gate const int mod_op, 6257c478bd9Sstevel@tonic-gate const int flags) 6267c478bd9Sstevel@tonic-gate { 6277c478bd9Sstevel@tonic-gate ns_ldap_attr_t **aptr = (ns_ldap_attr_t **)attr; 6287c478bd9Sstevel@tonic-gate int count = 0; 6297c478bd9Sstevel@tonic-gate 6307c478bd9Sstevel@tonic-gate if (aptr == NULL) 6317c478bd9Sstevel@tonic-gate return (NULL); 6327c478bd9Sstevel@tonic-gate 6337c478bd9Sstevel@tonic-gate /* count number of attributes */ 6347c478bd9Sstevel@tonic-gate while (*aptr++) 6357c478bd9Sstevel@tonic-gate count++; 6367c478bd9Sstevel@tonic-gate 6377c478bd9Sstevel@tonic-gate return (__s_api_makeModListCount(service, attr, mod_op, count, flags)); 6387c478bd9Sstevel@tonic-gate } 6397c478bd9Sstevel@tonic-gate 6407c478bd9Sstevel@tonic-gate static void 6417c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(ns_ldap_entry_t **entry, char **rdn) 6427c478bd9Sstevel@tonic-gate { 6437c478bd9Sstevel@tonic-gate if (*entry != NULL) { 6447c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(*entry); 6457c478bd9Sstevel@tonic-gate *entry = NULL; 6467c478bd9Sstevel@tonic-gate } 6477c478bd9Sstevel@tonic-gate if (*rdn != NULL) { 6487c478bd9Sstevel@tonic-gate free(*rdn); 6497c478bd9Sstevel@tonic-gate *rdn = NULL; 6507c478bd9Sstevel@tonic-gate } 6517c478bd9Sstevel@tonic-gate } 6527c478bd9Sstevel@tonic-gate 6537c478bd9Sstevel@tonic-gate /* 6547c478bd9Sstevel@tonic-gate * This state machine performs one or more LDAP add/delete/modify 6557c478bd9Sstevel@tonic-gate * operations to configured LDAP servers. 6567c478bd9Sstevel@tonic-gate */ 6577c478bd9Sstevel@tonic-gate static int 6587c478bd9Sstevel@tonic-gate write_state_machine( 6597c478bd9Sstevel@tonic-gate int ldap_op, 6607c478bd9Sstevel@tonic-gate char *dn, 6617c478bd9Sstevel@tonic-gate LDAPMod **mods, 6627c478bd9Sstevel@tonic-gate const ns_cred_t *cred, 6637c478bd9Sstevel@tonic-gate const int flags, 6647c478bd9Sstevel@tonic-gate ns_ldap_error_t ** errorp) 6657c478bd9Sstevel@tonic-gate { 6667c478bd9Sstevel@tonic-gate ConnectionID connectionId = -1; 6677c478bd9Sstevel@tonic-gate Connection *conp = NULL; 6687c478bd9Sstevel@tonic-gate LDAPMessage *res; 6697c478bd9Sstevel@tonic-gate char *target_dn = NULL; 6707c478bd9Sstevel@tonic-gate char errstr[MAXERROR]; 6717c478bd9Sstevel@tonic-gate int rc = NS_LDAP_SUCCESS; 6727c478bd9Sstevel@tonic-gate int return_rc = NS_LDAP_SUCCESS; 6737c478bd9Sstevel@tonic-gate int followRef = FALSE; 6747c478bd9Sstevel@tonic-gate int target_dn_allocated = FALSE; 6757c478bd9Sstevel@tonic-gate int len; 6767c478bd9Sstevel@tonic-gate int msgid; 6777c478bd9Sstevel@tonic-gate int Errno; 67820945219SMichen Chang boolean_t from_get_lderrno = B_FALSE; 6797c478bd9Sstevel@tonic-gate int always = 1; 6807c478bd9Sstevel@tonic-gate char *err, *errmsg = NULL; 6817d575517Ssdussud /* referrals returned by the LDAP operation */ 6827c478bd9Sstevel@tonic-gate char **referrals = NULL; 6837d575517Ssdussud /* 6847d575517Ssdussud * list of referrals used by the state machine, built from 6857d575517Ssdussud * the referrals variable above 6867d575517Ssdussud */ 6877d575517Ssdussud ns_referral_info_t *ref_list = NULL; 6887d575517Ssdussud /* current referral */ 6897d575517Ssdussud ns_referral_info_t *current_ref = NULL; 6907c478bd9Sstevel@tonic-gate ns_write_state_t state = W_INIT, new_state, err_state = W_INIT; 6917c478bd9Sstevel@tonic-gate int do_not_fail_if_new_pwd_reqd = 0; 6927c478bd9Sstevel@tonic-gate ns_ldap_passwd_status_t pwd_status = NS_PASSWD_GOOD; 6937c478bd9Sstevel@tonic-gate int passwd_mgmt = 0; 6947d575517Ssdussud int i = 0; 6957d575517Ssdussud int ldap_error; 69647789246Svv int nopasswd_acct_mgmt = 0; 697e1dd0a2fSth ns_conn_user_t *conn_user = NULL; 6987c478bd9Sstevel@tonic-gate 6997c478bd9Sstevel@tonic-gate while (always) { 7007c478bd9Sstevel@tonic-gate switch (state) { 7017c478bd9Sstevel@tonic-gate case W_EXIT: 702e1dd0a2fSth /* return the MT connection and free the conn user */ 703e1dd0a2fSth if (conn_user != NULL) { 704e1dd0a2fSth if (conn_user->use_mt_conn == B_TRUE) { 705e1dd0a2fSth if (conn_user->ns_error != NULL) { 706e1dd0a2fSth *errorp = conn_user->ns_error; 707e1dd0a2fSth conn_user->ns_error = NULL; 708e1dd0a2fSth return_rc = conn_user->ns_rc; 709e1dd0a2fSth } 710e1dd0a2fSth if (conn_user->conn_mt != NULL) 711e1dd0a2fSth __s_api_conn_mt_return( 712e1dd0a2fSth conn_user); 713e1dd0a2fSth } 714e1dd0a2fSth __s_api_conn_user_free(conn_user); 715e1dd0a2fSth } 716e1dd0a2fSth 7177c478bd9Sstevel@tonic-gate if (connectionId > -1) 718cb5caa98Sdjl DropConnection(connectionId, NS_LDAP_NEW_CONN); 7197d575517Ssdussud if (ref_list) 7207d575517Ssdussud __s_api_deleteRefInfo(ref_list); 7217c478bd9Sstevel@tonic-gate if (target_dn && target_dn_allocated) 7227c478bd9Sstevel@tonic-gate free(target_dn); 7237c478bd9Sstevel@tonic-gate return (return_rc); 7247c478bd9Sstevel@tonic-gate case W_INIT: 7257c478bd9Sstevel@tonic-gate /* see if need to follow referrals */ 7267c478bd9Sstevel@tonic-gate rc = __s_api_toFollowReferrals(flags, 727e1dd0a2fSth &followRef, errorp); 7287c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 7297c478bd9Sstevel@tonic-gate return_rc = rc; 7307c478bd9Sstevel@tonic-gate new_state = W_ERROR; 7317c478bd9Sstevel@tonic-gate break; 7327c478bd9Sstevel@tonic-gate } 7337c478bd9Sstevel@tonic-gate len = strlen(dn); 7347c478bd9Sstevel@tonic-gate if (dn[len-1] == COMMATOK) 7357c478bd9Sstevel@tonic-gate rc = __s_api_append_default_basedn( 736e1dd0a2fSth dn, &target_dn, &target_dn_allocated, 737e1dd0a2fSth errorp); 7387c478bd9Sstevel@tonic-gate else 7397c478bd9Sstevel@tonic-gate target_dn = dn; 7407c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 7417c478bd9Sstevel@tonic-gate return_rc = rc; 7427c478bd9Sstevel@tonic-gate new_state = W_ERROR; 7437c478bd9Sstevel@tonic-gate } 7447c478bd9Sstevel@tonic-gate else 7457c478bd9Sstevel@tonic-gate new_state = GET_CONNECTION; 7467c478bd9Sstevel@tonic-gate break; 7477c478bd9Sstevel@tonic-gate case GET_CONNECTION: 748e1dd0a2fSth /* identify self as a write user */ 749e1dd0a2fSth conn_user = __s_api_conn_user_init(NS_CONN_USER_WRITE, 750e1dd0a2fSth NULL, B_FALSE); 7517c478bd9Sstevel@tonic-gate rc = __s_api_getConnection(NULL, 752e1dd0a2fSth flags, cred, &connectionId, &conp, errorp, 753e1dd0a2fSth do_not_fail_if_new_pwd_reqd, nopasswd_acct_mgmt, 754e1dd0a2fSth conn_user); 7557c478bd9Sstevel@tonic-gate 7567c478bd9Sstevel@tonic-gate /* 7577c478bd9Sstevel@tonic-gate * If password control attached 7587c478bd9Sstevel@tonic-gate * in *errorp, 7597c478bd9Sstevel@tonic-gate * e.g. rc == NS_LDAP_SUCCESS_WITH_INFO, 7607c478bd9Sstevel@tonic-gate * free the error structure (we do not need 7617c478bd9Sstevel@tonic-gate * the password management info). 7627c478bd9Sstevel@tonic-gate * Reset rc to NS_LDAP_SUCCESS. 7637c478bd9Sstevel@tonic-gate */ 7647c478bd9Sstevel@tonic-gate if (rc == NS_LDAP_SUCCESS_WITH_INFO) { 765e1dd0a2fSth (void) __ns_ldap_freeError(errorp); 7667c478bd9Sstevel@tonic-gate *errorp = NULL; 7677c478bd9Sstevel@tonic-gate rc = NS_LDAP_SUCCESS; 7687c478bd9Sstevel@tonic-gate } 7697c478bd9Sstevel@tonic-gate 7707c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 7717c478bd9Sstevel@tonic-gate return_rc = rc; 7727c478bd9Sstevel@tonic-gate new_state = W_ERROR; 7737c478bd9Sstevel@tonic-gate break; 7747c478bd9Sstevel@tonic-gate } 7757c478bd9Sstevel@tonic-gate if (followRef) 7767c478bd9Sstevel@tonic-gate new_state = SELECT_OPERATION_ASYNC; 7777c478bd9Sstevel@tonic-gate else 7787c478bd9Sstevel@tonic-gate new_state = SELECT_OPERATION_SYNC; 7797c478bd9Sstevel@tonic-gate break; 7807c478bd9Sstevel@tonic-gate case SELECT_OPERATION_SYNC: 7817c478bd9Sstevel@tonic-gate if (ldap_op == LDAP_REQ_ADD) 7827c478bd9Sstevel@tonic-gate new_state = DO_ADD_SYNC; 7837c478bd9Sstevel@tonic-gate else if (ldap_op == LDAP_REQ_DELETE) 7847c478bd9Sstevel@tonic-gate new_state = DO_DELETE_SYNC; 7857c478bd9Sstevel@tonic-gate else if (ldap_op == LDAP_REQ_MODIFY) 7867c478bd9Sstevel@tonic-gate new_state = DO_MODIFY_SYNC; 7877c478bd9Sstevel@tonic-gate break; 7887c478bd9Sstevel@tonic-gate case SELECT_OPERATION_ASYNC: 7897c478bd9Sstevel@tonic-gate if (ldap_op == LDAP_REQ_ADD) 7907c478bd9Sstevel@tonic-gate new_state = DO_ADD_ASYNC; 7917c478bd9Sstevel@tonic-gate else if (ldap_op == LDAP_REQ_DELETE) 7927c478bd9Sstevel@tonic-gate new_state = DO_DELETE_ASYNC; 7937c478bd9Sstevel@tonic-gate else if (ldap_op == LDAP_REQ_MODIFY) 7947c478bd9Sstevel@tonic-gate new_state = DO_MODIFY_ASYNC; 7957c478bd9Sstevel@tonic-gate break; 7967c478bd9Sstevel@tonic-gate case DO_ADD_SYNC: 7977c478bd9Sstevel@tonic-gate rc = ldap_add_ext_s(conp->ld, target_dn, 798e1dd0a2fSth mods, NULL, NULL); 7997c478bd9Sstevel@tonic-gate new_state = GET_RESULT_SYNC; 8007c478bd9Sstevel@tonic-gate break; 8017c478bd9Sstevel@tonic-gate case DO_DELETE_SYNC: 8027c478bd9Sstevel@tonic-gate rc = ldap_delete_ext_s(conp->ld, target_dn, 803e1dd0a2fSth NULL, NULL); 8047c478bd9Sstevel@tonic-gate new_state = GET_RESULT_SYNC; 8057c478bd9Sstevel@tonic-gate break; 8067c478bd9Sstevel@tonic-gate case DO_MODIFY_SYNC: 8077c478bd9Sstevel@tonic-gate rc = ldap_modify_ext_s(conp->ld, target_dn, 808e1dd0a2fSth mods, NULL, NULL); 8097c478bd9Sstevel@tonic-gate new_state = GET_RESULT_SYNC; 8107c478bd9Sstevel@tonic-gate break; 8117c478bd9Sstevel@tonic-gate case DO_ADD_ASYNC: 8127c478bd9Sstevel@tonic-gate rc = ldap_add_ext(conp->ld, target_dn, 813e1dd0a2fSth mods, NULL, NULL, &msgid); 8147c478bd9Sstevel@tonic-gate new_state = GET_RESULT_ASYNC; 8157c478bd9Sstevel@tonic-gate break; 8167c478bd9Sstevel@tonic-gate case DO_DELETE_ASYNC: 8177c478bd9Sstevel@tonic-gate rc = ldap_delete_ext(conp->ld, target_dn, 818e1dd0a2fSth NULL, NULL, &msgid); 8197c478bd9Sstevel@tonic-gate new_state = GET_RESULT_ASYNC; 8207c478bd9Sstevel@tonic-gate break; 8217c478bd9Sstevel@tonic-gate case DO_MODIFY_ASYNC: 8227c478bd9Sstevel@tonic-gate rc = ldap_modify_ext(conp->ld, target_dn, 823e1dd0a2fSth mods, NULL, NULL, &msgid); 8247c478bd9Sstevel@tonic-gate new_state = GET_RESULT_ASYNC; 8257c478bd9Sstevel@tonic-gate break; 8267c478bd9Sstevel@tonic-gate case GET_RESULT_SYNC: 8277c478bd9Sstevel@tonic-gate if (rc != LDAP_SUCCESS) { 8287c478bd9Sstevel@tonic-gate Errno = rc; 8297c478bd9Sstevel@tonic-gate (void) ldap_get_lderrno(conp->ld, 830e1dd0a2fSth NULL, &errmsg); 83120945219SMichen Chang 8327c478bd9Sstevel@tonic-gate /* 83320945219SMichen Chang * No need to deal with the error message if 83420945219SMichen Chang * it's an empty string. 8357c478bd9Sstevel@tonic-gate */ 83620945219SMichen Chang if (errmsg != NULL && *errmsg == '\0') 8377c478bd9Sstevel@tonic-gate errmsg = NULL; 83820945219SMichen Chang 83920945219SMichen Chang if (errmsg != NULL) { 84020945219SMichen Chang /* 84120945219SMichen Chang * ldap_get_lderrno does not expect 84220945219SMichen Chang * errmsg to be freed after use, while 84320945219SMichen Chang * ldap_parse_result below does, so set 84420945219SMichen Chang * a flag to indicate source. 84520945219SMichen Chang */ 84620945219SMichen Chang from_get_lderrno = B_TRUE; 8477c478bd9Sstevel@tonic-gate } 84820945219SMichen Chang 8497c478bd9Sstevel@tonic-gate new_state = W_LDAP_ERROR; 8507c478bd9Sstevel@tonic-gate } else { 8517c478bd9Sstevel@tonic-gate return_rc = NS_LDAP_SUCCESS; 8527c478bd9Sstevel@tonic-gate new_state = W_EXIT; 8537c478bd9Sstevel@tonic-gate } 8547c478bd9Sstevel@tonic-gate break; 8557c478bd9Sstevel@tonic-gate case GET_RESULT_ASYNC: 8567c478bd9Sstevel@tonic-gate rc = ldap_result(conp->ld, msgid, 1, 857e1dd0a2fSth (struct timeval *)NULL, &res); 8587c478bd9Sstevel@tonic-gate /* if no server response, set Errno */ 8597c478bd9Sstevel@tonic-gate if (rc == -1) { 8607c478bd9Sstevel@tonic-gate (void) ldap_get_option(conp->ld, 8617c478bd9Sstevel@tonic-gate LDAP_OPT_ERROR_NUMBER, &Errno); 8627c478bd9Sstevel@tonic-gate new_state = W_LDAP_ERROR; 8637c478bd9Sstevel@tonic-gate break; 8647c478bd9Sstevel@tonic-gate } 865e1dd0a2fSth if (rc == LDAP_RES_ADD || rc == LDAP_RES_MODIFY || 866e1dd0a2fSth rc == LDAP_RES_DELETE) { 8677c478bd9Sstevel@tonic-gate new_state = PARSE_RESULT; 8687c478bd9Sstevel@tonic-gate break; 8697c478bd9Sstevel@tonic-gate } else { 8707c478bd9Sstevel@tonic-gate return_rc = rc; 8717c478bd9Sstevel@tonic-gate new_state = W_ERROR; 8727c478bd9Sstevel@tonic-gate } 8737c478bd9Sstevel@tonic-gate break; 8747c478bd9Sstevel@tonic-gate case PARSE_RESULT: 8757c478bd9Sstevel@tonic-gate /* 8767c478bd9Sstevel@tonic-gate * need Errno, referrals, error msg, 8777c478bd9Sstevel@tonic-gate * and the last "1" is to free 8787c478bd9Sstevel@tonic-gate * the result (res) 8797c478bd9Sstevel@tonic-gate */ 880e1dd0a2fSth rc = ldap_parse_result(conp->ld, res, &Errno, 881e1dd0a2fSth NULL, &errmsg, &referrals, NULL, 1); 8827c478bd9Sstevel@tonic-gate /* 8837c478bd9Sstevel@tonic-gate * free errmsg if it is an empty string 8847c478bd9Sstevel@tonic-gate */ 8857c478bd9Sstevel@tonic-gate if (errmsg && *errmsg == '\0') { 8867c478bd9Sstevel@tonic-gate ldap_memfree(errmsg); 8877c478bd9Sstevel@tonic-gate errmsg = NULL; 8887c478bd9Sstevel@tonic-gate } 8897d575517Ssdussud /* 8907d575517Ssdussud * If we received referral data, process 8917d575517Ssdussud * it if: 8927d575517Ssdussud * - we are configured to follow referrals 8937d575517Ssdussud * - and not already in referral mode (to keep 8947d575517Ssdussud * consistency with search_state_machine() 8957d575517Ssdussud * which follows 1 level of referrals only; 8967d575517Ssdussud * see proc_result_referrals() and 8977d575517Ssdussud * proc_search_references(). 8987d575517Ssdussud */ 8997d575517Ssdussud if (Errno == LDAP_REFERRAL && followRef && !ref_list) { 9007d575517Ssdussud for (i = 0; referrals[i] != NULL; i++) { 9017d575517Ssdussud /* add to referral list */ 9027d575517Ssdussud rc = __s_api_addRefInfo(&ref_list, 903e1dd0a2fSth referrals[i], NULL, NULL, NULL, 904e1dd0a2fSth conp->ld); 9057d575517Ssdussud if (rc != NS_LDAP_SUCCESS) { 9067d575517Ssdussud __s_api_deleteRefInfo(ref_list); 9077d575517Ssdussud ref_list = NULL; 9087d575517Ssdussud break; 9097d575517Ssdussud } 9107c478bd9Sstevel@tonic-gate } 9117c478bd9Sstevel@tonic-gate ldap_value_free(referrals); 9127d575517Ssdussud if (ref_list == NULL) { 9137c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_MEMORY) 9147c478bd9Sstevel@tonic-gate rc = NS_LDAP_INTERNAL; 9157d575517Ssdussud return_rc = rc; 9167c478bd9Sstevel@tonic-gate new_state = W_ERROR; 9177d575517Ssdussud } else { 9187c478bd9Sstevel@tonic-gate new_state = GET_REFERRAL_CONNECTION; 9197d575517Ssdussud current_ref = ref_list; 9207d575517Ssdussud } 9217c478bd9Sstevel@tonic-gate if (errmsg) { 9227c478bd9Sstevel@tonic-gate ldap_memfree(errmsg); 9237c478bd9Sstevel@tonic-gate errmsg = NULL; 9247c478bd9Sstevel@tonic-gate } 9257c478bd9Sstevel@tonic-gate break; 9267c478bd9Sstevel@tonic-gate } 9277c478bd9Sstevel@tonic-gate if (Errno != LDAP_SUCCESS) { 9287c478bd9Sstevel@tonic-gate new_state = W_LDAP_ERROR; 9297c478bd9Sstevel@tonic-gate } else { 9307c478bd9Sstevel@tonic-gate return_rc = NS_LDAP_SUCCESS; 9317c478bd9Sstevel@tonic-gate new_state = W_EXIT; 9327c478bd9Sstevel@tonic-gate } 9337c478bd9Sstevel@tonic-gate break; 9347c478bd9Sstevel@tonic-gate case GET_REFERRAL_CONNECTION: 9357d575517Ssdussud /* 9367d575517Ssdussud * since we are starting over, 9377d575517Ssdussud * discard the old error info 9387d575517Ssdussud */ 9397d575517Ssdussud return_rc = NS_LDAP_SUCCESS; 9407d575517Ssdussud if (*errorp) 9417d575517Ssdussud (void) __ns_ldap_freeError(errorp); 9427c478bd9Sstevel@tonic-gate if (connectionId > -1) 943cb5caa98Sdjl DropConnection(connectionId, NS_LDAP_NEW_CONN); 944e1dd0a2fSth 945e1dd0a2fSth /* set it up to use a referral connection */ 946e1dd0a2fSth if (conn_user != NULL) { 947e1dd0a2fSth /* 948e1dd0a2fSth * If an MT connection is being used, 949e1dd0a2fSth * return it to the pool. 950e1dd0a2fSth */ 951e1dd0a2fSth if (conn_user->conn_mt != NULL) 952e1dd0a2fSth __s_api_conn_mt_return(conn_user); 953e1dd0a2fSth 954e1dd0a2fSth conn_user->referral = B_TRUE; 955e1dd0a2fSth } 9567d575517Ssdussud rc = __s_api_getConnection(current_ref->refHost, 957e1dd0a2fSth 0, cred, &connectionId, &conp, errorp, 958e1dd0a2fSth do_not_fail_if_new_pwd_reqd, 959e1dd0a2fSth nopasswd_acct_mgmt, conn_user); 9607c478bd9Sstevel@tonic-gate 9617c478bd9Sstevel@tonic-gate /* 9627c478bd9Sstevel@tonic-gate * If password control attached 9637c478bd9Sstevel@tonic-gate * in errorp, 9647c478bd9Sstevel@tonic-gate * e.g. rc == NS_LDAP_SUCCESS_WITH_INFO, 9657c478bd9Sstevel@tonic-gate * free the error structure (we do not need 9667c478bd9Sstevel@tonic-gate * the password management info). 9677c478bd9Sstevel@tonic-gate * Reset rc to NS_LDAP_SUCCESS. 9687c478bd9Sstevel@tonic-gate */ 9697c478bd9Sstevel@tonic-gate if (rc == NS_LDAP_SUCCESS_WITH_INFO) { 970e1dd0a2fSth (void) __ns_ldap_freeError(errorp); 9717c478bd9Sstevel@tonic-gate *errorp = NULL; 9727c478bd9Sstevel@tonic-gate rc = NS_LDAP_SUCCESS; 9737c478bd9Sstevel@tonic-gate } 9747c478bd9Sstevel@tonic-gate 9757c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 9767c478bd9Sstevel@tonic-gate return_rc = rc; 9777d575517Ssdussud /* 9787d575517Ssdussud * If current referral is not 9797d575517Ssdussud * available for some reason, 9807d575517Ssdussud * try next referral in the list. 9817d575517Ssdussud * Get LDAP error code from errorp. 9827d575517Ssdussud */ 9837d575517Ssdussud if (*errorp != NULL) { 984e1dd0a2fSth ns_write_state_t get_ref = 985e1dd0a2fSth GET_REFERRAL_CONNECTION; 986e1dd0a2fSth 9877d575517Ssdussud ldap_error = (*errorp)->status; 9887d575517Ssdussud if (ldap_error == LDAP_BUSY || 9897d575517Ssdussud ldap_error == LDAP_UNAVAILABLE || 9907d575517Ssdussud ldap_error == 991e1dd0a2fSth LDAP_UNWILLING_TO_PERFORM || 9927d575517Ssdussud ldap_error == LDAP_CONNECT_ERROR || 9937d575517Ssdussud ldap_error == LDAP_SERVER_DOWN) { 9947d575517Ssdussud current_ref = current_ref->next; 9957d575517Ssdussud if (current_ref == NULL) { 996e1dd0a2fSth /* no more referral to follow */ 997e1dd0a2fSth new_state = W_ERROR; 998e1dd0a2fSth } else 999e1dd0a2fSth new_state = get_ref; 10007d575517Ssdussud /* 10017d575517Ssdussud * free errorp before going to 10027d575517Ssdussud * next referral 10037d575517Ssdussud */ 10047d575517Ssdussud (void) __ns_ldap_freeError( 1005e1dd0a2fSth errorp); 10067d575517Ssdussud *errorp = NULL; 10077d575517Ssdussud break; 10087d575517Ssdussud } 10097d575517Ssdussud /* 10107d575517Ssdussud * free errorp before going to W_ERROR 10117d575517Ssdussud */ 10127d575517Ssdussud (void) __ns_ldap_freeError(errorp); 10137d575517Ssdussud *errorp = NULL; 10147d575517Ssdussud } 10157d575517Ssdussud /* else, exit */ 10167d575517Ssdussud __s_api_deleteRefInfo(ref_list); 10177d575517Ssdussud ref_list = NULL; 10187c478bd9Sstevel@tonic-gate new_state = W_ERROR; 1019e1dd0a2fSth if (conn_user != NULL) 1020e1dd0a2fSth conn_user->referral = B_FALSE; 10217c478bd9Sstevel@tonic-gate break; 10227c478bd9Sstevel@tonic-gate } 10237c478bd9Sstevel@tonic-gate /* target DN may changed due to referrals */ 10247d575517Ssdussud if (current_ref->refDN) { 10257c478bd9Sstevel@tonic-gate if (target_dn && target_dn_allocated) { 10267c478bd9Sstevel@tonic-gate free(target_dn); 10277c478bd9Sstevel@tonic-gate target_dn = NULL; 10287c478bd9Sstevel@tonic-gate target_dn_allocated = FALSE; 10297c478bd9Sstevel@tonic-gate } 10307d575517Ssdussud target_dn = current_ref->refDN; 10317c478bd9Sstevel@tonic-gate } 10327c478bd9Sstevel@tonic-gate new_state = SELECT_OPERATION_SYNC; 10337c478bd9Sstevel@tonic-gate break; 10347c478bd9Sstevel@tonic-gate case W_LDAP_ERROR: 10357c478bd9Sstevel@tonic-gate /* 10367c478bd9Sstevel@tonic-gate * map error code and error message 10377c478bd9Sstevel@tonic-gate * to password status if necessary. 10387c478bd9Sstevel@tonic-gate * This is to see if password updates 10397c478bd9Sstevel@tonic-gate * failed due to password policy or 10407c478bd9Sstevel@tonic-gate * password syntax checking. 10417c478bd9Sstevel@tonic-gate */ 10427c478bd9Sstevel@tonic-gate if (errmsg) { 10437c478bd9Sstevel@tonic-gate /* 10447c478bd9Sstevel@tonic-gate * check if server supports 10457c478bd9Sstevel@tonic-gate * password management 10467c478bd9Sstevel@tonic-gate */ 10477c478bd9Sstevel@tonic-gate passwd_mgmt = 1048e1dd0a2fSth __s_api_contain_passwd_control_oid( 1049e1dd0a2fSth conp->controls); 10507c478bd9Sstevel@tonic-gate if (passwd_mgmt) 10517c478bd9Sstevel@tonic-gate pwd_status = 1052e1dd0a2fSth __s_api_set_passwd_status( 1053e1dd0a2fSth Errno, errmsg); 105420945219SMichen Chang /* 105520945219SMichen Chang * free only if not returned by ldap_get_lderrno 105620945219SMichen Chang */ 105720945219SMichen Chang if (!from_get_lderrno) 105820945219SMichen Chang ldap_memfree(errmsg); 10597c478bd9Sstevel@tonic-gate errmsg = NULL; 106020945219SMichen Chang from_get_lderrno = B_FALSE; 10617c478bd9Sstevel@tonic-gate } 10627c478bd9Sstevel@tonic-gate 1063dd1104fbSMichen Chang (void) snprintf(errstr, sizeof (errstr), 1064dd1104fbSMichen Chang "%s", ldap_err2string(Errno)); 10657c478bd9Sstevel@tonic-gate err = strdup(errstr); 10667c478bd9Sstevel@tonic-gate if (pwd_status != NS_PASSWD_GOOD) { 10677c478bd9Sstevel@tonic-gate MKERROR_PWD_MGMT(*errorp, Errno, err, 1068e1dd0a2fSth pwd_status, 0, NULL); 10697c478bd9Sstevel@tonic-gate } else { 10707c478bd9Sstevel@tonic-gate MKERROR(LOG_INFO, *errorp, Errno, err, NULL); 10717c478bd9Sstevel@tonic-gate } 1072e1dd0a2fSth if (conn_user != NULL && 1073e1dd0a2fSth (Errno == LDAP_SERVER_DOWN || 1074e1dd0a2fSth Errno == LDAP_CONNECT_ERROR)) { 1075e1dd0a2fSth __s_api_conn_mt_close(conn_user, Errno, errorp); 1076e1dd0a2fSth } 10777c478bd9Sstevel@tonic-gate return_rc = NS_LDAP_INTERNAL; 10787c478bd9Sstevel@tonic-gate new_state = W_EXIT; 10797c478bd9Sstevel@tonic-gate break; 10807c478bd9Sstevel@tonic-gate case W_ERROR: 10817c478bd9Sstevel@tonic-gate default: 10827c478bd9Sstevel@tonic-gate (void) sprintf(errstr, 1083e1dd0a2fSth gettext("Internal write State machine exit" 1084e1dd0a2fSth " (state = %d, rc = %d)."), 1085e1dd0a2fSth err_state, return_rc); 10867c478bd9Sstevel@tonic-gate err = strdup(errstr); 10877c478bd9Sstevel@tonic-gate MKERROR(LOG_WARNING, *errorp, return_rc, err, NULL); 10887c478bd9Sstevel@tonic-gate new_state = W_EXIT; 10897c478bd9Sstevel@tonic-gate break; 10907c478bd9Sstevel@tonic-gate } 10917c478bd9Sstevel@tonic-gate 10927c478bd9Sstevel@tonic-gate if (new_state == W_ERROR) 10937c478bd9Sstevel@tonic-gate err_state = state; 1094e1dd0a2fSth 1095e1dd0a2fSth if (conn_user != NULL && conn_user->bad_mt_conn == B_TRUE) { 1096e1dd0a2fSth __s_api_conn_mt_close(conn_user, 0, NULL); 1097e1dd0a2fSth new_state = W_EXIT; 1098e1dd0a2fSth } 1099e1dd0a2fSth 11007c478bd9Sstevel@tonic-gate state = new_state; 11017c478bd9Sstevel@tonic-gate } 11027c478bd9Sstevel@tonic-gate 11037c478bd9Sstevel@tonic-gate /* 11047c478bd9Sstevel@tonic-gate * should never be here, the next line is to eliminating 11057c478bd9Sstevel@tonic-gate * lint message 11067c478bd9Sstevel@tonic-gate */ 11077c478bd9Sstevel@tonic-gate return (NS_LDAP_INTERNAL); 11087c478bd9Sstevel@tonic-gate } 11097c478bd9Sstevel@tonic-gate 11107c478bd9Sstevel@tonic-gate 11117c478bd9Sstevel@tonic-gate /*ARGSUSED*/ 11127c478bd9Sstevel@tonic-gate int 11137c478bd9Sstevel@tonic-gate __ns_ldap_addAttr( 11147c478bd9Sstevel@tonic-gate const char *service, 11157c478bd9Sstevel@tonic-gate const char *dn, 11167c478bd9Sstevel@tonic-gate const ns_ldap_attr_t * const *attr, 11177c478bd9Sstevel@tonic-gate const ns_cred_t *cred, 11187c478bd9Sstevel@tonic-gate const int flags, 11197c478bd9Sstevel@tonic-gate ns_ldap_error_t ** errorp) 11207c478bd9Sstevel@tonic-gate { 11217c478bd9Sstevel@tonic-gate LDAPMod **mods; 11227c478bd9Sstevel@tonic-gate int rc = 0; 11237c478bd9Sstevel@tonic-gate 11247c478bd9Sstevel@tonic-gate #ifdef DEBUG 11257c478bd9Sstevel@tonic-gate (void) fprintf(stderr, "__ns_ldap_addAttr START\n"); 11267c478bd9Sstevel@tonic-gate #endif 11277c478bd9Sstevel@tonic-gate *errorp = NULL; 11287c478bd9Sstevel@tonic-gate 11297c478bd9Sstevel@tonic-gate /* Sanity check */ 11307c478bd9Sstevel@tonic-gate if ((attr == NULL) || (*attr == NULL) || 11317c478bd9Sstevel@tonic-gate (dn == NULL) || (cred == NULL)) 11327c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 11337c478bd9Sstevel@tonic-gate 11347c478bd9Sstevel@tonic-gate mods = __s_api_makeModList(service, attr, LDAP_MOD_ADD, flags); 11357c478bd9Sstevel@tonic-gate if (mods == NULL) { 11367c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 11377c478bd9Sstevel@tonic-gate } 11387c478bd9Sstevel@tonic-gate 11397c478bd9Sstevel@tonic-gate rc = write_state_machine(LDAP_REQ_MODIFY, 11407c478bd9Sstevel@tonic-gate (char *)dn, mods, cred, flags, errorp); 11417c478bd9Sstevel@tonic-gate freeModList(mods); 11427c478bd9Sstevel@tonic-gate 11437c478bd9Sstevel@tonic-gate return (rc); 11447c478bd9Sstevel@tonic-gate } 11457c478bd9Sstevel@tonic-gate 11467c478bd9Sstevel@tonic-gate 11477c478bd9Sstevel@tonic-gate /*ARGSUSED*/ 11487c478bd9Sstevel@tonic-gate int 11497c478bd9Sstevel@tonic-gate __ns_ldap_delAttr( 11507c478bd9Sstevel@tonic-gate const char *service, 11517c478bd9Sstevel@tonic-gate const char *dn, 11527c478bd9Sstevel@tonic-gate const ns_ldap_attr_t * const *attr, 11537c478bd9Sstevel@tonic-gate const ns_cred_t *cred, 11547c478bd9Sstevel@tonic-gate const int flags, 11557c478bd9Sstevel@tonic-gate ns_ldap_error_t ** errorp) 11567c478bd9Sstevel@tonic-gate { 11577c478bd9Sstevel@tonic-gate LDAPMod **mods; 11587c478bd9Sstevel@tonic-gate int rc = 0; 11597c478bd9Sstevel@tonic-gate 11607c478bd9Sstevel@tonic-gate #ifdef DEBUG 11617c478bd9Sstevel@tonic-gate (void) fprintf(stderr, "__ns_ldap_delAttr START\n"); 11627c478bd9Sstevel@tonic-gate #endif 11637c478bd9Sstevel@tonic-gate *errorp = NULL; 11647c478bd9Sstevel@tonic-gate 11657c478bd9Sstevel@tonic-gate /* Sanity check */ 11667c478bd9Sstevel@tonic-gate if ((attr == NULL) || (*attr == NULL) || 11677c478bd9Sstevel@tonic-gate (dn == NULL) || (cred == NULL)) 11687c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 11697c478bd9Sstevel@tonic-gate 11707c478bd9Sstevel@tonic-gate mods = __s_api_makeModList(service, attr, LDAP_MOD_DELETE, flags); 11717c478bd9Sstevel@tonic-gate if (mods == NULL) { 11727c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 11737c478bd9Sstevel@tonic-gate } 11747c478bd9Sstevel@tonic-gate 11757c478bd9Sstevel@tonic-gate rc = write_state_machine(LDAP_REQ_MODIFY, 11767c478bd9Sstevel@tonic-gate (char *)dn, mods, cred, flags, errorp); 11777c478bd9Sstevel@tonic-gate 11787c478bd9Sstevel@tonic-gate freeModList(mods); 11797c478bd9Sstevel@tonic-gate return (rc); 11807c478bd9Sstevel@tonic-gate } 11817c478bd9Sstevel@tonic-gate 1182dd1104fbSMichen Chang /* Retrieve the admin bind password from the configuration, if allowed. */ 1183dd1104fbSMichen Chang static int 1184dd1104fbSMichen Chang get_admin_passwd(ns_cred_t *cred, ns_ldap_error_t **errorp) 1185dd1104fbSMichen Chang { 1186dd1104fbSMichen Chang void **paramVal = NULL; 1187dd1104fbSMichen Chang int rc, ldaprc; 1188dd1104fbSMichen Chang char *modparamVal = NULL; 1189dd1104fbSMichen Chang 1190dd1104fbSMichen Chang /* 1191dd1104fbSMichen Chang * For GSSAPI/Kerberos, host credential is used, no need to get 1192dd1104fbSMichen Chang * admin bind password 1193dd1104fbSMichen Chang */ 1194dd1104fbSMichen Chang if (cred->auth.saslmech == NS_LDAP_SASL_GSSAPI) 1195dd1104fbSMichen Chang return (NS_LDAP_SUCCESS); 1196dd1104fbSMichen Chang 1197dd1104fbSMichen Chang /* 1198dd1104fbSMichen Chang * Retrieve admin bind password. 1199dd1104fbSMichen Chang * The admin bind password is available 1200dd1104fbSMichen Chang * only in the ldap_cachemgr process as 1201dd1104fbSMichen Chang * they are not exposed outside of that 1202dd1104fbSMichen Chang * process. 1203dd1104fbSMichen Chang */ 1204dd1104fbSMichen Chang paramVal = NULL; 1205dd1104fbSMichen Chang if ((ldaprc = __ns_ldap_getParam(NS_LDAP_ADMIN_BINDPASSWD_P, 1206dd1104fbSMichen Chang ¶mVal, errorp)) != NS_LDAP_SUCCESS) 1207dd1104fbSMichen Chang return (ldaprc); 1208dd1104fbSMichen Chang if (paramVal == NULL || *paramVal == NULL) { 1209dd1104fbSMichen Chang rc = NS_LDAP_CONFIG; 1210dd1104fbSMichen Chang *errorp = __s_api_make_error(NS_CONFIG_NODEFAULT, 1211dd1104fbSMichen Chang gettext("Admin bind password not configured")); 1212dd1104fbSMichen Chang if (*errorp == NULL) 1213dd1104fbSMichen Chang rc = NS_LDAP_MEMORY; 1214dd1104fbSMichen Chang return (rc); 1215dd1104fbSMichen Chang } 1216dd1104fbSMichen Chang modparamVal = dvalue((char *)*paramVal); 1217dd1104fbSMichen Chang (void) memset(*paramVal, 0, strlen((char *)*paramVal)); 1218dd1104fbSMichen Chang (void) __ns_ldap_freeParam(¶mVal); 1219dd1104fbSMichen Chang if (modparamVal == NULL || *((char *)modparamVal) == '\0') { 1220dd1104fbSMichen Chang if (modparamVal != NULL) 1221dd1104fbSMichen Chang free(modparamVal); 1222dd1104fbSMichen Chang rc = NS_LDAP_CONFIG; 1223dd1104fbSMichen Chang *errorp = __s_api_make_error(NS_CONFIG_SYNTAX, 1224dd1104fbSMichen Chang gettext("bind password not valid")); 1225dd1104fbSMichen Chang if (*errorp == NULL) 1226dd1104fbSMichen Chang rc = NS_LDAP_MEMORY; 1227dd1104fbSMichen Chang return (rc); 1228dd1104fbSMichen Chang } 1229dd1104fbSMichen Chang 1230dd1104fbSMichen Chang cred->cred.unix_cred.passwd = modparamVal; 1231dd1104fbSMichen Chang return (NS_LDAP_SUCCESS); 1232dd1104fbSMichen Chang } 1233dd1104fbSMichen Chang 1234dd1104fbSMichen Chang boolean_t 1235*225376fbSJulian Pullen __ns_ldap_is_shadow_update_enabled(void) 1236*225376fbSJulian Pullen { 1237*225376fbSJulian Pullen int **enable_shadow = NULL; 1238*225376fbSJulian Pullen ns_ldap_error_t *errorp = NULL; 1239dd1104fbSMichen Chang 1240dd1104fbSMichen Chang if (__ns_ldap_getParam(NS_LDAP_ENABLE_SHADOW_UPDATE_P, 1241*225376fbSJulian Pullen (void ***)&enable_shadow, &errorp) != NS_LDAP_SUCCESS) { 1242*225376fbSJulian Pullen if (errorp) 1243*225376fbSJulian Pullen (void) __ns_ldap_freeError(&errorp); 1244dd1104fbSMichen Chang return (B_FALSE); 1245dd1104fbSMichen Chang } 1246dd1104fbSMichen Chang if ((enable_shadow != NULL && *enable_shadow != NULL) && 1247dd1104fbSMichen Chang (*enable_shadow[0] == NS_LDAP_ENABLE_SHADOW_UPDATE_TRUE)) { 1248dd1104fbSMichen Chang (void) __ns_ldap_freeParam((void ***)&enable_shadow); 1249dd1104fbSMichen Chang return (B_TRUE); 1250dd1104fbSMichen Chang } 1251dd1104fbSMichen Chang if (enable_shadow != NULL) 1252dd1104fbSMichen Chang (void) __ns_ldap_freeParam((void ***)&enable_shadow); 1253dd1104fbSMichen Chang return (B_FALSE); 1254dd1104fbSMichen Chang } 1255dd1104fbSMichen Chang 1256dd1104fbSMichen Chang /* 1257dd1104fbSMichen Chang * __ns_ldap_repAttr modifies ldap attributes of the 'dn' entry stored 1258dd1104fbSMichen Chang * on the LDAP server. 'service' indicates the type of database entries 1259dd1104fbSMichen Chang * to modify. When the Native LDAP client is configured with 'shadow update 1260dd1104fbSMichen Chang * enabled', Shadowshadow(4) entries can only be modified by privileged users. 1261dd1104fbSMichen Chang * Such users use the NS_LDAP_UPDATE_SHADOW flag to indicate the call is 1262dd1104fbSMichen Chang * for such a shadow(4) update, which would be forwarded to ldap_cachemgr 1263dd1104fbSMichen Chang * for performing the LDAP modify operation. ldap_cachemgr would call 1264dd1104fbSMichen Chang * this function again and use the special service NS_ADMIN_SHADOW_UPDATE 1265dd1104fbSMichen Chang * to identify itself, so that admin credential would be obtained and 1266dd1104fbSMichen Chang * the actual LDAP modify operation be done. 1267dd1104fbSMichen Chang */ 12687c478bd9Sstevel@tonic-gate /*ARGSUSED*/ 12697c478bd9Sstevel@tonic-gate int 12707c478bd9Sstevel@tonic-gate __ns_ldap_repAttr( 12717c478bd9Sstevel@tonic-gate const char *service, 12727c478bd9Sstevel@tonic-gate const char *dn, 12737c478bd9Sstevel@tonic-gate const ns_ldap_attr_t * const *attr, 12747c478bd9Sstevel@tonic-gate const ns_cred_t *cred, 12757c478bd9Sstevel@tonic-gate const int flags, 12767c478bd9Sstevel@tonic-gate ns_ldap_error_t ** errorp) 12777c478bd9Sstevel@tonic-gate { 12787c478bd9Sstevel@tonic-gate LDAPMod **mods; 12797c478bd9Sstevel@tonic-gate int rc = 0; 1280dd1104fbSMichen Chang boolean_t priv; 1281dd1104fbSMichen Chang boolean_t shadow_update_enabled = B_FALSE; 12827c478bd9Sstevel@tonic-gate 12837c478bd9Sstevel@tonic-gate #ifdef DEBUG 12847c478bd9Sstevel@tonic-gate (void) fprintf(stderr, "__ns_ldap_repAttr START\n"); 12857c478bd9Sstevel@tonic-gate #endif 12867c478bd9Sstevel@tonic-gate *errorp = NULL; 12877c478bd9Sstevel@tonic-gate 12887c478bd9Sstevel@tonic-gate /* Sanity check */ 1289dd1104fbSMichen Chang if (attr == NULL || *attr == NULL || dn == NULL) 1290dd1104fbSMichen Chang return (NS_LDAP_INVALID_PARAM); 1291dd1104fbSMichen Chang 1292dd1104fbSMichen Chang /* Privileged shadow modify? */ 1293dd1104fbSMichen Chang if ((flags & NS_LDAP_UPDATE_SHADOW) != 0 && 1294dd1104fbSMichen Chang strcmp(service, "shadow") == 0) { 1295dd1104fbSMichen Chang 1296dd1104fbSMichen Chang /* Shadow update enabled ? If not, error out */ 1297dd1104fbSMichen Chang shadow_update_enabled = __ns_ldap_is_shadow_update_enabled(); 1298dd1104fbSMichen Chang if (!shadow_update_enabled) { 1299dd1104fbSMichen Chang *errorp = __s_api_make_error(NS_CONFIG_NOTALLOW, 1300dd1104fbSMichen Chang gettext("Shadow Update is not enabled")); 1301dd1104fbSMichen Chang return (NS_LDAP_CONFIG); 1302dd1104fbSMichen Chang } 1303dd1104fbSMichen Chang 1304dd1104fbSMichen Chang /* privileged shadow modify requires euid 0 or all zone privs */ 1305dd1104fbSMichen Chang priv = (geteuid() == 0); 1306dd1104fbSMichen Chang if (!priv) { 1307dd1104fbSMichen Chang priv_set_t *ps = priv_allocset(); /* caller */ 1308dd1104fbSMichen Chang priv_set_t *zs; /* zone */ 1309dd1104fbSMichen Chang 1310dd1104fbSMichen Chang (void) getppriv(PRIV_EFFECTIVE, ps); 1311dd1104fbSMichen Chang zs = priv_str_to_set("zone", ",", NULL); 1312dd1104fbSMichen Chang priv = priv_isequalset(ps, zs); 1313dd1104fbSMichen Chang priv_freeset(ps); 1314dd1104fbSMichen Chang priv_freeset(zs); 1315dd1104fbSMichen Chang } 1316dd1104fbSMichen Chang if (!priv) 1317dd1104fbSMichen Chang return (NS_LDAP_OP_FAILED); 1318dd1104fbSMichen Chang 1319dd1104fbSMichen Chang rc = send_to_cachemgr(dn, (ns_ldap_attr_t **)attr, errorp); 1320dd1104fbSMichen Chang return (rc); 1321dd1104fbSMichen Chang } 1322dd1104fbSMichen Chang 1323dd1104fbSMichen Chang if (cred == NULL) 13247c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 1325dd1104fbSMichen Chang 1326dd1104fbSMichen Chang /* 1327dd1104fbSMichen Chang * If service is NS_ADMIN_SHADOW_UPDATE, the caller should be 1328dd1104fbSMichen Chang * ldap_cachemgr. We need to get the admin cred to do work. 1329dd1104fbSMichen Chang * If the caller is not ldap_cachemgr, but use the service 1330dd1104fbSMichen Chang * NS_ADMIN_SHADOW_UPDATE, get_admin_passwd() will fail, 1331dd1104fbSMichen Chang * as the admin cred is not available to the caller. 1332dd1104fbSMichen Chang */ 1333dd1104fbSMichen Chang if (strcmp(service, NS_ADMIN_SHADOW_UPDATE) == 0) { 1334dd1104fbSMichen Chang if ((rc = get_admin_passwd((ns_cred_t *)cred, errorp)) != 1335dd1104fbSMichen Chang NS_LDAP_SUCCESS) 1336dd1104fbSMichen Chang return (rc); 1337dd1104fbSMichen Chang } 1338dd1104fbSMichen Chang 13397c478bd9Sstevel@tonic-gate mods = __s_api_makeModList(service, attr, LDAP_MOD_REPLACE, flags); 1340dd1104fbSMichen Chang if (mods == NULL) 13417c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 13427c478bd9Sstevel@tonic-gate 13437c478bd9Sstevel@tonic-gate rc = write_state_machine(LDAP_REQ_MODIFY, 13447c478bd9Sstevel@tonic-gate (char *)dn, mods, cred, flags, errorp); 13457c478bd9Sstevel@tonic-gate 13467c478bd9Sstevel@tonic-gate freeModList(mods); 13477c478bd9Sstevel@tonic-gate return (rc); 13487c478bd9Sstevel@tonic-gate } 13497c478bd9Sstevel@tonic-gate 13507c478bd9Sstevel@tonic-gate /*ARGSUSED*/ 13517c478bd9Sstevel@tonic-gate int 13527c478bd9Sstevel@tonic-gate __ns_ldap_addEntry( 13537c478bd9Sstevel@tonic-gate const char *service, 13547c478bd9Sstevel@tonic-gate const char *dn, 13557c478bd9Sstevel@tonic-gate const ns_ldap_entry_t *entry, 13567c478bd9Sstevel@tonic-gate const ns_cred_t *cred, 13577c478bd9Sstevel@tonic-gate const int flags, 13587c478bd9Sstevel@tonic-gate ns_ldap_error_t ** errorp) 13597c478bd9Sstevel@tonic-gate { 13607c478bd9Sstevel@tonic-gate char *new_dn = NULL; 13617c478bd9Sstevel@tonic-gate LDAPMod **mods = NULL; 13627c478bd9Sstevel@tonic-gate const ns_ldap_attr_t * const *attr; 13637c478bd9Sstevel@tonic-gate int nAttr = 0; 13647c478bd9Sstevel@tonic-gate int rc = 0; 13657c478bd9Sstevel@tonic-gate 13667c478bd9Sstevel@tonic-gate #ifdef DEBUG 13677c478bd9Sstevel@tonic-gate (void) fprintf(stderr, "__ns_ldap_addEntry START\n"); 13687c478bd9Sstevel@tonic-gate #endif 13697c478bd9Sstevel@tonic-gate 13707c478bd9Sstevel@tonic-gate if ((entry == NULL) || (dn == NULL) || (cred == NULL)) 13717c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 13727c478bd9Sstevel@tonic-gate *errorp = NULL; 13737c478bd9Sstevel@tonic-gate 13747c478bd9Sstevel@tonic-gate /* Construct array of LDAPMod representing attributes of new entry. */ 13757c478bd9Sstevel@tonic-gate 13767c478bd9Sstevel@tonic-gate nAttr = entry->attr_count; 13777c478bd9Sstevel@tonic-gate attr = (const ns_ldap_attr_t * const *)(entry->attr_pair); 13787c478bd9Sstevel@tonic-gate mods = __s_api_makeModListCount(service, attr, LDAP_MOD_ADD, 13797c478bd9Sstevel@tonic-gate nAttr, flags); 13807c478bd9Sstevel@tonic-gate if (mods == NULL) { 13817c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 13827c478bd9Sstevel@tonic-gate } 13837c478bd9Sstevel@tonic-gate 13847c478bd9Sstevel@tonic-gate rc = replace_mapped_attr_in_dn(service, dn, &new_dn); 13857c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 13867c478bd9Sstevel@tonic-gate freeModList(mods); 13877c478bd9Sstevel@tonic-gate return (rc); 13887c478bd9Sstevel@tonic-gate } 13897c478bd9Sstevel@tonic-gate 13907c478bd9Sstevel@tonic-gate rc = write_state_machine(LDAP_REQ_ADD, 13917c478bd9Sstevel@tonic-gate new_dn ? new_dn : (char *)dn, mods, cred, flags, errorp); 13927c478bd9Sstevel@tonic-gate 13937c478bd9Sstevel@tonic-gate if (new_dn) 13947c478bd9Sstevel@tonic-gate free(new_dn); 13957c478bd9Sstevel@tonic-gate freeModList(mods); 13967c478bd9Sstevel@tonic-gate return (rc); 13977c478bd9Sstevel@tonic-gate } 13987c478bd9Sstevel@tonic-gate 13997c478bd9Sstevel@tonic-gate 14007c478bd9Sstevel@tonic-gate /*ARGSUSED*/ 14017c478bd9Sstevel@tonic-gate int 14027c478bd9Sstevel@tonic-gate __ns_ldap_delEntry( 14037c478bd9Sstevel@tonic-gate const char *service, 14047c478bd9Sstevel@tonic-gate const char *dn, 14057c478bd9Sstevel@tonic-gate const ns_cred_t *cred, 14067c478bd9Sstevel@tonic-gate const int flags, 14077c478bd9Sstevel@tonic-gate ns_ldap_error_t ** errorp) 14087c478bd9Sstevel@tonic-gate { 14097c478bd9Sstevel@tonic-gate int rc; 14107c478bd9Sstevel@tonic-gate 14117c478bd9Sstevel@tonic-gate #ifdef DEBUG 14127c478bd9Sstevel@tonic-gate (void) fprintf(stderr, "__ns_ldap_delEntry START\n"); 14137c478bd9Sstevel@tonic-gate #endif 14147c478bd9Sstevel@tonic-gate if ((dn == NULL) || (cred == NULL)) 14157c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 14167c478bd9Sstevel@tonic-gate 14177c478bd9Sstevel@tonic-gate *errorp = NULL; 14187c478bd9Sstevel@tonic-gate 14197c478bd9Sstevel@tonic-gate rc = write_state_machine(LDAP_REQ_DELETE, 14207c478bd9Sstevel@tonic-gate (char *)dn, NULL, cred, flags, errorp); 14217c478bd9Sstevel@tonic-gate 14227c478bd9Sstevel@tonic-gate return (rc); 14237c478bd9Sstevel@tonic-gate } 14247c478bd9Sstevel@tonic-gate 14257c478bd9Sstevel@tonic-gate /* 14267c478bd9Sstevel@tonic-gate * Add Typed Entry Helper routines 14277c478bd9Sstevel@tonic-gate */ 14287c478bd9Sstevel@tonic-gate 14297c478bd9Sstevel@tonic-gate /* 14307c478bd9Sstevel@tonic-gate * Add Typed Entry Conversion routines 14317c478bd9Sstevel@tonic-gate */ 14327c478bd9Sstevel@tonic-gate 14337c478bd9Sstevel@tonic-gate static int 14347c478bd9Sstevel@tonic-gate __s_add_attr(ns_ldap_entry_t *e, char *attrname, char *value) 14357c478bd9Sstevel@tonic-gate { 14367c478bd9Sstevel@tonic-gate ns_ldap_attr_t *a; 14377c478bd9Sstevel@tonic-gate char *v; 14387c478bd9Sstevel@tonic-gate 14397c478bd9Sstevel@tonic-gate a = (ns_ldap_attr_t *)calloc(1, sizeof (ns_ldap_attr_t)); 14407c478bd9Sstevel@tonic-gate if (a == NULL) 14417c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 14427c478bd9Sstevel@tonic-gate a->attrname = strdup(attrname); 14437c478bd9Sstevel@tonic-gate if (a->attrname == NULL) 14447c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 14457c478bd9Sstevel@tonic-gate a->attrvalue = (char **)calloc(1, sizeof (char **)); 14467c478bd9Sstevel@tonic-gate if (a->attrvalue == NULL) 14477c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 14487c478bd9Sstevel@tonic-gate a->value_count = 1; 14497c478bd9Sstevel@tonic-gate a->attrvalue[0] = NULL; 14507c478bd9Sstevel@tonic-gate v = strdup(value); 14517c478bd9Sstevel@tonic-gate if (v == NULL) 14527c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 14537c478bd9Sstevel@tonic-gate a->attrvalue[0] = v; 14547c478bd9Sstevel@tonic-gate e->attr_pair[e->attr_count] = a; 14557c478bd9Sstevel@tonic-gate e->attr_count++; 14567c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 14577c478bd9Sstevel@tonic-gate } 14587c478bd9Sstevel@tonic-gate 14597c478bd9Sstevel@tonic-gate static int 14607c478bd9Sstevel@tonic-gate __s_add_attrlist(ns_ldap_entry_t *e, char *attrname, char **argv) 14617c478bd9Sstevel@tonic-gate { 14627c478bd9Sstevel@tonic-gate ns_ldap_attr_t *a; 14637c478bd9Sstevel@tonic-gate char *v; 14647c478bd9Sstevel@tonic-gate char **av; 14657c478bd9Sstevel@tonic-gate int i, j; 14667c478bd9Sstevel@tonic-gate 14677c478bd9Sstevel@tonic-gate a = (ns_ldap_attr_t *)calloc(1, sizeof (ns_ldap_attr_t)); 14687c478bd9Sstevel@tonic-gate if (a == NULL) 14697c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 14707c478bd9Sstevel@tonic-gate a->attrname = strdup(attrname); 14717c478bd9Sstevel@tonic-gate if (a->attrname == NULL) 14727c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 14737c478bd9Sstevel@tonic-gate 14747c478bd9Sstevel@tonic-gate for (i = 0, av = argv; *av != NULL; av++, i++) 14757c478bd9Sstevel@tonic-gate ; 14767c478bd9Sstevel@tonic-gate 14777c478bd9Sstevel@tonic-gate a->attrvalue = (char **)calloc(i, sizeof (char *)); 14787c478bd9Sstevel@tonic-gate 14797c478bd9Sstevel@tonic-gate if (a->attrvalue == NULL) 14807c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 14817c478bd9Sstevel@tonic-gate 14827c478bd9Sstevel@tonic-gate a->value_count = i; 14837c478bd9Sstevel@tonic-gate for (j = 0; j < i; j++) { 14847c478bd9Sstevel@tonic-gate v = strdup(argv[j]); 14857c478bd9Sstevel@tonic-gate if (v == NULL) 14867c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 14877c478bd9Sstevel@tonic-gate a->attrvalue[j] = v; 14887c478bd9Sstevel@tonic-gate } 14897c478bd9Sstevel@tonic-gate e->attr_pair[e->attr_count] = a; 14907c478bd9Sstevel@tonic-gate e->attr_count++; 14917c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 14927c478bd9Sstevel@tonic-gate } 14937c478bd9Sstevel@tonic-gate 14947c478bd9Sstevel@tonic-gate static ns_ldap_entry_t * 14957c478bd9Sstevel@tonic-gate __s_mk_entry(char **objclass, int max_attr) 14967c478bd9Sstevel@tonic-gate { 14977c478bd9Sstevel@tonic-gate ns_ldap_entry_t *e; 14987c478bd9Sstevel@tonic-gate e = (ns_ldap_entry_t *)calloc(1, sizeof (ns_ldap_entry_t)); 14997c478bd9Sstevel@tonic-gate if (e == NULL) 15007c478bd9Sstevel@tonic-gate return (NULL); 15017c478bd9Sstevel@tonic-gate /* allocate attributes, +1 for objectclass, +1 for NULL terminator */ 15027c478bd9Sstevel@tonic-gate e->attr_pair = (ns_ldap_attr_t **) 15037c478bd9Sstevel@tonic-gate calloc(max_attr + 2, sizeof (ns_ldap_attr_t *)); 15047c478bd9Sstevel@tonic-gate if (e->attr_pair == NULL) { 15057c478bd9Sstevel@tonic-gate free(e); 15067c478bd9Sstevel@tonic-gate return (NULL); 15077c478bd9Sstevel@tonic-gate } 15087c478bd9Sstevel@tonic-gate e->attr_count = 0; 15097c478bd9Sstevel@tonic-gate if (__s_add_attrlist(e, "objectClass", objclass) != NS_LDAP_SUCCESS) { 15107c478bd9Sstevel@tonic-gate free(e->attr_pair); 15117c478bd9Sstevel@tonic-gate free(e); 15127c478bd9Sstevel@tonic-gate return (NULL); 15137c478bd9Sstevel@tonic-gate } 15147c478bd9Sstevel@tonic-gate return (e); 15157c478bd9Sstevel@tonic-gate } 15167c478bd9Sstevel@tonic-gate 15177c478bd9Sstevel@tonic-gate 15187c478bd9Sstevel@tonic-gate /* 15197c478bd9Sstevel@tonic-gate * Conversion: passwd 15207c478bd9Sstevel@tonic-gate * Input format: struct passwd 15217c478bd9Sstevel@tonic-gate * Exported objectclass: posixAccount 15227c478bd9Sstevel@tonic-gate */ 15237c478bd9Sstevel@tonic-gate static int 15247c478bd9Sstevel@tonic-gate __s_cvt_passwd(const void *data, char **rdn, 15257c478bd9Sstevel@tonic-gate ns_ldap_entry_t **entry, ns_ldap_error_t **errorp) 15267c478bd9Sstevel@tonic-gate { 15277c478bd9Sstevel@tonic-gate ns_ldap_entry_t *e; 15287c478bd9Sstevel@tonic-gate int rc; 15297c478bd9Sstevel@tonic-gate char trdn[RDNSIZE]; 15307c478bd9Sstevel@tonic-gate /* routine specific */ 15317c478bd9Sstevel@tonic-gate struct passwd *ptr; 15327c478bd9Sstevel@tonic-gate int max_attr = 9; 15337c478bd9Sstevel@tonic-gate char ibuf[10]; 15347c478bd9Sstevel@tonic-gate static char *oclist[] = { 15357c478bd9Sstevel@tonic-gate "posixAccount", 15367c478bd9Sstevel@tonic-gate "shadowAccount", 15377c478bd9Sstevel@tonic-gate "account", 15387c478bd9Sstevel@tonic-gate "top", 15397c478bd9Sstevel@tonic-gate NULL 15407c478bd9Sstevel@tonic-gate }; 15417c478bd9Sstevel@tonic-gate 15427c478bd9Sstevel@tonic-gate if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL) 15437c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED); 15447c478bd9Sstevel@tonic-gate *entry = e = __s_mk_entry(oclist, max_attr); 15457c478bd9Sstevel@tonic-gate if (e == NULL) 15467c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 15477c478bd9Sstevel@tonic-gate 15487c478bd9Sstevel@tonic-gate /* Convert the structure */ 15497c478bd9Sstevel@tonic-gate ptr = (struct passwd *)data; 15507c478bd9Sstevel@tonic-gate 1551f48205beScasper if (ptr->pw_name == NULL || ptr->pw_uid > MAXUID || 1552f48205beScasper ptr->pw_gid > MAXUID || ptr->pw_dir == NULL) { 15537c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 15547c478bd9Sstevel@tonic-gate *entry = NULL; 15557c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 15567c478bd9Sstevel@tonic-gate } 15577c478bd9Sstevel@tonic-gate 15587c478bd9Sstevel@tonic-gate /* Create an appropriate rdn */ 15597c478bd9Sstevel@tonic-gate (void) snprintf(trdn, RDNSIZE, "uid=%s", ptr->pw_name); 15607c478bd9Sstevel@tonic-gate *rdn = strdup(trdn); 15617c478bd9Sstevel@tonic-gate if (*rdn == NULL) { 15627c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 15637c478bd9Sstevel@tonic-gate *entry = NULL; 15647c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 15657c478bd9Sstevel@tonic-gate } 15667c478bd9Sstevel@tonic-gate 15677c478bd9Sstevel@tonic-gate /* Error check the data and add the attributes */ 15687c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "uid", ptr->pw_name); 15697c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 15707c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 15717c478bd9Sstevel@tonic-gate return (rc); 15727c478bd9Sstevel@tonic-gate } 15737c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "cn", ptr->pw_name); 15747c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 15757c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 15767c478bd9Sstevel@tonic-gate return (rc); 15777c478bd9Sstevel@tonic-gate } 15787c478bd9Sstevel@tonic-gate 15797c478bd9Sstevel@tonic-gate if (ptr->pw_passwd != NULL && 1580e1dd0a2fSth ptr->pw_passwd[0] != '\0') { 15817c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "userPassword", ptr->pw_passwd); 15827c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 15837c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 15847c478bd9Sstevel@tonic-gate return (rc); 15857c478bd9Sstevel@tonic-gate } 15867c478bd9Sstevel@tonic-gate } 15877c478bd9Sstevel@tonic-gate 1588f48205beScasper (void) sprintf(ibuf, "%u", ptr->pw_uid); 15897c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "uidNumber", ibuf); 15907c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 15917c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 15927c478bd9Sstevel@tonic-gate return (rc); 15937c478bd9Sstevel@tonic-gate } 15947c478bd9Sstevel@tonic-gate 1595f48205beScasper (void) sprintf(ibuf, "%u", ptr->pw_gid); 15967c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "gidNumber", ibuf); 15977c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 15987c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 15997c478bd9Sstevel@tonic-gate return (rc); 16007c478bd9Sstevel@tonic-gate } 16017c478bd9Sstevel@tonic-gate if (ptr->pw_gecos != NULL && 1602e1dd0a2fSth ptr->pw_gecos[0] != '\0') { 16037c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "gecos", ptr->pw_gecos); 16047c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 16057c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 16067c478bd9Sstevel@tonic-gate return (rc); 16077c478bd9Sstevel@tonic-gate } 16087c478bd9Sstevel@tonic-gate } 16097c478bd9Sstevel@tonic-gate 16107c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "homeDirectory", ptr->pw_dir); 16117c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 16127c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 16137c478bd9Sstevel@tonic-gate return (rc); 16147c478bd9Sstevel@tonic-gate } 16157c478bd9Sstevel@tonic-gate if (ptr->pw_shell != NULL && 1616e1dd0a2fSth ptr->pw_shell[0] != '\0') { 16177c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "loginShell", ptr->pw_shell); 16187c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 16197c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 16207c478bd9Sstevel@tonic-gate return (rc); 16217c478bd9Sstevel@tonic-gate } 16227c478bd9Sstevel@tonic-gate } 16237c478bd9Sstevel@tonic-gate 16247c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 16257c478bd9Sstevel@tonic-gate } 16267c478bd9Sstevel@tonic-gate 162750b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India /* 162850b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India * escape_str function escapes special characters in str and 162950b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India * copies to escstr string. 163050b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India * 163150b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India * return 0 for successful 163250b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India * 1 for fail 163350b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India */ 163450b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India static int escape_str(char *escstr, char *str) 163550b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India { 163650b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India int index = 0; 163750b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India 163850b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India while ((*str != '\0') && (index < (RDNSIZE - 1))) { 163950b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India if (*str == '+' || *str == ';' || *str == '>' || 164050b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India *str == '<' || *str == ',' || *str == '"' || 164150b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India *str == '\\' || *str == '=' || 164250b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India (*str == '#' && index == 0)) { 164350b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India *escstr++ = '\\'; 164450b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India *escstr++ = *str++; 164550b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India index += 2; 164650b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India } else { 164750b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India *escstr++ = *str++; 164850b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India index++; 164950b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India } 165050b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India } 165150b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India 165250b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India if (*str == '\0') { 165350b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India *escstr = '\0'; 165450b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India return (0); 165550b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India } else { 165650b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India return (1); 165750b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India } 165850b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India } 165950b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India 1660e1dd0a2fSth /* 1661e1dd0a2fSth * Conversion: project 1662e1dd0a2fSth * Input format: struct project 1663e1dd0a2fSth * Exported objectclass: SolarisProject 1664e1dd0a2fSth */ 1665e1dd0a2fSth static int 1666e1dd0a2fSth __s_cvt_project(const void *data, char **rdn, 1667e1dd0a2fSth ns_ldap_entry_t **entry, ns_ldap_error_t **errorp) 1668e1dd0a2fSth { 1669e1dd0a2fSth ns_ldap_entry_t *e; 1670e1dd0a2fSth int rc; 1671e1dd0a2fSth char trdn[RDNSIZE]; 1672e1dd0a2fSth 1673e1dd0a2fSth /* routine specific */ 1674e1dd0a2fSth struct project *ptr; 1675e1dd0a2fSth int max_attr = 9; 1676e1dd0a2fSth char ibuf[11]; 1677e1dd0a2fSth static char *oclist[] = { 1678e1dd0a2fSth "SolarisProject", 1679e1dd0a2fSth "top", 1680e1dd0a2fSth NULL 1681e1dd0a2fSth }; 1682e1dd0a2fSth 1683e1dd0a2fSth if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL) 1684e1dd0a2fSth return (NS_LDAP_OP_FAILED); 1685e1dd0a2fSth 1686e1dd0a2fSth *entry = e = __s_mk_entry(oclist, max_attr); 1687e1dd0a2fSth if (e == NULL) 1688e1dd0a2fSth return (NS_LDAP_MEMORY); 1689e1dd0a2fSth 1690e1dd0a2fSth /* Convert the structure */ 1691e1dd0a2fSth ptr = (struct project *)data; 1692e1dd0a2fSth 1693e1dd0a2fSth if (ptr->pj_name == NULL || ptr->pj_projid > MAXUID) { 1694e1dd0a2fSth __ns_ldap_freeEntry(e); 1695e1dd0a2fSth *entry = NULL; 1696e1dd0a2fSth return (NS_LDAP_INVALID_PARAM); 1697e1dd0a2fSth } 1698e1dd0a2fSth 1699e1dd0a2fSth /* Create an appropriate rdn */ 1700e1dd0a2fSth (void) snprintf(trdn, RDNSIZE, "SolarisProjectName=%s", ptr->pj_name); 1701e1dd0a2fSth *rdn = strdup(trdn); 1702e1dd0a2fSth if (*rdn == NULL) { 1703e1dd0a2fSth __ns_ldap_freeEntry(e); 1704e1dd0a2fSth *entry = NULL; 1705e1dd0a2fSth return (NS_LDAP_MEMORY); 1706e1dd0a2fSth } 1707e1dd0a2fSth 1708e1dd0a2fSth /* Error check the data and add the attributes */ 1709e1dd0a2fSth 1710e1dd0a2fSth /* Project name */ 1711e1dd0a2fSth rc = __s_add_attr(e, "SolarisProjectName", ptr->pj_name); 1712e1dd0a2fSth if (rc != NS_LDAP_SUCCESS) { 1713e1dd0a2fSth __s_cvt_freeEntryRdn(entry, rdn); 1714e1dd0a2fSth return (rc); 1715e1dd0a2fSth } 1716e1dd0a2fSth 1717e1dd0a2fSth /* 1718e1dd0a2fSth * Project ID: 1719e1dd0a2fSth * ibuf is 11 chars big, which should be enough for string 1720e1dd0a2fSth * representation of 32bit number + nul-car 1721e1dd0a2fSth */ 1722e1dd0a2fSth if (snprintf(ibuf, sizeof (ibuf), "%u", ptr->pj_projid) < 0) { 1723e1dd0a2fSth __s_cvt_freeEntryRdn(entry, rdn); 1724e1dd0a2fSth return (NS_LDAP_INVALID_PARAM); 1725e1dd0a2fSth } 1726e1dd0a2fSth rc = __s_add_attr(e, "SolarisProjectID", ibuf); 1727e1dd0a2fSth if (rc != NS_LDAP_SUCCESS) { 1728e1dd0a2fSth __s_cvt_freeEntryRdn(entry, rdn); 1729e1dd0a2fSth return (rc); 1730e1dd0a2fSth } 1731e1dd0a2fSth 1732e1dd0a2fSth /* Comment/Description */ 1733e1dd0a2fSth if (ptr->pj_comment != NULL && ptr->pj_comment[0] != '\0') { 1734e1dd0a2fSth rc = __s_add_attr(e, "description", ptr->pj_comment); 1735e1dd0a2fSth if (rc != NS_LDAP_SUCCESS) { 1736e1dd0a2fSth __s_cvt_freeEntryRdn(entry, rdn); 1737e1dd0a2fSth return (rc); 1738e1dd0a2fSth } 1739e1dd0a2fSth } 1740e1dd0a2fSth 1741e1dd0a2fSth /* Attributes */ 1742e1dd0a2fSth if (ptr->pj_attr != NULL && ptr->pj_attr[0] != '\0') { 1743e1dd0a2fSth rc = __s_add_attr(e, "SolarisProjectAttr", ptr->pj_attr); 1744e1dd0a2fSth if (rc != NS_LDAP_SUCCESS) { 1745e1dd0a2fSth __s_cvt_freeEntryRdn(entry, rdn); 1746e1dd0a2fSth return (rc); 1747e1dd0a2fSth } 1748e1dd0a2fSth } 1749e1dd0a2fSth 1750e1dd0a2fSth /* Users */ 1751e1dd0a2fSth if (ptr->pj_users != NULL) { 1752e1dd0a2fSth rc = __s_add_attrlist(e, "memberUid", ptr->pj_users); 1753e1dd0a2fSth if (rc != NS_LDAP_SUCCESS) { 1754e1dd0a2fSth __s_cvt_freeEntryRdn(entry, rdn); 1755e1dd0a2fSth return (rc); 1756e1dd0a2fSth } 1757e1dd0a2fSth } 1758e1dd0a2fSth 1759e1dd0a2fSth /* Groups */ 1760e1dd0a2fSth if (ptr->pj_groups != NULL) { 1761e1dd0a2fSth rc = __s_add_attrlist(e, "memberGid", ptr->pj_groups); 1762e1dd0a2fSth if (rc != NS_LDAP_SUCCESS) { 1763e1dd0a2fSth __s_cvt_freeEntryRdn(entry, rdn); 1764e1dd0a2fSth return (rc); 1765e1dd0a2fSth } 1766e1dd0a2fSth } 1767e1dd0a2fSth 1768e1dd0a2fSth 1769e1dd0a2fSth 1770e1dd0a2fSth return (NS_LDAP_SUCCESS); 1771e1dd0a2fSth } 17727c478bd9Sstevel@tonic-gate /* 17737c478bd9Sstevel@tonic-gate * Conversion: shadow 17747c478bd9Sstevel@tonic-gate * Input format: struct shadow 17757c478bd9Sstevel@tonic-gate * Exported objectclass: shadowAccount 17767c478bd9Sstevel@tonic-gate */ 17777c478bd9Sstevel@tonic-gate static int 17787c478bd9Sstevel@tonic-gate __s_cvt_shadow(const void *data, char **rdn, 17797c478bd9Sstevel@tonic-gate ns_ldap_entry_t **entry, ns_ldap_error_t **errorp) 17807c478bd9Sstevel@tonic-gate { 17817c478bd9Sstevel@tonic-gate ns_ldap_entry_t *e; 17827c478bd9Sstevel@tonic-gate int rc; 17837c478bd9Sstevel@tonic-gate char trdn[RDNSIZE]; 17847c478bd9Sstevel@tonic-gate /* routine specific */ 17857c478bd9Sstevel@tonic-gate struct spwd *ptr; 17867c478bd9Sstevel@tonic-gate int max_attr = 10; 17877c478bd9Sstevel@tonic-gate char ibuf[10]; 17887c478bd9Sstevel@tonic-gate static char *oclist[] = { 17897c478bd9Sstevel@tonic-gate "posixAccount", 17907c478bd9Sstevel@tonic-gate "shadowAccount", 17917c478bd9Sstevel@tonic-gate "account", 17927c478bd9Sstevel@tonic-gate "top", 17937c478bd9Sstevel@tonic-gate NULL 17947c478bd9Sstevel@tonic-gate }; 17957c478bd9Sstevel@tonic-gate 17967c478bd9Sstevel@tonic-gate if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL) 17977c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED); 17987c478bd9Sstevel@tonic-gate *entry = e = __s_mk_entry(oclist, max_attr); 17997c478bd9Sstevel@tonic-gate if (e == NULL) 18007c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 18017c478bd9Sstevel@tonic-gate 18027c478bd9Sstevel@tonic-gate /* Convert the structure */ 18037c478bd9Sstevel@tonic-gate ptr = (struct spwd *)data; 18047c478bd9Sstevel@tonic-gate 18057c478bd9Sstevel@tonic-gate if (ptr->sp_namp == NULL) { 18067c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 18077c478bd9Sstevel@tonic-gate *entry = NULL; 18087c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 18097c478bd9Sstevel@tonic-gate } 18107c478bd9Sstevel@tonic-gate 18117c478bd9Sstevel@tonic-gate /* Create an appropriate rdn */ 18127c478bd9Sstevel@tonic-gate (void) snprintf(trdn, RDNSIZE, "uid=%s", ptr->sp_namp); 18137c478bd9Sstevel@tonic-gate *rdn = strdup(trdn); 18147c478bd9Sstevel@tonic-gate if (*rdn == NULL) { 18157c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 18167c478bd9Sstevel@tonic-gate *entry = NULL; 18177c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 18187c478bd9Sstevel@tonic-gate } 18197c478bd9Sstevel@tonic-gate 18207c478bd9Sstevel@tonic-gate /* Error check the data and add the attributes */ 18217c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "uid", ptr->sp_namp); 18227c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 18237c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 18247c478bd9Sstevel@tonic-gate return (rc); 18257c478bd9Sstevel@tonic-gate } 18267c478bd9Sstevel@tonic-gate 18277c478bd9Sstevel@tonic-gate if (ptr->sp_pwdp == NULL) { 18287c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 18297c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 18307c478bd9Sstevel@tonic-gate } else { 18317c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "userPassword", ptr->sp_pwdp); 18327c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 18337c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 18347c478bd9Sstevel@tonic-gate return (rc); 18357c478bd9Sstevel@tonic-gate } 18367c478bd9Sstevel@tonic-gate } 18377c478bd9Sstevel@tonic-gate if (ptr->sp_lstchg >= 0) { 18387c478bd9Sstevel@tonic-gate (void) sprintf(ibuf, "%d", ptr->sp_lstchg); 18397c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "shadowLastChange", ibuf); 18407c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 18417c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 18427c478bd9Sstevel@tonic-gate return (rc); 18437c478bd9Sstevel@tonic-gate } 18447c478bd9Sstevel@tonic-gate } 18457c478bd9Sstevel@tonic-gate if (ptr->sp_min >= 0) { 18467c478bd9Sstevel@tonic-gate (void) sprintf(ibuf, "%d", ptr->sp_min); 18477c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "shadowMin", ibuf); 18487c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 18497c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 18507c478bd9Sstevel@tonic-gate return (rc); 18517c478bd9Sstevel@tonic-gate } 18527c478bd9Sstevel@tonic-gate } 18537c478bd9Sstevel@tonic-gate if (ptr->sp_max >= 0) { 18547c478bd9Sstevel@tonic-gate (void) sprintf(ibuf, "%d", ptr->sp_max); 18557c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "shadowMax", ibuf); 18567c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 18577c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 18587c478bd9Sstevel@tonic-gate return (rc); 18597c478bd9Sstevel@tonic-gate } 18607c478bd9Sstevel@tonic-gate } 18617c478bd9Sstevel@tonic-gate if (ptr->sp_warn >= 0) { 18627c478bd9Sstevel@tonic-gate (void) sprintf(ibuf, "%d", ptr->sp_warn); 18637c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "shadowWarning", ibuf); 18647c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 18657c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 18667c478bd9Sstevel@tonic-gate return (rc); 18677c478bd9Sstevel@tonic-gate } 18687c478bd9Sstevel@tonic-gate } 18697c478bd9Sstevel@tonic-gate if (ptr->sp_inact >= 0) { 18707c478bd9Sstevel@tonic-gate (void) sprintf(ibuf, "%d", ptr->sp_inact); 18717c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "shadowInactive", ibuf); 18727c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 18737c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 18747c478bd9Sstevel@tonic-gate return (rc); 18757c478bd9Sstevel@tonic-gate } 18767c478bd9Sstevel@tonic-gate } 18777c478bd9Sstevel@tonic-gate if (ptr->sp_expire >= 0) { 18787c478bd9Sstevel@tonic-gate (void) sprintf(ibuf, "%d", ptr->sp_expire); 18797c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "shadowExpire", ibuf); 18807c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 18817c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 18827c478bd9Sstevel@tonic-gate return (rc); 18837c478bd9Sstevel@tonic-gate } 18847c478bd9Sstevel@tonic-gate } 18857c478bd9Sstevel@tonic-gate (void) sprintf(ibuf, "%d", ptr->sp_flag); 18867c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "shadowFlag", ibuf); 18877c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 18887c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 18897c478bd9Sstevel@tonic-gate return (rc); 18907c478bd9Sstevel@tonic-gate } 18917c478bd9Sstevel@tonic-gate 18927c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 18937c478bd9Sstevel@tonic-gate } 18947c478bd9Sstevel@tonic-gate 18957c478bd9Sstevel@tonic-gate 18967c478bd9Sstevel@tonic-gate /* 18977c478bd9Sstevel@tonic-gate * Conversion: group 18987c478bd9Sstevel@tonic-gate * Input format: struct group 18997c478bd9Sstevel@tonic-gate * Exported objectclass: posixGroup 19007c478bd9Sstevel@tonic-gate */ 19017c478bd9Sstevel@tonic-gate static int 19027c478bd9Sstevel@tonic-gate __s_cvt_group(const void *data, char **rdn, 19037c478bd9Sstevel@tonic-gate ns_ldap_entry_t **entry, ns_ldap_error_t **errorp) 19047c478bd9Sstevel@tonic-gate { 19057c478bd9Sstevel@tonic-gate ns_ldap_entry_t *e; 19067c478bd9Sstevel@tonic-gate int rc; 19077c478bd9Sstevel@tonic-gate char trdn[RDNSIZE]; 19087c478bd9Sstevel@tonic-gate /* routine specific */ 19097c478bd9Sstevel@tonic-gate struct group *ptr; 19107c478bd9Sstevel@tonic-gate int i, j, k; 19117c478bd9Sstevel@tonic-gate char **nm, **lm; 19127c478bd9Sstevel@tonic-gate int max_attr = 4; 19137c478bd9Sstevel@tonic-gate char ibuf[10]; 19147c478bd9Sstevel@tonic-gate static char *oclist[] = { 19157c478bd9Sstevel@tonic-gate "posixGroup", 19167c478bd9Sstevel@tonic-gate "top", 19177c478bd9Sstevel@tonic-gate NULL 19187c478bd9Sstevel@tonic-gate }; 19197c478bd9Sstevel@tonic-gate 19207c478bd9Sstevel@tonic-gate if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL) 19217c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED); 19227c478bd9Sstevel@tonic-gate *entry = e = __s_mk_entry(oclist, max_attr); 19237c478bd9Sstevel@tonic-gate if (e == NULL) 19247c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 19257c478bd9Sstevel@tonic-gate 19267c478bd9Sstevel@tonic-gate /* Convert the structure */ 19277c478bd9Sstevel@tonic-gate ptr = (struct group *)data; 19287c478bd9Sstevel@tonic-gate 1929f48205beScasper if (ptr->gr_name == NULL || ptr->gr_gid > MAXUID) { 19307c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 19317c478bd9Sstevel@tonic-gate *entry = NULL; 19327c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 19337c478bd9Sstevel@tonic-gate } 19347c478bd9Sstevel@tonic-gate 19357c478bd9Sstevel@tonic-gate /* Create an appropriate rdn */ 19367c478bd9Sstevel@tonic-gate (void) snprintf(trdn, RDNSIZE, "cn=%s", ptr->gr_name); 19377c478bd9Sstevel@tonic-gate *rdn = strdup(trdn); 19387c478bd9Sstevel@tonic-gate if (*rdn == NULL) { 19397c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 19407c478bd9Sstevel@tonic-gate *entry = NULL; 19417c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 19427c478bd9Sstevel@tonic-gate } 19437c478bd9Sstevel@tonic-gate 19447c478bd9Sstevel@tonic-gate /* Error check the data and add the attributes */ 19457c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "cn", ptr->gr_name); 19467c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 19477c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 19487c478bd9Sstevel@tonic-gate return (rc); 19497c478bd9Sstevel@tonic-gate } 19507c478bd9Sstevel@tonic-gate 1951f48205beScasper (void) sprintf(ibuf, "%u", ptr->gr_gid); 19527c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "gidNumber", ibuf); 19537c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 19547c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 19557c478bd9Sstevel@tonic-gate return (rc); 19567c478bd9Sstevel@tonic-gate } 19577c478bd9Sstevel@tonic-gate if (ptr->gr_passwd && ptr->gr_passwd[0] != '\0') { 19587c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "userPassword", ptr->gr_passwd); 19597c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 19607c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 19617c478bd9Sstevel@tonic-gate return (rc); 19627c478bd9Sstevel@tonic-gate } 19637c478bd9Sstevel@tonic-gate } 19647c478bd9Sstevel@tonic-gate 19657c478bd9Sstevel@tonic-gate if (ptr->gr_mem && ptr->gr_mem[0]) { 19667c478bd9Sstevel@tonic-gate lm = ptr->gr_mem; 19677c478bd9Sstevel@tonic-gate for (i = 0; *lm; i++, lm++) 19687c478bd9Sstevel@tonic-gate ; 19697c478bd9Sstevel@tonic-gate lm = ptr->gr_mem; 19707c478bd9Sstevel@tonic-gate nm = (char **)calloc(i+2, sizeof (char *)); 19717c478bd9Sstevel@tonic-gate if (nm == NULL) { 19727c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 19737c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 19747c478bd9Sstevel@tonic-gate } 19757c478bd9Sstevel@tonic-gate for (j = 0; j < i; j++) { 19767c478bd9Sstevel@tonic-gate nm[j] = strdup(lm[j]); 19777c478bd9Sstevel@tonic-gate if (nm[j] == NULL) { 19787c478bd9Sstevel@tonic-gate for (k = 0; k < j; k++) 19797c478bd9Sstevel@tonic-gate free(nm[k]); 19807c478bd9Sstevel@tonic-gate free(nm); 19817c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 19827c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 19837c478bd9Sstevel@tonic-gate } 19847c478bd9Sstevel@tonic-gate } 19857c478bd9Sstevel@tonic-gate rc = __s_add_attrlist(e, "memberUid", nm); 19867c478bd9Sstevel@tonic-gate for (j = 0; j < i; j++) { 19877c478bd9Sstevel@tonic-gate free(nm[j]); 19887c478bd9Sstevel@tonic-gate } 19897c478bd9Sstevel@tonic-gate free(nm); 19907c478bd9Sstevel@tonic-gate nm = NULL; 19917c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 19927c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 19937c478bd9Sstevel@tonic-gate return (rc); 19947c478bd9Sstevel@tonic-gate } 19957c478bd9Sstevel@tonic-gate } 19967c478bd9Sstevel@tonic-gate 19977c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 19987c478bd9Sstevel@tonic-gate } 19997c478bd9Sstevel@tonic-gate 20007c478bd9Sstevel@tonic-gate /* 20017c478bd9Sstevel@tonic-gate * Conversion: hosts 20027c478bd9Sstevel@tonic-gate * Input format: struct hostent 20037c478bd9Sstevel@tonic-gate * Exported objectclass: ipHost 20047c478bd9Sstevel@tonic-gate */ 20057c478bd9Sstevel@tonic-gate static int 20067c478bd9Sstevel@tonic-gate __s_cvt_hosts(const void *data, char **rdn, 20077c478bd9Sstevel@tonic-gate ns_ldap_entry_t **entry, ns_ldap_error_t **errorp) 20087c478bd9Sstevel@tonic-gate { 20097c478bd9Sstevel@tonic-gate ns_ldap_entry_t *e; 20107c478bd9Sstevel@tonic-gate int rc; 20117c478bd9Sstevel@tonic-gate char trdn[RDNSIZE]; 20127c478bd9Sstevel@tonic-gate /* routine specific */ 20137c478bd9Sstevel@tonic-gate struct hostent *ptr; 20147c478bd9Sstevel@tonic-gate int max_attr = 6; 20157c478bd9Sstevel@tonic-gate int i, j, k; 20167c478bd9Sstevel@tonic-gate char **nm, **lm; 20177c478bd9Sstevel@tonic-gate static char *oclist[] = { 20187c478bd9Sstevel@tonic-gate "ipHost", 20197c478bd9Sstevel@tonic-gate "device", 20207c478bd9Sstevel@tonic-gate "top", 20217c478bd9Sstevel@tonic-gate NULL 20227c478bd9Sstevel@tonic-gate }; 20237c478bd9Sstevel@tonic-gate 20247c478bd9Sstevel@tonic-gate if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL) 20257c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED); 20267c478bd9Sstevel@tonic-gate *entry = e = __s_mk_entry(oclist, max_attr); 20277c478bd9Sstevel@tonic-gate if (e == NULL) 20287c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 20297c478bd9Sstevel@tonic-gate 20307c478bd9Sstevel@tonic-gate /* Convert the structure */ 20317c478bd9Sstevel@tonic-gate ptr = (struct hostent *)data; 20327c478bd9Sstevel@tonic-gate 20337c478bd9Sstevel@tonic-gate if (ptr->h_name == NULL || 20347c478bd9Sstevel@tonic-gate ptr->h_addr_list == NULL || ptr->h_addr_list[0] == '\0') { 20357c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 20367c478bd9Sstevel@tonic-gate *entry = NULL; 20377c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 20387c478bd9Sstevel@tonic-gate } 20397c478bd9Sstevel@tonic-gate 20407c478bd9Sstevel@tonic-gate /* Create an appropriate rdn */ 20417c478bd9Sstevel@tonic-gate (void) snprintf(trdn, RDNSIZE, "cn=%s+ipHostNumber=%s", 20427c478bd9Sstevel@tonic-gate ptr->h_name, ptr->h_addr_list[0]); 20437c478bd9Sstevel@tonic-gate *rdn = strdup(trdn); 20447c478bd9Sstevel@tonic-gate if (*rdn == NULL) { 20457c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 20467c478bd9Sstevel@tonic-gate *entry = NULL; 20477c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 20487c478bd9Sstevel@tonic-gate } 20497c478bd9Sstevel@tonic-gate 20507c478bd9Sstevel@tonic-gate /* Error check the data and add the attributes */ 20517c478bd9Sstevel@tonic-gate if (ptr->h_aliases && ptr->h_aliases[0]) { 20527c478bd9Sstevel@tonic-gate lm = ptr->h_aliases; 20536d3c3c6aSiz /* 20546d3c3c6aSiz * If there is a description, 'i' will contain 20556d3c3c6aSiz * the index of the description in the aliases list 20566d3c3c6aSiz */ 20576d3c3c6aSiz for (i = 0; *lm && (*lm)[0] != '#'; i++, lm++) 20587c478bd9Sstevel@tonic-gate ; 20597c478bd9Sstevel@tonic-gate lm = ptr->h_aliases; 20607c478bd9Sstevel@tonic-gate nm = (char **)calloc(i+2, sizeof (char *)); 20617c478bd9Sstevel@tonic-gate if (nm == NULL) { 20627c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 20637c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 20647c478bd9Sstevel@tonic-gate } 20657c478bd9Sstevel@tonic-gate nm[0] = ptr->h_name; 20667c478bd9Sstevel@tonic-gate for (j = 0; j < i; j++) 20677c478bd9Sstevel@tonic-gate nm[j+1] = ptr->h_aliases[j]; 20687c478bd9Sstevel@tonic-gate 20697c478bd9Sstevel@tonic-gate rc = __s_add_attrlist(e, "cn", nm); 20706d3c3c6aSiz 20716d3c3c6aSiz if (rc != NS_LDAP_SUCCESS) { 20726d3c3c6aSiz __s_cvt_freeEntryRdn(entry, rdn); 20736d3c3c6aSiz free(nm); 20746d3c3c6aSiz return (rc); 20756d3c3c6aSiz } 20766d3c3c6aSiz 20776d3c3c6aSiz if (lm[i] && lm[i][0] == '#') { 20786d3c3c6aSiz nm[0] = &(lm[i][1]); 20796d3c3c6aSiz nm[1] = NULL; 20806d3c3c6aSiz rc = __s_add_attrlist(e, "description", nm); 20816d3c3c6aSiz } 20827c478bd9Sstevel@tonic-gate free(nm); 20837c478bd9Sstevel@tonic-gate nm = NULL; 20847c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 20857c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 20867c478bd9Sstevel@tonic-gate return (rc); 20877c478bd9Sstevel@tonic-gate } 20887c478bd9Sstevel@tonic-gate } else { 20897c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "cn", ptr->h_name); 20907c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 20917c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 20927c478bd9Sstevel@tonic-gate return (rc); 20937c478bd9Sstevel@tonic-gate } 20947c478bd9Sstevel@tonic-gate } 20957c478bd9Sstevel@tonic-gate 20967c478bd9Sstevel@tonic-gate if (ptr->h_addr_list && ptr->h_addr_list[0]) { 20977c478bd9Sstevel@tonic-gate lm = ptr->h_addr_list; 20987c478bd9Sstevel@tonic-gate for (i = 0; *lm; i++, lm++) 20997c478bd9Sstevel@tonic-gate ; 21007c478bd9Sstevel@tonic-gate lm = ptr->h_addr_list; 21017c478bd9Sstevel@tonic-gate nm = (char **)calloc(i+2, sizeof (char *)); 21027c478bd9Sstevel@tonic-gate if (nm == NULL) { 21037c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 21047c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 21057c478bd9Sstevel@tonic-gate } 21067c478bd9Sstevel@tonic-gate for (j = 0; j < i; j++) { 21077c478bd9Sstevel@tonic-gate nm[j] = strdup(lm[j]); 21087c478bd9Sstevel@tonic-gate if (nm[j] == NULL) { 21097c478bd9Sstevel@tonic-gate for (k = 0; k < j; k++) 21107c478bd9Sstevel@tonic-gate free(nm[k]); 21117c478bd9Sstevel@tonic-gate free(nm); 21127c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 21137c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 21147c478bd9Sstevel@tonic-gate } 21157c478bd9Sstevel@tonic-gate } 21167c478bd9Sstevel@tonic-gate rc = __s_add_attrlist(e, "ipHostNumber", nm); 21177c478bd9Sstevel@tonic-gate for (j = 0; j < i; j++) { 21187c478bd9Sstevel@tonic-gate free(nm[j]); 21197c478bd9Sstevel@tonic-gate } 21207c478bd9Sstevel@tonic-gate free(nm); 21217c478bd9Sstevel@tonic-gate nm = NULL; 21227c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 21237c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 21247c478bd9Sstevel@tonic-gate return (rc); 21257c478bd9Sstevel@tonic-gate } 21267c478bd9Sstevel@tonic-gate } else { 21277c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 21287c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 21297c478bd9Sstevel@tonic-gate } 21307c478bd9Sstevel@tonic-gate 21317c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 21327c478bd9Sstevel@tonic-gate } 21337c478bd9Sstevel@tonic-gate 21347c478bd9Sstevel@tonic-gate /* 21357c478bd9Sstevel@tonic-gate * Conversion: rpc 21367c478bd9Sstevel@tonic-gate * Input format: struct rpcent 21377c478bd9Sstevel@tonic-gate * Exported objectclass: oncRpc 21387c478bd9Sstevel@tonic-gate */ 21397c478bd9Sstevel@tonic-gate static int 21407c478bd9Sstevel@tonic-gate __s_cvt_rpc(const void *data, char **rdn, 21417c478bd9Sstevel@tonic-gate ns_ldap_entry_t **entry, ns_ldap_error_t **errorp) 21427c478bd9Sstevel@tonic-gate { 21437c478bd9Sstevel@tonic-gate ns_ldap_entry_t *e; 21447c478bd9Sstevel@tonic-gate int rc; 21457c478bd9Sstevel@tonic-gate char trdn[RDNSIZE]; 21467c478bd9Sstevel@tonic-gate /* routine specific */ 21477c478bd9Sstevel@tonic-gate struct rpcent *ptr; 21487c478bd9Sstevel@tonic-gate int max_attr = 3; 21497c478bd9Sstevel@tonic-gate int i, j; 21507c478bd9Sstevel@tonic-gate char **nm; 21517c478bd9Sstevel@tonic-gate char ibuf[10]; 21527c478bd9Sstevel@tonic-gate static char *oclist[] = { 21537c478bd9Sstevel@tonic-gate "oncRpc", 21547c478bd9Sstevel@tonic-gate "top", 21557c478bd9Sstevel@tonic-gate NULL 21567c478bd9Sstevel@tonic-gate }; 21577c478bd9Sstevel@tonic-gate 21587c478bd9Sstevel@tonic-gate if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL) 21597c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED); 21607c478bd9Sstevel@tonic-gate *entry = e = __s_mk_entry(oclist, max_attr); 21617c478bd9Sstevel@tonic-gate if (e == NULL) 21627c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 21637c478bd9Sstevel@tonic-gate 21647c478bd9Sstevel@tonic-gate /* Convert the structure */ 21657c478bd9Sstevel@tonic-gate ptr = (struct rpcent *)data; 21667c478bd9Sstevel@tonic-gate 21677c478bd9Sstevel@tonic-gate if (ptr->r_name == NULL || ptr->r_number < 0) { 21687c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 21697c478bd9Sstevel@tonic-gate *entry = NULL; 21707c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 21717c478bd9Sstevel@tonic-gate } 21727c478bd9Sstevel@tonic-gate 21737c478bd9Sstevel@tonic-gate /* Create an appropriate rdn */ 21747c478bd9Sstevel@tonic-gate (void) snprintf(trdn, RDNSIZE, "cn=%s", ptr->r_name); 21757c478bd9Sstevel@tonic-gate *rdn = strdup(trdn); 21767c478bd9Sstevel@tonic-gate if (*rdn == NULL) { 21777c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 21787c478bd9Sstevel@tonic-gate *entry = NULL; 21797c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 21807c478bd9Sstevel@tonic-gate } 21817c478bd9Sstevel@tonic-gate 21827c478bd9Sstevel@tonic-gate /* Error check the data and add the attributes */ 21837c478bd9Sstevel@tonic-gate if (ptr->r_aliases && ptr->r_aliases[0]) { 21847c478bd9Sstevel@tonic-gate nm = ptr->r_aliases; 21857c478bd9Sstevel@tonic-gate for (i = 0; *nm; i++, nm++) 21867c478bd9Sstevel@tonic-gate ; 21877c478bd9Sstevel@tonic-gate nm = (char **)calloc(i+2, sizeof (char *)); 21887c478bd9Sstevel@tonic-gate if (nm == NULL) { 21897c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 21907c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 21917c478bd9Sstevel@tonic-gate } 21927c478bd9Sstevel@tonic-gate nm[0] = ptr->r_name; 21937c478bd9Sstevel@tonic-gate for (j = 0; j < i; j++) 21947c478bd9Sstevel@tonic-gate nm[j+1] = ptr->r_aliases[j]; 21957c478bd9Sstevel@tonic-gate 21967c478bd9Sstevel@tonic-gate rc = __s_add_attrlist(e, "cn", nm); 21977c478bd9Sstevel@tonic-gate free(nm); 21987c478bd9Sstevel@tonic-gate nm = NULL; 21997c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 22007c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 22017c478bd9Sstevel@tonic-gate return (rc); 22027c478bd9Sstevel@tonic-gate } 22037c478bd9Sstevel@tonic-gate } else { 22047c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "cn", ptr->r_name); 22057c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 22067c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 22077c478bd9Sstevel@tonic-gate return (rc); 22087c478bd9Sstevel@tonic-gate } 22097c478bd9Sstevel@tonic-gate } 22107c478bd9Sstevel@tonic-gate 22117c478bd9Sstevel@tonic-gate if (ptr->r_number >= 0) { 22127c478bd9Sstevel@tonic-gate (void) sprintf(ibuf, "%d", ptr->r_number); 22137c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "oncRpcNumber", ibuf); 22147c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 22157c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 22167c478bd9Sstevel@tonic-gate return (rc); 22177c478bd9Sstevel@tonic-gate } 22187c478bd9Sstevel@tonic-gate } 22197c478bd9Sstevel@tonic-gate 22207c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 22217c478bd9Sstevel@tonic-gate 22227c478bd9Sstevel@tonic-gate } 22237c478bd9Sstevel@tonic-gate 22247c478bd9Sstevel@tonic-gate /* 22257c478bd9Sstevel@tonic-gate * Conversion: protocols 22267c478bd9Sstevel@tonic-gate * Input format: struct protoent 22277c478bd9Sstevel@tonic-gate * Exported objectclass: ipProtocol 22287c478bd9Sstevel@tonic-gate */ 22297c478bd9Sstevel@tonic-gate static int 22307c478bd9Sstevel@tonic-gate __s_cvt_protocols(const void *data, char **rdn, 22317c478bd9Sstevel@tonic-gate ns_ldap_entry_t **entry, ns_ldap_error_t **errorp) 22327c478bd9Sstevel@tonic-gate { 22337c478bd9Sstevel@tonic-gate ns_ldap_entry_t *e; 22347c478bd9Sstevel@tonic-gate int rc; 22357c478bd9Sstevel@tonic-gate char trdn[RDNSIZE]; 22367c478bd9Sstevel@tonic-gate /* routine specific */ 22377c478bd9Sstevel@tonic-gate struct protoent *ptr; 22387c478bd9Sstevel@tonic-gate int max_attr = 3; 22397c478bd9Sstevel@tonic-gate int i, j; 22407c478bd9Sstevel@tonic-gate char ibuf[10]; 22417c478bd9Sstevel@tonic-gate char **nm; 22427c478bd9Sstevel@tonic-gate static char *oclist[] = { 22437c478bd9Sstevel@tonic-gate "ipProtocol", 22447c478bd9Sstevel@tonic-gate "top", 22457c478bd9Sstevel@tonic-gate NULL 22467c478bd9Sstevel@tonic-gate }; 22477c478bd9Sstevel@tonic-gate 22487c478bd9Sstevel@tonic-gate if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL) 22497c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED); 22507c478bd9Sstevel@tonic-gate *entry = e = __s_mk_entry(oclist, max_attr); 22517c478bd9Sstevel@tonic-gate if (e == NULL) 22527c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 22537c478bd9Sstevel@tonic-gate 22547c478bd9Sstevel@tonic-gate /* Convert the structure */ 22557c478bd9Sstevel@tonic-gate ptr = (struct protoent *)data; 22567c478bd9Sstevel@tonic-gate 22577c478bd9Sstevel@tonic-gate if (ptr->p_name == NULL || ptr->p_proto < 0) { 22587c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 22597c478bd9Sstevel@tonic-gate *entry = NULL; 22607c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 22617c478bd9Sstevel@tonic-gate } 22627c478bd9Sstevel@tonic-gate 22637c478bd9Sstevel@tonic-gate /* Create an appropriate rdn */ 22647c478bd9Sstevel@tonic-gate (void) snprintf(trdn, RDNSIZE, "cn=%s", ptr->p_name); 22657c478bd9Sstevel@tonic-gate *rdn = strdup(trdn); 22667c478bd9Sstevel@tonic-gate if (*rdn == NULL) { 22677c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 22687c478bd9Sstevel@tonic-gate *entry = NULL; 22697c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 22707c478bd9Sstevel@tonic-gate } 22717c478bd9Sstevel@tonic-gate 22727c478bd9Sstevel@tonic-gate /* Error check the data and add the attributes */ 22737c478bd9Sstevel@tonic-gate if (ptr->p_aliases && ptr->p_aliases[0]) { 22747c478bd9Sstevel@tonic-gate nm = ptr->p_aliases; 22757c478bd9Sstevel@tonic-gate for (i = 0; *nm; i++, nm++) 22767c478bd9Sstevel@tonic-gate ; 22777c478bd9Sstevel@tonic-gate nm = (char **)calloc(i+2, sizeof (char *)); 22787c478bd9Sstevel@tonic-gate if (nm == NULL) { 22797c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 22807c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 22817c478bd9Sstevel@tonic-gate } 22827c478bd9Sstevel@tonic-gate nm[0] = ptr->p_name; 22837c478bd9Sstevel@tonic-gate for (j = 0; j < i; j++) 22847c478bd9Sstevel@tonic-gate nm[j+1] = ptr->p_aliases[j]; 22857c478bd9Sstevel@tonic-gate 22867c478bd9Sstevel@tonic-gate rc = __s_add_attrlist(e, "cn", nm); 22877c478bd9Sstevel@tonic-gate free(nm); 22887c478bd9Sstevel@tonic-gate nm = NULL; 22897c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 22907c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 22917c478bd9Sstevel@tonic-gate return (rc); 22927c478bd9Sstevel@tonic-gate } 22937c478bd9Sstevel@tonic-gate } else { 22947c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "cn", ptr->p_name); 22957c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 22967c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 22977c478bd9Sstevel@tonic-gate return (rc); 22987c478bd9Sstevel@tonic-gate } 22997c478bd9Sstevel@tonic-gate } 23007c478bd9Sstevel@tonic-gate 23017c478bd9Sstevel@tonic-gate (void) sprintf(ibuf, "%d", ptr->p_proto); 23027c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "ipProtocolNumber", ibuf); 23037c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 23047c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 23057c478bd9Sstevel@tonic-gate return (rc); 23067c478bd9Sstevel@tonic-gate } 23077c478bd9Sstevel@tonic-gate 23087c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 23097c478bd9Sstevel@tonic-gate 23107c478bd9Sstevel@tonic-gate } 23117c478bd9Sstevel@tonic-gate 23127c478bd9Sstevel@tonic-gate /* 23137c478bd9Sstevel@tonic-gate * Conversion: services 23147c478bd9Sstevel@tonic-gate * Input format: struct servent 23157c478bd9Sstevel@tonic-gate * Exported objectclass: ipService 23167c478bd9Sstevel@tonic-gate */ 23177c478bd9Sstevel@tonic-gate static int 23187c478bd9Sstevel@tonic-gate __s_cvt_services(const void *data, char **rdn, 23197c478bd9Sstevel@tonic-gate ns_ldap_entry_t **entry, ns_ldap_error_t **errorp) 23207c478bd9Sstevel@tonic-gate { 23217c478bd9Sstevel@tonic-gate ns_ldap_entry_t *e; 23227c478bd9Sstevel@tonic-gate int rc; 23237c478bd9Sstevel@tonic-gate char trdn[RDNSIZE]; 232450b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India char esc_str[RDNSIZE]; 23257c478bd9Sstevel@tonic-gate /* routine specific */ 23267c478bd9Sstevel@tonic-gate struct servent *ptr; 23277c478bd9Sstevel@tonic-gate int max_attr = 4; 23287c478bd9Sstevel@tonic-gate int i, j; 23297c478bd9Sstevel@tonic-gate char ibuf[10]; 23307c478bd9Sstevel@tonic-gate char **nm; 23317c478bd9Sstevel@tonic-gate static char *oclist[] = { 23327c478bd9Sstevel@tonic-gate "ipService", 23337c478bd9Sstevel@tonic-gate "top", 23347c478bd9Sstevel@tonic-gate NULL 23357c478bd9Sstevel@tonic-gate }; 23367c478bd9Sstevel@tonic-gate 23377c478bd9Sstevel@tonic-gate if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL) 23387c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED); 23397c478bd9Sstevel@tonic-gate *entry = e = __s_mk_entry(oclist, max_attr); 23407c478bd9Sstevel@tonic-gate if (e == NULL) 23417c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 23427c478bd9Sstevel@tonic-gate 23437c478bd9Sstevel@tonic-gate /* Convert the structure */ 23447c478bd9Sstevel@tonic-gate ptr = (struct servent *)data; 23457c478bd9Sstevel@tonic-gate 23467c478bd9Sstevel@tonic-gate if (ptr->s_name == NULL || ptr->s_port < 0 || ptr->s_proto == '\0') { 23477c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 23487c478bd9Sstevel@tonic-gate *entry = NULL; 23497c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 23507c478bd9Sstevel@tonic-gate } 23517c478bd9Sstevel@tonic-gate 235250b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India /* 235350b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India * Escape special characters in service name. 235450b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India */ 235550b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India if (escape_str(esc_str, ptr->s_name) != 0) { 235650b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India __ns_ldap_freeEntry(e); 235750b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India *entry = NULL; 235850b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India return (NS_LDAP_INVALID_PARAM); 235950b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India } 236050b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India 23617c478bd9Sstevel@tonic-gate /* Create an appropriate rdn */ 23627c478bd9Sstevel@tonic-gate (void) snprintf(trdn, RDNSIZE, "cn=%s+ipServiceProtocol=%s", 236350b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India esc_str, ptr->s_proto); 236450b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India 23657c478bd9Sstevel@tonic-gate *rdn = strdup(trdn); 23667c478bd9Sstevel@tonic-gate if (*rdn == NULL) { 23677c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 23687c478bd9Sstevel@tonic-gate *entry = NULL; 23697c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 23707c478bd9Sstevel@tonic-gate } 23717c478bd9Sstevel@tonic-gate 23727c478bd9Sstevel@tonic-gate /* Error check the data and add the attributes */ 23737c478bd9Sstevel@tonic-gate if (ptr->s_aliases && ptr->s_aliases[0]) { 23747c478bd9Sstevel@tonic-gate nm = ptr->s_aliases; 23757c478bd9Sstevel@tonic-gate for (i = 0; *nm; i++, nm++) 23767c478bd9Sstevel@tonic-gate ; 23777c478bd9Sstevel@tonic-gate nm = (char **)calloc(i+2, sizeof (char *)); 23787c478bd9Sstevel@tonic-gate if (nm == NULL) { 23797c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 23807c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 23817c478bd9Sstevel@tonic-gate } 23827c478bd9Sstevel@tonic-gate nm[0] = ptr->s_name; 23837c478bd9Sstevel@tonic-gate for (j = 0; j < i; j++) 23847c478bd9Sstevel@tonic-gate nm[j+1] = ptr->s_aliases[j]; 23857c478bd9Sstevel@tonic-gate 23867c478bd9Sstevel@tonic-gate rc = __s_add_attrlist(e, "cn", nm); 23877c478bd9Sstevel@tonic-gate free(nm); 23887c478bd9Sstevel@tonic-gate nm = NULL; 23897c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 23907c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 23917c478bd9Sstevel@tonic-gate return (rc); 23927c478bd9Sstevel@tonic-gate } 23937c478bd9Sstevel@tonic-gate } else { 23947c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "cn", ptr->s_name); 23957c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 23967c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 23977c478bd9Sstevel@tonic-gate return (rc); 23987c478bd9Sstevel@tonic-gate } 23997c478bd9Sstevel@tonic-gate } 24007c478bd9Sstevel@tonic-gate 24017c478bd9Sstevel@tonic-gate (void) sprintf(ibuf, "%d", ptr->s_port); 24027c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "ipServicePort", ibuf); 24037c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 24047c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 24057c478bd9Sstevel@tonic-gate return (rc); 24067c478bd9Sstevel@tonic-gate } 24077c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "ipServiceProtocol", ptr->s_proto); 24087c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 24097c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 24107c478bd9Sstevel@tonic-gate return (rc); 24117c478bd9Sstevel@tonic-gate } 24127c478bd9Sstevel@tonic-gate 24137c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 24147c478bd9Sstevel@tonic-gate } 24157c478bd9Sstevel@tonic-gate 24167c478bd9Sstevel@tonic-gate /* 24177c478bd9Sstevel@tonic-gate * Conversion: networks 24187c478bd9Sstevel@tonic-gate * Input format: struct netent 24197c478bd9Sstevel@tonic-gate * Exported objectclass: ipNetwork 24207c478bd9Sstevel@tonic-gate */ 24217c478bd9Sstevel@tonic-gate static int 24227c478bd9Sstevel@tonic-gate __s_cvt_networks(const void *data, char **rdn, 24237c478bd9Sstevel@tonic-gate ns_ldap_entry_t **entry, ns_ldap_error_t **errorp) 24247c478bd9Sstevel@tonic-gate { 24257c478bd9Sstevel@tonic-gate ns_ldap_entry_t *e; 24267c478bd9Sstevel@tonic-gate int rc; 24277c478bd9Sstevel@tonic-gate char trdn[RDNSIZE]; 24287c478bd9Sstevel@tonic-gate /* routine specific */ 24297c478bd9Sstevel@tonic-gate struct netent *ptr; 24307c478bd9Sstevel@tonic-gate int max_attr = 4; 24317c478bd9Sstevel@tonic-gate int i, j; 24327c478bd9Sstevel@tonic-gate char cp[64]; 24337c478bd9Sstevel@tonic-gate char **nm; 24347c478bd9Sstevel@tonic-gate static char *oclist[] = { 24357c478bd9Sstevel@tonic-gate "ipNetwork", 24367c478bd9Sstevel@tonic-gate "top", 24377c478bd9Sstevel@tonic-gate NULL 24387c478bd9Sstevel@tonic-gate }; 24397c478bd9Sstevel@tonic-gate 24407c478bd9Sstevel@tonic-gate if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL) 24417c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED); 24427c478bd9Sstevel@tonic-gate *entry = e = __s_mk_entry(oclist, max_attr); 24437c478bd9Sstevel@tonic-gate if (e == NULL) 24447c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 24457c478bd9Sstevel@tonic-gate 24467c478bd9Sstevel@tonic-gate /* Convert the structure */ 24477c478bd9Sstevel@tonic-gate ptr = (struct netent *)data; 24487c478bd9Sstevel@tonic-gate 24497c478bd9Sstevel@tonic-gate if (ptr->n_name == NULL || ptr->n_net == 0) { 24507c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 24517c478bd9Sstevel@tonic-gate *entry = NULL; 24527c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 24537c478bd9Sstevel@tonic-gate } 24547c478bd9Sstevel@tonic-gate 24557c478bd9Sstevel@tonic-gate (void) snprintf(cp, sizeof (cp), "%d.%d.%d.%d", 2456e1dd0a2fSth (ptr->n_net & 0xFF000000) >> 24, 2457e1dd0a2fSth (ptr->n_net & 0x00FF0000) >> 16, 2458e1dd0a2fSth (ptr->n_net & 0x0000FF00) >> 8, 2459e1dd0a2fSth (ptr->n_net & 0x000000FF)); 24607c478bd9Sstevel@tonic-gate 24617c478bd9Sstevel@tonic-gate /* Create an appropriate rdn */ 24627c478bd9Sstevel@tonic-gate (void) snprintf(trdn, RDNSIZE, "ipNetworkNumber=%s", cp); 24637c478bd9Sstevel@tonic-gate *rdn = strdup(trdn); 24647c478bd9Sstevel@tonic-gate if (*rdn == NULL) { 24657c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 24667c478bd9Sstevel@tonic-gate *entry = NULL; 24677c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 24687c478bd9Sstevel@tonic-gate } 24697c478bd9Sstevel@tonic-gate 24707c478bd9Sstevel@tonic-gate /* Error check the data and add the attributes */ 24717c478bd9Sstevel@tonic-gate if (ptr->n_aliases && ptr->n_aliases[0]) { 24727c478bd9Sstevel@tonic-gate nm = ptr->n_aliases; 24737c478bd9Sstevel@tonic-gate for (i = 0; *nm; i++, nm++) 24747c478bd9Sstevel@tonic-gate ; 24757c478bd9Sstevel@tonic-gate nm = (char **)calloc(i+2, sizeof (char *)); 24767c478bd9Sstevel@tonic-gate if (nm == NULL) { 24777c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 24787c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 24797c478bd9Sstevel@tonic-gate } 24807c478bd9Sstevel@tonic-gate nm[0] = ptr->n_name; 24817c478bd9Sstevel@tonic-gate for (j = 0; j < i; j++) 24827c478bd9Sstevel@tonic-gate nm[j+1] = ptr->n_aliases[j]; 24837c478bd9Sstevel@tonic-gate 24847c478bd9Sstevel@tonic-gate rc = __s_add_attrlist(e, "cn", nm); 24857c478bd9Sstevel@tonic-gate free(nm); 24867c478bd9Sstevel@tonic-gate nm = NULL; 24877c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 24887c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 24897c478bd9Sstevel@tonic-gate return (rc); 24907c478bd9Sstevel@tonic-gate } 24917c478bd9Sstevel@tonic-gate } else { 24927c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "cn", ptr->n_name); 24937c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 24947c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 24957c478bd9Sstevel@tonic-gate return (rc); 24967c478bd9Sstevel@tonic-gate } 24977c478bd9Sstevel@tonic-gate } 24987c478bd9Sstevel@tonic-gate 24997c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "ipNetworkNumber", cp); 25007c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 25017c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 25027c478bd9Sstevel@tonic-gate return (rc); 25037c478bd9Sstevel@tonic-gate } 25047c478bd9Sstevel@tonic-gate 25057c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 25067c478bd9Sstevel@tonic-gate 25077c478bd9Sstevel@tonic-gate } 25087c478bd9Sstevel@tonic-gate /* 25097c478bd9Sstevel@tonic-gate * Conversion: netmasks 25107c478bd9Sstevel@tonic-gate * Input format: struct _ns_netmasks 25117c478bd9Sstevel@tonic-gate * Exported objectclass: ipNetwork 25127c478bd9Sstevel@tonic-gate */ 25137c478bd9Sstevel@tonic-gate static int 25147c478bd9Sstevel@tonic-gate __s_cvt_netmasks(const void *data, char **rdn, 25157c478bd9Sstevel@tonic-gate ns_ldap_entry_t **entry, ns_ldap_error_t **errorp) 25167c478bd9Sstevel@tonic-gate { 25177c478bd9Sstevel@tonic-gate ns_ldap_entry_t *e; 25187c478bd9Sstevel@tonic-gate int rc; 25197c478bd9Sstevel@tonic-gate char trdn[RDNSIZE]; 25207c478bd9Sstevel@tonic-gate /* routine specific */ 25217c478bd9Sstevel@tonic-gate struct _ns_netmasks *ptr; 25227c478bd9Sstevel@tonic-gate int max_attr = 4; 25237c478bd9Sstevel@tonic-gate static char *oclist[] = { 25247c478bd9Sstevel@tonic-gate "ipNetwork", 25257c478bd9Sstevel@tonic-gate "top", 25267c478bd9Sstevel@tonic-gate NULL 25277c478bd9Sstevel@tonic-gate }; 25287c478bd9Sstevel@tonic-gate 25297c478bd9Sstevel@tonic-gate if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL) 25307c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED); 25317c478bd9Sstevel@tonic-gate *entry = e = __s_mk_entry(oclist, max_attr); 25327c478bd9Sstevel@tonic-gate if (e == NULL) 25337c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 25347c478bd9Sstevel@tonic-gate 25357c478bd9Sstevel@tonic-gate /* Convert the structure */ 25367c478bd9Sstevel@tonic-gate ptr = (struct _ns_netmasks *)data; 25377c478bd9Sstevel@tonic-gate 25387c478bd9Sstevel@tonic-gate if (ptr->netnumber == NULL) { 25397c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 25407c478bd9Sstevel@tonic-gate *entry = NULL; 25417c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 25427c478bd9Sstevel@tonic-gate } 25437c478bd9Sstevel@tonic-gate 25447c478bd9Sstevel@tonic-gate /* Create an appropriate rdn */ 25457c478bd9Sstevel@tonic-gate (void) snprintf(trdn, RDNSIZE, "ipNetworkNumber=%s", ptr->netnumber); 25467c478bd9Sstevel@tonic-gate *rdn = strdup(trdn); 25477c478bd9Sstevel@tonic-gate if (*rdn == NULL) { 25487c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 25497c478bd9Sstevel@tonic-gate *entry = NULL; 25507c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 25517c478bd9Sstevel@tonic-gate } 25527c478bd9Sstevel@tonic-gate 25537c478bd9Sstevel@tonic-gate /* Error check the data and add the attributes */ 25547c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "ipNetworkNumber", ptr->netnumber); 25557c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 25567c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 25577c478bd9Sstevel@tonic-gate return (rc); 25587c478bd9Sstevel@tonic-gate } 25597c478bd9Sstevel@tonic-gate 25607c478bd9Sstevel@tonic-gate if (ptr->netmask != '\0') { 25617c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "ipNetmaskNumber", ptr->netmask); 25627c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 25637c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 25647c478bd9Sstevel@tonic-gate return (rc); 25657c478bd9Sstevel@tonic-gate } 25667c478bd9Sstevel@tonic-gate } 25677c478bd9Sstevel@tonic-gate 25687c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 25697c478bd9Sstevel@tonic-gate 25707c478bd9Sstevel@tonic-gate } 25717c478bd9Sstevel@tonic-gate /* 25727c478bd9Sstevel@tonic-gate * Conversion: netgroups 25737c478bd9Sstevel@tonic-gate * Input format: struct _ns_netgroups 25747c478bd9Sstevel@tonic-gate * Exported objectclass: nisNetgroup 25757c478bd9Sstevel@tonic-gate */ 25767c478bd9Sstevel@tonic-gate static int 25777c478bd9Sstevel@tonic-gate __s_cvt_netgroups(const void *data, char **rdn, 25787c478bd9Sstevel@tonic-gate ns_ldap_entry_t **entry, ns_ldap_error_t **errorp) 25797c478bd9Sstevel@tonic-gate { 25807c478bd9Sstevel@tonic-gate ns_ldap_entry_t *e; 25817c478bd9Sstevel@tonic-gate int rc; 25827c478bd9Sstevel@tonic-gate char trdn[RDNSIZE]; 25837c478bd9Sstevel@tonic-gate /* routine specific */ 25847c478bd9Sstevel@tonic-gate struct _ns_netgroups *ptr; 25857c478bd9Sstevel@tonic-gate int max_attr = 6; 25867c478bd9Sstevel@tonic-gate int i, j; 25877c478bd9Sstevel@tonic-gate char **nm; 25887c478bd9Sstevel@tonic-gate static char *oclist[] = { 25897c478bd9Sstevel@tonic-gate "nisNetgroup", 25907c478bd9Sstevel@tonic-gate "top", 25917c478bd9Sstevel@tonic-gate NULL 25927c478bd9Sstevel@tonic-gate }; 25937c478bd9Sstevel@tonic-gate 25947c478bd9Sstevel@tonic-gate if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL) 25957c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED); 25967c478bd9Sstevel@tonic-gate *entry = e = __s_mk_entry(oclist, max_attr); 25977c478bd9Sstevel@tonic-gate if (e == NULL) 25987c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 25997c478bd9Sstevel@tonic-gate 26007c478bd9Sstevel@tonic-gate /* Convert the structure */ 26017c478bd9Sstevel@tonic-gate ptr = (struct _ns_netgroups *)data; 26027c478bd9Sstevel@tonic-gate 26037c478bd9Sstevel@tonic-gate if (ptr->name == NULL) { 26047c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 26057c478bd9Sstevel@tonic-gate *entry = NULL; 26067c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 26077c478bd9Sstevel@tonic-gate } 26087c478bd9Sstevel@tonic-gate 26097c478bd9Sstevel@tonic-gate /* Create an appropriate rdn */ 26107c478bd9Sstevel@tonic-gate (void) snprintf(trdn, RDNSIZE, "cn=%s", ptr->name); 26117c478bd9Sstevel@tonic-gate *rdn = strdup(trdn); 26127c478bd9Sstevel@tonic-gate if (*rdn == NULL) { 26137c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 26147c478bd9Sstevel@tonic-gate *entry = NULL; 26157c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 26167c478bd9Sstevel@tonic-gate } 26177c478bd9Sstevel@tonic-gate 26187c478bd9Sstevel@tonic-gate if (ptr->name != '\0') { 26197c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "cn", ptr->name); 26207c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 26217c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 26227c478bd9Sstevel@tonic-gate return (rc); 26237c478bd9Sstevel@tonic-gate } 26247c478bd9Sstevel@tonic-gate } 26257c478bd9Sstevel@tonic-gate 26267c478bd9Sstevel@tonic-gate /* Error check the data and add the attributes */ 26277c478bd9Sstevel@tonic-gate if (ptr->triplet && ptr->triplet[0]) { 26287c478bd9Sstevel@tonic-gate nm = ptr->triplet; 26297c478bd9Sstevel@tonic-gate for (i = 0; *nm; i++, nm++) 26307c478bd9Sstevel@tonic-gate ; 26317c478bd9Sstevel@tonic-gate nm = (char **)calloc(i+2, sizeof (char *)); 26327c478bd9Sstevel@tonic-gate if (nm == NULL) { 26337c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 26347c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 26357c478bd9Sstevel@tonic-gate } 26367c478bd9Sstevel@tonic-gate for (j = 0; j < i; j++) 26377c478bd9Sstevel@tonic-gate nm[j] = ptr->triplet[j]; 26387c478bd9Sstevel@tonic-gate 26397c478bd9Sstevel@tonic-gate rc = __s_add_attrlist(e, "nisNetgroupTriple", nm); 26407c478bd9Sstevel@tonic-gate free(nm); 26417c478bd9Sstevel@tonic-gate nm = NULL; 26427c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 26437c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 26447c478bd9Sstevel@tonic-gate return (rc); 26457c478bd9Sstevel@tonic-gate } 26467c478bd9Sstevel@tonic-gate } 26477c478bd9Sstevel@tonic-gate if (ptr->netgroup && ptr->netgroup[0]) { 26487c478bd9Sstevel@tonic-gate nm = ptr->netgroup; 26497c478bd9Sstevel@tonic-gate for (i = 0; *nm; i++, nm++) 26507c478bd9Sstevel@tonic-gate ; 26517c478bd9Sstevel@tonic-gate nm = (char **)calloc(i+2, sizeof (char *)); 26527c478bd9Sstevel@tonic-gate if (nm == NULL) { 26537c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 26547c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 26557c478bd9Sstevel@tonic-gate } 26567c478bd9Sstevel@tonic-gate for (j = 0; j < i; j++) 26577c478bd9Sstevel@tonic-gate nm[j] = ptr->netgroup[j]; 26587c478bd9Sstevel@tonic-gate 26597c478bd9Sstevel@tonic-gate rc = __s_add_attrlist(e, "memberNisNetgroup", nm); 26607c478bd9Sstevel@tonic-gate free(nm); 26617c478bd9Sstevel@tonic-gate nm = NULL; 26627c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 26637c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 26647c478bd9Sstevel@tonic-gate return (rc); 26657c478bd9Sstevel@tonic-gate } 26667c478bd9Sstevel@tonic-gate } 26677c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 26687c478bd9Sstevel@tonic-gate } 26697c478bd9Sstevel@tonic-gate /* 26707c478bd9Sstevel@tonic-gate * Conversion: bootparams 26717c478bd9Sstevel@tonic-gate * Input format: struct _ns_bootp 26727c478bd9Sstevel@tonic-gate * Exported objectclass: bootableDevice, device 26737c478bd9Sstevel@tonic-gate */ 26747c478bd9Sstevel@tonic-gate static int 26757c478bd9Sstevel@tonic-gate __s_cvt_bootparams(const void *data, char **rdn, 26767c478bd9Sstevel@tonic-gate ns_ldap_entry_t **entry, ns_ldap_error_t **errorp) 26777c478bd9Sstevel@tonic-gate { 26787c478bd9Sstevel@tonic-gate ns_ldap_entry_t *e; 26797c478bd9Sstevel@tonic-gate int rc; 26807c478bd9Sstevel@tonic-gate char trdn[RDNSIZE]; 26817c478bd9Sstevel@tonic-gate /* routine specific */ 26827c478bd9Sstevel@tonic-gate struct _ns_bootp *ptr; 26837c478bd9Sstevel@tonic-gate int max_attr = 4; 26847c478bd9Sstevel@tonic-gate int i, j; 26857c478bd9Sstevel@tonic-gate char **nm; 26867c478bd9Sstevel@tonic-gate static char *oclist[] = { 26877c478bd9Sstevel@tonic-gate "bootableDevice", 26887c478bd9Sstevel@tonic-gate "device", 26897c478bd9Sstevel@tonic-gate "top", 26907c478bd9Sstevel@tonic-gate NULL 26917c478bd9Sstevel@tonic-gate }; 26927c478bd9Sstevel@tonic-gate 26937c478bd9Sstevel@tonic-gate if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL) 26947c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED); 26957c478bd9Sstevel@tonic-gate *entry = e = __s_mk_entry(oclist, max_attr); 26967c478bd9Sstevel@tonic-gate if (e == NULL) 26977c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 26987c478bd9Sstevel@tonic-gate 26997c478bd9Sstevel@tonic-gate /* Convert the structure */ 27007c478bd9Sstevel@tonic-gate ptr = (struct _ns_bootp *)data; 27017c478bd9Sstevel@tonic-gate 27027c478bd9Sstevel@tonic-gate if (ptr->name == NULL) { 27037c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 27047c478bd9Sstevel@tonic-gate *entry = NULL; 27057c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 27067c478bd9Sstevel@tonic-gate } 27077c478bd9Sstevel@tonic-gate 27087c478bd9Sstevel@tonic-gate /* Create an appropriate rdn */ 27097c478bd9Sstevel@tonic-gate (void) snprintf(trdn, RDNSIZE, "cn=%s", ptr->name); 27107c478bd9Sstevel@tonic-gate *rdn = strdup(trdn); 27117c478bd9Sstevel@tonic-gate if (*rdn == NULL) { 27127c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 27137c478bd9Sstevel@tonic-gate *entry = NULL; 27147c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 27157c478bd9Sstevel@tonic-gate } 27167c478bd9Sstevel@tonic-gate 27177c478bd9Sstevel@tonic-gate if (ptr->name != '\0') { 27187c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "cn", ptr->name); 27197c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 27207c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 27217c478bd9Sstevel@tonic-gate return (rc); 27227c478bd9Sstevel@tonic-gate } 27237c478bd9Sstevel@tonic-gate } 27247c478bd9Sstevel@tonic-gate 27257c478bd9Sstevel@tonic-gate /* Error check the data and add the attributes */ 27267c478bd9Sstevel@tonic-gate if (ptr->param && ptr->param[0]) { 27277c478bd9Sstevel@tonic-gate nm = ptr->param; 27287c478bd9Sstevel@tonic-gate for (i = 0; *nm; i++, nm++) 27297c478bd9Sstevel@tonic-gate ; 27307c478bd9Sstevel@tonic-gate nm = (char **)calloc(i+2, sizeof (char *)); 27317c478bd9Sstevel@tonic-gate if (nm == NULL) { 27327c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 27337c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 27347c478bd9Sstevel@tonic-gate } 27357c478bd9Sstevel@tonic-gate for (j = 0; j < i; j++) 27367c478bd9Sstevel@tonic-gate nm[j] = ptr->param[j]; 27377c478bd9Sstevel@tonic-gate 27387c478bd9Sstevel@tonic-gate rc = __s_add_attrlist(e, "bootParameter", nm); 27397c478bd9Sstevel@tonic-gate free(nm); 27407c478bd9Sstevel@tonic-gate nm = NULL; 27417c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 27427c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 27437c478bd9Sstevel@tonic-gate return (rc); 27447c478bd9Sstevel@tonic-gate } 27457c478bd9Sstevel@tonic-gate } 27467c478bd9Sstevel@tonic-gate 27477c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 27487c478bd9Sstevel@tonic-gate 27497c478bd9Sstevel@tonic-gate } 27507c478bd9Sstevel@tonic-gate /* 27517c478bd9Sstevel@tonic-gate * Conversion: ethers 27527c478bd9Sstevel@tonic-gate * Input format: struct _ns_ethers 27537c478bd9Sstevel@tonic-gate * Exported objectclass: ieee802Device, device 27547c478bd9Sstevel@tonic-gate */ 27557c478bd9Sstevel@tonic-gate static int 27567c478bd9Sstevel@tonic-gate __s_cvt_ethers(const void *data, char **rdn, 27577c478bd9Sstevel@tonic-gate ns_ldap_entry_t **entry, ns_ldap_error_t **errorp) 27587c478bd9Sstevel@tonic-gate { 27597c478bd9Sstevel@tonic-gate ns_ldap_entry_t *e; 27607c478bd9Sstevel@tonic-gate int rc; 27617c478bd9Sstevel@tonic-gate char trdn[RDNSIZE]; 27627c478bd9Sstevel@tonic-gate /* routine specific */ 27637c478bd9Sstevel@tonic-gate struct _ns_ethers *ptr; 27647c478bd9Sstevel@tonic-gate int max_attr = 4; 27657c478bd9Sstevel@tonic-gate static char *oclist[] = { 27667c478bd9Sstevel@tonic-gate "ieee802Device", 27677c478bd9Sstevel@tonic-gate "device", 27687c478bd9Sstevel@tonic-gate "top", 27697c478bd9Sstevel@tonic-gate NULL 27707c478bd9Sstevel@tonic-gate }; 27717c478bd9Sstevel@tonic-gate 27727c478bd9Sstevel@tonic-gate if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL) 27737c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED); 27747c478bd9Sstevel@tonic-gate *entry = e = __s_mk_entry(oclist, max_attr); 27757c478bd9Sstevel@tonic-gate if (e == NULL) 27767c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 27777c478bd9Sstevel@tonic-gate 27787c478bd9Sstevel@tonic-gate /* Convert the structure */ 27797c478bd9Sstevel@tonic-gate ptr = (struct _ns_ethers *)data; 27807c478bd9Sstevel@tonic-gate 27817c478bd9Sstevel@tonic-gate if (ptr->name == NULL || ptr->ether == '\0') { 27827c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 27837c478bd9Sstevel@tonic-gate *entry = NULL; 27847c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 27857c478bd9Sstevel@tonic-gate } 27867c478bd9Sstevel@tonic-gate 27877c478bd9Sstevel@tonic-gate /* Create an appropriate rdn */ 27887c478bd9Sstevel@tonic-gate (void) snprintf(trdn, RDNSIZE, "cn=%s", ptr->name); 27897c478bd9Sstevel@tonic-gate *rdn = strdup(trdn); 27907c478bd9Sstevel@tonic-gate if (*rdn == NULL) { 27917c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 27927c478bd9Sstevel@tonic-gate *entry = NULL; 27937c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 27947c478bd9Sstevel@tonic-gate } 27957c478bd9Sstevel@tonic-gate 27967c478bd9Sstevel@tonic-gate /* Error check the data and add the attributes */ 27977c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "cn", ptr->name); 27987c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 27997c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 28007c478bd9Sstevel@tonic-gate return (rc); 28017c478bd9Sstevel@tonic-gate } 28027c478bd9Sstevel@tonic-gate 28037c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "macAddress", ptr->ether); 28047c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 28057c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 28067c478bd9Sstevel@tonic-gate return (rc); 28077c478bd9Sstevel@tonic-gate } 28087c478bd9Sstevel@tonic-gate 28097c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 28107c478bd9Sstevel@tonic-gate } 28117c478bd9Sstevel@tonic-gate /* 28127c478bd9Sstevel@tonic-gate * This function is used when processing an ethers (objectclass: ieee802Device) 28137c478bd9Sstevel@tonic-gate * or a bootparams (objectclass: bootableDevice) entry, and the entry is 28147c478bd9Sstevel@tonic-gate * already found in LDAP. Since both ethers and bootparams share the same 28157c478bd9Sstevel@tonic-gate * LDAP container, we want to check that the entry found in LDAP is: 28167c478bd9Sstevel@tonic-gate * - either the same entry (same cn, same objectclass): we don't do anything 28177c478bd9Sstevel@tonic-gate * in this case 28187c478bd9Sstevel@tonic-gate * - or an entry which does not have the objectclass we are interesting in: 28197c478bd9Sstevel@tonic-gate * in this case, we modify the existing entry by adding the relevant 28207c478bd9Sstevel@tonic-gate * objectclass (ieee802Device or bootableDevice) and the relevant attribute(s) 28217c478bd9Sstevel@tonic-gate * from the attribute list previously computing by the relevant conversion 28227c478bd9Sstevel@tonic-gate * function. 28237c478bd9Sstevel@tonic-gate * Note: from conversion functions __s_cvt_ethers() and __s_cvt_bootparams() 28247c478bd9Sstevel@tonic-gate * we know that there is only 1 more attribute today to add (macAddress 28257c478bd9Sstevel@tonic-gate * or bootParameter) 28267c478bd9Sstevel@tonic-gate */ 28277c478bd9Sstevel@tonic-gate #define _MAX_ATTR_ETHBOOTP 2 28287c478bd9Sstevel@tonic-gate static int 28297c478bd9Sstevel@tonic-gate modify_ethers_bootp( 28307c478bd9Sstevel@tonic-gate const char *service, 28317c478bd9Sstevel@tonic-gate const char *rdn, 28327c478bd9Sstevel@tonic-gate const char *fulldn, 28337c478bd9Sstevel@tonic-gate const ns_ldap_attr_t * const *attrlist, 28347c478bd9Sstevel@tonic-gate const ns_cred_t *cred, 28357c478bd9Sstevel@tonic-gate const int flags, 28367c478bd9Sstevel@tonic-gate ns_ldap_error_t **errorp) 28377c478bd9Sstevel@tonic-gate { 28387c478bd9Sstevel@tonic-gate char filter[BUFSIZ]; 28397c478bd9Sstevel@tonic-gate ns_ldap_result_t *resultp; 28407c478bd9Sstevel@tonic-gate int rc = 0; 28417c478bd9Sstevel@tonic-gate int i; 28427c478bd9Sstevel@tonic-gate ns_ldap_attr_t *new_attrlist[_MAX_ATTR_ETHBOOTP+1]; 28437c478bd9Sstevel@tonic-gate ns_ldap_attr_t new_attrlist0; 28447c478bd9Sstevel@tonic-gate char *new_attrvalue0[1]; 28457c478bd9Sstevel@tonic-gate const ns_ldap_attr_t * const *aptr = attrlist; 28467c478bd9Sstevel@tonic-gate ns_ldap_attr_t *aptr2; 28477c478bd9Sstevel@tonic-gate ns_ldap_error_t *new_errorp = NULL; 28487c478bd9Sstevel@tonic-gate 28497c478bd9Sstevel@tonic-gate if (rdn == NULL || fulldn == NULL || attrlist == NULL || 2850e1dd0a2fSth errorp == NULL || service == NULL) 28517c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED); 28527c478bd9Sstevel@tonic-gate 28537c478bd9Sstevel@tonic-gate bzero(&new_attrlist, sizeof (new_attrlist)); 28547c478bd9Sstevel@tonic-gate bzero(&new_attrlist0, sizeof (new_attrlist0)); 28557c478bd9Sstevel@tonic-gate new_attrlist[0] = &new_attrlist0; 28567c478bd9Sstevel@tonic-gate new_attrlist[0]->attrvalue = new_attrvalue0; 28577c478bd9Sstevel@tonic-gate 28587c478bd9Sstevel@tonic-gate new_attrlist[0]->attrname = "objectclass"; 28597c478bd9Sstevel@tonic-gate new_attrlist[0]->value_count = 1; 28607c478bd9Sstevel@tonic-gate if (strcasecmp(service, "ethers") == NULL) { 28617c478bd9Sstevel@tonic-gate (void) snprintf(&filter[0], sizeof (filter), 2862e1dd0a2fSth "(&(objectClass=ieee802Device)(%s))", rdn); 28637c478bd9Sstevel@tonic-gate new_attrlist[0]->attrvalue[0] = "ieee802Device"; 28647c478bd9Sstevel@tonic-gate } else { 28657c478bd9Sstevel@tonic-gate (void) snprintf(&filter[0], sizeof (filter), 2866e1dd0a2fSth "(&(objectClass=bootableDevice)(%s))", rdn); 28677c478bd9Sstevel@tonic-gate new_attrlist[0]->attrvalue[0] = "bootableDevice"; 28687c478bd9Sstevel@tonic-gate } 28697c478bd9Sstevel@tonic-gate 28707c478bd9Sstevel@tonic-gate rc = __ns_ldap_list(service, filter, NULL, (const char **)NULL, 2871e1dd0a2fSth NULL, NS_LDAP_SCOPE_SUBTREE, &resultp, &new_errorp, 2872e1dd0a2fSth NULL, NULL); 28737c478bd9Sstevel@tonic-gate 28747c478bd9Sstevel@tonic-gate switch (rc) { 28757c478bd9Sstevel@tonic-gate case NS_LDAP_SUCCESS: 28767c478bd9Sstevel@tonic-gate /* 28777c478bd9Sstevel@tonic-gate * entry already exists for this service 28787c478bd9Sstevel@tonic-gate * return NS_LDAP_INTERNAL and do not modify the incoming errorp 28797c478bd9Sstevel@tonic-gate */ 28807c478bd9Sstevel@tonic-gate rc = NS_LDAP_INTERNAL; 28817c478bd9Sstevel@tonic-gate break; 28827c478bd9Sstevel@tonic-gate case NS_LDAP_NOTFOUND: 28837c478bd9Sstevel@tonic-gate /* 28847c478bd9Sstevel@tonic-gate * entry not found with the given objectclasss but entry exists 28857c478bd9Sstevel@tonic-gate * hence add the relevant attribute (macAddress or bootparams). 28867c478bd9Sstevel@tonic-gate */ 28877c478bd9Sstevel@tonic-gate i = 1; 28887c478bd9Sstevel@tonic-gate while (*aptr && (i < _MAX_ATTR_ETHBOOTP)) { 28897c478bd9Sstevel@tonic-gate /* aptr2 needed here to avoid lint warning */ 28907c478bd9Sstevel@tonic-gate aptr2 = (ns_ldap_attr_t *)*aptr++; 28917c478bd9Sstevel@tonic-gate if ((strcasecmp(aptr2->attrname, "cn") != 0) && 2892e1dd0a2fSth (strcasecmp(aptr2->attrname, 2893e1dd0a2fSth "objectclass") != 0)) { 2894e1dd0a2fSth new_attrlist[i++] = (ns_ldap_attr_t *)aptr2; 28957c478bd9Sstevel@tonic-gate } 28967c478bd9Sstevel@tonic-gate } 28977c478bd9Sstevel@tonic-gate 28987c478bd9Sstevel@tonic-gate if (i != _MAX_ATTR_ETHBOOTP) { 28997c478bd9Sstevel@tonic-gate /* we haven't found all expected attributes */ 29007c478bd9Sstevel@tonic-gate rc = NS_LDAP_OP_FAILED; 29017c478bd9Sstevel@tonic-gate break; 29027c478bd9Sstevel@tonic-gate } 29037c478bd9Sstevel@tonic-gate 29047c478bd9Sstevel@tonic-gate aptr = (const ns_ldap_attr_t * const *) new_attrlist; 29057c478bd9Sstevel@tonic-gate /* clean errorp first */ 29067c478bd9Sstevel@tonic-gate (void) __ns_ldap_freeError(errorp); 29077c478bd9Sstevel@tonic-gate rc = __ns_ldap_addAttr(service, fulldn, aptr, cred, flags, 2908e1dd0a2fSth errorp); 29097c478bd9Sstevel@tonic-gate break; 29107c478bd9Sstevel@tonic-gate default: 29117c478bd9Sstevel@tonic-gate /* 29127c478bd9Sstevel@tonic-gate * unexpected error happenned 29137c478bd9Sstevel@tonic-gate * returning relevant error 29147c478bd9Sstevel@tonic-gate */ 29157c478bd9Sstevel@tonic-gate (void) __ns_ldap_freeError(errorp); 29167c478bd9Sstevel@tonic-gate *errorp = new_errorp; 29177c478bd9Sstevel@tonic-gate break; 29187c478bd9Sstevel@tonic-gate } 29197c478bd9Sstevel@tonic-gate 29207c478bd9Sstevel@tonic-gate return (rc); 29217c478bd9Sstevel@tonic-gate } 29227c478bd9Sstevel@tonic-gate 29237c478bd9Sstevel@tonic-gate /* 29247c478bd9Sstevel@tonic-gate * Conversion: publickey 29257c478bd9Sstevel@tonic-gate * Input format: struct _ns_pubkey 29267c478bd9Sstevel@tonic-gate * Exported objectclass: NisKeyObject 29277c478bd9Sstevel@tonic-gate */ 29287c478bd9Sstevel@tonic-gate static int 29297c478bd9Sstevel@tonic-gate __s_cvt_publickey(const void *data, char **rdn, 29307c478bd9Sstevel@tonic-gate ns_ldap_entry_t **entry, ns_ldap_error_t **errorp) 29317c478bd9Sstevel@tonic-gate { 29327c478bd9Sstevel@tonic-gate ns_ldap_entry_t *e; 29337c478bd9Sstevel@tonic-gate int rc; 29347c478bd9Sstevel@tonic-gate char trdn[RDNSIZE]; 29357c478bd9Sstevel@tonic-gate /* routine specific */ 29367c478bd9Sstevel@tonic-gate struct _ns_pubkey *ptr; 29377c478bd9Sstevel@tonic-gate int max_attr = 3; 29387c478bd9Sstevel@tonic-gate static char *oclist[] = { 29397c478bd9Sstevel@tonic-gate "NisKeyObject", 29407c478bd9Sstevel@tonic-gate NULL 29417c478bd9Sstevel@tonic-gate }; 29427c478bd9Sstevel@tonic-gate 29437c478bd9Sstevel@tonic-gate if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL) 29447c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED); 29457c478bd9Sstevel@tonic-gate *entry = e = __s_mk_entry(oclist, max_attr); 29467c478bd9Sstevel@tonic-gate if (e == NULL) 29477c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 29487c478bd9Sstevel@tonic-gate 29497c478bd9Sstevel@tonic-gate /* Convert the structure */ 29507c478bd9Sstevel@tonic-gate ptr = (struct _ns_pubkey *)data; 29517c478bd9Sstevel@tonic-gate 29527c478bd9Sstevel@tonic-gate if (ptr->name == NULL || ptr->pubkey == '\0' || ptr->privkey == '\0') { 29537c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 29547c478bd9Sstevel@tonic-gate *entry = NULL; 29557c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 29567c478bd9Sstevel@tonic-gate } 29577c478bd9Sstevel@tonic-gate 29587c478bd9Sstevel@tonic-gate /* Create an appropriate rdn */ 29597c478bd9Sstevel@tonic-gate if (ptr->hostcred == NS_HOSTCRED_FALSE) 29607c478bd9Sstevel@tonic-gate (void) snprintf(trdn, RDNSIZE, "uid=%s", ptr->name); 29617c478bd9Sstevel@tonic-gate else 29627c478bd9Sstevel@tonic-gate (void) snprintf(trdn, RDNSIZE, "cn=%s", ptr->name); 29637c478bd9Sstevel@tonic-gate *rdn = strdup(trdn); 29647c478bd9Sstevel@tonic-gate if (*rdn == NULL) { 29657c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 29667c478bd9Sstevel@tonic-gate *entry = NULL; 29677c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 29687c478bd9Sstevel@tonic-gate } 29697c478bd9Sstevel@tonic-gate 29707c478bd9Sstevel@tonic-gate /* Error check the data and add the attributes */ 29717c478bd9Sstevel@tonic-gate 29727c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "nisPublickey", ptr->pubkey); 29737c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 29747c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 29757c478bd9Sstevel@tonic-gate return (rc); 29767c478bd9Sstevel@tonic-gate } 29777c478bd9Sstevel@tonic-gate 29787c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "nisSecretkey", ptr->privkey); 29797c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 29807c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 29817c478bd9Sstevel@tonic-gate return (rc); 29827c478bd9Sstevel@tonic-gate } 29837c478bd9Sstevel@tonic-gate 29847c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 29857c478bd9Sstevel@tonic-gate } 29867c478bd9Sstevel@tonic-gate /* 29877c478bd9Sstevel@tonic-gate * Conversion: aliases 29887c478bd9Sstevel@tonic-gate * Input format: struct _ns_alias 29897c478bd9Sstevel@tonic-gate * Exported objectclass: mailGroup 29907c478bd9Sstevel@tonic-gate */ 29917c478bd9Sstevel@tonic-gate static int 29927c478bd9Sstevel@tonic-gate __s_cvt_aliases(const void *data, char **rdn, 29937c478bd9Sstevel@tonic-gate ns_ldap_entry_t **entry, ns_ldap_error_t **errorp) 29947c478bd9Sstevel@tonic-gate { 29957c478bd9Sstevel@tonic-gate ns_ldap_entry_t *e; 29967c478bd9Sstevel@tonic-gate int rc; 29977c478bd9Sstevel@tonic-gate char trdn[RDNSIZE]; 29987c478bd9Sstevel@tonic-gate /* routine specific */ 29997c478bd9Sstevel@tonic-gate struct _ns_alias *ptr; 30007c478bd9Sstevel@tonic-gate int max_attr = 4; 30017c478bd9Sstevel@tonic-gate int i, j; 30027c478bd9Sstevel@tonic-gate char **nm; 30037c478bd9Sstevel@tonic-gate static char *oclist[] = { 30047c478bd9Sstevel@tonic-gate "mailGroup", 30057c478bd9Sstevel@tonic-gate "top", 30067c478bd9Sstevel@tonic-gate NULL 30077c478bd9Sstevel@tonic-gate }; 30087c478bd9Sstevel@tonic-gate 30097c478bd9Sstevel@tonic-gate if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL) 30107c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED); 30117c478bd9Sstevel@tonic-gate *entry = e = __s_mk_entry(oclist, max_attr); 30127c478bd9Sstevel@tonic-gate if (e == NULL) 30137c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 30147c478bd9Sstevel@tonic-gate 30157c478bd9Sstevel@tonic-gate /* Convert the structure */ 30167c478bd9Sstevel@tonic-gate ptr = (struct _ns_alias *)data; 30177c478bd9Sstevel@tonic-gate 30187c478bd9Sstevel@tonic-gate if (ptr->alias == NULL) { 30197c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 30207c478bd9Sstevel@tonic-gate *entry = NULL; 30217c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 30227c478bd9Sstevel@tonic-gate } 30237c478bd9Sstevel@tonic-gate 30247c478bd9Sstevel@tonic-gate /* Create an appropriate rdn */ 30257c478bd9Sstevel@tonic-gate (void) snprintf(trdn, RDNSIZE, "cn=%s", ptr->alias); 30267c478bd9Sstevel@tonic-gate *rdn = strdup(trdn); 30277c478bd9Sstevel@tonic-gate if (*rdn == NULL) { 30287c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 30297c478bd9Sstevel@tonic-gate *entry = NULL; 30307c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 30317c478bd9Sstevel@tonic-gate } 30327c478bd9Sstevel@tonic-gate 30337c478bd9Sstevel@tonic-gate if (ptr->alias != '\0') { 30347c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "mail", (char *)ptr->alias); 30357c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 30367c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 30377c478bd9Sstevel@tonic-gate return (rc); 30387c478bd9Sstevel@tonic-gate } 30397c478bd9Sstevel@tonic-gate } 30407c478bd9Sstevel@tonic-gate 30417c478bd9Sstevel@tonic-gate /* Error check the data and add the attributes */ 30427c478bd9Sstevel@tonic-gate if (ptr->member && ptr->member[0]) { 30437c478bd9Sstevel@tonic-gate nm = ptr->member; 30447c478bd9Sstevel@tonic-gate for (i = 0; *nm; i++, nm++) 30457c478bd9Sstevel@tonic-gate ; 30467c478bd9Sstevel@tonic-gate nm = (char **)calloc(i+2, sizeof (char *)); 30477c478bd9Sstevel@tonic-gate if (nm == NULL) { 30487c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 30497c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 30507c478bd9Sstevel@tonic-gate } 30517c478bd9Sstevel@tonic-gate for (j = 0; j < i; j++) 30527c478bd9Sstevel@tonic-gate nm[j] = ptr->member[j]; 30537c478bd9Sstevel@tonic-gate 30547c478bd9Sstevel@tonic-gate rc = __s_add_attrlist(e, "mgrpRFC822MailMember", nm); 30557c478bd9Sstevel@tonic-gate free(nm); 30567c478bd9Sstevel@tonic-gate nm = NULL; 30577c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 30587c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 30597c478bd9Sstevel@tonic-gate return (rc); 30607c478bd9Sstevel@tonic-gate } 30617c478bd9Sstevel@tonic-gate } 30627c478bd9Sstevel@tonic-gate 30637c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 30647c478bd9Sstevel@tonic-gate 30657c478bd9Sstevel@tonic-gate } 30667c478bd9Sstevel@tonic-gate /* 30677c478bd9Sstevel@tonic-gate * Conversion: automount 30687c478bd9Sstevel@tonic-gate * Input format: struct _ns_automount 30697c478bd9Sstevel@tonic-gate * Exported objectclass: automount 30707c478bd9Sstevel@tonic-gate */ 30717c478bd9Sstevel@tonic-gate static int 30727c478bd9Sstevel@tonic-gate __s_cvt_auto_mount(const void *data, char **rdn, 30737c478bd9Sstevel@tonic-gate ns_ldap_entry_t **entry, ns_ldap_error_t **errorp) 30747c478bd9Sstevel@tonic-gate { 30757c478bd9Sstevel@tonic-gate ns_ldap_entry_t *e; 30767c478bd9Sstevel@tonic-gate int rc; 30777c478bd9Sstevel@tonic-gate char trdn[RDNSIZE]; 30787c478bd9Sstevel@tonic-gate /* routine specific */ 30797c478bd9Sstevel@tonic-gate struct _ns_automount *ptr; 30807c478bd9Sstevel@tonic-gate int max_attr = 6; 30817c478bd9Sstevel@tonic-gate void **paramVal = NULL; 30827c478bd9Sstevel@tonic-gate char **mappedschema = NULL; 30837c478bd9Sstevel@tonic-gate int version1 = 0; 30847c478bd9Sstevel@tonic-gate static char *oclist[] = { 30857c478bd9Sstevel@tonic-gate NULL, 30867c478bd9Sstevel@tonic-gate "top", 30877c478bd9Sstevel@tonic-gate NULL 30887c478bd9Sstevel@tonic-gate }; 30897c478bd9Sstevel@tonic-gate 30907c478bd9Sstevel@tonic-gate if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL) 30917c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED); 30927c478bd9Sstevel@tonic-gate 30937c478bd9Sstevel@tonic-gate /* determine profile version number */ 30947c478bd9Sstevel@tonic-gate rc = __ns_ldap_getParam(NS_LDAP_FILE_VERSION_P, ¶mVal, errorp); 30957c478bd9Sstevel@tonic-gate if (paramVal && *paramVal && 3096e1dd0a2fSth strcasecmp(*paramVal, NS_LDAP_VERSION_1) == 0) 30977c478bd9Sstevel@tonic-gate version1 = 1; 30987c478bd9Sstevel@tonic-gate if (paramVal) 30997c478bd9Sstevel@tonic-gate (void) __ns_ldap_freeParam(¶mVal); 31007c478bd9Sstevel@tonic-gate if (rc && errorp) 31017c478bd9Sstevel@tonic-gate (void) __ns_ldap_freeError(errorp); 31027c478bd9Sstevel@tonic-gate 31037c478bd9Sstevel@tonic-gate /* use old schema for version 1 profiles */ 31047c478bd9Sstevel@tonic-gate if (version1) 31057c478bd9Sstevel@tonic-gate oclist[0] = "nisObject"; 31067c478bd9Sstevel@tonic-gate else 31077c478bd9Sstevel@tonic-gate oclist[0] = "automount"; 31087c478bd9Sstevel@tonic-gate 31097c478bd9Sstevel@tonic-gate *entry = e = __s_mk_entry(oclist, max_attr); 31107c478bd9Sstevel@tonic-gate if (e == NULL) 31117c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 31127c478bd9Sstevel@tonic-gate 31137c478bd9Sstevel@tonic-gate /* Convert the structure */ 31147c478bd9Sstevel@tonic-gate ptr = (struct _ns_automount *)data; 31157c478bd9Sstevel@tonic-gate 31167c478bd9Sstevel@tonic-gate if (ptr->key == NULL || ptr->value == '\0' || ptr->mapname == '\0') { 31177c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 31187c478bd9Sstevel@tonic-gate *entry = NULL; 31197c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 31207c478bd9Sstevel@tonic-gate } 31217c478bd9Sstevel@tonic-gate 31227c478bd9Sstevel@tonic-gate /* Create an appropriate rdn */ 31237c478bd9Sstevel@tonic-gate (void) snprintf(trdn, RDNSIZE, version1 ? "cn=%s" : "automountKey=%s", 3124e1dd0a2fSth ptr->key); 31257c478bd9Sstevel@tonic-gate *rdn = strdup(trdn); 31267c478bd9Sstevel@tonic-gate if (*rdn == NULL) { 31277c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 31287c478bd9Sstevel@tonic-gate *entry = NULL; 31297c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 31307c478bd9Sstevel@tonic-gate } 31317c478bd9Sstevel@tonic-gate 31327c478bd9Sstevel@tonic-gate if (ptr->key != '\0') { 31337c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, version1 ? "cn" : "automountKey", 3134e1dd0a2fSth (char *)ptr->key); 31357c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 31367c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 31377c478bd9Sstevel@tonic-gate return (rc); 31387c478bd9Sstevel@tonic-gate } 31397c478bd9Sstevel@tonic-gate } 31407c478bd9Sstevel@tonic-gate 31417c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, version1 ? "nisMapEntry" : "automountInformation", 3142e1dd0a2fSth (char *)ptr->value); 31437c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 31447c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 31457c478bd9Sstevel@tonic-gate return (rc); 31467c478bd9Sstevel@tonic-gate } 31477c478bd9Sstevel@tonic-gate 31487c478bd9Sstevel@tonic-gate /* 31497c478bd9Sstevel@tonic-gate * even for version 2, if automount is mapped to nisObject we 31507c478bd9Sstevel@tonic-gate * still need 'nisMapName' attribute 31517c478bd9Sstevel@tonic-gate */ 31527c478bd9Sstevel@tonic-gate mappedschema = __ns_ldap_getMappedObjectClass("automount", "automount"); 31537c478bd9Sstevel@tonic-gate if (mappedschema && mappedschema[0] && 3154e1dd0a2fSth strcasecmp(mappedschema[0], "nisObject") == 0) 31557c478bd9Sstevel@tonic-gate version1 = 1; 31567c478bd9Sstevel@tonic-gate if (mappedschema) 31577c478bd9Sstevel@tonic-gate __s_api_free2dArray(mappedschema); 31587c478bd9Sstevel@tonic-gate 31597c478bd9Sstevel@tonic-gate if (version1) { 31607c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "nisMapName", (char *)ptr->mapname); 31617c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 31627c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 31637c478bd9Sstevel@tonic-gate return (rc); 31647c478bd9Sstevel@tonic-gate } 31657c478bd9Sstevel@tonic-gate } 31667c478bd9Sstevel@tonic-gate 31677c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 31687c478bd9Sstevel@tonic-gate } 31697c478bd9Sstevel@tonic-gate /* 31707c478bd9Sstevel@tonic-gate * Conversion: auth_attr 31717c478bd9Sstevel@tonic-gate * Input format: authstr_t 31727c478bd9Sstevel@tonic-gate * Exported objectclass: SolarisAuthAttr 31737c478bd9Sstevel@tonic-gate */ 31747c478bd9Sstevel@tonic-gate static int 31757c478bd9Sstevel@tonic-gate __s_cvt_authattr(const void *data, char **rdn, 31767c478bd9Sstevel@tonic-gate ns_ldap_entry_t **entry, ns_ldap_error_t **errorp) 31777c478bd9Sstevel@tonic-gate { 31787c478bd9Sstevel@tonic-gate ns_ldap_entry_t *e; 31797c478bd9Sstevel@tonic-gate int rc; 31807c478bd9Sstevel@tonic-gate char trdn[RDNSIZE]; 31817c478bd9Sstevel@tonic-gate /* routine specific */ 31827c478bd9Sstevel@tonic-gate authstr_t *ptr; 31837c478bd9Sstevel@tonic-gate int max_attr = 6; 31847c478bd9Sstevel@tonic-gate static char *oclist[] = { 31857c478bd9Sstevel@tonic-gate "SolarisAuthAttr", 31867c478bd9Sstevel@tonic-gate "top", 31877c478bd9Sstevel@tonic-gate NULL 31887c478bd9Sstevel@tonic-gate }; 31897c478bd9Sstevel@tonic-gate 31907c478bd9Sstevel@tonic-gate if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL) 31917c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED); 31927c478bd9Sstevel@tonic-gate 31937c478bd9Sstevel@tonic-gate *entry = e = __s_mk_entry(oclist, max_attr); 31947c478bd9Sstevel@tonic-gate if (e == NULL) 31957c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 31967c478bd9Sstevel@tonic-gate 31977c478bd9Sstevel@tonic-gate /* Convert the structure */ 31987c478bd9Sstevel@tonic-gate ptr = (authstr_t *)data; 31997c478bd9Sstevel@tonic-gate 32007c478bd9Sstevel@tonic-gate if (ptr->name == NULL || ptr->name[0] == '\0' || ptr->attr == NULL) { 32017c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 32027c478bd9Sstevel@tonic-gate *entry = NULL; 32037c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 32047c478bd9Sstevel@tonic-gate } 32057c478bd9Sstevel@tonic-gate 32067c478bd9Sstevel@tonic-gate /* Create an appropriate rdn */ 32077c478bd9Sstevel@tonic-gate (void) snprintf(trdn, RDNSIZE, "cn=%s", ptr->name); 32087c478bd9Sstevel@tonic-gate *rdn = strdup(trdn); 32097c478bd9Sstevel@tonic-gate if (*rdn == NULL) { 32107c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 32117c478bd9Sstevel@tonic-gate *entry = NULL; 32127c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 32137c478bd9Sstevel@tonic-gate } 32147c478bd9Sstevel@tonic-gate 32157c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "cn", ptr->name); 32167c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 32177c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 32187c478bd9Sstevel@tonic-gate return (rc); 32197c478bd9Sstevel@tonic-gate } 32207c478bd9Sstevel@tonic-gate 32217c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "SolarisAttrKeyValue", ptr->attr); 32227c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 32237c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 32247c478bd9Sstevel@tonic-gate return (rc); 32257c478bd9Sstevel@tonic-gate } 32267c478bd9Sstevel@tonic-gate 32277c478bd9Sstevel@tonic-gate if (ptr->res1 != NULL) { 32287c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "SolarisAttrReserved1", ptr->res1); 32297c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 32307c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 32317c478bd9Sstevel@tonic-gate return (rc); 32327c478bd9Sstevel@tonic-gate } 32337c478bd9Sstevel@tonic-gate } 32347c478bd9Sstevel@tonic-gate 32357c478bd9Sstevel@tonic-gate if (ptr->res2 != NULL) { 32367c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "SolarisAttrReserved2", ptr->res2); 32377c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 32387c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 32397c478bd9Sstevel@tonic-gate return (rc); 32407c478bd9Sstevel@tonic-gate } 32417c478bd9Sstevel@tonic-gate } 32427c478bd9Sstevel@tonic-gate 32437c478bd9Sstevel@tonic-gate if (ptr->short_desc != NULL) { 32447c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "SolarisAttrShortDesc", ptr->short_desc); 32457c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 32467c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 32477c478bd9Sstevel@tonic-gate return (rc); 32487c478bd9Sstevel@tonic-gate } 32497c478bd9Sstevel@tonic-gate } 32507c478bd9Sstevel@tonic-gate 32517c478bd9Sstevel@tonic-gate if (ptr->long_desc != NULL) { 32527c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "SolarisAttrLongDesc", ptr->long_desc); 32537c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 32547c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 32557c478bd9Sstevel@tonic-gate return (rc); 32567c478bd9Sstevel@tonic-gate } 32577c478bd9Sstevel@tonic-gate } 32587c478bd9Sstevel@tonic-gate 32597c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 32607c478bd9Sstevel@tonic-gate } 32617c478bd9Sstevel@tonic-gate /* 32627c478bd9Sstevel@tonic-gate * Conversion: exec_attr 32637c478bd9Sstevel@tonic-gate * Input format: execstr_t 32647c478bd9Sstevel@tonic-gate * Exported objectclass: SolarisExecAttr 32657c478bd9Sstevel@tonic-gate */ 32667c478bd9Sstevel@tonic-gate static int 32677c478bd9Sstevel@tonic-gate __s_cvt_execattr(const void *data, char **rdn, 32687c478bd9Sstevel@tonic-gate ns_ldap_entry_t **entry, ns_ldap_error_t **errorp) 32697c478bd9Sstevel@tonic-gate { 32707c478bd9Sstevel@tonic-gate ns_ldap_entry_t *e; 32717c478bd9Sstevel@tonic-gate int rc; 32727c478bd9Sstevel@tonic-gate char trdn[RDNSIZE]; 327350b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India char esc_str[RDNSIZE]; 32747c478bd9Sstevel@tonic-gate /* routine specific */ 32757c478bd9Sstevel@tonic-gate execstr_t *ptr; 32767c478bd9Sstevel@tonic-gate int max_attr = 7; 32777c478bd9Sstevel@tonic-gate static char *oclist[] = { 32787c478bd9Sstevel@tonic-gate "SolarisExecAttr", 32797c478bd9Sstevel@tonic-gate "SolarisProfAttr", 32807c478bd9Sstevel@tonic-gate "top", 32817c478bd9Sstevel@tonic-gate NULL 32827c478bd9Sstevel@tonic-gate }; 32837c478bd9Sstevel@tonic-gate 32847c478bd9Sstevel@tonic-gate if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL) 32857c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED); 32867c478bd9Sstevel@tonic-gate 32877c478bd9Sstevel@tonic-gate *entry = e = __s_mk_entry(oclist, max_attr); 32887c478bd9Sstevel@tonic-gate if (e == NULL) 32897c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 32907c478bd9Sstevel@tonic-gate 32917c478bd9Sstevel@tonic-gate /* Convert the structure */ 32927c478bd9Sstevel@tonic-gate ptr = (execstr_t *)data; 32937c478bd9Sstevel@tonic-gate 32947c478bd9Sstevel@tonic-gate if (ptr->name == NULL || ptr->name[0] == '\0' || 32957c478bd9Sstevel@tonic-gate ptr->policy == NULL || ptr->policy[0] == '\0' || 32967c478bd9Sstevel@tonic-gate ptr->type == NULL || ptr->type[0] == '\0' || 32977c478bd9Sstevel@tonic-gate ptr->id == NULL || ptr->id[0] == '\0') { 32987c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 32997c478bd9Sstevel@tonic-gate *entry = NULL; 33007c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 33017c478bd9Sstevel@tonic-gate } 33027c478bd9Sstevel@tonic-gate 330350b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India /* 330450b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India * Escape special characters in ProfileID. 330550b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India */ 330650b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India if (escape_str(esc_str, ptr->id) != 0) { 330750b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India __ns_ldap_freeEntry(e); 330850b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India *entry = NULL; 330950b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India return (NS_LDAP_INVALID_PARAM); 331050b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India } 331150b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India 33127c478bd9Sstevel@tonic-gate /* Create an appropriate rdn */ 33137c478bd9Sstevel@tonic-gate (void) snprintf(trdn, RDNSIZE, "cn=%s+SolarisKernelSecurityPolicy=%s" 33147c478bd9Sstevel@tonic-gate "+SolarisProfileType=%s+SolarisProfileId=%s", 331550b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India ptr->name, ptr->policy, ptr->type, esc_str); 331650b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India 33177c478bd9Sstevel@tonic-gate *rdn = strdup(trdn); 33187c478bd9Sstevel@tonic-gate if (*rdn == NULL) { 33197c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 33207c478bd9Sstevel@tonic-gate *entry = NULL; 33217c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 33227c478bd9Sstevel@tonic-gate } 33237c478bd9Sstevel@tonic-gate 33247c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "cn", ptr->name); 33257c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 33267c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 33277c478bd9Sstevel@tonic-gate return (rc); 33287c478bd9Sstevel@tonic-gate } 33297c478bd9Sstevel@tonic-gate 33307c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "SolarisKernelSecurityPolicy", ptr->policy); 33317c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 33327c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 33337c478bd9Sstevel@tonic-gate return (rc); 33347c478bd9Sstevel@tonic-gate } 33357c478bd9Sstevel@tonic-gate 33367c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "SolarisProfileType", ptr->type); 33377c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 33387c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 33397c478bd9Sstevel@tonic-gate return (rc); 33407c478bd9Sstevel@tonic-gate } 33417c478bd9Sstevel@tonic-gate 33427c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "SolarisProfileId", ptr->id); 33437c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 33447c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 33457c478bd9Sstevel@tonic-gate return (rc); 33467c478bd9Sstevel@tonic-gate } 33477c478bd9Sstevel@tonic-gate 33487c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "SolarisAttrKeyValue", ptr->attr); 33497c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 33507c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 33517c478bd9Sstevel@tonic-gate return (rc); 33527c478bd9Sstevel@tonic-gate } 33537c478bd9Sstevel@tonic-gate 33547c478bd9Sstevel@tonic-gate if (ptr->res1 != NULL) { 33557c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "SolarisAttrRes1", ptr->res1); 33567c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 33577c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 33587c478bd9Sstevel@tonic-gate return (rc); 33597c478bd9Sstevel@tonic-gate } 33607c478bd9Sstevel@tonic-gate } 33617c478bd9Sstevel@tonic-gate 33627c478bd9Sstevel@tonic-gate if (ptr->res2 != NULL) { 33637c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "SolarisAttrRes2", ptr->res2); 33647c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 33657c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 33667c478bd9Sstevel@tonic-gate return (rc); 33677c478bd9Sstevel@tonic-gate } 33687c478bd9Sstevel@tonic-gate } 33697c478bd9Sstevel@tonic-gate 33707c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 33717c478bd9Sstevel@tonic-gate } 33727c478bd9Sstevel@tonic-gate /* 33737c478bd9Sstevel@tonic-gate * Conversion: prof_attr 33747c478bd9Sstevel@tonic-gate * Input format: profstr_t 33757c478bd9Sstevel@tonic-gate * Exported objectclass: SolarisProfAttr 33767c478bd9Sstevel@tonic-gate */ 33777c478bd9Sstevel@tonic-gate static int 33787c478bd9Sstevel@tonic-gate __s_cvt_profattr(const void *data, char **rdn, 33797c478bd9Sstevel@tonic-gate ns_ldap_entry_t **entry, ns_ldap_error_t **errorp) 33807c478bd9Sstevel@tonic-gate { 33817c478bd9Sstevel@tonic-gate ns_ldap_entry_t *e; 33827c478bd9Sstevel@tonic-gate int rc; 33837c478bd9Sstevel@tonic-gate char trdn[RDNSIZE]; 33847c478bd9Sstevel@tonic-gate /* routine specific */ 33857c478bd9Sstevel@tonic-gate profstr_t *ptr; 33867c478bd9Sstevel@tonic-gate int max_attr = 5; 33877c478bd9Sstevel@tonic-gate static char *oclist[] = { 33887c478bd9Sstevel@tonic-gate "SolarisProfAttr", 33897c478bd9Sstevel@tonic-gate "top", 33907c478bd9Sstevel@tonic-gate NULL 33917c478bd9Sstevel@tonic-gate }; 33927c478bd9Sstevel@tonic-gate 33937c478bd9Sstevel@tonic-gate if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL) 33947c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED); 33957c478bd9Sstevel@tonic-gate 33967c478bd9Sstevel@tonic-gate *entry = e = __s_mk_entry(oclist, max_attr); 33977c478bd9Sstevel@tonic-gate if (e == NULL) 33987c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 33997c478bd9Sstevel@tonic-gate 34007c478bd9Sstevel@tonic-gate /* Convert the structure */ 34017c478bd9Sstevel@tonic-gate ptr = (profstr_t *)data; 34027c478bd9Sstevel@tonic-gate 34037c478bd9Sstevel@tonic-gate if (ptr->name == NULL || ptr->name[0] == '\0' || ptr->attr == NULL) { 34047c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 34057c478bd9Sstevel@tonic-gate *entry = NULL; 34067c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 34077c478bd9Sstevel@tonic-gate } 34087c478bd9Sstevel@tonic-gate 34097c478bd9Sstevel@tonic-gate /* Create an appropriate rdn */ 34107c478bd9Sstevel@tonic-gate (void) snprintf(trdn, RDNSIZE, "cn=%s", ptr->name); 34117c478bd9Sstevel@tonic-gate *rdn = strdup(trdn); 34127c478bd9Sstevel@tonic-gate if (*rdn == NULL) { 34137c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 34147c478bd9Sstevel@tonic-gate *entry = NULL; 34157c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 34167c478bd9Sstevel@tonic-gate } 34177c478bd9Sstevel@tonic-gate 34187c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "cn", ptr->name); 34197c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 34207c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 34217c478bd9Sstevel@tonic-gate return (rc); 34227c478bd9Sstevel@tonic-gate } 34237c478bd9Sstevel@tonic-gate 34247c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "SolarisAttrKeyValue", ptr->attr); 34257c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 34267c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 34277c478bd9Sstevel@tonic-gate return (rc); 34287c478bd9Sstevel@tonic-gate } 34297c478bd9Sstevel@tonic-gate 34307c478bd9Sstevel@tonic-gate if (ptr->res1 != NULL) { 34317c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "SolarisAttrReserved1", ptr->res1); 34327c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 34337c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 34347c478bd9Sstevel@tonic-gate return (rc); 34357c478bd9Sstevel@tonic-gate } 34367c478bd9Sstevel@tonic-gate } 34377c478bd9Sstevel@tonic-gate 34387c478bd9Sstevel@tonic-gate if (ptr->res2 != NULL) { 34397c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "SolarisAttrReserved2", ptr->res2); 34407c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 34417c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 34427c478bd9Sstevel@tonic-gate return (rc); 34437c478bd9Sstevel@tonic-gate } 34447c478bd9Sstevel@tonic-gate } 34457c478bd9Sstevel@tonic-gate 34467c478bd9Sstevel@tonic-gate if (ptr->desc != NULL) { 34477c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "SolarisAttrLongDesc", ptr->desc); 34487c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 34497c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 34507c478bd9Sstevel@tonic-gate return (rc); 34517c478bd9Sstevel@tonic-gate } 34527c478bd9Sstevel@tonic-gate } 34537c478bd9Sstevel@tonic-gate 34547c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 34557c478bd9Sstevel@tonic-gate } 34567c478bd9Sstevel@tonic-gate /* 34577c478bd9Sstevel@tonic-gate * Conversion: user_attr 34587c478bd9Sstevel@tonic-gate * Input format: userstr_t 34597c478bd9Sstevel@tonic-gate * Exported objectclass: SolarisUserAttr 34607c478bd9Sstevel@tonic-gate */ 34617c478bd9Sstevel@tonic-gate static int 34627c478bd9Sstevel@tonic-gate __s_cvt_userattr(const void *data, char **rdn, 34637c478bd9Sstevel@tonic-gate ns_ldap_entry_t **entry, ns_ldap_error_t **errorp) 34647c478bd9Sstevel@tonic-gate { 34657c478bd9Sstevel@tonic-gate ns_ldap_entry_t *e; 34667c478bd9Sstevel@tonic-gate int rc; 34677c478bd9Sstevel@tonic-gate char trdn[RDNSIZE]; 34687c478bd9Sstevel@tonic-gate /* routine specific */ 34697c478bd9Sstevel@tonic-gate userstr_t *ptr; 34707c478bd9Sstevel@tonic-gate int max_attr = 5; 34717c478bd9Sstevel@tonic-gate static char *oclist[] = { 34727c478bd9Sstevel@tonic-gate "SolarisUserAttr", 34737c478bd9Sstevel@tonic-gate NULL 34747c478bd9Sstevel@tonic-gate }; 34757c478bd9Sstevel@tonic-gate 34767c478bd9Sstevel@tonic-gate if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL) 34777c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED); 34787c478bd9Sstevel@tonic-gate 34797c478bd9Sstevel@tonic-gate *entry = e = __s_mk_entry(oclist, max_attr); 34807c478bd9Sstevel@tonic-gate if (e == NULL) 34817c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 34827c478bd9Sstevel@tonic-gate 34837c478bd9Sstevel@tonic-gate /* Convert the structure */ 34847c478bd9Sstevel@tonic-gate ptr = (userstr_t *)data; 34857c478bd9Sstevel@tonic-gate 34867c478bd9Sstevel@tonic-gate if (ptr->name == NULL || ptr->name[0] == '\0' || 34877c478bd9Sstevel@tonic-gate ptr->attr == NULL) { 34887c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 34897c478bd9Sstevel@tonic-gate *entry = NULL; 34907c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 34917c478bd9Sstevel@tonic-gate } 34927c478bd9Sstevel@tonic-gate 34937c478bd9Sstevel@tonic-gate /* Create an appropriate rdn */ 34947c478bd9Sstevel@tonic-gate (void) snprintf(trdn, RDNSIZE, "uid=%s", ptr->name); 34957c478bd9Sstevel@tonic-gate *rdn = strdup(trdn); 34967c478bd9Sstevel@tonic-gate if (*rdn == NULL) { 34977c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 34987c478bd9Sstevel@tonic-gate *entry = NULL; 34997c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 35007c478bd9Sstevel@tonic-gate } 35017c478bd9Sstevel@tonic-gate 35027c478bd9Sstevel@tonic-gate /* 35037c478bd9Sstevel@tonic-gate * SolarisUserAttr has no uid attribute 35047c478bd9Sstevel@tonic-gate */ 35057c478bd9Sstevel@tonic-gate 35067c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "SolarisAttrKeyValue", ptr->attr); 35077c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 35087c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 35097c478bd9Sstevel@tonic-gate return (rc); 35107c478bd9Sstevel@tonic-gate } 35117c478bd9Sstevel@tonic-gate 35127c478bd9Sstevel@tonic-gate if (ptr->qualifier != NULL) { 35137c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "SolarisUserQualifier", ptr->qualifier); 35147c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 35157c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 35167c478bd9Sstevel@tonic-gate return (rc); 35177c478bd9Sstevel@tonic-gate } 35187c478bd9Sstevel@tonic-gate } 35197c478bd9Sstevel@tonic-gate 35207c478bd9Sstevel@tonic-gate if (ptr->res1 != NULL) { 35217c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "SolarisAttrReserved1", ptr->res1); 35227c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 35237c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 35247c478bd9Sstevel@tonic-gate return (rc); 35257c478bd9Sstevel@tonic-gate } 35267c478bd9Sstevel@tonic-gate } 35277c478bd9Sstevel@tonic-gate 35287c478bd9Sstevel@tonic-gate if (ptr->res2 != NULL) { 35297c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "SolarisAttrReserved2", ptr->res2); 35307c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 35317c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 35327c478bd9Sstevel@tonic-gate return (rc); 35337c478bd9Sstevel@tonic-gate } 35347c478bd9Sstevel@tonic-gate } 35357c478bd9Sstevel@tonic-gate 35367c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 35377c478bd9Sstevel@tonic-gate } 35387c478bd9Sstevel@tonic-gate /* 35397c478bd9Sstevel@tonic-gate * Conversion: audit_user 35407c478bd9Sstevel@tonic-gate * Input format: au_user_str_t 35417c478bd9Sstevel@tonic-gate * Exported objectclass: SolarisAuditUser 35427c478bd9Sstevel@tonic-gate */ 35437c478bd9Sstevel@tonic-gate static int 35447c478bd9Sstevel@tonic-gate __s_cvt_audituser(const void *data, char **rdn, 35457c478bd9Sstevel@tonic-gate ns_ldap_entry_t **entry, ns_ldap_error_t **errorp) 35467c478bd9Sstevel@tonic-gate { 35477c478bd9Sstevel@tonic-gate ns_ldap_entry_t *e; 35487c478bd9Sstevel@tonic-gate int rc; 35497c478bd9Sstevel@tonic-gate char trdn[RDNSIZE]; 35507c478bd9Sstevel@tonic-gate /* routine specific */ 35517c478bd9Sstevel@tonic-gate au_user_str_t *ptr; 35527c478bd9Sstevel@tonic-gate int max_attr = 3; 35537c478bd9Sstevel@tonic-gate static char *oclist[] = { 35547c478bd9Sstevel@tonic-gate "SolarisAuditUser", 35557c478bd9Sstevel@tonic-gate NULL 35567c478bd9Sstevel@tonic-gate }; 35577c478bd9Sstevel@tonic-gate 35587c478bd9Sstevel@tonic-gate if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL) 35597c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED); 35607c478bd9Sstevel@tonic-gate 35617c478bd9Sstevel@tonic-gate *entry = e = __s_mk_entry(oclist, max_attr); 35627c478bd9Sstevel@tonic-gate if (e == NULL) 35637c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 35647c478bd9Sstevel@tonic-gate 35657c478bd9Sstevel@tonic-gate /* Convert the structure */ 35667c478bd9Sstevel@tonic-gate ptr = (au_user_str_t *)data; 35677c478bd9Sstevel@tonic-gate 35687c478bd9Sstevel@tonic-gate if (ptr->au_name == NULL || ptr->au_name[0] == '\0') { 35697c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 35707c478bd9Sstevel@tonic-gate *entry = NULL; 35717c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 35727c478bd9Sstevel@tonic-gate } 35737c478bd9Sstevel@tonic-gate 35747c478bd9Sstevel@tonic-gate /* Create an appropriate rdn */ 35757c478bd9Sstevel@tonic-gate (void) snprintf(trdn, RDNSIZE, "uid=%s", ptr->au_name); 35767c478bd9Sstevel@tonic-gate *rdn = strdup(trdn); 35777c478bd9Sstevel@tonic-gate if (*rdn == NULL) { 35787c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 35797c478bd9Sstevel@tonic-gate *entry = NULL; 35807c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 35817c478bd9Sstevel@tonic-gate } 35827c478bd9Sstevel@tonic-gate 35837c478bd9Sstevel@tonic-gate /* 35847c478bd9Sstevel@tonic-gate * Solaris AuditUser has no uid attribute 35857c478bd9Sstevel@tonic-gate */ 35867c478bd9Sstevel@tonic-gate 35877c478bd9Sstevel@tonic-gate if (ptr->au_always != NULL) { 35887c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "SolarisAuditAlways", ptr->au_always); 35897c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 35907c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 35917c478bd9Sstevel@tonic-gate return (rc); 35927c478bd9Sstevel@tonic-gate } 35937c478bd9Sstevel@tonic-gate } 35947c478bd9Sstevel@tonic-gate 35957c478bd9Sstevel@tonic-gate if (ptr->au_never != NULL) { 35967c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "SolarisAuditNever", ptr->au_never); 35977c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 35987c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 35997c478bd9Sstevel@tonic-gate return (rc); 36007c478bd9Sstevel@tonic-gate } 36017c478bd9Sstevel@tonic-gate } 36027c478bd9Sstevel@tonic-gate 36037c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 36047c478bd9Sstevel@tonic-gate } 360545916cd2Sjpk /* 360645916cd2Sjpk * Conversion: tnrhtp 360745916cd2Sjpk * Input format: tsol_tpstr_t 360845916cd2Sjpk * Exported objectclass: ipTnetTemplate 360945916cd2Sjpk */ 361045916cd2Sjpk static int 361145916cd2Sjpk __s_cvt_tnrhtp(const void *data, char **rdn, 361245916cd2Sjpk ns_ldap_entry_t **entry, ns_ldap_error_t **errorp) 361345916cd2Sjpk { 361445916cd2Sjpk ns_ldap_entry_t *e; 361545916cd2Sjpk int rc; 361645916cd2Sjpk char trdn[RDNSIZE]; 361750b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India char esc_str[RDNSIZE]; 361845916cd2Sjpk /* routine specific */ 361945916cd2Sjpk int max_attr = 2; 362045916cd2Sjpk tsol_tpstr_t *ptr; 362145916cd2Sjpk static char *oclist[] = { 362245916cd2Sjpk "ipTnetTemplate", 362345916cd2Sjpk "top", 362445916cd2Sjpk NULL 362545916cd2Sjpk }; 362645916cd2Sjpk 362745916cd2Sjpk if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL) 362845916cd2Sjpk return (NS_LDAP_OP_FAILED); 362945916cd2Sjpk 363045916cd2Sjpk *entry = e = __s_mk_entry(oclist, max_attr); 363145916cd2Sjpk if (e == NULL) 363245916cd2Sjpk return (NS_LDAP_MEMORY); 363345916cd2Sjpk 363445916cd2Sjpk /* Convert the structure */ 363545916cd2Sjpk ptr = (tsol_tpstr_t *)data; 363645916cd2Sjpk 363744aa1912Sth if (ptr->template == NULL || *ptr->template == '\0') { 363845916cd2Sjpk __ns_ldap_freeEntry(e); 363945916cd2Sjpk *entry = NULL; 364045916cd2Sjpk return (NS_LDAP_INVALID_PARAM); 364145916cd2Sjpk } 364245916cd2Sjpk 364350b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India /* 364450b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India * Escape special characters in Template name. 364550b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India */ 364650b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India if (escape_str(esc_str, ptr->template) != 0) { 364750b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India __ns_ldap_freeEntry(e); 364850b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India *entry = NULL; 364950b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India return (NS_LDAP_INVALID_PARAM); 365050b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India } 365150b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India 365245916cd2Sjpk /* Create an appropriate rdn */ 365350b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India (void) snprintf(trdn, RDNSIZE, "ipTnetTemplateName=%s", esc_str); 365445916cd2Sjpk *rdn = strdup(trdn); 365545916cd2Sjpk if (*rdn == NULL) { 365645916cd2Sjpk __ns_ldap_freeEntry(e); 365745916cd2Sjpk *entry = NULL; 365845916cd2Sjpk return (NS_LDAP_MEMORY); 365945916cd2Sjpk } 366045916cd2Sjpk 366145916cd2Sjpk rc = __s_add_attr(e, "ipTnetTemplateName", ptr->template); 366245916cd2Sjpk if (rc != NS_LDAP_SUCCESS) { 366345916cd2Sjpk __s_cvt_freeEntryRdn(entry, rdn); 366445916cd2Sjpk return (rc); 366545916cd2Sjpk } 366645916cd2Sjpk 366745916cd2Sjpk rc = __s_add_attr(e, "SolarisAttrKeyValue", ptr->attrs); 366845916cd2Sjpk if (rc != NS_LDAP_SUCCESS) { 366945916cd2Sjpk __s_cvt_freeEntryRdn(entry, rdn); 367045916cd2Sjpk return (rc); 367145916cd2Sjpk } 36727c478bd9Sstevel@tonic-gate 367345916cd2Sjpk return (NS_LDAP_SUCCESS); 367445916cd2Sjpk } 367545916cd2Sjpk /* 367645916cd2Sjpk * Conversion: tnrhdb 367745916cd2Sjpk * Input format: tsol_rhstr_t 367845916cd2Sjpk * Exported objectclass: ipTnetHost 367945916cd2Sjpk */ 368045916cd2Sjpk static int 368145916cd2Sjpk __s_cvt_tnrhdb(const void *data, char **rdn, 368245916cd2Sjpk ns_ldap_entry_t **entry, ns_ldap_error_t **errorp) 368345916cd2Sjpk { 368445916cd2Sjpk ns_ldap_entry_t *e; 368545916cd2Sjpk int rc; 368645916cd2Sjpk char trdn[RDNSIZE]; 368745916cd2Sjpk /* routine specific */ 368845916cd2Sjpk tsol_rhstr_t *ptr; 368945916cd2Sjpk int max_attr = 2; 369045916cd2Sjpk static char *oclist[] = { 369145916cd2Sjpk "ipTnetHost", 369245916cd2Sjpk "ipTnetTemplate", 369345916cd2Sjpk "top", 369445916cd2Sjpk NULL 369545916cd2Sjpk }; 369645916cd2Sjpk 369745916cd2Sjpk if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL) 369845916cd2Sjpk return (NS_LDAP_OP_FAILED); 369945916cd2Sjpk 370045916cd2Sjpk *entry = e = __s_mk_entry(oclist, max_attr); 370145916cd2Sjpk if (e == NULL) 370245916cd2Sjpk return (NS_LDAP_MEMORY); 370345916cd2Sjpk 370445916cd2Sjpk /* Convert the structure */ 370545916cd2Sjpk ptr = (tsol_rhstr_t *)data; 370645916cd2Sjpk 370744aa1912Sth if (ptr->address == NULL || *ptr->address == '\0' || 370844aa1912Sth ptr->template == NULL || *ptr->template == '\0') { 370945916cd2Sjpk __ns_ldap_freeEntry(e); 371045916cd2Sjpk *entry = NULL; 371145916cd2Sjpk return (NS_LDAP_INVALID_PARAM); 371245916cd2Sjpk } 371345916cd2Sjpk 371445916cd2Sjpk /* Create an appropriate rdn */ 371545916cd2Sjpk (void) snprintf(trdn, RDNSIZE, "ipTnetNumber=%s", ptr->address); 371645916cd2Sjpk *rdn = strdup(trdn); 371745916cd2Sjpk if (*rdn == NULL) { 371845916cd2Sjpk __ns_ldap_freeEntry(e); 371945916cd2Sjpk *entry = NULL; 372045916cd2Sjpk return (NS_LDAP_MEMORY); 372145916cd2Sjpk } 372245916cd2Sjpk 372345916cd2Sjpk rc = __s_add_attr(e, "ipTnetNumber", ptr->address); 372445916cd2Sjpk if (rc != NS_LDAP_SUCCESS) { 372545916cd2Sjpk __s_cvt_freeEntryRdn(entry, rdn); 372645916cd2Sjpk return (rc); 372745916cd2Sjpk } 372845916cd2Sjpk 372945916cd2Sjpk rc = __s_add_attr(e, "ipTnetTemplateName", ptr->template); 373045916cd2Sjpk if (rc != NS_LDAP_SUCCESS) { 373145916cd2Sjpk __s_cvt_freeEntryRdn(entry, rdn); 373245916cd2Sjpk return (rc); 373345916cd2Sjpk } 373445916cd2Sjpk 373545916cd2Sjpk return (NS_LDAP_SUCCESS); 373645916cd2Sjpk } 37377c478bd9Sstevel@tonic-gate /* 37387c478bd9Sstevel@tonic-gate * Add Typed Entry Conversion data structures 37397c478bd9Sstevel@tonic-gate */ 37407c478bd9Sstevel@tonic-gate 37417c478bd9Sstevel@tonic-gate typedef struct __ns_cvt_type { 37427c478bd9Sstevel@tonic-gate const char *service; 37437c478bd9Sstevel@tonic-gate int flags; 37447c478bd9Sstevel@tonic-gate #define AE 1 /* alway add entries */ 37457c478bd9Sstevel@tonic-gate int (*cvt_rtn)(const void *data, 37467c478bd9Sstevel@tonic-gate char **rdn, 37477c478bd9Sstevel@tonic-gate ns_ldap_entry_t **entry, 37487c478bd9Sstevel@tonic-gate ns_ldap_error_t **errorp); 37497c478bd9Sstevel@tonic-gate } __ns_cvt_type_t; 37507c478bd9Sstevel@tonic-gate 37517c478bd9Sstevel@tonic-gate static __ns_cvt_type_t __s_cvtlist[] = { 37527c478bd9Sstevel@tonic-gate { NS_LDAP_TYPE_PASSWD, 0, __s_cvt_passwd }, 37537c478bd9Sstevel@tonic-gate { NS_LDAP_TYPE_GROUP, 0, __s_cvt_group }, 37547c478bd9Sstevel@tonic-gate { NS_LDAP_TYPE_HOSTS, 0, __s_cvt_hosts }, 37557c478bd9Sstevel@tonic-gate { NS_LDAP_TYPE_IPNODES, 0, __s_cvt_hosts }, 37567c478bd9Sstevel@tonic-gate { NS_LDAP_TYPE_RPC, 0, __s_cvt_rpc }, 37577c478bd9Sstevel@tonic-gate { NS_LDAP_TYPE_PROTOCOLS, 0, __s_cvt_protocols }, 37587c478bd9Sstevel@tonic-gate { NS_LDAP_TYPE_NETWORKS, 0, __s_cvt_networks }, 37597c478bd9Sstevel@tonic-gate { NS_LDAP_TYPE_NETGROUP, 0, __s_cvt_netgroups }, 37607c478bd9Sstevel@tonic-gate { NS_LDAP_TYPE_ALIASES, 0, __s_cvt_aliases }, 37617c478bd9Sstevel@tonic-gate { NS_LDAP_TYPE_SERVICES, 0, __s_cvt_services }, 37627c478bd9Sstevel@tonic-gate { NS_LDAP_TYPE_ETHERS, 0, __s_cvt_ethers }, 37637c478bd9Sstevel@tonic-gate { NS_LDAP_TYPE_SHADOW, 0, __s_cvt_shadow }, 37647c478bd9Sstevel@tonic-gate { NS_LDAP_TYPE_NETMASKS, 0, __s_cvt_netmasks }, 37657c478bd9Sstevel@tonic-gate { NS_LDAP_TYPE_BOOTPARAMS, 0, __s_cvt_bootparams }, 37667c478bd9Sstevel@tonic-gate { NS_LDAP_TYPE_AUTHATTR, 0, __s_cvt_authattr }, 37677c478bd9Sstevel@tonic-gate { NS_LDAP_TYPE_EXECATTR, 0, __s_cvt_execattr }, 37687c478bd9Sstevel@tonic-gate { NS_LDAP_TYPE_PROFILE, 0, __s_cvt_profattr }, 37697c478bd9Sstevel@tonic-gate { NS_LDAP_TYPE_USERATTR, AE, __s_cvt_userattr }, 37707c478bd9Sstevel@tonic-gate { NS_LDAP_TYPE_AUTOMOUNT, 0, __s_cvt_auto_mount }, 37717c478bd9Sstevel@tonic-gate { NS_LDAP_TYPE_PUBLICKEY, AE, __s_cvt_publickey }, 37727c478bd9Sstevel@tonic-gate { NS_LDAP_TYPE_AUUSER, AE, __s_cvt_audituser }, 377345916cd2Sjpk { NS_LDAP_TYPE_TNRHTP, 0, __s_cvt_tnrhtp }, 377445916cd2Sjpk { NS_LDAP_TYPE_TNRHDB, 0, __s_cvt_tnrhdb }, 3775e1dd0a2fSth { NS_LDAP_TYPE_PROJECT, 0, __s_cvt_project }, 37767c478bd9Sstevel@tonic-gate { NULL, 0, NULL }, 37777c478bd9Sstevel@tonic-gate }; 37787c478bd9Sstevel@tonic-gate 37797c478bd9Sstevel@tonic-gate /* 37807c478bd9Sstevel@tonic-gate * Add Typed Entry Routine 37817c478bd9Sstevel@tonic-gate */ 37827c478bd9Sstevel@tonic-gate 37837c478bd9Sstevel@tonic-gate /*ARGSUSED*/ 37847c478bd9Sstevel@tonic-gate int __ns_ldap_addTypedEntry( 37857c478bd9Sstevel@tonic-gate const char *servicetype, 37867c478bd9Sstevel@tonic-gate const char *basedn, 37877c478bd9Sstevel@tonic-gate const void *data, 37887c478bd9Sstevel@tonic-gate const int create, 37897c478bd9Sstevel@tonic-gate const ns_cred_t *cred, 37907c478bd9Sstevel@tonic-gate const int flags, 37917c478bd9Sstevel@tonic-gate ns_ldap_error_t **errorp) 37927c478bd9Sstevel@tonic-gate { 37937c478bd9Sstevel@tonic-gate char *rdn = NULL, *fulldn = NULL; 37947c478bd9Sstevel@tonic-gate void **paramVal = NULL; 37957c478bd9Sstevel@tonic-gate ns_ldap_entry_t *entry = NULL; 37967c478bd9Sstevel@tonic-gate const ns_ldap_attr_t *const *modattrlist; 37977c478bd9Sstevel@tonic-gate ns_ldap_search_desc_t **sdlist; 37987c478bd9Sstevel@tonic-gate char **dns = NULL; 37997c478bd9Sstevel@tonic-gate char trdn[RDNSIZE]; 38007c478bd9Sstevel@tonic-gate char service[BUFSIZE]; 38017c478bd9Sstevel@tonic-gate int rc = 0; 38027c478bd9Sstevel@tonic-gate int automount = 0; 38037c478bd9Sstevel@tonic-gate int i, s; 38047c478bd9Sstevel@tonic-gate 38057c478bd9Sstevel@tonic-gate rc = NS_LDAP_OP_FAILED; 38067c478bd9Sstevel@tonic-gate for (s = 0; __s_cvtlist[s].service != NULL; s++) { 38077c478bd9Sstevel@tonic-gate if (__s_cvtlist[s].cvt_rtn == NULL) 38087c478bd9Sstevel@tonic-gate continue; 38097c478bd9Sstevel@tonic-gate if (strcasecmp(__s_cvtlist[s].service, servicetype) == 0) 38107c478bd9Sstevel@tonic-gate break; 38117c478bd9Sstevel@tonic-gate /* Or, check if the servicetype is auto_ */ 38127c478bd9Sstevel@tonic-gate if (strcmp(__s_cvtlist[s].service, 38137c478bd9Sstevel@tonic-gate NS_LDAP_TYPE_AUTOMOUNT) == 0 && 38147c478bd9Sstevel@tonic-gate strncasecmp(servicetype, NS_LDAP_TYPE_AUTOMOUNT, 38157c478bd9Sstevel@tonic-gate sizeof (NS_LDAP_TYPE_AUTOMOUNT) - 1) == 0) { 38167c478bd9Sstevel@tonic-gate automount++; 38177c478bd9Sstevel@tonic-gate break; 38187c478bd9Sstevel@tonic-gate } 38197c478bd9Sstevel@tonic-gate } 38207c478bd9Sstevel@tonic-gate if (__s_cvtlist[s].service == NULL) 38217c478bd9Sstevel@tonic-gate return (rc); 38227c478bd9Sstevel@tonic-gate 38237c478bd9Sstevel@tonic-gate /* Convert the data */ 38247c478bd9Sstevel@tonic-gate rc = (*__s_cvtlist[s].cvt_rtn)(data, &rdn, &entry, errorp); 38257c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 38267c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(&entry, &rdn); 38277c478bd9Sstevel@tonic-gate return (rc); 38287c478bd9Sstevel@tonic-gate } 38297c478bd9Sstevel@tonic-gate if (rdn == NULL) { 38307c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(entry); 38317c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED); 38327c478bd9Sstevel@tonic-gate } 38337c478bd9Sstevel@tonic-gate 38347c478bd9Sstevel@tonic-gate if (strcmp(servicetype, "publickey") == 0) { 38357c478bd9Sstevel@tonic-gate struct _ns_pubkey *ptr; 38367c478bd9Sstevel@tonic-gate ptr = (struct _ns_pubkey *)data; 38377c478bd9Sstevel@tonic-gate if (ptr->hostcred == NS_HOSTCRED_TRUE) 38387c478bd9Sstevel@tonic-gate (void) strcpy(service, "hosts"); 38397c478bd9Sstevel@tonic-gate else 38407c478bd9Sstevel@tonic-gate (void) strcpy(service, "passwd"); 38417c478bd9Sstevel@tonic-gate } else 38427c478bd9Sstevel@tonic-gate (void) strcpy(service, servicetype); 38437c478bd9Sstevel@tonic-gate 38447c478bd9Sstevel@tonic-gate /* Create the Full DN */ 38457c478bd9Sstevel@tonic-gate if (basedn == NULL) { 38467c478bd9Sstevel@tonic-gate rc = __s_api_get_SSD_from_SSDtoUse_service(service, 38477c478bd9Sstevel@tonic-gate &sdlist, errorp); 38487c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 38497c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(&entry, &rdn); 38507c478bd9Sstevel@tonic-gate return (rc); 38517c478bd9Sstevel@tonic-gate } 38527c478bd9Sstevel@tonic-gate 38537c478bd9Sstevel@tonic-gate if (sdlist == NULL) { 38547c478bd9Sstevel@tonic-gate rc = __s_api_getDNs(&dns, service, errorp); 38557c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 38567c478bd9Sstevel@tonic-gate if (dns) { 38577c478bd9Sstevel@tonic-gate __s_api_free2dArray(dns); 38587c478bd9Sstevel@tonic-gate dns = NULL; 38597c478bd9Sstevel@tonic-gate } 38607c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(&entry, &rdn); 38617c478bd9Sstevel@tonic-gate return (rc); 38627c478bd9Sstevel@tonic-gate } 38637c478bd9Sstevel@tonic-gate (void) snprintf(trdn, RDNSIZE, "%s,%s", rdn, dns[0]); 38647c478bd9Sstevel@tonic-gate __s_api_free2dArray(dns); 38657c478bd9Sstevel@tonic-gate } else { 38667c478bd9Sstevel@tonic-gate if (sdlist[0]->basedn) { 38677c478bd9Sstevel@tonic-gate (void) snprintf(trdn, RDNSIZE, "%s,%s", 38687c478bd9Sstevel@tonic-gate rdn, sdlist[0]->basedn); 38697c478bd9Sstevel@tonic-gate } else { 38707c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(&entry, &rdn); 38717c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED); 38727c478bd9Sstevel@tonic-gate } 38737c478bd9Sstevel@tonic-gate } 38747c478bd9Sstevel@tonic-gate i = strlen(trdn) - 1; 38757c478bd9Sstevel@tonic-gate if (trdn[i] == COMMATOK) { 38767c478bd9Sstevel@tonic-gate rc = __ns_ldap_getParam(NS_LDAP_SEARCH_BASEDN_P, 38777c478bd9Sstevel@tonic-gate ¶mVal, errorp); 38787c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 38797c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(&entry, &rdn); 38807c478bd9Sstevel@tonic-gate return (rc); 38817c478bd9Sstevel@tonic-gate } 38827c478bd9Sstevel@tonic-gate i = strlen(trdn) + strlen((char *)(paramVal[0])) + 1; 38837c478bd9Sstevel@tonic-gate fulldn = (char *)calloc(i, 1); 38847c478bd9Sstevel@tonic-gate if (fulldn == NULL) { 38857c478bd9Sstevel@tonic-gate (void) __ns_ldap_freeParam(¶mVal); 38867c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(&entry, &rdn); 38877c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 38887c478bd9Sstevel@tonic-gate } 38897c478bd9Sstevel@tonic-gate (void) snprintf(fulldn, i, "%s%s", trdn, 38907c478bd9Sstevel@tonic-gate (char *)(paramVal[0])); 38917c478bd9Sstevel@tonic-gate (void) __ns_ldap_freeParam(¶mVal); 38927c478bd9Sstevel@tonic-gate } else { 38937c478bd9Sstevel@tonic-gate fulldn = strdup(trdn); 38947c478bd9Sstevel@tonic-gate if (fulldn == NULL) { 38957c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(&entry, &rdn); 38967c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 38977c478bd9Sstevel@tonic-gate } 38987c478bd9Sstevel@tonic-gate } 38997c478bd9Sstevel@tonic-gate } else { 39007c478bd9Sstevel@tonic-gate i = strlen(rdn) + strlen(basedn) + 2; 39017c478bd9Sstevel@tonic-gate fulldn = (char *)calloc(i, 1); 39027c478bd9Sstevel@tonic-gate if (fulldn == NULL) { 39037c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(&entry, &rdn); 39047c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 39057c478bd9Sstevel@tonic-gate } 39067c478bd9Sstevel@tonic-gate (void) snprintf(fulldn, i, "%s,%s", rdn, basedn); 39077c478bd9Sstevel@tonic-gate } 39087c478bd9Sstevel@tonic-gate 39097c478bd9Sstevel@tonic-gate modattrlist = (const ns_ldap_attr_t * const *)entry->attr_pair; 39107c478bd9Sstevel@tonic-gate /* Check to see if the entry exists already */ 39117c478bd9Sstevel@tonic-gate /* May need to delete or update first */ 39127c478bd9Sstevel@tonic-gate 39137c478bd9Sstevel@tonic-gate if (create != 1) { 39147c478bd9Sstevel@tonic-gate /* Modify the entry */ 391512fbe00aSjs /* 391612fbe00aSjs * To add a shadow-like entry, the addTypedEntry function 391712fbe00aSjs * would call __ns_ldap_repAttr first, and if server says 391812fbe00aSjs * LDAP_NO_SUCH_OBJECT, then it tries __ns_ldap_addEntry. 391912fbe00aSjs * This is to allow a netmask entry to be added even if the 392012fbe00aSjs * base network entry is not in the directory. It would work 392112fbe00aSjs * because the difference between the schema for the network 392212fbe00aSjs * and netmask data contains only MAY attributes. 392312fbe00aSjs * 392412fbe00aSjs * But for shadow data, the attributes do not have MUST 392512fbe00aSjs * attributes the base entry needs, so if the __ns_ldap_addEntry 392612fbe00aSjs * is executed, it would fail. The real reason, however, is that 392712fbe00aSjs * the base entry did not exist. So returning 392812fbe00aSjs * LDAP_OBJECT_CLASS_VIOLATION would just confused. 392912fbe00aSjs */ 39307c478bd9Sstevel@tonic-gate if ((__s_cvtlist[s].flags & AE) != 0) 39317c478bd9Sstevel@tonic-gate rc = __ns_ldap_addAttr(service, fulldn, modattrlist, 39327c478bd9Sstevel@tonic-gate cred, flags, errorp); 39337c478bd9Sstevel@tonic-gate else { 39347c478bd9Sstevel@tonic-gate rc = __ns_ldap_repAttr(service, fulldn, modattrlist, 3935e1dd0a2fSth cred, flags, errorp); 39367c478bd9Sstevel@tonic-gate if (rc == NS_LDAP_INTERNAL && *errorp && 39377c478bd9Sstevel@tonic-gate (*errorp)->status == LDAP_NO_SUCH_OBJECT) { 39387c478bd9Sstevel@tonic-gate (void) __ns_ldap_freeError(errorp); 39397c478bd9Sstevel@tonic-gate rc = __ns_ldap_addEntry(service, fulldn, 39407c478bd9Sstevel@tonic-gate entry, cred, flags, errorp); 394112fbe00aSjs if (rc == NS_LDAP_INTERNAL && *errorp && 3942e1dd0a2fSth (*errorp)->status == 3943e1dd0a2fSth LDAP_OBJECT_CLASS_VIOLATION) 394412fbe00aSjs (*errorp)->status = LDAP_NO_SUCH_OBJECT; 39457c478bd9Sstevel@tonic-gate } 39467c478bd9Sstevel@tonic-gate } 39477c478bd9Sstevel@tonic-gate } else { 39487c478bd9Sstevel@tonic-gate /* Add the entry */ 39497c478bd9Sstevel@tonic-gate rc = __ns_ldap_addEntry(service, fulldn, entry, 39507c478bd9Sstevel@tonic-gate cred, flags, errorp); 39517c478bd9Sstevel@tonic-gate if (rc == NS_LDAP_INTERNAL && *errorp && 39527c478bd9Sstevel@tonic-gate (*errorp)->status == LDAP_ALREADY_EXISTS && 39537c478bd9Sstevel@tonic-gate ((strcmp(service, "ethers") == 0) || 39547c478bd9Sstevel@tonic-gate (strcmp(service, "bootparams") == 0))) { 39557c478bd9Sstevel@tonic-gate rc = modify_ethers_bootp(service, rdn, fulldn, 39567c478bd9Sstevel@tonic-gate modattrlist, cred, flags, errorp); 39577c478bd9Sstevel@tonic-gate } 39587c478bd9Sstevel@tonic-gate } 39597c478bd9Sstevel@tonic-gate 39607c478bd9Sstevel@tonic-gate /* Free up entry created by conversion routine */ 39617c478bd9Sstevel@tonic-gate if (fulldn != NULL) 39627c478bd9Sstevel@tonic-gate free(fulldn); 39637c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(&entry, &rdn); 39647c478bd9Sstevel@tonic-gate return (rc); 39657c478bd9Sstevel@tonic-gate } 39667c478bd9Sstevel@tonic-gate 39677c478bd9Sstevel@tonic-gate 39687c478bd9Sstevel@tonic-gate /* 39697c478bd9Sstevel@tonic-gate * Append the default base dn to the dn 39707c478bd9Sstevel@tonic-gate * when it ends with ','. 39717c478bd9Sstevel@tonic-gate * e.g. 39727c478bd9Sstevel@tonic-gate * SSD = service:ou=foo, 39737c478bd9Sstevel@tonic-gate */ 39747c478bd9Sstevel@tonic-gate int 39757c478bd9Sstevel@tonic-gate __s_api_append_default_basedn( 39767c478bd9Sstevel@tonic-gate const char *dn, 39777c478bd9Sstevel@tonic-gate char **new_dn, 39787c478bd9Sstevel@tonic-gate int *allocated, 39797c478bd9Sstevel@tonic-gate ns_ldap_error_t **errp) { 39807c478bd9Sstevel@tonic-gate 39817c478bd9Sstevel@tonic-gate int rc = NS_LDAP_SUCCESS, len = 0; 39827c478bd9Sstevel@tonic-gate void **param = NULL; 39837c478bd9Sstevel@tonic-gate char *str = NULL; 39847c478bd9Sstevel@tonic-gate 39857c478bd9Sstevel@tonic-gate *allocated = FALSE; 39867c478bd9Sstevel@tonic-gate *new_dn = NULL; 39877c478bd9Sstevel@tonic-gate 39887c478bd9Sstevel@tonic-gate if (dn == NULL) 39897c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 39907c478bd9Sstevel@tonic-gate 39917c478bd9Sstevel@tonic-gate rc = __ns_ldap_getParam(NS_LDAP_SEARCH_BASEDN_P, 39927c478bd9Sstevel@tonic-gate (void ***)¶m, errp); 39937c478bd9Sstevel@tonic-gate 39947c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 39957c478bd9Sstevel@tonic-gate if (param) 39967c478bd9Sstevel@tonic-gate (void) __ns_ldap_freeParam(¶m); 39977c478bd9Sstevel@tonic-gate return (rc); 39987c478bd9Sstevel@tonic-gate } 39997c478bd9Sstevel@tonic-gate 40007c478bd9Sstevel@tonic-gate len = strlen(dn); 40017c478bd9Sstevel@tonic-gate str = ((char **)param)[0]; 40027c478bd9Sstevel@tonic-gate len = len + strlen(str) +1; 40037c478bd9Sstevel@tonic-gate *new_dn = (char *)malloc(len); 40047c478bd9Sstevel@tonic-gate if (*new_dn == NULL) { 40057c478bd9Sstevel@tonic-gate (void) __ns_ldap_freeParam(¶m); 40067c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 40077c478bd9Sstevel@tonic-gate } 40087c478bd9Sstevel@tonic-gate *allocated = TRUE; 40097c478bd9Sstevel@tonic-gate 40107c478bd9Sstevel@tonic-gate (void) strcpy(*new_dn, dn); 40117c478bd9Sstevel@tonic-gate (void) strcat(*new_dn, str); 40127c478bd9Sstevel@tonic-gate 40137c478bd9Sstevel@tonic-gate (void) __ns_ldap_freeParam(¶m); 40147c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 40157c478bd9Sstevel@tonic-gate } 4016dd1104fbSMichen Chang 4017dd1104fbSMichen Chang /* 4018dd1104fbSMichen Chang * Flatten the input ns_ldap_attr_t list, 'attr', and convert it into an 4019dd1104fbSMichen Chang * ldap_strlist_t structure in buffer 'buf', to be used by ldap_cachemgr. 4020dd1104fbSMichen Chang * The output contains a count, a list of offsets, which show where the 4021dd1104fbSMichen Chang * corresponding copied attribute type and attribute value are located. 4022dd1104fbSMichen Chang * For example, for dn=aaaa, userpassword=bbbb, shadowlastchange=cccc, 4023dd1104fbSMichen Chang * the output is the ldap_strlist_t structure with: ldap_count = 6, 4024dd1104fbSMichen Chang * (buf + ldap_offsets[0]) -> "dn" 4025dd1104fbSMichen Chang * (buf + ldap_offsets[1]) -> "aaaa" 4026dd1104fbSMichen Chang * (buf + ldap_offsets[2]) -> "userPassword" 4027dd1104fbSMichen Chang * (buf + ldap_offsets[3]) -> "bbbb" 4028dd1104fbSMichen Chang * (buf + ldap_offsets[4]) -> "shadowlastchange" 4029dd1104fbSMichen Chang * (buf + ldap_offsets[5]) -> "cccc" 4030dd1104fbSMichen Chang * and all the string data shown above copied into the buffer after 4031dd1104fbSMichen Chang * the offset array. The total length of the data will be the return 4032dd1104fbSMichen Chang * value, or -1 if error. 4033dd1104fbSMichen Chang */ 4034dd1104fbSMichen Chang static int 4035dd1104fbSMichen Chang attr2list(const char *dn, ns_ldap_attr_t **attr, 4036dd1104fbSMichen Chang char *buf, int bufsize) 4037dd1104fbSMichen Chang { 4038dd1104fbSMichen Chang int c = 0; 4039dd1104fbSMichen Chang char *ap; 4040dd1104fbSMichen Chang int ao; 4041dd1104fbSMichen Chang ldap_strlist_t *al = (ldap_strlist_t *)buf; 4042dd1104fbSMichen Chang ns_ldap_attr_t *a = (ns_ldap_attr_t *)*attr; 4043dd1104fbSMichen Chang ns_ldap_attr_t **aptr = (ns_ldap_attr_t **)attr; 4044dd1104fbSMichen Chang 4045dd1104fbSMichen Chang /* bufsize > strlen(dn) + strlen("dn") + 1 ('\0') */ 4046dd1104fbSMichen Chang if ((strlen(dn) + 2 + 1) >= bufsize) 4047dd1104fbSMichen Chang return (-1); 4048dd1104fbSMichen Chang 4049dd1104fbSMichen Chang /* count number of attributes */ 4050dd1104fbSMichen Chang while (*aptr++) 4051dd1104fbSMichen Chang c++; 4052dd1104fbSMichen Chang al->ldap_count = 2 + c * 2; 4053dd1104fbSMichen Chang ao = sizeof (al->ldap_count) + sizeof (al->ldap_offsets[0]) * 4054dd1104fbSMichen Chang al->ldap_count; 4055dd1104fbSMichen Chang if (ao > bufsize) 4056dd1104fbSMichen Chang return (-1); 4057dd1104fbSMichen Chang al->ldap_offsets[0] = ao; 4058dd1104fbSMichen Chang ap = buf + ao; 4059dd1104fbSMichen Chang ao += 3; 4060dd1104fbSMichen Chang 4061dd1104fbSMichen Chang /* copy entry DN */ 4062dd1104fbSMichen Chang if (ao > bufsize) 4063dd1104fbSMichen Chang return (-1); 4064dd1104fbSMichen Chang (void) strlcpy(ap, "dn", bufsize); 4065dd1104fbSMichen Chang ap += 3; 4066dd1104fbSMichen Chang 4067dd1104fbSMichen Chang al->ldap_offsets[1] = ao; 4068dd1104fbSMichen Chang ao += strlen(dn) + 1; 4069dd1104fbSMichen Chang if (ao > bufsize) 4070dd1104fbSMichen Chang return (-1); 4071dd1104fbSMichen Chang (void) strlcpy(ap, dn, bufsize); 4072dd1104fbSMichen Chang ap = buf + ao; 4073dd1104fbSMichen Chang 4074dd1104fbSMichen Chang aptr = attr; 4075dd1104fbSMichen Chang for (c = 2; c < al->ldap_count; c++, aptr++) { 4076dd1104fbSMichen Chang a = *aptr; 4077dd1104fbSMichen Chang if (a->attrname == NULL || a->attrvalue == NULL || 4078dd1104fbSMichen Chang a->value_count != 1 || a->attrvalue[0] == NULL) 4079dd1104fbSMichen Chang return (-1); 4080dd1104fbSMichen Chang al->ldap_offsets[c] = ao; 4081dd1104fbSMichen Chang ao += strlen(a->attrname) + 1; 4082dd1104fbSMichen Chang if (ao > bufsize) 4083dd1104fbSMichen Chang return (-1); 4084dd1104fbSMichen Chang (void) strlcpy(ap, a->attrname, bufsize); 4085dd1104fbSMichen Chang ap = buf + ao; 4086dd1104fbSMichen Chang 4087dd1104fbSMichen Chang c++; 4088dd1104fbSMichen Chang al->ldap_offsets[c] = ao; 4089dd1104fbSMichen Chang ao += strlen(a->attrvalue[0]) + 1; 4090dd1104fbSMichen Chang (void) strlcpy(ap, a->attrvalue[0], bufsize); 4091dd1104fbSMichen Chang ap = buf + ao; 4092dd1104fbSMichen Chang }; 4093dd1104fbSMichen Chang 4094dd1104fbSMichen Chang return (ao); 4095dd1104fbSMichen Chang } 4096dd1104fbSMichen Chang 4097dd1104fbSMichen Chang /* 4098dd1104fbSMichen Chang * Send a modify request to the ldap_cachemgr daemon 4099dd1104fbSMichen Chang * which will use the admin credential to perform the 4100dd1104fbSMichen Chang * operation. 4101dd1104fbSMichen Chang */ 4102dd1104fbSMichen Chang 4103dd1104fbSMichen Chang static int 4104dd1104fbSMichen Chang send_to_cachemgr( 4105dd1104fbSMichen Chang const char *dn, 4106dd1104fbSMichen Chang ns_ldap_attr_t **attr, 4107dd1104fbSMichen Chang ns_ldap_error_t **errorp) 4108dd1104fbSMichen Chang { 4109dd1104fbSMichen Chang union { 4110dd1104fbSMichen Chang ldap_data_t s_d; 4111dd1104fbSMichen Chang char s_b[DOORBUFFERSIZE]; 4112dd1104fbSMichen Chang } space; 4113dd1104fbSMichen Chang 4114dd1104fbSMichen Chang ldap_data_t *sptr; 4115dd1104fbSMichen Chang int ndata; 4116dd1104fbSMichen Chang int adata; 4117dd1104fbSMichen Chang int len; 4118dd1104fbSMichen Chang int rc; 4119dd1104fbSMichen Chang char errstr[MAXERROR]; 4120dd1104fbSMichen Chang ldap_admin_mod_result_t *admin_result; 4121dd1104fbSMichen Chang 4122dd1104fbSMichen Chang *errorp = NULL; 4123dd1104fbSMichen Chang (void) memset(space.s_b, 0, DOORBUFFERSIZE); 4124dd1104fbSMichen Chang len = attr2list(dn, attr, (char *)&space.s_d.ldap_call.ldap_u.strlist, 4125dd1104fbSMichen Chang sizeof (space) - offsetof(ldap_return_t, ldap_u)); 4126dd1104fbSMichen Chang if (len <= 0) 4127dd1104fbSMichen Chang return (NS_LDAP_INVALID_PARAM); 4128dd1104fbSMichen Chang 4129dd1104fbSMichen Chang adata = sizeof (ldap_call_t) + len; 4130dd1104fbSMichen Chang ndata = sizeof (space); 4131dd1104fbSMichen Chang space.s_d.ldap_call.ldap_callnumber = ADMINMODIFY; 4132dd1104fbSMichen Chang sptr = &space.s_d; 4133dd1104fbSMichen Chang 4134dd1104fbSMichen Chang switch (__ns_ldap_trydoorcall(&sptr, &ndata, &adata)) { 4135dd1104fbSMichen Chang case NS_CACHE_SUCCESS: 4136dd1104fbSMichen Chang break; 4137dd1104fbSMichen Chang case NS_CACHE_NOTFOUND: 4138dd1104fbSMichen Chang (void) snprintf(errstr, sizeof (errstr), 4139dd1104fbSMichen Chang gettext("Door call ADMINMODIFY to " 4140dd1104fbSMichen Chang "ldap_cachemgr failed - error: %d"), 4141dd1104fbSMichen Chang space.s_d.ldap_ret.ldap_errno); 4142dd1104fbSMichen Chang MKERROR(LOG_WARNING, *errorp, NS_CONFIG_CACHEMGR, 4143dd1104fbSMichen Chang strdup(errstr), NULL); 4144dd1104fbSMichen Chang return (NS_LDAP_OP_FAILED); 4145dd1104fbSMichen Chang break; 4146dd1104fbSMichen Chang default: 4147dd1104fbSMichen Chang return (NS_LDAP_OP_FAILED); 4148dd1104fbSMichen Chang } 4149dd1104fbSMichen Chang 4150dd1104fbSMichen Chang admin_result = &sptr->ldap_ret.ldap_u.admin_result; 4151dd1104fbSMichen Chang if (admin_result->ns_err == NS_LDAP_SUCCESS) 4152dd1104fbSMichen Chang rc = NS_LDAP_SUCCESS; 4153dd1104fbSMichen Chang else { 4154dd1104fbSMichen Chang rc = admin_result->ns_err; 4155dd1104fbSMichen Chang if (admin_result->msg_size == 0) 4156dd1104fbSMichen Chang *errorp = __s_api_make_error(admin_result->status, 4157dd1104fbSMichen Chang NULL); 4158dd1104fbSMichen Chang else 4159dd1104fbSMichen Chang *errorp = __s_api_make_error(admin_result->status, 4160dd1104fbSMichen Chang admin_result->msg); 4161dd1104fbSMichen Chang } 4162dd1104fbSMichen Chang 4163dd1104fbSMichen Chang /* clean up the door call */ 4164dd1104fbSMichen Chang if (sptr != &space.s_d) { 4165dd1104fbSMichen Chang (void) munmap((char *)sptr, ndata); 4166dd1104fbSMichen Chang } 4167dd1104fbSMichen Chang 4168dd1104fbSMichen Chang return (rc); 4169dd1104fbSMichen Chang } 4170