17c478bd9Sstevel@tonic-gate /* 27c478bd9Sstevel@tonic-gate * CDDL HEADER START 37c478bd9Sstevel@tonic-gate * 47c478bd9Sstevel@tonic-gate * The contents of this file are subject to the terms of the 545916cd2Sjpk * Common Development and Distribution License (the "License"). 645916cd2Sjpk * You may not use this file except in compliance with the License. 77c478bd9Sstevel@tonic-gate * 87c478bd9Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 97c478bd9Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 107c478bd9Sstevel@tonic-gate * See the License for the specific language governing permissions 117c478bd9Sstevel@tonic-gate * and limitations under the License. 127c478bd9Sstevel@tonic-gate * 137c478bd9Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 147c478bd9Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 157c478bd9Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 167c478bd9Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 177c478bd9Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 187c478bd9Sstevel@tonic-gate * 197c478bd9Sstevel@tonic-gate * CDDL HEADER END 207c478bd9Sstevel@tonic-gate */ 21225376fbSJulian Pullen 227c478bd9Sstevel@tonic-gate /* 23225376fbSJulian Pullen * Copyright (c) 1999, 2010, Oracle and/or its affiliates. All rights reserved. 2433f5ff17SMilan Jurik * Copyright 2012 Milan Jurik. All rights reserved. 257c478bd9Sstevel@tonic-gate */ 267c478bd9Sstevel@tonic-gate 277c478bd9Sstevel@tonic-gate #include <stdio.h> 287c478bd9Sstevel@tonic-gate #include <sys/types.h> 297c478bd9Sstevel@tonic-gate #include <stdlib.h> 307c478bd9Sstevel@tonic-gate #include <libintl.h> 317c478bd9Sstevel@tonic-gate 327c478bd9Sstevel@tonic-gate #include <sys/stat.h> 337c478bd9Sstevel@tonic-gate #include <fcntl.h> 347c478bd9Sstevel@tonic-gate #include <unistd.h> 357c478bd9Sstevel@tonic-gate #include <string.h> 367c478bd9Sstevel@tonic-gate #include <strings.h> 377c478bd9Sstevel@tonic-gate #include <lber.h> 387c478bd9Sstevel@tonic-gate #include <ldap.h> 397c478bd9Sstevel@tonic-gate #include <syslog.h> 40dd1104fbSMichen Chang #include <stddef.h> 41dd1104fbSMichen Chang #include <sys/mman.h> 427c478bd9Sstevel@tonic-gate 437c478bd9Sstevel@tonic-gate #include "ns_sldap.h" 447c478bd9Sstevel@tonic-gate #include "ns_internal.h" 45e1dd0a2fSth #include "ns_connmgmt.h" 46dd1104fbSMichen Chang #include "ns_cache_door.h" 477c478bd9Sstevel@tonic-gate 487c478bd9Sstevel@tonic-gate /* Additional headers for addTypedEntry Conversion routines */ 497c478bd9Sstevel@tonic-gate #include <pwd.h> 50e1dd0a2fSth #include <project.h> 517c478bd9Sstevel@tonic-gate #include <shadow.h> 527c478bd9Sstevel@tonic-gate #include <grp.h> 537c478bd9Sstevel@tonic-gate #include <netinet/in.h> 547c478bd9Sstevel@tonic-gate #include <arpa/inet.h> 557c478bd9Sstevel@tonic-gate #include <netdb.h> 567c478bd9Sstevel@tonic-gate #include <rpc/rpcent.h> 577c478bd9Sstevel@tonic-gate #include <auth_attr.h> 587c478bd9Sstevel@tonic-gate #include <exec_attr.h> 597c478bd9Sstevel@tonic-gate #include <prof_attr.h> 607c478bd9Sstevel@tonic-gate #include <user_attr.h> 617c478bd9Sstevel@tonic-gate #include <bsm/libbsm.h> 6245916cd2Sjpk #include <sys/tsol/tndb.h> 6345916cd2Sjpk #include <tsol/label.h> 647c478bd9Sstevel@tonic-gate 65dd1104fbSMichen Chang static int send_to_cachemgr(const char *, 66dd1104fbSMichen Chang ns_ldap_attr_t **, ns_ldap_error_t **); 6750b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India 6850b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India static int escape_str(char *, char *); 6950b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India 707c478bd9Sstevel@tonic-gate /* 717c478bd9Sstevel@tonic-gate * If the rdn is a mapped attr: 7291b658d3SToomas Soome * return NS_LDAP_SUCCESS and a new_dn. 737c478bd9Sstevel@tonic-gate * If no mapped attr is found in the rdn: 7491b658d3SToomas Soome * return NS_LDAP_SUCCESS and *new_dn == NULL 757c478bd9Sstevel@tonic-gate * For example: 767c478bd9Sstevel@tonic-gate * service = abc 777c478bd9Sstevel@tonic-gate * dn = cn=foo,dc=bar,dc=com 787c478bd9Sstevel@tonic-gate * attributeMapping: abc:cn=sn 797c478bd9Sstevel@tonic-gate * Then: 807c478bd9Sstevel@tonic-gate * new_dn = sn=foo,dc=bar,dc=com 817c478bd9Sstevel@tonic-gate * 827c478bd9Sstevel@tonic-gate */ 837c478bd9Sstevel@tonic-gate static int 847c478bd9Sstevel@tonic-gate replace_mapped_attr_in_dn( 857c478bd9Sstevel@tonic-gate const char *service, const char *dn, char **new_dn) 867c478bd9Sstevel@tonic-gate { 877c478bd9Sstevel@tonic-gate char **mappedattr; 887c478bd9Sstevel@tonic-gate char **dnArray = NULL; 897c478bd9Sstevel@tonic-gate char *rservice; 907c478bd9Sstevel@tonic-gate char *cur = NULL; 917c478bd9Sstevel@tonic-gate int len = 0, orig_len = 0, mapped_len = 0; 927c478bd9Sstevel@tonic-gate int dn_len = 0; 937c478bd9Sstevel@tonic-gate 947c478bd9Sstevel@tonic-gate *new_dn = NULL; 957c478bd9Sstevel@tonic-gate 967c478bd9Sstevel@tonic-gate /* 97da6c28aaSamw * separate dn into individual componets 987c478bd9Sstevel@tonic-gate * e.g. 997c478bd9Sstevel@tonic-gate * "automountKey=user_01" , "automountMapName_test=auto_home", ... 1007c478bd9Sstevel@tonic-gate */ 1017c478bd9Sstevel@tonic-gate dnArray = ldap_explode_dn(dn, 0); 1027c478bd9Sstevel@tonic-gate if (!dnArray || !*dnArray) 1037c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 1047c478bd9Sstevel@tonic-gate 1057c478bd9Sstevel@tonic-gate cur = strchr(dnArray[0], '='); 1067c478bd9Sstevel@tonic-gate if (!cur) { 1077c478bd9Sstevel@tonic-gate __s_api_free2dArray(dnArray); 1087c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 1097c478bd9Sstevel@tonic-gate } 1107c478bd9Sstevel@tonic-gate *cur = '\0'; 1117c478bd9Sstevel@tonic-gate 1127c478bd9Sstevel@tonic-gate /* we only check schema mapping for automount, not for auto_* */ 1137c478bd9Sstevel@tonic-gate if (strncasecmp(service, NS_LDAP_TYPE_AUTOMOUNT, 1147c478bd9Sstevel@tonic-gate sizeof (NS_LDAP_TYPE_AUTOMOUNT) - 1) == 0) 1157c478bd9Sstevel@tonic-gate rservice = "automount"; 1167c478bd9Sstevel@tonic-gate else 1177c478bd9Sstevel@tonic-gate rservice = (char *)service; 1187c478bd9Sstevel@tonic-gate 1197c478bd9Sstevel@tonic-gate mappedattr = __ns_ldap_getMappedAttributes(rservice, dnArray[0]); 1207c478bd9Sstevel@tonic-gate if (!mappedattr || !mappedattr[0]) { 1217c478bd9Sstevel@tonic-gate __s_api_free2dArray(dnArray); 1227c478bd9Sstevel@tonic-gate if (mappedattr) 1237c478bd9Sstevel@tonic-gate __s_api_free2dArray(mappedattr); 1247c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 1257c478bd9Sstevel@tonic-gate } 1267c478bd9Sstevel@tonic-gate orig_len = strlen(dnArray[0]); 1277c478bd9Sstevel@tonic-gate 1287c478bd9Sstevel@tonic-gate /* 1297c478bd9Sstevel@tonic-gate * The new length is *dn length + (difference between 1307c478bd9Sstevel@tonic-gate * orig attr and mapped attr) + 1 ; 1317c478bd9Sstevel@tonic-gate * e.g. 1327c478bd9Sstevel@tonic-gate * automountKey=aa,automountMapName=auto_home,dc=foo,dc=com 1337c478bd9Sstevel@tonic-gate * ==> 1347c478bd9Sstevel@tonic-gate * cn=aa,automountMapName=auto_home,dc=foo,dc=com 1357c478bd9Sstevel@tonic-gate */ 1367c478bd9Sstevel@tonic-gate mapped_len = strlen(mappedattr[0]); 1377c478bd9Sstevel@tonic-gate dn_len = strlen(dn); 1387c478bd9Sstevel@tonic-gate len = dn_len - orig_len + mapped_len + 1; 1397c478bd9Sstevel@tonic-gate *new_dn = (char *)calloc(1, len); 1407c478bd9Sstevel@tonic-gate if (*new_dn == NULL) { 1417c478bd9Sstevel@tonic-gate __s_api_free2dArray(dnArray); 1427c478bd9Sstevel@tonic-gate __s_api_free2dArray(mappedattr); 1437c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 1447c478bd9Sstevel@tonic-gate } 1457c478bd9Sstevel@tonic-gate 1467c478bd9Sstevel@tonic-gate (void) snprintf(*new_dn, len, "%s=%s", mappedattr[0], dn + orig_len +1); 1477c478bd9Sstevel@tonic-gate __s_api_free2dArray(dnArray); 1487c478bd9Sstevel@tonic-gate __s_api_free2dArray(mappedattr); 1497c478bd9Sstevel@tonic-gate 1507c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 1517c478bd9Sstevel@tonic-gate } 1527c478bd9Sstevel@tonic-gate 1537c478bd9Sstevel@tonic-gate 1547c478bd9Sstevel@tonic-gate /* 1557c478bd9Sstevel@tonic-gate * The following function is only used by the 1567c478bd9Sstevel@tonic-gate * "gecos" 1 to N attribute mapping code. It expects 1577c478bd9Sstevel@tonic-gate * and handle only one data/length pair. 1587c478bd9Sstevel@tonic-gate */ 1597c478bd9Sstevel@tonic-gate static int 1607c478bd9Sstevel@tonic-gate init_bval_mod( 1617c478bd9Sstevel@tonic-gate LDAPMod *mod, 1627c478bd9Sstevel@tonic-gate int mop, 1637c478bd9Sstevel@tonic-gate char *mtype, 1647c478bd9Sstevel@tonic-gate char *mvptr, 16591b658d3SToomas Soome int mvlen) 1667c478bd9Sstevel@tonic-gate { 1677c478bd9Sstevel@tonic-gate 1687c478bd9Sstevel@tonic-gate struct berval **bmodval; 1697c478bd9Sstevel@tonic-gate 1707c478bd9Sstevel@tonic-gate /* dup attribute name */ 1717c478bd9Sstevel@tonic-gate mod->mod_type = strdup(mtype); 1727c478bd9Sstevel@tonic-gate if (mod->mod_type == NULL) 1737c478bd9Sstevel@tonic-gate return (-1); 1747c478bd9Sstevel@tonic-gate 1757c478bd9Sstevel@tonic-gate /* 1767c478bd9Sstevel@tonic-gate * assume single value, 1777c478bd9Sstevel@tonic-gate * since only one value/length pair passed in 1787c478bd9Sstevel@tonic-gate */ 179e1dd0a2fSth bmodval = (struct berval **)calloc(2, sizeof (struct berval *)); 1807c478bd9Sstevel@tonic-gate if (bmodval == NULL) { 1817c478bd9Sstevel@tonic-gate free(mod->mod_type); 1827c478bd9Sstevel@tonic-gate mod->mod_type = NULL; 1837c478bd9Sstevel@tonic-gate return (-1); 1847c478bd9Sstevel@tonic-gate } 185e1dd0a2fSth bmodval[0] = (struct berval *)calloc(1, sizeof (struct berval)); 1867c478bd9Sstevel@tonic-gate if (bmodval[0] == NULL) { 1877c478bd9Sstevel@tonic-gate free(mod->mod_type); 1887c478bd9Sstevel@tonic-gate mod->mod_type = NULL; 1897c478bd9Sstevel@tonic-gate free(bmodval); 1907c478bd9Sstevel@tonic-gate return (-1); 1917c478bd9Sstevel@tonic-gate } 1927c478bd9Sstevel@tonic-gate 1937c478bd9Sstevel@tonic-gate /* set pointer to data */ 1947c478bd9Sstevel@tonic-gate bmodval[0]->bv_val = mvptr; 1957c478bd9Sstevel@tonic-gate 1967c478bd9Sstevel@tonic-gate /* set length */ 1977c478bd9Sstevel@tonic-gate bmodval[0]->bv_len = mvlen; 1987c478bd9Sstevel@tonic-gate 1997c478bd9Sstevel@tonic-gate /* 2007c478bd9Sstevel@tonic-gate * turn on the BVALUE bit to indicate 2017c478bd9Sstevel@tonic-gate * that the length of data is supplied 2027c478bd9Sstevel@tonic-gate */ 2037c478bd9Sstevel@tonic-gate mod->mod_op = mop | LDAP_MOD_BVALUES; 2047c478bd9Sstevel@tonic-gate 2057c478bd9Sstevel@tonic-gate mod->mod_bvalues = bmodval; 2067c478bd9Sstevel@tonic-gate 2077c478bd9Sstevel@tonic-gate return (0); 2087c478bd9Sstevel@tonic-gate } 2097c478bd9Sstevel@tonic-gate 2107c478bd9Sstevel@tonic-gate static void 2117c478bd9Sstevel@tonic-gate freeModList(LDAPMod **mods) 2127c478bd9Sstevel@tonic-gate { 2137c478bd9Sstevel@tonic-gate int i, j; 2147c478bd9Sstevel@tonic-gate int name_is_oc; 2157c478bd9Sstevel@tonic-gate 2167c478bd9Sstevel@tonic-gate if (mods == NULL) 2177c478bd9Sstevel@tonic-gate return; 2187c478bd9Sstevel@tonic-gate 2197c478bd9Sstevel@tonic-gate for (i = 0; mods[i]; i++) { 2207c478bd9Sstevel@tonic-gate 2217c478bd9Sstevel@tonic-gate /* free attribute name */ 2227c478bd9Sstevel@tonic-gate name_is_oc = FALSE; 2237c478bd9Sstevel@tonic-gate if (mods[i]->mod_type) { 224e1dd0a2fSth if (strcasecmp(mods[i]->mod_type, "objectclass") == 0) 2257c478bd9Sstevel@tonic-gate name_is_oc = TRUE; 2267c478bd9Sstevel@tonic-gate free(mods[i]->mod_type); 2277c478bd9Sstevel@tonic-gate } 2287c478bd9Sstevel@tonic-gate 2297c478bd9Sstevel@tonic-gate if (mods[i]->mod_bvalues == NULL) 2307c478bd9Sstevel@tonic-gate continue; 2317c478bd9Sstevel@tonic-gate /* 2327c478bd9Sstevel@tonic-gate * LDAP_MOD_BVALUES is only set by 2337c478bd9Sstevel@tonic-gate * the "gecos" 1 to N attribute mapping 2347c478bd9Sstevel@tonic-gate * code, and the attribute is single valued. 2357c478bd9Sstevel@tonic-gate */ 2367c478bd9Sstevel@tonic-gate if (mods[i]->mod_op & LDAP_MOD_BVALUES) { 2377c478bd9Sstevel@tonic-gate if (mods[i]->mod_bvalues[0]) 2387c478bd9Sstevel@tonic-gate free(mods[i]->mod_bvalues[0]); 2397c478bd9Sstevel@tonic-gate } else { 2407c478bd9Sstevel@tonic-gate if (name_is_oc) { 2417c478bd9Sstevel@tonic-gate /* 2427c478bd9Sstevel@tonic-gate * only values for the "objectclass" 2437c478bd9Sstevel@tonic-gate * were dupped using strdup. 2447c478bd9Sstevel@tonic-gate * other attribute values were 2457c478bd9Sstevel@tonic-gate * not dupped, but via pointer 2467c478bd9Sstevel@tonic-gate * assignment. So here the 2477c478bd9Sstevel@tonic-gate * values for "objectclass" 2487c478bd9Sstevel@tonic-gate * is freed one by one, 2497c478bd9Sstevel@tonic-gate * but the values for other 2507c478bd9Sstevel@tonic-gate * attributes need not be freed. 2517c478bd9Sstevel@tonic-gate */ 2527c478bd9Sstevel@tonic-gate for (j = 0; mods[i]->mod_values[j]; j++) 2537c478bd9Sstevel@tonic-gate free(mods[i]->mod_values[j]); 2547c478bd9Sstevel@tonic-gate } 2557c478bd9Sstevel@tonic-gate 2567c478bd9Sstevel@tonic-gate } 2577c478bd9Sstevel@tonic-gate free(mods[i]->mod_bvalues); 2587c478bd9Sstevel@tonic-gate } 2597c478bd9Sstevel@tonic-gate 2607c478bd9Sstevel@tonic-gate /* modlist */ 2617c478bd9Sstevel@tonic-gate free((char *)(mods[0])); 2627c478bd9Sstevel@tonic-gate free(mods); 2637c478bd9Sstevel@tonic-gate } 2647c478bd9Sstevel@tonic-gate 2657c478bd9Sstevel@tonic-gate static LDAPMod ** 2667c478bd9Sstevel@tonic-gate __s_api_makeModListCount( 2677c478bd9Sstevel@tonic-gate const char *service, 2687c478bd9Sstevel@tonic-gate const ns_ldap_attr_t * const *attr, 2697c478bd9Sstevel@tonic-gate const int mod_op, 2707c478bd9Sstevel@tonic-gate const int count, 2717c478bd9Sstevel@tonic-gate const int flags) 2727c478bd9Sstevel@tonic-gate { 2737c478bd9Sstevel@tonic-gate LDAPMod **mods, *modlist; 2747c478bd9Sstevel@tonic-gate char **modval; 2757c478bd9Sstevel@tonic-gate char **mapping; 2767c478bd9Sstevel@tonic-gate int i; 2777c478bd9Sstevel@tonic-gate int j; 2787c478bd9Sstevel@tonic-gate int k, rc, vlen; 2797c478bd9Sstevel@tonic-gate char *c, *comma1 = NULL, *comma2 = NULL; 2807c478bd9Sstevel@tonic-gate int schema_mapping_existed = FALSE; 2817c478bd9Sstevel@tonic-gate int auto_service = FALSE; 2827c478bd9Sstevel@tonic-gate 2837c478bd9Sstevel@tonic-gate 2847c478bd9Sstevel@tonic-gate /* 2857c478bd9Sstevel@tonic-gate * add 2 for "gecos" 1 to up to 3 attribute mapping 2867c478bd9Sstevel@tonic-gate */ 2877c478bd9Sstevel@tonic-gate mods = (LDAPMod **)calloc((count + 3), sizeof (LDAPMod *)); 2887c478bd9Sstevel@tonic-gate if (mods == NULL) { 2897c478bd9Sstevel@tonic-gate return (NULL); 2907c478bd9Sstevel@tonic-gate } 2917c478bd9Sstevel@tonic-gate /* 2927c478bd9Sstevel@tonic-gate * add 2 for "gecos" 1 to up to 3 attribute mapping 2937c478bd9Sstevel@tonic-gate */ 2947c478bd9Sstevel@tonic-gate modlist = (LDAPMod *)calloc(count + 2, sizeof (LDAPMod)); 2957c478bd9Sstevel@tonic-gate if (modlist == NULL) { 2967c478bd9Sstevel@tonic-gate free(mods); 2977c478bd9Sstevel@tonic-gate return (NULL); 2987c478bd9Sstevel@tonic-gate } 2997c478bd9Sstevel@tonic-gate 3007c478bd9Sstevel@tonic-gate if (service != NULL && strncasecmp(service, NS_LDAP_TYPE_AUTOMOUNT, 3017c478bd9Sstevel@tonic-gate sizeof (NS_LDAP_TYPE_AUTOMOUNT) - 1) == 0) 3027c478bd9Sstevel@tonic-gate auto_service = TRUE; 3037c478bd9Sstevel@tonic-gate 3047c478bd9Sstevel@tonic-gate /* 3057c478bd9Sstevel@tonic-gate * see if schema mapping existed for the given service 3067c478bd9Sstevel@tonic-gate */ 3077c478bd9Sstevel@tonic-gate mapping = __ns_ldap_getOrigAttribute(service, 3087c478bd9Sstevel@tonic-gate NS_HASH_SCHEMA_MAPPING_EXISTED); 3097c478bd9Sstevel@tonic-gate if (mapping) { 3107c478bd9Sstevel@tonic-gate schema_mapping_existed = TRUE; 3117c478bd9Sstevel@tonic-gate __s_api_free2dArray(mapping); 3127c478bd9Sstevel@tonic-gate mapping = NULL; 3137c478bd9Sstevel@tonic-gate } 3147c478bd9Sstevel@tonic-gate 3157c478bd9Sstevel@tonic-gate for (i = 0, k = 0; k < count && attr[k] != NULL; i++, k++) { 3167c478bd9Sstevel@tonic-gate mods[i] = &modlist[i]; 3177c478bd9Sstevel@tonic-gate mods[i]->mod_op = mod_op; 3187c478bd9Sstevel@tonic-gate /* 3197c478bd9Sstevel@tonic-gate * Perform attribute mapping if necessary. 3207c478bd9Sstevel@tonic-gate */ 321e1dd0a2fSth if (schema_mapping_existed && (flags & NS_LDAP_NOMAP) == 0) { 3227c478bd9Sstevel@tonic-gate mapping = __ns_ldap_getMappedAttributes(service, 3237c478bd9Sstevel@tonic-gate attr[k]->attrname); 3247c478bd9Sstevel@tonic-gate } else 3257c478bd9Sstevel@tonic-gate mapping = NULL; 3267c478bd9Sstevel@tonic-gate 3277c478bd9Sstevel@tonic-gate if (mapping == NULL && auto_service && 3287c478bd9Sstevel@tonic-gate (flags & NS_LDAP_NOMAP) == 0) { 3297c478bd9Sstevel@tonic-gate /* 3307c478bd9Sstevel@tonic-gate * if service == auto_xxx and 3317c478bd9Sstevel@tonic-gate * no mapped attribute is found 3327c478bd9Sstevel@tonic-gate * and NS_LDAP_NOMAP is not set 3337c478bd9Sstevel@tonic-gate * then try automount's mapped attribute 3347c478bd9Sstevel@tonic-gate */ 3357c478bd9Sstevel@tonic-gate mapping = __ns_ldap_getMappedAttributes("automount", 3367c478bd9Sstevel@tonic-gate attr[k]->attrname); 3377c478bd9Sstevel@tonic-gate } 3387c478bd9Sstevel@tonic-gate 3397c478bd9Sstevel@tonic-gate if (mapping == NULL) { 340e1dd0a2fSth mods[i]->mod_type = strdup(attr[k]->attrname); 341e1dd0a2fSth if (mods[i]->mod_type == NULL) 342e1dd0a2fSth goto free_memory; 3437c478bd9Sstevel@tonic-gate } else { 3447c478bd9Sstevel@tonic-gate /* 3457c478bd9Sstevel@tonic-gate * 1 to N attribute mapping is only done for "gecos", 3467c478bd9Sstevel@tonic-gate * and only 1 to 3 mapping. 3477c478bd9Sstevel@tonic-gate * nine cases here: 3487c478bd9Sstevel@tonic-gate * 3497c478bd9Sstevel@tonic-gate * A. attrMap=passwd:gecos=a 3507c478bd9Sstevel@tonic-gate * 1. gecos="xx,yy,zz" -> a="xx,yy,zz" 3517c478bd9Sstevel@tonic-gate * 2. gecos="xx,yy" -> a="xx,yy" 3527c478bd9Sstevel@tonic-gate * 3. gecos="xx" -> a="xx" 3537c478bd9Sstevel@tonic-gate * 3547c478bd9Sstevel@tonic-gate * B. attrMap=passwd:gecos=a b 3557c478bd9Sstevel@tonic-gate * 4. gecos="xx,yy,zz" -> a="xx" b="yy,zz" 3567c478bd9Sstevel@tonic-gate * 5. gecos="xx,yy" -> a="xx" b="yy" 3577c478bd9Sstevel@tonic-gate * 6. gecos="xx" -> a="xx" 3587c478bd9Sstevel@tonic-gate * 3597c478bd9Sstevel@tonic-gate * C. attrMap=passwd:gecos=a b c 3607c478bd9Sstevel@tonic-gate * 7. gecos="xx,yy,zz" -> a="xx" b="yy" c="zz" 3617c478bd9Sstevel@tonic-gate * 8. gecos="xx,yy" -> a="xx" b="yy" 3627c478bd9Sstevel@tonic-gate * 9. gecos="xx" -> a="xx" 3637c478bd9Sstevel@tonic-gate * 3647c478bd9Sstevel@tonic-gate * This can be grouped as: 3657c478bd9Sstevel@tonic-gate * 3667c478bd9Sstevel@tonic-gate * c1 cases: 1,2,3,6,9 3677c478bd9Sstevel@tonic-gate * if ((attrMap=passwd:gecos=a) || 3687c478bd9Sstevel@tonic-gate * (no "," in gecos value)) 3697c478bd9Sstevel@tonic-gate * same as other no-mapping attributes, 3707c478bd9Sstevel@tonic-gate * no special processing needed 3717c478bd9Sstevel@tonic-gate * else 3727c478bd9Sstevel@tonic-gate * 3737c478bd9Sstevel@tonic-gate * c2 cases: 4,5,8 3747c478bd9Sstevel@tonic-gate * if ((attrMap=passwd:gecos=a b) || 3757c478bd9Sstevel@tonic-gate * (only one "," in gecos value)) 3767c478bd9Sstevel@tonic-gate * a=xx b=yy[,...] 3777c478bd9Sstevel@tonic-gate * else 3787c478bd9Sstevel@tonic-gate * 3797c478bd9Sstevel@tonic-gate * c3 case: 7 3807c478bd9Sstevel@tonic-gate * a=xx b=yy c=... 3817c478bd9Sstevel@tonic-gate * 3827c478bd9Sstevel@tonic-gate * notes: in case c2 and c3, ... could still contain "," 3837c478bd9Sstevel@tonic-gate */ 384e1dd0a2fSth if (strcasecmp(service, "passwd") == 0 && 385e1dd0a2fSth strcasecmp(attr[k]->attrname, "gecos") == 0 && 386e1dd0a2fSth mapping[1] && attr[k]->attrvalue[0] && 387e1dd0a2fSth (comma1 = strchr(attr[k]->attrvalue[0], 388e1dd0a2fSth COMMATOK)) != NULL) { 3897c478bd9Sstevel@tonic-gate 3907c478bd9Sstevel@tonic-gate /* is there a second comma? */ 3917c478bd9Sstevel@tonic-gate if (*(comma1 + 1) != '\0') 3927c478bd9Sstevel@tonic-gate comma2 = strchr(comma1 + 1, COMMATOK); 3937c478bd9Sstevel@tonic-gate 3947c478bd9Sstevel@tonic-gate /* 3957c478bd9Sstevel@tonic-gate * Process case c2 or c3. 3967c478bd9Sstevel@tonic-gate * case c2: mapped to two attributes or just 3977c478bd9Sstevel@tonic-gate * one comma 3987c478bd9Sstevel@tonic-gate */ 399e1dd0a2fSth if (mapping[2] == NULL || comma2 == NULL) { 4007c478bd9Sstevel@tonic-gate /* case c2 */ 4017c478bd9Sstevel@tonic-gate 4027c478bd9Sstevel@tonic-gate /* 4037c478bd9Sstevel@tonic-gate * int mod structure for the first attribute 4047c478bd9Sstevel@tonic-gate */ 4057c478bd9Sstevel@tonic-gate vlen = comma1 - attr[k]->attrvalue[0]; 4067c478bd9Sstevel@tonic-gate c = attr[k]->attrvalue[0]; 4077c478bd9Sstevel@tonic-gate 4087c478bd9Sstevel@tonic-gate if (vlen > 0 && c) { 4097c478bd9Sstevel@tonic-gate rc = init_bval_mod(mods[i], mod_op, 410e1dd0a2fSth mapping[0], c, vlen); 4117c478bd9Sstevel@tonic-gate if (rc != 0) 4127c478bd9Sstevel@tonic-gate goto free_memory; 4137c478bd9Sstevel@tonic-gate } else { 4147c478bd9Sstevel@tonic-gate /* don't leave a hole in mods array */ 4157c478bd9Sstevel@tonic-gate mods[i] = NULL; 4167c478bd9Sstevel@tonic-gate i--; 4177c478bd9Sstevel@tonic-gate } 4187c478bd9Sstevel@tonic-gate 4197c478bd9Sstevel@tonic-gate 4207c478bd9Sstevel@tonic-gate /* 4217c478bd9Sstevel@tonic-gate * init mod structure for the 2nd attribute 4227c478bd9Sstevel@tonic-gate */ 4237c478bd9Sstevel@tonic-gate if (*(comma1 + 1) == '\0') { 4247c478bd9Sstevel@tonic-gate __s_api_free2dArray(mapping); 4257c478bd9Sstevel@tonic-gate mapping = NULL; 4267c478bd9Sstevel@tonic-gate continue; 4277c478bd9Sstevel@tonic-gate } 4287c478bd9Sstevel@tonic-gate 4297c478bd9Sstevel@tonic-gate i++; 4307c478bd9Sstevel@tonic-gate mods[i] = &modlist[i]; 4317c478bd9Sstevel@tonic-gate 4327c478bd9Sstevel@tonic-gate /* 4337c478bd9Sstevel@tonic-gate * get pointer to data. 4347c478bd9Sstevel@tonic-gate * Skip leading spaces. 4357c478bd9Sstevel@tonic-gate */ 436e1dd0a2fSth for (c = comma1 + 1; *c == SPACETOK; c++) { 437e1dd0a2fSth /* empty */ 438e1dd0a2fSth } 4397c478bd9Sstevel@tonic-gate 4407c478bd9Sstevel@tonic-gate /* get data length */ 4417c478bd9Sstevel@tonic-gate vlen = strlen(attr[k]->attrvalue[0]) - 442e1dd0a2fSth (c - attr[k]->attrvalue[0]); 4437c478bd9Sstevel@tonic-gate 4447c478bd9Sstevel@tonic-gate if (vlen > 0 && c) { 4457c478bd9Sstevel@tonic-gate rc = init_bval_mod(mods[i], mod_op, 446e1dd0a2fSth mapping[1], c, vlen); 4477c478bd9Sstevel@tonic-gate if (rc != 0) 4487c478bd9Sstevel@tonic-gate goto free_memory; 4497c478bd9Sstevel@tonic-gate } else { 4507c478bd9Sstevel@tonic-gate /* don't leave a hole in mods array */ 4517c478bd9Sstevel@tonic-gate mods[i] = NULL; 4527c478bd9Sstevel@tonic-gate i--; 4537c478bd9Sstevel@tonic-gate } 4547c478bd9Sstevel@tonic-gate 4557c478bd9Sstevel@tonic-gate /* done with the mapping array */ 4567c478bd9Sstevel@tonic-gate __s_api_free2dArray(mapping); 4577c478bd9Sstevel@tonic-gate mapping = NULL; 4587c478bd9Sstevel@tonic-gate 4597c478bd9Sstevel@tonic-gate continue; 4607c478bd9Sstevel@tonic-gate } else { 4617c478bd9Sstevel@tonic-gate /* case c3 */ 4627c478bd9Sstevel@tonic-gate 4637c478bd9Sstevel@tonic-gate /* 4647c478bd9Sstevel@tonic-gate * int mod structure for the first attribute 4657c478bd9Sstevel@tonic-gate */ 4667c478bd9Sstevel@tonic-gate vlen = comma1 - attr[k]->attrvalue[0]; 4677c478bd9Sstevel@tonic-gate c = attr[k]->attrvalue[0]; 4687c478bd9Sstevel@tonic-gate 4697c478bd9Sstevel@tonic-gate if (vlen > 0 && c) { 4707c478bd9Sstevel@tonic-gate rc = init_bval_mod(mods[i], mod_op, 471e1dd0a2fSth mapping[0], c, vlen); 4727c478bd9Sstevel@tonic-gate if (rc != 0) 4737c478bd9Sstevel@tonic-gate goto free_memory; 4747c478bd9Sstevel@tonic-gate } else { 4757c478bd9Sstevel@tonic-gate /* don't leave a hole in mods array */ 4767c478bd9Sstevel@tonic-gate mods[i] = NULL; 4777c478bd9Sstevel@tonic-gate i--; 4787c478bd9Sstevel@tonic-gate } 4797c478bd9Sstevel@tonic-gate 4807c478bd9Sstevel@tonic-gate /* 4817c478bd9Sstevel@tonic-gate * init mod structure for the 2nd attribute 4827c478bd9Sstevel@tonic-gate */ 4837c478bd9Sstevel@tonic-gate i++; 4847c478bd9Sstevel@tonic-gate mods[i] = &modlist[i]; 4857c478bd9Sstevel@tonic-gate 4867c478bd9Sstevel@tonic-gate /* 4877c478bd9Sstevel@tonic-gate * get pointer to data. 4887c478bd9Sstevel@tonic-gate * Skip leading spaces. 4897c478bd9Sstevel@tonic-gate */ 490e1dd0a2fSth for (c = comma1 + 1; *c == SPACETOK; c++) { 491e1dd0a2fSth /* empty */ 492e1dd0a2fSth }; 4937c478bd9Sstevel@tonic-gate 4947c478bd9Sstevel@tonic-gate /* get data length */ 4957c478bd9Sstevel@tonic-gate vlen = comma2 - c; 4967c478bd9Sstevel@tonic-gate 4977c478bd9Sstevel@tonic-gate if (vlen > 0 && c) { 4987c478bd9Sstevel@tonic-gate rc = init_bval_mod(mods[i], mod_op, 499e1dd0a2fSth mapping[1], c, vlen); 5007c478bd9Sstevel@tonic-gate if (rc != 0) 5017c478bd9Sstevel@tonic-gate goto free_memory; 5027c478bd9Sstevel@tonic-gate } else { 5037c478bd9Sstevel@tonic-gate /* don't leave a hole in mods array */ 5047c478bd9Sstevel@tonic-gate mods[i] = NULL; 5057c478bd9Sstevel@tonic-gate i--; 5067c478bd9Sstevel@tonic-gate } 5077c478bd9Sstevel@tonic-gate 5087c478bd9Sstevel@tonic-gate /* 5097c478bd9Sstevel@tonic-gate * init mod structure for the 3rd attribute 5107c478bd9Sstevel@tonic-gate */ 5117c478bd9Sstevel@tonic-gate if (*(comma2 + 1) == '\0') { 5127c478bd9Sstevel@tonic-gate __s_api_free2dArray(mapping); 5137c478bd9Sstevel@tonic-gate mapping = NULL; 5147c478bd9Sstevel@tonic-gate continue; 5157c478bd9Sstevel@tonic-gate } 5167c478bd9Sstevel@tonic-gate 5177c478bd9Sstevel@tonic-gate i++; 5187c478bd9Sstevel@tonic-gate mods[i] = &modlist[i]; 5197c478bd9Sstevel@tonic-gate /* 5207c478bd9Sstevel@tonic-gate * get pointer to data. 5217c478bd9Sstevel@tonic-gate * Skip leading spaces. 5227c478bd9Sstevel@tonic-gate */ 523e1dd0a2fSth for (c = comma2 + 1; *c == SPACETOK; c++) { 524e1dd0a2fSth /* empty */ 525e1dd0a2fSth } 5267c478bd9Sstevel@tonic-gate 5277c478bd9Sstevel@tonic-gate /* get data length */ 5287c478bd9Sstevel@tonic-gate vlen = strlen(attr[k]->attrvalue[0]) - 529e1dd0a2fSth (c - attr[k]->attrvalue[0]); 5307c478bd9Sstevel@tonic-gate 5317c478bd9Sstevel@tonic-gate if (vlen > 0 && c) { 5327c478bd9Sstevel@tonic-gate rc = init_bval_mod(mods[i], mod_op, 533e1dd0a2fSth mapping[2], c, vlen); 5347c478bd9Sstevel@tonic-gate if (rc != 0) 5357c478bd9Sstevel@tonic-gate goto free_memory; 5367c478bd9Sstevel@tonic-gate } else { 5377c478bd9Sstevel@tonic-gate /* don't leave a hole in mods array */ 5387c478bd9Sstevel@tonic-gate mods[i] = NULL; 5397c478bd9Sstevel@tonic-gate i--; 5407c478bd9Sstevel@tonic-gate } 5417c478bd9Sstevel@tonic-gate 5427c478bd9Sstevel@tonic-gate /* done with the mapping array */ 5437c478bd9Sstevel@tonic-gate __s_api_free2dArray(mapping); 5447c478bd9Sstevel@tonic-gate mapping = NULL; 5457c478bd9Sstevel@tonic-gate 5467c478bd9Sstevel@tonic-gate continue; 547e1dd0a2fSth } 5487c478bd9Sstevel@tonic-gate } 5497c478bd9Sstevel@tonic-gate 550e1dd0a2fSth /* case c1 */ 551e1dd0a2fSth mods[i]->mod_type = strdup(mapping[0]); 552e1dd0a2fSth if (mods[i]->mod_type == NULL) { 5537c478bd9Sstevel@tonic-gate goto free_memory; 554e1dd0a2fSth } 555e1dd0a2fSth __s_api_free2dArray(mapping); 556e1dd0a2fSth mapping = NULL; 5577c478bd9Sstevel@tonic-gate } 5587c478bd9Sstevel@tonic-gate 5597c478bd9Sstevel@tonic-gate modval = (char **)calloc(attr[k]->value_count+1, 560e1dd0a2fSth sizeof (char *)); 5617c478bd9Sstevel@tonic-gate if (modval == NULL) 5627c478bd9Sstevel@tonic-gate goto free_memory; 5637c478bd9Sstevel@tonic-gate /* 5647c478bd9Sstevel@tonic-gate * Perform objectclass mapping. 5657c478bd9Sstevel@tonic-gate * Note that the values for the "objectclass" attribute 5667c478bd9Sstevel@tonic-gate * will be dupped using strdup. Values for other 5677c478bd9Sstevel@tonic-gate * attributes will be referenced via pointer 5687c478bd9Sstevel@tonic-gate * assignments. 5697c478bd9Sstevel@tonic-gate */ 5707c478bd9Sstevel@tonic-gate if (strcasecmp(mods[i]->mod_type, "objectclass") == 0) { 5717c478bd9Sstevel@tonic-gate for (j = 0; j < attr[k]->value_count; j++) { 5727c478bd9Sstevel@tonic-gate if (schema_mapping_existed && 573e1dd0a2fSth (flags & NS_LDAP_NOMAP) == 0) 5747c478bd9Sstevel@tonic-gate mapping = 575e1dd0a2fSth __ns_ldap_getMappedObjectClass( 576e1dd0a2fSth service, attr[k]->attrvalue[j]); 5777c478bd9Sstevel@tonic-gate else 5787c478bd9Sstevel@tonic-gate mapping = NULL; 5797c478bd9Sstevel@tonic-gate 5807c478bd9Sstevel@tonic-gate if (mapping == NULL && auto_service && 581e1dd0a2fSth (flags & NS_LDAP_NOMAP) == 0) 5827c478bd9Sstevel@tonic-gate /* 5837c478bd9Sstevel@tonic-gate * if service == auto_xxx and 5847c478bd9Sstevel@tonic-gate * no mapped objectclass is found 5857c478bd9Sstevel@tonic-gate * then try automount 5867c478bd9Sstevel@tonic-gate */ 5877c478bd9Sstevel@tonic-gate mapping = 588e1dd0a2fSth __ns_ldap_getMappedObjectClass( 589e1dd0a2fSth "automount", attr[k]->attrvalue[j]); 5907c478bd9Sstevel@tonic-gate 5917c478bd9Sstevel@tonic-gate if (mapping && mapping[0]) { 5927c478bd9Sstevel@tonic-gate /* assume single mapping */ 5937c478bd9Sstevel@tonic-gate modval[j] = strdup(mapping[0]); 5947c478bd9Sstevel@tonic-gate } else { 5957c478bd9Sstevel@tonic-gate modval[j] = strdup(attr[k]-> 596e1dd0a2fSth attrvalue[j]); 5977c478bd9Sstevel@tonic-gate } 5987c478bd9Sstevel@tonic-gate if (modval[j] == NULL) 5997c478bd9Sstevel@tonic-gate goto free_memory; 6007c478bd9Sstevel@tonic-gate } 6017c478bd9Sstevel@tonic-gate } else { 6027c478bd9Sstevel@tonic-gate for (j = 0; j < attr[k]->value_count; j++) { 6037c478bd9Sstevel@tonic-gate /* ASSIGN NOT COPY */ 6047c478bd9Sstevel@tonic-gate modval[j] = attr[k]->attrvalue[j]; 6057c478bd9Sstevel@tonic-gate } 6067c478bd9Sstevel@tonic-gate } 6077c478bd9Sstevel@tonic-gate mods[i]->mod_values = modval; 6087c478bd9Sstevel@tonic-gate } 6097c478bd9Sstevel@tonic-gate 6107c478bd9Sstevel@tonic-gate return (mods); 6117c478bd9Sstevel@tonic-gate 6127c478bd9Sstevel@tonic-gate free_memory: 6137c478bd9Sstevel@tonic-gate freeModList(mods); 6147c478bd9Sstevel@tonic-gate if (mapping) 6157c478bd9Sstevel@tonic-gate __s_api_free2dArray(mapping); 6167c478bd9Sstevel@tonic-gate 6177c478bd9Sstevel@tonic-gate return (NULL); 6187c478bd9Sstevel@tonic-gate 6197c478bd9Sstevel@tonic-gate } 6207c478bd9Sstevel@tonic-gate 6217c478bd9Sstevel@tonic-gate static LDAPMod ** 6227c478bd9Sstevel@tonic-gate __s_api_makeModList( 6237c478bd9Sstevel@tonic-gate const char *service, 6247c478bd9Sstevel@tonic-gate const ns_ldap_attr_t * const *attr, 6257c478bd9Sstevel@tonic-gate const int mod_op, 6267c478bd9Sstevel@tonic-gate const int flags) 6277c478bd9Sstevel@tonic-gate { 6287c478bd9Sstevel@tonic-gate ns_ldap_attr_t **aptr = (ns_ldap_attr_t **)attr; 6297c478bd9Sstevel@tonic-gate int count = 0; 6307c478bd9Sstevel@tonic-gate 6317c478bd9Sstevel@tonic-gate if (aptr == NULL) 6327c478bd9Sstevel@tonic-gate return (NULL); 6337c478bd9Sstevel@tonic-gate 6347c478bd9Sstevel@tonic-gate /* count number of attributes */ 6357c478bd9Sstevel@tonic-gate while (*aptr++) 6367c478bd9Sstevel@tonic-gate count++; 6377c478bd9Sstevel@tonic-gate 6387c478bd9Sstevel@tonic-gate return (__s_api_makeModListCount(service, attr, mod_op, count, flags)); 6397c478bd9Sstevel@tonic-gate } 6407c478bd9Sstevel@tonic-gate 6417c478bd9Sstevel@tonic-gate static void 6427c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(ns_ldap_entry_t **entry, char **rdn) 6437c478bd9Sstevel@tonic-gate { 6447c478bd9Sstevel@tonic-gate if (*entry != NULL) { 6457c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(*entry); 6467c478bd9Sstevel@tonic-gate *entry = NULL; 6477c478bd9Sstevel@tonic-gate } 6487c478bd9Sstevel@tonic-gate if (*rdn != NULL) { 6497c478bd9Sstevel@tonic-gate free(*rdn); 6507c478bd9Sstevel@tonic-gate *rdn = NULL; 6517c478bd9Sstevel@tonic-gate } 6527c478bd9Sstevel@tonic-gate } 6537c478bd9Sstevel@tonic-gate 6547c478bd9Sstevel@tonic-gate /* 6557c478bd9Sstevel@tonic-gate * This state machine performs one or more LDAP add/delete/modify 6567c478bd9Sstevel@tonic-gate * operations to configured LDAP servers. 6577c478bd9Sstevel@tonic-gate */ 6587c478bd9Sstevel@tonic-gate static int 6597c478bd9Sstevel@tonic-gate write_state_machine( 66091b658d3SToomas Soome int ldap_op, 66191b658d3SToomas Soome char *dn, 6627c478bd9Sstevel@tonic-gate LDAPMod **mods, 6637c478bd9Sstevel@tonic-gate const ns_cred_t *cred, 66491b658d3SToomas Soome const int flags, 6657c478bd9Sstevel@tonic-gate ns_ldap_error_t ** errorp) 6667c478bd9Sstevel@tonic-gate { 6677c478bd9Sstevel@tonic-gate ConnectionID connectionId = -1; 6687c478bd9Sstevel@tonic-gate Connection *conp = NULL; 66991b658d3SToomas Soome LDAPMessage *res; 6707c478bd9Sstevel@tonic-gate char *target_dn = NULL; 6717c478bd9Sstevel@tonic-gate char errstr[MAXERROR]; 6727c478bd9Sstevel@tonic-gate int rc = NS_LDAP_SUCCESS; 6737c478bd9Sstevel@tonic-gate int return_rc = NS_LDAP_SUCCESS; 6747c478bd9Sstevel@tonic-gate int followRef = FALSE; 6757c478bd9Sstevel@tonic-gate int target_dn_allocated = FALSE; 6767c478bd9Sstevel@tonic-gate int len; 6777c478bd9Sstevel@tonic-gate int msgid; 6787c478bd9Sstevel@tonic-gate int Errno; 67920945219SMichen Chang boolean_t from_get_lderrno = B_FALSE; 6807c478bd9Sstevel@tonic-gate int always = 1; 6817c478bd9Sstevel@tonic-gate char *err, *errmsg = NULL; 6827d575517Ssdussud /* referrals returned by the LDAP operation */ 6837c478bd9Sstevel@tonic-gate char **referrals = NULL; 6847d575517Ssdussud /* 6857d575517Ssdussud * list of referrals used by the state machine, built from 6867d575517Ssdussud * the referrals variable above 6877d575517Ssdussud */ 6887d575517Ssdussud ns_referral_info_t *ref_list = NULL; 6897d575517Ssdussud /* current referral */ 6907d575517Ssdussud ns_referral_info_t *current_ref = NULL; 6917c478bd9Sstevel@tonic-gate ns_write_state_t state = W_INIT, new_state, err_state = W_INIT; 6927c478bd9Sstevel@tonic-gate int do_not_fail_if_new_pwd_reqd = 0; 6937c478bd9Sstevel@tonic-gate ns_ldap_passwd_status_t pwd_status = NS_PASSWD_GOOD; 6947c478bd9Sstevel@tonic-gate int passwd_mgmt = 0; 6957d575517Ssdussud int i = 0; 6967d575517Ssdussud int ldap_error; 69747789246Svv int nopasswd_acct_mgmt = 0; 698e1dd0a2fSth ns_conn_user_t *conn_user = NULL; 6997c478bd9Sstevel@tonic-gate 7007c478bd9Sstevel@tonic-gate while (always) { 7017c478bd9Sstevel@tonic-gate switch (state) { 7027c478bd9Sstevel@tonic-gate case W_EXIT: 703e1dd0a2fSth /* return the MT connection and free the conn user */ 704e1dd0a2fSth if (conn_user != NULL) { 705e1dd0a2fSth if (conn_user->use_mt_conn == B_TRUE) { 706e1dd0a2fSth if (conn_user->ns_error != NULL) { 707e1dd0a2fSth *errorp = conn_user->ns_error; 708e1dd0a2fSth conn_user->ns_error = NULL; 709e1dd0a2fSth return_rc = conn_user->ns_rc; 710e1dd0a2fSth } 711e1dd0a2fSth if (conn_user->conn_mt != NULL) 712e1dd0a2fSth __s_api_conn_mt_return( 713e1dd0a2fSth conn_user); 714e1dd0a2fSth } 715e1dd0a2fSth __s_api_conn_user_free(conn_user); 716e1dd0a2fSth } 717e1dd0a2fSth 7187c478bd9Sstevel@tonic-gate if (connectionId > -1) 719cb5caa98Sdjl DropConnection(connectionId, NS_LDAP_NEW_CONN); 7207d575517Ssdussud if (ref_list) 7217d575517Ssdussud __s_api_deleteRefInfo(ref_list); 7227c478bd9Sstevel@tonic-gate if (target_dn && target_dn_allocated) 7237c478bd9Sstevel@tonic-gate free(target_dn); 7247c478bd9Sstevel@tonic-gate return (return_rc); 7257c478bd9Sstevel@tonic-gate case W_INIT: 7267c478bd9Sstevel@tonic-gate /* see if need to follow referrals */ 7277c478bd9Sstevel@tonic-gate rc = __s_api_toFollowReferrals(flags, 728e1dd0a2fSth &followRef, errorp); 7297c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 7307c478bd9Sstevel@tonic-gate return_rc = rc; 7317c478bd9Sstevel@tonic-gate new_state = W_ERROR; 7327c478bd9Sstevel@tonic-gate break; 7337c478bd9Sstevel@tonic-gate } 7347c478bd9Sstevel@tonic-gate len = strlen(dn); 7357c478bd9Sstevel@tonic-gate if (dn[len-1] == COMMATOK) 7367c478bd9Sstevel@tonic-gate rc = __s_api_append_default_basedn( 737e1dd0a2fSth dn, &target_dn, &target_dn_allocated, 738e1dd0a2fSth errorp); 7397c478bd9Sstevel@tonic-gate else 7407c478bd9Sstevel@tonic-gate target_dn = dn; 7417c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 7427c478bd9Sstevel@tonic-gate return_rc = rc; 7437c478bd9Sstevel@tonic-gate new_state = W_ERROR; 7447c478bd9Sstevel@tonic-gate } 7457c478bd9Sstevel@tonic-gate else 7467c478bd9Sstevel@tonic-gate new_state = GET_CONNECTION; 7477c478bd9Sstevel@tonic-gate break; 7487c478bd9Sstevel@tonic-gate case GET_CONNECTION: 749e1dd0a2fSth /* identify self as a write user */ 750e1dd0a2fSth conn_user = __s_api_conn_user_init(NS_CONN_USER_WRITE, 751e1dd0a2fSth NULL, B_FALSE); 7527c478bd9Sstevel@tonic-gate rc = __s_api_getConnection(NULL, 753e1dd0a2fSth flags, cred, &connectionId, &conp, errorp, 754e1dd0a2fSth do_not_fail_if_new_pwd_reqd, nopasswd_acct_mgmt, 755e1dd0a2fSth conn_user); 7567c478bd9Sstevel@tonic-gate 7577c478bd9Sstevel@tonic-gate /* 7587c478bd9Sstevel@tonic-gate * If password control attached 7597c478bd9Sstevel@tonic-gate * in *errorp, 7607c478bd9Sstevel@tonic-gate * e.g. rc == NS_LDAP_SUCCESS_WITH_INFO, 7617c478bd9Sstevel@tonic-gate * free the error structure (we do not need 7627c478bd9Sstevel@tonic-gate * the password management info). 7637c478bd9Sstevel@tonic-gate * Reset rc to NS_LDAP_SUCCESS. 7647c478bd9Sstevel@tonic-gate */ 7657c478bd9Sstevel@tonic-gate if (rc == NS_LDAP_SUCCESS_WITH_INFO) { 766e1dd0a2fSth (void) __ns_ldap_freeError(errorp); 7677c478bd9Sstevel@tonic-gate *errorp = NULL; 7687c478bd9Sstevel@tonic-gate rc = NS_LDAP_SUCCESS; 7697c478bd9Sstevel@tonic-gate } 7707c478bd9Sstevel@tonic-gate 7717c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 7727c478bd9Sstevel@tonic-gate return_rc = rc; 7737c478bd9Sstevel@tonic-gate new_state = W_ERROR; 7747c478bd9Sstevel@tonic-gate break; 7757c478bd9Sstevel@tonic-gate } 7767c478bd9Sstevel@tonic-gate if (followRef) 7777c478bd9Sstevel@tonic-gate new_state = SELECT_OPERATION_ASYNC; 7787c478bd9Sstevel@tonic-gate else 7797c478bd9Sstevel@tonic-gate new_state = SELECT_OPERATION_SYNC; 7807c478bd9Sstevel@tonic-gate break; 7817c478bd9Sstevel@tonic-gate case SELECT_OPERATION_SYNC: 7827c478bd9Sstevel@tonic-gate if (ldap_op == LDAP_REQ_ADD) 7837c478bd9Sstevel@tonic-gate new_state = DO_ADD_SYNC; 7847c478bd9Sstevel@tonic-gate else if (ldap_op == LDAP_REQ_DELETE) 7857c478bd9Sstevel@tonic-gate new_state = DO_DELETE_SYNC; 7867c478bd9Sstevel@tonic-gate else if (ldap_op == LDAP_REQ_MODIFY) 7877c478bd9Sstevel@tonic-gate new_state = DO_MODIFY_SYNC; 7887c478bd9Sstevel@tonic-gate break; 7897c478bd9Sstevel@tonic-gate case SELECT_OPERATION_ASYNC: 7907c478bd9Sstevel@tonic-gate if (ldap_op == LDAP_REQ_ADD) 7917c478bd9Sstevel@tonic-gate new_state = DO_ADD_ASYNC; 7927c478bd9Sstevel@tonic-gate else if (ldap_op == LDAP_REQ_DELETE) 7937c478bd9Sstevel@tonic-gate new_state = DO_DELETE_ASYNC; 7947c478bd9Sstevel@tonic-gate else if (ldap_op == LDAP_REQ_MODIFY) 7957c478bd9Sstevel@tonic-gate new_state = DO_MODIFY_ASYNC; 7967c478bd9Sstevel@tonic-gate break; 7977c478bd9Sstevel@tonic-gate case DO_ADD_SYNC: 7987c478bd9Sstevel@tonic-gate rc = ldap_add_ext_s(conp->ld, target_dn, 799e1dd0a2fSth mods, NULL, NULL); 8007c478bd9Sstevel@tonic-gate new_state = GET_RESULT_SYNC; 8017c478bd9Sstevel@tonic-gate break; 8027c478bd9Sstevel@tonic-gate case DO_DELETE_SYNC: 8037c478bd9Sstevel@tonic-gate rc = ldap_delete_ext_s(conp->ld, target_dn, 804e1dd0a2fSth NULL, NULL); 8057c478bd9Sstevel@tonic-gate new_state = GET_RESULT_SYNC; 8067c478bd9Sstevel@tonic-gate break; 8077c478bd9Sstevel@tonic-gate case DO_MODIFY_SYNC: 8087c478bd9Sstevel@tonic-gate rc = ldap_modify_ext_s(conp->ld, target_dn, 809e1dd0a2fSth mods, NULL, NULL); 8107c478bd9Sstevel@tonic-gate new_state = GET_RESULT_SYNC; 8117c478bd9Sstevel@tonic-gate break; 8127c478bd9Sstevel@tonic-gate case DO_ADD_ASYNC: 8137c478bd9Sstevel@tonic-gate rc = ldap_add_ext(conp->ld, target_dn, 814e1dd0a2fSth mods, NULL, NULL, &msgid); 8157c478bd9Sstevel@tonic-gate new_state = GET_RESULT_ASYNC; 8167c478bd9Sstevel@tonic-gate break; 8177c478bd9Sstevel@tonic-gate case DO_DELETE_ASYNC: 8187c478bd9Sstevel@tonic-gate rc = ldap_delete_ext(conp->ld, target_dn, 819e1dd0a2fSth NULL, NULL, &msgid); 8207c478bd9Sstevel@tonic-gate new_state = GET_RESULT_ASYNC; 8217c478bd9Sstevel@tonic-gate break; 8227c478bd9Sstevel@tonic-gate case DO_MODIFY_ASYNC: 8237c478bd9Sstevel@tonic-gate rc = ldap_modify_ext(conp->ld, target_dn, 824e1dd0a2fSth mods, NULL, NULL, &msgid); 8257c478bd9Sstevel@tonic-gate new_state = GET_RESULT_ASYNC; 8267c478bd9Sstevel@tonic-gate break; 8277c478bd9Sstevel@tonic-gate case GET_RESULT_SYNC: 8287c478bd9Sstevel@tonic-gate if (rc != LDAP_SUCCESS) { 8297c478bd9Sstevel@tonic-gate Errno = rc; 8307c478bd9Sstevel@tonic-gate (void) ldap_get_lderrno(conp->ld, 831e1dd0a2fSth NULL, &errmsg); 83220945219SMichen Chang 8337c478bd9Sstevel@tonic-gate /* 83420945219SMichen Chang * No need to deal with the error message if 83520945219SMichen Chang * it's an empty string. 8367c478bd9Sstevel@tonic-gate */ 83720945219SMichen Chang if (errmsg != NULL && *errmsg == '\0') 8387c478bd9Sstevel@tonic-gate errmsg = NULL; 83920945219SMichen Chang 84020945219SMichen Chang if (errmsg != NULL) { 84120945219SMichen Chang /* 84220945219SMichen Chang * ldap_get_lderrno does not expect 84320945219SMichen Chang * errmsg to be freed after use, while 84420945219SMichen Chang * ldap_parse_result below does, so set 84520945219SMichen Chang * a flag to indicate source. 84620945219SMichen Chang */ 84720945219SMichen Chang from_get_lderrno = B_TRUE; 8487c478bd9Sstevel@tonic-gate } 84920945219SMichen Chang 8507c478bd9Sstevel@tonic-gate new_state = W_LDAP_ERROR; 8517c478bd9Sstevel@tonic-gate } else { 8527c478bd9Sstevel@tonic-gate return_rc = NS_LDAP_SUCCESS; 8537c478bd9Sstevel@tonic-gate new_state = W_EXIT; 8547c478bd9Sstevel@tonic-gate } 8557c478bd9Sstevel@tonic-gate break; 8567c478bd9Sstevel@tonic-gate case GET_RESULT_ASYNC: 8577c478bd9Sstevel@tonic-gate rc = ldap_result(conp->ld, msgid, 1, 858e1dd0a2fSth (struct timeval *)NULL, &res); 8597c478bd9Sstevel@tonic-gate /* if no server response, set Errno */ 8607c478bd9Sstevel@tonic-gate if (rc == -1) { 8617c478bd9Sstevel@tonic-gate (void) ldap_get_option(conp->ld, 8627c478bd9Sstevel@tonic-gate LDAP_OPT_ERROR_NUMBER, &Errno); 8637c478bd9Sstevel@tonic-gate new_state = W_LDAP_ERROR; 8647c478bd9Sstevel@tonic-gate break; 8657c478bd9Sstevel@tonic-gate } 866e1dd0a2fSth if (rc == LDAP_RES_ADD || rc == LDAP_RES_MODIFY || 867e1dd0a2fSth rc == LDAP_RES_DELETE) { 8687c478bd9Sstevel@tonic-gate new_state = PARSE_RESULT; 8697c478bd9Sstevel@tonic-gate break; 8707c478bd9Sstevel@tonic-gate } else { 8717c478bd9Sstevel@tonic-gate return_rc = rc; 8727c478bd9Sstevel@tonic-gate new_state = W_ERROR; 8737c478bd9Sstevel@tonic-gate } 8747c478bd9Sstevel@tonic-gate break; 8757c478bd9Sstevel@tonic-gate case PARSE_RESULT: 8767c478bd9Sstevel@tonic-gate /* 8777c478bd9Sstevel@tonic-gate * need Errno, referrals, error msg, 8787c478bd9Sstevel@tonic-gate * and the last "1" is to free 8797c478bd9Sstevel@tonic-gate * the result (res) 8807c478bd9Sstevel@tonic-gate */ 881e1dd0a2fSth rc = ldap_parse_result(conp->ld, res, &Errno, 882e1dd0a2fSth NULL, &errmsg, &referrals, NULL, 1); 8837c478bd9Sstevel@tonic-gate /* 8847c478bd9Sstevel@tonic-gate * free errmsg if it is an empty string 8857c478bd9Sstevel@tonic-gate */ 8867c478bd9Sstevel@tonic-gate if (errmsg && *errmsg == '\0') { 8877c478bd9Sstevel@tonic-gate ldap_memfree(errmsg); 8887c478bd9Sstevel@tonic-gate errmsg = NULL; 8897c478bd9Sstevel@tonic-gate } 8907d575517Ssdussud /* 8917d575517Ssdussud * If we received referral data, process 8927d575517Ssdussud * it if: 8937d575517Ssdussud * - we are configured to follow referrals 8947d575517Ssdussud * - and not already in referral mode (to keep 8957d575517Ssdussud * consistency with search_state_machine() 8967d575517Ssdussud * which follows 1 level of referrals only; 8977d575517Ssdussud * see proc_result_referrals() and 8987d575517Ssdussud * proc_search_references(). 8997d575517Ssdussud */ 9007d575517Ssdussud if (Errno == LDAP_REFERRAL && followRef && !ref_list) { 9017d575517Ssdussud for (i = 0; referrals[i] != NULL; i++) { 9027d575517Ssdussud /* add to referral list */ 9037d575517Ssdussud rc = __s_api_addRefInfo(&ref_list, 904e1dd0a2fSth referrals[i], NULL, NULL, NULL, 905e1dd0a2fSth conp->ld); 9067d575517Ssdussud if (rc != NS_LDAP_SUCCESS) { 9077d575517Ssdussud __s_api_deleteRefInfo(ref_list); 9087d575517Ssdussud ref_list = NULL; 9097d575517Ssdussud break; 9107d575517Ssdussud } 9117c478bd9Sstevel@tonic-gate } 9127c478bd9Sstevel@tonic-gate ldap_value_free(referrals); 9137d575517Ssdussud if (ref_list == NULL) { 9147c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_MEMORY) 9157c478bd9Sstevel@tonic-gate rc = NS_LDAP_INTERNAL; 9167d575517Ssdussud return_rc = rc; 9177c478bd9Sstevel@tonic-gate new_state = W_ERROR; 9187d575517Ssdussud } else { 9197c478bd9Sstevel@tonic-gate new_state = GET_REFERRAL_CONNECTION; 9207d575517Ssdussud current_ref = ref_list; 9217d575517Ssdussud } 9227c478bd9Sstevel@tonic-gate if (errmsg) { 9237c478bd9Sstevel@tonic-gate ldap_memfree(errmsg); 9247c478bd9Sstevel@tonic-gate errmsg = NULL; 9257c478bd9Sstevel@tonic-gate } 9267c478bd9Sstevel@tonic-gate break; 9277c478bd9Sstevel@tonic-gate } 9287c478bd9Sstevel@tonic-gate if (Errno != LDAP_SUCCESS) { 9297c478bd9Sstevel@tonic-gate new_state = W_LDAP_ERROR; 9307c478bd9Sstevel@tonic-gate } else { 9317c478bd9Sstevel@tonic-gate return_rc = NS_LDAP_SUCCESS; 9327c478bd9Sstevel@tonic-gate new_state = W_EXIT; 9337c478bd9Sstevel@tonic-gate } 9347c478bd9Sstevel@tonic-gate break; 9357c478bd9Sstevel@tonic-gate case GET_REFERRAL_CONNECTION: 9367d575517Ssdussud /* 9377d575517Ssdussud * since we are starting over, 9387d575517Ssdussud * discard the old error info 9397d575517Ssdussud */ 9407d575517Ssdussud return_rc = NS_LDAP_SUCCESS; 9417d575517Ssdussud if (*errorp) 9427d575517Ssdussud (void) __ns_ldap_freeError(errorp); 9437c478bd9Sstevel@tonic-gate if (connectionId > -1) 944cb5caa98Sdjl DropConnection(connectionId, NS_LDAP_NEW_CONN); 945e1dd0a2fSth 946e1dd0a2fSth /* set it up to use a referral connection */ 947e1dd0a2fSth if (conn_user != NULL) { 948e1dd0a2fSth /* 949e1dd0a2fSth * If an MT connection is being used, 950e1dd0a2fSth * return it to the pool. 951e1dd0a2fSth */ 952e1dd0a2fSth if (conn_user->conn_mt != NULL) 953e1dd0a2fSth __s_api_conn_mt_return(conn_user); 954e1dd0a2fSth 955e1dd0a2fSth conn_user->referral = B_TRUE; 956e1dd0a2fSth } 9577d575517Ssdussud rc = __s_api_getConnection(current_ref->refHost, 958e1dd0a2fSth 0, cred, &connectionId, &conp, errorp, 959e1dd0a2fSth do_not_fail_if_new_pwd_reqd, 960e1dd0a2fSth nopasswd_acct_mgmt, conn_user); 9617c478bd9Sstevel@tonic-gate 9627c478bd9Sstevel@tonic-gate /* 9637c478bd9Sstevel@tonic-gate * If password control attached 9647c478bd9Sstevel@tonic-gate * in errorp, 9657c478bd9Sstevel@tonic-gate * e.g. rc == NS_LDAP_SUCCESS_WITH_INFO, 9667c478bd9Sstevel@tonic-gate * free the error structure (we do not need 9677c478bd9Sstevel@tonic-gate * the password management info). 9687c478bd9Sstevel@tonic-gate * Reset rc to NS_LDAP_SUCCESS. 9697c478bd9Sstevel@tonic-gate */ 9707c478bd9Sstevel@tonic-gate if (rc == NS_LDAP_SUCCESS_WITH_INFO) { 971e1dd0a2fSth (void) __ns_ldap_freeError(errorp); 9727c478bd9Sstevel@tonic-gate *errorp = NULL; 9737c478bd9Sstevel@tonic-gate rc = NS_LDAP_SUCCESS; 9747c478bd9Sstevel@tonic-gate } 9757c478bd9Sstevel@tonic-gate 9767c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 9777c478bd9Sstevel@tonic-gate return_rc = rc; 9787d575517Ssdussud /* 9797d575517Ssdussud * If current referral is not 9807d575517Ssdussud * available for some reason, 9817d575517Ssdussud * try next referral in the list. 9827d575517Ssdussud * Get LDAP error code from errorp. 9837d575517Ssdussud */ 9847d575517Ssdussud if (*errorp != NULL) { 985e1dd0a2fSth ns_write_state_t get_ref = 986e1dd0a2fSth GET_REFERRAL_CONNECTION; 987e1dd0a2fSth 9887d575517Ssdussud ldap_error = (*errorp)->status; 9897d575517Ssdussud if (ldap_error == LDAP_BUSY || 9907d575517Ssdussud ldap_error == LDAP_UNAVAILABLE || 9917d575517Ssdussud ldap_error == 992e1dd0a2fSth LDAP_UNWILLING_TO_PERFORM || 9937d575517Ssdussud ldap_error == LDAP_CONNECT_ERROR || 9947d575517Ssdussud ldap_error == LDAP_SERVER_DOWN) { 9957d575517Ssdussud current_ref = current_ref->next; 9967d575517Ssdussud if (current_ref == NULL) { 997e1dd0a2fSth /* no more referral to follow */ 998e1dd0a2fSth new_state = W_ERROR; 999e1dd0a2fSth } else 1000e1dd0a2fSth new_state = get_ref; 10017d575517Ssdussud /* 10027d575517Ssdussud * free errorp before going to 10037d575517Ssdussud * next referral 10047d575517Ssdussud */ 10057d575517Ssdussud (void) __ns_ldap_freeError( 1006e1dd0a2fSth errorp); 10077d575517Ssdussud *errorp = NULL; 10087d575517Ssdussud break; 10097d575517Ssdussud } 10107d575517Ssdussud /* 10117d575517Ssdussud * free errorp before going to W_ERROR 10127d575517Ssdussud */ 10137d575517Ssdussud (void) __ns_ldap_freeError(errorp); 10147d575517Ssdussud *errorp = NULL; 10157d575517Ssdussud } 10167d575517Ssdussud /* else, exit */ 10177d575517Ssdussud __s_api_deleteRefInfo(ref_list); 10187d575517Ssdussud ref_list = NULL; 10197c478bd9Sstevel@tonic-gate new_state = W_ERROR; 1020e1dd0a2fSth if (conn_user != NULL) 1021e1dd0a2fSth conn_user->referral = B_FALSE; 10227c478bd9Sstevel@tonic-gate break; 10237c478bd9Sstevel@tonic-gate } 10247c478bd9Sstevel@tonic-gate /* target DN may changed due to referrals */ 10257d575517Ssdussud if (current_ref->refDN) { 10267c478bd9Sstevel@tonic-gate if (target_dn && target_dn_allocated) { 10277c478bd9Sstevel@tonic-gate free(target_dn); 10287c478bd9Sstevel@tonic-gate target_dn = NULL; 10297c478bd9Sstevel@tonic-gate target_dn_allocated = FALSE; 10307c478bd9Sstevel@tonic-gate } 10317d575517Ssdussud target_dn = current_ref->refDN; 10327c478bd9Sstevel@tonic-gate } 10337c478bd9Sstevel@tonic-gate new_state = SELECT_OPERATION_SYNC; 10347c478bd9Sstevel@tonic-gate break; 10357c478bd9Sstevel@tonic-gate case W_LDAP_ERROR: 10367c478bd9Sstevel@tonic-gate /* 10377c478bd9Sstevel@tonic-gate * map error code and error message 10387c478bd9Sstevel@tonic-gate * to password status if necessary. 10397c478bd9Sstevel@tonic-gate * This is to see if password updates 10407c478bd9Sstevel@tonic-gate * failed due to password policy or 10417c478bd9Sstevel@tonic-gate * password syntax checking. 10427c478bd9Sstevel@tonic-gate */ 10437c478bd9Sstevel@tonic-gate if (errmsg) { 10447c478bd9Sstevel@tonic-gate /* 10457c478bd9Sstevel@tonic-gate * check if server supports 10467c478bd9Sstevel@tonic-gate * password management 10477c478bd9Sstevel@tonic-gate */ 10487c478bd9Sstevel@tonic-gate passwd_mgmt = 1049e1dd0a2fSth __s_api_contain_passwd_control_oid( 1050e1dd0a2fSth conp->controls); 10517c478bd9Sstevel@tonic-gate if (passwd_mgmt) 10527c478bd9Sstevel@tonic-gate pwd_status = 1053e1dd0a2fSth __s_api_set_passwd_status( 1054e1dd0a2fSth Errno, errmsg); 105520945219SMichen Chang /* 105620945219SMichen Chang * free only if not returned by ldap_get_lderrno 105720945219SMichen Chang */ 105820945219SMichen Chang if (!from_get_lderrno) 105920945219SMichen Chang ldap_memfree(errmsg); 10607c478bd9Sstevel@tonic-gate errmsg = NULL; 106120945219SMichen Chang from_get_lderrno = B_FALSE; 10627c478bd9Sstevel@tonic-gate } 10637c478bd9Sstevel@tonic-gate 1064dd1104fbSMichen Chang (void) snprintf(errstr, sizeof (errstr), 1065dd1104fbSMichen Chang "%s", ldap_err2string(Errno)); 10667c478bd9Sstevel@tonic-gate err = strdup(errstr); 10677c478bd9Sstevel@tonic-gate if (pwd_status != NS_PASSWD_GOOD) { 10687c478bd9Sstevel@tonic-gate MKERROR_PWD_MGMT(*errorp, Errno, err, 1069*51b02b29SToomas Soome pwd_status, 0, NS_LDAP_MEMORY); 10707c478bd9Sstevel@tonic-gate } else { 1071*51b02b29SToomas Soome MKERROR(LOG_INFO, *errorp, Errno, err, 1072*51b02b29SToomas Soome NS_LDAP_MEMORY); 10737c478bd9Sstevel@tonic-gate } 1074e1dd0a2fSth if (conn_user != NULL && 1075e1dd0a2fSth (Errno == LDAP_SERVER_DOWN || 1076e1dd0a2fSth Errno == LDAP_CONNECT_ERROR)) { 1077e1dd0a2fSth __s_api_conn_mt_close(conn_user, Errno, errorp); 1078e1dd0a2fSth } 10797c478bd9Sstevel@tonic-gate return_rc = NS_LDAP_INTERNAL; 10807c478bd9Sstevel@tonic-gate new_state = W_EXIT; 10817c478bd9Sstevel@tonic-gate break; 10827c478bd9Sstevel@tonic-gate case W_ERROR: 10837c478bd9Sstevel@tonic-gate default: 10847c478bd9Sstevel@tonic-gate (void) sprintf(errstr, 1085e1dd0a2fSth gettext("Internal write State machine exit" 1086e1dd0a2fSth " (state = %d, rc = %d)."), 1087e1dd0a2fSth err_state, return_rc); 10887c478bd9Sstevel@tonic-gate err = strdup(errstr); 1089*51b02b29SToomas Soome MKERROR(LOG_WARNING, *errorp, return_rc, err, 1090*51b02b29SToomas Soome NS_LDAP_MEMORY); 10917c478bd9Sstevel@tonic-gate new_state = W_EXIT; 10927c478bd9Sstevel@tonic-gate break; 10937c478bd9Sstevel@tonic-gate } 10947c478bd9Sstevel@tonic-gate 10957c478bd9Sstevel@tonic-gate if (new_state == W_ERROR) 10967c478bd9Sstevel@tonic-gate err_state = state; 1097e1dd0a2fSth 1098e1dd0a2fSth if (conn_user != NULL && conn_user->bad_mt_conn == B_TRUE) { 1099e1dd0a2fSth __s_api_conn_mt_close(conn_user, 0, NULL); 1100e1dd0a2fSth new_state = W_EXIT; 1101e1dd0a2fSth } 1102e1dd0a2fSth 11037c478bd9Sstevel@tonic-gate state = new_state; 11047c478bd9Sstevel@tonic-gate } 11057c478bd9Sstevel@tonic-gate 11067c478bd9Sstevel@tonic-gate /* 11077c478bd9Sstevel@tonic-gate * should never be here, the next line is to eliminating 11087c478bd9Sstevel@tonic-gate * lint message 11097c478bd9Sstevel@tonic-gate */ 11107c478bd9Sstevel@tonic-gate return (NS_LDAP_INTERNAL); 11117c478bd9Sstevel@tonic-gate } 11127c478bd9Sstevel@tonic-gate 11137c478bd9Sstevel@tonic-gate 11147c478bd9Sstevel@tonic-gate /*ARGSUSED*/ 11157c478bd9Sstevel@tonic-gate int 11167c478bd9Sstevel@tonic-gate __ns_ldap_addAttr( 11177c478bd9Sstevel@tonic-gate const char *service, 11187c478bd9Sstevel@tonic-gate const char *dn, 11197c478bd9Sstevel@tonic-gate const ns_ldap_attr_t * const *attr, 11207c478bd9Sstevel@tonic-gate const ns_cred_t *cred, 11217c478bd9Sstevel@tonic-gate const int flags, 11227c478bd9Sstevel@tonic-gate ns_ldap_error_t ** errorp) 11237c478bd9Sstevel@tonic-gate { 11247c478bd9Sstevel@tonic-gate LDAPMod **mods; 11257c478bd9Sstevel@tonic-gate int rc = 0; 11267c478bd9Sstevel@tonic-gate 11277c478bd9Sstevel@tonic-gate #ifdef DEBUG 11287c478bd9Sstevel@tonic-gate (void) fprintf(stderr, "__ns_ldap_addAttr START\n"); 11297c478bd9Sstevel@tonic-gate #endif 11307c478bd9Sstevel@tonic-gate *errorp = NULL; 11317c478bd9Sstevel@tonic-gate 11327c478bd9Sstevel@tonic-gate /* Sanity check */ 11337c478bd9Sstevel@tonic-gate if ((attr == NULL) || (*attr == NULL) || 11347c478bd9Sstevel@tonic-gate (dn == NULL) || (cred == NULL)) 11357c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 11367c478bd9Sstevel@tonic-gate 11377c478bd9Sstevel@tonic-gate mods = __s_api_makeModList(service, attr, LDAP_MOD_ADD, flags); 11387c478bd9Sstevel@tonic-gate if (mods == NULL) { 11397c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 11407c478bd9Sstevel@tonic-gate } 11417c478bd9Sstevel@tonic-gate 11427c478bd9Sstevel@tonic-gate rc = write_state_machine(LDAP_REQ_MODIFY, 11437c478bd9Sstevel@tonic-gate (char *)dn, mods, cred, flags, errorp); 11447c478bd9Sstevel@tonic-gate freeModList(mods); 11457c478bd9Sstevel@tonic-gate 11467c478bd9Sstevel@tonic-gate return (rc); 11477c478bd9Sstevel@tonic-gate } 11487c478bd9Sstevel@tonic-gate 11497c478bd9Sstevel@tonic-gate 11507c478bd9Sstevel@tonic-gate /*ARGSUSED*/ 11517c478bd9Sstevel@tonic-gate int 11527c478bd9Sstevel@tonic-gate __ns_ldap_delAttr( 11537c478bd9Sstevel@tonic-gate const char *service, 11547c478bd9Sstevel@tonic-gate const char *dn, 11557c478bd9Sstevel@tonic-gate const ns_ldap_attr_t * const *attr, 11567c478bd9Sstevel@tonic-gate const ns_cred_t *cred, 11577c478bd9Sstevel@tonic-gate const int flags, 11587c478bd9Sstevel@tonic-gate ns_ldap_error_t ** errorp) 11597c478bd9Sstevel@tonic-gate { 11607c478bd9Sstevel@tonic-gate LDAPMod **mods; 11617c478bd9Sstevel@tonic-gate int rc = 0; 11627c478bd9Sstevel@tonic-gate 11637c478bd9Sstevel@tonic-gate #ifdef DEBUG 11647c478bd9Sstevel@tonic-gate (void) fprintf(stderr, "__ns_ldap_delAttr START\n"); 11657c478bd9Sstevel@tonic-gate #endif 11667c478bd9Sstevel@tonic-gate *errorp = NULL; 11677c478bd9Sstevel@tonic-gate 11687c478bd9Sstevel@tonic-gate /* Sanity check */ 11697c478bd9Sstevel@tonic-gate if ((attr == NULL) || (*attr == NULL) || 11707c478bd9Sstevel@tonic-gate (dn == NULL) || (cred == NULL)) 11717c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 11727c478bd9Sstevel@tonic-gate 11737c478bd9Sstevel@tonic-gate mods = __s_api_makeModList(service, attr, LDAP_MOD_DELETE, flags); 11747c478bd9Sstevel@tonic-gate if (mods == NULL) { 11757c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 11767c478bd9Sstevel@tonic-gate } 11777c478bd9Sstevel@tonic-gate 11787c478bd9Sstevel@tonic-gate rc = write_state_machine(LDAP_REQ_MODIFY, 11797c478bd9Sstevel@tonic-gate (char *)dn, mods, cred, flags, errorp); 11807c478bd9Sstevel@tonic-gate 11817c478bd9Sstevel@tonic-gate freeModList(mods); 11827c478bd9Sstevel@tonic-gate return (rc); 11837c478bd9Sstevel@tonic-gate } 11847c478bd9Sstevel@tonic-gate 1185dd1104fbSMichen Chang /* Retrieve the admin bind password from the configuration, if allowed. */ 1186dd1104fbSMichen Chang static int 1187dd1104fbSMichen Chang get_admin_passwd(ns_cred_t *cred, ns_ldap_error_t **errorp) 1188dd1104fbSMichen Chang { 1189dd1104fbSMichen Chang void **paramVal = NULL; 1190dd1104fbSMichen Chang int rc, ldaprc; 1191dd1104fbSMichen Chang char *modparamVal = NULL; 1192dd1104fbSMichen Chang 1193dd1104fbSMichen Chang /* 1194dd1104fbSMichen Chang * For GSSAPI/Kerberos, host credential is used, no need to get 1195dd1104fbSMichen Chang * admin bind password 1196dd1104fbSMichen Chang */ 1197dd1104fbSMichen Chang if (cred->auth.saslmech == NS_LDAP_SASL_GSSAPI) 1198dd1104fbSMichen Chang return (NS_LDAP_SUCCESS); 1199dd1104fbSMichen Chang 1200dd1104fbSMichen Chang /* 1201dd1104fbSMichen Chang * Retrieve admin bind password. 1202dd1104fbSMichen Chang * The admin bind password is available 1203dd1104fbSMichen Chang * only in the ldap_cachemgr process as 1204dd1104fbSMichen Chang * they are not exposed outside of that 1205dd1104fbSMichen Chang * process. 1206dd1104fbSMichen Chang */ 1207dd1104fbSMichen Chang paramVal = NULL; 1208dd1104fbSMichen Chang if ((ldaprc = __ns_ldap_getParam(NS_LDAP_ADMIN_BINDPASSWD_P, 1209dd1104fbSMichen Chang ¶mVal, errorp)) != NS_LDAP_SUCCESS) 1210dd1104fbSMichen Chang return (ldaprc); 1211dd1104fbSMichen Chang if (paramVal == NULL || *paramVal == NULL) { 1212dd1104fbSMichen Chang rc = NS_LDAP_CONFIG; 1213dd1104fbSMichen Chang *errorp = __s_api_make_error(NS_CONFIG_NODEFAULT, 1214dd1104fbSMichen Chang gettext("Admin bind password not configured")); 1215dd1104fbSMichen Chang if (*errorp == NULL) 1216dd1104fbSMichen Chang rc = NS_LDAP_MEMORY; 1217dd1104fbSMichen Chang return (rc); 1218dd1104fbSMichen Chang } 1219dd1104fbSMichen Chang modparamVal = dvalue((char *)*paramVal); 1220dd1104fbSMichen Chang (void) memset(*paramVal, 0, strlen((char *)*paramVal)); 1221dd1104fbSMichen Chang (void) __ns_ldap_freeParam(¶mVal); 1222dd1104fbSMichen Chang if (modparamVal == NULL || *((char *)modparamVal) == '\0') { 1223dd1104fbSMichen Chang if (modparamVal != NULL) 1224dd1104fbSMichen Chang free(modparamVal); 1225dd1104fbSMichen Chang rc = NS_LDAP_CONFIG; 1226dd1104fbSMichen Chang *errorp = __s_api_make_error(NS_CONFIG_SYNTAX, 1227dd1104fbSMichen Chang gettext("bind password not valid")); 1228dd1104fbSMichen Chang if (*errorp == NULL) 1229dd1104fbSMichen Chang rc = NS_LDAP_MEMORY; 1230dd1104fbSMichen Chang return (rc); 1231dd1104fbSMichen Chang } 1232dd1104fbSMichen Chang 1233dd1104fbSMichen Chang cred->cred.unix_cred.passwd = modparamVal; 1234dd1104fbSMichen Chang return (NS_LDAP_SUCCESS); 1235dd1104fbSMichen Chang } 1236dd1104fbSMichen Chang 1237dd1104fbSMichen Chang boolean_t 1238225376fbSJulian Pullen __ns_ldap_is_shadow_update_enabled(void) 1239225376fbSJulian Pullen { 1240225376fbSJulian Pullen int **enable_shadow = NULL; 1241225376fbSJulian Pullen ns_ldap_error_t *errorp = NULL; 1242dd1104fbSMichen Chang 1243dd1104fbSMichen Chang if (__ns_ldap_getParam(NS_LDAP_ENABLE_SHADOW_UPDATE_P, 1244225376fbSJulian Pullen (void ***)&enable_shadow, &errorp) != NS_LDAP_SUCCESS) { 1245225376fbSJulian Pullen if (errorp) 1246225376fbSJulian Pullen (void) __ns_ldap_freeError(&errorp); 1247dd1104fbSMichen Chang return (B_FALSE); 1248dd1104fbSMichen Chang } 1249dd1104fbSMichen Chang if ((enable_shadow != NULL && *enable_shadow != NULL) && 1250dd1104fbSMichen Chang (*enable_shadow[0] == NS_LDAP_ENABLE_SHADOW_UPDATE_TRUE)) { 1251dd1104fbSMichen Chang (void) __ns_ldap_freeParam((void ***)&enable_shadow); 1252dd1104fbSMichen Chang return (B_TRUE); 1253dd1104fbSMichen Chang } 1254dd1104fbSMichen Chang if (enable_shadow != NULL) 1255dd1104fbSMichen Chang (void) __ns_ldap_freeParam((void ***)&enable_shadow); 1256dd1104fbSMichen Chang return (B_FALSE); 1257dd1104fbSMichen Chang } 1258dd1104fbSMichen Chang 1259dd1104fbSMichen Chang /* 1260dd1104fbSMichen Chang * __ns_ldap_repAttr modifies ldap attributes of the 'dn' entry stored 1261dd1104fbSMichen Chang * on the LDAP server. 'service' indicates the type of database entries 1262dd1104fbSMichen Chang * to modify. When the Native LDAP client is configured with 'shadow update 1263dd1104fbSMichen Chang * enabled', Shadowshadow(4) entries can only be modified by privileged users. 1264dd1104fbSMichen Chang * Such users use the NS_LDAP_UPDATE_SHADOW flag to indicate the call is 1265dd1104fbSMichen Chang * for such a shadow(4) update, which would be forwarded to ldap_cachemgr 1266dd1104fbSMichen Chang * for performing the LDAP modify operation. ldap_cachemgr would call 1267dd1104fbSMichen Chang * this function again and use the special service NS_ADMIN_SHADOW_UPDATE 1268dd1104fbSMichen Chang * to identify itself, so that admin credential would be obtained and 1269dd1104fbSMichen Chang * the actual LDAP modify operation be done. 1270dd1104fbSMichen Chang */ 12717c478bd9Sstevel@tonic-gate /*ARGSUSED*/ 12727c478bd9Sstevel@tonic-gate int 12737c478bd9Sstevel@tonic-gate __ns_ldap_repAttr( 12747c478bd9Sstevel@tonic-gate const char *service, 12757c478bd9Sstevel@tonic-gate const char *dn, 12767c478bd9Sstevel@tonic-gate const ns_ldap_attr_t * const *attr, 12777c478bd9Sstevel@tonic-gate const ns_cred_t *cred, 12787c478bd9Sstevel@tonic-gate const int flags, 12797c478bd9Sstevel@tonic-gate ns_ldap_error_t ** errorp) 12807c478bd9Sstevel@tonic-gate { 12817c478bd9Sstevel@tonic-gate LDAPMod **mods; 12827c478bd9Sstevel@tonic-gate int rc = 0; 1283dd1104fbSMichen Chang boolean_t priv; 1284dd1104fbSMichen Chang boolean_t shadow_update_enabled = B_FALSE; 12857c478bd9Sstevel@tonic-gate 12867c478bd9Sstevel@tonic-gate #ifdef DEBUG 12877c478bd9Sstevel@tonic-gate (void) fprintf(stderr, "__ns_ldap_repAttr START\n"); 12887c478bd9Sstevel@tonic-gate #endif 12897c478bd9Sstevel@tonic-gate *errorp = NULL; 12907c478bd9Sstevel@tonic-gate 12917c478bd9Sstevel@tonic-gate /* Sanity check */ 1292dd1104fbSMichen Chang if (attr == NULL || *attr == NULL || dn == NULL) 1293dd1104fbSMichen Chang return (NS_LDAP_INVALID_PARAM); 1294dd1104fbSMichen Chang 1295dd1104fbSMichen Chang /* Privileged shadow modify? */ 1296dd1104fbSMichen Chang if ((flags & NS_LDAP_UPDATE_SHADOW) != 0 && 1297dd1104fbSMichen Chang strcmp(service, "shadow") == 0) { 1298dd1104fbSMichen Chang 1299dd1104fbSMichen Chang /* Shadow update enabled ? If not, error out */ 1300dd1104fbSMichen Chang shadow_update_enabled = __ns_ldap_is_shadow_update_enabled(); 1301dd1104fbSMichen Chang if (!shadow_update_enabled) { 1302dd1104fbSMichen Chang *errorp = __s_api_make_error(NS_CONFIG_NOTALLOW, 1303dd1104fbSMichen Chang gettext("Shadow Update is not enabled")); 1304dd1104fbSMichen Chang return (NS_LDAP_CONFIG); 1305dd1104fbSMichen Chang } 1306dd1104fbSMichen Chang 1307dd1104fbSMichen Chang /* privileged shadow modify requires euid 0 or all zone privs */ 1308dd1104fbSMichen Chang priv = (geteuid() == 0); 1309dd1104fbSMichen Chang if (!priv) { 1310dd1104fbSMichen Chang priv_set_t *ps = priv_allocset(); /* caller */ 1311dd1104fbSMichen Chang priv_set_t *zs; /* zone */ 1312dd1104fbSMichen Chang 1313dd1104fbSMichen Chang (void) getppriv(PRIV_EFFECTIVE, ps); 1314dd1104fbSMichen Chang zs = priv_str_to_set("zone", ",", NULL); 1315dd1104fbSMichen Chang priv = priv_isequalset(ps, zs); 1316dd1104fbSMichen Chang priv_freeset(ps); 1317dd1104fbSMichen Chang priv_freeset(zs); 1318dd1104fbSMichen Chang } 1319dd1104fbSMichen Chang if (!priv) 1320dd1104fbSMichen Chang return (NS_LDAP_OP_FAILED); 1321dd1104fbSMichen Chang 1322dd1104fbSMichen Chang rc = send_to_cachemgr(dn, (ns_ldap_attr_t **)attr, errorp); 1323dd1104fbSMichen Chang return (rc); 1324dd1104fbSMichen Chang } 1325dd1104fbSMichen Chang 1326dd1104fbSMichen Chang if (cred == NULL) 13277c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 1328dd1104fbSMichen Chang 1329dd1104fbSMichen Chang /* 1330dd1104fbSMichen Chang * If service is NS_ADMIN_SHADOW_UPDATE, the caller should be 1331dd1104fbSMichen Chang * ldap_cachemgr. We need to get the admin cred to do work. 1332dd1104fbSMichen Chang * If the caller is not ldap_cachemgr, but use the service 1333dd1104fbSMichen Chang * NS_ADMIN_SHADOW_UPDATE, get_admin_passwd() will fail, 1334dd1104fbSMichen Chang * as the admin cred is not available to the caller. 1335dd1104fbSMichen Chang */ 1336dd1104fbSMichen Chang if (strcmp(service, NS_ADMIN_SHADOW_UPDATE) == 0) { 1337dd1104fbSMichen Chang if ((rc = get_admin_passwd((ns_cred_t *)cred, errorp)) != 1338dd1104fbSMichen Chang NS_LDAP_SUCCESS) 1339dd1104fbSMichen Chang return (rc); 1340dd1104fbSMichen Chang } 1341dd1104fbSMichen Chang 13427c478bd9Sstevel@tonic-gate mods = __s_api_makeModList(service, attr, LDAP_MOD_REPLACE, flags); 1343dd1104fbSMichen Chang if (mods == NULL) 13447c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 13457c478bd9Sstevel@tonic-gate 13467c478bd9Sstevel@tonic-gate rc = write_state_machine(LDAP_REQ_MODIFY, 13477c478bd9Sstevel@tonic-gate (char *)dn, mods, cred, flags, errorp); 13487c478bd9Sstevel@tonic-gate 13497c478bd9Sstevel@tonic-gate freeModList(mods); 13507c478bd9Sstevel@tonic-gate return (rc); 13517c478bd9Sstevel@tonic-gate } 13527c478bd9Sstevel@tonic-gate 13537c478bd9Sstevel@tonic-gate /*ARGSUSED*/ 13547c478bd9Sstevel@tonic-gate int 13557c478bd9Sstevel@tonic-gate __ns_ldap_addEntry( 13567c478bd9Sstevel@tonic-gate const char *service, 13577c478bd9Sstevel@tonic-gate const char *dn, 13587c478bd9Sstevel@tonic-gate const ns_ldap_entry_t *entry, 13597c478bd9Sstevel@tonic-gate const ns_cred_t *cred, 13607c478bd9Sstevel@tonic-gate const int flags, 13617c478bd9Sstevel@tonic-gate ns_ldap_error_t ** errorp) 13627c478bd9Sstevel@tonic-gate { 13637c478bd9Sstevel@tonic-gate char *new_dn = NULL; 13647c478bd9Sstevel@tonic-gate LDAPMod **mods = NULL; 13657c478bd9Sstevel@tonic-gate const ns_ldap_attr_t * const *attr; 13667c478bd9Sstevel@tonic-gate int nAttr = 0; 13677c478bd9Sstevel@tonic-gate int rc = 0; 13687c478bd9Sstevel@tonic-gate 13697c478bd9Sstevel@tonic-gate #ifdef DEBUG 13707c478bd9Sstevel@tonic-gate (void) fprintf(stderr, "__ns_ldap_addEntry START\n"); 13717c478bd9Sstevel@tonic-gate #endif 13727c478bd9Sstevel@tonic-gate 13737c478bd9Sstevel@tonic-gate if ((entry == NULL) || (dn == NULL) || (cred == NULL)) 13747c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 13757c478bd9Sstevel@tonic-gate *errorp = NULL; 13767c478bd9Sstevel@tonic-gate 13777c478bd9Sstevel@tonic-gate /* Construct array of LDAPMod representing attributes of new entry. */ 13787c478bd9Sstevel@tonic-gate 13797c478bd9Sstevel@tonic-gate nAttr = entry->attr_count; 13807c478bd9Sstevel@tonic-gate attr = (const ns_ldap_attr_t * const *)(entry->attr_pair); 13817c478bd9Sstevel@tonic-gate mods = __s_api_makeModListCount(service, attr, LDAP_MOD_ADD, 13827c478bd9Sstevel@tonic-gate nAttr, flags); 13837c478bd9Sstevel@tonic-gate if (mods == NULL) { 13847c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 13857c478bd9Sstevel@tonic-gate } 13867c478bd9Sstevel@tonic-gate 13877c478bd9Sstevel@tonic-gate rc = replace_mapped_attr_in_dn(service, dn, &new_dn); 13887c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 13897c478bd9Sstevel@tonic-gate freeModList(mods); 13907c478bd9Sstevel@tonic-gate return (rc); 13917c478bd9Sstevel@tonic-gate } 13927c478bd9Sstevel@tonic-gate 13937c478bd9Sstevel@tonic-gate rc = write_state_machine(LDAP_REQ_ADD, 13947c478bd9Sstevel@tonic-gate new_dn ? new_dn : (char *)dn, mods, cred, flags, errorp); 13957c478bd9Sstevel@tonic-gate 13967c478bd9Sstevel@tonic-gate if (new_dn) 13977c478bd9Sstevel@tonic-gate free(new_dn); 13987c478bd9Sstevel@tonic-gate freeModList(mods); 13997c478bd9Sstevel@tonic-gate return (rc); 14007c478bd9Sstevel@tonic-gate } 14017c478bd9Sstevel@tonic-gate 14027c478bd9Sstevel@tonic-gate 14037c478bd9Sstevel@tonic-gate /*ARGSUSED*/ 14047c478bd9Sstevel@tonic-gate int 14057c478bd9Sstevel@tonic-gate __ns_ldap_delEntry( 14067c478bd9Sstevel@tonic-gate const char *service, 14077c478bd9Sstevel@tonic-gate const char *dn, 14087c478bd9Sstevel@tonic-gate const ns_cred_t *cred, 14097c478bd9Sstevel@tonic-gate const int flags, 14107c478bd9Sstevel@tonic-gate ns_ldap_error_t ** errorp) 14117c478bd9Sstevel@tonic-gate { 14127c478bd9Sstevel@tonic-gate int rc; 14137c478bd9Sstevel@tonic-gate 14147c478bd9Sstevel@tonic-gate #ifdef DEBUG 14157c478bd9Sstevel@tonic-gate (void) fprintf(stderr, "__ns_ldap_delEntry START\n"); 14167c478bd9Sstevel@tonic-gate #endif 14177c478bd9Sstevel@tonic-gate if ((dn == NULL) || (cred == NULL)) 14187c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 14197c478bd9Sstevel@tonic-gate 14207c478bd9Sstevel@tonic-gate *errorp = NULL; 14217c478bd9Sstevel@tonic-gate 14227c478bd9Sstevel@tonic-gate rc = write_state_machine(LDAP_REQ_DELETE, 14237c478bd9Sstevel@tonic-gate (char *)dn, NULL, cred, flags, errorp); 14247c478bd9Sstevel@tonic-gate 14257c478bd9Sstevel@tonic-gate return (rc); 14267c478bd9Sstevel@tonic-gate } 14277c478bd9Sstevel@tonic-gate 14287c478bd9Sstevel@tonic-gate /* 14297c478bd9Sstevel@tonic-gate * Add Typed Entry Helper routines 14307c478bd9Sstevel@tonic-gate */ 14317c478bd9Sstevel@tonic-gate 14327c478bd9Sstevel@tonic-gate /* 14337c478bd9Sstevel@tonic-gate * Add Typed Entry Conversion routines 14347c478bd9Sstevel@tonic-gate */ 14357c478bd9Sstevel@tonic-gate 14367c478bd9Sstevel@tonic-gate static int 14377c478bd9Sstevel@tonic-gate __s_add_attr(ns_ldap_entry_t *e, char *attrname, char *value) 14387c478bd9Sstevel@tonic-gate { 14397c478bd9Sstevel@tonic-gate ns_ldap_attr_t *a; 14407c478bd9Sstevel@tonic-gate char *v; 14417c478bd9Sstevel@tonic-gate 14427c478bd9Sstevel@tonic-gate a = (ns_ldap_attr_t *)calloc(1, sizeof (ns_ldap_attr_t)); 14437c478bd9Sstevel@tonic-gate if (a == NULL) 14447c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 14457c478bd9Sstevel@tonic-gate a->attrname = strdup(attrname); 14467c478bd9Sstevel@tonic-gate if (a->attrname == NULL) 14477c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 14487c478bd9Sstevel@tonic-gate a->attrvalue = (char **)calloc(1, sizeof (char **)); 14497c478bd9Sstevel@tonic-gate if (a->attrvalue == NULL) 14507c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 14517c478bd9Sstevel@tonic-gate a->value_count = 1; 14527c478bd9Sstevel@tonic-gate a->attrvalue[0] = NULL; 14537c478bd9Sstevel@tonic-gate v = strdup(value); 14547c478bd9Sstevel@tonic-gate if (v == NULL) 14557c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 14567c478bd9Sstevel@tonic-gate a->attrvalue[0] = v; 14577c478bd9Sstevel@tonic-gate e->attr_pair[e->attr_count] = a; 14587c478bd9Sstevel@tonic-gate e->attr_count++; 14597c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 14607c478bd9Sstevel@tonic-gate } 14617c478bd9Sstevel@tonic-gate 14627c478bd9Sstevel@tonic-gate static int 14637c478bd9Sstevel@tonic-gate __s_add_attrlist(ns_ldap_entry_t *e, char *attrname, char **argv) 14647c478bd9Sstevel@tonic-gate { 14657c478bd9Sstevel@tonic-gate ns_ldap_attr_t *a; 14667c478bd9Sstevel@tonic-gate char *v; 14677c478bd9Sstevel@tonic-gate char **av; 14687c478bd9Sstevel@tonic-gate int i, j; 14697c478bd9Sstevel@tonic-gate 14707c478bd9Sstevel@tonic-gate a = (ns_ldap_attr_t *)calloc(1, sizeof (ns_ldap_attr_t)); 14717c478bd9Sstevel@tonic-gate if (a == NULL) 14727c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 14737c478bd9Sstevel@tonic-gate a->attrname = strdup(attrname); 14747c478bd9Sstevel@tonic-gate if (a->attrname == NULL) 14757c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 14767c478bd9Sstevel@tonic-gate 14777c478bd9Sstevel@tonic-gate for (i = 0, av = argv; *av != NULL; av++, i++) 14787c478bd9Sstevel@tonic-gate ; 14797c478bd9Sstevel@tonic-gate 14807c478bd9Sstevel@tonic-gate a->attrvalue = (char **)calloc(i, sizeof (char *)); 14817c478bd9Sstevel@tonic-gate 14827c478bd9Sstevel@tonic-gate if (a->attrvalue == NULL) 14837c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 14847c478bd9Sstevel@tonic-gate 14857c478bd9Sstevel@tonic-gate a->value_count = i; 14867c478bd9Sstevel@tonic-gate for (j = 0; j < i; j++) { 14877c478bd9Sstevel@tonic-gate v = strdup(argv[j]); 14887c478bd9Sstevel@tonic-gate if (v == NULL) 14897c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 14907c478bd9Sstevel@tonic-gate a->attrvalue[j] = v; 14917c478bd9Sstevel@tonic-gate } 14927c478bd9Sstevel@tonic-gate e->attr_pair[e->attr_count] = a; 14937c478bd9Sstevel@tonic-gate e->attr_count++; 14947c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 14957c478bd9Sstevel@tonic-gate } 14967c478bd9Sstevel@tonic-gate 14977c478bd9Sstevel@tonic-gate static ns_ldap_entry_t * 14987c478bd9Sstevel@tonic-gate __s_mk_entry(char **objclass, int max_attr) 14997c478bd9Sstevel@tonic-gate { 15007c478bd9Sstevel@tonic-gate ns_ldap_entry_t *e; 15017c478bd9Sstevel@tonic-gate e = (ns_ldap_entry_t *)calloc(1, sizeof (ns_ldap_entry_t)); 15027c478bd9Sstevel@tonic-gate if (e == NULL) 15037c478bd9Sstevel@tonic-gate return (NULL); 15047c478bd9Sstevel@tonic-gate /* allocate attributes, +1 for objectclass, +1 for NULL terminator */ 15057c478bd9Sstevel@tonic-gate e->attr_pair = (ns_ldap_attr_t **) 15067c478bd9Sstevel@tonic-gate calloc(max_attr + 2, sizeof (ns_ldap_attr_t *)); 15077c478bd9Sstevel@tonic-gate if (e->attr_pair == NULL) { 15087c478bd9Sstevel@tonic-gate free(e); 15097c478bd9Sstevel@tonic-gate return (NULL); 15107c478bd9Sstevel@tonic-gate } 15117c478bd9Sstevel@tonic-gate e->attr_count = 0; 15127c478bd9Sstevel@tonic-gate if (__s_add_attrlist(e, "objectClass", objclass) != NS_LDAP_SUCCESS) { 15137c478bd9Sstevel@tonic-gate free(e->attr_pair); 15147c478bd9Sstevel@tonic-gate free(e); 15157c478bd9Sstevel@tonic-gate return (NULL); 15167c478bd9Sstevel@tonic-gate } 15177c478bd9Sstevel@tonic-gate return (e); 15187c478bd9Sstevel@tonic-gate } 15197c478bd9Sstevel@tonic-gate 15207c478bd9Sstevel@tonic-gate 15217c478bd9Sstevel@tonic-gate /* 15227c478bd9Sstevel@tonic-gate * Conversion: passwd 15237c478bd9Sstevel@tonic-gate * Input format: struct passwd 15247c478bd9Sstevel@tonic-gate * Exported objectclass: posixAccount 15257c478bd9Sstevel@tonic-gate */ 15267c478bd9Sstevel@tonic-gate static int 15277c478bd9Sstevel@tonic-gate __s_cvt_passwd(const void *data, char **rdn, 152891b658d3SToomas Soome ns_ldap_entry_t **entry, ns_ldap_error_t **errorp) 15297c478bd9Sstevel@tonic-gate { 15307c478bd9Sstevel@tonic-gate ns_ldap_entry_t *e; 15317c478bd9Sstevel@tonic-gate int rc; 15327c478bd9Sstevel@tonic-gate char trdn[RDNSIZE]; 15337c478bd9Sstevel@tonic-gate /* routine specific */ 15347c478bd9Sstevel@tonic-gate struct passwd *ptr; 15357c478bd9Sstevel@tonic-gate int max_attr = 9; 15367c478bd9Sstevel@tonic-gate char ibuf[10]; 15377c478bd9Sstevel@tonic-gate static char *oclist[] = { 15387c478bd9Sstevel@tonic-gate "posixAccount", 15397c478bd9Sstevel@tonic-gate "shadowAccount", 15407c478bd9Sstevel@tonic-gate "account", 15417c478bd9Sstevel@tonic-gate "top", 15427c478bd9Sstevel@tonic-gate NULL 15437c478bd9Sstevel@tonic-gate }; 15447c478bd9Sstevel@tonic-gate 15457c478bd9Sstevel@tonic-gate if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL) 15467c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED); 15477c478bd9Sstevel@tonic-gate *entry = e = __s_mk_entry(oclist, max_attr); 15487c478bd9Sstevel@tonic-gate if (e == NULL) 15497c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 15507c478bd9Sstevel@tonic-gate 15517c478bd9Sstevel@tonic-gate /* Convert the structure */ 15527c478bd9Sstevel@tonic-gate ptr = (struct passwd *)data; 15537c478bd9Sstevel@tonic-gate 1554f48205beScasper if (ptr->pw_name == NULL || ptr->pw_uid > MAXUID || 1555f48205beScasper ptr->pw_gid > MAXUID || ptr->pw_dir == NULL) { 15567c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 15577c478bd9Sstevel@tonic-gate *entry = NULL; 15587c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 15597c478bd9Sstevel@tonic-gate } 15607c478bd9Sstevel@tonic-gate 15617c478bd9Sstevel@tonic-gate /* Create an appropriate rdn */ 15627c478bd9Sstevel@tonic-gate (void) snprintf(trdn, RDNSIZE, "uid=%s", ptr->pw_name); 15637c478bd9Sstevel@tonic-gate *rdn = strdup(trdn); 15647c478bd9Sstevel@tonic-gate if (*rdn == NULL) { 15657c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 15667c478bd9Sstevel@tonic-gate *entry = NULL; 15677c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 15687c478bd9Sstevel@tonic-gate } 15697c478bd9Sstevel@tonic-gate 15707c478bd9Sstevel@tonic-gate /* Error check the data and add the attributes */ 15717c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "uid", ptr->pw_name); 15727c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 15737c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 15747c478bd9Sstevel@tonic-gate return (rc); 15757c478bd9Sstevel@tonic-gate } 15767c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "cn", ptr->pw_name); 15777c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 15787c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 15797c478bd9Sstevel@tonic-gate return (rc); 15807c478bd9Sstevel@tonic-gate } 15817c478bd9Sstevel@tonic-gate 15827c478bd9Sstevel@tonic-gate if (ptr->pw_passwd != NULL && 1583e1dd0a2fSth ptr->pw_passwd[0] != '\0') { 15847c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "userPassword", ptr->pw_passwd); 15857c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 15867c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 15877c478bd9Sstevel@tonic-gate return (rc); 15887c478bd9Sstevel@tonic-gate } 15897c478bd9Sstevel@tonic-gate } 15907c478bd9Sstevel@tonic-gate 1591f48205beScasper (void) sprintf(ibuf, "%u", ptr->pw_uid); 15927c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "uidNumber", ibuf); 15937c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 15947c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 15957c478bd9Sstevel@tonic-gate return (rc); 15967c478bd9Sstevel@tonic-gate } 15977c478bd9Sstevel@tonic-gate 1598f48205beScasper (void) sprintf(ibuf, "%u", ptr->pw_gid); 15997c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "gidNumber", ibuf); 16007c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 16017c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 16027c478bd9Sstevel@tonic-gate return (rc); 16037c478bd9Sstevel@tonic-gate } 16047c478bd9Sstevel@tonic-gate if (ptr->pw_gecos != NULL && 1605e1dd0a2fSth ptr->pw_gecos[0] != '\0') { 16067c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "gecos", ptr->pw_gecos); 16077c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 16087c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 16097c478bd9Sstevel@tonic-gate return (rc); 16107c478bd9Sstevel@tonic-gate } 16117c478bd9Sstevel@tonic-gate } 16127c478bd9Sstevel@tonic-gate 16137c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "homeDirectory", ptr->pw_dir); 16147c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 16157c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 16167c478bd9Sstevel@tonic-gate return (rc); 16177c478bd9Sstevel@tonic-gate } 16187c478bd9Sstevel@tonic-gate if (ptr->pw_shell != NULL && 1619e1dd0a2fSth ptr->pw_shell[0] != '\0') { 16207c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "loginShell", ptr->pw_shell); 16217c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 16227c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 16237c478bd9Sstevel@tonic-gate return (rc); 16247c478bd9Sstevel@tonic-gate } 16257c478bd9Sstevel@tonic-gate } 16267c478bd9Sstevel@tonic-gate 16277c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 16287c478bd9Sstevel@tonic-gate } 16297c478bd9Sstevel@tonic-gate 163050b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India /* 163150b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India * escape_str function escapes special characters in str and 163250b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India * copies to escstr string. 163350b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India * 163450b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India * return 0 for successful 163550b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India * 1 for fail 163650b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India */ 163750b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India static int escape_str(char *escstr, char *str) 163850b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India { 163950b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India int index = 0; 164050b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India 164150b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India while ((*str != '\0') && (index < (RDNSIZE - 1))) { 164250b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India if (*str == '+' || *str == ';' || *str == '>' || 164350b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India *str == '<' || *str == ',' || *str == '"' || 164450b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India *str == '\\' || *str == '=' || 164550b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India (*str == '#' && index == 0)) { 164650b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India *escstr++ = '\\'; 164750b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India *escstr++ = *str++; 164850b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India index += 2; 164950b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India } else { 165050b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India *escstr++ = *str++; 165150b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India index++; 165250b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India } 165350b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India } 165450b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India 165550b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India if (*str == '\0') { 165650b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India *escstr = '\0'; 165750b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India return (0); 165850b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India } else { 165950b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India return (1); 166050b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India } 166150b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India } 166250b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India 1663e1dd0a2fSth /* 1664e1dd0a2fSth * Conversion: project 1665e1dd0a2fSth * Input format: struct project 1666e1dd0a2fSth * Exported objectclass: SolarisProject 1667e1dd0a2fSth */ 1668e1dd0a2fSth static int 1669e1dd0a2fSth __s_cvt_project(const void *data, char **rdn, 167091b658d3SToomas Soome ns_ldap_entry_t **entry, ns_ldap_error_t **errorp) 1671e1dd0a2fSth { 1672e1dd0a2fSth ns_ldap_entry_t *e; 1673e1dd0a2fSth int rc; 1674e1dd0a2fSth char trdn[RDNSIZE]; 1675e1dd0a2fSth 1676e1dd0a2fSth /* routine specific */ 1677e1dd0a2fSth struct project *ptr; 1678e1dd0a2fSth int max_attr = 9; 1679e1dd0a2fSth char ibuf[11]; 168091b658d3SToomas Soome static char *oclist[] = { 1681e1dd0a2fSth "SolarisProject", 1682e1dd0a2fSth "top", 1683e1dd0a2fSth NULL 1684e1dd0a2fSth }; 1685e1dd0a2fSth 1686e1dd0a2fSth if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL) 1687e1dd0a2fSth return (NS_LDAP_OP_FAILED); 1688e1dd0a2fSth 1689e1dd0a2fSth *entry = e = __s_mk_entry(oclist, max_attr); 1690e1dd0a2fSth if (e == NULL) 1691e1dd0a2fSth return (NS_LDAP_MEMORY); 1692e1dd0a2fSth 1693e1dd0a2fSth /* Convert the structure */ 1694e1dd0a2fSth ptr = (struct project *)data; 1695e1dd0a2fSth 1696e1dd0a2fSth if (ptr->pj_name == NULL || ptr->pj_projid > MAXUID) { 1697e1dd0a2fSth __ns_ldap_freeEntry(e); 1698e1dd0a2fSth *entry = NULL; 1699e1dd0a2fSth return (NS_LDAP_INVALID_PARAM); 1700e1dd0a2fSth } 1701e1dd0a2fSth 1702e1dd0a2fSth /* Create an appropriate rdn */ 1703e1dd0a2fSth (void) snprintf(trdn, RDNSIZE, "SolarisProjectName=%s", ptr->pj_name); 1704e1dd0a2fSth *rdn = strdup(trdn); 1705e1dd0a2fSth if (*rdn == NULL) { 1706e1dd0a2fSth __ns_ldap_freeEntry(e); 1707e1dd0a2fSth *entry = NULL; 1708e1dd0a2fSth return (NS_LDAP_MEMORY); 1709e1dd0a2fSth } 1710e1dd0a2fSth 1711e1dd0a2fSth /* Error check the data and add the attributes */ 1712e1dd0a2fSth 1713e1dd0a2fSth /* Project name */ 1714e1dd0a2fSth rc = __s_add_attr(e, "SolarisProjectName", ptr->pj_name); 1715e1dd0a2fSth if (rc != NS_LDAP_SUCCESS) { 1716e1dd0a2fSth __s_cvt_freeEntryRdn(entry, rdn); 1717e1dd0a2fSth return (rc); 1718e1dd0a2fSth } 1719e1dd0a2fSth 1720e1dd0a2fSth /* 1721e1dd0a2fSth * Project ID: 1722e1dd0a2fSth * ibuf is 11 chars big, which should be enough for string 1723e1dd0a2fSth * representation of 32bit number + nul-car 1724e1dd0a2fSth */ 1725e1dd0a2fSth if (snprintf(ibuf, sizeof (ibuf), "%u", ptr->pj_projid) < 0) { 1726e1dd0a2fSth __s_cvt_freeEntryRdn(entry, rdn); 1727e1dd0a2fSth return (NS_LDAP_INVALID_PARAM); 1728e1dd0a2fSth } 1729e1dd0a2fSth rc = __s_add_attr(e, "SolarisProjectID", ibuf); 1730e1dd0a2fSth if (rc != NS_LDAP_SUCCESS) { 1731e1dd0a2fSth __s_cvt_freeEntryRdn(entry, rdn); 1732e1dd0a2fSth return (rc); 1733e1dd0a2fSth } 1734e1dd0a2fSth 1735e1dd0a2fSth /* Comment/Description */ 1736e1dd0a2fSth if (ptr->pj_comment != NULL && ptr->pj_comment[0] != '\0') { 1737e1dd0a2fSth rc = __s_add_attr(e, "description", ptr->pj_comment); 1738e1dd0a2fSth if (rc != NS_LDAP_SUCCESS) { 1739e1dd0a2fSth __s_cvt_freeEntryRdn(entry, rdn); 1740e1dd0a2fSth return (rc); 1741e1dd0a2fSth } 1742e1dd0a2fSth } 1743e1dd0a2fSth 1744e1dd0a2fSth /* Attributes */ 1745e1dd0a2fSth if (ptr->pj_attr != NULL && ptr->pj_attr[0] != '\0') { 1746e1dd0a2fSth rc = __s_add_attr(e, "SolarisProjectAttr", ptr->pj_attr); 1747e1dd0a2fSth if (rc != NS_LDAP_SUCCESS) { 1748e1dd0a2fSth __s_cvt_freeEntryRdn(entry, rdn); 1749e1dd0a2fSth return (rc); 1750e1dd0a2fSth } 1751e1dd0a2fSth } 1752e1dd0a2fSth 1753e1dd0a2fSth /* Users */ 1754e1dd0a2fSth if (ptr->pj_users != NULL) { 1755e1dd0a2fSth rc = __s_add_attrlist(e, "memberUid", ptr->pj_users); 1756e1dd0a2fSth if (rc != NS_LDAP_SUCCESS) { 1757e1dd0a2fSth __s_cvt_freeEntryRdn(entry, rdn); 1758e1dd0a2fSth return (rc); 1759e1dd0a2fSth } 1760e1dd0a2fSth } 1761e1dd0a2fSth 1762e1dd0a2fSth /* Groups */ 1763e1dd0a2fSth if (ptr->pj_groups != NULL) { 1764e1dd0a2fSth rc = __s_add_attrlist(e, "memberGid", ptr->pj_groups); 1765e1dd0a2fSth if (rc != NS_LDAP_SUCCESS) { 1766e1dd0a2fSth __s_cvt_freeEntryRdn(entry, rdn); 1767e1dd0a2fSth return (rc); 1768e1dd0a2fSth } 1769e1dd0a2fSth } 1770e1dd0a2fSth 1771e1dd0a2fSth 1772e1dd0a2fSth 1773e1dd0a2fSth return (NS_LDAP_SUCCESS); 1774e1dd0a2fSth } 17757c478bd9Sstevel@tonic-gate /* 17767c478bd9Sstevel@tonic-gate * Conversion: shadow 17777c478bd9Sstevel@tonic-gate * Input format: struct shadow 17787c478bd9Sstevel@tonic-gate * Exported objectclass: shadowAccount 17797c478bd9Sstevel@tonic-gate */ 17807c478bd9Sstevel@tonic-gate static int 17817c478bd9Sstevel@tonic-gate __s_cvt_shadow(const void *data, char **rdn, 178291b658d3SToomas Soome ns_ldap_entry_t **entry, ns_ldap_error_t **errorp) 17837c478bd9Sstevel@tonic-gate { 17847c478bd9Sstevel@tonic-gate ns_ldap_entry_t *e; 17857c478bd9Sstevel@tonic-gate int rc; 17867c478bd9Sstevel@tonic-gate char trdn[RDNSIZE]; 17877c478bd9Sstevel@tonic-gate /* routine specific */ 17887c478bd9Sstevel@tonic-gate struct spwd *ptr; 17897c478bd9Sstevel@tonic-gate int max_attr = 10; 17907c478bd9Sstevel@tonic-gate char ibuf[10]; 17917c478bd9Sstevel@tonic-gate static char *oclist[] = { 17927c478bd9Sstevel@tonic-gate "posixAccount", 17937c478bd9Sstevel@tonic-gate "shadowAccount", 17947c478bd9Sstevel@tonic-gate "account", 17957c478bd9Sstevel@tonic-gate "top", 17967c478bd9Sstevel@tonic-gate NULL 17977c478bd9Sstevel@tonic-gate }; 17987c478bd9Sstevel@tonic-gate 17997c478bd9Sstevel@tonic-gate if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL) 18007c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED); 18017c478bd9Sstevel@tonic-gate *entry = e = __s_mk_entry(oclist, max_attr); 18027c478bd9Sstevel@tonic-gate if (e == NULL) 18037c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 18047c478bd9Sstevel@tonic-gate 18057c478bd9Sstevel@tonic-gate /* Convert the structure */ 18067c478bd9Sstevel@tonic-gate ptr = (struct spwd *)data; 18077c478bd9Sstevel@tonic-gate 18087c478bd9Sstevel@tonic-gate if (ptr->sp_namp == NULL) { 18097c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 18107c478bd9Sstevel@tonic-gate *entry = NULL; 18117c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 18127c478bd9Sstevel@tonic-gate } 18137c478bd9Sstevel@tonic-gate 18147c478bd9Sstevel@tonic-gate /* Create an appropriate rdn */ 18157c478bd9Sstevel@tonic-gate (void) snprintf(trdn, RDNSIZE, "uid=%s", ptr->sp_namp); 18167c478bd9Sstevel@tonic-gate *rdn = strdup(trdn); 18177c478bd9Sstevel@tonic-gate if (*rdn == NULL) { 18187c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 18197c478bd9Sstevel@tonic-gate *entry = NULL; 18207c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 18217c478bd9Sstevel@tonic-gate } 18227c478bd9Sstevel@tonic-gate 18237c478bd9Sstevel@tonic-gate /* Error check the data and add the attributes */ 18247c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "uid", ptr->sp_namp); 18257c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 18267c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 18277c478bd9Sstevel@tonic-gate return (rc); 18287c478bd9Sstevel@tonic-gate } 18297c478bd9Sstevel@tonic-gate 18307c478bd9Sstevel@tonic-gate if (ptr->sp_pwdp == NULL) { 18317c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 18327c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 18337c478bd9Sstevel@tonic-gate } else { 18347c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "userPassword", ptr->sp_pwdp); 18357c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 18367c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 18377c478bd9Sstevel@tonic-gate return (rc); 18387c478bd9Sstevel@tonic-gate } 18397c478bd9Sstevel@tonic-gate } 18407c478bd9Sstevel@tonic-gate if (ptr->sp_lstchg >= 0) { 18417c478bd9Sstevel@tonic-gate (void) sprintf(ibuf, "%d", ptr->sp_lstchg); 18427c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "shadowLastChange", ibuf); 18437c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 18447c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 18457c478bd9Sstevel@tonic-gate return (rc); 18467c478bd9Sstevel@tonic-gate } 18477c478bd9Sstevel@tonic-gate } 18487c478bd9Sstevel@tonic-gate if (ptr->sp_min >= 0) { 18497c478bd9Sstevel@tonic-gate (void) sprintf(ibuf, "%d", ptr->sp_min); 18507c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "shadowMin", ibuf); 18517c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 18527c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 18537c478bd9Sstevel@tonic-gate return (rc); 18547c478bd9Sstevel@tonic-gate } 18557c478bd9Sstevel@tonic-gate } 18567c478bd9Sstevel@tonic-gate if (ptr->sp_max >= 0) { 18577c478bd9Sstevel@tonic-gate (void) sprintf(ibuf, "%d", ptr->sp_max); 18587c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "shadowMax", ibuf); 18597c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 18607c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 18617c478bd9Sstevel@tonic-gate return (rc); 18627c478bd9Sstevel@tonic-gate } 18637c478bd9Sstevel@tonic-gate } 18647c478bd9Sstevel@tonic-gate if (ptr->sp_warn >= 0) { 18657c478bd9Sstevel@tonic-gate (void) sprintf(ibuf, "%d", ptr->sp_warn); 18667c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "shadowWarning", ibuf); 18677c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 18687c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 18697c478bd9Sstevel@tonic-gate return (rc); 18707c478bd9Sstevel@tonic-gate } 18717c478bd9Sstevel@tonic-gate } 18727c478bd9Sstevel@tonic-gate if (ptr->sp_inact >= 0) { 18737c478bd9Sstevel@tonic-gate (void) sprintf(ibuf, "%d", ptr->sp_inact); 18747c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "shadowInactive", ibuf); 18757c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 18767c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 18777c478bd9Sstevel@tonic-gate return (rc); 18787c478bd9Sstevel@tonic-gate } 18797c478bd9Sstevel@tonic-gate } 18807c478bd9Sstevel@tonic-gate if (ptr->sp_expire >= 0) { 18817c478bd9Sstevel@tonic-gate (void) sprintf(ibuf, "%d", ptr->sp_expire); 18827c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "shadowExpire", ibuf); 18837c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 18847c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 18857c478bd9Sstevel@tonic-gate return (rc); 18867c478bd9Sstevel@tonic-gate } 18877c478bd9Sstevel@tonic-gate } 18887c478bd9Sstevel@tonic-gate (void) sprintf(ibuf, "%d", ptr->sp_flag); 18897c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "shadowFlag", ibuf); 18907c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 18917c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 18927c478bd9Sstevel@tonic-gate return (rc); 18937c478bd9Sstevel@tonic-gate } 18947c478bd9Sstevel@tonic-gate 18957c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 18967c478bd9Sstevel@tonic-gate } 18977c478bd9Sstevel@tonic-gate 18987c478bd9Sstevel@tonic-gate 18997c478bd9Sstevel@tonic-gate /* 19007c478bd9Sstevel@tonic-gate * Conversion: group 19017c478bd9Sstevel@tonic-gate * Input format: struct group 19027c478bd9Sstevel@tonic-gate * Exported objectclass: posixGroup 19037c478bd9Sstevel@tonic-gate */ 19047c478bd9Sstevel@tonic-gate static int 19057c478bd9Sstevel@tonic-gate __s_cvt_group(const void *data, char **rdn, 190691b658d3SToomas Soome ns_ldap_entry_t **entry, ns_ldap_error_t **errorp) 19077c478bd9Sstevel@tonic-gate { 19087c478bd9Sstevel@tonic-gate ns_ldap_entry_t *e; 19097c478bd9Sstevel@tonic-gate int rc; 19107c478bd9Sstevel@tonic-gate char trdn[RDNSIZE]; 19117c478bd9Sstevel@tonic-gate /* routine specific */ 19127c478bd9Sstevel@tonic-gate struct group *ptr; 19137c478bd9Sstevel@tonic-gate int i, j, k; 19147c478bd9Sstevel@tonic-gate char **nm, **lm; 19157c478bd9Sstevel@tonic-gate int max_attr = 4; 19167c478bd9Sstevel@tonic-gate char ibuf[10]; 19177c478bd9Sstevel@tonic-gate static char *oclist[] = { 19187c478bd9Sstevel@tonic-gate "posixGroup", 19197c478bd9Sstevel@tonic-gate "top", 19207c478bd9Sstevel@tonic-gate NULL 19217c478bd9Sstevel@tonic-gate }; 19227c478bd9Sstevel@tonic-gate 19237c478bd9Sstevel@tonic-gate if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL) 19247c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED); 19257c478bd9Sstevel@tonic-gate *entry = e = __s_mk_entry(oclist, max_attr); 19267c478bd9Sstevel@tonic-gate if (e == NULL) 19277c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 19287c478bd9Sstevel@tonic-gate 19297c478bd9Sstevel@tonic-gate /* Convert the structure */ 19307c478bd9Sstevel@tonic-gate ptr = (struct group *)data; 19317c478bd9Sstevel@tonic-gate 1932f48205beScasper if (ptr->gr_name == NULL || ptr->gr_gid > MAXUID) { 19337c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 19347c478bd9Sstevel@tonic-gate *entry = NULL; 19357c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 19367c478bd9Sstevel@tonic-gate } 19377c478bd9Sstevel@tonic-gate 19387c478bd9Sstevel@tonic-gate /* Create an appropriate rdn */ 19397c478bd9Sstevel@tonic-gate (void) snprintf(trdn, RDNSIZE, "cn=%s", ptr->gr_name); 19407c478bd9Sstevel@tonic-gate *rdn = strdup(trdn); 19417c478bd9Sstevel@tonic-gate if (*rdn == NULL) { 19427c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 19437c478bd9Sstevel@tonic-gate *entry = NULL; 19447c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 19457c478bd9Sstevel@tonic-gate } 19467c478bd9Sstevel@tonic-gate 19477c478bd9Sstevel@tonic-gate /* Error check the data and add the attributes */ 19487c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "cn", ptr->gr_name); 19497c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 19507c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 19517c478bd9Sstevel@tonic-gate return (rc); 19527c478bd9Sstevel@tonic-gate } 19537c478bd9Sstevel@tonic-gate 1954f48205beScasper (void) sprintf(ibuf, "%u", ptr->gr_gid); 19557c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "gidNumber", ibuf); 19567c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 19577c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 19587c478bd9Sstevel@tonic-gate return (rc); 19597c478bd9Sstevel@tonic-gate } 19607c478bd9Sstevel@tonic-gate if (ptr->gr_passwd && ptr->gr_passwd[0] != '\0') { 19617c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "userPassword", ptr->gr_passwd); 19627c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 19637c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 19647c478bd9Sstevel@tonic-gate return (rc); 19657c478bd9Sstevel@tonic-gate } 19667c478bd9Sstevel@tonic-gate } 19677c478bd9Sstevel@tonic-gate 19687c478bd9Sstevel@tonic-gate if (ptr->gr_mem && ptr->gr_mem[0]) { 19697c478bd9Sstevel@tonic-gate lm = ptr->gr_mem; 19707c478bd9Sstevel@tonic-gate for (i = 0; *lm; i++, lm++) 19717c478bd9Sstevel@tonic-gate ; 19727c478bd9Sstevel@tonic-gate lm = ptr->gr_mem; 19737c478bd9Sstevel@tonic-gate nm = (char **)calloc(i+2, sizeof (char *)); 19747c478bd9Sstevel@tonic-gate if (nm == NULL) { 19757c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 19767c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 19777c478bd9Sstevel@tonic-gate } 19787c478bd9Sstevel@tonic-gate for (j = 0; j < i; j++) { 19797c478bd9Sstevel@tonic-gate nm[j] = strdup(lm[j]); 19807c478bd9Sstevel@tonic-gate if (nm[j] == NULL) { 19817c478bd9Sstevel@tonic-gate for (k = 0; k < j; k++) 19827c478bd9Sstevel@tonic-gate free(nm[k]); 19837c478bd9Sstevel@tonic-gate free(nm); 19847c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 19857c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 19867c478bd9Sstevel@tonic-gate } 19877c478bd9Sstevel@tonic-gate } 19887c478bd9Sstevel@tonic-gate rc = __s_add_attrlist(e, "memberUid", nm); 19897c478bd9Sstevel@tonic-gate for (j = 0; j < i; j++) { 19907c478bd9Sstevel@tonic-gate free(nm[j]); 19917c478bd9Sstevel@tonic-gate } 19927c478bd9Sstevel@tonic-gate free(nm); 19937c478bd9Sstevel@tonic-gate nm = NULL; 19947c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 19957c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 19967c478bd9Sstevel@tonic-gate return (rc); 19977c478bd9Sstevel@tonic-gate } 19987c478bd9Sstevel@tonic-gate } 19997c478bd9Sstevel@tonic-gate 20007c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 20017c478bd9Sstevel@tonic-gate } 20027c478bd9Sstevel@tonic-gate 20037c478bd9Sstevel@tonic-gate /* 20047c478bd9Sstevel@tonic-gate * Conversion: hosts 20057c478bd9Sstevel@tonic-gate * Input format: struct hostent 20067c478bd9Sstevel@tonic-gate * Exported objectclass: ipHost 20077c478bd9Sstevel@tonic-gate */ 20087c478bd9Sstevel@tonic-gate static int 20097c478bd9Sstevel@tonic-gate __s_cvt_hosts(const void *data, char **rdn, 201091b658d3SToomas Soome ns_ldap_entry_t **entry, ns_ldap_error_t **errorp) 20117c478bd9Sstevel@tonic-gate { 20127c478bd9Sstevel@tonic-gate ns_ldap_entry_t *e; 20137c478bd9Sstevel@tonic-gate int rc; 20147c478bd9Sstevel@tonic-gate char trdn[RDNSIZE]; 20157c478bd9Sstevel@tonic-gate /* routine specific */ 20167c478bd9Sstevel@tonic-gate struct hostent *ptr; 20177c478bd9Sstevel@tonic-gate int max_attr = 6; 20187c478bd9Sstevel@tonic-gate int i, j, k; 20197c478bd9Sstevel@tonic-gate char **nm, **lm; 20207c478bd9Sstevel@tonic-gate static char *oclist[] = { 20217c478bd9Sstevel@tonic-gate "ipHost", 20227c478bd9Sstevel@tonic-gate "device", 20237c478bd9Sstevel@tonic-gate "top", 20247c478bd9Sstevel@tonic-gate NULL 20257c478bd9Sstevel@tonic-gate }; 20267c478bd9Sstevel@tonic-gate 20277c478bd9Sstevel@tonic-gate if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL) 20287c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED); 20297c478bd9Sstevel@tonic-gate *entry = e = __s_mk_entry(oclist, max_attr); 20307c478bd9Sstevel@tonic-gate if (e == NULL) 20317c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 20327c478bd9Sstevel@tonic-gate 20337c478bd9Sstevel@tonic-gate /* Convert the structure */ 20347c478bd9Sstevel@tonic-gate ptr = (struct hostent *)data; 20357c478bd9Sstevel@tonic-gate 20367c478bd9Sstevel@tonic-gate if (ptr->h_name == NULL || 203791b658d3SToomas Soome ptr->h_addr_list == NULL || ptr->h_addr_list[0] == NULL) { 20387c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 20397c478bd9Sstevel@tonic-gate *entry = NULL; 20407c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 20417c478bd9Sstevel@tonic-gate } 20427c478bd9Sstevel@tonic-gate 20437c478bd9Sstevel@tonic-gate /* Create an appropriate rdn */ 20447c478bd9Sstevel@tonic-gate (void) snprintf(trdn, RDNSIZE, "cn=%s+ipHostNumber=%s", 20457c478bd9Sstevel@tonic-gate ptr->h_name, ptr->h_addr_list[0]); 20467c478bd9Sstevel@tonic-gate *rdn = strdup(trdn); 20477c478bd9Sstevel@tonic-gate if (*rdn == NULL) { 20487c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 20497c478bd9Sstevel@tonic-gate *entry = NULL; 20507c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 20517c478bd9Sstevel@tonic-gate } 20527c478bd9Sstevel@tonic-gate 20537c478bd9Sstevel@tonic-gate /* Error check the data and add the attributes */ 20547c478bd9Sstevel@tonic-gate if (ptr->h_aliases && ptr->h_aliases[0]) { 20557c478bd9Sstevel@tonic-gate lm = ptr->h_aliases; 20566d3c3c6aSiz /* 20576d3c3c6aSiz * If there is a description, 'i' will contain 20586d3c3c6aSiz * the index of the description in the aliases list 20596d3c3c6aSiz */ 20606d3c3c6aSiz for (i = 0; *lm && (*lm)[0] != '#'; i++, lm++) 20617c478bd9Sstevel@tonic-gate ; 20627c478bd9Sstevel@tonic-gate lm = ptr->h_aliases; 20637c478bd9Sstevel@tonic-gate nm = (char **)calloc(i+2, sizeof (char *)); 20647c478bd9Sstevel@tonic-gate if (nm == NULL) { 20657c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 20667c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 20677c478bd9Sstevel@tonic-gate } 20687c478bd9Sstevel@tonic-gate nm[0] = ptr->h_name; 20697c478bd9Sstevel@tonic-gate for (j = 0; j < i; j++) 20707c478bd9Sstevel@tonic-gate nm[j+1] = ptr->h_aliases[j]; 20717c478bd9Sstevel@tonic-gate 20727c478bd9Sstevel@tonic-gate rc = __s_add_attrlist(e, "cn", nm); 20736d3c3c6aSiz 20746d3c3c6aSiz if (rc != NS_LDAP_SUCCESS) { 20756d3c3c6aSiz __s_cvt_freeEntryRdn(entry, rdn); 20766d3c3c6aSiz free(nm); 20776d3c3c6aSiz return (rc); 20786d3c3c6aSiz } 20796d3c3c6aSiz 20806d3c3c6aSiz if (lm[i] && lm[i][0] == '#') { 20816d3c3c6aSiz nm[0] = &(lm[i][1]); 20826d3c3c6aSiz nm[1] = NULL; 20836d3c3c6aSiz rc = __s_add_attrlist(e, "description", nm); 20846d3c3c6aSiz } 20857c478bd9Sstevel@tonic-gate free(nm); 20867c478bd9Sstevel@tonic-gate nm = NULL; 20877c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 20887c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 20897c478bd9Sstevel@tonic-gate return (rc); 20907c478bd9Sstevel@tonic-gate } 20917c478bd9Sstevel@tonic-gate } else { 20927c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "cn", ptr->h_name); 20937c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 20947c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 20957c478bd9Sstevel@tonic-gate return (rc); 20967c478bd9Sstevel@tonic-gate } 20977c478bd9Sstevel@tonic-gate } 20987c478bd9Sstevel@tonic-gate 20997c478bd9Sstevel@tonic-gate if (ptr->h_addr_list && ptr->h_addr_list[0]) { 21007c478bd9Sstevel@tonic-gate lm = ptr->h_addr_list; 21017c478bd9Sstevel@tonic-gate for (i = 0; *lm; i++, lm++) 21027c478bd9Sstevel@tonic-gate ; 21037c478bd9Sstevel@tonic-gate lm = ptr->h_addr_list; 21047c478bd9Sstevel@tonic-gate nm = (char **)calloc(i+2, sizeof (char *)); 21057c478bd9Sstevel@tonic-gate if (nm == NULL) { 21067c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 21077c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 21087c478bd9Sstevel@tonic-gate } 21097c478bd9Sstevel@tonic-gate for (j = 0; j < i; j++) { 21107c478bd9Sstevel@tonic-gate nm[j] = strdup(lm[j]); 21117c478bd9Sstevel@tonic-gate if (nm[j] == NULL) { 21127c478bd9Sstevel@tonic-gate for (k = 0; k < j; k++) 21137c478bd9Sstevel@tonic-gate free(nm[k]); 21147c478bd9Sstevel@tonic-gate free(nm); 21157c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 21167c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 21177c478bd9Sstevel@tonic-gate } 21187c478bd9Sstevel@tonic-gate } 21197c478bd9Sstevel@tonic-gate rc = __s_add_attrlist(e, "ipHostNumber", nm); 21207c478bd9Sstevel@tonic-gate for (j = 0; j < i; j++) { 21217c478bd9Sstevel@tonic-gate free(nm[j]); 21227c478bd9Sstevel@tonic-gate } 21237c478bd9Sstevel@tonic-gate free(nm); 21247c478bd9Sstevel@tonic-gate nm = NULL; 21257c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 21267c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 21277c478bd9Sstevel@tonic-gate return (rc); 21287c478bd9Sstevel@tonic-gate } 21297c478bd9Sstevel@tonic-gate } else { 21307c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 21317c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 21327c478bd9Sstevel@tonic-gate } 21337c478bd9Sstevel@tonic-gate 21347c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 21357c478bd9Sstevel@tonic-gate } 21367c478bd9Sstevel@tonic-gate 21377c478bd9Sstevel@tonic-gate /* 21387c478bd9Sstevel@tonic-gate * Conversion: rpc 21397c478bd9Sstevel@tonic-gate * Input format: struct rpcent 21407c478bd9Sstevel@tonic-gate * Exported objectclass: oncRpc 21417c478bd9Sstevel@tonic-gate */ 21427c478bd9Sstevel@tonic-gate static int 21437c478bd9Sstevel@tonic-gate __s_cvt_rpc(const void *data, char **rdn, 214491b658d3SToomas Soome ns_ldap_entry_t **entry, ns_ldap_error_t **errorp) 21457c478bd9Sstevel@tonic-gate { 21467c478bd9Sstevel@tonic-gate ns_ldap_entry_t *e; 21477c478bd9Sstevel@tonic-gate int rc; 21487c478bd9Sstevel@tonic-gate char trdn[RDNSIZE]; 21497c478bd9Sstevel@tonic-gate /* routine specific */ 21507c478bd9Sstevel@tonic-gate struct rpcent *ptr; 21517c478bd9Sstevel@tonic-gate int max_attr = 3; 21527c478bd9Sstevel@tonic-gate int i, j; 21537c478bd9Sstevel@tonic-gate char **nm; 21547c478bd9Sstevel@tonic-gate char ibuf[10]; 21557c478bd9Sstevel@tonic-gate static char *oclist[] = { 21567c478bd9Sstevel@tonic-gate "oncRpc", 21577c478bd9Sstevel@tonic-gate "top", 21587c478bd9Sstevel@tonic-gate NULL 21597c478bd9Sstevel@tonic-gate }; 21607c478bd9Sstevel@tonic-gate 21617c478bd9Sstevel@tonic-gate if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL) 21627c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED); 21637c478bd9Sstevel@tonic-gate *entry = e = __s_mk_entry(oclist, max_attr); 21647c478bd9Sstevel@tonic-gate if (e == NULL) 21657c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 21667c478bd9Sstevel@tonic-gate 21677c478bd9Sstevel@tonic-gate /* Convert the structure */ 21687c478bd9Sstevel@tonic-gate ptr = (struct rpcent *)data; 21697c478bd9Sstevel@tonic-gate 21707c478bd9Sstevel@tonic-gate if (ptr->r_name == NULL || ptr->r_number < 0) { 21717c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 21727c478bd9Sstevel@tonic-gate *entry = NULL; 21737c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 21747c478bd9Sstevel@tonic-gate } 21757c478bd9Sstevel@tonic-gate 21767c478bd9Sstevel@tonic-gate /* Create an appropriate rdn */ 21777c478bd9Sstevel@tonic-gate (void) snprintf(trdn, RDNSIZE, "cn=%s", ptr->r_name); 21787c478bd9Sstevel@tonic-gate *rdn = strdup(trdn); 21797c478bd9Sstevel@tonic-gate if (*rdn == NULL) { 21807c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 21817c478bd9Sstevel@tonic-gate *entry = NULL; 21827c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 21837c478bd9Sstevel@tonic-gate } 21847c478bd9Sstevel@tonic-gate 21857c478bd9Sstevel@tonic-gate /* Error check the data and add the attributes */ 21867c478bd9Sstevel@tonic-gate if (ptr->r_aliases && ptr->r_aliases[0]) { 21877c478bd9Sstevel@tonic-gate nm = ptr->r_aliases; 21887c478bd9Sstevel@tonic-gate for (i = 0; *nm; i++, nm++) 21897c478bd9Sstevel@tonic-gate ; 21907c478bd9Sstevel@tonic-gate nm = (char **)calloc(i+2, sizeof (char *)); 21917c478bd9Sstevel@tonic-gate if (nm == NULL) { 21927c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 21937c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 21947c478bd9Sstevel@tonic-gate } 21957c478bd9Sstevel@tonic-gate nm[0] = ptr->r_name; 21967c478bd9Sstevel@tonic-gate for (j = 0; j < i; j++) 21977c478bd9Sstevel@tonic-gate nm[j+1] = ptr->r_aliases[j]; 21987c478bd9Sstevel@tonic-gate 21997c478bd9Sstevel@tonic-gate rc = __s_add_attrlist(e, "cn", nm); 22007c478bd9Sstevel@tonic-gate free(nm); 22017c478bd9Sstevel@tonic-gate nm = NULL; 22027c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 22037c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 22047c478bd9Sstevel@tonic-gate return (rc); 22057c478bd9Sstevel@tonic-gate } 22067c478bd9Sstevel@tonic-gate } else { 22077c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "cn", ptr->r_name); 22087c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 22097c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 22107c478bd9Sstevel@tonic-gate return (rc); 22117c478bd9Sstevel@tonic-gate } 22127c478bd9Sstevel@tonic-gate } 22137c478bd9Sstevel@tonic-gate 22147c478bd9Sstevel@tonic-gate if (ptr->r_number >= 0) { 22157c478bd9Sstevel@tonic-gate (void) sprintf(ibuf, "%d", ptr->r_number); 22167c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "oncRpcNumber", ibuf); 22177c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 22187c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 22197c478bd9Sstevel@tonic-gate return (rc); 22207c478bd9Sstevel@tonic-gate } 22217c478bd9Sstevel@tonic-gate } 22227c478bd9Sstevel@tonic-gate 22237c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 22247c478bd9Sstevel@tonic-gate 22257c478bd9Sstevel@tonic-gate } 22267c478bd9Sstevel@tonic-gate 22277c478bd9Sstevel@tonic-gate /* 22287c478bd9Sstevel@tonic-gate * Conversion: protocols 22297c478bd9Sstevel@tonic-gate * Input format: struct protoent 22307c478bd9Sstevel@tonic-gate * Exported objectclass: ipProtocol 22317c478bd9Sstevel@tonic-gate */ 22327c478bd9Sstevel@tonic-gate static int 22337c478bd9Sstevel@tonic-gate __s_cvt_protocols(const void *data, char **rdn, 223491b658d3SToomas Soome ns_ldap_entry_t **entry, ns_ldap_error_t **errorp) 22357c478bd9Sstevel@tonic-gate { 22367c478bd9Sstevel@tonic-gate ns_ldap_entry_t *e; 22377c478bd9Sstevel@tonic-gate int rc; 22387c478bd9Sstevel@tonic-gate char trdn[RDNSIZE]; 22397c478bd9Sstevel@tonic-gate /* routine specific */ 22407c478bd9Sstevel@tonic-gate struct protoent *ptr; 22417c478bd9Sstevel@tonic-gate int max_attr = 3; 22427c478bd9Sstevel@tonic-gate int i, j; 22437c478bd9Sstevel@tonic-gate char ibuf[10]; 22447c478bd9Sstevel@tonic-gate char **nm; 22457c478bd9Sstevel@tonic-gate static char *oclist[] = { 22467c478bd9Sstevel@tonic-gate "ipProtocol", 22477c478bd9Sstevel@tonic-gate "top", 22487c478bd9Sstevel@tonic-gate NULL 22497c478bd9Sstevel@tonic-gate }; 22507c478bd9Sstevel@tonic-gate 22517c478bd9Sstevel@tonic-gate if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL) 22527c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED); 22537c478bd9Sstevel@tonic-gate *entry = e = __s_mk_entry(oclist, max_attr); 22547c478bd9Sstevel@tonic-gate if (e == NULL) 22557c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 22567c478bd9Sstevel@tonic-gate 22577c478bd9Sstevel@tonic-gate /* Convert the structure */ 22587c478bd9Sstevel@tonic-gate ptr = (struct protoent *)data; 22597c478bd9Sstevel@tonic-gate 22607c478bd9Sstevel@tonic-gate if (ptr->p_name == NULL || ptr->p_proto < 0) { 22617c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 22627c478bd9Sstevel@tonic-gate *entry = NULL; 22637c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 22647c478bd9Sstevel@tonic-gate } 22657c478bd9Sstevel@tonic-gate 22667c478bd9Sstevel@tonic-gate /* Create an appropriate rdn */ 22677c478bd9Sstevel@tonic-gate (void) snprintf(trdn, RDNSIZE, "cn=%s", ptr->p_name); 22687c478bd9Sstevel@tonic-gate *rdn = strdup(trdn); 22697c478bd9Sstevel@tonic-gate if (*rdn == NULL) { 22707c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 22717c478bd9Sstevel@tonic-gate *entry = NULL; 22727c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 22737c478bd9Sstevel@tonic-gate } 22747c478bd9Sstevel@tonic-gate 22757c478bd9Sstevel@tonic-gate /* Error check the data and add the attributes */ 22767c478bd9Sstevel@tonic-gate if (ptr->p_aliases && ptr->p_aliases[0]) { 22777c478bd9Sstevel@tonic-gate nm = ptr->p_aliases; 22787c478bd9Sstevel@tonic-gate for (i = 0; *nm; i++, nm++) 22797c478bd9Sstevel@tonic-gate ; 22807c478bd9Sstevel@tonic-gate nm = (char **)calloc(i+2, sizeof (char *)); 22817c478bd9Sstevel@tonic-gate if (nm == NULL) { 22827c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 22837c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 22847c478bd9Sstevel@tonic-gate } 22857c478bd9Sstevel@tonic-gate nm[0] = ptr->p_name; 22867c478bd9Sstevel@tonic-gate for (j = 0; j < i; j++) 22877c478bd9Sstevel@tonic-gate nm[j+1] = ptr->p_aliases[j]; 22887c478bd9Sstevel@tonic-gate 22897c478bd9Sstevel@tonic-gate rc = __s_add_attrlist(e, "cn", nm); 22907c478bd9Sstevel@tonic-gate free(nm); 22917c478bd9Sstevel@tonic-gate nm = NULL; 22927c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 22937c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 22947c478bd9Sstevel@tonic-gate return (rc); 22957c478bd9Sstevel@tonic-gate } 22967c478bd9Sstevel@tonic-gate } else { 22977c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "cn", ptr->p_name); 22987c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 22997c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 23007c478bd9Sstevel@tonic-gate return (rc); 23017c478bd9Sstevel@tonic-gate } 23027c478bd9Sstevel@tonic-gate } 23037c478bd9Sstevel@tonic-gate 23047c478bd9Sstevel@tonic-gate (void) sprintf(ibuf, "%d", ptr->p_proto); 23057c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "ipProtocolNumber", ibuf); 23067c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 23077c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 23087c478bd9Sstevel@tonic-gate return (rc); 23097c478bd9Sstevel@tonic-gate } 23107c478bd9Sstevel@tonic-gate 23117c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 23127c478bd9Sstevel@tonic-gate 23137c478bd9Sstevel@tonic-gate } 23147c478bd9Sstevel@tonic-gate 23157c478bd9Sstevel@tonic-gate /* 23167c478bd9Sstevel@tonic-gate * Conversion: services 23177c478bd9Sstevel@tonic-gate * Input format: struct servent 23187c478bd9Sstevel@tonic-gate * Exported objectclass: ipService 23197c478bd9Sstevel@tonic-gate */ 23207c478bd9Sstevel@tonic-gate static int 23217c478bd9Sstevel@tonic-gate __s_cvt_services(const void *data, char **rdn, 232291b658d3SToomas Soome ns_ldap_entry_t **entry, ns_ldap_error_t **errorp) 23237c478bd9Sstevel@tonic-gate { 23247c478bd9Sstevel@tonic-gate ns_ldap_entry_t *e; 23257c478bd9Sstevel@tonic-gate int rc; 23267c478bd9Sstevel@tonic-gate char trdn[RDNSIZE]; 232750b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India char esc_str[RDNSIZE]; 23287c478bd9Sstevel@tonic-gate /* routine specific */ 23297c478bd9Sstevel@tonic-gate struct servent *ptr; 23307c478bd9Sstevel@tonic-gate int max_attr = 4; 23317c478bd9Sstevel@tonic-gate int i, j; 23327c478bd9Sstevel@tonic-gate char ibuf[10]; 23337c478bd9Sstevel@tonic-gate char **nm; 23347c478bd9Sstevel@tonic-gate static char *oclist[] = { 23357c478bd9Sstevel@tonic-gate "ipService", 23367c478bd9Sstevel@tonic-gate "top", 23377c478bd9Sstevel@tonic-gate NULL 23387c478bd9Sstevel@tonic-gate }; 23397c478bd9Sstevel@tonic-gate 23407c478bd9Sstevel@tonic-gate if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL) 23417c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED); 23427c478bd9Sstevel@tonic-gate *entry = e = __s_mk_entry(oclist, max_attr); 23437c478bd9Sstevel@tonic-gate if (e == NULL) 23447c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 23457c478bd9Sstevel@tonic-gate 23467c478bd9Sstevel@tonic-gate /* Convert the structure */ 23477c478bd9Sstevel@tonic-gate ptr = (struct servent *)data; 23487c478bd9Sstevel@tonic-gate 234991b658d3SToomas Soome if (ptr->s_name == NULL || ptr->s_port < 0 || ptr->s_proto == NULL) { 23507c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 23517c478bd9Sstevel@tonic-gate *entry = NULL; 23527c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 23537c478bd9Sstevel@tonic-gate } 23547c478bd9Sstevel@tonic-gate 235550b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India /* 235650b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India * Escape special characters in service name. 235750b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India */ 235850b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India if (escape_str(esc_str, ptr->s_name) != 0) { 235950b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India __ns_ldap_freeEntry(e); 236050b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India *entry = NULL; 236150b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India return (NS_LDAP_INVALID_PARAM); 236250b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India } 236350b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India 23647c478bd9Sstevel@tonic-gate /* Create an appropriate rdn */ 23657c478bd9Sstevel@tonic-gate (void) snprintf(trdn, RDNSIZE, "cn=%s+ipServiceProtocol=%s", 236650b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India esc_str, ptr->s_proto); 236750b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India 23687c478bd9Sstevel@tonic-gate *rdn = strdup(trdn); 23697c478bd9Sstevel@tonic-gate if (*rdn == NULL) { 23707c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 23717c478bd9Sstevel@tonic-gate *entry = NULL; 23727c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 23737c478bd9Sstevel@tonic-gate } 23747c478bd9Sstevel@tonic-gate 23757c478bd9Sstevel@tonic-gate /* Error check the data and add the attributes */ 23767c478bd9Sstevel@tonic-gate if (ptr->s_aliases && ptr->s_aliases[0]) { 23777c478bd9Sstevel@tonic-gate nm = ptr->s_aliases; 23787c478bd9Sstevel@tonic-gate for (i = 0; *nm; i++, nm++) 23797c478bd9Sstevel@tonic-gate ; 23807c478bd9Sstevel@tonic-gate nm = (char **)calloc(i+2, sizeof (char *)); 23817c478bd9Sstevel@tonic-gate if (nm == NULL) { 23827c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 23837c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 23847c478bd9Sstevel@tonic-gate } 23857c478bd9Sstevel@tonic-gate nm[0] = ptr->s_name; 23867c478bd9Sstevel@tonic-gate for (j = 0; j < i; j++) 23877c478bd9Sstevel@tonic-gate nm[j+1] = ptr->s_aliases[j]; 23887c478bd9Sstevel@tonic-gate 23897c478bd9Sstevel@tonic-gate rc = __s_add_attrlist(e, "cn", nm); 23907c478bd9Sstevel@tonic-gate free(nm); 23917c478bd9Sstevel@tonic-gate nm = NULL; 23927c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 23937c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 23947c478bd9Sstevel@tonic-gate return (rc); 23957c478bd9Sstevel@tonic-gate } 23967c478bd9Sstevel@tonic-gate } else { 23977c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "cn", ptr->s_name); 23987c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 23997c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 24007c478bd9Sstevel@tonic-gate return (rc); 24017c478bd9Sstevel@tonic-gate } 24027c478bd9Sstevel@tonic-gate } 24037c478bd9Sstevel@tonic-gate 24047c478bd9Sstevel@tonic-gate (void) sprintf(ibuf, "%d", ptr->s_port); 24057c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "ipServicePort", ibuf); 24067c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 24077c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 24087c478bd9Sstevel@tonic-gate return (rc); 24097c478bd9Sstevel@tonic-gate } 24107c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "ipServiceProtocol", ptr->s_proto); 24117c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 24127c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 24137c478bd9Sstevel@tonic-gate return (rc); 24147c478bd9Sstevel@tonic-gate } 24157c478bd9Sstevel@tonic-gate 24167c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 24177c478bd9Sstevel@tonic-gate } 24187c478bd9Sstevel@tonic-gate 24197c478bd9Sstevel@tonic-gate /* 24207c478bd9Sstevel@tonic-gate * Conversion: networks 24217c478bd9Sstevel@tonic-gate * Input format: struct netent 24227c478bd9Sstevel@tonic-gate * Exported objectclass: ipNetwork 24237c478bd9Sstevel@tonic-gate */ 24247c478bd9Sstevel@tonic-gate static int 24257c478bd9Sstevel@tonic-gate __s_cvt_networks(const void *data, char **rdn, 242691b658d3SToomas Soome ns_ldap_entry_t **entry, ns_ldap_error_t **errorp) 24277c478bd9Sstevel@tonic-gate { 24287c478bd9Sstevel@tonic-gate ns_ldap_entry_t *e; 24297c478bd9Sstevel@tonic-gate int rc; 24307c478bd9Sstevel@tonic-gate char trdn[RDNSIZE]; 24317c478bd9Sstevel@tonic-gate /* routine specific */ 24327c478bd9Sstevel@tonic-gate struct netent *ptr; 24337c478bd9Sstevel@tonic-gate int max_attr = 4; 24347c478bd9Sstevel@tonic-gate int i, j; 24357c478bd9Sstevel@tonic-gate char cp[64]; 24367c478bd9Sstevel@tonic-gate char **nm; 24377c478bd9Sstevel@tonic-gate static char *oclist[] = { 24387c478bd9Sstevel@tonic-gate "ipNetwork", 24397c478bd9Sstevel@tonic-gate "top", 24407c478bd9Sstevel@tonic-gate NULL 24417c478bd9Sstevel@tonic-gate }; 24427c478bd9Sstevel@tonic-gate 24437c478bd9Sstevel@tonic-gate if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL) 24447c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED); 24457c478bd9Sstevel@tonic-gate *entry = e = __s_mk_entry(oclist, max_attr); 24467c478bd9Sstevel@tonic-gate if (e == NULL) 24477c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 24487c478bd9Sstevel@tonic-gate 24497c478bd9Sstevel@tonic-gate /* Convert the structure */ 24507c478bd9Sstevel@tonic-gate ptr = (struct netent *)data; 24517c478bd9Sstevel@tonic-gate 24527c478bd9Sstevel@tonic-gate if (ptr->n_name == NULL || ptr->n_net == 0) { 24537c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 24547c478bd9Sstevel@tonic-gate *entry = NULL; 24557c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 24567c478bd9Sstevel@tonic-gate } 24577c478bd9Sstevel@tonic-gate 24587c478bd9Sstevel@tonic-gate (void) snprintf(cp, sizeof (cp), "%d.%d.%d.%d", 2459e1dd0a2fSth (ptr->n_net & 0xFF000000) >> 24, 2460e1dd0a2fSth (ptr->n_net & 0x00FF0000) >> 16, 2461e1dd0a2fSth (ptr->n_net & 0x0000FF00) >> 8, 2462e1dd0a2fSth (ptr->n_net & 0x000000FF)); 24637c478bd9Sstevel@tonic-gate 24647c478bd9Sstevel@tonic-gate /* Create an appropriate rdn */ 24657c478bd9Sstevel@tonic-gate (void) snprintf(trdn, RDNSIZE, "ipNetworkNumber=%s", cp); 24667c478bd9Sstevel@tonic-gate *rdn = strdup(trdn); 24677c478bd9Sstevel@tonic-gate if (*rdn == NULL) { 24687c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 24697c478bd9Sstevel@tonic-gate *entry = NULL; 24707c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 24717c478bd9Sstevel@tonic-gate } 24727c478bd9Sstevel@tonic-gate 24737c478bd9Sstevel@tonic-gate /* Error check the data and add the attributes */ 24747c478bd9Sstevel@tonic-gate if (ptr->n_aliases && ptr->n_aliases[0]) { 24757c478bd9Sstevel@tonic-gate nm = ptr->n_aliases; 24767c478bd9Sstevel@tonic-gate for (i = 0; *nm; i++, nm++) 24777c478bd9Sstevel@tonic-gate ; 24787c478bd9Sstevel@tonic-gate nm = (char **)calloc(i+2, sizeof (char *)); 24797c478bd9Sstevel@tonic-gate if (nm == NULL) { 24807c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 24817c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 24827c478bd9Sstevel@tonic-gate } 24837c478bd9Sstevel@tonic-gate nm[0] = ptr->n_name; 24847c478bd9Sstevel@tonic-gate for (j = 0; j < i; j++) 24857c478bd9Sstevel@tonic-gate nm[j+1] = ptr->n_aliases[j]; 24867c478bd9Sstevel@tonic-gate 24877c478bd9Sstevel@tonic-gate rc = __s_add_attrlist(e, "cn", nm); 24887c478bd9Sstevel@tonic-gate free(nm); 24897c478bd9Sstevel@tonic-gate nm = NULL; 24907c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 24917c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 24927c478bd9Sstevel@tonic-gate return (rc); 24937c478bd9Sstevel@tonic-gate } 24947c478bd9Sstevel@tonic-gate } else { 24957c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "cn", ptr->n_name); 24967c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 24977c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 24987c478bd9Sstevel@tonic-gate return (rc); 24997c478bd9Sstevel@tonic-gate } 25007c478bd9Sstevel@tonic-gate } 25017c478bd9Sstevel@tonic-gate 25027c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "ipNetworkNumber", cp); 25037c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 25047c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 25057c478bd9Sstevel@tonic-gate return (rc); 25067c478bd9Sstevel@tonic-gate } 25077c478bd9Sstevel@tonic-gate 25087c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 25097c478bd9Sstevel@tonic-gate 25107c478bd9Sstevel@tonic-gate } 25117c478bd9Sstevel@tonic-gate /* 25127c478bd9Sstevel@tonic-gate * Conversion: netmasks 25137c478bd9Sstevel@tonic-gate * Input format: struct _ns_netmasks 25147c478bd9Sstevel@tonic-gate * Exported objectclass: ipNetwork 25157c478bd9Sstevel@tonic-gate */ 25167c478bd9Sstevel@tonic-gate static int 25177c478bd9Sstevel@tonic-gate __s_cvt_netmasks(const void *data, char **rdn, 251891b658d3SToomas Soome ns_ldap_entry_t **entry, ns_ldap_error_t **errorp) 25197c478bd9Sstevel@tonic-gate { 25207c478bd9Sstevel@tonic-gate ns_ldap_entry_t *e; 25217c478bd9Sstevel@tonic-gate int rc; 25227c478bd9Sstevel@tonic-gate char trdn[RDNSIZE]; 25237c478bd9Sstevel@tonic-gate /* routine specific */ 25247c478bd9Sstevel@tonic-gate struct _ns_netmasks *ptr; 25257c478bd9Sstevel@tonic-gate int max_attr = 4; 25267c478bd9Sstevel@tonic-gate static char *oclist[] = { 25277c478bd9Sstevel@tonic-gate "ipNetwork", 25287c478bd9Sstevel@tonic-gate "top", 25297c478bd9Sstevel@tonic-gate NULL 25307c478bd9Sstevel@tonic-gate }; 25317c478bd9Sstevel@tonic-gate 25327c478bd9Sstevel@tonic-gate if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL) 25337c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED); 25347c478bd9Sstevel@tonic-gate *entry = e = __s_mk_entry(oclist, max_attr); 25357c478bd9Sstevel@tonic-gate if (e == NULL) 25367c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 25377c478bd9Sstevel@tonic-gate 25387c478bd9Sstevel@tonic-gate /* Convert the structure */ 25397c478bd9Sstevel@tonic-gate ptr = (struct _ns_netmasks *)data; 25407c478bd9Sstevel@tonic-gate 25417c478bd9Sstevel@tonic-gate if (ptr->netnumber == NULL) { 25427c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 25437c478bd9Sstevel@tonic-gate *entry = NULL; 25447c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 25457c478bd9Sstevel@tonic-gate } 25467c478bd9Sstevel@tonic-gate 25477c478bd9Sstevel@tonic-gate /* Create an appropriate rdn */ 25487c478bd9Sstevel@tonic-gate (void) snprintf(trdn, RDNSIZE, "ipNetworkNumber=%s", ptr->netnumber); 25497c478bd9Sstevel@tonic-gate *rdn = strdup(trdn); 25507c478bd9Sstevel@tonic-gate if (*rdn == NULL) { 25517c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 25527c478bd9Sstevel@tonic-gate *entry = NULL; 25537c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 25547c478bd9Sstevel@tonic-gate } 25557c478bd9Sstevel@tonic-gate 25567c478bd9Sstevel@tonic-gate /* Error check the data and add the attributes */ 255791b658d3SToomas Soome rc = __s_add_attr(e, "ipNetworkNumber", ptr->netnumber); 255891b658d3SToomas Soome if (rc != NS_LDAP_SUCCESS) { 255991b658d3SToomas Soome __s_cvt_freeEntryRdn(entry, rdn); 256091b658d3SToomas Soome return (rc); 256191b658d3SToomas Soome } 25627c478bd9Sstevel@tonic-gate 256391b658d3SToomas Soome if (ptr->netmask != NULL) { 25647c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "ipNetmaskNumber", ptr->netmask); 25657c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 25667c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 25677c478bd9Sstevel@tonic-gate return (rc); 25687c478bd9Sstevel@tonic-gate } 25697c478bd9Sstevel@tonic-gate } 25707c478bd9Sstevel@tonic-gate 25717c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 25727c478bd9Sstevel@tonic-gate 25737c478bd9Sstevel@tonic-gate } 25747c478bd9Sstevel@tonic-gate /* 25757c478bd9Sstevel@tonic-gate * Conversion: netgroups 25767c478bd9Sstevel@tonic-gate * Input format: struct _ns_netgroups 25777c478bd9Sstevel@tonic-gate * Exported objectclass: nisNetgroup 25787c478bd9Sstevel@tonic-gate */ 25797c478bd9Sstevel@tonic-gate static int 25807c478bd9Sstevel@tonic-gate __s_cvt_netgroups(const void *data, char **rdn, 258191b658d3SToomas Soome ns_ldap_entry_t **entry, ns_ldap_error_t **errorp) 25827c478bd9Sstevel@tonic-gate { 25837c478bd9Sstevel@tonic-gate ns_ldap_entry_t *e; 25847c478bd9Sstevel@tonic-gate int rc; 25857c478bd9Sstevel@tonic-gate char trdn[RDNSIZE]; 25867c478bd9Sstevel@tonic-gate /* routine specific */ 25877c478bd9Sstevel@tonic-gate struct _ns_netgroups *ptr; 25887c478bd9Sstevel@tonic-gate int max_attr = 6; 25897c478bd9Sstevel@tonic-gate int i, j; 25907c478bd9Sstevel@tonic-gate char **nm; 25917c478bd9Sstevel@tonic-gate static char *oclist[] = { 25927c478bd9Sstevel@tonic-gate "nisNetgroup", 25937c478bd9Sstevel@tonic-gate "top", 25947c478bd9Sstevel@tonic-gate NULL 25957c478bd9Sstevel@tonic-gate }; 25967c478bd9Sstevel@tonic-gate 25977c478bd9Sstevel@tonic-gate if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL) 25987c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED); 25997c478bd9Sstevel@tonic-gate *entry = e = __s_mk_entry(oclist, max_attr); 26007c478bd9Sstevel@tonic-gate if (e == NULL) 26017c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 26027c478bd9Sstevel@tonic-gate 26037c478bd9Sstevel@tonic-gate /* Convert the structure */ 26047c478bd9Sstevel@tonic-gate ptr = (struct _ns_netgroups *)data; 26057c478bd9Sstevel@tonic-gate 260691b658d3SToomas Soome if (ptr->name == NULL || *ptr->name == '\0') { 26077c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 26087c478bd9Sstevel@tonic-gate *entry = NULL; 26097c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 26107c478bd9Sstevel@tonic-gate } 26117c478bd9Sstevel@tonic-gate 26127c478bd9Sstevel@tonic-gate /* Create an appropriate rdn */ 26137c478bd9Sstevel@tonic-gate (void) snprintf(trdn, RDNSIZE, "cn=%s", ptr->name); 26147c478bd9Sstevel@tonic-gate *rdn = strdup(trdn); 26157c478bd9Sstevel@tonic-gate if (*rdn == NULL) { 26167c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 26177c478bd9Sstevel@tonic-gate *entry = NULL; 26187c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 26197c478bd9Sstevel@tonic-gate } 26207c478bd9Sstevel@tonic-gate 262191b658d3SToomas Soome rc = __s_add_attr(e, "cn", ptr->name); 262291b658d3SToomas Soome if (rc != NS_LDAP_SUCCESS) { 262391b658d3SToomas Soome __s_cvt_freeEntryRdn(entry, rdn); 262491b658d3SToomas Soome return (rc); 26257c478bd9Sstevel@tonic-gate } 26267c478bd9Sstevel@tonic-gate 26277c478bd9Sstevel@tonic-gate /* Error check the data and add the attributes */ 26287c478bd9Sstevel@tonic-gate if (ptr->triplet && ptr->triplet[0]) { 26297c478bd9Sstevel@tonic-gate nm = ptr->triplet; 26307c478bd9Sstevel@tonic-gate for (i = 0; *nm; i++, nm++) 26317c478bd9Sstevel@tonic-gate ; 26327c478bd9Sstevel@tonic-gate nm = (char **)calloc(i+2, sizeof (char *)); 26337c478bd9Sstevel@tonic-gate if (nm == NULL) { 26347c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 26357c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 26367c478bd9Sstevel@tonic-gate } 26377c478bd9Sstevel@tonic-gate for (j = 0; j < i; j++) 26387c478bd9Sstevel@tonic-gate nm[j] = ptr->triplet[j]; 26397c478bd9Sstevel@tonic-gate 26407c478bd9Sstevel@tonic-gate rc = __s_add_attrlist(e, "nisNetgroupTriple", nm); 26417c478bd9Sstevel@tonic-gate free(nm); 26427c478bd9Sstevel@tonic-gate nm = NULL; 26437c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 26447c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 26457c478bd9Sstevel@tonic-gate return (rc); 26467c478bd9Sstevel@tonic-gate } 26477c478bd9Sstevel@tonic-gate } 26487c478bd9Sstevel@tonic-gate if (ptr->netgroup && ptr->netgroup[0]) { 26497c478bd9Sstevel@tonic-gate nm = ptr->netgroup; 26507c478bd9Sstevel@tonic-gate for (i = 0; *nm; i++, nm++) 26517c478bd9Sstevel@tonic-gate ; 26527c478bd9Sstevel@tonic-gate nm = (char **)calloc(i+2, sizeof (char *)); 26537c478bd9Sstevel@tonic-gate if (nm == NULL) { 26547c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 26557c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 26567c478bd9Sstevel@tonic-gate } 26577c478bd9Sstevel@tonic-gate for (j = 0; j < i; j++) 26587c478bd9Sstevel@tonic-gate nm[j] = ptr->netgroup[j]; 26597c478bd9Sstevel@tonic-gate 26607c478bd9Sstevel@tonic-gate rc = __s_add_attrlist(e, "memberNisNetgroup", nm); 26617c478bd9Sstevel@tonic-gate free(nm); 26627c478bd9Sstevel@tonic-gate nm = NULL; 26637c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 26647c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 26657c478bd9Sstevel@tonic-gate return (rc); 26667c478bd9Sstevel@tonic-gate } 26677c478bd9Sstevel@tonic-gate } 26687c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 26697c478bd9Sstevel@tonic-gate } 26707c478bd9Sstevel@tonic-gate /* 26717c478bd9Sstevel@tonic-gate * Conversion: bootparams 26727c478bd9Sstevel@tonic-gate * Input format: struct _ns_bootp 26737c478bd9Sstevel@tonic-gate * Exported objectclass: bootableDevice, device 26747c478bd9Sstevel@tonic-gate */ 26757c478bd9Sstevel@tonic-gate static int 26767c478bd9Sstevel@tonic-gate __s_cvt_bootparams(const void *data, char **rdn, 267791b658d3SToomas Soome ns_ldap_entry_t **entry, ns_ldap_error_t **errorp) 26787c478bd9Sstevel@tonic-gate { 26797c478bd9Sstevel@tonic-gate ns_ldap_entry_t *e; 26807c478bd9Sstevel@tonic-gate int rc; 26817c478bd9Sstevel@tonic-gate char trdn[RDNSIZE]; 26827c478bd9Sstevel@tonic-gate /* routine specific */ 26837c478bd9Sstevel@tonic-gate struct _ns_bootp *ptr; 26847c478bd9Sstevel@tonic-gate int max_attr = 4; 26857c478bd9Sstevel@tonic-gate int i, j; 26867c478bd9Sstevel@tonic-gate char **nm; 26877c478bd9Sstevel@tonic-gate static char *oclist[] = { 26887c478bd9Sstevel@tonic-gate "bootableDevice", 26897c478bd9Sstevel@tonic-gate "device", 26907c478bd9Sstevel@tonic-gate "top", 26917c478bd9Sstevel@tonic-gate NULL 26927c478bd9Sstevel@tonic-gate }; 26937c478bd9Sstevel@tonic-gate 26947c478bd9Sstevel@tonic-gate if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL) 26957c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED); 26967c478bd9Sstevel@tonic-gate *entry = e = __s_mk_entry(oclist, max_attr); 26977c478bd9Sstevel@tonic-gate if (e == NULL) 26987c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 26997c478bd9Sstevel@tonic-gate 27007c478bd9Sstevel@tonic-gate /* Convert the structure */ 27017c478bd9Sstevel@tonic-gate ptr = (struct _ns_bootp *)data; 27027c478bd9Sstevel@tonic-gate 270391b658d3SToomas Soome if (ptr->name == NULL || *ptr->name == '\0') { 27047c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 27057c478bd9Sstevel@tonic-gate *entry = NULL; 27067c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 27077c478bd9Sstevel@tonic-gate } 27087c478bd9Sstevel@tonic-gate 27097c478bd9Sstevel@tonic-gate /* Create an appropriate rdn */ 27107c478bd9Sstevel@tonic-gate (void) snprintf(trdn, RDNSIZE, "cn=%s", ptr->name); 27117c478bd9Sstevel@tonic-gate *rdn = strdup(trdn); 27127c478bd9Sstevel@tonic-gate if (*rdn == NULL) { 27137c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 27147c478bd9Sstevel@tonic-gate *entry = NULL; 27157c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 27167c478bd9Sstevel@tonic-gate } 27177c478bd9Sstevel@tonic-gate 271891b658d3SToomas Soome rc = __s_add_attr(e, "cn", ptr->name); 271991b658d3SToomas Soome if (rc != NS_LDAP_SUCCESS) { 272091b658d3SToomas Soome __s_cvt_freeEntryRdn(entry, rdn); 272191b658d3SToomas Soome return (rc); 27227c478bd9Sstevel@tonic-gate } 27237c478bd9Sstevel@tonic-gate 27247c478bd9Sstevel@tonic-gate /* Error check the data and add the attributes */ 27257c478bd9Sstevel@tonic-gate if (ptr->param && ptr->param[0]) { 27267c478bd9Sstevel@tonic-gate nm = ptr->param; 27277c478bd9Sstevel@tonic-gate for (i = 0; *nm; i++, nm++) 27287c478bd9Sstevel@tonic-gate ; 27297c478bd9Sstevel@tonic-gate nm = (char **)calloc(i+2, sizeof (char *)); 27307c478bd9Sstevel@tonic-gate if (nm == NULL) { 27317c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 27327c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 27337c478bd9Sstevel@tonic-gate } 27347c478bd9Sstevel@tonic-gate for (j = 0; j < i; j++) 27357c478bd9Sstevel@tonic-gate nm[j] = ptr->param[j]; 27367c478bd9Sstevel@tonic-gate 27377c478bd9Sstevel@tonic-gate rc = __s_add_attrlist(e, "bootParameter", nm); 27387c478bd9Sstevel@tonic-gate free(nm); 27397c478bd9Sstevel@tonic-gate nm = NULL; 27407c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 27417c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 27427c478bd9Sstevel@tonic-gate return (rc); 27437c478bd9Sstevel@tonic-gate } 27447c478bd9Sstevel@tonic-gate } 27457c478bd9Sstevel@tonic-gate 27467c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 27477c478bd9Sstevel@tonic-gate 27487c478bd9Sstevel@tonic-gate } 27497c478bd9Sstevel@tonic-gate /* 27507c478bd9Sstevel@tonic-gate * Conversion: ethers 27517c478bd9Sstevel@tonic-gate * Input format: struct _ns_ethers 27527c478bd9Sstevel@tonic-gate * Exported objectclass: ieee802Device, device 27537c478bd9Sstevel@tonic-gate */ 27547c478bd9Sstevel@tonic-gate static int 27557c478bd9Sstevel@tonic-gate __s_cvt_ethers(const void *data, char **rdn, 275691b658d3SToomas Soome ns_ldap_entry_t **entry, ns_ldap_error_t **errorp) 27577c478bd9Sstevel@tonic-gate { 27587c478bd9Sstevel@tonic-gate ns_ldap_entry_t *e; 27597c478bd9Sstevel@tonic-gate int rc; 27607c478bd9Sstevel@tonic-gate char trdn[RDNSIZE]; 27617c478bd9Sstevel@tonic-gate /* routine specific */ 27627c478bd9Sstevel@tonic-gate struct _ns_ethers *ptr; 27637c478bd9Sstevel@tonic-gate int max_attr = 4; 27647c478bd9Sstevel@tonic-gate static char *oclist[] = { 27657c478bd9Sstevel@tonic-gate "ieee802Device", 27667c478bd9Sstevel@tonic-gate "device", 27677c478bd9Sstevel@tonic-gate "top", 27687c478bd9Sstevel@tonic-gate NULL 27697c478bd9Sstevel@tonic-gate }; 27707c478bd9Sstevel@tonic-gate 27717c478bd9Sstevel@tonic-gate if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL) 27727c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED); 27737c478bd9Sstevel@tonic-gate *entry = e = __s_mk_entry(oclist, max_attr); 27747c478bd9Sstevel@tonic-gate if (e == NULL) 27757c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 27767c478bd9Sstevel@tonic-gate 27777c478bd9Sstevel@tonic-gate /* Convert the structure */ 27787c478bd9Sstevel@tonic-gate ptr = (struct _ns_ethers *)data; 27797c478bd9Sstevel@tonic-gate 278091b658d3SToomas Soome if (ptr->name == NULL || *ptr->name == '\0' || ptr->ether == NULL) { 27817c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 27827c478bd9Sstevel@tonic-gate *entry = NULL; 27837c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 27847c478bd9Sstevel@tonic-gate } 27857c478bd9Sstevel@tonic-gate 27867c478bd9Sstevel@tonic-gate /* Create an appropriate rdn */ 27877c478bd9Sstevel@tonic-gate (void) snprintf(trdn, RDNSIZE, "cn=%s", ptr->name); 27887c478bd9Sstevel@tonic-gate *rdn = strdup(trdn); 27897c478bd9Sstevel@tonic-gate if (*rdn == NULL) { 27907c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 27917c478bd9Sstevel@tonic-gate *entry = NULL; 27927c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 27937c478bd9Sstevel@tonic-gate } 27947c478bd9Sstevel@tonic-gate 27957c478bd9Sstevel@tonic-gate /* Error check the data and add the attributes */ 27967c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "cn", ptr->name); 27977c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 27987c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 27997c478bd9Sstevel@tonic-gate return (rc); 28007c478bd9Sstevel@tonic-gate } 28017c478bd9Sstevel@tonic-gate 28027c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "macAddress", ptr->ether); 28037c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 28047c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 28057c478bd9Sstevel@tonic-gate return (rc); 28067c478bd9Sstevel@tonic-gate } 28077c478bd9Sstevel@tonic-gate 28087c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 28097c478bd9Sstevel@tonic-gate } 28107c478bd9Sstevel@tonic-gate /* 28117c478bd9Sstevel@tonic-gate * This function is used when processing an ethers (objectclass: ieee802Device) 28127c478bd9Sstevel@tonic-gate * or a bootparams (objectclass: bootableDevice) entry, and the entry is 28137c478bd9Sstevel@tonic-gate * already found in LDAP. Since both ethers and bootparams share the same 28147c478bd9Sstevel@tonic-gate * LDAP container, we want to check that the entry found in LDAP is: 28157c478bd9Sstevel@tonic-gate * - either the same entry (same cn, same objectclass): we don't do anything 28167c478bd9Sstevel@tonic-gate * in this case 28177c478bd9Sstevel@tonic-gate * - or an entry which does not have the objectclass we are interesting in: 28187c478bd9Sstevel@tonic-gate * in this case, we modify the existing entry by adding the relevant 28197c478bd9Sstevel@tonic-gate * objectclass (ieee802Device or bootableDevice) and the relevant attribute(s) 28207c478bd9Sstevel@tonic-gate * from the attribute list previously computing by the relevant conversion 28217c478bd9Sstevel@tonic-gate * function. 28227c478bd9Sstevel@tonic-gate * Note: from conversion functions __s_cvt_ethers() and __s_cvt_bootparams() 28237c478bd9Sstevel@tonic-gate * we know that there is only 1 more attribute today to add (macAddress 28247c478bd9Sstevel@tonic-gate * or bootParameter) 28257c478bd9Sstevel@tonic-gate */ 28267c478bd9Sstevel@tonic-gate #define _MAX_ATTR_ETHBOOTP 2 28277c478bd9Sstevel@tonic-gate static int 28287c478bd9Sstevel@tonic-gate modify_ethers_bootp( 28297c478bd9Sstevel@tonic-gate const char *service, 28307c478bd9Sstevel@tonic-gate const char *rdn, 28317c478bd9Sstevel@tonic-gate const char *fulldn, 28327c478bd9Sstevel@tonic-gate const ns_ldap_attr_t * const *attrlist, 28337c478bd9Sstevel@tonic-gate const ns_cred_t *cred, 28347c478bd9Sstevel@tonic-gate const int flags, 28357c478bd9Sstevel@tonic-gate ns_ldap_error_t **errorp) 28367c478bd9Sstevel@tonic-gate { 28377c478bd9Sstevel@tonic-gate char filter[BUFSIZ]; 28387c478bd9Sstevel@tonic-gate ns_ldap_result_t *resultp; 28397c478bd9Sstevel@tonic-gate int rc = 0; 28407c478bd9Sstevel@tonic-gate int i; 28417c478bd9Sstevel@tonic-gate ns_ldap_attr_t *new_attrlist[_MAX_ATTR_ETHBOOTP+1]; 28427c478bd9Sstevel@tonic-gate ns_ldap_attr_t new_attrlist0; 28437c478bd9Sstevel@tonic-gate char *new_attrvalue0[1]; 28447c478bd9Sstevel@tonic-gate const ns_ldap_attr_t * const *aptr = attrlist; 28457c478bd9Sstevel@tonic-gate ns_ldap_attr_t *aptr2; 28467c478bd9Sstevel@tonic-gate ns_ldap_error_t *new_errorp = NULL; 28477c478bd9Sstevel@tonic-gate 28487c478bd9Sstevel@tonic-gate if (rdn == NULL || fulldn == NULL || attrlist == NULL || 2849e1dd0a2fSth errorp == NULL || service == NULL) 28507c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED); 28517c478bd9Sstevel@tonic-gate 28527c478bd9Sstevel@tonic-gate bzero(&new_attrlist, sizeof (new_attrlist)); 28537c478bd9Sstevel@tonic-gate bzero(&new_attrlist0, sizeof (new_attrlist0)); 28547c478bd9Sstevel@tonic-gate new_attrlist[0] = &new_attrlist0; 28557c478bd9Sstevel@tonic-gate new_attrlist[0]->attrvalue = new_attrvalue0; 28567c478bd9Sstevel@tonic-gate 28577c478bd9Sstevel@tonic-gate new_attrlist[0]->attrname = "objectclass"; 28587c478bd9Sstevel@tonic-gate new_attrlist[0]->value_count = 1; 2859*51b02b29SToomas Soome if (strcasecmp(service, "ethers") == 0) { 28607c478bd9Sstevel@tonic-gate (void) snprintf(&filter[0], sizeof (filter), 2861e1dd0a2fSth "(&(objectClass=ieee802Device)(%s))", rdn); 28627c478bd9Sstevel@tonic-gate new_attrlist[0]->attrvalue[0] = "ieee802Device"; 28637c478bd9Sstevel@tonic-gate } else { 28647c478bd9Sstevel@tonic-gate (void) snprintf(&filter[0], sizeof (filter), 2865e1dd0a2fSth "(&(objectClass=bootableDevice)(%s))", rdn); 28667c478bd9Sstevel@tonic-gate new_attrlist[0]->attrvalue[0] = "bootableDevice"; 28677c478bd9Sstevel@tonic-gate } 28687c478bd9Sstevel@tonic-gate 28697c478bd9Sstevel@tonic-gate rc = __ns_ldap_list(service, filter, NULL, (const char **)NULL, 2870e1dd0a2fSth NULL, NS_LDAP_SCOPE_SUBTREE, &resultp, &new_errorp, 2871e1dd0a2fSth NULL, NULL); 28727c478bd9Sstevel@tonic-gate 28737c478bd9Sstevel@tonic-gate switch (rc) { 28747c478bd9Sstevel@tonic-gate case NS_LDAP_SUCCESS: 28757c478bd9Sstevel@tonic-gate /* 28767c478bd9Sstevel@tonic-gate * entry already exists for this service 28777c478bd9Sstevel@tonic-gate * return NS_LDAP_INTERNAL and do not modify the incoming errorp 28787c478bd9Sstevel@tonic-gate */ 28797c478bd9Sstevel@tonic-gate rc = NS_LDAP_INTERNAL; 28807c478bd9Sstevel@tonic-gate break; 28817c478bd9Sstevel@tonic-gate case NS_LDAP_NOTFOUND: 28827c478bd9Sstevel@tonic-gate /* 28837c478bd9Sstevel@tonic-gate * entry not found with the given objectclasss but entry exists 28847c478bd9Sstevel@tonic-gate * hence add the relevant attribute (macAddress or bootparams). 28857c478bd9Sstevel@tonic-gate */ 28867c478bd9Sstevel@tonic-gate i = 1; 28877c478bd9Sstevel@tonic-gate while (*aptr && (i < _MAX_ATTR_ETHBOOTP)) { 28887c478bd9Sstevel@tonic-gate /* aptr2 needed here to avoid lint warning */ 28897c478bd9Sstevel@tonic-gate aptr2 = (ns_ldap_attr_t *)*aptr++; 28907c478bd9Sstevel@tonic-gate if ((strcasecmp(aptr2->attrname, "cn") != 0) && 2891e1dd0a2fSth (strcasecmp(aptr2->attrname, 2892e1dd0a2fSth "objectclass") != 0)) { 2893e1dd0a2fSth new_attrlist[i++] = (ns_ldap_attr_t *)aptr2; 28947c478bd9Sstevel@tonic-gate } 28957c478bd9Sstevel@tonic-gate } 28967c478bd9Sstevel@tonic-gate 28977c478bd9Sstevel@tonic-gate if (i != _MAX_ATTR_ETHBOOTP) { 28987c478bd9Sstevel@tonic-gate /* we haven't found all expected attributes */ 28997c478bd9Sstevel@tonic-gate rc = NS_LDAP_OP_FAILED; 29007c478bd9Sstevel@tonic-gate break; 29017c478bd9Sstevel@tonic-gate } 29027c478bd9Sstevel@tonic-gate 29037c478bd9Sstevel@tonic-gate aptr = (const ns_ldap_attr_t * const *) new_attrlist; 29047c478bd9Sstevel@tonic-gate /* clean errorp first */ 29057c478bd9Sstevel@tonic-gate (void) __ns_ldap_freeError(errorp); 29067c478bd9Sstevel@tonic-gate rc = __ns_ldap_addAttr(service, fulldn, aptr, cred, flags, 2907e1dd0a2fSth errorp); 29087c478bd9Sstevel@tonic-gate break; 29097c478bd9Sstevel@tonic-gate default: 29107c478bd9Sstevel@tonic-gate /* 29117c478bd9Sstevel@tonic-gate * unexpected error happenned 29127c478bd9Sstevel@tonic-gate * returning relevant error 29137c478bd9Sstevel@tonic-gate */ 29147c478bd9Sstevel@tonic-gate (void) __ns_ldap_freeError(errorp); 29157c478bd9Sstevel@tonic-gate *errorp = new_errorp; 29167c478bd9Sstevel@tonic-gate break; 29177c478bd9Sstevel@tonic-gate } 29187c478bd9Sstevel@tonic-gate 29197c478bd9Sstevel@tonic-gate return (rc); 29207c478bd9Sstevel@tonic-gate } 29217c478bd9Sstevel@tonic-gate 29227c478bd9Sstevel@tonic-gate /* 29237c478bd9Sstevel@tonic-gate * Conversion: publickey 29247c478bd9Sstevel@tonic-gate * Input format: struct _ns_pubkey 29257c478bd9Sstevel@tonic-gate * Exported objectclass: NisKeyObject 29267c478bd9Sstevel@tonic-gate */ 29277c478bd9Sstevel@tonic-gate static int 29287c478bd9Sstevel@tonic-gate __s_cvt_publickey(const void *data, char **rdn, 292991b658d3SToomas Soome ns_ldap_entry_t **entry, ns_ldap_error_t **errorp) 29307c478bd9Sstevel@tonic-gate { 29317c478bd9Sstevel@tonic-gate ns_ldap_entry_t *e; 29327c478bd9Sstevel@tonic-gate int rc; 29337c478bd9Sstevel@tonic-gate char trdn[RDNSIZE]; 29347c478bd9Sstevel@tonic-gate /* routine specific */ 29357c478bd9Sstevel@tonic-gate struct _ns_pubkey *ptr; 29367c478bd9Sstevel@tonic-gate int max_attr = 3; 29377c478bd9Sstevel@tonic-gate static char *oclist[] = { 29387c478bd9Sstevel@tonic-gate "NisKeyObject", 29397c478bd9Sstevel@tonic-gate NULL 29407c478bd9Sstevel@tonic-gate }; 29417c478bd9Sstevel@tonic-gate 29427c478bd9Sstevel@tonic-gate if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL) 29437c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED); 29447c478bd9Sstevel@tonic-gate *entry = e = __s_mk_entry(oclist, max_attr); 29457c478bd9Sstevel@tonic-gate if (e == NULL) 29467c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 29477c478bd9Sstevel@tonic-gate 29487c478bd9Sstevel@tonic-gate /* Convert the structure */ 29497c478bd9Sstevel@tonic-gate ptr = (struct _ns_pubkey *)data; 29507c478bd9Sstevel@tonic-gate 295191b658d3SToomas Soome if (ptr->name == NULL || *ptr->name == '\0' || ptr->pubkey == NULL || 295291b658d3SToomas Soome ptr->privkey == NULL) { 29537c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 29547c478bd9Sstevel@tonic-gate *entry = NULL; 29557c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 29567c478bd9Sstevel@tonic-gate } 29577c478bd9Sstevel@tonic-gate 29587c478bd9Sstevel@tonic-gate /* Create an appropriate rdn */ 29597c478bd9Sstevel@tonic-gate if (ptr->hostcred == NS_HOSTCRED_FALSE) 29607c478bd9Sstevel@tonic-gate (void) snprintf(trdn, RDNSIZE, "uid=%s", ptr->name); 29617c478bd9Sstevel@tonic-gate else 29627c478bd9Sstevel@tonic-gate (void) snprintf(trdn, RDNSIZE, "cn=%s", ptr->name); 29637c478bd9Sstevel@tonic-gate *rdn = strdup(trdn); 29647c478bd9Sstevel@tonic-gate if (*rdn == NULL) { 29657c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 29667c478bd9Sstevel@tonic-gate *entry = NULL; 29677c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 29687c478bd9Sstevel@tonic-gate } 29697c478bd9Sstevel@tonic-gate 29707c478bd9Sstevel@tonic-gate /* Error check the data and add the attributes */ 29717c478bd9Sstevel@tonic-gate 29727c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "nisPublickey", ptr->pubkey); 29737c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 29747c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 29757c478bd9Sstevel@tonic-gate return (rc); 29767c478bd9Sstevel@tonic-gate } 29777c478bd9Sstevel@tonic-gate 29787c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "nisSecretkey", ptr->privkey); 29797c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 29807c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 29817c478bd9Sstevel@tonic-gate return (rc); 29827c478bd9Sstevel@tonic-gate } 29837c478bd9Sstevel@tonic-gate 29847c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 29857c478bd9Sstevel@tonic-gate } 29867c478bd9Sstevel@tonic-gate /* 29877c478bd9Sstevel@tonic-gate * Conversion: aliases 29887c478bd9Sstevel@tonic-gate * Input format: struct _ns_alias 29897c478bd9Sstevel@tonic-gate * Exported objectclass: mailGroup 29907c478bd9Sstevel@tonic-gate */ 29917c478bd9Sstevel@tonic-gate static int 29927c478bd9Sstevel@tonic-gate __s_cvt_aliases(const void *data, char **rdn, 299391b658d3SToomas Soome ns_ldap_entry_t **entry, ns_ldap_error_t **errorp) 29947c478bd9Sstevel@tonic-gate { 29957c478bd9Sstevel@tonic-gate ns_ldap_entry_t *e; 29967c478bd9Sstevel@tonic-gate int rc; 29977c478bd9Sstevel@tonic-gate char trdn[RDNSIZE]; 29987c478bd9Sstevel@tonic-gate /* routine specific */ 29997c478bd9Sstevel@tonic-gate struct _ns_alias *ptr; 30007c478bd9Sstevel@tonic-gate int max_attr = 4; 30017c478bd9Sstevel@tonic-gate int i, j; 30027c478bd9Sstevel@tonic-gate char **nm; 30037c478bd9Sstevel@tonic-gate static char *oclist[] = { 30047c478bd9Sstevel@tonic-gate "mailGroup", 30057c478bd9Sstevel@tonic-gate "top", 30067c478bd9Sstevel@tonic-gate NULL 30077c478bd9Sstevel@tonic-gate }; 30087c478bd9Sstevel@tonic-gate 30097c478bd9Sstevel@tonic-gate if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL) 30107c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED); 30117c478bd9Sstevel@tonic-gate *entry = e = __s_mk_entry(oclist, max_attr); 30127c478bd9Sstevel@tonic-gate if (e == NULL) 30137c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 30147c478bd9Sstevel@tonic-gate 30157c478bd9Sstevel@tonic-gate /* Convert the structure */ 30167c478bd9Sstevel@tonic-gate ptr = (struct _ns_alias *)data; 30177c478bd9Sstevel@tonic-gate 301891b658d3SToomas Soome if (ptr->alias == NULL || *ptr->alias == '\0') { 30197c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 30207c478bd9Sstevel@tonic-gate *entry = NULL; 30217c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 30227c478bd9Sstevel@tonic-gate } 30237c478bd9Sstevel@tonic-gate 30247c478bd9Sstevel@tonic-gate /* Create an appropriate rdn */ 30257c478bd9Sstevel@tonic-gate (void) snprintf(trdn, RDNSIZE, "cn=%s", ptr->alias); 30267c478bd9Sstevel@tonic-gate *rdn = strdup(trdn); 30277c478bd9Sstevel@tonic-gate if (*rdn == NULL) { 30287c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 30297c478bd9Sstevel@tonic-gate *entry = NULL; 30307c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 30317c478bd9Sstevel@tonic-gate } 30327c478bd9Sstevel@tonic-gate 303391b658d3SToomas Soome rc = __s_add_attr(e, "mail", (char *)ptr->alias); 303491b658d3SToomas Soome if (rc != NS_LDAP_SUCCESS) { 303591b658d3SToomas Soome __s_cvt_freeEntryRdn(entry, rdn); 303691b658d3SToomas Soome return (rc); 30377c478bd9Sstevel@tonic-gate } 30387c478bd9Sstevel@tonic-gate 30397c478bd9Sstevel@tonic-gate /* Error check the data and add the attributes */ 30407c478bd9Sstevel@tonic-gate if (ptr->member && ptr->member[0]) { 30417c478bd9Sstevel@tonic-gate nm = ptr->member; 30427c478bd9Sstevel@tonic-gate for (i = 0; *nm; i++, nm++) 30437c478bd9Sstevel@tonic-gate ; 30447c478bd9Sstevel@tonic-gate nm = (char **)calloc(i+2, sizeof (char *)); 30457c478bd9Sstevel@tonic-gate if (nm == NULL) { 30467c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 30477c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 30487c478bd9Sstevel@tonic-gate } 30497c478bd9Sstevel@tonic-gate for (j = 0; j < i; j++) 30507c478bd9Sstevel@tonic-gate nm[j] = ptr->member[j]; 30517c478bd9Sstevel@tonic-gate 30527c478bd9Sstevel@tonic-gate rc = __s_add_attrlist(e, "mgrpRFC822MailMember", nm); 30537c478bd9Sstevel@tonic-gate free(nm); 30547c478bd9Sstevel@tonic-gate nm = NULL; 30557c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 30567c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 30577c478bd9Sstevel@tonic-gate return (rc); 30587c478bd9Sstevel@tonic-gate } 30597c478bd9Sstevel@tonic-gate } 30607c478bd9Sstevel@tonic-gate 30617c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 30627c478bd9Sstevel@tonic-gate 30637c478bd9Sstevel@tonic-gate } 30647c478bd9Sstevel@tonic-gate /* 30657c478bd9Sstevel@tonic-gate * Conversion: automount 30667c478bd9Sstevel@tonic-gate * Input format: struct _ns_automount 30677c478bd9Sstevel@tonic-gate * Exported objectclass: automount 30687c478bd9Sstevel@tonic-gate */ 30697c478bd9Sstevel@tonic-gate static int 30707c478bd9Sstevel@tonic-gate __s_cvt_auto_mount(const void *data, char **rdn, 307191b658d3SToomas Soome ns_ldap_entry_t **entry, ns_ldap_error_t **errorp) 30727c478bd9Sstevel@tonic-gate { 30737c478bd9Sstevel@tonic-gate ns_ldap_entry_t *e; 30747c478bd9Sstevel@tonic-gate int rc; 30757c478bd9Sstevel@tonic-gate char trdn[RDNSIZE]; 30767c478bd9Sstevel@tonic-gate /* routine specific */ 30777c478bd9Sstevel@tonic-gate struct _ns_automount *ptr; 30787c478bd9Sstevel@tonic-gate int max_attr = 6; 30797c478bd9Sstevel@tonic-gate void **paramVal = NULL; 30807c478bd9Sstevel@tonic-gate char **mappedschema = NULL; 30817c478bd9Sstevel@tonic-gate int version1 = 0; 30827c478bd9Sstevel@tonic-gate static char *oclist[] = { 30837c478bd9Sstevel@tonic-gate NULL, 30847c478bd9Sstevel@tonic-gate "top", 30857c478bd9Sstevel@tonic-gate NULL 30867c478bd9Sstevel@tonic-gate }; 30877c478bd9Sstevel@tonic-gate 30887c478bd9Sstevel@tonic-gate if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL) 30897c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED); 30907c478bd9Sstevel@tonic-gate 30917c478bd9Sstevel@tonic-gate /* determine profile version number */ 30927c478bd9Sstevel@tonic-gate rc = __ns_ldap_getParam(NS_LDAP_FILE_VERSION_P, ¶mVal, errorp); 30937c478bd9Sstevel@tonic-gate if (paramVal && *paramVal && 3094e1dd0a2fSth strcasecmp(*paramVal, NS_LDAP_VERSION_1) == 0) 30957c478bd9Sstevel@tonic-gate version1 = 1; 30967c478bd9Sstevel@tonic-gate if (paramVal) 30977c478bd9Sstevel@tonic-gate (void) __ns_ldap_freeParam(¶mVal); 30987c478bd9Sstevel@tonic-gate if (rc && errorp) 30997c478bd9Sstevel@tonic-gate (void) __ns_ldap_freeError(errorp); 31007c478bd9Sstevel@tonic-gate 31017c478bd9Sstevel@tonic-gate /* use old schema for version 1 profiles */ 31027c478bd9Sstevel@tonic-gate if (version1) 31037c478bd9Sstevel@tonic-gate oclist[0] = "nisObject"; 31047c478bd9Sstevel@tonic-gate else 31057c478bd9Sstevel@tonic-gate oclist[0] = "automount"; 31067c478bd9Sstevel@tonic-gate 31077c478bd9Sstevel@tonic-gate *entry = e = __s_mk_entry(oclist, max_attr); 31087c478bd9Sstevel@tonic-gate if (e == NULL) 31097c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 31107c478bd9Sstevel@tonic-gate 31117c478bd9Sstevel@tonic-gate /* Convert the structure */ 31127c478bd9Sstevel@tonic-gate ptr = (struct _ns_automount *)data; 31137c478bd9Sstevel@tonic-gate 311491b658d3SToomas Soome if (ptr->key == NULL || *ptr->key == '\0' || ptr->value == NULL || 311591b658d3SToomas Soome ptr->mapname == NULL) { 31167c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 31177c478bd9Sstevel@tonic-gate *entry = NULL; 31187c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 31197c478bd9Sstevel@tonic-gate } 31207c478bd9Sstevel@tonic-gate 31217c478bd9Sstevel@tonic-gate /* Create an appropriate rdn */ 31227c478bd9Sstevel@tonic-gate (void) snprintf(trdn, RDNSIZE, version1 ? "cn=%s" : "automountKey=%s", 3123e1dd0a2fSth ptr->key); 31247c478bd9Sstevel@tonic-gate *rdn = strdup(trdn); 31257c478bd9Sstevel@tonic-gate if (*rdn == NULL) { 31267c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 31277c478bd9Sstevel@tonic-gate *entry = NULL; 31287c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 31297c478bd9Sstevel@tonic-gate } 31307c478bd9Sstevel@tonic-gate 313191b658d3SToomas Soome rc = __s_add_attr(e, version1 ? "cn" : "automountKey", 313291b658d3SToomas Soome (char *)ptr->key); 313391b658d3SToomas Soome if (rc != NS_LDAP_SUCCESS) { 313491b658d3SToomas Soome __s_cvt_freeEntryRdn(entry, rdn); 313591b658d3SToomas Soome return (rc); 31367c478bd9Sstevel@tonic-gate } 31377c478bd9Sstevel@tonic-gate 31387c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, version1 ? "nisMapEntry" : "automountInformation", 3139e1dd0a2fSth (char *)ptr->value); 31407c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 31417c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 31427c478bd9Sstevel@tonic-gate return (rc); 31437c478bd9Sstevel@tonic-gate } 31447c478bd9Sstevel@tonic-gate 31457c478bd9Sstevel@tonic-gate /* 31467c478bd9Sstevel@tonic-gate * even for version 2, if automount is mapped to nisObject we 31477c478bd9Sstevel@tonic-gate * still need 'nisMapName' attribute 31487c478bd9Sstevel@tonic-gate */ 31497c478bd9Sstevel@tonic-gate mappedschema = __ns_ldap_getMappedObjectClass("automount", "automount"); 31507c478bd9Sstevel@tonic-gate if (mappedschema && mappedschema[0] && 3151e1dd0a2fSth strcasecmp(mappedschema[0], "nisObject") == 0) 31527c478bd9Sstevel@tonic-gate version1 = 1; 31537c478bd9Sstevel@tonic-gate if (mappedschema) 31547c478bd9Sstevel@tonic-gate __s_api_free2dArray(mappedschema); 31557c478bd9Sstevel@tonic-gate 31567c478bd9Sstevel@tonic-gate if (version1) { 31577c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "nisMapName", (char *)ptr->mapname); 31587c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 31597c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 31607c478bd9Sstevel@tonic-gate return (rc); 31617c478bd9Sstevel@tonic-gate } 31627c478bd9Sstevel@tonic-gate } 31637c478bd9Sstevel@tonic-gate 31647c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 31657c478bd9Sstevel@tonic-gate } 31667c478bd9Sstevel@tonic-gate /* 31677c478bd9Sstevel@tonic-gate * Conversion: auth_attr 31687c478bd9Sstevel@tonic-gate * Input format: authstr_t 31697c478bd9Sstevel@tonic-gate * Exported objectclass: SolarisAuthAttr 31707c478bd9Sstevel@tonic-gate */ 31717c478bd9Sstevel@tonic-gate static int 31727c478bd9Sstevel@tonic-gate __s_cvt_authattr(const void *data, char **rdn, 317391b658d3SToomas Soome ns_ldap_entry_t **entry, ns_ldap_error_t **errorp) 31747c478bd9Sstevel@tonic-gate { 31757c478bd9Sstevel@tonic-gate ns_ldap_entry_t *e; 31767c478bd9Sstevel@tonic-gate int rc; 31777c478bd9Sstevel@tonic-gate char trdn[RDNSIZE]; 31787c478bd9Sstevel@tonic-gate /* routine specific */ 31797c478bd9Sstevel@tonic-gate authstr_t *ptr; 31807c478bd9Sstevel@tonic-gate int max_attr = 6; 31817c478bd9Sstevel@tonic-gate static char *oclist[] = { 31827c478bd9Sstevel@tonic-gate "SolarisAuthAttr", 31837c478bd9Sstevel@tonic-gate "top", 31847c478bd9Sstevel@tonic-gate NULL 31857c478bd9Sstevel@tonic-gate }; 31867c478bd9Sstevel@tonic-gate 31877c478bd9Sstevel@tonic-gate if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL) 31887c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED); 31897c478bd9Sstevel@tonic-gate 31907c478bd9Sstevel@tonic-gate *entry = e = __s_mk_entry(oclist, max_attr); 31917c478bd9Sstevel@tonic-gate if (e == NULL) 31927c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 31937c478bd9Sstevel@tonic-gate 31947c478bd9Sstevel@tonic-gate /* Convert the structure */ 31957c478bd9Sstevel@tonic-gate ptr = (authstr_t *)data; 31967c478bd9Sstevel@tonic-gate 31977c478bd9Sstevel@tonic-gate if (ptr->name == NULL || ptr->name[0] == '\0' || ptr->attr == NULL) { 31987c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 31997c478bd9Sstevel@tonic-gate *entry = NULL; 32007c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 32017c478bd9Sstevel@tonic-gate } 32027c478bd9Sstevel@tonic-gate 32037c478bd9Sstevel@tonic-gate /* Create an appropriate rdn */ 32047c478bd9Sstevel@tonic-gate (void) snprintf(trdn, RDNSIZE, "cn=%s", ptr->name); 32057c478bd9Sstevel@tonic-gate *rdn = strdup(trdn); 32067c478bd9Sstevel@tonic-gate if (*rdn == NULL) { 32077c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 32087c478bd9Sstevel@tonic-gate *entry = NULL; 32097c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 32107c478bd9Sstevel@tonic-gate } 32117c478bd9Sstevel@tonic-gate 32127c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "cn", ptr->name); 32137c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 32147c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 32157c478bd9Sstevel@tonic-gate return (rc); 32167c478bd9Sstevel@tonic-gate } 32177c478bd9Sstevel@tonic-gate 32187c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "SolarisAttrKeyValue", ptr->attr); 32197c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 32207c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 32217c478bd9Sstevel@tonic-gate return (rc); 32227c478bd9Sstevel@tonic-gate } 32237c478bd9Sstevel@tonic-gate 32247c478bd9Sstevel@tonic-gate if (ptr->res1 != NULL) { 32257c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "SolarisAttrReserved1", ptr->res1); 32267c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 32277c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 32287c478bd9Sstevel@tonic-gate return (rc); 32297c478bd9Sstevel@tonic-gate } 32307c478bd9Sstevel@tonic-gate } 32317c478bd9Sstevel@tonic-gate 32327c478bd9Sstevel@tonic-gate if (ptr->res2 != NULL) { 32337c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "SolarisAttrReserved2", ptr->res2); 32347c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 32357c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 32367c478bd9Sstevel@tonic-gate return (rc); 32377c478bd9Sstevel@tonic-gate } 32387c478bd9Sstevel@tonic-gate } 32397c478bd9Sstevel@tonic-gate 32407c478bd9Sstevel@tonic-gate if (ptr->short_desc != NULL) { 32417c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "SolarisAttrShortDesc", ptr->short_desc); 32427c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 32437c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 32447c478bd9Sstevel@tonic-gate return (rc); 32457c478bd9Sstevel@tonic-gate } 32467c478bd9Sstevel@tonic-gate } 32477c478bd9Sstevel@tonic-gate 32487c478bd9Sstevel@tonic-gate if (ptr->long_desc != NULL) { 32497c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "SolarisAttrLongDesc", ptr->long_desc); 32507c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 32517c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 32527c478bd9Sstevel@tonic-gate return (rc); 32537c478bd9Sstevel@tonic-gate } 32547c478bd9Sstevel@tonic-gate } 32557c478bd9Sstevel@tonic-gate 32567c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 32577c478bd9Sstevel@tonic-gate } 32587c478bd9Sstevel@tonic-gate /* 32597c478bd9Sstevel@tonic-gate * Conversion: exec_attr 32607c478bd9Sstevel@tonic-gate * Input format: execstr_t 32617c478bd9Sstevel@tonic-gate * Exported objectclass: SolarisExecAttr 32627c478bd9Sstevel@tonic-gate */ 32637c478bd9Sstevel@tonic-gate static int 32647c478bd9Sstevel@tonic-gate __s_cvt_execattr(const void *data, char **rdn, 326591b658d3SToomas Soome ns_ldap_entry_t **entry, ns_ldap_error_t **errorp) 32667c478bd9Sstevel@tonic-gate { 32677c478bd9Sstevel@tonic-gate ns_ldap_entry_t *e; 32687c478bd9Sstevel@tonic-gate int rc; 32697c478bd9Sstevel@tonic-gate char trdn[RDNSIZE]; 327050b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India char esc_str[RDNSIZE]; 32717c478bd9Sstevel@tonic-gate /* routine specific */ 32727c478bd9Sstevel@tonic-gate execstr_t *ptr; 32737c478bd9Sstevel@tonic-gate int max_attr = 7; 32747c478bd9Sstevel@tonic-gate static char *oclist[] = { 32757c478bd9Sstevel@tonic-gate "SolarisExecAttr", 32767c478bd9Sstevel@tonic-gate "SolarisProfAttr", 32777c478bd9Sstevel@tonic-gate "top", 32787c478bd9Sstevel@tonic-gate NULL 32797c478bd9Sstevel@tonic-gate }; 32807c478bd9Sstevel@tonic-gate 32817c478bd9Sstevel@tonic-gate if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL) 32827c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED); 32837c478bd9Sstevel@tonic-gate 32847c478bd9Sstevel@tonic-gate *entry = e = __s_mk_entry(oclist, max_attr); 32857c478bd9Sstevel@tonic-gate if (e == NULL) 32867c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 32877c478bd9Sstevel@tonic-gate 32887c478bd9Sstevel@tonic-gate /* Convert the structure */ 32897c478bd9Sstevel@tonic-gate ptr = (execstr_t *)data; 32907c478bd9Sstevel@tonic-gate 32917c478bd9Sstevel@tonic-gate if (ptr->name == NULL || ptr->name[0] == '\0' || 32927c478bd9Sstevel@tonic-gate ptr->policy == NULL || ptr->policy[0] == '\0' || 32937c478bd9Sstevel@tonic-gate ptr->type == NULL || ptr->type[0] == '\0' || 32947c478bd9Sstevel@tonic-gate ptr->id == NULL || ptr->id[0] == '\0') { 32957c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 32967c478bd9Sstevel@tonic-gate *entry = NULL; 32977c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 32987c478bd9Sstevel@tonic-gate } 32997c478bd9Sstevel@tonic-gate 330050b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India /* 330150b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India * Escape special characters in ProfileID. 330250b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India */ 330350b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India if (escape_str(esc_str, ptr->id) != 0) { 330450b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India __ns_ldap_freeEntry(e); 330550b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India *entry = NULL; 330650b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India return (NS_LDAP_INVALID_PARAM); 330750b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India } 330850b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India 33097c478bd9Sstevel@tonic-gate /* Create an appropriate rdn */ 33107c478bd9Sstevel@tonic-gate (void) snprintf(trdn, RDNSIZE, "cn=%s+SolarisKernelSecurityPolicy=%s" 33117c478bd9Sstevel@tonic-gate "+SolarisProfileType=%s+SolarisProfileId=%s", 331250b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India ptr->name, ptr->policy, ptr->type, esc_str); 331350b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India 33147c478bd9Sstevel@tonic-gate *rdn = strdup(trdn); 33157c478bd9Sstevel@tonic-gate if (*rdn == NULL) { 33167c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 33177c478bd9Sstevel@tonic-gate *entry = NULL; 33187c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 33197c478bd9Sstevel@tonic-gate } 33207c478bd9Sstevel@tonic-gate 33217c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "cn", ptr->name); 33227c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 33237c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 33247c478bd9Sstevel@tonic-gate return (rc); 33257c478bd9Sstevel@tonic-gate } 33267c478bd9Sstevel@tonic-gate 33277c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "SolarisKernelSecurityPolicy", ptr->policy); 33287c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 33297c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 33307c478bd9Sstevel@tonic-gate return (rc); 33317c478bd9Sstevel@tonic-gate } 33327c478bd9Sstevel@tonic-gate 33337c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "SolarisProfileType", ptr->type); 33347c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 33357c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 33367c478bd9Sstevel@tonic-gate return (rc); 33377c478bd9Sstevel@tonic-gate } 33387c478bd9Sstevel@tonic-gate 33397c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "SolarisProfileId", ptr->id); 33407c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 33417c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 33427c478bd9Sstevel@tonic-gate return (rc); 33437c478bd9Sstevel@tonic-gate } 33447c478bd9Sstevel@tonic-gate 33457c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "SolarisAttrKeyValue", ptr->attr); 33467c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 33477c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 33487c478bd9Sstevel@tonic-gate return (rc); 33497c478bd9Sstevel@tonic-gate } 33507c478bd9Sstevel@tonic-gate 33517c478bd9Sstevel@tonic-gate if (ptr->res1 != NULL) { 33527c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "SolarisAttrRes1", ptr->res1); 33537c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 33547c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 33557c478bd9Sstevel@tonic-gate return (rc); 33567c478bd9Sstevel@tonic-gate } 33577c478bd9Sstevel@tonic-gate } 33587c478bd9Sstevel@tonic-gate 33597c478bd9Sstevel@tonic-gate if (ptr->res2 != NULL) { 33607c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "SolarisAttrRes2", ptr->res2); 33617c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 33627c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 33637c478bd9Sstevel@tonic-gate return (rc); 33647c478bd9Sstevel@tonic-gate } 33657c478bd9Sstevel@tonic-gate } 33667c478bd9Sstevel@tonic-gate 33677c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 33687c478bd9Sstevel@tonic-gate } 33697c478bd9Sstevel@tonic-gate /* 33707c478bd9Sstevel@tonic-gate * Conversion: prof_attr 33717c478bd9Sstevel@tonic-gate * Input format: profstr_t 33727c478bd9Sstevel@tonic-gate * Exported objectclass: SolarisProfAttr 33737c478bd9Sstevel@tonic-gate */ 33747c478bd9Sstevel@tonic-gate static int 33757c478bd9Sstevel@tonic-gate __s_cvt_profattr(const void *data, char **rdn, 337691b658d3SToomas Soome ns_ldap_entry_t **entry, ns_ldap_error_t **errorp) 33777c478bd9Sstevel@tonic-gate { 33787c478bd9Sstevel@tonic-gate ns_ldap_entry_t *e; 33797c478bd9Sstevel@tonic-gate int rc; 33807c478bd9Sstevel@tonic-gate char trdn[RDNSIZE]; 33817c478bd9Sstevel@tonic-gate /* routine specific */ 33827c478bd9Sstevel@tonic-gate profstr_t *ptr; 33837c478bd9Sstevel@tonic-gate int max_attr = 5; 33847c478bd9Sstevel@tonic-gate static char *oclist[] = { 33857c478bd9Sstevel@tonic-gate "SolarisProfAttr", 33867c478bd9Sstevel@tonic-gate "top", 33877c478bd9Sstevel@tonic-gate NULL 33887c478bd9Sstevel@tonic-gate }; 33897c478bd9Sstevel@tonic-gate 33907c478bd9Sstevel@tonic-gate if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL) 33917c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED); 33927c478bd9Sstevel@tonic-gate 33937c478bd9Sstevel@tonic-gate *entry = e = __s_mk_entry(oclist, max_attr); 33947c478bd9Sstevel@tonic-gate if (e == NULL) 33957c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 33967c478bd9Sstevel@tonic-gate 33977c478bd9Sstevel@tonic-gate /* Convert the structure */ 33987c478bd9Sstevel@tonic-gate ptr = (profstr_t *)data; 33997c478bd9Sstevel@tonic-gate 34007c478bd9Sstevel@tonic-gate if (ptr->name == NULL || ptr->name[0] == '\0' || ptr->attr == NULL) { 34017c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 34027c478bd9Sstevel@tonic-gate *entry = NULL; 34037c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 34047c478bd9Sstevel@tonic-gate } 34057c478bd9Sstevel@tonic-gate 34067c478bd9Sstevel@tonic-gate /* Create an appropriate rdn */ 34077c478bd9Sstevel@tonic-gate (void) snprintf(trdn, RDNSIZE, "cn=%s", ptr->name); 34087c478bd9Sstevel@tonic-gate *rdn = strdup(trdn); 34097c478bd9Sstevel@tonic-gate if (*rdn == NULL) { 34107c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 34117c478bd9Sstevel@tonic-gate *entry = NULL; 34127c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 34137c478bd9Sstevel@tonic-gate } 34147c478bd9Sstevel@tonic-gate 34157c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "cn", ptr->name); 34167c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 34177c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 34187c478bd9Sstevel@tonic-gate return (rc); 34197c478bd9Sstevel@tonic-gate } 34207c478bd9Sstevel@tonic-gate 34217c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "SolarisAttrKeyValue", ptr->attr); 34227c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 34237c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 34247c478bd9Sstevel@tonic-gate return (rc); 34257c478bd9Sstevel@tonic-gate } 34267c478bd9Sstevel@tonic-gate 34277c478bd9Sstevel@tonic-gate if (ptr->res1 != NULL) { 34287c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "SolarisAttrReserved1", ptr->res1); 34297c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 34307c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 34317c478bd9Sstevel@tonic-gate return (rc); 34327c478bd9Sstevel@tonic-gate } 34337c478bd9Sstevel@tonic-gate } 34347c478bd9Sstevel@tonic-gate 34357c478bd9Sstevel@tonic-gate if (ptr->res2 != NULL) { 34367c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "SolarisAttrReserved2", ptr->res2); 34377c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 34387c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 34397c478bd9Sstevel@tonic-gate return (rc); 34407c478bd9Sstevel@tonic-gate } 34417c478bd9Sstevel@tonic-gate } 34427c478bd9Sstevel@tonic-gate 34437c478bd9Sstevel@tonic-gate if (ptr->desc != NULL) { 34447c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "SolarisAttrLongDesc", ptr->desc); 34457c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 34467c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 34477c478bd9Sstevel@tonic-gate return (rc); 34487c478bd9Sstevel@tonic-gate } 34497c478bd9Sstevel@tonic-gate } 34507c478bd9Sstevel@tonic-gate 34517c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 34527c478bd9Sstevel@tonic-gate } 34537c478bd9Sstevel@tonic-gate /* 34547c478bd9Sstevel@tonic-gate * Conversion: user_attr 34557c478bd9Sstevel@tonic-gate * Input format: userstr_t 34567c478bd9Sstevel@tonic-gate * Exported objectclass: SolarisUserAttr 34577c478bd9Sstevel@tonic-gate */ 34587c478bd9Sstevel@tonic-gate static int 34597c478bd9Sstevel@tonic-gate __s_cvt_userattr(const void *data, char **rdn, 346091b658d3SToomas Soome ns_ldap_entry_t **entry, ns_ldap_error_t **errorp) 34617c478bd9Sstevel@tonic-gate { 34627c478bd9Sstevel@tonic-gate ns_ldap_entry_t *e; 34637c478bd9Sstevel@tonic-gate int rc; 34647c478bd9Sstevel@tonic-gate char trdn[RDNSIZE]; 34657c478bd9Sstevel@tonic-gate /* routine specific */ 34667c478bd9Sstevel@tonic-gate userstr_t *ptr; 34677c478bd9Sstevel@tonic-gate int max_attr = 5; 34687c478bd9Sstevel@tonic-gate static char *oclist[] = { 34697c478bd9Sstevel@tonic-gate "SolarisUserAttr", 34707c478bd9Sstevel@tonic-gate NULL 34717c478bd9Sstevel@tonic-gate }; 34727c478bd9Sstevel@tonic-gate 34737c478bd9Sstevel@tonic-gate if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL) 34747c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED); 34757c478bd9Sstevel@tonic-gate 34767c478bd9Sstevel@tonic-gate *entry = e = __s_mk_entry(oclist, max_attr); 34777c478bd9Sstevel@tonic-gate if (e == NULL) 34787c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 34797c478bd9Sstevel@tonic-gate 34807c478bd9Sstevel@tonic-gate /* Convert the structure */ 34817c478bd9Sstevel@tonic-gate ptr = (userstr_t *)data; 34827c478bd9Sstevel@tonic-gate 34837c478bd9Sstevel@tonic-gate if (ptr->name == NULL || ptr->name[0] == '\0' || 34847c478bd9Sstevel@tonic-gate ptr->attr == NULL) { 34857c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 34867c478bd9Sstevel@tonic-gate *entry = NULL; 34877c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 34887c478bd9Sstevel@tonic-gate } 34897c478bd9Sstevel@tonic-gate 34907c478bd9Sstevel@tonic-gate /* Create an appropriate rdn */ 34917c478bd9Sstevel@tonic-gate (void) snprintf(trdn, RDNSIZE, "uid=%s", ptr->name); 34927c478bd9Sstevel@tonic-gate *rdn = strdup(trdn); 34937c478bd9Sstevel@tonic-gate if (*rdn == NULL) { 34947c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 34957c478bd9Sstevel@tonic-gate *entry = NULL; 34967c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 34977c478bd9Sstevel@tonic-gate } 34987c478bd9Sstevel@tonic-gate 34997c478bd9Sstevel@tonic-gate /* 35007c478bd9Sstevel@tonic-gate * SolarisUserAttr has no uid attribute 35017c478bd9Sstevel@tonic-gate */ 35027c478bd9Sstevel@tonic-gate 35037c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "SolarisAttrKeyValue", ptr->attr); 35047c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 35057c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 35067c478bd9Sstevel@tonic-gate return (rc); 35077c478bd9Sstevel@tonic-gate } 35087c478bd9Sstevel@tonic-gate 35097c478bd9Sstevel@tonic-gate if (ptr->qualifier != NULL) { 35107c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "SolarisUserQualifier", ptr->qualifier); 35117c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 35127c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 35137c478bd9Sstevel@tonic-gate return (rc); 35147c478bd9Sstevel@tonic-gate } 35157c478bd9Sstevel@tonic-gate } 35167c478bd9Sstevel@tonic-gate 35177c478bd9Sstevel@tonic-gate if (ptr->res1 != NULL) { 35187c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "SolarisAttrReserved1", ptr->res1); 35197c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 35207c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 35217c478bd9Sstevel@tonic-gate return (rc); 35227c478bd9Sstevel@tonic-gate } 35237c478bd9Sstevel@tonic-gate } 35247c478bd9Sstevel@tonic-gate 35257c478bd9Sstevel@tonic-gate if (ptr->res2 != NULL) { 35267c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "SolarisAttrReserved2", ptr->res2); 35277c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 35287c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 35297c478bd9Sstevel@tonic-gate return (rc); 35307c478bd9Sstevel@tonic-gate } 35317c478bd9Sstevel@tonic-gate } 35327c478bd9Sstevel@tonic-gate 35337c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 35347c478bd9Sstevel@tonic-gate } 35357c478bd9Sstevel@tonic-gate /* 35367c478bd9Sstevel@tonic-gate * Conversion: audit_user 35377c478bd9Sstevel@tonic-gate * Input format: au_user_str_t 35387c478bd9Sstevel@tonic-gate * Exported objectclass: SolarisAuditUser 35397c478bd9Sstevel@tonic-gate */ 35407c478bd9Sstevel@tonic-gate static int 35417c478bd9Sstevel@tonic-gate __s_cvt_audituser(const void *data, char **rdn, 354291b658d3SToomas Soome ns_ldap_entry_t **entry, ns_ldap_error_t **errorp) 35437c478bd9Sstevel@tonic-gate { 35447c478bd9Sstevel@tonic-gate ns_ldap_entry_t *e; 35457c478bd9Sstevel@tonic-gate int rc; 35467c478bd9Sstevel@tonic-gate char trdn[RDNSIZE]; 35477c478bd9Sstevel@tonic-gate /* routine specific */ 35487c478bd9Sstevel@tonic-gate au_user_str_t *ptr; 35497c478bd9Sstevel@tonic-gate int max_attr = 3; 35507c478bd9Sstevel@tonic-gate static char *oclist[] = { 35517c478bd9Sstevel@tonic-gate "SolarisAuditUser", 35527c478bd9Sstevel@tonic-gate NULL 35537c478bd9Sstevel@tonic-gate }; 35547c478bd9Sstevel@tonic-gate 35557c478bd9Sstevel@tonic-gate if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL) 35567c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED); 35577c478bd9Sstevel@tonic-gate 35587c478bd9Sstevel@tonic-gate *entry = e = __s_mk_entry(oclist, max_attr); 35597c478bd9Sstevel@tonic-gate if (e == NULL) 35607c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 35617c478bd9Sstevel@tonic-gate 35627c478bd9Sstevel@tonic-gate /* Convert the structure */ 35637c478bd9Sstevel@tonic-gate ptr = (au_user_str_t *)data; 35647c478bd9Sstevel@tonic-gate 35657c478bd9Sstevel@tonic-gate if (ptr->au_name == NULL || ptr->au_name[0] == '\0') { 35667c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 35677c478bd9Sstevel@tonic-gate *entry = NULL; 35687c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 35697c478bd9Sstevel@tonic-gate } 35707c478bd9Sstevel@tonic-gate 35717c478bd9Sstevel@tonic-gate /* Create an appropriate rdn */ 35727c478bd9Sstevel@tonic-gate (void) snprintf(trdn, RDNSIZE, "uid=%s", ptr->au_name); 35737c478bd9Sstevel@tonic-gate *rdn = strdup(trdn); 35747c478bd9Sstevel@tonic-gate if (*rdn == NULL) { 35757c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(e); 35767c478bd9Sstevel@tonic-gate *entry = NULL; 35777c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 35787c478bd9Sstevel@tonic-gate } 35797c478bd9Sstevel@tonic-gate 35807c478bd9Sstevel@tonic-gate /* 35817c478bd9Sstevel@tonic-gate * Solaris AuditUser has no uid attribute 35827c478bd9Sstevel@tonic-gate */ 35837c478bd9Sstevel@tonic-gate 35847c478bd9Sstevel@tonic-gate if (ptr->au_always != NULL) { 35857c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "SolarisAuditAlways", ptr->au_always); 35867c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 35877c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 35887c478bd9Sstevel@tonic-gate return (rc); 35897c478bd9Sstevel@tonic-gate } 35907c478bd9Sstevel@tonic-gate } 35917c478bd9Sstevel@tonic-gate 35927c478bd9Sstevel@tonic-gate if (ptr->au_never != NULL) { 35937c478bd9Sstevel@tonic-gate rc = __s_add_attr(e, "SolarisAuditNever", ptr->au_never); 35947c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 35957c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(entry, rdn); 35967c478bd9Sstevel@tonic-gate return (rc); 35977c478bd9Sstevel@tonic-gate } 35987c478bd9Sstevel@tonic-gate } 35997c478bd9Sstevel@tonic-gate 36007c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 36017c478bd9Sstevel@tonic-gate } 360245916cd2Sjpk /* 360345916cd2Sjpk * Conversion: tnrhtp 360445916cd2Sjpk * Input format: tsol_tpstr_t 360545916cd2Sjpk * Exported objectclass: ipTnetTemplate 360645916cd2Sjpk */ 360745916cd2Sjpk static int 360845916cd2Sjpk __s_cvt_tnrhtp(const void *data, char **rdn, 360991b658d3SToomas Soome ns_ldap_entry_t **entry, ns_ldap_error_t **errorp) 361045916cd2Sjpk { 361145916cd2Sjpk ns_ldap_entry_t *e; 361245916cd2Sjpk int rc; 361345916cd2Sjpk char trdn[RDNSIZE]; 361450b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India char esc_str[RDNSIZE]; 361545916cd2Sjpk /* routine specific */ 361645916cd2Sjpk int max_attr = 2; 361745916cd2Sjpk tsol_tpstr_t *ptr; 361845916cd2Sjpk static char *oclist[] = { 361945916cd2Sjpk "ipTnetTemplate", 362045916cd2Sjpk "top", 362145916cd2Sjpk NULL 362245916cd2Sjpk }; 362345916cd2Sjpk 362445916cd2Sjpk if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL) 362545916cd2Sjpk return (NS_LDAP_OP_FAILED); 362645916cd2Sjpk 362745916cd2Sjpk *entry = e = __s_mk_entry(oclist, max_attr); 362845916cd2Sjpk if (e == NULL) 362945916cd2Sjpk return (NS_LDAP_MEMORY); 363045916cd2Sjpk 363145916cd2Sjpk /* Convert the structure */ 363245916cd2Sjpk ptr = (tsol_tpstr_t *)data; 363345916cd2Sjpk 363444aa1912Sth if (ptr->template == NULL || *ptr->template == '\0') { 363545916cd2Sjpk __ns_ldap_freeEntry(e); 363645916cd2Sjpk *entry = NULL; 363745916cd2Sjpk return (NS_LDAP_INVALID_PARAM); 363845916cd2Sjpk } 363945916cd2Sjpk 364050b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India /* 364150b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India * Escape special characters in Template name. 364250b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India */ 364350b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India if (escape_str(esc_str, ptr->template) != 0) { 364450b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India __ns_ldap_freeEntry(e); 364550b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India *entry = NULL; 364650b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India return (NS_LDAP_INVALID_PARAM); 364750b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India } 364850b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India 364945916cd2Sjpk /* Create an appropriate rdn */ 365050b7bd51SSreedhar Chalamalasetti - Sun Microsystems - Bangalore India (void) snprintf(trdn, RDNSIZE, "ipTnetTemplateName=%s", esc_str); 365145916cd2Sjpk *rdn = strdup(trdn); 365245916cd2Sjpk if (*rdn == NULL) { 365345916cd2Sjpk __ns_ldap_freeEntry(e); 365445916cd2Sjpk *entry = NULL; 365545916cd2Sjpk return (NS_LDAP_MEMORY); 365645916cd2Sjpk } 365745916cd2Sjpk 365845916cd2Sjpk rc = __s_add_attr(e, "ipTnetTemplateName", ptr->template); 365945916cd2Sjpk if (rc != NS_LDAP_SUCCESS) { 366045916cd2Sjpk __s_cvt_freeEntryRdn(entry, rdn); 366145916cd2Sjpk return (rc); 366245916cd2Sjpk } 366345916cd2Sjpk 366445916cd2Sjpk rc = __s_add_attr(e, "SolarisAttrKeyValue", ptr->attrs); 366545916cd2Sjpk if (rc != NS_LDAP_SUCCESS) { 366645916cd2Sjpk __s_cvt_freeEntryRdn(entry, rdn); 366745916cd2Sjpk return (rc); 366845916cd2Sjpk } 36697c478bd9Sstevel@tonic-gate 367045916cd2Sjpk return (NS_LDAP_SUCCESS); 367145916cd2Sjpk } 367245916cd2Sjpk /* 367345916cd2Sjpk * Conversion: tnrhdb 367445916cd2Sjpk * Input format: tsol_rhstr_t 367545916cd2Sjpk * Exported objectclass: ipTnetHost 367645916cd2Sjpk */ 367745916cd2Sjpk static int 367845916cd2Sjpk __s_cvt_tnrhdb(const void *data, char **rdn, 367991b658d3SToomas Soome ns_ldap_entry_t **entry, ns_ldap_error_t **errorp) 368045916cd2Sjpk { 368145916cd2Sjpk ns_ldap_entry_t *e; 368245916cd2Sjpk int rc; 368345916cd2Sjpk char trdn[RDNSIZE]; 368445916cd2Sjpk /* routine specific */ 368545916cd2Sjpk tsol_rhstr_t *ptr; 368645916cd2Sjpk int max_attr = 2; 368745916cd2Sjpk static char *oclist[] = { 368845916cd2Sjpk "ipTnetHost", 368945916cd2Sjpk "ipTnetTemplate", 369045916cd2Sjpk "top", 369145916cd2Sjpk NULL 369245916cd2Sjpk }; 369345916cd2Sjpk 369445916cd2Sjpk if (data == NULL || rdn == NULL || entry == NULL || errorp == NULL) 369545916cd2Sjpk return (NS_LDAP_OP_FAILED); 369645916cd2Sjpk 369745916cd2Sjpk *entry = e = __s_mk_entry(oclist, max_attr); 369845916cd2Sjpk if (e == NULL) 369945916cd2Sjpk return (NS_LDAP_MEMORY); 370045916cd2Sjpk 370145916cd2Sjpk /* Convert the structure */ 370245916cd2Sjpk ptr = (tsol_rhstr_t *)data; 370345916cd2Sjpk 370444aa1912Sth if (ptr->address == NULL || *ptr->address == '\0' || 370544aa1912Sth ptr->template == NULL || *ptr->template == '\0') { 370645916cd2Sjpk __ns_ldap_freeEntry(e); 370745916cd2Sjpk *entry = NULL; 370845916cd2Sjpk return (NS_LDAP_INVALID_PARAM); 370945916cd2Sjpk } 371045916cd2Sjpk 371145916cd2Sjpk /* Create an appropriate rdn */ 371245916cd2Sjpk (void) snprintf(trdn, RDNSIZE, "ipTnetNumber=%s", ptr->address); 371345916cd2Sjpk *rdn = strdup(trdn); 371445916cd2Sjpk if (*rdn == NULL) { 371545916cd2Sjpk __ns_ldap_freeEntry(e); 371645916cd2Sjpk *entry = NULL; 371745916cd2Sjpk return (NS_LDAP_MEMORY); 371845916cd2Sjpk } 371945916cd2Sjpk 372045916cd2Sjpk rc = __s_add_attr(e, "ipTnetNumber", ptr->address); 372145916cd2Sjpk if (rc != NS_LDAP_SUCCESS) { 372245916cd2Sjpk __s_cvt_freeEntryRdn(entry, rdn); 372345916cd2Sjpk return (rc); 372445916cd2Sjpk } 372545916cd2Sjpk 372645916cd2Sjpk rc = __s_add_attr(e, "ipTnetTemplateName", ptr->template); 372745916cd2Sjpk if (rc != NS_LDAP_SUCCESS) { 372845916cd2Sjpk __s_cvt_freeEntryRdn(entry, rdn); 372945916cd2Sjpk return (rc); 373045916cd2Sjpk } 373145916cd2Sjpk 373245916cd2Sjpk return (NS_LDAP_SUCCESS); 373345916cd2Sjpk } 37347c478bd9Sstevel@tonic-gate /* 37357c478bd9Sstevel@tonic-gate * Add Typed Entry Conversion data structures 37367c478bd9Sstevel@tonic-gate */ 37377c478bd9Sstevel@tonic-gate 37387c478bd9Sstevel@tonic-gate typedef struct __ns_cvt_type { 37397c478bd9Sstevel@tonic-gate const char *service; 37407c478bd9Sstevel@tonic-gate int flags; 37417c478bd9Sstevel@tonic-gate #define AE 1 /* alway add entries */ 37427c478bd9Sstevel@tonic-gate int (*cvt_rtn)(const void *data, 37437c478bd9Sstevel@tonic-gate char **rdn, 37447c478bd9Sstevel@tonic-gate ns_ldap_entry_t **entry, 37457c478bd9Sstevel@tonic-gate ns_ldap_error_t **errorp); 37467c478bd9Sstevel@tonic-gate } __ns_cvt_type_t; 37477c478bd9Sstevel@tonic-gate 37487c478bd9Sstevel@tonic-gate static __ns_cvt_type_t __s_cvtlist[] = { 37497c478bd9Sstevel@tonic-gate { NS_LDAP_TYPE_PASSWD, 0, __s_cvt_passwd }, 37507c478bd9Sstevel@tonic-gate { NS_LDAP_TYPE_GROUP, 0, __s_cvt_group }, 37517c478bd9Sstevel@tonic-gate { NS_LDAP_TYPE_HOSTS, 0, __s_cvt_hosts }, 37527c478bd9Sstevel@tonic-gate { NS_LDAP_TYPE_IPNODES, 0, __s_cvt_hosts }, 37537c478bd9Sstevel@tonic-gate { NS_LDAP_TYPE_RPC, 0, __s_cvt_rpc }, 37547c478bd9Sstevel@tonic-gate { NS_LDAP_TYPE_PROTOCOLS, 0, __s_cvt_protocols }, 37557c478bd9Sstevel@tonic-gate { NS_LDAP_TYPE_NETWORKS, 0, __s_cvt_networks }, 37567c478bd9Sstevel@tonic-gate { NS_LDAP_TYPE_NETGROUP, 0, __s_cvt_netgroups }, 37577c478bd9Sstevel@tonic-gate { NS_LDAP_TYPE_ALIASES, 0, __s_cvt_aliases }, 37587c478bd9Sstevel@tonic-gate { NS_LDAP_TYPE_SERVICES, 0, __s_cvt_services }, 37597c478bd9Sstevel@tonic-gate { NS_LDAP_TYPE_ETHERS, 0, __s_cvt_ethers }, 37607c478bd9Sstevel@tonic-gate { NS_LDAP_TYPE_SHADOW, 0, __s_cvt_shadow }, 37617c478bd9Sstevel@tonic-gate { NS_LDAP_TYPE_NETMASKS, 0, __s_cvt_netmasks }, 37627c478bd9Sstevel@tonic-gate { NS_LDAP_TYPE_BOOTPARAMS, 0, __s_cvt_bootparams }, 37637c478bd9Sstevel@tonic-gate { NS_LDAP_TYPE_AUTHATTR, 0, __s_cvt_authattr }, 37647c478bd9Sstevel@tonic-gate { NS_LDAP_TYPE_EXECATTR, 0, __s_cvt_execattr }, 37657c478bd9Sstevel@tonic-gate { NS_LDAP_TYPE_PROFILE, 0, __s_cvt_profattr }, 37667c478bd9Sstevel@tonic-gate { NS_LDAP_TYPE_USERATTR, AE, __s_cvt_userattr }, 37677c478bd9Sstevel@tonic-gate { NS_LDAP_TYPE_AUTOMOUNT, 0, __s_cvt_auto_mount }, 37687c478bd9Sstevel@tonic-gate { NS_LDAP_TYPE_PUBLICKEY, AE, __s_cvt_publickey }, 37697c478bd9Sstevel@tonic-gate { NS_LDAP_TYPE_AUUSER, AE, __s_cvt_audituser }, 377045916cd2Sjpk { NS_LDAP_TYPE_TNRHTP, 0, __s_cvt_tnrhtp }, 377145916cd2Sjpk { NS_LDAP_TYPE_TNRHDB, 0, __s_cvt_tnrhdb }, 3772e1dd0a2fSth { NS_LDAP_TYPE_PROJECT, 0, __s_cvt_project }, 37737c478bd9Sstevel@tonic-gate { NULL, 0, NULL }, 37747c478bd9Sstevel@tonic-gate }; 37757c478bd9Sstevel@tonic-gate 37767c478bd9Sstevel@tonic-gate /* 37777c478bd9Sstevel@tonic-gate * Add Typed Entry Routine 37787c478bd9Sstevel@tonic-gate */ 37797c478bd9Sstevel@tonic-gate 37807c478bd9Sstevel@tonic-gate /*ARGSUSED*/ 37817c478bd9Sstevel@tonic-gate int __ns_ldap_addTypedEntry( 37827c478bd9Sstevel@tonic-gate const char *servicetype, 37837c478bd9Sstevel@tonic-gate const char *basedn, 37847c478bd9Sstevel@tonic-gate const void *data, 37857c478bd9Sstevel@tonic-gate const int create, 37867c478bd9Sstevel@tonic-gate const ns_cred_t *cred, 37877c478bd9Sstevel@tonic-gate const int flags, 37887c478bd9Sstevel@tonic-gate ns_ldap_error_t **errorp) 37897c478bd9Sstevel@tonic-gate { 37907c478bd9Sstevel@tonic-gate char *rdn = NULL, *fulldn = NULL; 37917c478bd9Sstevel@tonic-gate void **paramVal = NULL; 379291b658d3SToomas Soome ns_ldap_entry_t *entry = NULL; 37937c478bd9Sstevel@tonic-gate const ns_ldap_attr_t *const *modattrlist; 37947c478bd9Sstevel@tonic-gate ns_ldap_search_desc_t **sdlist; 37957c478bd9Sstevel@tonic-gate char **dns = NULL; 37967c478bd9Sstevel@tonic-gate char trdn[RDNSIZE]; 37977c478bd9Sstevel@tonic-gate char service[BUFSIZE]; 37987c478bd9Sstevel@tonic-gate int rc = 0; 37997c478bd9Sstevel@tonic-gate int automount = 0; 38007c478bd9Sstevel@tonic-gate int i, s; 38017c478bd9Sstevel@tonic-gate 38027c478bd9Sstevel@tonic-gate rc = NS_LDAP_OP_FAILED; 38037c478bd9Sstevel@tonic-gate for (s = 0; __s_cvtlist[s].service != NULL; s++) { 38047c478bd9Sstevel@tonic-gate if (__s_cvtlist[s].cvt_rtn == NULL) 38057c478bd9Sstevel@tonic-gate continue; 38067c478bd9Sstevel@tonic-gate if (strcasecmp(__s_cvtlist[s].service, servicetype) == 0) 38077c478bd9Sstevel@tonic-gate break; 38087c478bd9Sstevel@tonic-gate /* Or, check if the servicetype is auto_ */ 38097c478bd9Sstevel@tonic-gate if (strcmp(__s_cvtlist[s].service, 38107c478bd9Sstevel@tonic-gate NS_LDAP_TYPE_AUTOMOUNT) == 0 && 38117c478bd9Sstevel@tonic-gate strncasecmp(servicetype, NS_LDAP_TYPE_AUTOMOUNT, 38127c478bd9Sstevel@tonic-gate sizeof (NS_LDAP_TYPE_AUTOMOUNT) - 1) == 0) { 38137c478bd9Sstevel@tonic-gate automount++; 38147c478bd9Sstevel@tonic-gate break; 38157c478bd9Sstevel@tonic-gate } 38167c478bd9Sstevel@tonic-gate } 38177c478bd9Sstevel@tonic-gate if (__s_cvtlist[s].service == NULL) 38187c478bd9Sstevel@tonic-gate return (rc); 38197c478bd9Sstevel@tonic-gate 38207c478bd9Sstevel@tonic-gate /* Convert the data */ 38217c478bd9Sstevel@tonic-gate rc = (*__s_cvtlist[s].cvt_rtn)(data, &rdn, &entry, errorp); 38227c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 38237c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(&entry, &rdn); 38247c478bd9Sstevel@tonic-gate return (rc); 38257c478bd9Sstevel@tonic-gate } 38267c478bd9Sstevel@tonic-gate if (rdn == NULL) { 38277c478bd9Sstevel@tonic-gate __ns_ldap_freeEntry(entry); 38287c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED); 38297c478bd9Sstevel@tonic-gate } 38307c478bd9Sstevel@tonic-gate 38317c478bd9Sstevel@tonic-gate if (strcmp(servicetype, "publickey") == 0) { 38327c478bd9Sstevel@tonic-gate struct _ns_pubkey *ptr; 38337c478bd9Sstevel@tonic-gate ptr = (struct _ns_pubkey *)data; 38347c478bd9Sstevel@tonic-gate if (ptr->hostcred == NS_HOSTCRED_TRUE) 38357c478bd9Sstevel@tonic-gate (void) strcpy(service, "hosts"); 38367c478bd9Sstevel@tonic-gate else 38377c478bd9Sstevel@tonic-gate (void) strcpy(service, "passwd"); 38387c478bd9Sstevel@tonic-gate } else 38397c478bd9Sstevel@tonic-gate (void) strcpy(service, servicetype); 38407c478bd9Sstevel@tonic-gate 38417c478bd9Sstevel@tonic-gate /* Create the Full DN */ 38427c478bd9Sstevel@tonic-gate if (basedn == NULL) { 38437c478bd9Sstevel@tonic-gate rc = __s_api_get_SSD_from_SSDtoUse_service(service, 38447c478bd9Sstevel@tonic-gate &sdlist, errorp); 38457c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 38467c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(&entry, &rdn); 38477c478bd9Sstevel@tonic-gate return (rc); 38487c478bd9Sstevel@tonic-gate } 38497c478bd9Sstevel@tonic-gate 38507c478bd9Sstevel@tonic-gate if (sdlist == NULL) { 38517c478bd9Sstevel@tonic-gate rc = __s_api_getDNs(&dns, service, errorp); 38527c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 38537c478bd9Sstevel@tonic-gate if (dns) { 38547c478bd9Sstevel@tonic-gate __s_api_free2dArray(dns); 38557c478bd9Sstevel@tonic-gate dns = NULL; 38567c478bd9Sstevel@tonic-gate } 38577c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(&entry, &rdn); 38587c478bd9Sstevel@tonic-gate return (rc); 38597c478bd9Sstevel@tonic-gate } 38607c478bd9Sstevel@tonic-gate (void) snprintf(trdn, RDNSIZE, "%s,%s", rdn, dns[0]); 38617c478bd9Sstevel@tonic-gate __s_api_free2dArray(dns); 38627c478bd9Sstevel@tonic-gate } else { 38637c478bd9Sstevel@tonic-gate if (sdlist[0]->basedn) { 38647c478bd9Sstevel@tonic-gate (void) snprintf(trdn, RDNSIZE, "%s,%s", 38657c478bd9Sstevel@tonic-gate rdn, sdlist[0]->basedn); 38667c478bd9Sstevel@tonic-gate } else { 38677c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(&entry, &rdn); 38687c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED); 38697c478bd9Sstevel@tonic-gate } 38707c478bd9Sstevel@tonic-gate } 38717c478bd9Sstevel@tonic-gate i = strlen(trdn) - 1; 38727c478bd9Sstevel@tonic-gate if (trdn[i] == COMMATOK) { 38737c478bd9Sstevel@tonic-gate rc = __ns_ldap_getParam(NS_LDAP_SEARCH_BASEDN_P, 38747c478bd9Sstevel@tonic-gate ¶mVal, errorp); 38757c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 38767c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(&entry, &rdn); 38777c478bd9Sstevel@tonic-gate return (rc); 38787c478bd9Sstevel@tonic-gate } 38797c478bd9Sstevel@tonic-gate i = strlen(trdn) + strlen((char *)(paramVal[0])) + 1; 38807c478bd9Sstevel@tonic-gate fulldn = (char *)calloc(i, 1); 38817c478bd9Sstevel@tonic-gate if (fulldn == NULL) { 38827c478bd9Sstevel@tonic-gate (void) __ns_ldap_freeParam(¶mVal); 38837c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(&entry, &rdn); 38847c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 38857c478bd9Sstevel@tonic-gate } 38867c478bd9Sstevel@tonic-gate (void) snprintf(fulldn, i, "%s%s", trdn, 38877c478bd9Sstevel@tonic-gate (char *)(paramVal[0])); 38887c478bd9Sstevel@tonic-gate (void) __ns_ldap_freeParam(¶mVal); 38897c478bd9Sstevel@tonic-gate } else { 38907c478bd9Sstevel@tonic-gate fulldn = strdup(trdn); 38917c478bd9Sstevel@tonic-gate if (fulldn == NULL) { 38927c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(&entry, &rdn); 38937c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 38947c478bd9Sstevel@tonic-gate } 38957c478bd9Sstevel@tonic-gate } 38967c478bd9Sstevel@tonic-gate } else { 38977c478bd9Sstevel@tonic-gate i = strlen(rdn) + strlen(basedn) + 2; 38987c478bd9Sstevel@tonic-gate fulldn = (char *)calloc(i, 1); 38997c478bd9Sstevel@tonic-gate if (fulldn == NULL) { 39007c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(&entry, &rdn); 39017c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 39027c478bd9Sstevel@tonic-gate } 39037c478bd9Sstevel@tonic-gate (void) snprintf(fulldn, i, "%s,%s", rdn, basedn); 39047c478bd9Sstevel@tonic-gate } 39057c478bd9Sstevel@tonic-gate 39067c478bd9Sstevel@tonic-gate modattrlist = (const ns_ldap_attr_t * const *)entry->attr_pair; 39077c478bd9Sstevel@tonic-gate /* Check to see if the entry exists already */ 39087c478bd9Sstevel@tonic-gate /* May need to delete or update first */ 39097c478bd9Sstevel@tonic-gate 39107c478bd9Sstevel@tonic-gate if (create != 1) { 39117c478bd9Sstevel@tonic-gate /* Modify the entry */ 391212fbe00aSjs /* 391312fbe00aSjs * To add a shadow-like entry, the addTypedEntry function 391412fbe00aSjs * would call __ns_ldap_repAttr first, and if server says 391512fbe00aSjs * LDAP_NO_SUCH_OBJECT, then it tries __ns_ldap_addEntry. 391612fbe00aSjs * This is to allow a netmask entry to be added even if the 391712fbe00aSjs * base network entry is not in the directory. It would work 391812fbe00aSjs * because the difference between the schema for the network 391912fbe00aSjs * and netmask data contains only MAY attributes. 392012fbe00aSjs * 392112fbe00aSjs * But for shadow data, the attributes do not have MUST 392212fbe00aSjs * attributes the base entry needs, so if the __ns_ldap_addEntry 392312fbe00aSjs * is executed, it would fail. The real reason, however, is that 392412fbe00aSjs * the base entry did not exist. So returning 392512fbe00aSjs * LDAP_OBJECT_CLASS_VIOLATION would just confused. 392612fbe00aSjs */ 39277c478bd9Sstevel@tonic-gate if ((__s_cvtlist[s].flags & AE) != 0) 39287c478bd9Sstevel@tonic-gate rc = __ns_ldap_addAttr(service, fulldn, modattrlist, 39297c478bd9Sstevel@tonic-gate cred, flags, errorp); 39307c478bd9Sstevel@tonic-gate else { 39317c478bd9Sstevel@tonic-gate rc = __ns_ldap_repAttr(service, fulldn, modattrlist, 3932e1dd0a2fSth cred, flags, errorp); 39337c478bd9Sstevel@tonic-gate if (rc == NS_LDAP_INTERNAL && *errorp && 39347c478bd9Sstevel@tonic-gate (*errorp)->status == LDAP_NO_SUCH_OBJECT) { 39357c478bd9Sstevel@tonic-gate (void) __ns_ldap_freeError(errorp); 39367c478bd9Sstevel@tonic-gate rc = __ns_ldap_addEntry(service, fulldn, 39377c478bd9Sstevel@tonic-gate entry, cred, flags, errorp); 393812fbe00aSjs if (rc == NS_LDAP_INTERNAL && *errorp && 3939e1dd0a2fSth (*errorp)->status == 3940e1dd0a2fSth LDAP_OBJECT_CLASS_VIOLATION) 394112fbe00aSjs (*errorp)->status = LDAP_NO_SUCH_OBJECT; 39427c478bd9Sstevel@tonic-gate } 39437c478bd9Sstevel@tonic-gate } 39447c478bd9Sstevel@tonic-gate } else { 39457c478bd9Sstevel@tonic-gate /* Add the entry */ 39467c478bd9Sstevel@tonic-gate rc = __ns_ldap_addEntry(service, fulldn, entry, 39477c478bd9Sstevel@tonic-gate cred, flags, errorp); 39487c478bd9Sstevel@tonic-gate if (rc == NS_LDAP_INTERNAL && *errorp && 39497c478bd9Sstevel@tonic-gate (*errorp)->status == LDAP_ALREADY_EXISTS && 39507c478bd9Sstevel@tonic-gate ((strcmp(service, "ethers") == 0) || 39517c478bd9Sstevel@tonic-gate (strcmp(service, "bootparams") == 0))) { 39527c478bd9Sstevel@tonic-gate rc = modify_ethers_bootp(service, rdn, fulldn, 39537c478bd9Sstevel@tonic-gate modattrlist, cred, flags, errorp); 39547c478bd9Sstevel@tonic-gate } 39557c478bd9Sstevel@tonic-gate } 39567c478bd9Sstevel@tonic-gate 39577c478bd9Sstevel@tonic-gate /* Free up entry created by conversion routine */ 39587c478bd9Sstevel@tonic-gate if (fulldn != NULL) 39597c478bd9Sstevel@tonic-gate free(fulldn); 39607c478bd9Sstevel@tonic-gate __s_cvt_freeEntryRdn(&entry, &rdn); 39617c478bd9Sstevel@tonic-gate return (rc); 39627c478bd9Sstevel@tonic-gate } 39637c478bd9Sstevel@tonic-gate 39647c478bd9Sstevel@tonic-gate 39657c478bd9Sstevel@tonic-gate /* 39667c478bd9Sstevel@tonic-gate * Append the default base dn to the dn 39677c478bd9Sstevel@tonic-gate * when it ends with ','. 39687c478bd9Sstevel@tonic-gate * e.g. 39697c478bd9Sstevel@tonic-gate * SSD = service:ou=foo, 39707c478bd9Sstevel@tonic-gate */ 39717c478bd9Sstevel@tonic-gate int 397291b658d3SToomas Soome __s_api_append_default_basedn(const char *dn, char **new_dn, int *allocated, 397391b658d3SToomas Soome ns_ldap_error_t **errp) 397491b658d3SToomas Soome { 39757c478bd9Sstevel@tonic-gate 39767c478bd9Sstevel@tonic-gate int rc = NS_LDAP_SUCCESS, len = 0; 39777c478bd9Sstevel@tonic-gate void **param = NULL; 39787c478bd9Sstevel@tonic-gate char *str = NULL; 39797c478bd9Sstevel@tonic-gate 39807c478bd9Sstevel@tonic-gate *allocated = FALSE; 39817c478bd9Sstevel@tonic-gate *new_dn = NULL; 39827c478bd9Sstevel@tonic-gate 39837c478bd9Sstevel@tonic-gate if (dn == NULL) 39847c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 39857c478bd9Sstevel@tonic-gate 39867c478bd9Sstevel@tonic-gate rc = __ns_ldap_getParam(NS_LDAP_SEARCH_BASEDN_P, 398791b658d3SToomas Soome (void ***)¶m, errp); 39887c478bd9Sstevel@tonic-gate 39897c478bd9Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS) { 39907c478bd9Sstevel@tonic-gate if (param) 39917c478bd9Sstevel@tonic-gate (void) __ns_ldap_freeParam(¶m); 39927c478bd9Sstevel@tonic-gate return (rc); 39937c478bd9Sstevel@tonic-gate } 39947c478bd9Sstevel@tonic-gate 39957c478bd9Sstevel@tonic-gate len = strlen(dn); 39967c478bd9Sstevel@tonic-gate str = ((char **)param)[0]; 39977c478bd9Sstevel@tonic-gate len = len + strlen(str) +1; 39987c478bd9Sstevel@tonic-gate *new_dn = (char *)malloc(len); 39997c478bd9Sstevel@tonic-gate if (*new_dn == NULL) { 40007c478bd9Sstevel@tonic-gate (void) __ns_ldap_freeParam(¶m); 40017c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 40027c478bd9Sstevel@tonic-gate } 40037c478bd9Sstevel@tonic-gate *allocated = TRUE; 40047c478bd9Sstevel@tonic-gate 40057c478bd9Sstevel@tonic-gate (void) strcpy(*new_dn, dn); 40067c478bd9Sstevel@tonic-gate (void) strcat(*new_dn, str); 40077c478bd9Sstevel@tonic-gate 40087c478bd9Sstevel@tonic-gate (void) __ns_ldap_freeParam(¶m); 40097c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 40107c478bd9Sstevel@tonic-gate } 4011dd1104fbSMichen Chang 4012dd1104fbSMichen Chang /* 4013dd1104fbSMichen Chang * Flatten the input ns_ldap_attr_t list, 'attr', and convert it into an 4014dd1104fbSMichen Chang * ldap_strlist_t structure in buffer 'buf', to be used by ldap_cachemgr. 4015dd1104fbSMichen Chang * The output contains a count, a list of offsets, which show where the 4016dd1104fbSMichen Chang * corresponding copied attribute type and attribute value are located. 4017dd1104fbSMichen Chang * For example, for dn=aaaa, userpassword=bbbb, shadowlastchange=cccc, 4018dd1104fbSMichen Chang * the output is the ldap_strlist_t structure with: ldap_count = 6, 4019dd1104fbSMichen Chang * (buf + ldap_offsets[0]) -> "dn" 4020dd1104fbSMichen Chang * (buf + ldap_offsets[1]) -> "aaaa" 4021dd1104fbSMichen Chang * (buf + ldap_offsets[2]) -> "userPassword" 4022dd1104fbSMichen Chang * (buf + ldap_offsets[3]) -> "bbbb" 4023dd1104fbSMichen Chang * (buf + ldap_offsets[4]) -> "shadowlastchange" 4024dd1104fbSMichen Chang * (buf + ldap_offsets[5]) -> "cccc" 4025dd1104fbSMichen Chang * and all the string data shown above copied into the buffer after 4026dd1104fbSMichen Chang * the offset array. The total length of the data will be the return 4027dd1104fbSMichen Chang * value, or -1 if error. 4028dd1104fbSMichen Chang */ 4029dd1104fbSMichen Chang static int 4030dd1104fbSMichen Chang attr2list(const char *dn, ns_ldap_attr_t **attr, 4031dd1104fbSMichen Chang char *buf, int bufsize) 4032dd1104fbSMichen Chang { 4033dd1104fbSMichen Chang int c = 0; 4034dd1104fbSMichen Chang char *ap; 4035dd1104fbSMichen Chang int ao; 4036dd1104fbSMichen Chang ldap_strlist_t *al = (ldap_strlist_t *)buf; 4037dd1104fbSMichen Chang ns_ldap_attr_t *a = (ns_ldap_attr_t *)*attr; 4038dd1104fbSMichen Chang ns_ldap_attr_t **aptr = (ns_ldap_attr_t **)attr; 4039dd1104fbSMichen Chang 4040dd1104fbSMichen Chang /* bufsize > strlen(dn) + strlen("dn") + 1 ('\0') */ 4041dd1104fbSMichen Chang if ((strlen(dn) + 2 + 1) >= bufsize) 4042dd1104fbSMichen Chang return (-1); 4043dd1104fbSMichen Chang 4044dd1104fbSMichen Chang /* count number of attributes */ 4045dd1104fbSMichen Chang while (*aptr++) 4046dd1104fbSMichen Chang c++; 4047dd1104fbSMichen Chang al->ldap_count = 2 + c * 2; 4048dd1104fbSMichen Chang ao = sizeof (al->ldap_count) + sizeof (al->ldap_offsets[0]) * 4049dd1104fbSMichen Chang al->ldap_count; 4050dd1104fbSMichen Chang if (ao > bufsize) 4051dd1104fbSMichen Chang return (-1); 4052dd1104fbSMichen Chang al->ldap_offsets[0] = ao; 4053dd1104fbSMichen Chang ap = buf + ao; 4054dd1104fbSMichen Chang ao += 3; 4055dd1104fbSMichen Chang 4056dd1104fbSMichen Chang /* copy entry DN */ 4057dd1104fbSMichen Chang if (ao > bufsize) 4058dd1104fbSMichen Chang return (-1); 4059dd1104fbSMichen Chang (void) strlcpy(ap, "dn", bufsize); 4060dd1104fbSMichen Chang ap += 3; 4061dd1104fbSMichen Chang 4062dd1104fbSMichen Chang al->ldap_offsets[1] = ao; 4063dd1104fbSMichen Chang ao += strlen(dn) + 1; 4064dd1104fbSMichen Chang if (ao > bufsize) 4065dd1104fbSMichen Chang return (-1); 4066dd1104fbSMichen Chang (void) strlcpy(ap, dn, bufsize); 4067dd1104fbSMichen Chang ap = buf + ao; 4068dd1104fbSMichen Chang 4069dd1104fbSMichen Chang aptr = attr; 4070dd1104fbSMichen Chang for (c = 2; c < al->ldap_count; c++, aptr++) { 4071dd1104fbSMichen Chang a = *aptr; 4072dd1104fbSMichen Chang if (a->attrname == NULL || a->attrvalue == NULL || 4073dd1104fbSMichen Chang a->value_count != 1 || a->attrvalue[0] == NULL) 4074dd1104fbSMichen Chang return (-1); 4075dd1104fbSMichen Chang al->ldap_offsets[c] = ao; 4076dd1104fbSMichen Chang ao += strlen(a->attrname) + 1; 4077dd1104fbSMichen Chang if (ao > bufsize) 4078dd1104fbSMichen Chang return (-1); 4079dd1104fbSMichen Chang (void) strlcpy(ap, a->attrname, bufsize); 4080dd1104fbSMichen Chang ap = buf + ao; 4081dd1104fbSMichen Chang 4082dd1104fbSMichen Chang c++; 4083dd1104fbSMichen Chang al->ldap_offsets[c] = ao; 4084dd1104fbSMichen Chang ao += strlen(a->attrvalue[0]) + 1; 4085dd1104fbSMichen Chang (void) strlcpy(ap, a->attrvalue[0], bufsize); 4086dd1104fbSMichen Chang ap = buf + ao; 4087dd1104fbSMichen Chang }; 4088dd1104fbSMichen Chang 4089dd1104fbSMichen Chang return (ao); 4090dd1104fbSMichen Chang } 4091dd1104fbSMichen Chang 4092dd1104fbSMichen Chang /* 4093dd1104fbSMichen Chang * Send a modify request to the ldap_cachemgr daemon 4094dd1104fbSMichen Chang * which will use the admin credential to perform the 4095dd1104fbSMichen Chang * operation. 4096dd1104fbSMichen Chang */ 4097dd1104fbSMichen Chang 4098dd1104fbSMichen Chang static int 4099dd1104fbSMichen Chang send_to_cachemgr( 4100dd1104fbSMichen Chang const char *dn, 4101dd1104fbSMichen Chang ns_ldap_attr_t **attr, 4102dd1104fbSMichen Chang ns_ldap_error_t **errorp) 4103dd1104fbSMichen Chang { 4104dd1104fbSMichen Chang union { 4105dd1104fbSMichen Chang ldap_data_t s_d; 4106dd1104fbSMichen Chang char s_b[DOORBUFFERSIZE]; 4107dd1104fbSMichen Chang } space; 4108dd1104fbSMichen Chang 4109dd1104fbSMichen Chang ldap_data_t *sptr; 4110dd1104fbSMichen Chang int ndata; 4111dd1104fbSMichen Chang int adata; 4112dd1104fbSMichen Chang int len; 4113dd1104fbSMichen Chang int rc; 4114dd1104fbSMichen Chang char errstr[MAXERROR]; 4115dd1104fbSMichen Chang ldap_admin_mod_result_t *admin_result; 4116dd1104fbSMichen Chang 4117dd1104fbSMichen Chang *errorp = NULL; 4118dd1104fbSMichen Chang (void) memset(space.s_b, 0, DOORBUFFERSIZE); 4119dd1104fbSMichen Chang len = attr2list(dn, attr, (char *)&space.s_d.ldap_call.ldap_u.strlist, 4120dd1104fbSMichen Chang sizeof (space) - offsetof(ldap_return_t, ldap_u)); 4121dd1104fbSMichen Chang if (len <= 0) 4122dd1104fbSMichen Chang return (NS_LDAP_INVALID_PARAM); 4123dd1104fbSMichen Chang 4124dd1104fbSMichen Chang adata = sizeof (ldap_call_t) + len; 4125dd1104fbSMichen Chang ndata = sizeof (space); 4126dd1104fbSMichen Chang space.s_d.ldap_call.ldap_callnumber = ADMINMODIFY; 4127dd1104fbSMichen Chang sptr = &space.s_d; 4128dd1104fbSMichen Chang 4129dd1104fbSMichen Chang switch (__ns_ldap_trydoorcall(&sptr, &ndata, &adata)) { 4130dd1104fbSMichen Chang case NS_CACHE_SUCCESS: 4131dd1104fbSMichen Chang break; 4132dd1104fbSMichen Chang case NS_CACHE_NOTFOUND: 4133dd1104fbSMichen Chang (void) snprintf(errstr, sizeof (errstr), 4134dd1104fbSMichen Chang gettext("Door call ADMINMODIFY to " 4135dd1104fbSMichen Chang "ldap_cachemgr failed - error: %d"), 4136dd1104fbSMichen Chang space.s_d.ldap_ret.ldap_errno); 4137dd1104fbSMichen Chang MKERROR(LOG_WARNING, *errorp, NS_CONFIG_CACHEMGR, 4138*51b02b29SToomas Soome strdup(errstr), NS_LDAP_MEMORY); 4139dd1104fbSMichen Chang return (NS_LDAP_OP_FAILED); 4140dd1104fbSMichen Chang default: 4141dd1104fbSMichen Chang return (NS_LDAP_OP_FAILED); 4142dd1104fbSMichen Chang } 4143dd1104fbSMichen Chang 4144dd1104fbSMichen Chang admin_result = &sptr->ldap_ret.ldap_u.admin_result; 4145dd1104fbSMichen Chang if (admin_result->ns_err == NS_LDAP_SUCCESS) 4146dd1104fbSMichen Chang rc = NS_LDAP_SUCCESS; 4147dd1104fbSMichen Chang else { 4148dd1104fbSMichen Chang rc = admin_result->ns_err; 4149dd1104fbSMichen Chang if (admin_result->msg_size == 0) 4150dd1104fbSMichen Chang *errorp = __s_api_make_error(admin_result->status, 4151dd1104fbSMichen Chang NULL); 4152dd1104fbSMichen Chang else 4153dd1104fbSMichen Chang *errorp = __s_api_make_error(admin_result->status, 4154dd1104fbSMichen Chang admin_result->msg); 4155dd1104fbSMichen Chang } 4156dd1104fbSMichen Chang 4157dd1104fbSMichen Chang /* clean up the door call */ 4158dd1104fbSMichen Chang if (sptr != &space.s_d) { 4159dd1104fbSMichen Chang (void) munmap((char *)sptr, ndata); 4160dd1104fbSMichen Chang } 4161dd1104fbSMichen Chang 4162dd1104fbSMichen Chang return (rc); 4163dd1104fbSMichen Chang } 4164