17c478bd9Sstevel@tonic-gate /* 27c478bd9Sstevel@tonic-gate * CDDL HEADER START 37c478bd9Sstevel@tonic-gate * 47c478bd9Sstevel@tonic-gate * The contents of this file are subject to the terms of the 5cb5caa98Sdjl * Common Development and Distribution License (the "License"). 6cb5caa98Sdjl * You may not use this file except in compliance with the License. 77c478bd9Sstevel@tonic-gate * 87c478bd9Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 97c478bd9Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 107c478bd9Sstevel@tonic-gate * See the License for the specific language governing permissions 117c478bd9Sstevel@tonic-gate * and limitations under the License. 127c478bd9Sstevel@tonic-gate * 137c478bd9Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 147c478bd9Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 157c478bd9Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 167c478bd9Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 177c478bd9Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 187c478bd9Sstevel@tonic-gate * 197c478bd9Sstevel@tonic-gate * CDDL HEADER END 207c478bd9Sstevel@tonic-gate */ 217c478bd9Sstevel@tonic-gate /* 22e1dd0a2fSth * Copyright 2008 Sun Microsystems, Inc. All rights reserved. 237c478bd9Sstevel@tonic-gate * Use is subject to license terms. 247c478bd9Sstevel@tonic-gate */ 257c478bd9Sstevel@tonic-gate 267c478bd9Sstevel@tonic-gate #pragma ident "%Z%%M% %I% %E% SMI" 277c478bd9Sstevel@tonic-gate 287c478bd9Sstevel@tonic-gate /* 297c478bd9Sstevel@tonic-gate * libsldap - library side configuration components 307c478bd9Sstevel@tonic-gate * Routines to manage the config structure 317c478bd9Sstevel@tonic-gate */ 327c478bd9Sstevel@tonic-gate 337c478bd9Sstevel@tonic-gate #include <stdio.h> 347c478bd9Sstevel@tonic-gate #include <stdlib.h> 35e1dd0a2fSth #include <stddef.h> 367c478bd9Sstevel@tonic-gate #include <string.h> 377c478bd9Sstevel@tonic-gate #include <strings.h> 387c478bd9Sstevel@tonic-gate #include <libintl.h> 397c478bd9Sstevel@tonic-gate #include <locale.h> 407c478bd9Sstevel@tonic-gate #include <thread.h> 417c478bd9Sstevel@tonic-gate #include <synch.h> 427c478bd9Sstevel@tonic-gate #include <errno.h> 437c478bd9Sstevel@tonic-gate #include <unistd.h> 447c478bd9Sstevel@tonic-gate #include <fcntl.h> 457c478bd9Sstevel@tonic-gate #include <ctype.h> 467c478bd9Sstevel@tonic-gate #include <crypt.h> 477c478bd9Sstevel@tonic-gate #include <arpa/inet.h> 487c478bd9Sstevel@tonic-gate #include <sys/types.h> 497c478bd9Sstevel@tonic-gate #include <sys/stat.h> 507c478bd9Sstevel@tonic-gate #include <syslog.h> 517c478bd9Sstevel@tonic-gate #include <netdb.h> 527c478bd9Sstevel@tonic-gate #include <sys/systeminfo.h> 537c478bd9Sstevel@tonic-gate #include <sys/mman.h> 547c478bd9Sstevel@tonic-gate #include <sys/time.h> 557c478bd9Sstevel@tonic-gate #include <limits.h> 567c478bd9Sstevel@tonic-gate #include "ns_sldap.h" 577c478bd9Sstevel@tonic-gate #include "ns_internal.h" 587c478bd9Sstevel@tonic-gate #include "ns_cache_door.h" 59e1dd0a2fSth #include "ns_connmgmt.h" 607c478bd9Sstevel@tonic-gate 61*29836b19Smichen #pragma fini(__s_api_shutdown_conn_mgmt, \ 62e1dd0a2fSth _free_config, __ns_ldap_doorfd_close) 637c478bd9Sstevel@tonic-gate 647c478bd9Sstevel@tonic-gate static mutex_t ns_parse_lock = DEFAULTMUTEX; 657c478bd9Sstevel@tonic-gate static mutex_t ns_loadrefresh_lock = DEFAULTMUTEX; 667c478bd9Sstevel@tonic-gate static ns_config_t *current_config = NULL; 677c478bd9Sstevel@tonic-gate 687c478bd9Sstevel@tonic-gate static int cache_server = FALSE; 69e1dd0a2fSth extern thread_key_t ns_cmgkey; 707c478bd9Sstevel@tonic-gate 717c478bd9Sstevel@tonic-gate /* 727c478bd9Sstevel@tonic-gate * Parameter Index Type validation routines 737c478bd9Sstevel@tonic-gate */ 747c478bd9Sstevel@tonic-gate static int 757c478bd9Sstevel@tonic-gate __s_val_postime(ParamIndexType i, ns_default_config *def, 767c478bd9Sstevel@tonic-gate ns_param_t *param, char *errbuf); 777c478bd9Sstevel@tonic-gate static int 787c478bd9Sstevel@tonic-gate __s_val_basedn(ParamIndexType i, ns_default_config *def, 797c478bd9Sstevel@tonic-gate ns_param_t *param, char *errbuf); 807c478bd9Sstevel@tonic-gate 817c478bd9Sstevel@tonic-gate static int 827c478bd9Sstevel@tonic-gate __s_val_binddn(ParamIndexType i, ns_default_config *def, 837c478bd9Sstevel@tonic-gate ns_param_t *param, char *errbuf); 847c478bd9Sstevel@tonic-gate 857c478bd9Sstevel@tonic-gate static int 867c478bd9Sstevel@tonic-gate __s_val_bindpw(ParamIndexType i, ns_default_config *def, 877c478bd9Sstevel@tonic-gate ns_param_t *param, char *errbuf); 887c478bd9Sstevel@tonic-gate 897c478bd9Sstevel@tonic-gate static int 907c478bd9Sstevel@tonic-gate __s_val_serverList(ParamIndexType i, ns_default_config *def, 917c478bd9Sstevel@tonic-gate ns_param_t *param, char *errbuf); 927c478bd9Sstevel@tonic-gate 937c478bd9Sstevel@tonic-gate /* 947c478bd9Sstevel@tonic-gate * Forward declarations 957c478bd9Sstevel@tonic-gate */ 967c478bd9Sstevel@tonic-gate 977c478bd9Sstevel@tonic-gate static ns_parse_status 987c478bd9Sstevel@tonic-gate verify_value(ns_config_t *cfg, char *name, char *value, char *errstr); 997c478bd9Sstevel@tonic-gate 1007c478bd9Sstevel@tonic-gate static int 1017c478bd9Sstevel@tonic-gate set_default_value(ns_config_t *configptr, char *name, char *value, 1027c478bd9Sstevel@tonic-gate ns_ldap_error_t **error); 1037c478bd9Sstevel@tonic-gate 1047c478bd9Sstevel@tonic-gate static void 1057c478bd9Sstevel@tonic-gate set_curr_config(ns_config_t *ptr); 1067c478bd9Sstevel@tonic-gate 1077c478bd9Sstevel@tonic-gate static int 1087c478bd9Sstevel@tonic-gate __door_getldapconfig(char **buffer, int *buflen, ns_ldap_error_t **error); 1097c478bd9Sstevel@tonic-gate 1107c478bd9Sstevel@tonic-gate static ns_config_t * 1117c478bd9Sstevel@tonic-gate SetDoorInfo(char *buffer, ns_ldap_error_t **errorp); 1127c478bd9Sstevel@tonic-gate 1137c478bd9Sstevel@tonic-gate static boolean_t 1147c478bd9Sstevel@tonic-gate timetorefresh(ns_config_t *cfg); 1157c478bd9Sstevel@tonic-gate 1167c478bd9Sstevel@tonic-gate static ns_config_t * 117e1dd0a2fSth LoadCacheConfiguration(ns_config_t *, ns_ldap_error_t **error); 1187c478bd9Sstevel@tonic-gate 1197c478bd9Sstevel@tonic-gate static void ** 1207c478bd9Sstevel@tonic-gate dupParam(ns_param_t *ptr); 1217c478bd9Sstevel@tonic-gate 1227c478bd9Sstevel@tonic-gate static time_t 1237c478bd9Sstevel@tonic-gate conv_time(char *s); 1247c478bd9Sstevel@tonic-gate 1257c478bd9Sstevel@tonic-gate /* 1267c478bd9Sstevel@tonic-gate * Structures used in enum <-> string mapping routines 1277c478bd9Sstevel@tonic-gate */ 1287c478bd9Sstevel@tonic-gate 1297c478bd9Sstevel@tonic-gate static ns_enum_map ns_auth_enum_v1[] = { 1307c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_EA_NONE), "NS_LDAP_AUTH_NONE" }, 1317c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_EA_SIMPLE), "NS_LDAP_AUTH_SIMPLE" }, 1327c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_EA_SASL_CRAM_MD5), "NS_LDAP_AUTH_SASL_CRAM_MD5" }, 1337c478bd9Sstevel@tonic-gate { -1, NULL }, 1347c478bd9Sstevel@tonic-gate }; 1357c478bd9Sstevel@tonic-gate 1367c478bd9Sstevel@tonic-gate static ns_enum_map ns_auth_enum_v2[] = { 1377c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_EA_NONE), "none" }, 1387c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_EA_SIMPLE), "simple" }, 1397c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_EA_SASL_CRAM_MD5), "sasl/CRAM-MD5" }, 1407c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_EA_SASL_DIGEST_MD5), "sasl/DIGEST-MD5" }, 1417c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_EA_SASL_DIGEST_MD5_INT), 1427c478bd9Sstevel@tonic-gate "sasl/DIGEST-MD5:auth-int" }, 1437c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_EA_SASL_DIGEST_MD5_CONF), 1447c478bd9Sstevel@tonic-gate "sasl/DIGEST-MD5:auth-conf" }, 1457c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_EA_SASL_EXTERNAL), "sasl/EXTERNAL" }, 146cb5caa98Sdjl { ENUM2INT(NS_LDAP_EA_SASL_GSSAPI), "sasl/GSSAPI" }, 1477c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_EA_TLS_NONE), "tls:none" }, 1487c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_EA_TLS_SIMPLE), "tls:simple" }, 1497c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_EA_TLS_SASL_CRAM_MD5), "tls:sasl/CRAM-MD5" }, 1507c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_EA_TLS_SASL_DIGEST_MD5), "tls:sasl/DIGEST-MD5" }, 1517c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_EA_TLS_SASL_DIGEST_MD5_INT), 1527c478bd9Sstevel@tonic-gate "tls:sasl/DIGEST-MD5:auth-int" }, 1537c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_EA_TLS_SASL_DIGEST_MD5_CONF), 1547c478bd9Sstevel@tonic-gate "tls:sasl/DIGEST-MD5:auth-conf" }, 1557c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_EA_TLS_SASL_EXTERNAL), "tls:sasl/EXTERNAL" }, 1567c478bd9Sstevel@tonic-gate { -1, NULL }, 1577c478bd9Sstevel@tonic-gate }; 1587c478bd9Sstevel@tonic-gate 1597c478bd9Sstevel@tonic-gate /* V1 ONLY */ 1607c478bd9Sstevel@tonic-gate static ns_enum_map ns_sec_enum_v1[] = { 1617c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_TLS_NONE), "NS_LDAP_SEC_NONE" }, 1627c478bd9Sstevel@tonic-gate { -1, NULL }, 1637c478bd9Sstevel@tonic-gate }; 1647c478bd9Sstevel@tonic-gate 1657c478bd9Sstevel@tonic-gate /* V2 ONLY */ 1667c478bd9Sstevel@tonic-gate static ns_enum_map ns_cred_enum_v2[] = { 1677c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_CRED_ANON), "anonymous" }, 1687c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_CRED_PROXY), "proxy" }, 1697c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_CRED_SELF), "self" }, 1707c478bd9Sstevel@tonic-gate { -1, NULL }, 1717c478bd9Sstevel@tonic-gate }; 1727c478bd9Sstevel@tonic-gate 1737c478bd9Sstevel@tonic-gate static ns_enum_map ns_ref_enum_v1[] = { 1747c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_FOLLOWREF), "NS_LDAP_FOLLOWREF" }, 1757c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_NOREF), "NS_LDAP_NOREF" }, 1767c478bd9Sstevel@tonic-gate { -1, NULL }, 1777c478bd9Sstevel@tonic-gate }; 1787c478bd9Sstevel@tonic-gate 1797c478bd9Sstevel@tonic-gate static ns_enum_map ns_ref_enum_v2[] = { 1807c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_FOLLOWREF), "TRUE" }, 1817c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_NOREF), "FALSE" }, 1827c478bd9Sstevel@tonic-gate { -1, NULL }, 1837c478bd9Sstevel@tonic-gate }; 1847c478bd9Sstevel@tonic-gate 1857c478bd9Sstevel@tonic-gate static ns_enum_map ns_scope_enum_v1[] = { 1867c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_SCOPE_BASE), "NS_LDAP_SCOPE_BASE" }, 1877c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_SCOPE_ONELEVEL), "NS_LDAP_SCOPE_ONELEVEL" }, 1887c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_SCOPE_SUBTREE), "NS_LDAP_SCOPE_SUBTREE" }, 1897c478bd9Sstevel@tonic-gate { -1, NULL }, 1907c478bd9Sstevel@tonic-gate }; 1917c478bd9Sstevel@tonic-gate 1927c478bd9Sstevel@tonic-gate static ns_enum_map ns_scope_enum_v2[] = { 1937c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_SCOPE_BASE), "base" }, 1947c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_SCOPE_ONELEVEL), "one" }, 1957c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_SCOPE_SUBTREE), "sub" }, 1967c478bd9Sstevel@tonic-gate { -1, NULL }, 1977c478bd9Sstevel@tonic-gate }; 1987c478bd9Sstevel@tonic-gate 1997c478bd9Sstevel@tonic-gate static ns_enum_map ns_pref_enum[] = { 2007c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_PREF_FALSE), "NS_LDAP_FALSE" }, 2017c478bd9Sstevel@tonic-gate { ENUM2INT(NS_LDAP_PREF_TRUE), "NS_LDAP_TRUE" }, 2027c478bd9Sstevel@tonic-gate { -1, NULL }, 2037c478bd9Sstevel@tonic-gate }; 2047c478bd9Sstevel@tonic-gate 2057c478bd9Sstevel@tonic-gate static int ns_def_auth_v1[] = { 2067c478bd9Sstevel@tonic-gate ENUM2INT(NS_LDAP_EA_NONE), 2077c478bd9Sstevel@tonic-gate 0 2087c478bd9Sstevel@tonic-gate }; 2097c478bd9Sstevel@tonic-gate 2107c478bd9Sstevel@tonic-gate static int ns_def_auth_v2[] = { 2117c478bd9Sstevel@tonic-gate ENUM2INT(NS_LDAP_EA_NONE), 2127c478bd9Sstevel@tonic-gate 0 2137c478bd9Sstevel@tonic-gate }; 2147c478bd9Sstevel@tonic-gate 2157c478bd9Sstevel@tonic-gate static int ns_def_cred_v1[] = { 2167c478bd9Sstevel@tonic-gate ENUM2INT(NS_LDAP_CRED_PROXY), 2177c478bd9Sstevel@tonic-gate 0 2187c478bd9Sstevel@tonic-gate }; 2197c478bd9Sstevel@tonic-gate 2207c478bd9Sstevel@tonic-gate static int ns_def_cred_v2[] = { 2217c478bd9Sstevel@tonic-gate ENUM2INT(NS_LDAP_CRED_ANON), 2227c478bd9Sstevel@tonic-gate 0 2237c478bd9Sstevel@tonic-gate }; 2247c478bd9Sstevel@tonic-gate 2257c478bd9Sstevel@tonic-gate /* 2267c478bd9Sstevel@tonic-gate * The next macro places an integer in the first sizeof(int) bytes of a 2277c478bd9Sstevel@tonic-gate * void pointer location. For 32-bit, it is the same as "(void *) i". It 2287c478bd9Sstevel@tonic-gate * is used to solve a problem found during 64-bit testing. The problem 2297c478bd9Sstevel@tonic-gate * was that for a configuration parameter such as NS_LDAP_SEARCH_REF_P, 2307c478bd9Sstevel@tonic-gate * which is of type INT and has defined default value, an int 2317c478bd9Sstevel@tonic-gate * variable(ns_param.ns_pu.i) defined inside an union(ns_pu) structure, is 2327c478bd9Sstevel@tonic-gate * used to access the defined default value. This requires the default 2337c478bd9Sstevel@tonic-gate * value to be in the first sizeof(int) bytes of the union element. If 2347c478bd9Sstevel@tonic-gate * just using "(void *) intval" to declare the default value in the 2357c478bd9Sstevel@tonic-gate * following defconfig[] structure, the intval data will be placed is the 2367c478bd9Sstevel@tonic-gate * last sizeof(int) bytes. In which case, when accessing via ns_pu_i in 2377c478bd9Sstevel@tonic-gate * a 64-bit system, ZERO will be returned as the default value, not the 2387c478bd9Sstevel@tonic-gate * defined one. 2397c478bd9Sstevel@tonic-gate * 2407c478bd9Sstevel@tonic-gate * Note since amd64 is little-endian, the problem is not an issue. 2417c478bd9Sstevel@tonic-gate * INT2VOIDPTR will just leave the data (i) unchanged. 2427c478bd9Sstevel@tonic-gate */ 2437c478bd9Sstevel@tonic-gate #if defined(__amd64) 2447c478bd9Sstevel@tonic-gate #define INT2VOIDPTR(i) (void *)i 2457c478bd9Sstevel@tonic-gate #else 2467c478bd9Sstevel@tonic-gate #define INT2VOIDPTR(i) \ 2477c478bd9Sstevel@tonic-gate (void *)(((long)(i))<<(8*(sizeof (void *) - sizeof (int)))) 2487c478bd9Sstevel@tonic-gate #endif 2497c478bd9Sstevel@tonic-gate /* 2507c478bd9Sstevel@tonic-gate * The default configuration table 2517c478bd9Sstevel@tonic-gate * Version 1 entries are first, V2 entries follow. 2527c478bd9Sstevel@tonic-gate */ 2537c478bd9Sstevel@tonic-gate static ns_default_config defconfig[] = { 2547c478bd9Sstevel@tonic-gate /* optional V1 profile */ 2557c478bd9Sstevel@tonic-gate {"NS_LDAP_FILE_VERSION", NS_LDAP_FILE_VERSION_P, 2567c478bd9Sstevel@tonic-gate CLIENTCONFIG, CHARPTR, TRUE, NS_LDAP_V1, 2577c478bd9Sstevel@tonic-gate NULL, /* No version number defined in V1 */ 2587c478bd9Sstevel@tonic-gate { CHARPTR, 0, (void *)NS_LDAP_VERSION_1 }, 2597c478bd9Sstevel@tonic-gate NULL, NULL }, 2607c478bd9Sstevel@tonic-gate 2617c478bd9Sstevel@tonic-gate /* ---------- V1 profile ---------- */ 2627c478bd9Sstevel@tonic-gate {"NS_LDAP_BINDDN", NS_LDAP_BINDDN_P, 2637c478bd9Sstevel@tonic-gate CREDCONFIG, CHARPTR, TRUE, NS_LDAP_V1, 2647c478bd9Sstevel@tonic-gate _P1_BINDDN, 2657c478bd9Sstevel@tonic-gate { CHARPTR, 0, NULL }, 2667c478bd9Sstevel@tonic-gate __s_val_binddn, NULL }, 2677c478bd9Sstevel@tonic-gate 2687c478bd9Sstevel@tonic-gate {"NS_LDAP_BINDPASSWD", NS_LDAP_BINDPASSWD_P, 2697c478bd9Sstevel@tonic-gate CREDCONFIG, CHARPTR, TRUE, NS_LDAP_V1, 2707c478bd9Sstevel@tonic-gate _P1_BINDPASSWORD, 2717c478bd9Sstevel@tonic-gate { CHARPTR, 0, NULL }, 2727c478bd9Sstevel@tonic-gate __s_val_bindpw, NULL }, 2737c478bd9Sstevel@tonic-gate 2747c478bd9Sstevel@tonic-gate {"NS_LDAP_SERVERS", NS_LDAP_SERVERS_P, 2757c478bd9Sstevel@tonic-gate SERVERCONFIG, ARRAYCP, FALSE, NS_LDAP_V1, 2767c478bd9Sstevel@tonic-gate _P1_SERVERS, 2777c478bd9Sstevel@tonic-gate { ARRAYCP, 0, NULL }, 2787c478bd9Sstevel@tonic-gate __s_val_serverList, NULL }, 2797c478bd9Sstevel@tonic-gate 2807c478bd9Sstevel@tonic-gate {"NS_LDAP_SEARCH_BASEDN", NS_LDAP_SEARCH_BASEDN_P, 2817c478bd9Sstevel@tonic-gate SERVERCONFIG, CHARPTR, TRUE, NS_LDAP_V1, 2827c478bd9Sstevel@tonic-gate _P1_SEARCHBASEDN, 2837c478bd9Sstevel@tonic-gate { CHARPTR, 0, NULL }, 2847c478bd9Sstevel@tonic-gate __s_val_basedn, NULL }, 2857c478bd9Sstevel@tonic-gate 2867c478bd9Sstevel@tonic-gate {"NS_LDAP_AUTH", NS_LDAP_AUTH_P, 2877c478bd9Sstevel@tonic-gate CLIENTCONFIG, ARRAYAUTH, FALSE, NS_LDAP_V1, 2887c478bd9Sstevel@tonic-gate _P1_AUTHMETHOD, 2897c478bd9Sstevel@tonic-gate { ARRAYAUTH, 1, (void *)&ns_def_auth_v1[0] }, 2907c478bd9Sstevel@tonic-gate NULL, ns_auth_enum_v1 }, 2917c478bd9Sstevel@tonic-gate 2927c478bd9Sstevel@tonic-gate {"NS_LDAP_TRANSPORT_SEC", NS_LDAP_TRANSPORT_SEC_P, 2937c478bd9Sstevel@tonic-gate CLIENTCONFIG, INT, TRUE, NS_LDAP_V1, 2947c478bd9Sstevel@tonic-gate _P1_TRANSPORTSECURITY, 2957c478bd9Sstevel@tonic-gate { INT, 0, INT2VOIDPTR(NS_LDAP_TLS_NONE) }, 2967c478bd9Sstevel@tonic-gate NULL, ns_sec_enum_v1 }, 2977c478bd9Sstevel@tonic-gate 2987c478bd9Sstevel@tonic-gate {"NS_LDAP_SEARCH_REF", NS_LDAP_SEARCH_REF_P, 2997c478bd9Sstevel@tonic-gate CLIENTCONFIG, INT, TRUE, NS_LDAP_V1, 3007c478bd9Sstevel@tonic-gate _P1_SEARCHREFERRAL, 3017c478bd9Sstevel@tonic-gate { INT, 0, INT2VOIDPTR(NS_LDAP_FOLLOWREF) }, 3027c478bd9Sstevel@tonic-gate NULL, ns_ref_enum_v1 }, 3037c478bd9Sstevel@tonic-gate 3047c478bd9Sstevel@tonic-gate {"NS_LDAP_DOMAIN", NS_LDAP_DOMAIN_P, 3057c478bd9Sstevel@tonic-gate CLIENTCONFIG, CHARPTR, TRUE, NS_LDAP_V1, 3067c478bd9Sstevel@tonic-gate NULL, /* not defined in the Profile */ 3077c478bd9Sstevel@tonic-gate { CHARPTR, 0, NULL }, 3087c478bd9Sstevel@tonic-gate NULL, NULL }, 3097c478bd9Sstevel@tonic-gate 3107c478bd9Sstevel@tonic-gate {"NS_LDAP_EXP", NS_LDAP_EXP_P, 3117c478bd9Sstevel@tonic-gate SERVERCONFIG, TIMET, TRUE, NS_LDAP_V1, 3127c478bd9Sstevel@tonic-gate NULL, /* initialized by code to time+NS_LDAP_CACHETTL */ 3137c478bd9Sstevel@tonic-gate { INT, 0, 0 }, 3147c478bd9Sstevel@tonic-gate NULL, NULL }, 3157c478bd9Sstevel@tonic-gate 3167c478bd9Sstevel@tonic-gate {"NS_LDAP_CERT_PATH", NS_LDAP_CERT_PATH_P, 3177c478bd9Sstevel@tonic-gate CREDCONFIG, CHARPTR, TRUE, NS_LDAP_V1, 3187c478bd9Sstevel@tonic-gate _P1_CERTIFICATEPATH, 3197c478bd9Sstevel@tonic-gate { CHARPTR, 0, NULL }, 3207c478bd9Sstevel@tonic-gate NULL, NULL }, 3217c478bd9Sstevel@tonic-gate 3227c478bd9Sstevel@tonic-gate {"NS_LDAP_CERT_PASS", NS_LDAP_CERT_PASS_P, 3237c478bd9Sstevel@tonic-gate CREDCONFIG, CHARPTR, TRUE, NS_LDAP_V1, 3247c478bd9Sstevel@tonic-gate _P1_CERTIFICATEPASSWORD, 3257c478bd9Sstevel@tonic-gate { CHARPTR, 0, NULL }, 3267c478bd9Sstevel@tonic-gate NULL, NULL }, 3277c478bd9Sstevel@tonic-gate 3287c478bd9Sstevel@tonic-gate {"NS_LDAP_SEARCH_DN", NS_LDAP_SEARCH_DN_P, 3297c478bd9Sstevel@tonic-gate CLIENTCONFIG, SSDLIST, FALSE, NS_LDAP_V1, 3307c478bd9Sstevel@tonic-gate _P1_DATASEARCHDN, 3317c478bd9Sstevel@tonic-gate { SSDLIST, 0, NULL }, 3327c478bd9Sstevel@tonic-gate NULL, NULL }, 3337c478bd9Sstevel@tonic-gate 3347c478bd9Sstevel@tonic-gate {"NS_LDAP_SEARCH_SCOPE", NS_LDAP_SEARCH_SCOPE_P, 3357c478bd9Sstevel@tonic-gate CLIENTCONFIG, INT, TRUE, NS_LDAP_V1, 3367c478bd9Sstevel@tonic-gate _P1_SEARCHSCOPE, 3377c478bd9Sstevel@tonic-gate { INT, 0, INT2VOIDPTR(NS_LDAP_SCOPE_ONELEVEL) }, 3387c478bd9Sstevel@tonic-gate NULL, ns_scope_enum_v1 }, 3397c478bd9Sstevel@tonic-gate 3407c478bd9Sstevel@tonic-gate {"NS_LDAP_SEARCH_TIME", NS_LDAP_SEARCH_TIME_P, 3417c478bd9Sstevel@tonic-gate CLIENTCONFIG, INT, TRUE, NS_LDAP_V1, 3427c478bd9Sstevel@tonic-gate _P1_SEARCHTIMELIMIT, 3437c478bd9Sstevel@tonic-gate { INT, 0, INT2VOIDPTR(NS_DEFAULT_SEARCH_TIMEOUT) }, 3447c478bd9Sstevel@tonic-gate NULL, NULL }, 3457c478bd9Sstevel@tonic-gate 3467c478bd9Sstevel@tonic-gate {"NS_LDAP_SERVER_PREF", NS_LDAP_SERVER_PREF_P, 3477c478bd9Sstevel@tonic-gate CLIENTCONFIG, ARRAYCP, FALSE, NS_LDAP_V1, 3487c478bd9Sstevel@tonic-gate _P1_PREFERREDSERVER, 3497c478bd9Sstevel@tonic-gate { ARRAYCP, 0, NULL }, 3507c478bd9Sstevel@tonic-gate __s_val_serverList, NULL }, 3517c478bd9Sstevel@tonic-gate 3527c478bd9Sstevel@tonic-gate {"NS_LDAP_PREF_ONLY", NS_LDAP_PREF_ONLY_P, 3537c478bd9Sstevel@tonic-gate CLIENTCONFIG, INT, TRUE, NS_LDAP_V1, 3547c478bd9Sstevel@tonic-gate _P1_PREFERREDSERVERONLY, 3557c478bd9Sstevel@tonic-gate { INT, 0, INT2VOIDPTR(NS_LDAP_PREF_FALSE) }, 3567c478bd9Sstevel@tonic-gate NULL, ns_pref_enum }, 3577c478bd9Sstevel@tonic-gate 3587c478bd9Sstevel@tonic-gate {"NS_LDAP_CACHETTL", NS_LDAP_CACHETTL_P, 3597c478bd9Sstevel@tonic-gate CLIENTCONFIG, CHARPTR, TRUE, NS_LDAP_V1, 3607c478bd9Sstevel@tonic-gate _P1_CACHETTL, 3617c478bd9Sstevel@tonic-gate { CHARPTR, 0, (void *)EXP_DEFAULT_TTL }, 3627c478bd9Sstevel@tonic-gate __s_val_postime, NULL }, 3637c478bd9Sstevel@tonic-gate 3647c478bd9Sstevel@tonic-gate {"NS_LDAP_PROFILE", NS_LDAP_PROFILE_P, 3657c478bd9Sstevel@tonic-gate CLIENTCONFIG, CHARPTR, TRUE, NS_LDAP_V1, 3667c478bd9Sstevel@tonic-gate _P_CN, 3677c478bd9Sstevel@tonic-gate { CHARPTR, 0, (void *)DEFAULTCONFIGNAME }, 3687c478bd9Sstevel@tonic-gate NULL, NULL }, 3697c478bd9Sstevel@tonic-gate 3707c478bd9Sstevel@tonic-gate {"NS_LDAP_BIND_TIME", NS_LDAP_BIND_TIME_P, 3717c478bd9Sstevel@tonic-gate CLIENTCONFIG, INT, TRUE, NS_LDAP_V1, 3727c478bd9Sstevel@tonic-gate _P1_BINDTIMELIMIT, 3737c478bd9Sstevel@tonic-gate { INT, 0, INT2VOIDPTR(NS_DEFAULT_BIND_TIMEOUT) }, 3747c478bd9Sstevel@tonic-gate NULL, NULL }, 3757c478bd9Sstevel@tonic-gate 3767c478bd9Sstevel@tonic-gate /* This configuration option is not visible in V1 */ 3777c478bd9Sstevel@tonic-gate {"NS_LDAP_CREDENTIAL_LEVEL", NS_LDAP_CREDENTIAL_LEVEL_P, 3787c478bd9Sstevel@tonic-gate CLIENTCONFIG, ARRAYCRED, TRUE, NS_LDAP_V1, 3797c478bd9Sstevel@tonic-gate NULL, /* No version defined in V1 */ 3807c478bd9Sstevel@tonic-gate { ARRAYCRED, 0, (void *)&ns_def_cred_v1[0] }, 3817c478bd9Sstevel@tonic-gate NULL, NULL }, 3827c478bd9Sstevel@tonic-gate 3837c478bd9Sstevel@tonic-gate /* ---------- V2 profile ---------- */ 3847c478bd9Sstevel@tonic-gate {"NS_LDAP_FILE_VERSION", NS_LDAP_FILE_VERSION_P, 3857c478bd9Sstevel@tonic-gate CLIENTCONFIG, CHARPTR, TRUE, NS_LDAP_V2, 3867c478bd9Sstevel@tonic-gate NULL, /* No version number defined in V1 */ 3877c478bd9Sstevel@tonic-gate { CHARPTR, 0, (void *)NS_LDAP_VERSION_2 }, 3887c478bd9Sstevel@tonic-gate NULL, NULL }, 3897c478bd9Sstevel@tonic-gate 3907c478bd9Sstevel@tonic-gate {"NS_LDAP_BINDDN", NS_LDAP_BINDDN_P, 3917c478bd9Sstevel@tonic-gate CREDCONFIG, CHARPTR, TRUE, NS_LDAP_V2, 3927c478bd9Sstevel@tonic-gate NULL, /* not defined in the Profile */ 3937c478bd9Sstevel@tonic-gate { CHARPTR, 0, NULL }, 3947c478bd9Sstevel@tonic-gate __s_val_binddn, NULL }, 3957c478bd9Sstevel@tonic-gate {"NS_LDAP_BINDPASSWD", NS_LDAP_BINDPASSWD_P, 3967c478bd9Sstevel@tonic-gate CREDCONFIG, CHARPTR, TRUE, NS_LDAP_V2, 3977c478bd9Sstevel@tonic-gate NULL, /* not defined in the Profile */ 3987c478bd9Sstevel@tonic-gate { CHARPTR, 0, NULL }, 3997c478bd9Sstevel@tonic-gate __s_val_bindpw, NULL }, 4007c478bd9Sstevel@tonic-gate {"NS_LDAP_EXP", NS_LDAP_EXP_P, 4017c478bd9Sstevel@tonic-gate SERVERCONFIG, TIMET, TRUE, NS_LDAP_V2, 4027c478bd9Sstevel@tonic-gate NULL, /* initialized by code to time+NS_LDAP_CACHETTL */ 4037c478bd9Sstevel@tonic-gate { INT, 0, 0 }, 4047c478bd9Sstevel@tonic-gate NULL, NULL }, 4057c478bd9Sstevel@tonic-gate 4067c478bd9Sstevel@tonic-gate {"NS_LDAP_SERVER_PREF", NS_LDAP_SERVER_PREF_P, 4077c478bd9Sstevel@tonic-gate CLIENTCONFIG, SERVLIST, FALSE, NS_LDAP_V2, 4087c478bd9Sstevel@tonic-gate _P2_PREFERREDSERVER, 4097c478bd9Sstevel@tonic-gate { SERVLIST, 0, NULL }, 4107c478bd9Sstevel@tonic-gate __s_val_serverList, NULL }, 4117c478bd9Sstevel@tonic-gate 4127c478bd9Sstevel@tonic-gate {"NS_LDAP_SERVERS", NS_LDAP_SERVERS_P, 4137c478bd9Sstevel@tonic-gate SERVERCONFIG, SERVLIST, FALSE, NS_LDAP_V2, 4147c478bd9Sstevel@tonic-gate _P2_DEFAULTSERVER, 4157c478bd9Sstevel@tonic-gate { SERVLIST, 0, NULL }, 4167c478bd9Sstevel@tonic-gate __s_val_serverList, NULL }, 4177c478bd9Sstevel@tonic-gate 4187c478bd9Sstevel@tonic-gate {"NS_LDAP_SEARCH_BASEDN", NS_LDAP_SEARCH_BASEDN_P, 4197c478bd9Sstevel@tonic-gate SERVERCONFIG, CHARPTR, TRUE, NS_LDAP_V2, 4207c478bd9Sstevel@tonic-gate _P2_SEARCHBASEDN, 4217c478bd9Sstevel@tonic-gate { CHARPTR, 0, NULL }, 4227c478bd9Sstevel@tonic-gate __s_val_basedn, NULL }, 4237c478bd9Sstevel@tonic-gate 4247c478bd9Sstevel@tonic-gate {"NS_LDAP_SEARCH_SCOPE", NS_LDAP_SEARCH_SCOPE_P, 4257c478bd9Sstevel@tonic-gate CLIENTCONFIG, INT, TRUE, NS_LDAP_V2, 4267c478bd9Sstevel@tonic-gate _P2_SEARCHSCOPE, 4277c478bd9Sstevel@tonic-gate { INT, 0, INT2VOIDPTR(NS_LDAP_SCOPE_ONELEVEL) }, 4287c478bd9Sstevel@tonic-gate NULL, ns_scope_enum_v2 }, 4297c478bd9Sstevel@tonic-gate 4307c478bd9Sstevel@tonic-gate {"NS_LDAP_AUTH", NS_LDAP_AUTH_P, 4317c478bd9Sstevel@tonic-gate CLIENTCONFIG, ARRAYAUTH, FALSE, NS_LDAP_V2, 4327c478bd9Sstevel@tonic-gate _P2_AUTHMETHOD, 4337c478bd9Sstevel@tonic-gate { ARRAYAUTH, 2, (void *)&ns_def_auth_v2[0] }, 4347c478bd9Sstevel@tonic-gate NULL, ns_auth_enum_v2 }, 4357c478bd9Sstevel@tonic-gate 4367c478bd9Sstevel@tonic-gate {"NS_LDAP_CREDENTIAL_LEVEL", NS_LDAP_CREDENTIAL_LEVEL_P, 4377c478bd9Sstevel@tonic-gate CLIENTCONFIG, ARRAYCRED, FALSE, NS_LDAP_V2, 4387c478bd9Sstevel@tonic-gate _P2_CREDENTIALLEVEL, 4397c478bd9Sstevel@tonic-gate { ARRAYCRED, 0, (void *)&ns_def_cred_v2[0] }, 4407c478bd9Sstevel@tonic-gate NULL, ns_cred_enum_v2 }, 4417c478bd9Sstevel@tonic-gate 4427c478bd9Sstevel@tonic-gate {"NS_LDAP_SERVICE_SEARCH_DESC", NS_LDAP_SERVICE_SEARCH_DESC_P, 4437c478bd9Sstevel@tonic-gate CLIENTCONFIG, SSDLIST, FALSE, NS_LDAP_V2, 4447c478bd9Sstevel@tonic-gate _P2_SERVICESEARCHDESC, 4457c478bd9Sstevel@tonic-gate { SSDLIST, 0, NULL }, 4467c478bd9Sstevel@tonic-gate NULL, NULL }, 4477c478bd9Sstevel@tonic-gate 4487c478bd9Sstevel@tonic-gate {"NS_LDAP_SEARCH_TIME", NS_LDAP_SEARCH_TIME_P, 4497c478bd9Sstevel@tonic-gate CLIENTCONFIG, INT, TRUE, NS_LDAP_V2, 4507c478bd9Sstevel@tonic-gate _P2_SEARCHTIMELIMIT, 4517c478bd9Sstevel@tonic-gate { INT, 0, INT2VOIDPTR(NS_DEFAULT_SEARCH_TIMEOUT) }, 4527c478bd9Sstevel@tonic-gate NULL, NULL }, 4537c478bd9Sstevel@tonic-gate 4547c478bd9Sstevel@tonic-gate {"NS_LDAP_BIND_TIME", NS_LDAP_BIND_TIME_P, 4557c478bd9Sstevel@tonic-gate CLIENTCONFIG, INT, TRUE, NS_LDAP_V2, 4567c478bd9Sstevel@tonic-gate _P2_BINDTIMELIMIT, 4577c478bd9Sstevel@tonic-gate { INT, 0, INT2VOIDPTR(NS_DEFAULT_BIND_TIMEOUT) }, 4587c478bd9Sstevel@tonic-gate NULL, NULL }, 4597c478bd9Sstevel@tonic-gate 4607c478bd9Sstevel@tonic-gate {"NS_LDAP_SEARCH_REF", NS_LDAP_SEARCH_REF_P, 4617c478bd9Sstevel@tonic-gate CLIENTCONFIG, INT, TRUE, NS_LDAP_V2, 4627c478bd9Sstevel@tonic-gate _P2_FOLLOWREFERRALS, 4637c478bd9Sstevel@tonic-gate { INT, 0, INT2VOIDPTR(NS_LDAP_FOLLOWREF) }, 4647c478bd9Sstevel@tonic-gate NULL, ns_ref_enum_v2 }, 4657c478bd9Sstevel@tonic-gate 4667c478bd9Sstevel@tonic-gate {"NS_LDAP_CACHETTL", NS_LDAP_CACHETTL_P, 4677c478bd9Sstevel@tonic-gate CLIENTCONFIG, CHARPTR, TRUE, NS_LDAP_V2, 4687c478bd9Sstevel@tonic-gate _P2_PROFILETTL, 4697c478bd9Sstevel@tonic-gate { CHARPTR, 0, (void *)EXP_DEFAULT_TTL }, 4707c478bd9Sstevel@tonic-gate __s_val_postime, NULL }, 4717c478bd9Sstevel@tonic-gate 4727c478bd9Sstevel@tonic-gate {"NS_LDAP_ATTRIBUTEMAP", NS_LDAP_ATTRIBUTEMAP_P, 4737c478bd9Sstevel@tonic-gate CLIENTCONFIG, ATTRMAP, FALSE, NS_LDAP_V2, 4747c478bd9Sstevel@tonic-gate _P2_ATTRIBUTEMAP, 4757c478bd9Sstevel@tonic-gate { ATTRMAP, 0, NULL }, 4767c478bd9Sstevel@tonic-gate NULL, NULL }, 4777c478bd9Sstevel@tonic-gate 4787c478bd9Sstevel@tonic-gate {"NS_LDAP_OBJECTCLASSMAP", NS_LDAP_OBJECTCLASSMAP_P, 4797c478bd9Sstevel@tonic-gate CLIENTCONFIG, OBJMAP, FALSE, NS_LDAP_V2, 4807c478bd9Sstevel@tonic-gate _P2_OBJECTCLASSMAP, 4817c478bd9Sstevel@tonic-gate { OBJMAP, 0, NULL }, 4827c478bd9Sstevel@tonic-gate NULL, NULL }, 4837c478bd9Sstevel@tonic-gate 4847c478bd9Sstevel@tonic-gate {"NS_LDAP_PROFILE", NS_LDAP_PROFILE_P, 4857c478bd9Sstevel@tonic-gate CLIENTCONFIG, CHARPTR, TRUE, NS_LDAP_V2, 4867c478bd9Sstevel@tonic-gate _P_CN, 4877c478bd9Sstevel@tonic-gate { CHARPTR, 0, (void *)DEFAULTCONFIGNAME }, 4887c478bd9Sstevel@tonic-gate NULL, NULL }, 4897c478bd9Sstevel@tonic-gate 4907c478bd9Sstevel@tonic-gate {"NS_LDAP_SERVICE_AUTH_METHOD", NS_LDAP_SERVICE_AUTH_METHOD_P, 4917c478bd9Sstevel@tonic-gate CLIENTCONFIG, SAMLIST, FALSE, NS_LDAP_V2, 4927c478bd9Sstevel@tonic-gate _P2_SERVICEAUTHMETHOD, 4937c478bd9Sstevel@tonic-gate { SAMLIST, 0, NULL }, 4947c478bd9Sstevel@tonic-gate NULL, NULL }, 4957c478bd9Sstevel@tonic-gate 4967c478bd9Sstevel@tonic-gate {"NS_LDAP_SERVICE_CRED_LEVEL", NS_LDAP_SERVICE_CRED_LEVEL_P, 4977c478bd9Sstevel@tonic-gate CLIENTCONFIG, SCLLIST, FALSE, NS_LDAP_V2, 4987c478bd9Sstevel@tonic-gate _P2_SERVICECREDLEVEL, 4997c478bd9Sstevel@tonic-gate { SCLLIST, 0, NULL }, 5007c478bd9Sstevel@tonic-gate NULL, NULL }, 5017c478bd9Sstevel@tonic-gate 5027c478bd9Sstevel@tonic-gate {"NS_LDAP_HOST_CERTPATH", NS_LDAP_HOST_CERTPATH_P, 5037c478bd9Sstevel@tonic-gate CREDCONFIG, CHARPTR, TRUE, NS_LDAP_V2, 5047c478bd9Sstevel@tonic-gate NULL, /* not defined in the Profile */ 5057c478bd9Sstevel@tonic-gate { CHARPTR, 0, (void *)NSLDAPDIRECTORY }, 5067c478bd9Sstevel@tonic-gate NULL, NULL }, 5077c478bd9Sstevel@tonic-gate 5087c478bd9Sstevel@tonic-gate /* array terminator [not an entry] */ 5097c478bd9Sstevel@tonic-gate {NULL, NS_LDAP_FILE_VERSION_P, 5107c478bd9Sstevel@tonic-gate CLIENTCONFIG, NS_UNKNOWN, TRUE, NULL, 5117c478bd9Sstevel@tonic-gate NULL, 5127c478bd9Sstevel@tonic-gate { NS_UNKNOWN, 0, NULL }, 5137c478bd9Sstevel@tonic-gate NULL, NULL }, 5147c478bd9Sstevel@tonic-gate }; 5157c478bd9Sstevel@tonic-gate 5167c478bd9Sstevel@tonic-gate static char * 5177c478bd9Sstevel@tonic-gate __getdomainname() 5187c478bd9Sstevel@tonic-gate { 5197c478bd9Sstevel@tonic-gate /* 5207c478bd9Sstevel@tonic-gate * The sysinfo man page recommends using a buffer size 5217c478bd9Sstevel@tonic-gate * of 257 bytes. MAXHOSTNAMELEN is 256. So add 1 here. 5227c478bd9Sstevel@tonic-gate */ 5237c478bd9Sstevel@tonic-gate char buf[MAXHOSTNAMELEN + 1]; 5247c478bd9Sstevel@tonic-gate int status; 5257c478bd9Sstevel@tonic-gate 5267c478bd9Sstevel@tonic-gate status = sysinfo(SI_SRPC_DOMAIN, buf, MAXHOSTNAMELEN); 5277c478bd9Sstevel@tonic-gate if (status < 0) 5287c478bd9Sstevel@tonic-gate return (NULL); 5297c478bd9Sstevel@tonic-gate /* error: not enough space to hold returned value */ 5307c478bd9Sstevel@tonic-gate if (status > sizeof (buf)) 5317c478bd9Sstevel@tonic-gate return (NULL); 5327c478bd9Sstevel@tonic-gate return (strdup(buf)); 5337c478bd9Sstevel@tonic-gate } 5347c478bd9Sstevel@tonic-gate 5357c478bd9Sstevel@tonic-gate void 5367c478bd9Sstevel@tonic-gate __ns_ldap_setServer(int set) 5377c478bd9Sstevel@tonic-gate { 5387c478bd9Sstevel@tonic-gate cache_server = set; 5397c478bd9Sstevel@tonic-gate } 5407c478bd9Sstevel@tonic-gate 5417c478bd9Sstevel@tonic-gate static boolean_t 5427c478bd9Sstevel@tonic-gate timetorefresh(ns_config_t *cfg) 5437c478bd9Sstevel@tonic-gate { 5447c478bd9Sstevel@tonic-gate struct timeval tp; 5457c478bd9Sstevel@tonic-gate static time_t expire = 0; 5467c478bd9Sstevel@tonic-gate 5477c478bd9Sstevel@tonic-gate if (cfg == NULL || gettimeofday(&tp, NULL) == -1) 5487c478bd9Sstevel@tonic-gate return (B_TRUE); 5497c478bd9Sstevel@tonic-gate 5507c478bd9Sstevel@tonic-gate if (cfg->paramList[NS_LDAP_EXP_P].ns_ptype == TIMET) 5517c478bd9Sstevel@tonic-gate expire = cfg->paramList[NS_LDAP_EXP_P].ns_tm; 5527c478bd9Sstevel@tonic-gate else 5537c478bd9Sstevel@tonic-gate return (B_TRUE); 5547c478bd9Sstevel@tonic-gate 5557c478bd9Sstevel@tonic-gate return (expire != 0 && tp.tv_sec > expire); 5567c478bd9Sstevel@tonic-gate } 5577c478bd9Sstevel@tonic-gate 5587c478bd9Sstevel@tonic-gate int 5597c478bd9Sstevel@tonic-gate __s_get_enum_value(ns_config_t *ptr, char *value, ParamIndexType i) 5607c478bd9Sstevel@tonic-gate { 5617c478bd9Sstevel@tonic-gate register ns_enum_map *mapp; 5627c478bd9Sstevel@tonic-gate char *pstart = value; 5637c478bd9Sstevel@tonic-gate char *pend; 5647c478bd9Sstevel@tonic-gate int len; 5657c478bd9Sstevel@tonic-gate 5667c478bd9Sstevel@tonic-gate if (pstart == NULL) 5677c478bd9Sstevel@tonic-gate return (-1); 5687c478bd9Sstevel@tonic-gate 5697c478bd9Sstevel@tonic-gate /* skip leading spaces */ 5707c478bd9Sstevel@tonic-gate while (*pstart == SPACETOK) 5717c478bd9Sstevel@tonic-gate pstart++; 5727c478bd9Sstevel@tonic-gate /* skip trailing spaces */ 5737c478bd9Sstevel@tonic-gate pend = pstart + strlen(pstart) - 1; 5747ddae043Siz for (; pend >= pstart && *pend == SPACETOK; pend--) 5757ddae043Siz ; 5767c478bd9Sstevel@tonic-gate len = pend - pstart + 1; 5777c478bd9Sstevel@tonic-gate if (len == 0) 5787c478bd9Sstevel@tonic-gate return (-1); 5797c478bd9Sstevel@tonic-gate 5807c478bd9Sstevel@tonic-gate switch (i) { 5817c478bd9Sstevel@tonic-gate case NS_LDAP_AUTH_P: 5827c478bd9Sstevel@tonic-gate if (ptr->version == NS_LDAP_V1) 5837c478bd9Sstevel@tonic-gate mapp = &ns_auth_enum_v1[0]; 5847c478bd9Sstevel@tonic-gate else 5857c478bd9Sstevel@tonic-gate mapp = &ns_auth_enum_v2[0]; 5867c478bd9Sstevel@tonic-gate break; 5877c478bd9Sstevel@tonic-gate case NS_LDAP_TRANSPORT_SEC_P: 5887c478bd9Sstevel@tonic-gate return (-1); 5897c478bd9Sstevel@tonic-gate case NS_LDAP_SEARCH_SCOPE_P: 5907c478bd9Sstevel@tonic-gate if (ptr->version == NS_LDAP_V1) 5917c478bd9Sstevel@tonic-gate mapp = &ns_scope_enum_v1[0]; 5927c478bd9Sstevel@tonic-gate else 5937c478bd9Sstevel@tonic-gate mapp = &ns_scope_enum_v2[0]; 5947c478bd9Sstevel@tonic-gate break; 5957c478bd9Sstevel@tonic-gate case NS_LDAP_SEARCH_REF_P: 5967c478bd9Sstevel@tonic-gate if (ptr->version == NS_LDAP_V1) 5977c478bd9Sstevel@tonic-gate mapp = &ns_ref_enum_v1[0]; 5987c478bd9Sstevel@tonic-gate else 5997c478bd9Sstevel@tonic-gate mapp = &ns_ref_enum_v2[0]; 6007c478bd9Sstevel@tonic-gate break; 6017c478bd9Sstevel@tonic-gate case NS_LDAP_PREF_ONLY_P: 6027c478bd9Sstevel@tonic-gate mapp = &ns_pref_enum[0]; 6037c478bd9Sstevel@tonic-gate break; 6047c478bd9Sstevel@tonic-gate case NS_LDAP_CREDENTIAL_LEVEL_P: 6057c478bd9Sstevel@tonic-gate if (ptr->version == NS_LDAP_V1) 6067c478bd9Sstevel@tonic-gate return (-1); 6077c478bd9Sstevel@tonic-gate else 6087c478bd9Sstevel@tonic-gate mapp = &ns_cred_enum_v2[0]; 6097c478bd9Sstevel@tonic-gate break; 6107c478bd9Sstevel@tonic-gate case NS_LDAP_SERVICE_AUTH_METHOD_P: 6117c478bd9Sstevel@tonic-gate mapp = &ns_auth_enum_v2[0]; 6127c478bd9Sstevel@tonic-gate break; 6137c478bd9Sstevel@tonic-gate case NS_LDAP_SERVICE_CRED_LEVEL_P: 6147c478bd9Sstevel@tonic-gate mapp = &ns_cred_enum_v2[0]; 6157c478bd9Sstevel@tonic-gate break; 6167c478bd9Sstevel@tonic-gate default: 6177c478bd9Sstevel@tonic-gate return (-1); 6187c478bd9Sstevel@tonic-gate } 6197c478bd9Sstevel@tonic-gate 6207c478bd9Sstevel@tonic-gate for (; mapp->name != NULL; mapp++) { 6217c478bd9Sstevel@tonic-gate if (strncasecmp(pstart, mapp->name, len) == 0 && 6227ddae043Siz (strlen(mapp->name) == len)) { 6237c478bd9Sstevel@tonic-gate return (mapp->value); 6247c478bd9Sstevel@tonic-gate } 6257c478bd9Sstevel@tonic-gate } 6267c478bd9Sstevel@tonic-gate return (-1); 6277c478bd9Sstevel@tonic-gate } 6287c478bd9Sstevel@tonic-gate 6297c478bd9Sstevel@tonic-gate char * 6307c478bd9Sstevel@tonic-gate __s_get_auth_name(ns_config_t *ptr, AuthType_t type) 6317c478bd9Sstevel@tonic-gate { 6327c478bd9Sstevel@tonic-gate register ns_enum_map *mapp; 6337c478bd9Sstevel@tonic-gate 6347c478bd9Sstevel@tonic-gate if (ptr->version == NS_LDAP_V1) 6357c478bd9Sstevel@tonic-gate mapp = &ns_auth_enum_v1[0]; 6367c478bd9Sstevel@tonic-gate else 6377c478bd9Sstevel@tonic-gate mapp = &ns_auth_enum_v2[0]; 6387c478bd9Sstevel@tonic-gate 6397c478bd9Sstevel@tonic-gate for (; mapp->name != NULL; mapp++) { 6407c478bd9Sstevel@tonic-gate if (type == INT2AUTHENUM(mapp->value)) { 6417c478bd9Sstevel@tonic-gate return (mapp->name); 6427c478bd9Sstevel@tonic-gate } 6437c478bd9Sstevel@tonic-gate } 6447c478bd9Sstevel@tonic-gate return ("Unknown AuthType_t type specified"); 6457c478bd9Sstevel@tonic-gate } 6467c478bd9Sstevel@tonic-gate 6477c478bd9Sstevel@tonic-gate 6487c478bd9Sstevel@tonic-gate char * 6497c478bd9Sstevel@tonic-gate __s_get_security_name(ns_config_t *ptr, TlsType_t type) 6507c478bd9Sstevel@tonic-gate { 6517c478bd9Sstevel@tonic-gate register ns_enum_map *mapp; 6527c478bd9Sstevel@tonic-gate 6537c478bd9Sstevel@tonic-gate if (ptr->version == NS_LDAP_V1) { 6547c478bd9Sstevel@tonic-gate mapp = &ns_sec_enum_v1[0]; 6557c478bd9Sstevel@tonic-gate 6567c478bd9Sstevel@tonic-gate for (; mapp->name != NULL; mapp++) { 6577c478bd9Sstevel@tonic-gate if (type == INT2SECENUM(mapp->value)) { 6587c478bd9Sstevel@tonic-gate return (mapp->name); 6597c478bd9Sstevel@tonic-gate } 6607c478bd9Sstevel@tonic-gate } 6617c478bd9Sstevel@tonic-gate } 6627c478bd9Sstevel@tonic-gate return ("Unknown TlsType_t type specified"); 6637c478bd9Sstevel@tonic-gate } 6647c478bd9Sstevel@tonic-gate 6657c478bd9Sstevel@tonic-gate 6667c478bd9Sstevel@tonic-gate char * 6677c478bd9Sstevel@tonic-gate __s_get_scope_name(ns_config_t *ptr, ScopeType_t type) 6687c478bd9Sstevel@tonic-gate { 6697c478bd9Sstevel@tonic-gate register ns_enum_map *mapp; 6707c478bd9Sstevel@tonic-gate 6717c478bd9Sstevel@tonic-gate if (ptr->version == NS_LDAP_V1) 6727c478bd9Sstevel@tonic-gate mapp = &ns_scope_enum_v1[0]; 6737c478bd9Sstevel@tonic-gate else 6747c478bd9Sstevel@tonic-gate mapp = &ns_scope_enum_v2[0]; 6757c478bd9Sstevel@tonic-gate 6767c478bd9Sstevel@tonic-gate for (; mapp->name != NULL; mapp++) { 6777c478bd9Sstevel@tonic-gate if (type == INT2SCOPEENUM(mapp->value)) { 6787c478bd9Sstevel@tonic-gate return (mapp->name); 6797c478bd9Sstevel@tonic-gate } 6807c478bd9Sstevel@tonic-gate } 6817c478bd9Sstevel@tonic-gate return ("Unknown ScopeType_t type specified"); 6827c478bd9Sstevel@tonic-gate } 6837c478bd9Sstevel@tonic-gate 6847c478bd9Sstevel@tonic-gate 6857c478bd9Sstevel@tonic-gate char * 6867c478bd9Sstevel@tonic-gate __s_get_pref_name(PrefOnly_t type) 6877c478bd9Sstevel@tonic-gate { 6887c478bd9Sstevel@tonic-gate register ns_enum_map *mapp = &ns_pref_enum[0]; 6897c478bd9Sstevel@tonic-gate 6907c478bd9Sstevel@tonic-gate for (; mapp->name != NULL; mapp++) { 6917c478bd9Sstevel@tonic-gate if (type == INT2PREFONLYENUM(mapp->value)) { 6927c478bd9Sstevel@tonic-gate return (mapp->name); 6937c478bd9Sstevel@tonic-gate } 6947c478bd9Sstevel@tonic-gate } 6957c478bd9Sstevel@tonic-gate return ("Unknown PrefOnly_t type specified"); 6967c478bd9Sstevel@tonic-gate } 6977c478bd9Sstevel@tonic-gate 6987c478bd9Sstevel@tonic-gate char * 6997c478bd9Sstevel@tonic-gate __s_get_searchref_name(ns_config_t *ptr, SearchRef_t type) 7007c478bd9Sstevel@tonic-gate { 7017c478bd9Sstevel@tonic-gate register ns_enum_map *mapp; 7027c478bd9Sstevel@tonic-gate 7037c478bd9Sstevel@tonic-gate if (ptr->version == NS_LDAP_V1) 7047c478bd9Sstevel@tonic-gate mapp = &ns_ref_enum_v1[0]; 7057c478bd9Sstevel@tonic-gate else 7067c478bd9Sstevel@tonic-gate mapp = &ns_ref_enum_v2[0]; 7077c478bd9Sstevel@tonic-gate 7087c478bd9Sstevel@tonic-gate for (; mapp->name != NULL; mapp++) { 7097c478bd9Sstevel@tonic-gate if (type == INT2SEARCHREFENUM(mapp->value)) { 7107c478bd9Sstevel@tonic-gate return (mapp->name); 7117c478bd9Sstevel@tonic-gate } 7127c478bd9Sstevel@tonic-gate } 7137c478bd9Sstevel@tonic-gate return ("Unknown SearchRef_t type specified"); 7147c478bd9Sstevel@tonic-gate } 7157c478bd9Sstevel@tonic-gate 7167c478bd9Sstevel@tonic-gate static char * 7177c478bd9Sstevel@tonic-gate __s_get_credlvl_name(ns_config_t *ptr, CredLevel_t type) 7187c478bd9Sstevel@tonic-gate { 7197c478bd9Sstevel@tonic-gate register ns_enum_map *mapp; 7207c478bd9Sstevel@tonic-gate 7217c478bd9Sstevel@tonic-gate if (ptr->version == NS_LDAP_V2) { 7227c478bd9Sstevel@tonic-gate mapp = &ns_cred_enum_v2[0]; 7237c478bd9Sstevel@tonic-gate for (; mapp->name != NULL; mapp++) { 7247c478bd9Sstevel@tonic-gate if (type == INT2CREDLEVELENUM(mapp->value)) { 7257c478bd9Sstevel@tonic-gate return (mapp->name); 7267c478bd9Sstevel@tonic-gate } 7277c478bd9Sstevel@tonic-gate } 7287c478bd9Sstevel@tonic-gate } 7297c478bd9Sstevel@tonic-gate return ("Unknown CredLevel_t type specified"); 7307c478bd9Sstevel@tonic-gate } 7317c478bd9Sstevel@tonic-gate 7327c478bd9Sstevel@tonic-gate static void 7337c478bd9Sstevel@tonic-gate destroy_param(ns_config_t *ptr, ParamIndexType type) 7347c478bd9Sstevel@tonic-gate { 7357c478bd9Sstevel@tonic-gate int i, j; 7367c478bd9Sstevel@tonic-gate char **ppc; 7377c478bd9Sstevel@tonic-gate 7387c478bd9Sstevel@tonic-gate if (ptr == NULL) 7397c478bd9Sstevel@tonic-gate return; 7407c478bd9Sstevel@tonic-gate 7417c478bd9Sstevel@tonic-gate /* 7427c478bd9Sstevel@tonic-gate * This routine is not lock protected because 7437c478bd9Sstevel@tonic-gate * the config param it may be destroying is not 7447c478bd9Sstevel@tonic-gate * necessarily THE config. Mutex protect elsewhere. 7457c478bd9Sstevel@tonic-gate */ 7467c478bd9Sstevel@tonic-gate switch (ptr->paramList[type].ns_ptype) { 7477c478bd9Sstevel@tonic-gate case CHARPTR: 7487c478bd9Sstevel@tonic-gate if (ptr->paramList[type].ns_pc) { 7497c478bd9Sstevel@tonic-gate free(ptr->paramList[type].ns_pc); 7507c478bd9Sstevel@tonic-gate ptr->paramList[type].ns_pc = NULL; 7517c478bd9Sstevel@tonic-gate } 7527c478bd9Sstevel@tonic-gate break; 7537c478bd9Sstevel@tonic-gate case SAMLIST: 7547c478bd9Sstevel@tonic-gate case SCLLIST: 7557c478bd9Sstevel@tonic-gate case SSDLIST: 7567c478bd9Sstevel@tonic-gate case ARRAYCP: 7577c478bd9Sstevel@tonic-gate case SERVLIST: 7587c478bd9Sstevel@tonic-gate if (ptr->paramList[type].ns_ppc) { 7597c478bd9Sstevel@tonic-gate ppc = ptr->paramList[type].ns_ppc; 7607c478bd9Sstevel@tonic-gate j = ptr->paramList[type].ns_acnt; 7617c478bd9Sstevel@tonic-gate for (i = 0; i < j && ppc[i] != NULL; i++) { 7627c478bd9Sstevel@tonic-gate free((void *)ppc[i]); 7637c478bd9Sstevel@tonic-gate } 7647c478bd9Sstevel@tonic-gate free((void *)ppc); 7657c478bd9Sstevel@tonic-gate ptr->paramList[type].ns_ppc = NULL; 7667c478bd9Sstevel@tonic-gate } 7677c478bd9Sstevel@tonic-gate break; 7687c478bd9Sstevel@tonic-gate case ARRAYAUTH: 7697c478bd9Sstevel@tonic-gate case ARRAYCRED: 7707c478bd9Sstevel@tonic-gate if (ptr->paramList[type].ns_pi) { 7717c478bd9Sstevel@tonic-gate free(ptr->paramList[type].ns_pi); 7727c478bd9Sstevel@tonic-gate ptr->paramList[type].ns_pi = NULL; 7737c478bd9Sstevel@tonic-gate } 7747c478bd9Sstevel@tonic-gate break; 7757c478bd9Sstevel@tonic-gate case INT: 7767c478bd9Sstevel@tonic-gate ptr->paramList[type].ns_i = 0; 7777c478bd9Sstevel@tonic-gate break; 7787c478bd9Sstevel@tonic-gate case ATTRMAP: 7797c478bd9Sstevel@tonic-gate break; 7807c478bd9Sstevel@tonic-gate case OBJMAP: 7817c478bd9Sstevel@tonic-gate break; 7827c478bd9Sstevel@tonic-gate default: 7837c478bd9Sstevel@tonic-gate break; 7847c478bd9Sstevel@tonic-gate } 7857c478bd9Sstevel@tonic-gate ptr->paramList[type].ns_ptype = NS_UNKNOWN; 7867c478bd9Sstevel@tonic-gate } 7877c478bd9Sstevel@tonic-gate 7887c478bd9Sstevel@tonic-gate static void 7897c478bd9Sstevel@tonic-gate destroy_config(ns_config_t *ptr) 7907c478bd9Sstevel@tonic-gate { 7917c478bd9Sstevel@tonic-gate ParamIndexType i; 7927c478bd9Sstevel@tonic-gate 7937c478bd9Sstevel@tonic-gate if (ptr != NULL) { 794e1dd0a2fSth if (ptr == current_config) 795e1dd0a2fSth current_config = NULL; 7967c478bd9Sstevel@tonic-gate if (ptr->domainName != NULL) 7977c478bd9Sstevel@tonic-gate free(ptr->domainName); 7987c478bd9Sstevel@tonic-gate ptr->domainName = NULL; 7997c478bd9Sstevel@tonic-gate for (i = 0; i <= LAST_VALUE; i++) { 8007c478bd9Sstevel@tonic-gate destroy_param(ptr, i); 8017c478bd9Sstevel@tonic-gate } 8027c478bd9Sstevel@tonic-gate __s_api_destroy_hash(ptr); 8037c478bd9Sstevel@tonic-gate free(ptr); 8047c478bd9Sstevel@tonic-gate } 8057c478bd9Sstevel@tonic-gate } 8067c478bd9Sstevel@tonic-gate 8077c478bd9Sstevel@tonic-gate /* 8087c478bd9Sstevel@tonic-gate * Marks the ns_config_t to be deleted and then releases it. (If no other 8097c478bd9Sstevel@tonic-gate * caller is using, then __s_api_release_config will destroy it.) 8107c478bd9Sstevel@tonic-gate * 8117c478bd9Sstevel@tonic-gate * Note that __s_api_destroy_config should only be called if the caller has 8127c478bd9Sstevel@tonic-gate * created the ns_config_t with __s_api_create_config (with the exception 8137c478bd9Sstevel@tonic-gate * of set_curr_config). The ns_config_t should be private to the caller. 8147c478bd9Sstevel@tonic-gate * 8157c478bd9Sstevel@tonic-gate * This function should not be called with the current_config except by 8167c478bd9Sstevel@tonic-gate * set_curr_config which locks ns_parse_lock to ensure that no thread 8177c478bd9Sstevel@tonic-gate * will be waiting on current_config->config_mutex. This ensures that 8187c478bd9Sstevel@tonic-gate * no caller with be waiting on cfg->config_mutex while it is being 8197c478bd9Sstevel@tonic-gate * destroyed by __s_api_release_config. 8207c478bd9Sstevel@tonic-gate */ 8217c478bd9Sstevel@tonic-gate 8227c478bd9Sstevel@tonic-gate void 8237c478bd9Sstevel@tonic-gate __s_api_destroy_config(ns_config_t *cfg) 8247c478bd9Sstevel@tonic-gate { 8257c478bd9Sstevel@tonic-gate if (cfg != NULL) { 8267c478bd9Sstevel@tonic-gate (void) mutex_lock(&cfg->config_mutex); 8277c478bd9Sstevel@tonic-gate cfg->delete = TRUE; 8287c478bd9Sstevel@tonic-gate (void) mutex_unlock(&cfg->config_mutex); 8297c478bd9Sstevel@tonic-gate __s_api_release_config(cfg); 8307c478bd9Sstevel@tonic-gate } 8317c478bd9Sstevel@tonic-gate } 8327c478bd9Sstevel@tonic-gate 8337c478bd9Sstevel@tonic-gate 8347c478bd9Sstevel@tonic-gate /* 8357c478bd9Sstevel@tonic-gate * Increment the configuration use count by one - assumes ns_parse_lock has 836e1dd0a2fSth * been obtained. 8377c478bd9Sstevel@tonic-gate */ 8387c478bd9Sstevel@tonic-gate 8397c478bd9Sstevel@tonic-gate static ns_config_t * 840ca190d8dSmichen get_curr_config_unlocked(ns_config_t *cfg, boolean_t global) 8417c478bd9Sstevel@tonic-gate { 8427c478bd9Sstevel@tonic-gate ns_config_t *ret; 8437c478bd9Sstevel@tonic-gate 8447c478bd9Sstevel@tonic-gate ret = cfg; 8457c478bd9Sstevel@tonic-gate if (cfg != NULL) { 8467c478bd9Sstevel@tonic-gate (void) mutex_lock(&cfg->config_mutex); 847ca190d8dSmichen /* 848ca190d8dSmichen * allow access to per connection management (non-global) 849ca190d8dSmichen * config so operations on connection being closed can still 850ca190d8dSmichen * be completed 851ca190d8dSmichen */ 852ca190d8dSmichen if (cfg->delete && global == B_TRUE) 8537c478bd9Sstevel@tonic-gate ret = NULL; 8547c478bd9Sstevel@tonic-gate else 8557c478bd9Sstevel@tonic-gate cfg->nUse++; 8567c478bd9Sstevel@tonic-gate (void) mutex_unlock(&cfg->config_mutex); 8577c478bd9Sstevel@tonic-gate } 8587c478bd9Sstevel@tonic-gate return (ret); 8597c478bd9Sstevel@tonic-gate } 8607c478bd9Sstevel@tonic-gate 8617c478bd9Sstevel@tonic-gate /* 862e1dd0a2fSth * set_curr_config_global sets the current global config to the 863e1dd0a2fSth * specified ns_config_t. Note that this function is similar 864e1dd0a2fSth * to the project private function __s_api_init_config_global 865e1dd0a2fSth * except that it does not release the new ns_config_t. 8667c478bd9Sstevel@tonic-gate */ 8677c478bd9Sstevel@tonic-gate static void 868e1dd0a2fSth set_curr_config_global(ns_config_t *ptr) 8697c478bd9Sstevel@tonic-gate { 870e1dd0a2fSth ns_config_t *cfg; 871e1dd0a2fSth ns_config_t *cur_cfg; 8727c478bd9Sstevel@tonic-gate 8737c478bd9Sstevel@tonic-gate (void) mutex_lock(&ns_parse_lock); 874e1dd0a2fSth cur_cfg = current_config; 875ca190d8dSmichen cfg = get_curr_config_unlocked(cur_cfg, B_TRUE); 8767c478bd9Sstevel@tonic-gate if (cfg != ptr) { 8777c478bd9Sstevel@tonic-gate __s_api_destroy_config(cfg); 8787c478bd9Sstevel@tonic-gate current_config = ptr; 8797c478bd9Sstevel@tonic-gate } 8807c478bd9Sstevel@tonic-gate (void) mutex_unlock(&ns_parse_lock); 8817c478bd9Sstevel@tonic-gate } 8827c478bd9Sstevel@tonic-gate 883e1dd0a2fSth 884e1dd0a2fSth /* 885e1dd0a2fSth * set_curr_config sets the current config or the per connection 886e1dd0a2fSth * management one to the specified ns_config_t. Note that this function 887e1dd0a2fSth * is similar to the project private function __s_api_init_config 888e1dd0a2fSth * except that it does not release the new ns_config_t. Also note 889e1dd0a2fSth * that if there's no per connection management one to set, the 890e1dd0a2fSth * global current config will be set. 891e1dd0a2fSth */ 892e1dd0a2fSth 893e1dd0a2fSth static void 894e1dd0a2fSth set_curr_config(ns_config_t *ptr) 895e1dd0a2fSth { 896e1dd0a2fSth ns_config_t *cfg; 897e1dd0a2fSth ns_config_t *cur_cfg; 898e1dd0a2fSth ns_conn_mgmt_t *cmg; 899e1dd0a2fSth int rc; 900e1dd0a2fSth 901e1dd0a2fSth rc = thr_getspecific(ns_cmgkey, (void **)&cmg); 902e1dd0a2fSth 903e1dd0a2fSth /* set the per connection management config if possible */ 904e1dd0a2fSth if (rc == 0 && cmg != NULL && cmg->config != NULL) { 905e1dd0a2fSth (void) mutex_lock(&cmg->cfg_lock); 906e1dd0a2fSth cur_cfg = cmg->config; 907ca190d8dSmichen cfg = get_curr_config_unlocked(cur_cfg, B_FALSE); 908e1dd0a2fSth if (cfg != ptr) { 909e1dd0a2fSth __s_api_destroy_config(cfg); 910e1dd0a2fSth cmg->config = ptr; 911e1dd0a2fSth } 912e1dd0a2fSth (void) mutex_unlock(&cmg->cfg_lock); 913e1dd0a2fSth return; 914e1dd0a2fSth } 915e1dd0a2fSth 916e1dd0a2fSth /* else set the global current config */ 917e1dd0a2fSth set_curr_config_global(ptr); 918e1dd0a2fSth } 919e1dd0a2fSth 9207c478bd9Sstevel@tonic-gate /* 9217c478bd9Sstevel@tonic-gate * Decrements the ns_config_t usage count by one. Delete if delete flag 9227c478bd9Sstevel@tonic-gate * is set and no other callers are using. 9237c478bd9Sstevel@tonic-gate */ 9247c478bd9Sstevel@tonic-gate 9257c478bd9Sstevel@tonic-gate void 9267c478bd9Sstevel@tonic-gate __s_api_release_config(ns_config_t *cfg) 9277c478bd9Sstevel@tonic-gate { 9287c478bd9Sstevel@tonic-gate if (cfg != NULL) { 9297c478bd9Sstevel@tonic-gate (void) mutex_lock(&cfg->config_mutex); 9307c478bd9Sstevel@tonic-gate cfg->nUse--; 9317c478bd9Sstevel@tonic-gate if (cfg->nUse == 0 && cfg->delete) { 9327c478bd9Sstevel@tonic-gate destroy_config(cfg); 9337c478bd9Sstevel@tonic-gate } else 9347c478bd9Sstevel@tonic-gate (void) mutex_unlock(&cfg->config_mutex); 9357c478bd9Sstevel@tonic-gate } 9367c478bd9Sstevel@tonic-gate } 9377c478bd9Sstevel@tonic-gate 938e1dd0a2fSth /* 939e1dd0a2fSth * __s_api_init_config function destroys the previous global configuration 940e1dd0a2fSth * sets the new global configuration and then releases it 941e1dd0a2fSth */ 942e1dd0a2fSth void 943e1dd0a2fSth __s_api_init_config_global(ns_config_t *ptr) 944e1dd0a2fSth { 945e1dd0a2fSth set_curr_config_global(ptr); 946e1dd0a2fSth __s_api_release_config(ptr); 947e1dd0a2fSth } 948e1dd0a2fSth 9497c478bd9Sstevel@tonic-gate /* 9507c478bd9Sstevel@tonic-gate * __s_api_init_config function destroys the previous configuration 951e1dd0a2fSth * sets the new configuration and then releases it. The configuration 952e1dd0a2fSth * may be the global one or the per connection management one. 9537c478bd9Sstevel@tonic-gate */ 9547c478bd9Sstevel@tonic-gate void 9557c478bd9Sstevel@tonic-gate __s_api_init_config(ns_config_t *ptr) 9567c478bd9Sstevel@tonic-gate { 9577c478bd9Sstevel@tonic-gate set_curr_config(ptr); 9587c478bd9Sstevel@tonic-gate __s_api_release_config(ptr); 9597c478bd9Sstevel@tonic-gate } 9607c478bd9Sstevel@tonic-gate 9617c478bd9Sstevel@tonic-gate 9627c478bd9Sstevel@tonic-gate /* 9637c478bd9Sstevel@tonic-gate * Create an ns_config_t, set the usage count to one 9647c478bd9Sstevel@tonic-gate */ 9657c478bd9Sstevel@tonic-gate 9667c478bd9Sstevel@tonic-gate ns_config_t * 9677c478bd9Sstevel@tonic-gate __s_api_create_config(void) 9687c478bd9Sstevel@tonic-gate { 9697c478bd9Sstevel@tonic-gate ns_config_t *ret; 9707c478bd9Sstevel@tonic-gate ret = (ns_config_t *)calloc(1, sizeof (ns_config_t)); 9717c478bd9Sstevel@tonic-gate if (ret == NULL) 9727c478bd9Sstevel@tonic-gate return (NULL); 9737c478bd9Sstevel@tonic-gate 9747c478bd9Sstevel@tonic-gate ret->domainName = __getdomainname(); 9757c478bd9Sstevel@tonic-gate if (ret->domainName == NULL) { 9767c478bd9Sstevel@tonic-gate free(ret); 9777c478bd9Sstevel@tonic-gate return (NULL); 9787c478bd9Sstevel@tonic-gate } 9797c478bd9Sstevel@tonic-gate ret->version = NS_LDAP_V1; 9807c478bd9Sstevel@tonic-gate (void) mutex_init(&ret->config_mutex, USYNC_THREAD, NULL); 9817c478bd9Sstevel@tonic-gate ret->nUse = 1; 9827c478bd9Sstevel@tonic-gate ret->delete = B_FALSE; 9837c478bd9Sstevel@tonic-gate return (ret); 9847c478bd9Sstevel@tonic-gate } 9857c478bd9Sstevel@tonic-gate 986e1dd0a2fSth /* 987e1dd0a2fSth * __s_api_get_default_config_global returns the current global config 988e1dd0a2fSth */ 9897c478bd9Sstevel@tonic-gate ns_config_t * 990e1dd0a2fSth __s_api_get_default_config_global(void) 9917c478bd9Sstevel@tonic-gate { 992e1dd0a2fSth ns_config_t *cfg; 993e1dd0a2fSth ns_config_t *cur_cfg; 9947c478bd9Sstevel@tonic-gate 9957c478bd9Sstevel@tonic-gate (void) mutex_lock(&ns_parse_lock); 996e1dd0a2fSth cur_cfg = current_config; 997ca190d8dSmichen cfg = get_curr_config_unlocked(cur_cfg, B_TRUE); 9987c478bd9Sstevel@tonic-gate (void) mutex_unlock(&ns_parse_lock); 9997c478bd9Sstevel@tonic-gate 10007c478bd9Sstevel@tonic-gate return (cfg); 10017c478bd9Sstevel@tonic-gate } 10027c478bd9Sstevel@tonic-gate 1003e1dd0a2fSth /* 1004e1dd0a2fSth * __s_api_get_default_config returns the current global config or the 1005e1dd0a2fSth * per connection management one. 1006e1dd0a2fSth */ 1007e1dd0a2fSth ns_config_t * 1008e1dd0a2fSth __s_api_get_default_config(void) 1009e1dd0a2fSth { 1010e1dd0a2fSth ns_config_t *cfg; 1011e1dd0a2fSth ns_config_t *cur_cfg; 1012e1dd0a2fSth ns_conn_mgmt_t *cmg; 1013e1dd0a2fSth int rc; 1014e1dd0a2fSth 1015e1dd0a2fSth rc = thr_getspecific(ns_cmgkey, (void **)&cmg); 1016e1dd0a2fSth 1017e1dd0a2fSth /* get the per connection management config if available */ 1018e1dd0a2fSth if (rc == 0 && cmg != NULL && cmg->config != NULL) { 1019e1dd0a2fSth (void) mutex_lock(&cmg->cfg_lock); 1020e1dd0a2fSth cur_cfg = cmg->config; 1021ca190d8dSmichen cfg = get_curr_config_unlocked(cur_cfg, B_FALSE); 1022e1dd0a2fSth (void) mutex_unlock(&cmg->cfg_lock); 1023e1dd0a2fSth return (cfg); 1024e1dd0a2fSth } 1025e1dd0a2fSth 1026e1dd0a2fSth /* else get the global current config */ 1027e1dd0a2fSth return (__s_api_get_default_config_global()); 1028e1dd0a2fSth } 1029e1dd0a2fSth 10307c478bd9Sstevel@tonic-gate static char * 10317c478bd9Sstevel@tonic-gate stripdup(const char *instr) 10327c478bd9Sstevel@tonic-gate { 10337c478bd9Sstevel@tonic-gate char *pstart = (char *)instr; 10347c478bd9Sstevel@tonic-gate char *pend, *ret; 10357c478bd9Sstevel@tonic-gate int len; 10367c478bd9Sstevel@tonic-gate 10377c478bd9Sstevel@tonic-gate if (pstart == NULL) 10387c478bd9Sstevel@tonic-gate return (NULL); 10397c478bd9Sstevel@tonic-gate /* remove leading spaces */ 10407c478bd9Sstevel@tonic-gate while (*pstart == SPACETOK) 10417c478bd9Sstevel@tonic-gate pstart++; 10427c478bd9Sstevel@tonic-gate /* remove trailing spaces */ 10437c478bd9Sstevel@tonic-gate pend = pstart + strlen(pstart) - 1; 10447ddae043Siz for (; pend >= pstart && *pend == SPACETOK; pend--) 10457ddae043Siz ; 10467c478bd9Sstevel@tonic-gate len = pend - pstart + 1; 10477c478bd9Sstevel@tonic-gate if ((ret = malloc(len + 1)) == NULL) 10487c478bd9Sstevel@tonic-gate return (NULL); 10497c478bd9Sstevel@tonic-gate if (len != 0) { 10507c478bd9Sstevel@tonic-gate (void) strncpy(ret, pstart, len); 10517c478bd9Sstevel@tonic-gate } 10527c478bd9Sstevel@tonic-gate ret[len] = '\0'; 10537c478bd9Sstevel@tonic-gate return (ret); 10547c478bd9Sstevel@tonic-gate } 10557c478bd9Sstevel@tonic-gate 10567c478bd9Sstevel@tonic-gate /* 10577c478bd9Sstevel@tonic-gate * Note that __s_api_crosscheck is assumed to be called with an ns_config_t 10587c478bd9Sstevel@tonic-gate * that is properly protected - so that it will not change during the 10597c478bd9Sstevel@tonic-gate * duration of the call 10607c478bd9Sstevel@tonic-gate */ 10617c478bd9Sstevel@tonic-gate 10627c478bd9Sstevel@tonic-gate /* Size of errstr needs to be MAXERROR */ 10637c478bd9Sstevel@tonic-gate ns_parse_status 10647c478bd9Sstevel@tonic-gate __s_api_crosscheck(ns_config_t *ptr, char *errstr, int check_dn) 10657c478bd9Sstevel@tonic-gate { 10667c478bd9Sstevel@tonic-gate int value, j; 10677c478bd9Sstevel@tonic-gate time_t tm; 10687c478bd9Sstevel@tonic-gate const char *str, *str1; 1069e1dd0a2fSth int i, cnt; 1070e1dd0a2fSth int self, gssapi; 10717c478bd9Sstevel@tonic-gate 10727c478bd9Sstevel@tonic-gate if (ptr == NULL) 10737c478bd9Sstevel@tonic-gate return (NS_SUCCESS); 10747c478bd9Sstevel@tonic-gate 10757c478bd9Sstevel@tonic-gate /* check for no server specified */ 10767c478bd9Sstevel@tonic-gate if (ptr->paramList[NS_LDAP_SERVERS_P].ns_ppc == NULL) { 10777c478bd9Sstevel@tonic-gate if (ptr->version == NS_LDAP_V1) { 10787c478bd9Sstevel@tonic-gate str = NULL_OR_STR(__s_api_get_configname( 10797ddae043Siz NS_LDAP_SERVERS_P)); 10807c478bd9Sstevel@tonic-gate (void) snprintf(errstr, MAXERROR, 10817ddae043Siz gettext("Configuration Error: No entry for " 10827ddae043Siz "'%s' found"), str); 10837c478bd9Sstevel@tonic-gate return (NS_PARSE_ERR); 10847c478bd9Sstevel@tonic-gate } else if (ptr->paramList[NS_LDAP_SERVER_PREF_P].ns_ppc == 10857ddae043Siz NULL) { 10867c478bd9Sstevel@tonic-gate str = NULL_OR_STR(__s_api_get_configname( 10877ddae043Siz NS_LDAP_SERVERS_P)); 10887c478bd9Sstevel@tonic-gate str1 = NULL_OR_STR(__s_api_get_configname( 10897ddae043Siz NS_LDAP_SERVER_PREF_P)); 10907c478bd9Sstevel@tonic-gate (void) snprintf(errstr, MAXERROR, 10917ddae043Siz gettext("Configuration Error: " 10927ddae043Siz "Neither '%s' nor '%s' is defined"), str, str1); 10937c478bd9Sstevel@tonic-gate return (NS_PARSE_ERR); 10947c478bd9Sstevel@tonic-gate } 10957c478bd9Sstevel@tonic-gate } 10967c478bd9Sstevel@tonic-gate if (ptr->paramList[NS_LDAP_CERT_PASS_P].ns_pc != NULL && 10977ddae043Siz ptr->paramList[NS_LDAP_CERT_PATH_P].ns_pc == NULL) { 10987c478bd9Sstevel@tonic-gate str = NULL_OR_STR(__s_api_get_configname( 10997ddae043Siz NS_LDAP_CERT_PASS_P)); 11007c478bd9Sstevel@tonic-gate str1 = NULL_OR_STR(__s_api_get_configname( 11017ddae043Siz NS_LDAP_CERT_PATH_P)); 11027c478bd9Sstevel@tonic-gate (void) snprintf(errstr, MAXERROR, 11037c478bd9Sstevel@tonic-gate gettext("Configuration Error: %s specified " 11047ddae043Siz "but no value for '%s' found"), str, str1); 11057c478bd9Sstevel@tonic-gate return (NS_PARSE_ERR); 11067c478bd9Sstevel@tonic-gate } 11077c478bd9Sstevel@tonic-gate if (ptr->paramList[NS_LDAP_CERT_PASS_P].ns_pc == NULL && 11087ddae043Siz ptr->paramList[NS_LDAP_CERT_PATH_P].ns_pc != NULL) { 11097c478bd9Sstevel@tonic-gate str = NULL_OR_STR(__s_api_get_configname( 11107ddae043Siz NS_LDAP_CERT_PATH_P)); 11117c478bd9Sstevel@tonic-gate str1 = NULL_OR_STR(__s_api_get_configname( 11127ddae043Siz NS_LDAP_CERT_PASS_P)); 11137c478bd9Sstevel@tonic-gate (void) snprintf(errstr, MAXERROR, 11147c478bd9Sstevel@tonic-gate gettext("Configuration Error: %s specified " 11157ddae043Siz "but no value for '%s' found"), str, str1); 11167c478bd9Sstevel@tonic-gate return (NS_PARSE_ERR); 11177c478bd9Sstevel@tonic-gate } 11187c478bd9Sstevel@tonic-gate /* check if search basedn has been specified */ 11197c478bd9Sstevel@tonic-gate if (ptr->paramList[NS_LDAP_SEARCH_BASEDN_P].ns_ppc == NULL) { 11207c478bd9Sstevel@tonic-gate str = NULL_OR_STR(__s_api_get_configname( 11217ddae043Siz NS_LDAP_SEARCH_BASEDN_P)); 11227c478bd9Sstevel@tonic-gate (void) snprintf(errstr, MAXERROR, 11237ddae043Siz gettext("Configuration Error: No entry for " 11247ddae043Siz "'%s' found"), str); 11257c478bd9Sstevel@tonic-gate return (NS_PARSE_ERR); 11267c478bd9Sstevel@tonic-gate } 11277c478bd9Sstevel@tonic-gate 11287c478bd9Sstevel@tonic-gate if (check_dn) { 11297c478bd9Sstevel@tonic-gate /* check for auth value....passwd/bindn if necessary */ 11307c478bd9Sstevel@tonic-gate 11317ddae043Siz for (j = 0; ptr->paramList[NS_LDAP_AUTH_P].ns_pi != NULL && 11327c478bd9Sstevel@tonic-gate ptr->paramList[NS_LDAP_AUTH_P].ns_pi[j] != NULL; j++) { 11337c478bd9Sstevel@tonic-gate value = ptr->paramList[NS_LDAP_AUTH_P].ns_pi[j]; 11347c478bd9Sstevel@tonic-gate switch (value) { 11357ddae043Siz case NS_LDAP_EA_SIMPLE: 11367ddae043Siz case NS_LDAP_EA_SASL_CRAM_MD5: 11377ddae043Siz case NS_LDAP_EA_SASL_DIGEST_MD5: 11387ddae043Siz case NS_LDAP_EA_SASL_DIGEST_MD5_INT: 11397ddae043Siz case NS_LDAP_EA_SASL_DIGEST_MD5_CONF: 11407ddae043Siz case NS_LDAP_EA_TLS_SIMPLE: 11417ddae043Siz case NS_LDAP_EA_TLS_SASL_CRAM_MD5: 11427ddae043Siz case NS_LDAP_EA_TLS_SASL_DIGEST_MD5: 11437ddae043Siz case NS_LDAP_EA_TLS_SASL_DIGEST_MD5_INT: 11447ddae043Siz case NS_LDAP_EA_TLS_SASL_DIGEST_MD5_CONF: 11457c478bd9Sstevel@tonic-gate if (ptr->paramList[NS_LDAP_BINDDN_P].ns_ppc == NULL) { 11467c478bd9Sstevel@tonic-gate str = NULL_OR_STR(__s_api_get_configname( 11477ddae043Siz NS_LDAP_BINDDN_P)); 11487c478bd9Sstevel@tonic-gate (void) snprintf(errstr, MAXERROR, 11497c478bd9Sstevel@tonic-gate gettext("Configuration Error: No entry for " 11507c478bd9Sstevel@tonic-gate "'%s' found"), str); 11517c478bd9Sstevel@tonic-gate return (NS_PARSE_ERR); 11527c478bd9Sstevel@tonic-gate } 11537c478bd9Sstevel@tonic-gate if (ptr->paramList[NS_LDAP_BINDPASSWD_P].ns_ppc 11547ddae043Siz == NULL) { 11557c478bd9Sstevel@tonic-gate str = NULL_OR_STR(__s_api_get_configname( 11567ddae043Siz NS_LDAP_BINDPASSWD_P)); 11577c478bd9Sstevel@tonic-gate (void) snprintf(errstr, MAXERROR, 11587c478bd9Sstevel@tonic-gate gettext("Configuration Error: No entry for " 11597ddae043Siz "'%s' found"), str); 11607c478bd9Sstevel@tonic-gate return (NS_PARSE_ERR); 11617c478bd9Sstevel@tonic-gate } 11627c478bd9Sstevel@tonic-gate break; 11637c478bd9Sstevel@tonic-gate } 11647ddae043Siz } 11657c478bd9Sstevel@tonic-gate } 11667c478bd9Sstevel@tonic-gate 11677c478bd9Sstevel@tonic-gate /* 11687c478bd9Sstevel@tonic-gate * If NS_LDAP_CACHETTL is not specified, 11697c478bd9Sstevel@tonic-gate * init NS_LDAP_EXP_P here. Otherwise, 11707c478bd9Sstevel@tonic-gate * ldap_cachemgr will never refresh the profile. 11717c478bd9Sstevel@tonic-gate * Set it to current time + default 11727c478bd9Sstevel@tonic-gate * NS_LDAP_CACHETTL 11737c478bd9Sstevel@tonic-gate */ 11747c478bd9Sstevel@tonic-gate if (ptr->paramList[NS_LDAP_CACHETTL_P].ns_pc == NULL) { 11757c478bd9Sstevel@tonic-gate tm = conv_time( 11767ddae043Siz defconfig[NS_LDAP_CACHETTL_P].defval.ns_pc); 11777c478bd9Sstevel@tonic-gate ptr->paramList[NS_LDAP_EXP_P].ns_ptype = TIMET; 11787c478bd9Sstevel@tonic-gate if (tm != 0) { 11797c478bd9Sstevel@tonic-gate tm += time(NULL); 11807c478bd9Sstevel@tonic-gate } 11817c478bd9Sstevel@tonic-gate ptr->paramList[NS_LDAP_EXP_P].ns_tm = tm; 11827c478bd9Sstevel@tonic-gate } 1183cb5caa98Sdjl /* 1184cb5caa98Sdjl * If credential level self is defined, there should be 1185cb5caa98Sdjl * at least an auth method sasl/GSSAPI and vice versa. 1186cb5caa98Sdjl */ 1187cb5caa98Sdjl self = 0; 1188cb5caa98Sdjl cnt = ptr->paramList[NS_LDAP_CREDENTIAL_LEVEL_P].ns_acnt; 1189cb5caa98Sdjl for (i = 0; i < cnt; i++) { 1190cb5caa98Sdjl if (ptr->paramList[NS_LDAP_CREDENTIAL_LEVEL_P].ns_pi[i] == 11917ddae043Siz NS_LDAP_CRED_SELF) 1192cb5caa98Sdjl self++; 1193cb5caa98Sdjl } 1194cb5caa98Sdjl gssapi = 0; 1195cb5caa98Sdjl cnt = ptr->paramList[NS_LDAP_AUTH_P].ns_acnt; 1196cb5caa98Sdjl for (i = 0; i < cnt; i++) { 1197cb5caa98Sdjl if (ptr->paramList[NS_LDAP_AUTH_P].ns_pi[i] == 11987ddae043Siz NS_LDAP_EA_SASL_GSSAPI) 1199cb5caa98Sdjl gssapi++; 1200cb5caa98Sdjl } 1201cb5caa98Sdjl if (gssapi == 0 && self > 0) { 1202cb5caa98Sdjl (void) snprintf(errstr, MAXERROR, 12037ddae043Siz gettext("Configuration Error: " 12047ddae043Siz "Credential level self requires " 12057ddae043Siz "authentication method sasl/GSSAPI")); 1206cb5caa98Sdjl return (NS_PARSE_ERR); 1207cb5caa98Sdjl } 1208cb5caa98Sdjl if (gssapi > 0 && self == 0) { 1209cb5caa98Sdjl (void) snprintf(errstr, MAXERROR, 12107ddae043Siz gettext("Configuration Error: " 12117ddae043Siz "Authentication method sasl/GSSAPI " 12127ddae043Siz "requires credential level self")); 1213cb5caa98Sdjl return (NS_PARSE_ERR); 1214cb5caa98Sdjl } 12157c478bd9Sstevel@tonic-gate return (NS_SUCCESS); 12167c478bd9Sstevel@tonic-gate } 12177c478bd9Sstevel@tonic-gate 12187c478bd9Sstevel@tonic-gate 12197c478bd9Sstevel@tonic-gate int 12207c478bd9Sstevel@tonic-gate __s_api_get_type(const char *value, ParamIndexType *type) 12217c478bd9Sstevel@tonic-gate { 12227c478bd9Sstevel@tonic-gate int i; 12237c478bd9Sstevel@tonic-gate 12247c478bd9Sstevel@tonic-gate for (i = 0; defconfig[i].name != NULL; i++) { 12257c478bd9Sstevel@tonic-gate if (strcasecmp(defconfig[i].name, value) == 0) { 12267c478bd9Sstevel@tonic-gate *type = defconfig[i].index; 12277c478bd9Sstevel@tonic-gate return (0); 12287c478bd9Sstevel@tonic-gate } 12297c478bd9Sstevel@tonic-gate } 12307c478bd9Sstevel@tonic-gate return (-1); 12317c478bd9Sstevel@tonic-gate } 12327c478bd9Sstevel@tonic-gate 12337c478bd9Sstevel@tonic-gate /* 12347c478bd9Sstevel@tonic-gate * Externally defined version of get_type. 12357c478bd9Sstevel@tonic-gate * Includes extra error checking 12367c478bd9Sstevel@tonic-gate */ 12377c478bd9Sstevel@tonic-gate 12387c478bd9Sstevel@tonic-gate int 12397c478bd9Sstevel@tonic-gate __ns_ldap_getParamType(const char *value, ParamIndexType *type) 12407c478bd9Sstevel@tonic-gate { 12417c478bd9Sstevel@tonic-gate if (value == NULL || type == NULL) 12427c478bd9Sstevel@tonic-gate return (-1); 12437c478bd9Sstevel@tonic-gate return (__s_api_get_type(value, type)); 12447c478bd9Sstevel@tonic-gate } 12457c478bd9Sstevel@tonic-gate 12467c478bd9Sstevel@tonic-gate int 12477c478bd9Sstevel@tonic-gate __s_api_get_versiontype(ns_config_t *ptr, char *value, ParamIndexType *type) 12487c478bd9Sstevel@tonic-gate { 12497c478bd9Sstevel@tonic-gate ns_version_t ver; 12507c478bd9Sstevel@tonic-gate int i; 12517c478bd9Sstevel@tonic-gate 12527c478bd9Sstevel@tonic-gate if (ptr == NULL) 12537c478bd9Sstevel@tonic-gate return (-1); 12547c478bd9Sstevel@tonic-gate 12557c478bd9Sstevel@tonic-gate ver = ptr->version; 12567c478bd9Sstevel@tonic-gate 12577c478bd9Sstevel@tonic-gate for (i = 0; defconfig[i].name != NULL; i++) { 12587c478bd9Sstevel@tonic-gate if (strcasecmp(defconfig[i].name, value) == 0) { 12597c478bd9Sstevel@tonic-gate if (defconfig[i].version == ver) { 12607c478bd9Sstevel@tonic-gate *type = defconfig[i].index; 12617c478bd9Sstevel@tonic-gate return (0); 12627c478bd9Sstevel@tonic-gate } 12637c478bd9Sstevel@tonic-gate } 12647c478bd9Sstevel@tonic-gate } 12657c478bd9Sstevel@tonic-gate return (-1); 12667c478bd9Sstevel@tonic-gate } 12677c478bd9Sstevel@tonic-gate 12687c478bd9Sstevel@tonic-gate int 12697c478bd9Sstevel@tonic-gate __s_api_get_profiletype(char *value, ParamIndexType *type) 12707c478bd9Sstevel@tonic-gate { 12717c478bd9Sstevel@tonic-gate int i; 12727c478bd9Sstevel@tonic-gate 12737c478bd9Sstevel@tonic-gate for (i = 0; defconfig[i].name != NULL; i++) { 12747c478bd9Sstevel@tonic-gate if (defconfig[i].profile_name == NULL) 12757c478bd9Sstevel@tonic-gate continue; 12767c478bd9Sstevel@tonic-gate if (strcasecmp(defconfig[i].profile_name, value) == 0) { 12777c478bd9Sstevel@tonic-gate *type = defconfig[i].index; 12787c478bd9Sstevel@tonic-gate return (0); 12797c478bd9Sstevel@tonic-gate } 12807c478bd9Sstevel@tonic-gate } 12817c478bd9Sstevel@tonic-gate return (-1); 12827c478bd9Sstevel@tonic-gate } 12837c478bd9Sstevel@tonic-gate 12847c478bd9Sstevel@tonic-gate int 12857c478bd9Sstevel@tonic-gate __s_api_get_configtype(ParamIndexType type) 12867c478bd9Sstevel@tonic-gate { 12877c478bd9Sstevel@tonic-gate int i; 12887c478bd9Sstevel@tonic-gate 12897c478bd9Sstevel@tonic-gate for (i = 0; defconfig[i].name != NULL; i++) { 12907c478bd9Sstevel@tonic-gate if (defconfig[i].index == type) { 12917c478bd9Sstevel@tonic-gate return (defconfig[i].config_type); 12927c478bd9Sstevel@tonic-gate } 12937c478bd9Sstevel@tonic-gate } 12947c478bd9Sstevel@tonic-gate return (-1); 12957c478bd9Sstevel@tonic-gate } 12967c478bd9Sstevel@tonic-gate 12977c478bd9Sstevel@tonic-gate const char * 12987c478bd9Sstevel@tonic-gate __s_api_get_configname(ParamIndexType type) 12997c478bd9Sstevel@tonic-gate { 13007c478bd9Sstevel@tonic-gate int i; 13017c478bd9Sstevel@tonic-gate 13027c478bd9Sstevel@tonic-gate for (i = 0; defconfig[i].name != NULL; i++) { 13037c478bd9Sstevel@tonic-gate if (defconfig[i].index == type) { 13047c478bd9Sstevel@tonic-gate if (defconfig[i].name[0] == '\0') 13057c478bd9Sstevel@tonic-gate return (NULL); 13067c478bd9Sstevel@tonic-gate else 13077c478bd9Sstevel@tonic-gate return (defconfig[i].name); 13087c478bd9Sstevel@tonic-gate } 13097c478bd9Sstevel@tonic-gate } 13107c478bd9Sstevel@tonic-gate return (NULL); 13117c478bd9Sstevel@tonic-gate } 13127c478bd9Sstevel@tonic-gate 13137c478bd9Sstevel@tonic-gate static ns_default_config * 13147c478bd9Sstevel@tonic-gate get_defconfig(ns_config_t *ptr, ParamIndexType type) 13157c478bd9Sstevel@tonic-gate { 13167c478bd9Sstevel@tonic-gate ns_version_t ver; 13177c478bd9Sstevel@tonic-gate int i; 13187c478bd9Sstevel@tonic-gate 13197c478bd9Sstevel@tonic-gate ver = ptr->version; 13207c478bd9Sstevel@tonic-gate 13217c478bd9Sstevel@tonic-gate for (i = 0; defconfig[i].name != NULL; i++) { 13227c478bd9Sstevel@tonic-gate if (defconfig[i].index == type && 13237c478bd9Sstevel@tonic-gate defconfig[i].version == ver) { 13247c478bd9Sstevel@tonic-gate return (&defconfig[i]); 13257c478bd9Sstevel@tonic-gate } 13267c478bd9Sstevel@tonic-gate } 13277c478bd9Sstevel@tonic-gate return (NULL); 13287c478bd9Sstevel@tonic-gate } 13297c478bd9Sstevel@tonic-gate 13307c478bd9Sstevel@tonic-gate static int 13317c478bd9Sstevel@tonic-gate set_default_value(ns_config_t *configptr, char *name, 13327c478bd9Sstevel@tonic-gate char *value, ns_ldap_error_t **error) 13337c478bd9Sstevel@tonic-gate { 13347c478bd9Sstevel@tonic-gate ParamIndexType i; 13357c478bd9Sstevel@tonic-gate int ret; 13367c478bd9Sstevel@tonic-gate char errstr[MAXERROR]; 13377c478bd9Sstevel@tonic-gate 13387c478bd9Sstevel@tonic-gate if (__s_api_get_type(name, &i) < 0) { 13397c478bd9Sstevel@tonic-gate (void) snprintf(errstr, sizeof (errstr), gettext( 13407ddae043Siz "Illegal type name (%s).\n"), name); 13417c478bd9Sstevel@tonic-gate MKERROR(LOG_ERR, *error, NS_CONFIG_SYNTAX, strdup(errstr), 13427ddae043Siz NULL); 13437c478bd9Sstevel@tonic-gate return (NS_LDAP_CONFIG); 13447c478bd9Sstevel@tonic-gate } 13457c478bd9Sstevel@tonic-gate 13467c478bd9Sstevel@tonic-gate if (i != NS_LDAP_SERVERS_P && 13477ddae043Siz i != NS_LDAP_SERVICE_AUTH_METHOD_P && 13487ddae043Siz i != NS_LDAP_SERVICE_CRED_LEVEL_P && 13497ddae043Siz i != NS_LDAP_SERVICE_SEARCH_DESC_P && 13507ddae043Siz i != NS_LDAP_SERVER_PREF_P && 13517ddae043Siz i != NS_LDAP_SEARCH_DN_P) { 13527c478bd9Sstevel@tonic-gate if (configptr->paramList[i].ns_ptype != NS_UNKNOWN) { 13537c478bd9Sstevel@tonic-gate destroy_param(configptr, i); 13547c478bd9Sstevel@tonic-gate } 13557c478bd9Sstevel@tonic-gate } 13567c478bd9Sstevel@tonic-gate 13577c478bd9Sstevel@tonic-gate ret = __ns_ldap_setParamValue(configptr, i, value, error); 13587c478bd9Sstevel@tonic-gate return (ret); 13597c478bd9Sstevel@tonic-gate } 13607c478bd9Sstevel@tonic-gate 13617c478bd9Sstevel@tonic-gate 13627c478bd9Sstevel@tonic-gate /* 13637c478bd9Sstevel@tonic-gate * Initialize config to a default state 13647c478bd9Sstevel@tonic-gate * By default leave configuration empty 13657c478bd9Sstevel@tonic-gate * getParam will automatically get the 13667c478bd9Sstevel@tonic-gate * appropriate default value if none exists 13677c478bd9Sstevel@tonic-gate */ 13687c478bd9Sstevel@tonic-gate 13697c478bd9Sstevel@tonic-gate void 13707c478bd9Sstevel@tonic-gate __ns_ldap_default_config() 13717c478bd9Sstevel@tonic-gate { 13727c478bd9Sstevel@tonic-gate ns_config_t *ptr; 13737c478bd9Sstevel@tonic-gate 13747c478bd9Sstevel@tonic-gate ptr = __s_api_create_config(); 13757c478bd9Sstevel@tonic-gate if (ptr == NULL) 13767c478bd9Sstevel@tonic-gate return; 13777c478bd9Sstevel@tonic-gate 13787c478bd9Sstevel@tonic-gate set_curr_config(ptr); 13797c478bd9Sstevel@tonic-gate __s_api_release_config(ptr); 13807c478bd9Sstevel@tonic-gate } 13817c478bd9Sstevel@tonic-gate 13827c478bd9Sstevel@tonic-gate /* 13837c478bd9Sstevel@tonic-gate * Get the current configuration pointer and return it. 13847c478bd9Sstevel@tonic-gate * If necessary initialize or refresh the current 1385e1dd0a2fSth * configuration as applicable. If global is set, returns 1386e1dd0a2fSth * the global one. 13877c478bd9Sstevel@tonic-gate */ 13887c478bd9Sstevel@tonic-gate 1389e1dd0a2fSth static ns_config_t * 1390e1dd0a2fSth loadrefresh_config(boolean_t global) 13917c478bd9Sstevel@tonic-gate { 13927c478bd9Sstevel@tonic-gate ns_config_t *cfg; 13937c478bd9Sstevel@tonic-gate ns_config_t *new_cfg; 13947c478bd9Sstevel@tonic-gate ns_ldap_error_t *errorp; 13957c478bd9Sstevel@tonic-gate 13967c478bd9Sstevel@tonic-gate /* We want to refresh only one configuration at a time */ 13977c478bd9Sstevel@tonic-gate (void) mutex_lock(&ns_loadrefresh_lock); 1398e1dd0a2fSth if (global == B_TRUE) 1399e1dd0a2fSth cfg = __s_api_get_default_config_global(); 1400e1dd0a2fSth else 1401e1dd0a2fSth cfg = __s_api_get_default_config(); 14027c478bd9Sstevel@tonic-gate 14037c478bd9Sstevel@tonic-gate /* (re)initialize configuration if necessary */ 1404e1dd0a2fSth if (!__s_api_isStandalone() && timetorefresh(cfg)) { 1405e1dd0a2fSth new_cfg = LoadCacheConfiguration(cfg, &errorp); 1406e1dd0a2fSth if (new_cfg != NULL && new_cfg != cfg) { 14077c478bd9Sstevel@tonic-gate __s_api_release_config(cfg); 1408e1dd0a2fSth if (global == B_TRUE) 1409e1dd0a2fSth set_curr_config_global(new_cfg); 1410e1dd0a2fSth else 1411e1dd0a2fSth set_curr_config(new_cfg); 14127c478bd9Sstevel@tonic-gate cfg = new_cfg; 14137c478bd9Sstevel@tonic-gate } 14147c478bd9Sstevel@tonic-gate if (errorp != NULL) 14157c478bd9Sstevel@tonic-gate (void) __ns_ldap_freeError(&errorp); 14167c478bd9Sstevel@tonic-gate } 14177c478bd9Sstevel@tonic-gate (void) mutex_unlock(&ns_loadrefresh_lock); 14187c478bd9Sstevel@tonic-gate return (cfg); 14197c478bd9Sstevel@tonic-gate } 14207c478bd9Sstevel@tonic-gate 1421e1dd0a2fSth /* 1422e1dd0a2fSth * Get the current global configuration pointer and return it. 1423e1dd0a2fSth * If necessary initialize or refresh the current 1424e1dd0a2fSth * configuration as applicable. 1425e1dd0a2fSth */ 1426e1dd0a2fSth 1427e1dd0a2fSth ns_config_t * 1428e1dd0a2fSth __s_api_loadrefresh_config_global() 1429e1dd0a2fSth { 1430e1dd0a2fSth return (loadrefresh_config(B_TRUE)); 1431e1dd0a2fSth } 1432e1dd0a2fSth 1433e1dd0a2fSth /* 1434e1dd0a2fSth * Get the current configuration pointer and return it. 1435e1dd0a2fSth * If necessary initialize or refresh the current 1436e1dd0a2fSth * configuration as applicable. The configuration may 1437e1dd0a2fSth * be the global one or the per connection management one. 1438e1dd0a2fSth */ 1439e1dd0a2fSth 1440e1dd0a2fSth ns_config_t * 1441e1dd0a2fSth __s_api_loadrefresh_config() 1442e1dd0a2fSth { 1443e1dd0a2fSth return (loadrefresh_config(B_FALSE)); 1444e1dd0a2fSth } 1445e1dd0a2fSth 14467c478bd9Sstevel@tonic-gate /* 14477c478bd9Sstevel@tonic-gate * In general this routine is not very usefull. Individual routines can be 14487c478bd9Sstevel@tonic-gate * created to do this job. Once that is done, this function can be removed. 14497c478bd9Sstevel@tonic-gate * Size of errstr buffer needs to be MAXERROR. 14507c478bd9Sstevel@tonic-gate */ 14517c478bd9Sstevel@tonic-gate static ns_parse_status 14527c478bd9Sstevel@tonic-gate verify_value(ns_config_t *cfg, char *name, char *value, char *errstr) 14537c478bd9Sstevel@tonic-gate { 14547c478bd9Sstevel@tonic-gate ParamIndexType index = 0; 14557c478bd9Sstevel@tonic-gate int found = 0, j; 14567c478bd9Sstevel@tonic-gate char *ptr = NULL, *strptr = NULL, buffer[BUFSIZE]; 14577c478bd9Sstevel@tonic-gate char *rest; 14587c478bd9Sstevel@tonic-gate ns_default_config *def = NULL; 14597c478bd9Sstevel@tonic-gate 14607c478bd9Sstevel@tonic-gate if (__s_api_get_type(name, &index) != 0) { 14617c478bd9Sstevel@tonic-gate (void) snprintf(errstr, MAXERROR, 14627ddae043Siz gettext("Unknown keyword encountered '%s'."), name); 14637c478bd9Sstevel@tonic-gate return (NS_PARSE_ERR); 14647c478bd9Sstevel@tonic-gate } 14657c478bd9Sstevel@tonic-gate 14667c478bd9Sstevel@tonic-gate def = get_defconfig(cfg, index); 14677c478bd9Sstevel@tonic-gate 14687c478bd9Sstevel@tonic-gate /* eat up beginning quote, if any */ 14697c478bd9Sstevel@tonic-gate while (value != NULL && (*value == QUOTETOK || *value == SPACETOK)) 14707c478bd9Sstevel@tonic-gate value++; 14717c478bd9Sstevel@tonic-gate 14727c478bd9Sstevel@tonic-gate /* eat up space/quote at end of value */ 14737c478bd9Sstevel@tonic-gate if (strlen(value) > 0) 14747c478bd9Sstevel@tonic-gate ptr = value + strlen(value) - 1; 14757c478bd9Sstevel@tonic-gate else 14767c478bd9Sstevel@tonic-gate ptr = value; 14777c478bd9Sstevel@tonic-gate for (; ptr != value && (*ptr == SPACETOK || *ptr == QUOTETOK); ptr--) { 14787c478bd9Sstevel@tonic-gate *ptr = '\0'; 14797c478bd9Sstevel@tonic-gate } 14807c478bd9Sstevel@tonic-gate 14817c478bd9Sstevel@tonic-gate switch (index) { 14827c478bd9Sstevel@tonic-gate case NS_LDAP_EXP_P: 14837c478bd9Sstevel@tonic-gate case NS_LDAP_CACHETTL_P: 14847c478bd9Sstevel@tonic-gate case NS_LDAP_CERT_PATH_P: 14857c478bd9Sstevel@tonic-gate case NS_LDAP_CERT_PASS_P: 14867c478bd9Sstevel@tonic-gate case NS_LDAP_CERT_NICKNAME_P: 14877c478bd9Sstevel@tonic-gate case NS_LDAP_BINDDN_P: 14887c478bd9Sstevel@tonic-gate case NS_LDAP_BINDPASSWD_P: 14897c478bd9Sstevel@tonic-gate case NS_LDAP_DOMAIN_P: 14907c478bd9Sstevel@tonic-gate case NS_LDAP_SEARCH_BASEDN_P: 14917c478bd9Sstevel@tonic-gate case NS_LDAP_SEARCH_TIME_P: 14927c478bd9Sstevel@tonic-gate case NS_LDAP_PROFILE_P: 14937c478bd9Sstevel@tonic-gate case NS_LDAP_AUTH_P: 14947c478bd9Sstevel@tonic-gate case NS_LDAP_SEARCH_SCOPE_P: 14957c478bd9Sstevel@tonic-gate case NS_LDAP_CREDENTIAL_LEVEL_P: 14967c478bd9Sstevel@tonic-gate case NS_LDAP_SERVICE_SEARCH_DESC_P: 14977c478bd9Sstevel@tonic-gate case NS_LDAP_BIND_TIME_P: 14987c478bd9Sstevel@tonic-gate case NS_LDAP_ATTRIBUTEMAP_P: 14997c478bd9Sstevel@tonic-gate case NS_LDAP_OBJECTCLASSMAP_P: 15007c478bd9Sstevel@tonic-gate case NS_LDAP_SERVICE_AUTH_METHOD_P: 15017c478bd9Sstevel@tonic-gate case NS_LDAP_SERVICE_CRED_LEVEL_P: 15027c478bd9Sstevel@tonic-gate case NS_LDAP_HOST_CERTPATH_P: 15037c478bd9Sstevel@tonic-gate break; 15047c478bd9Sstevel@tonic-gate case NS_LDAP_SEARCH_DN_P: 15057c478bd9Sstevel@tonic-gate /* depreciated because of service descriptors */ 15067c478bd9Sstevel@tonic-gate /* Parse as appropriate at descriptor create time */ 15077c478bd9Sstevel@tonic-gate break; 15087c478bd9Sstevel@tonic-gate case NS_LDAP_FILE_VERSION_P: 15097c478bd9Sstevel@tonic-gate if (value != NULL && 15107ddae043Siz strcasecmp(value, NS_LDAP_VERSION_1) != 0 && 15117ddae043Siz strcasecmp(value, NS_LDAP_VERSION_2) != 0) { 15127c478bd9Sstevel@tonic-gate (void) snprintf(errstr, MAXERROR, 15137ddae043Siz gettext("Version mismatch, expected " 15147ddae043Siz "cache version '%s' or '%s' but " 15157ddae043Siz "encountered version '%s'."), 15167ddae043Siz NS_LDAP_VERSION_1, 15177ddae043Siz NS_LDAP_VERSION_2, value); 15187c478bd9Sstevel@tonic-gate return (NS_PARSE_ERR); 15197c478bd9Sstevel@tonic-gate } 15207c478bd9Sstevel@tonic-gate break; 15217c478bd9Sstevel@tonic-gate case NS_LDAP_SERVERS_P: 15227c478bd9Sstevel@tonic-gate case NS_LDAP_SERVER_PREF_P: 15237c478bd9Sstevel@tonic-gate (void) strcpy(buffer, value); 15247c478bd9Sstevel@tonic-gate strptr = strtok_r(buffer, ",", &rest); 15257c478bd9Sstevel@tonic-gate while (strptr != NULL) { 15267c478bd9Sstevel@tonic-gate char *tmp = NULL; 15277c478bd9Sstevel@tonic-gate tmp = stripdup(strptr); 15287c478bd9Sstevel@tonic-gate if (tmp == NULL || (strchr(tmp, ' ') != NULL)) { 15297c478bd9Sstevel@tonic-gate (void) snprintf(errstr, MAXERROR, 15307c478bd9Sstevel@tonic-gate gettext("Invalid parameter values " 15317c478bd9Sstevel@tonic-gate "'%s' specified for keyword '%s'."), 15327c478bd9Sstevel@tonic-gate tmp, name); 15337c478bd9Sstevel@tonic-gate free(tmp); 15347c478bd9Sstevel@tonic-gate return (NS_PARSE_ERR); 15357c478bd9Sstevel@tonic-gate } 15367c478bd9Sstevel@tonic-gate free(tmp); 15377c478bd9Sstevel@tonic-gate strptr = strtok_r(NULL, ",", &rest); 15387c478bd9Sstevel@tonic-gate } 15397c478bd9Sstevel@tonic-gate break; 15407c478bd9Sstevel@tonic-gate default: 15417c478bd9Sstevel@tonic-gate found = 0; j = 0; 15427c478bd9Sstevel@tonic-gate while (def->allowed != NULL && 15437ddae043Siz def->allowed[j].name != NULL && j < DEFMAX) { 15447c478bd9Sstevel@tonic-gate if (strcmp(def->allowed[j].name, 15457c478bd9Sstevel@tonic-gate value) == 0) { 15467c478bd9Sstevel@tonic-gate found = 1; 15477c478bd9Sstevel@tonic-gate break; 15487c478bd9Sstevel@tonic-gate } 15497c478bd9Sstevel@tonic-gate j++; 15507c478bd9Sstevel@tonic-gate } 15517c478bd9Sstevel@tonic-gate if (!found) { 15527ddae043Siz (void) snprintf(errstr, MAXERROR, 15537c478bd9Sstevel@tonic-gate gettext("Invalid option specified for " 15547c478bd9Sstevel@tonic-gate "'%s' keyword. '%s' is not a recognized " 15557c478bd9Sstevel@tonic-gate "keyword value."), name, value); 15567c478bd9Sstevel@tonic-gate return (NS_PARSE_ERR); 15577c478bd9Sstevel@tonic-gate } 15587c478bd9Sstevel@tonic-gate } 15597c478bd9Sstevel@tonic-gate 15607c478bd9Sstevel@tonic-gate return (NS_SUCCESS); 15617c478bd9Sstevel@tonic-gate } 15627c478bd9Sstevel@tonic-gate 15637c478bd9Sstevel@tonic-gate void 15647c478bd9Sstevel@tonic-gate __s_api_split_key_value(char *buffer, char **name, char **value) 15657c478bd9Sstevel@tonic-gate { 15667c478bd9Sstevel@tonic-gate char *ptr; 15677c478bd9Sstevel@tonic-gate 15687c478bd9Sstevel@tonic-gate *name = buffer; 15697c478bd9Sstevel@tonic-gate /* split into name value pair */ 15707c478bd9Sstevel@tonic-gate if ((ptr = strchr(buffer, TOKENSEPARATOR)) != NULL) { 15717c478bd9Sstevel@tonic-gate *ptr = '\0'; 15727c478bd9Sstevel@tonic-gate ptr++; 15737c478bd9Sstevel@tonic-gate /* trim whitespace */ 15747c478bd9Sstevel@tonic-gate while (*ptr == SPACETOK) 15757c478bd9Sstevel@tonic-gate ptr++; 15767c478bd9Sstevel@tonic-gate *value = ptr; 15777c478bd9Sstevel@tonic-gate } 15787c478bd9Sstevel@tonic-gate } 15797c478bd9Sstevel@tonic-gate 15807c478bd9Sstevel@tonic-gate /* 15817c478bd9Sstevel@tonic-gate * Set a parameter value in a generic configuration structure 15827c478bd9Sstevel@tonic-gate * Assume any necessary locks are in place. This routine would 15837c478bd9Sstevel@tonic-gate * be better named: __ns_ldap_translateString2Param 15847c478bd9Sstevel@tonic-gate * 15857c478bd9Sstevel@tonic-gate * This routine translates external string format into internal 15867c478bd9Sstevel@tonic-gate * param format and saves the result in the param table. 15877c478bd9Sstevel@tonic-gate */ 15887c478bd9Sstevel@tonic-gate int 15897c478bd9Sstevel@tonic-gate __ns_ldap_setParamValue(ns_config_t *ptr, const ParamIndexType type, 15907c478bd9Sstevel@tonic-gate const void *data, ns_ldap_error_t **error) 15917c478bd9Sstevel@tonic-gate { 15927c478bd9Sstevel@tonic-gate ns_default_config *def = NULL; 15937c478bd9Sstevel@tonic-gate ns_param_t conf; 15947c478bd9Sstevel@tonic-gate ns_mapping_t *map, *rmap; 15957c478bd9Sstevel@tonic-gate int i, j, len; 15967c478bd9Sstevel@tonic-gate char *cp, *cp2, *end; 15977c478bd9Sstevel@tonic-gate char *tcp = NULL; 15987c478bd9Sstevel@tonic-gate char errstr[2 * MAXERROR]; 15997c478bd9Sstevel@tonic-gate char tbuf[100], *ptbuf; 16007c478bd9Sstevel@tonic-gate char *sid, *origA, **mapA; 16017c478bd9Sstevel@tonic-gate char **attr; 16027c478bd9Sstevel@tonic-gate time_t tm; 16037c478bd9Sstevel@tonic-gate int free_memory, exitrc; 16047c478bd9Sstevel@tonic-gate char **p; 16057c478bd9Sstevel@tonic-gate 16067c478bd9Sstevel@tonic-gate /* Find ParamIndexType default configuration data */ 16077c478bd9Sstevel@tonic-gate def = get_defconfig(ptr, type); 16087c478bd9Sstevel@tonic-gate if (def == NULL) { 16097c478bd9Sstevel@tonic-gate (void) snprintf(errstr, sizeof (errstr), 16107ddae043Siz gettext("Unable to set value: " 16117ddae043Siz "invalid ParamIndexType (%d)"), type); 16127c478bd9Sstevel@tonic-gate MKERROR(LOG_ERR, *error, NS_CONFIG_SYNTAX, strdup(errstr), 16137ddae043Siz NULL); 16147c478bd9Sstevel@tonic-gate return (NS_LDAP_CONFIG); 16157c478bd9Sstevel@tonic-gate } 16167c478bd9Sstevel@tonic-gate 16177c478bd9Sstevel@tonic-gate (void) memset(&conf, 0, sizeof (conf)); 16187c478bd9Sstevel@tonic-gate 16197c478bd9Sstevel@tonic-gate /* data is actually const char */ 16207c478bd9Sstevel@tonic-gate cp = (char *)data; 16217c478bd9Sstevel@tonic-gate 16227c478bd9Sstevel@tonic-gate /* eat up beginning quote, if any */ 16237c478bd9Sstevel@tonic-gate while (cp && (*cp == QUOTETOK || *cp == SPACETOK)) 16247c478bd9Sstevel@tonic-gate cp++; 16257c478bd9Sstevel@tonic-gate 16267c478bd9Sstevel@tonic-gate /* eat up space/quote at end of value */ 16277c478bd9Sstevel@tonic-gate end = cp2 = cp + strlen(cp) - 1; 16287c478bd9Sstevel@tonic-gate for (; cp2 > cp && (*cp2 == SPACETOK || *cp2 == QUOTETOK); cp2--) 16297c478bd9Sstevel@tonic-gate ; 16307c478bd9Sstevel@tonic-gate /* data is const, must duplicate */ 16317c478bd9Sstevel@tonic-gate if (cp2 != end) { 16327c478bd9Sstevel@tonic-gate tcp = (char *)calloc((int)(cp2 - cp + 2), sizeof (char)); 16337c478bd9Sstevel@tonic-gate if (tcp == NULL) 16347c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 16357c478bd9Sstevel@tonic-gate end = cp2; 16367c478bd9Sstevel@tonic-gate cp2 = tcp; 16377c478bd9Sstevel@tonic-gate while (cp <= end) { 16387c478bd9Sstevel@tonic-gate *cp2++ = *cp++; 16397c478bd9Sstevel@tonic-gate } 16407c478bd9Sstevel@tonic-gate *cp2 = '\0'; 16417c478bd9Sstevel@tonic-gate cp = tcp; 16427c478bd9Sstevel@tonic-gate } 16437c478bd9Sstevel@tonic-gate 16447c478bd9Sstevel@tonic-gate /* Parse data according to type */ 16457c478bd9Sstevel@tonic-gate switch (def->data_type) { 16467c478bd9Sstevel@tonic-gate case INT: 16477c478bd9Sstevel@tonic-gate switch (def->index) { 16487c478bd9Sstevel@tonic-gate case NS_LDAP_PREF_ONLY_P: 16497c478bd9Sstevel@tonic-gate case NS_LDAP_SEARCH_REF_P: 16507c478bd9Sstevel@tonic-gate case NS_LDAP_SEARCH_SCOPE_P: 16517c478bd9Sstevel@tonic-gate i = __s_get_enum_value(ptr, cp, def->index); 16527c478bd9Sstevel@tonic-gate if (i < 0) { 16537c478bd9Sstevel@tonic-gate (void) snprintf(errstr, sizeof (errstr), 16547ddae043Siz gettext("Unable to set value: " 16557ddae043Siz "invalid %s (%d)"), def->name, 16567ddae043Siz def->index); 16577c478bd9Sstevel@tonic-gate MKERROR(LOG_ERR, *error, NS_CONFIG_SYNTAX, 16587ddae043Siz strdup(errstr), NULL); 16597c478bd9Sstevel@tonic-gate if (tcp != NULL) 16607c478bd9Sstevel@tonic-gate free(tcp); 16617c478bd9Sstevel@tonic-gate return (NS_LDAP_CONFIG); 16627c478bd9Sstevel@tonic-gate } 16637c478bd9Sstevel@tonic-gate conf.ns_i = i; 16647c478bd9Sstevel@tonic-gate break; 16657c478bd9Sstevel@tonic-gate case NS_LDAP_TRANSPORT_SEC_P: /* ignore TRANSPORT_SEC */ 16667c478bd9Sstevel@tonic-gate break; 16677c478bd9Sstevel@tonic-gate default: 16687c478bd9Sstevel@tonic-gate cp2 = cp; 16697c478bd9Sstevel@tonic-gate if ((*cp2 == '+') || (*cp2 == '-')) 16707c478bd9Sstevel@tonic-gate cp2++; 16717c478bd9Sstevel@tonic-gate for (/* empty */; *cp2; cp2++) { 16727c478bd9Sstevel@tonic-gate if (isdigit(*cp2)) 16737c478bd9Sstevel@tonic-gate continue; 16747c478bd9Sstevel@tonic-gate 16757c478bd9Sstevel@tonic-gate (void) snprintf(errstr, sizeof (errstr), 16767ddae043Siz gettext("Unable to set value: " 16777ddae043Siz "invalid %s (%d)"), def->name, 16787ddae043Siz def->index); 16797c478bd9Sstevel@tonic-gate MKERROR(LOG_ERR, *error, NS_CONFIG_SYNTAX, 16807ddae043Siz strdup(errstr), NULL); 16817c478bd9Sstevel@tonic-gate if (tcp != NULL) 16827c478bd9Sstevel@tonic-gate free(tcp); 16837c478bd9Sstevel@tonic-gate return (NS_LDAP_CONFIG); 16847c478bd9Sstevel@tonic-gate } 16857c478bd9Sstevel@tonic-gate i = atoi(cp); 16867c478bd9Sstevel@tonic-gate conf.ns_i = i; 16877c478bd9Sstevel@tonic-gate break; 16887c478bd9Sstevel@tonic-gate } 16897c478bd9Sstevel@tonic-gate break; 16907c478bd9Sstevel@tonic-gate case TIMET: 16917c478bd9Sstevel@tonic-gate /* Do nothing with a TIMET. Initialize it below */ 16927c478bd9Sstevel@tonic-gate break; 16937c478bd9Sstevel@tonic-gate case CHARPTR: 16947c478bd9Sstevel@tonic-gate conf.ns_pc = (char *)strdup(cp); 16957c478bd9Sstevel@tonic-gate if (conf.ns_pc == NULL) { 16967c478bd9Sstevel@tonic-gate if (tcp != NULL) 16977c478bd9Sstevel@tonic-gate free(tcp); 16987c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 16997c478bd9Sstevel@tonic-gate } 17007c478bd9Sstevel@tonic-gate break; 17017c478bd9Sstevel@tonic-gate case SAMLIST: 17027c478bd9Sstevel@tonic-gate /* first check to see if colon (:) is there */ 17037c478bd9Sstevel@tonic-gate if ((strchr(cp, COLONTOK)) == NULL) { 17047c478bd9Sstevel@tonic-gate (void) snprintf(errstr, sizeof (errstr), 17057ddae043Siz gettext("Unable to set value: " 17067ddae043Siz "invalid serviceAuthenticationMethod (%s)"), 17077ddae043Siz cp); 17087c478bd9Sstevel@tonic-gate MKERROR(LOG_ERR, *error, NS_CONFIG_SYNTAX, 17097ddae043Siz strdup(errstr), NULL); 17107c478bd9Sstevel@tonic-gate if (tcp != NULL) 17117c478bd9Sstevel@tonic-gate free(tcp); 17127c478bd9Sstevel@tonic-gate return (NS_LDAP_CONFIG); 17137c478bd9Sstevel@tonic-gate } 17147c478bd9Sstevel@tonic-gate /* Appends an entry to the existing list */ 17157c478bd9Sstevel@tonic-gate if (ptr->paramList[type].ns_ptype != SAMLIST) { 17167c478bd9Sstevel@tonic-gate conf.ns_ppc = (char **)calloc(2, sizeof (char *)); 17177c478bd9Sstevel@tonic-gate if (conf.ns_ppc == NULL) { 17187c478bd9Sstevel@tonic-gate if (tcp != NULL) 17197c478bd9Sstevel@tonic-gate free(tcp); 17207c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 17217c478bd9Sstevel@tonic-gate } 17227c478bd9Sstevel@tonic-gate conf.ns_acnt = 1; 17237c478bd9Sstevel@tonic-gate conf.ns_ppc[0] = (char *)strdup(cp); 17247c478bd9Sstevel@tonic-gate if (conf.ns_ppc[0] == NULL) { 17257c478bd9Sstevel@tonic-gate free(conf.ns_ppc); 17267c478bd9Sstevel@tonic-gate if (tcp != NULL) 17277c478bd9Sstevel@tonic-gate free(tcp); 17287c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 17297c478bd9Sstevel@tonic-gate } 17307c478bd9Sstevel@tonic-gate } else { 17317c478bd9Sstevel@tonic-gate char *dp, *dpend; 17327c478bd9Sstevel@tonic-gate int fnd = 0; 17337c478bd9Sstevel@tonic-gate 17347c478bd9Sstevel@tonic-gate /* Attempt to replace if possible */ 17357c478bd9Sstevel@tonic-gate dpend = strchr(cp, COLONTOK); 17367c478bd9Sstevel@tonic-gate len = dpend - cp; 17377c478bd9Sstevel@tonic-gate dp = (char *)malloc(len+1); 17387c478bd9Sstevel@tonic-gate if (dp == NULL) { 17397c478bd9Sstevel@tonic-gate if (tcp != NULL) 17407c478bd9Sstevel@tonic-gate free(tcp); 17417c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 17427c478bd9Sstevel@tonic-gate } 17437c478bd9Sstevel@tonic-gate (void) strlcpy(dp, cp, len+1); 17447c478bd9Sstevel@tonic-gate fnd = 0; 17457c478bd9Sstevel@tonic-gate for (j = 0; j < ptr->paramList[type].ns_acnt; j++) { 17467c478bd9Sstevel@tonic-gate dpend = strchr(ptr->paramList[type].ns_ppc[j], 17477ddae043Siz COLONTOK); 17487c478bd9Sstevel@tonic-gate if (dpend == NULL) 17497c478bd9Sstevel@tonic-gate continue; 17507c478bd9Sstevel@tonic-gate i = dpend - ptr->paramList[type].ns_ppc[j]; 17517c478bd9Sstevel@tonic-gate if (i != len) 17527c478bd9Sstevel@tonic-gate continue; 17537c478bd9Sstevel@tonic-gate if (strncmp(ptr->paramList[type].ns_ppc[j], 17547ddae043Siz dp, len) == 0) { 17557c478bd9Sstevel@tonic-gate conf.ns_acnt = 17567ddae043Siz ptr->paramList[type].ns_acnt; 17577c478bd9Sstevel@tonic-gate conf.ns_ppc = 17587ddae043Siz ptr->paramList[type].ns_ppc; 17597c478bd9Sstevel@tonic-gate ptr->paramList[type].ns_ppc = NULL; 17607c478bd9Sstevel@tonic-gate free(conf.ns_ppc[j]); 17617c478bd9Sstevel@tonic-gate conf.ns_ppc[j] = (char *)strdup(cp); 17627c478bd9Sstevel@tonic-gate if (conf.ns_ppc[j] == NULL) { 17637c478bd9Sstevel@tonic-gate free(dp); 17647c478bd9Sstevel@tonic-gate __s_api_free2dArray 17657ddae043Siz (conf.ns_ppc); 17667c478bd9Sstevel@tonic-gate if (tcp != NULL) 17677c478bd9Sstevel@tonic-gate free(tcp); 17687c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 17697c478bd9Sstevel@tonic-gate } 17707c478bd9Sstevel@tonic-gate fnd = 1; 17717c478bd9Sstevel@tonic-gate break; 17727c478bd9Sstevel@tonic-gate } 17737c478bd9Sstevel@tonic-gate } 17747c478bd9Sstevel@tonic-gate free(dp); 17757c478bd9Sstevel@tonic-gate 17767c478bd9Sstevel@tonic-gate if (fnd) 17777c478bd9Sstevel@tonic-gate break; /* Replaced completed */ 17787c478bd9Sstevel@tonic-gate 17797c478bd9Sstevel@tonic-gate /* Append */ 17807c478bd9Sstevel@tonic-gate len = ptr->paramList[type].ns_acnt + 1; 17817c478bd9Sstevel@tonic-gate if (len > 1) { 17827c478bd9Sstevel@tonic-gate p = (char **)dupParam(&ptr->paramList[type]); 17837c478bd9Sstevel@tonic-gate if (p == NULL) { 17847c478bd9Sstevel@tonic-gate if (tcp != NULL) 17857c478bd9Sstevel@tonic-gate free(tcp); 17867c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 17877c478bd9Sstevel@tonic-gate } 17887c478bd9Sstevel@tonic-gate } else 17897c478bd9Sstevel@tonic-gate p = NULL; 17907c478bd9Sstevel@tonic-gate conf.ns_ppc = 17917ddae043Siz (char **)realloc(p, (len+1) * sizeof (char *)); 17927c478bd9Sstevel@tonic-gate if (conf.ns_ppc == NULL) { 17937c478bd9Sstevel@tonic-gate __s_api_free2dArray(p); 17947c478bd9Sstevel@tonic-gate if (tcp != NULL) 17957c478bd9Sstevel@tonic-gate free(tcp); 17967c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 17977c478bd9Sstevel@tonic-gate } 17987c478bd9Sstevel@tonic-gate conf.ns_acnt = len; 17997c478bd9Sstevel@tonic-gate conf.ns_ppc[len-1] = (char *)strdup(cp); 18007c478bd9Sstevel@tonic-gate if (conf.ns_ppc[len-1] == NULL) { 18017c478bd9Sstevel@tonic-gate __s_api_free2dArray(conf.ns_ppc); 18027c478bd9Sstevel@tonic-gate if (tcp != NULL) 18037c478bd9Sstevel@tonic-gate free(tcp); 18047c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 18057c478bd9Sstevel@tonic-gate } 18067c478bd9Sstevel@tonic-gate conf.ns_ppc[len] = NULL; 18077c478bd9Sstevel@tonic-gate } 18087c478bd9Sstevel@tonic-gate break; 18097c478bd9Sstevel@tonic-gate case SCLLIST: 18107c478bd9Sstevel@tonic-gate /* first check to see if colon (:) is there */ 18117c478bd9Sstevel@tonic-gate if ((strchr(cp, COLONTOK)) == NULL) { 18127c478bd9Sstevel@tonic-gate (void) snprintf(errstr, sizeof (errstr), 18137ddae043Siz gettext("Unable to set value: " 18147ddae043Siz "invalid serviceCredentialLevel (%s)"), 18157ddae043Siz cp); 18167c478bd9Sstevel@tonic-gate MKERROR(LOG_ERR, *error, NS_CONFIG_SYNTAX, 18177ddae043Siz strdup(errstr), NULL); 18187c478bd9Sstevel@tonic-gate if (tcp != NULL) 18197c478bd9Sstevel@tonic-gate free(tcp); 18207c478bd9Sstevel@tonic-gate return (NS_LDAP_CONFIG); 18217c478bd9Sstevel@tonic-gate } 18227c478bd9Sstevel@tonic-gate /* Appends an entry to the existing list */ 18237c478bd9Sstevel@tonic-gate if (ptr->paramList[type].ns_ptype != SCLLIST) { 18247c478bd9Sstevel@tonic-gate conf.ns_ppc = (char **)calloc(2, sizeof (char *)); 18257c478bd9Sstevel@tonic-gate if (conf.ns_ppc == NULL) { 18267c478bd9Sstevel@tonic-gate if (tcp != NULL) 18277c478bd9Sstevel@tonic-gate free(tcp); 18287c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 18297c478bd9Sstevel@tonic-gate } 18307c478bd9Sstevel@tonic-gate conf.ns_acnt = 1; 18317c478bd9Sstevel@tonic-gate conf.ns_ppc[0] = (char *)strdup(cp); 18327c478bd9Sstevel@tonic-gate if (conf.ns_ppc[0] == NULL) { 18337c478bd9Sstevel@tonic-gate free(conf.ns_ppc); 18347c478bd9Sstevel@tonic-gate if (tcp != NULL) 18357c478bd9Sstevel@tonic-gate free(tcp); 18367c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 18377c478bd9Sstevel@tonic-gate } 18387c478bd9Sstevel@tonic-gate } else { 18397c478bd9Sstevel@tonic-gate char *dp, *dpend; 18407c478bd9Sstevel@tonic-gate int fnd = 0; 18417c478bd9Sstevel@tonic-gate 18427c478bd9Sstevel@tonic-gate /* Attempt to replace if possible */ 18437c478bd9Sstevel@tonic-gate dpend = strchr(cp, COLONTOK); 18447c478bd9Sstevel@tonic-gate len = dpend - cp; 18457c478bd9Sstevel@tonic-gate dp = (char *)malloc(len+1); 18467c478bd9Sstevel@tonic-gate if (dp == NULL) { 18477c478bd9Sstevel@tonic-gate if (tcp != NULL) 18487c478bd9Sstevel@tonic-gate free(tcp); 18497c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 18507c478bd9Sstevel@tonic-gate } 18517c478bd9Sstevel@tonic-gate (void) strlcpy(dp, cp, len+1); 18527c478bd9Sstevel@tonic-gate fnd = 0; 18537c478bd9Sstevel@tonic-gate for (j = 0; j < ptr->paramList[type].ns_acnt; j++) { 18547c478bd9Sstevel@tonic-gate dpend = strchr(ptr->paramList[type].ns_ppc[j], 18557ddae043Siz COLONTOK); 18567c478bd9Sstevel@tonic-gate if (dpend == NULL) 18577c478bd9Sstevel@tonic-gate continue; 18587c478bd9Sstevel@tonic-gate i = dpend - ptr->paramList[type].ns_ppc[j]; 18597c478bd9Sstevel@tonic-gate if (i != len) 18607c478bd9Sstevel@tonic-gate continue; 18617c478bd9Sstevel@tonic-gate if (strncmp(ptr->paramList[type].ns_ppc[j], 18627ddae043Siz dp, len) == 0) { 18637c478bd9Sstevel@tonic-gate conf.ns_acnt = 18647ddae043Siz ptr->paramList[type].ns_acnt; 18657c478bd9Sstevel@tonic-gate conf.ns_ppc = 18667ddae043Siz ptr->paramList[type].ns_ppc; 18677c478bd9Sstevel@tonic-gate ptr->paramList[type].ns_ppc = NULL; 18687c478bd9Sstevel@tonic-gate free(conf.ns_ppc[j]); 18697c478bd9Sstevel@tonic-gate conf.ns_ppc[j] = (char *)strdup(cp); 18707c478bd9Sstevel@tonic-gate if (conf.ns_ppc[j] == NULL) { 18717c478bd9Sstevel@tonic-gate free(dp); 18727c478bd9Sstevel@tonic-gate __s_api_free2dArray 18737ddae043Siz (conf.ns_ppc); 18747c478bd9Sstevel@tonic-gate if (tcp != NULL) 18757c478bd9Sstevel@tonic-gate free(tcp); 18767c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 18777c478bd9Sstevel@tonic-gate } 18787c478bd9Sstevel@tonic-gate fnd = 1; 18797c478bd9Sstevel@tonic-gate break; 18807c478bd9Sstevel@tonic-gate } 18817c478bd9Sstevel@tonic-gate } 18827c478bd9Sstevel@tonic-gate free(dp); 18837c478bd9Sstevel@tonic-gate 18847c478bd9Sstevel@tonic-gate if (fnd) 18857c478bd9Sstevel@tonic-gate break; /* Replaced completed */ 18867c478bd9Sstevel@tonic-gate 18877c478bd9Sstevel@tonic-gate /* Append */ 18887c478bd9Sstevel@tonic-gate len = ptr->paramList[type].ns_acnt + 1; 18897c478bd9Sstevel@tonic-gate if (len > 1) { 18907c478bd9Sstevel@tonic-gate p = (char **)dupParam(&ptr->paramList[type]); 18917c478bd9Sstevel@tonic-gate if (p == NULL) { 18927c478bd9Sstevel@tonic-gate if (tcp != NULL) 18937c478bd9Sstevel@tonic-gate free(tcp); 18947c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 18957c478bd9Sstevel@tonic-gate } 18967c478bd9Sstevel@tonic-gate } else 18977c478bd9Sstevel@tonic-gate p = NULL; 18987c478bd9Sstevel@tonic-gate conf.ns_ppc = 18997ddae043Siz (char **)realloc(p, (len+1) * sizeof (char *)); 19007c478bd9Sstevel@tonic-gate if (conf.ns_ppc == NULL) { 19017c478bd9Sstevel@tonic-gate __s_api_free2dArray(p); 19027c478bd9Sstevel@tonic-gate if (tcp != NULL) 19037c478bd9Sstevel@tonic-gate free(tcp); 19047c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 19057c478bd9Sstevel@tonic-gate } 19067c478bd9Sstevel@tonic-gate conf.ns_acnt = len; 19077c478bd9Sstevel@tonic-gate conf.ns_ppc[len-1] = (char *)strdup(cp); 19087c478bd9Sstevel@tonic-gate if (conf.ns_ppc[len-1] == NULL) { 19097c478bd9Sstevel@tonic-gate __s_api_free2dArray(conf.ns_ppc); 19107c478bd9Sstevel@tonic-gate if (tcp != NULL) 19117c478bd9Sstevel@tonic-gate free(tcp); 19127c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 19137c478bd9Sstevel@tonic-gate } 19147c478bd9Sstevel@tonic-gate conf.ns_ppc[len] = NULL; 19157c478bd9Sstevel@tonic-gate } 19167c478bd9Sstevel@tonic-gate break; 19177c478bd9Sstevel@tonic-gate case SSDLIST: 19187c478bd9Sstevel@tonic-gate /* 19197c478bd9Sstevel@tonic-gate * first check to see if colon (:) is there, 19207c478bd9Sstevel@tonic-gate * if so, make sure the serviceId is specified, 19217c478bd9Sstevel@tonic-gate * i.e., colon is not the first character 19227c478bd9Sstevel@tonic-gate */ 19237c478bd9Sstevel@tonic-gate if ((strchr(cp, COLONTOK)) == NULL || *cp == COLONTOK) { 19247c478bd9Sstevel@tonic-gate (void) snprintf(errstr, sizeof (errstr), 19257ddae043Siz gettext("Unable to set value: " 19267ddae043Siz "invalid serviceSearchDescriptor (%s)"), 19277ddae043Siz cp); 19287c478bd9Sstevel@tonic-gate MKERROR(LOG_ERR, *error, NS_CONFIG_SYNTAX, 19297ddae043Siz strdup(errstr), NULL); 19307c478bd9Sstevel@tonic-gate if (tcp != NULL) 19317c478bd9Sstevel@tonic-gate free(tcp); 19327c478bd9Sstevel@tonic-gate return (NS_LDAP_CONFIG); 19337c478bd9Sstevel@tonic-gate } 19347c478bd9Sstevel@tonic-gate /* Appends an entry to the existing list */ 19357c478bd9Sstevel@tonic-gate if (ptr->paramList[type].ns_ptype != SSDLIST) { 19367c478bd9Sstevel@tonic-gate conf.ns_ppc = (char **)calloc(2, sizeof (char *)); 19377c478bd9Sstevel@tonic-gate if (conf.ns_ppc == NULL) { 19387c478bd9Sstevel@tonic-gate if (tcp != NULL) 19397c478bd9Sstevel@tonic-gate free(tcp); 19407c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 19417c478bd9Sstevel@tonic-gate } 19427c478bd9Sstevel@tonic-gate conf.ns_acnt = 1; 19437c478bd9Sstevel@tonic-gate conf.ns_ppc[0] = (char *)strdup(cp); 19447c478bd9Sstevel@tonic-gate if (conf.ns_ppc[0] == NULL) { 19457c478bd9Sstevel@tonic-gate free(conf.ns_ppc); 19467c478bd9Sstevel@tonic-gate if (tcp != NULL) 19477c478bd9Sstevel@tonic-gate free(tcp); 19487c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 19497c478bd9Sstevel@tonic-gate } 19507c478bd9Sstevel@tonic-gate } else { 19517c478bd9Sstevel@tonic-gate char *dp, *dpend; 19527c478bd9Sstevel@tonic-gate int fnd = 0; 19537c478bd9Sstevel@tonic-gate 19547c478bd9Sstevel@tonic-gate /* Attempt to replace if possible */ 19557c478bd9Sstevel@tonic-gate dpend = strchr(cp, COLONTOK); 19567c478bd9Sstevel@tonic-gate len = dpend - cp; 19577c478bd9Sstevel@tonic-gate dp = (char *)malloc(len+1); 19587c478bd9Sstevel@tonic-gate if (dp == NULL) { 19597c478bd9Sstevel@tonic-gate if (tcp != NULL) 19607c478bd9Sstevel@tonic-gate free(tcp); 19617c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 19627c478bd9Sstevel@tonic-gate } 19637c478bd9Sstevel@tonic-gate (void) strlcpy(dp, cp, len+1); 19647c478bd9Sstevel@tonic-gate fnd = 0; 19657c478bd9Sstevel@tonic-gate for (j = 0; j < ptr->paramList[type].ns_acnt; j++) { 19667c478bd9Sstevel@tonic-gate dpend = strchr(ptr->paramList[type].ns_ppc[j], 19677ddae043Siz COLONTOK); 19687c478bd9Sstevel@tonic-gate if (dpend == NULL) 19697c478bd9Sstevel@tonic-gate continue; 19707c478bd9Sstevel@tonic-gate i = dpend - ptr->paramList[type].ns_ppc[j]; 19717c478bd9Sstevel@tonic-gate if (i != len) 19727c478bd9Sstevel@tonic-gate continue; 19737c478bd9Sstevel@tonic-gate if (strncmp(ptr->paramList[type].ns_ppc[j], 19747ddae043Siz dp, len) == 0) { 19757c478bd9Sstevel@tonic-gate conf.ns_acnt = 19767ddae043Siz ptr->paramList[type].ns_acnt; 19777c478bd9Sstevel@tonic-gate conf.ns_ppc = 19787ddae043Siz ptr->paramList[type].ns_ppc; 19797c478bd9Sstevel@tonic-gate ptr->paramList[type].ns_ppc = NULL; 19807c478bd9Sstevel@tonic-gate free(conf.ns_ppc[j]); 19817c478bd9Sstevel@tonic-gate conf.ns_ppc[j] = (char *)strdup(cp); 19827c478bd9Sstevel@tonic-gate if (conf.ns_ppc[j] == NULL) { 19837c478bd9Sstevel@tonic-gate free(dp); 19847c478bd9Sstevel@tonic-gate __s_api_free2dArray 19857ddae043Siz (conf.ns_ppc); 19867c478bd9Sstevel@tonic-gate if (tcp != NULL) 19877c478bd9Sstevel@tonic-gate free(tcp); 19887c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 19897c478bd9Sstevel@tonic-gate } 19907c478bd9Sstevel@tonic-gate fnd = 1; 19917c478bd9Sstevel@tonic-gate break; 19927c478bd9Sstevel@tonic-gate } 19937c478bd9Sstevel@tonic-gate } 19947c478bd9Sstevel@tonic-gate free(dp); 19957c478bd9Sstevel@tonic-gate 19967c478bd9Sstevel@tonic-gate if (fnd) 19977c478bd9Sstevel@tonic-gate break; /* Replaced completed */ 19987c478bd9Sstevel@tonic-gate 19997c478bd9Sstevel@tonic-gate /* Append */ 20007c478bd9Sstevel@tonic-gate len = ptr->paramList[type].ns_acnt + 1; 20017c478bd9Sstevel@tonic-gate if (len > 1) { 20027c478bd9Sstevel@tonic-gate p = (char **)dupParam(&ptr->paramList[type]); 20037c478bd9Sstevel@tonic-gate if (p == NULL) { 20047c478bd9Sstevel@tonic-gate if (tcp != NULL) 20057c478bd9Sstevel@tonic-gate free(tcp); 20067c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 20077c478bd9Sstevel@tonic-gate } 20087c478bd9Sstevel@tonic-gate } else 20097c478bd9Sstevel@tonic-gate p = NULL; 20107c478bd9Sstevel@tonic-gate conf.ns_ppc = 20117ddae043Siz (char **)realloc(p, (len+1) * sizeof (char *)); 20127c478bd9Sstevel@tonic-gate if (conf.ns_ppc == NULL) { 20137c478bd9Sstevel@tonic-gate __s_api_free2dArray(p); 20147c478bd9Sstevel@tonic-gate if (tcp != NULL) 20157c478bd9Sstevel@tonic-gate free(tcp); 20167c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 20177c478bd9Sstevel@tonic-gate } 20187c478bd9Sstevel@tonic-gate conf.ns_acnt = len; 20197c478bd9Sstevel@tonic-gate conf.ns_ppc[len-1] = (char *)strdup(cp); 20207c478bd9Sstevel@tonic-gate if (conf.ns_ppc[len-1] == NULL) { 20217c478bd9Sstevel@tonic-gate __s_api_free2dArray(conf.ns_ppc); 20227c478bd9Sstevel@tonic-gate if (tcp != NULL) 20237c478bd9Sstevel@tonic-gate free(tcp); 20247c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 20257c478bd9Sstevel@tonic-gate } 20267c478bd9Sstevel@tonic-gate conf.ns_ppc[len] = NULL; 20277c478bd9Sstevel@tonic-gate } 20287c478bd9Sstevel@tonic-gate break; 20297c478bd9Sstevel@tonic-gate case ARRAYCP: 20307c478bd9Sstevel@tonic-gate len = 0; 20317c478bd9Sstevel@tonic-gate for (cp2 = cp; *cp2; cp2++) { 20327c478bd9Sstevel@tonic-gate if (*cp2 == COMMATOK) 20337c478bd9Sstevel@tonic-gate len++; 20347c478bd9Sstevel@tonic-gate } 20357c478bd9Sstevel@tonic-gate if (cp != cp2) 20367c478bd9Sstevel@tonic-gate len++; 20377c478bd9Sstevel@tonic-gate if (len == 0) { 20387c478bd9Sstevel@tonic-gate conf.ns_ppc = (char **)NULL; 20397c478bd9Sstevel@tonic-gate conf.ns_acnt = 0; 20407c478bd9Sstevel@tonic-gate break; 20417c478bd9Sstevel@tonic-gate } 20427c478bd9Sstevel@tonic-gate conf.ns_ppc = (char **)calloc(len + 1, sizeof (char *)); 20437c478bd9Sstevel@tonic-gate if (conf.ns_ppc == NULL) { 20447c478bd9Sstevel@tonic-gate if (tcp != NULL) 20457c478bd9Sstevel@tonic-gate free(tcp); 20467c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 20477c478bd9Sstevel@tonic-gate } 20487c478bd9Sstevel@tonic-gate conf.ns_acnt = len; 20497c478bd9Sstevel@tonic-gate i = 0; 20507c478bd9Sstevel@tonic-gate for (cp2 = cp; *cp2; cp2++) { 20517c478bd9Sstevel@tonic-gate if (*cp2 == COMMATOK) { 20527c478bd9Sstevel@tonic-gate j = cp2 - cp + 1; 20537c478bd9Sstevel@tonic-gate conf.ns_ppc[i] = (char *)malloc(j + 1); 20547c478bd9Sstevel@tonic-gate if (conf.ns_ppc[i] == NULL) { 20557c478bd9Sstevel@tonic-gate __s_api_free2dArray(conf.ns_ppc); 20567c478bd9Sstevel@tonic-gate if (tcp != NULL) 20577c478bd9Sstevel@tonic-gate free(tcp); 20587c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 20597c478bd9Sstevel@tonic-gate } 20607c478bd9Sstevel@tonic-gate (void) strlcpy(conf.ns_ppc[i], cp, j); 20617c478bd9Sstevel@tonic-gate cp = cp2+1; 20627c478bd9Sstevel@tonic-gate while (*cp == SPACETOK || *cp == COMMATOK) 20637c478bd9Sstevel@tonic-gate cp++; 20647c478bd9Sstevel@tonic-gate cp2 = cp - 1; 20657c478bd9Sstevel@tonic-gate i++; 20667c478bd9Sstevel@tonic-gate } 20677c478bd9Sstevel@tonic-gate } 20687c478bd9Sstevel@tonic-gate j = cp2 - cp + 1; 20697c478bd9Sstevel@tonic-gate conf.ns_ppc[i] = (char *)malloc(j + 1); 20707c478bd9Sstevel@tonic-gate if (conf.ns_ppc[i] == NULL) { 20717c478bd9Sstevel@tonic-gate __s_api_free2dArray(conf.ns_ppc); 20727c478bd9Sstevel@tonic-gate if (tcp != NULL) 20737c478bd9Sstevel@tonic-gate free(tcp); 20747c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 20757c478bd9Sstevel@tonic-gate } 20767c478bd9Sstevel@tonic-gate (void) strlcpy(conf.ns_ppc[i], cp, j); 20777c478bd9Sstevel@tonic-gate break; 20787c478bd9Sstevel@tonic-gate case SERVLIST: 20797c478bd9Sstevel@tonic-gate len = 0; 20807c478bd9Sstevel@tonic-gate for (cp2 = cp; *cp2; cp2++) { 20817c478bd9Sstevel@tonic-gate if (*cp2 == SPACETOK || *cp2 == COMMATOK) { 20827c478bd9Sstevel@tonic-gate len++; 20837c478bd9Sstevel@tonic-gate for (; *(cp2 + 1) == SPACETOK || 20847ddae043Siz *(cp2 +1) == COMMATOK; cp2++) 20857c478bd9Sstevel@tonic-gate ; 20867c478bd9Sstevel@tonic-gate } 20877c478bd9Sstevel@tonic-gate } 20887c478bd9Sstevel@tonic-gate if (cp != cp2) 20897c478bd9Sstevel@tonic-gate len++; 20907c478bd9Sstevel@tonic-gate if (len == 0) { 20917c478bd9Sstevel@tonic-gate conf.ns_ppc = (char **)NULL; 20927c478bd9Sstevel@tonic-gate conf.ns_acnt = 0; 20937c478bd9Sstevel@tonic-gate break; 20947c478bd9Sstevel@tonic-gate } 20957c478bd9Sstevel@tonic-gate conf.ns_ppc = (char **)calloc(len + 1, sizeof (char *)); 20967c478bd9Sstevel@tonic-gate if (conf.ns_ppc == NULL) { 20977c478bd9Sstevel@tonic-gate if (tcp != NULL) 20987c478bd9Sstevel@tonic-gate free(tcp); 20997c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 21007c478bd9Sstevel@tonic-gate } 21017c478bd9Sstevel@tonic-gate conf.ns_acnt = len; 21027c478bd9Sstevel@tonic-gate i = 0; 21037c478bd9Sstevel@tonic-gate for (cp2 = cp; *cp2; cp2++) { 21047c478bd9Sstevel@tonic-gate if (*cp2 == SPACETOK || *cp2 == COMMATOK) { 21057c478bd9Sstevel@tonic-gate j = cp2 - cp + 1; 21067c478bd9Sstevel@tonic-gate conf.ns_ppc[i] = (char *)malloc(j + 1); 21077c478bd9Sstevel@tonic-gate if (conf.ns_ppc[i] == NULL) { 21087c478bd9Sstevel@tonic-gate __s_api_free2dArray(conf.ns_ppc); 21097c478bd9Sstevel@tonic-gate if (tcp != NULL) 21107c478bd9Sstevel@tonic-gate free(tcp); 21117c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 21127c478bd9Sstevel@tonic-gate } 21137c478bd9Sstevel@tonic-gate (void) strlcpy(conf.ns_ppc[i], cp, j); 21147c478bd9Sstevel@tonic-gate cp = cp2+1; 21157c478bd9Sstevel@tonic-gate while (*cp == SPACETOK || *cp == COMMATOK) 21167c478bd9Sstevel@tonic-gate cp++; 21177c478bd9Sstevel@tonic-gate cp2 = cp - 1; 21187c478bd9Sstevel@tonic-gate i++; 21197c478bd9Sstevel@tonic-gate } 21207c478bd9Sstevel@tonic-gate } 21217c478bd9Sstevel@tonic-gate j = cp2 - cp + 1; 21227c478bd9Sstevel@tonic-gate conf.ns_ppc[i] = (char *)malloc(j + 1); 21237c478bd9Sstevel@tonic-gate if (conf.ns_ppc[i] == NULL) { 21247c478bd9Sstevel@tonic-gate __s_api_free2dArray(conf.ns_ppc); 21257c478bd9Sstevel@tonic-gate if (tcp != NULL) 21267c478bd9Sstevel@tonic-gate free(tcp); 21277c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 21287c478bd9Sstevel@tonic-gate } 21297c478bd9Sstevel@tonic-gate (void) strlcpy(conf.ns_ppc[i], cp, j); 21307c478bd9Sstevel@tonic-gate break; 21317c478bd9Sstevel@tonic-gate case ARRAYAUTH: 21327c478bd9Sstevel@tonic-gate len = 0; 21337c478bd9Sstevel@tonic-gate for (cp2 = cp; *cp2; cp2++) { 21347c478bd9Sstevel@tonic-gate if (*cp2 == SEMITOK || *cp2 == COMMATOK) 21357c478bd9Sstevel@tonic-gate len++; 21367c478bd9Sstevel@tonic-gate } 21377c478bd9Sstevel@tonic-gate if (cp != cp2) 21387c478bd9Sstevel@tonic-gate len++; 21397c478bd9Sstevel@tonic-gate if (len == 0) { 21407c478bd9Sstevel@tonic-gate conf.ns_pi = (int *)NULL; 21417c478bd9Sstevel@tonic-gate conf.ns_acnt = 0; 21427c478bd9Sstevel@tonic-gate break; 21437c478bd9Sstevel@tonic-gate } 21447c478bd9Sstevel@tonic-gate conf.ns_pi = (int *)calloc(len + 1, sizeof (int)); 21457c478bd9Sstevel@tonic-gate if (conf.ns_pi == NULL) { 21467c478bd9Sstevel@tonic-gate if (tcp != NULL) 21477c478bd9Sstevel@tonic-gate free(tcp); 21487c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 21497c478bd9Sstevel@tonic-gate } 21507c478bd9Sstevel@tonic-gate conf.ns_acnt = len; 21517c478bd9Sstevel@tonic-gate i = 0; 21527c478bd9Sstevel@tonic-gate for (cp2 = cp; *cp2; cp2++) { 21537c478bd9Sstevel@tonic-gate if (*cp2 == SEMITOK || *cp2 == COMMATOK) { 21547c478bd9Sstevel@tonic-gate j = cp2 - cp + 1; 21557c478bd9Sstevel@tonic-gate if (j > sizeof (tbuf)) { 21567c478bd9Sstevel@tonic-gate j = -1; 21577c478bd9Sstevel@tonic-gate ptbuf = cp; 21587c478bd9Sstevel@tonic-gate } else { 21597c478bd9Sstevel@tonic-gate (void) strlcpy(tbuf, cp, j); 21607c478bd9Sstevel@tonic-gate j = __s_get_enum_value(ptr, tbuf, 21617ddae043Siz def->index); 21627c478bd9Sstevel@tonic-gate ptbuf = tbuf; 21637c478bd9Sstevel@tonic-gate } 21647c478bd9Sstevel@tonic-gate if (j < 0) { 21657c478bd9Sstevel@tonic-gate (void) snprintf(errstr, sizeof (errstr), 21667ddae043Siz gettext("Unable to set value: " 21677ddae043Siz "invalid " 21687ddae043Siz "authenticationMethod (%s)"), 21697ddae043Siz ptbuf); 21707c478bd9Sstevel@tonic-gate MKERROR(LOG_ERR, *error, 21717ddae043Siz NS_CONFIG_SYNTAX, 21727ddae043Siz strdup(errstr), NULL); 21737c478bd9Sstevel@tonic-gate free(conf.ns_pi); 21747c478bd9Sstevel@tonic-gate if (tcp != NULL) 21757c478bd9Sstevel@tonic-gate free(tcp); 21767c478bd9Sstevel@tonic-gate return (NS_LDAP_CONFIG); 21777c478bd9Sstevel@tonic-gate } 21787c478bd9Sstevel@tonic-gate conf.ns_pi[i] = j; 21797c478bd9Sstevel@tonic-gate cp = cp2+1; 21807c478bd9Sstevel@tonic-gate i++; 21817c478bd9Sstevel@tonic-gate } 21827c478bd9Sstevel@tonic-gate } 21837c478bd9Sstevel@tonic-gate j = cp2 - cp + 1; 21847c478bd9Sstevel@tonic-gate if (j > sizeof (tbuf)) { 21857c478bd9Sstevel@tonic-gate j = -1; 21867c478bd9Sstevel@tonic-gate ptbuf = cp; 21877c478bd9Sstevel@tonic-gate } else { 21887c478bd9Sstevel@tonic-gate (void) strlcpy(tbuf, cp, j); 21897c478bd9Sstevel@tonic-gate j = __s_get_enum_value(ptr, tbuf, def->index); 21907c478bd9Sstevel@tonic-gate ptbuf = tbuf; 21917c478bd9Sstevel@tonic-gate } 21927c478bd9Sstevel@tonic-gate if (j < 0) { 21937c478bd9Sstevel@tonic-gate (void) snprintf(errstr, sizeof (errstr), 21947ddae043Siz gettext("Unable to set value: " 21957ddae043Siz "invalid authenticationMethod (%s)"), ptbuf); 21967c478bd9Sstevel@tonic-gate MKERROR(LOG_ERR, *error, NS_CONFIG_SYNTAX, 21977ddae043Siz strdup(errstr), NULL); 21987c478bd9Sstevel@tonic-gate if (tcp != NULL) 21997c478bd9Sstevel@tonic-gate free(tcp); 22007c478bd9Sstevel@tonic-gate return (NS_LDAP_CONFIG); 22017c478bd9Sstevel@tonic-gate } 22027c478bd9Sstevel@tonic-gate conf.ns_pi[i] = j; 22037c478bd9Sstevel@tonic-gate break; 22047c478bd9Sstevel@tonic-gate case ARRAYCRED: 22057c478bd9Sstevel@tonic-gate len = 0; 22067c478bd9Sstevel@tonic-gate for (cp2 = cp; *cp2; cp2++) { 22077c478bd9Sstevel@tonic-gate if (*cp2 == SPACETOK) 22087c478bd9Sstevel@tonic-gate len++; 22097c478bd9Sstevel@tonic-gate } 22107c478bd9Sstevel@tonic-gate if (cp != cp2) 22117c478bd9Sstevel@tonic-gate len++; 22127c478bd9Sstevel@tonic-gate if (len == 0) { 22137c478bd9Sstevel@tonic-gate conf.ns_pi = (int *)NULL; 22147c478bd9Sstevel@tonic-gate conf.ns_acnt = 0; 22157c478bd9Sstevel@tonic-gate break; 22167c478bd9Sstevel@tonic-gate } 22177c478bd9Sstevel@tonic-gate conf.ns_pi = (int *)calloc(len + 1, sizeof (int)); 22187c478bd9Sstevel@tonic-gate if (conf.ns_pi == NULL) { 22197c478bd9Sstevel@tonic-gate if (tcp != NULL) 22207c478bd9Sstevel@tonic-gate free(tcp); 22217c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 22227c478bd9Sstevel@tonic-gate } 22237c478bd9Sstevel@tonic-gate conf.ns_acnt = len; 22247c478bd9Sstevel@tonic-gate i = 0; 22257c478bd9Sstevel@tonic-gate for (cp2 = cp; *cp2; cp2++) { 22267c478bd9Sstevel@tonic-gate if (*cp2 == SPACETOK) { 22277c478bd9Sstevel@tonic-gate j = cp2 - cp + 1; 22287c478bd9Sstevel@tonic-gate if (j > sizeof (tbuf)) { 22297c478bd9Sstevel@tonic-gate j = -1; 22307c478bd9Sstevel@tonic-gate ptbuf = cp; 22317c478bd9Sstevel@tonic-gate } else { 22327c478bd9Sstevel@tonic-gate (void) strlcpy(tbuf, cp, j); 22337c478bd9Sstevel@tonic-gate j = __s_get_enum_value(ptr, tbuf, 22347ddae043Siz def->index); 22357c478bd9Sstevel@tonic-gate ptbuf = tbuf; 22367c478bd9Sstevel@tonic-gate } 22377c478bd9Sstevel@tonic-gate if (j < 0) { 22387c478bd9Sstevel@tonic-gate (void) snprintf(errstr, sizeof (errstr), 22397ddae043Siz gettext("Unable to set value: " 22407ddae043Siz "invalid credentialLevel (%s)"), 22417ddae043Siz ptbuf); 22427c478bd9Sstevel@tonic-gate MKERROR(LOG_ERR, *error, 22437ddae043Siz NS_CONFIG_SYNTAX, 22447ddae043Siz strdup(errstr), NULL); 22457c478bd9Sstevel@tonic-gate free(conf.ns_pi); 22467c478bd9Sstevel@tonic-gate if (tcp != NULL) 22477c478bd9Sstevel@tonic-gate free(tcp); 22487c478bd9Sstevel@tonic-gate return (NS_LDAP_CONFIG); 22497c478bd9Sstevel@tonic-gate } 22507c478bd9Sstevel@tonic-gate conf.ns_pi[i] = j; 22517c478bd9Sstevel@tonic-gate cp = cp2+1; 22527c478bd9Sstevel@tonic-gate i++; 22537c478bd9Sstevel@tonic-gate } 22547c478bd9Sstevel@tonic-gate } 22557c478bd9Sstevel@tonic-gate j = cp2 - cp + 1; 22567c478bd9Sstevel@tonic-gate if (j > sizeof (tbuf)) { 22577c478bd9Sstevel@tonic-gate j = -1; 22587c478bd9Sstevel@tonic-gate ptbuf = cp; 22597c478bd9Sstevel@tonic-gate } else { 22607c478bd9Sstevel@tonic-gate (void) strlcpy(tbuf, cp, j); 22617c478bd9Sstevel@tonic-gate j = __s_get_enum_value(ptr, tbuf, def->index); 22627c478bd9Sstevel@tonic-gate ptbuf = tbuf; 22637c478bd9Sstevel@tonic-gate } 22647c478bd9Sstevel@tonic-gate if (j < 0) { 22657c478bd9Sstevel@tonic-gate (void) snprintf(errstr, sizeof (errstr), 22667ddae043Siz gettext("Unable to set value: " 22677ddae043Siz "invalid credentialLevel (%s)"), ptbuf); 22687c478bd9Sstevel@tonic-gate MKERROR(LOG_ERR, *error, NS_CONFIG_SYNTAX, 22697ddae043Siz strdup(errstr), NULL); 22707c478bd9Sstevel@tonic-gate if (tcp != NULL) 22717c478bd9Sstevel@tonic-gate free(tcp); 22727c478bd9Sstevel@tonic-gate return (NS_LDAP_CONFIG); 22737c478bd9Sstevel@tonic-gate } 22747c478bd9Sstevel@tonic-gate conf.ns_pi[i] = j; 22757c478bd9Sstevel@tonic-gate break; 22767c478bd9Sstevel@tonic-gate case ATTRMAP: 22777c478bd9Sstevel@tonic-gate case OBJMAP: 22787c478bd9Sstevel@tonic-gate i = __s_api_parse_map(cp, &sid, &origA, &mapA); 22797c478bd9Sstevel@tonic-gate if (i != NS_HASH_RC_SUCCESS) { 22807c478bd9Sstevel@tonic-gate if (i == NS_HASH_RC_NO_MEMORY) { 22817c478bd9Sstevel@tonic-gate exitrc = NS_LDAP_MEMORY; 22827c478bd9Sstevel@tonic-gate } else { 22837c478bd9Sstevel@tonic-gate (void) snprintf(errstr, sizeof (errstr), 22847c478bd9Sstevel@tonic-gate gettext("Unable to set value: " 22857c478bd9Sstevel@tonic-gate "invalid schema mapping (%s)"), cp); 22867c478bd9Sstevel@tonic-gate exitrc = NS_LDAP_CONFIG; 22877c478bd9Sstevel@tonic-gate MKERROR(LOG_ERR, *error, NS_CONFIG_SYNTAX, 22887ddae043Siz strdup(errstr), NULL); 22897c478bd9Sstevel@tonic-gate } 22907c478bd9Sstevel@tonic-gate if (tcp) 22917c478bd9Sstevel@tonic-gate free(tcp); 22927c478bd9Sstevel@tonic-gate return (exitrc); 22937c478bd9Sstevel@tonic-gate } 22947c478bd9Sstevel@tonic-gate 22957c478bd9Sstevel@tonic-gate /* 22967c478bd9Sstevel@tonic-gate * Add reverse map first. 22977c478bd9Sstevel@tonic-gate * There could be more than one. 22987c478bd9Sstevel@tonic-gate */ 22997c478bd9Sstevel@tonic-gate for (attr = mapA; *attr; attr++) { 23007c478bd9Sstevel@tonic-gate 23017c478bd9Sstevel@tonic-gate free_memory = 1; 23027c478bd9Sstevel@tonic-gate exitrc = NS_LDAP_MEMORY; 23037c478bd9Sstevel@tonic-gate 23047c478bd9Sstevel@tonic-gate rmap = (ns_mapping_t *)calloc(1, 23057ddae043Siz sizeof (ns_mapping_t)); 23067c478bd9Sstevel@tonic-gate if (rmap) { 23077c478bd9Sstevel@tonic-gate rmap->service = strdup(sid); 23087c478bd9Sstevel@tonic-gate if (rmap->service) { 23097c478bd9Sstevel@tonic-gate rmap->orig = strdup(*attr); 23107c478bd9Sstevel@tonic-gate if (rmap->orig) { 23117c478bd9Sstevel@tonic-gate rmap->map = (char **)calloc(2, 23127ddae043Siz sizeof (char *)); 23137c478bd9Sstevel@tonic-gate if (rmap->map) { 23147c478bd9Sstevel@tonic-gate (rmap->map)[0] = 23157ddae043Siz strdup(origA); 23167c478bd9Sstevel@tonic-gate if ((rmap->map)[0]) 23177c478bd9Sstevel@tonic-gate free_memory = 0; 23187c478bd9Sstevel@tonic-gate } 23197c478bd9Sstevel@tonic-gate } 23207c478bd9Sstevel@tonic-gate } 23217c478bd9Sstevel@tonic-gate } 23227c478bd9Sstevel@tonic-gate 23237c478bd9Sstevel@tonic-gate if (free_memory == 0) { 23247c478bd9Sstevel@tonic-gate if (def->data_type == ATTRMAP) { 23257c478bd9Sstevel@tonic-gate rmap->type = NS_ATTR_MAP; 23267c478bd9Sstevel@tonic-gate i = __s_api_add_map2hash(ptr, 23277ddae043Siz NS_HASH_RAMAP, rmap); 23287c478bd9Sstevel@tonic-gate } else { 23297c478bd9Sstevel@tonic-gate rmap->type = NS_OBJ_MAP; 23307c478bd9Sstevel@tonic-gate i = __s_api_add_map2hash(ptr, 23317ddae043Siz NS_HASH_ROMAP, rmap); 23327c478bd9Sstevel@tonic-gate } 23337c478bd9Sstevel@tonic-gate 23347c478bd9Sstevel@tonic-gate if (i != NS_HASH_RC_SUCCESS) { 23357c478bd9Sstevel@tonic-gate switch (i) { 23367c478bd9Sstevel@tonic-gate case NS_HASH_RC_CONFIG_ERROR: 23377c478bd9Sstevel@tonic-gate exitrc = NS_LDAP_INTERNAL; 23387c478bd9Sstevel@tonic-gate (void) snprintf(errstr, 23397ddae043Siz sizeof (errstr), 23407ddae043Siz gettext( 23417ddae043Siz "Unable to set value: " 23427ddae043Siz "no configuration info " 23437ddae043Siz "for schema map " 23447ddae043Siz "update (%s)"), cp); 23457c478bd9Sstevel@tonic-gate MKERROR(LOG_ERR, *error, 23467ddae043Siz NS_LDAP_INTERNAL, 23477ddae043Siz strdup(errstr), 23487ddae043Siz NULL); 23497c478bd9Sstevel@tonic-gate break; 23507c478bd9Sstevel@tonic-gate case NS_HASH_RC_EXISTED: 23517c478bd9Sstevel@tonic-gate exitrc = NS_LDAP_CONFIG; 23527c478bd9Sstevel@tonic-gate (void) snprintf(errstr, 23537ddae043Siz sizeof (errstr), 23547ddae043Siz gettext( 23557ddae043Siz "Unable to set value: " 23567ddae043Siz "schema map " 23577ddae043Siz "already existed for " 23587ddae043Siz "(%s, %s)."), 23597ddae043Siz *attr, origA); 23607c478bd9Sstevel@tonic-gate MKERROR(LOG_ERR, *error, 23617ddae043Siz NS_CONFIG_SYNTAX, 23627ddae043Siz strdup(errstr), 23637ddae043Siz NULL); 23647c478bd9Sstevel@tonic-gate break; 23657c478bd9Sstevel@tonic-gate case NS_HASH_RC_NO_MEMORY: 23667c478bd9Sstevel@tonic-gate exitrc = NS_LDAP_MEMORY; 23677c478bd9Sstevel@tonic-gate break; 23687c478bd9Sstevel@tonic-gate } 23697c478bd9Sstevel@tonic-gate free_memory = 1; 23707c478bd9Sstevel@tonic-gate } 23717c478bd9Sstevel@tonic-gate } 23727c478bd9Sstevel@tonic-gate 23737c478bd9Sstevel@tonic-gate if (free_memory) { 23747c478bd9Sstevel@tonic-gate if (tcp) 23757c478bd9Sstevel@tonic-gate free(tcp); 23767c478bd9Sstevel@tonic-gate free(sid); 23777c478bd9Sstevel@tonic-gate free(origA); 23787c478bd9Sstevel@tonic-gate __s_api_free2dArray(mapA); 23797c478bd9Sstevel@tonic-gate if (rmap) { 23807c478bd9Sstevel@tonic-gate if (rmap->service) 23817c478bd9Sstevel@tonic-gate free(rmap->service); 23827c478bd9Sstevel@tonic-gate if (rmap->orig) 23837c478bd9Sstevel@tonic-gate free(rmap->orig); 23847c478bd9Sstevel@tonic-gate if (rmap->map) { 23857c478bd9Sstevel@tonic-gate if ((rmap->map)[0]) 23867c478bd9Sstevel@tonic-gate free((rmap->map)[0]); 23877c478bd9Sstevel@tonic-gate free(rmap->map); 23887c478bd9Sstevel@tonic-gate } 23897c478bd9Sstevel@tonic-gate free(rmap); 23907c478bd9Sstevel@tonic-gate } 23917c478bd9Sstevel@tonic-gate return (exitrc); 23927c478bd9Sstevel@tonic-gate } 23937c478bd9Sstevel@tonic-gate } 23947c478bd9Sstevel@tonic-gate 23957c478bd9Sstevel@tonic-gate /* 23967c478bd9Sstevel@tonic-gate * For performance gain, 23977c478bd9Sstevel@tonic-gate * add a "schema mapping existed" indicator 23987c478bd9Sstevel@tonic-gate * for the given service if not already added. 23997c478bd9Sstevel@tonic-gate * This dummy map needs not be removed, if 24007c478bd9Sstevel@tonic-gate * the next real map add operation fails. 24017c478bd9Sstevel@tonic-gate * since the caller, e.g. ldap_cachemgr. 24027c478bd9Sstevel@tonic-gate * should exit anyway. 24037c478bd9Sstevel@tonic-gate */ 24047c478bd9Sstevel@tonic-gate free_memory = 1; 24057c478bd9Sstevel@tonic-gate exitrc = NS_LDAP_MEMORY; 24067c478bd9Sstevel@tonic-gate 24077c478bd9Sstevel@tonic-gate map = (ns_mapping_t *)calloc(1, 24087ddae043Siz sizeof (ns_mapping_t)); 24097c478bd9Sstevel@tonic-gate if (map) { 24107c478bd9Sstevel@tonic-gate map->service = strdup(sid); 24117c478bd9Sstevel@tonic-gate if (map->service) { 24127c478bd9Sstevel@tonic-gate map->orig = strdup( 24137ddae043Siz NS_HASH_SCHEMA_MAPPING_EXISTED); 24147c478bd9Sstevel@tonic-gate if (map->orig) { 24157c478bd9Sstevel@tonic-gate map->map = (char **)calloc(2, 24167ddae043Siz sizeof (char *)); 24177c478bd9Sstevel@tonic-gate if (map->map) { 24187c478bd9Sstevel@tonic-gate (map->map)[0] = 24197ddae043Siz strdup(sid); 24207c478bd9Sstevel@tonic-gate if ((map->map)[0]) 24217c478bd9Sstevel@tonic-gate free_memory = 0; 24227c478bd9Sstevel@tonic-gate } 24237c478bd9Sstevel@tonic-gate } 24247c478bd9Sstevel@tonic-gate } 24257c478bd9Sstevel@tonic-gate } 24267c478bd9Sstevel@tonic-gate 24277c478bd9Sstevel@tonic-gate if (free_memory == 0) { 24287c478bd9Sstevel@tonic-gate map->type = NS_ATTR_MAP; 24297c478bd9Sstevel@tonic-gate /* 24307c478bd9Sstevel@tonic-gate * add to reverse map, 24317c478bd9Sstevel@tonic-gate * so that "ldapclient list" 24327c478bd9Sstevel@tonic-gate * would not show it 24337c478bd9Sstevel@tonic-gate */ 24347c478bd9Sstevel@tonic-gate i = __s_api_add_map2hash(ptr, 24357ddae043Siz NS_HASH_RAMAP, map); 24367c478bd9Sstevel@tonic-gate 24377c478bd9Sstevel@tonic-gate /* 24387c478bd9Sstevel@tonic-gate * ignore "map already existed" error, 24397c478bd9Sstevel@tonic-gate * just need one per service. 24407c478bd9Sstevel@tonic-gate * Need however to free memory allocated 24417c478bd9Sstevel@tonic-gate * for map. 24427c478bd9Sstevel@tonic-gate */ 24437c478bd9Sstevel@tonic-gate if (i != NS_HASH_RC_SUCCESS && 24447ddae043Siz i != NS_HASH_RC_EXISTED) { 24457c478bd9Sstevel@tonic-gate switch (i) { 24467c478bd9Sstevel@tonic-gate case NS_HASH_RC_CONFIG_ERROR: 24477c478bd9Sstevel@tonic-gate exitrc = NS_LDAP_INTERNAL; 24487c478bd9Sstevel@tonic-gate (void) snprintf(errstr, 24497ddae043Siz sizeof (errstr), 24507ddae043Siz gettext( 24517ddae043Siz "Unable to set value: " 24527ddae043Siz "no configuration info " 24537ddae043Siz "for schema map " 24547ddae043Siz "update (%s)"), cp); 24557c478bd9Sstevel@tonic-gate MKERROR(LOG_ERR, *error, 24567ddae043Siz NS_LDAP_INTERNAL, 24577ddae043Siz strdup(errstr), 24587ddae043Siz NULL); 24597c478bd9Sstevel@tonic-gate break; 24607c478bd9Sstevel@tonic-gate case NS_HASH_RC_NO_MEMORY: 24617c478bd9Sstevel@tonic-gate exitrc = NS_LDAP_MEMORY; 24627c478bd9Sstevel@tonic-gate break; 24637c478bd9Sstevel@tonic-gate } 24647c478bd9Sstevel@tonic-gate free_memory = 1; 24657c478bd9Sstevel@tonic-gate } else if (i == NS_HASH_RC_EXISTED) { 24667c478bd9Sstevel@tonic-gate if (map->service) 24677c478bd9Sstevel@tonic-gate free(map->service); 24687c478bd9Sstevel@tonic-gate if (map->orig) 24697c478bd9Sstevel@tonic-gate free(map->orig); 24707c478bd9Sstevel@tonic-gate if (map->map) { 24717c478bd9Sstevel@tonic-gate if ((map->map)[0]) 24727c478bd9Sstevel@tonic-gate free((map->map)[0]); 24737c478bd9Sstevel@tonic-gate free(map->map); 24747c478bd9Sstevel@tonic-gate } 24757c478bd9Sstevel@tonic-gate free(map); 24767c478bd9Sstevel@tonic-gate map = NULL; 24777c478bd9Sstevel@tonic-gate } 24787c478bd9Sstevel@tonic-gate } 24797c478bd9Sstevel@tonic-gate 24807c478bd9Sstevel@tonic-gate if (free_memory) { 24817c478bd9Sstevel@tonic-gate if (tcp) 24827c478bd9Sstevel@tonic-gate free(tcp); 24837c478bd9Sstevel@tonic-gate free(sid); 24847c478bd9Sstevel@tonic-gate free(origA); 24857c478bd9Sstevel@tonic-gate __s_api_free2dArray(mapA); 24867c478bd9Sstevel@tonic-gate if (map) { 24877c478bd9Sstevel@tonic-gate if (map->service) 24887c478bd9Sstevel@tonic-gate free(map->service); 24897c478bd9Sstevel@tonic-gate if (map->orig) 24907c478bd9Sstevel@tonic-gate free(map->orig); 24917c478bd9Sstevel@tonic-gate if (map->map) { 24927c478bd9Sstevel@tonic-gate if ((map->map)[0]) 24937c478bd9Sstevel@tonic-gate free((map->map)[0]); 24947c478bd9Sstevel@tonic-gate free(map->map); 24957c478bd9Sstevel@tonic-gate } 24967c478bd9Sstevel@tonic-gate free(map); 24977c478bd9Sstevel@tonic-gate } 24987c478bd9Sstevel@tonic-gate return (exitrc); 24997c478bd9Sstevel@tonic-gate } 25007c478bd9Sstevel@tonic-gate 25017c478bd9Sstevel@tonic-gate /* 25027c478bd9Sstevel@tonic-gate * add the real schema map 25037c478bd9Sstevel@tonic-gate */ 25047c478bd9Sstevel@tonic-gate free_memory = 1; 25057c478bd9Sstevel@tonic-gate exitrc = NS_LDAP_MEMORY; 25067c478bd9Sstevel@tonic-gate map = (ns_mapping_t *)calloc(1, sizeof (ns_mapping_t)); 25077c478bd9Sstevel@tonic-gate if (map) { 25087c478bd9Sstevel@tonic-gate map->service = sid; 25097c478bd9Sstevel@tonic-gate map->orig = origA; 25107c478bd9Sstevel@tonic-gate map->map = mapA; 25117c478bd9Sstevel@tonic-gate 25127c478bd9Sstevel@tonic-gate if (def->data_type == ATTRMAP) { 25137c478bd9Sstevel@tonic-gate map->type = NS_ATTR_MAP; 25147c478bd9Sstevel@tonic-gate i = __s_api_add_map2hash(ptr, 25157ddae043Siz NS_HASH_AMAP, map); 25167c478bd9Sstevel@tonic-gate } else { 25177c478bd9Sstevel@tonic-gate map->type = NS_OBJ_MAP; 25187c478bd9Sstevel@tonic-gate i = __s_api_add_map2hash(ptr, 25197ddae043Siz NS_HASH_OMAP, map); 25207c478bd9Sstevel@tonic-gate } 25217c478bd9Sstevel@tonic-gate 25227c478bd9Sstevel@tonic-gate if (i != NS_HASH_RC_SUCCESS) { 25237c478bd9Sstevel@tonic-gate switch (i) { 25247c478bd9Sstevel@tonic-gate case NS_HASH_RC_CONFIG_ERROR: 25257c478bd9Sstevel@tonic-gate exitrc = NS_LDAP_INTERNAL; 25267c478bd9Sstevel@tonic-gate (void) snprintf(errstr, 25277ddae043Siz sizeof (errstr), 25287ddae043Siz gettext( 25297ddae043Siz "Unable to set value: " 25307ddae043Siz "no configuration info " 25317ddae043Siz "for schema map " 25327ddae043Siz "update (%s)"), cp); 25337c478bd9Sstevel@tonic-gate MKERROR(LOG_ERR, *error, 25347ddae043Siz NS_LDAP_INTERNAL, 25357ddae043Siz strdup(errstr), 25367ddae043Siz NULL); 25377c478bd9Sstevel@tonic-gate break; 25387c478bd9Sstevel@tonic-gate case NS_HASH_RC_EXISTED: 25397c478bd9Sstevel@tonic-gate exitrc = NS_LDAP_CONFIG; 25407c478bd9Sstevel@tonic-gate (void) snprintf(errstr, 25417ddae043Siz sizeof (errstr), 25427ddae043Siz gettext( 25437ddae043Siz "Unable to set value: " 25447ddae043Siz "schema map " 25457ddae043Siz "already existed for " 25467ddae043Siz "'%s'."), origA); 25477c478bd9Sstevel@tonic-gate MKERROR(LOG_ERR, *error, 25487ddae043Siz NS_CONFIG_SYNTAX, 25497ddae043Siz strdup(errstr), 25507ddae043Siz NULL); 25517c478bd9Sstevel@tonic-gate break; 25527c478bd9Sstevel@tonic-gate case NS_HASH_RC_NO_MEMORY: 25537c478bd9Sstevel@tonic-gate exitrc = NS_LDAP_MEMORY; 25547c478bd9Sstevel@tonic-gate break; 25557c478bd9Sstevel@tonic-gate } 25567c478bd9Sstevel@tonic-gate free_memory = 1; 25577c478bd9Sstevel@tonic-gate } else 25587c478bd9Sstevel@tonic-gate free_memory = 0; 25597c478bd9Sstevel@tonic-gate } 25607c478bd9Sstevel@tonic-gate 25617c478bd9Sstevel@tonic-gate if (free_memory) { 25627c478bd9Sstevel@tonic-gate if (tcp) 25637c478bd9Sstevel@tonic-gate free(tcp); 25647c478bd9Sstevel@tonic-gate free(sid); 25657c478bd9Sstevel@tonic-gate free(origA); 25667c478bd9Sstevel@tonic-gate __s_api_free2dArray(mapA); 25677c478bd9Sstevel@tonic-gate if (map) 25687c478bd9Sstevel@tonic-gate free(map); 25697c478bd9Sstevel@tonic-gate return (exitrc); 25707c478bd9Sstevel@tonic-gate } 25717c478bd9Sstevel@tonic-gate 25727c478bd9Sstevel@tonic-gate break; 25737c478bd9Sstevel@tonic-gate default: 25747c478bd9Sstevel@tonic-gate /* This should never happen. */ 25757c478bd9Sstevel@tonic-gate (void) snprintf(errstr, sizeof (errstr), 25767ddae043Siz gettext("Unable to set value: invalid configuration " 25777ddae043Siz "type (%d)"), def->data_type); 25787c478bd9Sstevel@tonic-gate MKERROR(LOG_ERR, *error, NS_CONFIG_SYNTAX, strdup(errstr), 25797ddae043Siz NULL); 25807c478bd9Sstevel@tonic-gate if (tcp != NULL) 25817c478bd9Sstevel@tonic-gate free(tcp); 25827c478bd9Sstevel@tonic-gate return (NS_LDAP_CONFIG); 25837c478bd9Sstevel@tonic-gate } 25847c478bd9Sstevel@tonic-gate conf.ns_ptype = def->data_type; 25857c478bd9Sstevel@tonic-gate if (tcp != NULL) 25867c478bd9Sstevel@tonic-gate free(tcp); 25877c478bd9Sstevel@tonic-gate 25887c478bd9Sstevel@tonic-gate /* Individually written verify routines here can replace */ 25897c478bd9Sstevel@tonic-gate /* verify_value. Verify conf (data) as appropriate here */ 25907c478bd9Sstevel@tonic-gate if (def->ns_verify != NULL) { 25917c478bd9Sstevel@tonic-gate if ((*def->ns_verify)(type, def, &conf, errstr) != NS_SUCCESS) { 25927c478bd9Sstevel@tonic-gate ns_param_t sav_conf; 25937c478bd9Sstevel@tonic-gate 25947c478bd9Sstevel@tonic-gate (void) snprintf(errstr, sizeof (errstr), 25957ddae043Siz gettext("%s"), errstr); 25967c478bd9Sstevel@tonic-gate MKERROR(LOG_WARNING, *error, NS_CONFIG_SYNTAX, 25977ddae043Siz strdup(errstr), NULL); 25987c478bd9Sstevel@tonic-gate 25997c478bd9Sstevel@tonic-gate sav_conf = ptr->paramList[type]; 26007c478bd9Sstevel@tonic-gate ptr->paramList[type] = conf; 26017c478bd9Sstevel@tonic-gate destroy_param(ptr, type); 26027c478bd9Sstevel@tonic-gate ptr->paramList[type] = sav_conf; 26037c478bd9Sstevel@tonic-gate 26047c478bd9Sstevel@tonic-gate return (NS_LDAP_CONFIG); 26057c478bd9Sstevel@tonic-gate } 26067c478bd9Sstevel@tonic-gate } 26077c478bd9Sstevel@tonic-gate 26087c478bd9Sstevel@tonic-gate /* post evaluate the data */ 26097c478bd9Sstevel@tonic-gate 26107c478bd9Sstevel@tonic-gate /* 26117c478bd9Sstevel@tonic-gate * if this is for setting a password, 26127c478bd9Sstevel@tonic-gate * encrypt the password first. 26137c478bd9Sstevel@tonic-gate * NOTE evalue() is smart and will just return 26147c478bd9Sstevel@tonic-gate * the value passed if it is already encrypted. 26157c478bd9Sstevel@tonic-gate * 26167c478bd9Sstevel@tonic-gate * Init NS_LDAP_EXP_P here when CACHETTL is updated 26177c478bd9Sstevel@tonic-gate */ 26187c478bd9Sstevel@tonic-gate if (type == NS_LDAP_BINDPASSWD_P) { 26197c478bd9Sstevel@tonic-gate cp = conf.ns_pc; 26207c478bd9Sstevel@tonic-gate cp2 = evalue((char *)cp); 26217c478bd9Sstevel@tonic-gate conf.ns_pc = cp2; 26227c478bd9Sstevel@tonic-gate free(cp); 26237c478bd9Sstevel@tonic-gate cp = NULL; 26247c478bd9Sstevel@tonic-gate } else if (type == NS_LDAP_FILE_VERSION_P) { 26257c478bd9Sstevel@tonic-gate ptr->version = NS_LDAP_V1; 26267c478bd9Sstevel@tonic-gate if (strcasecmp(conf.ns_pc, NS_LDAP_VERSION_2) == 0) { 26277c478bd9Sstevel@tonic-gate ptr->version = NS_LDAP_V2; 26287c478bd9Sstevel@tonic-gate } 26297c478bd9Sstevel@tonic-gate } else if (type == NS_LDAP_CACHETTL_P) { 26307c478bd9Sstevel@tonic-gate cp = conf.ns_pc; 26317c478bd9Sstevel@tonic-gate tm = conv_time(cp); 26327c478bd9Sstevel@tonic-gate ptr->paramList[NS_LDAP_EXP_P].ns_ptype = TIMET; 26337c478bd9Sstevel@tonic-gate if (tm != 0) { 26347c478bd9Sstevel@tonic-gate tm += time(NULL); 26357c478bd9Sstevel@tonic-gate } 26367c478bd9Sstevel@tonic-gate ptr->paramList[NS_LDAP_EXP_P].ns_tm = tm; 26377c478bd9Sstevel@tonic-gate } 26387c478bd9Sstevel@tonic-gate 26397c478bd9Sstevel@tonic-gate /* Everything checks out move new values into param */ 26407c478bd9Sstevel@tonic-gate destroy_param(ptr, type); 26417c478bd9Sstevel@tonic-gate /* Assign new/updated value into paramList */ 26427c478bd9Sstevel@tonic-gate ptr->paramList[type] = conf; 26437c478bd9Sstevel@tonic-gate 26447c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 26457c478bd9Sstevel@tonic-gate } 26467c478bd9Sstevel@tonic-gate 26477c478bd9Sstevel@tonic-gate 26487c478bd9Sstevel@tonic-gate /* 26497c478bd9Sstevel@tonic-gate * Set a parameter value in the 'config' configuration structure 26507c478bd9Sstevel@tonic-gate * Lock as appropriate 26517c478bd9Sstevel@tonic-gate */ 26527c478bd9Sstevel@tonic-gate 26537c478bd9Sstevel@tonic-gate int 26547c478bd9Sstevel@tonic-gate __ns_ldap_setParam(const ParamIndexType type, 26557c478bd9Sstevel@tonic-gate const void *data, ns_ldap_error_t **error) 26567c478bd9Sstevel@tonic-gate { 26577c478bd9Sstevel@tonic-gate ns_ldap_error_t *errorp; 26587c478bd9Sstevel@tonic-gate int ret; 26597c478bd9Sstevel@tonic-gate char errstr[2 * MAXERROR]; 26607c478bd9Sstevel@tonic-gate ns_config_t *cfg; 2661e1dd0a2fSth ns_config_t *cfg_g = (ns_config_t *)-1; 26627c478bd9Sstevel@tonic-gate ns_config_t *new_cfg; 2663e1dd0a2fSth boolean_t reinit_connmgmt = B_FALSE; 26647c478bd9Sstevel@tonic-gate 26657c478bd9Sstevel@tonic-gate /* We want to refresh only one configuration at a time */ 26667c478bd9Sstevel@tonic-gate (void) mutex_lock(&ns_loadrefresh_lock); 26677c478bd9Sstevel@tonic-gate cfg = __s_api_get_default_config(); 26687c478bd9Sstevel@tonic-gate 26697c478bd9Sstevel@tonic-gate if (cache_server == TRUE) { 26707c478bd9Sstevel@tonic-gate if (cfg == NULL) { 26717ddae043Siz __ns_ldap_default_config(); 26727ddae043Siz cfg = __s_api_get_default_config(); 26737ddae043Siz if (cfg == NULL) { 26747ddae043Siz (void) mutex_unlock(&ns_loadrefresh_lock); 26757ddae043Siz return (NS_LDAP_MEMORY); 26767ddae043Siz } 26777c478bd9Sstevel@tonic-gate } 26787c478bd9Sstevel@tonic-gate } else { 26797c478bd9Sstevel@tonic-gate /* 26807c478bd9Sstevel@tonic-gate * This code always return error here on client side, 26817c478bd9Sstevel@tonic-gate * this needs to change once libsldap is used by more 26827c478bd9Sstevel@tonic-gate * applications that need to set parameters. 26837c478bd9Sstevel@tonic-gate */ 26847c478bd9Sstevel@tonic-gate (void) snprintf(errstr, sizeof (errstr), 26857ddae043Siz gettext("Unable to set parameter from a client in " 26867ddae043Siz "__ns_ldap_setParam()")); 26877c478bd9Sstevel@tonic-gate MKERROR(LOG_WARNING, *error, NS_CONFIG_SYNTAX, strdup(errstr), 26887ddae043Siz NULL); 26897c478bd9Sstevel@tonic-gate if (cfg != NULL) 26907c478bd9Sstevel@tonic-gate __s_api_release_config(cfg); 26917c478bd9Sstevel@tonic-gate (void) mutex_unlock(&ns_loadrefresh_lock); 26927c478bd9Sstevel@tonic-gate return (NS_LDAP_CONFIG); 26937c478bd9Sstevel@tonic-gate } 26947c478bd9Sstevel@tonic-gate 26957c478bd9Sstevel@tonic-gate /* (re)initialize configuration if necessary */ 2696e1dd0a2fSth if (!__s_api_isStandalone() && 2697e1dd0a2fSth cache_server == FALSE && timetorefresh(cfg)) 2698e1dd0a2fSth cfg_g = __s_api_get_default_config_global(); 2699e1dd0a2fSth /* only (re)initialize the global configuration */ 2700e1dd0a2fSth if (cfg == cfg_g) { 2701e1dd0a2fSth if (cfg_g != NULL) 2702e1dd0a2fSth __s_api_release_config(cfg_g); 2703e1dd0a2fSth new_cfg = LoadCacheConfiguration(cfg, &errorp); 2704e1dd0a2fSth if (new_cfg != cfg) 2705e1dd0a2fSth __s_api_release_config(cfg); 27067c478bd9Sstevel@tonic-gate if (new_cfg == NULL) { 27077c478bd9Sstevel@tonic-gate (void) snprintf(errstr, sizeof (errstr), 27087ddae043Siz gettext("Unable to load configuration '%s' " 27097ddae043Siz "('%s')."), NSCONFIGFILE, 27107ddae043Siz errorp != NULL && errorp->message != NULL ? 27117ddae043Siz errorp->message : ""); 27127c478bd9Sstevel@tonic-gate MKERROR(LOG_WARNING, *error, NS_CONFIG_NOTLOADED, 27137ddae043Siz strdup(errstr), NULL); 27147c478bd9Sstevel@tonic-gate if (errorp != NULL) 27157c478bd9Sstevel@tonic-gate (void) __ns_ldap_freeError(&errorp); 27167c478bd9Sstevel@tonic-gate (void) mutex_unlock(&ns_loadrefresh_lock); 27177c478bd9Sstevel@tonic-gate return (NS_LDAP_CONFIG); 27187c478bd9Sstevel@tonic-gate } 2719e1dd0a2fSth if (new_cfg != cfg) { 2720e1dd0a2fSth set_curr_config_global(new_cfg); 2721e1dd0a2fSth cfg = new_cfg; 2722e1dd0a2fSth reinit_connmgmt = B_TRUE; 2723e1dd0a2fSth } 27247c478bd9Sstevel@tonic-gate } 27257c478bd9Sstevel@tonic-gate (void) mutex_unlock(&ns_loadrefresh_lock); 27267c478bd9Sstevel@tonic-gate 2727e1dd0a2fSth if (reinit_connmgmt == B_TRUE) 2728e1dd0a2fSth __s_api_reinit_conn_mgmt_new_config(cfg); 2729e1dd0a2fSth 27307c478bd9Sstevel@tonic-gate /* translate input and save in the parameter list */ 27317c478bd9Sstevel@tonic-gate ret = __ns_ldap_setParamValue(cfg, type, data, error); 27327c478bd9Sstevel@tonic-gate 27337c478bd9Sstevel@tonic-gate __s_api_release_config(cfg); 27347c478bd9Sstevel@tonic-gate 27357c478bd9Sstevel@tonic-gate return (ret); 27367c478bd9Sstevel@tonic-gate } 27377c478bd9Sstevel@tonic-gate 27387c478bd9Sstevel@tonic-gate 27397c478bd9Sstevel@tonic-gate /* 27407c478bd9Sstevel@tonic-gate * Make a copy of a parameter entry 27417c478bd9Sstevel@tonic-gate */ 27427c478bd9Sstevel@tonic-gate 27437c478bd9Sstevel@tonic-gate static void ** 27447c478bd9Sstevel@tonic-gate dupParam(ns_param_t *ptr) 27457c478bd9Sstevel@tonic-gate { 27467c478bd9Sstevel@tonic-gate int count, i; 27477c478bd9Sstevel@tonic-gate void **dupdata, *ret; 27487c478bd9Sstevel@tonic-gate int *intptr; 27497c478bd9Sstevel@tonic-gate char *cp, tmbuf[32]; 27507c478bd9Sstevel@tonic-gate static time_t expire = 0; 27517c478bd9Sstevel@tonic-gate ns_auth_t *ap; 27527c478bd9Sstevel@tonic-gate 27537c478bd9Sstevel@tonic-gate switch (ptr->ns_ptype) { 27547c478bd9Sstevel@tonic-gate case ARRAYAUTH: 27557c478bd9Sstevel@tonic-gate case ARRAYCRED: 27567c478bd9Sstevel@tonic-gate case SAMLIST: 27577c478bd9Sstevel@tonic-gate case SCLLIST: 27587c478bd9Sstevel@tonic-gate case SSDLIST: 27597c478bd9Sstevel@tonic-gate case SERVLIST: 27607c478bd9Sstevel@tonic-gate case ARRAYCP: 27617c478bd9Sstevel@tonic-gate count = ptr->ns_acnt; 27627c478bd9Sstevel@tonic-gate if (count == 0) 27637c478bd9Sstevel@tonic-gate return (NULL); 27647c478bd9Sstevel@tonic-gate break; 27657c478bd9Sstevel@tonic-gate case CHARPTR: 27667c478bd9Sstevel@tonic-gate case INT: 27677c478bd9Sstevel@tonic-gate case TIMET: 27687c478bd9Sstevel@tonic-gate count = 1; 27697c478bd9Sstevel@tonic-gate } 27707c478bd9Sstevel@tonic-gate 27717c478bd9Sstevel@tonic-gate dupdata = (void **)calloc((count + 1), sizeof (void *)); 27727c478bd9Sstevel@tonic-gate if (dupdata == NULL) 27737c478bd9Sstevel@tonic-gate return (NULL); 27747c478bd9Sstevel@tonic-gate 27757c478bd9Sstevel@tonic-gate switch (ptr->ns_ptype) { 27767c478bd9Sstevel@tonic-gate case ARRAYAUTH: 27777c478bd9Sstevel@tonic-gate for (i = 0; i < count; i++) { 27787c478bd9Sstevel@tonic-gate ap = __s_api_AuthEnumtoStruct( 27797ddae043Siz (EnumAuthType_t)ptr->ns_pi[i]); 27807c478bd9Sstevel@tonic-gate if (ap == NULL) { 27817c478bd9Sstevel@tonic-gate free(dupdata); 27827c478bd9Sstevel@tonic-gate return (NULL); 27837c478bd9Sstevel@tonic-gate } 27847c478bd9Sstevel@tonic-gate dupdata[i] = ap; 27857c478bd9Sstevel@tonic-gate } 27867c478bd9Sstevel@tonic-gate break; 27877c478bd9Sstevel@tonic-gate case ARRAYCRED: 27887c478bd9Sstevel@tonic-gate for (i = 0; i < count; i++) { 27897c478bd9Sstevel@tonic-gate intptr = (int *)malloc(sizeof (int)); 27907c478bd9Sstevel@tonic-gate if (intptr == NULL) { 27917c478bd9Sstevel@tonic-gate free(dupdata); 27927c478bd9Sstevel@tonic-gate return (NULL); 27937c478bd9Sstevel@tonic-gate } 27947c478bd9Sstevel@tonic-gate dupdata[i] = (void *)intptr; 27957c478bd9Sstevel@tonic-gate *intptr = ptr->ns_pi[i]; 27967c478bd9Sstevel@tonic-gate } 27977c478bd9Sstevel@tonic-gate break; 27987c478bd9Sstevel@tonic-gate case SAMLIST: 27997c478bd9Sstevel@tonic-gate case SCLLIST: 28007c478bd9Sstevel@tonic-gate case SSDLIST: 28017c478bd9Sstevel@tonic-gate case SERVLIST: 28027c478bd9Sstevel@tonic-gate case ARRAYCP: 28037c478bd9Sstevel@tonic-gate for (i = 0; i < count; i++) { 28047c478bd9Sstevel@tonic-gate ret = (void *)strdup(ptr->ns_ppc[i]); 28057c478bd9Sstevel@tonic-gate if (ret == NULL) { 28067c478bd9Sstevel@tonic-gate free(dupdata); 28077c478bd9Sstevel@tonic-gate return (NULL); 28087c478bd9Sstevel@tonic-gate } 28097c478bd9Sstevel@tonic-gate dupdata[i] = ret; 28107c478bd9Sstevel@tonic-gate } 28117c478bd9Sstevel@tonic-gate break; 28127c478bd9Sstevel@tonic-gate case CHARPTR: 28137c478bd9Sstevel@tonic-gate if (ptr->ns_pc == NULL) { 28147c478bd9Sstevel@tonic-gate free(dupdata); 28157c478bd9Sstevel@tonic-gate return (NULL); 28167c478bd9Sstevel@tonic-gate } 28177c478bd9Sstevel@tonic-gate ret = (void *)strdup(ptr->ns_pc); 28187c478bd9Sstevel@tonic-gate if (ret == NULL) { 28197c478bd9Sstevel@tonic-gate free(dupdata); 28207c478bd9Sstevel@tonic-gate return (NULL); 28217c478bd9Sstevel@tonic-gate } 28227c478bd9Sstevel@tonic-gate dupdata[0] = ret; 28237c478bd9Sstevel@tonic-gate break; 28247c478bd9Sstevel@tonic-gate case INT: 28257c478bd9Sstevel@tonic-gate intptr = (int *)malloc(sizeof (int)); 28267c478bd9Sstevel@tonic-gate if (intptr == NULL) { 28277c478bd9Sstevel@tonic-gate free(dupdata); 28287c478bd9Sstevel@tonic-gate return (NULL); 28297c478bd9Sstevel@tonic-gate } 28307c478bd9Sstevel@tonic-gate *intptr = ptr->ns_i; 28317c478bd9Sstevel@tonic-gate dupdata[0] = (void *)intptr; 28327c478bd9Sstevel@tonic-gate break; 28337c478bd9Sstevel@tonic-gate case TIMET: 28347c478bd9Sstevel@tonic-gate expire = ptr->ns_tm; 28357c478bd9Sstevel@tonic-gate tmbuf[31] = '\0'; 28367c478bd9Sstevel@tonic-gate cp = lltostr((long)expire, &tmbuf[31]); 28377c478bd9Sstevel@tonic-gate ret = (void *)strdup(cp); 28387c478bd9Sstevel@tonic-gate if (ret == NULL) { 28397c478bd9Sstevel@tonic-gate free(dupdata); 28407c478bd9Sstevel@tonic-gate return (NULL); 28417c478bd9Sstevel@tonic-gate } 28427c478bd9Sstevel@tonic-gate dupdata[0] = ret; 28437c478bd9Sstevel@tonic-gate break; 28447c478bd9Sstevel@tonic-gate } 28457c478bd9Sstevel@tonic-gate return (dupdata); 28467c478bd9Sstevel@tonic-gate } 28477c478bd9Sstevel@tonic-gate 28487c478bd9Sstevel@tonic-gate int 28497c478bd9Sstevel@tonic-gate __ns_ldap_freeParam(void ***data) 28507c478bd9Sstevel@tonic-gate { 28517c478bd9Sstevel@tonic-gate void **tmp; 28527c478bd9Sstevel@tonic-gate int i = 0; 28537c478bd9Sstevel@tonic-gate 28547c478bd9Sstevel@tonic-gate if (*data == NULL) 28557c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 28567c478bd9Sstevel@tonic-gate 28577c478bd9Sstevel@tonic-gate for (i = 0, tmp = *data; tmp[i] != NULL; i++) 28587c478bd9Sstevel@tonic-gate free(tmp[i]); 28597c478bd9Sstevel@tonic-gate 28607c478bd9Sstevel@tonic-gate free(*data); 28617c478bd9Sstevel@tonic-gate 28627c478bd9Sstevel@tonic-gate *data = NULL; 28637c478bd9Sstevel@tonic-gate 28647c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 28657c478bd9Sstevel@tonic-gate } 28667c478bd9Sstevel@tonic-gate 28677c478bd9Sstevel@tonic-gate /* 28687c478bd9Sstevel@tonic-gate * Get the internal format for a parameter value. This 28697c478bd9Sstevel@tonic-gate * routine makes a copy of an internal param value from 28707c478bd9Sstevel@tonic-gate * the currently active parameter list and returns it. 28717c478bd9Sstevel@tonic-gate */ 28727c478bd9Sstevel@tonic-gate 28737c478bd9Sstevel@tonic-gate int 28747c478bd9Sstevel@tonic-gate __ns_ldap_getParam(const ParamIndexType Param, 28757c478bd9Sstevel@tonic-gate void ***data, ns_ldap_error_t **error) 28767c478bd9Sstevel@tonic-gate { 28777c478bd9Sstevel@tonic-gate char errstr[2 * MAXERROR]; 28787c478bd9Sstevel@tonic-gate ns_ldap_error_t *errorp; 28797c478bd9Sstevel@tonic-gate ns_default_config *def; 28807c478bd9Sstevel@tonic-gate ns_config_t *cfg; 2881e1dd0a2fSth ns_config_t *cfg_g = (ns_config_t *)-1; 28827c478bd9Sstevel@tonic-gate ns_config_t *new_cfg; 2883e1dd0a2fSth boolean_t reinit_connmgmt = B_FALSE; 28847c478bd9Sstevel@tonic-gate 28857c478bd9Sstevel@tonic-gate if (data == NULL) 28867c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 28877c478bd9Sstevel@tonic-gate 28887c478bd9Sstevel@tonic-gate *data = NULL; 28897c478bd9Sstevel@tonic-gate 28907c478bd9Sstevel@tonic-gate /* We want to refresh only one configuration at a time */ 28917c478bd9Sstevel@tonic-gate (void) mutex_lock(&ns_loadrefresh_lock); 28927c478bd9Sstevel@tonic-gate cfg = __s_api_get_default_config(); 28937c478bd9Sstevel@tonic-gate 28947c478bd9Sstevel@tonic-gate /* (re)initialize configuration if necessary */ 2895e1dd0a2fSth if (!__s_api_isStandalone() && 2896e1dd0a2fSth cache_server == FALSE && timetorefresh(cfg)) 2897e1dd0a2fSth cfg_g = __s_api_get_default_config_global(); 2898e1dd0a2fSth /* only (re)initialize the global configuration */ 2899e1dd0a2fSth if (cfg == cfg_g) { 2900e1dd0a2fSth if (cfg_g != NULL) 2901e1dd0a2fSth __s_api_release_config(cfg_g); 2902e1dd0a2fSth new_cfg = LoadCacheConfiguration(cfg, &errorp); 2903e1dd0a2fSth if (new_cfg != cfg) 2904e1dd0a2fSth __s_api_release_config(cfg); 29057c478bd9Sstevel@tonic-gate if (new_cfg == NULL) { 29067c478bd9Sstevel@tonic-gate (void) snprintf(errstr, sizeof (errstr), 29077ddae043Siz gettext("Unable to load configuration " 29087ddae043Siz "'%s' ('%s')."), 29097ddae043Siz NSCONFIGFILE, 29107ddae043Siz errorp != NULL && errorp->message != NULL ? 29117ddae043Siz errorp->message : ""); 29127c478bd9Sstevel@tonic-gate MKERROR(LOG_WARNING, *error, NS_CONFIG_NOTLOADED, 29137ddae043Siz strdup(errstr), NULL); 29147c478bd9Sstevel@tonic-gate if (errorp != NULL) 29157c478bd9Sstevel@tonic-gate (void) __ns_ldap_freeError(&errorp); 29167c478bd9Sstevel@tonic-gate (void) mutex_unlock(&ns_loadrefresh_lock); 29177c478bd9Sstevel@tonic-gate return (NS_LDAP_CONFIG); 29187c478bd9Sstevel@tonic-gate } 2919e1dd0a2fSth if (new_cfg != cfg) { 2920e1dd0a2fSth set_curr_config_global(new_cfg); 2921e1dd0a2fSth cfg = new_cfg; 2922e1dd0a2fSth reinit_connmgmt = B_TRUE; 2923e1dd0a2fSth } 29247c478bd9Sstevel@tonic-gate } 29257c478bd9Sstevel@tonic-gate (void) mutex_unlock(&ns_loadrefresh_lock); 29267c478bd9Sstevel@tonic-gate 2927e1dd0a2fSth if (reinit_connmgmt == B_TRUE) 2928e1dd0a2fSth __s_api_reinit_conn_mgmt_new_config(cfg); 2929e1dd0a2fSth 29307c478bd9Sstevel@tonic-gate if (cfg == NULL) { 29317c478bd9Sstevel@tonic-gate (void) snprintf(errstr, sizeof (errstr), 29327c478bd9Sstevel@tonic-gate gettext("No configuration information available.")); 29337c478bd9Sstevel@tonic-gate MKERROR(LOG_ERR, *error, NS_CONFIG_NOTLOADED, 29347ddae043Siz strdup(errstr), NULL); 29357c478bd9Sstevel@tonic-gate return (NS_LDAP_CONFIG); 29367c478bd9Sstevel@tonic-gate } 29377c478bd9Sstevel@tonic-gate 29387c478bd9Sstevel@tonic-gate if (Param == NS_LDAP_DOMAIN_P) { 29397c478bd9Sstevel@tonic-gate *data = (void **)calloc(2, sizeof (void *)); 29407c478bd9Sstevel@tonic-gate if (*data == NULL) { 29417c478bd9Sstevel@tonic-gate __s_api_release_config(cfg); 29427c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 29437c478bd9Sstevel@tonic-gate } 29447c478bd9Sstevel@tonic-gate (*data)[0] = (void *)strdup(cfg->domainName); 29457c478bd9Sstevel@tonic-gate if ((*data)[0] == NULL) { 29467c478bd9Sstevel@tonic-gate free(*data); 29477c478bd9Sstevel@tonic-gate __s_api_release_config(cfg); 29487c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 29497c478bd9Sstevel@tonic-gate } 29507c478bd9Sstevel@tonic-gate } else if (cfg->paramList[Param].ns_ptype == NS_UNKNOWN) { 29517c478bd9Sstevel@tonic-gate /* get default */ 29527c478bd9Sstevel@tonic-gate def = get_defconfig(cfg, Param); 29537c478bd9Sstevel@tonic-gate if (def != NULL) 29547c478bd9Sstevel@tonic-gate *data = dupParam(&def->defval); 29557c478bd9Sstevel@tonic-gate } else { 29567c478bd9Sstevel@tonic-gate *data = dupParam(&(cfg->paramList[Param])); 29577c478bd9Sstevel@tonic-gate } 29587c478bd9Sstevel@tonic-gate __s_api_release_config(cfg); 29597c478bd9Sstevel@tonic-gate 29607c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 29617c478bd9Sstevel@tonic-gate } 29627c478bd9Sstevel@tonic-gate 29637c478bd9Sstevel@tonic-gate /* 29647c478bd9Sstevel@tonic-gate * This routine takes a parameter in internal format and 29657c478bd9Sstevel@tonic-gate * translates it into a variety of string formats for various 29667c478bd9Sstevel@tonic-gate * outputs (doors/file/ldif). This routine would be better 29677c478bd9Sstevel@tonic-gate * named: __ns_ldap_translateParam2String 29687c478bd9Sstevel@tonic-gate */ 29697c478bd9Sstevel@tonic-gate 29707c478bd9Sstevel@tonic-gate char * 29717c478bd9Sstevel@tonic-gate __s_api_strValue(ns_config_t *cfg, char *str, 29727c478bd9Sstevel@tonic-gate int bufsz, ParamIndexType index, 29737c478bd9Sstevel@tonic-gate ns_strfmt_t fmt) 29747c478bd9Sstevel@tonic-gate { 29757c478bd9Sstevel@tonic-gate ns_default_config *def = NULL; 29767c478bd9Sstevel@tonic-gate ns_param_t *ptr; 29777c478bd9Sstevel@tonic-gate ns_hash_t *hptr; 29787c478bd9Sstevel@tonic-gate ns_mapping_t *mptr; 29797c478bd9Sstevel@tonic-gate char ibuf[14], *buf; 29807c478bd9Sstevel@tonic-gate char abuf[64], **cpp; 29817c478bd9Sstevel@tonic-gate int alen, count, i, sz; 29827c478bd9Sstevel@tonic-gate int seplen = strlen(COMMASEP) + strlen(DOORLINESEP); 29837c478bd9Sstevel@tonic-gate int first; 29847c478bd9Sstevel@tonic-gate 29857c478bd9Sstevel@tonic-gate if (cfg == NULL || str == NULL) 29867c478bd9Sstevel@tonic-gate return (NULL); 29877c478bd9Sstevel@tonic-gate 29887c478bd9Sstevel@tonic-gate /* NS_LDAP_EXP and TRANSPORT_SEC are not exported externally */ 29897c478bd9Sstevel@tonic-gate if (index == NS_LDAP_EXP_P || index == NS_LDAP_TRANSPORT_SEC_P) 29907c478bd9Sstevel@tonic-gate return (NULL); 29917c478bd9Sstevel@tonic-gate 29927c478bd9Sstevel@tonic-gate /* Return nothing if the value is the default */ 29937c478bd9Sstevel@tonic-gate if (cfg->paramList[index].ns_ptype == NS_UNKNOWN) 29947c478bd9Sstevel@tonic-gate return (NULL); 29957c478bd9Sstevel@tonic-gate 29967c478bd9Sstevel@tonic-gate ptr = &(cfg->paramList[index]); 29977c478bd9Sstevel@tonic-gate 29987c478bd9Sstevel@tonic-gate abuf[0] = '\0'; 29997c478bd9Sstevel@tonic-gate alen = 0; 30007c478bd9Sstevel@tonic-gate 30017c478bd9Sstevel@tonic-gate /* get default */ 30027c478bd9Sstevel@tonic-gate def = get_defconfig(cfg, index); 30037c478bd9Sstevel@tonic-gate if (def == NULL) 30047c478bd9Sstevel@tonic-gate return (NULL); 30057c478bd9Sstevel@tonic-gate 30067c478bd9Sstevel@tonic-gate switch (fmt) { 30077c478bd9Sstevel@tonic-gate case NS_DOOR_FMT: 30087c478bd9Sstevel@tonic-gate (void) strlcpy(abuf, def->name, sizeof (abuf)); 30097c478bd9Sstevel@tonic-gate (void) strlcat(abuf, EQUALSEP, sizeof (abuf)); 30107c478bd9Sstevel@tonic-gate break; 30117c478bd9Sstevel@tonic-gate case NS_FILE_FMT: 30127c478bd9Sstevel@tonic-gate (void) strlcpy(abuf, def->name, sizeof (abuf)); 30137c478bd9Sstevel@tonic-gate (void) strlcat(abuf, EQUSPSEP, sizeof (abuf)); 30147c478bd9Sstevel@tonic-gate break; 30157c478bd9Sstevel@tonic-gate case NS_LDIF_FMT: 30167c478bd9Sstevel@tonic-gate /* If no LDIF attr exists ignore the entry */ 30177c478bd9Sstevel@tonic-gate if (def->profile_name == NULL) 30187c478bd9Sstevel@tonic-gate return (NULL); 30197c478bd9Sstevel@tonic-gate (void) strlcpy(abuf, def->profile_name, sizeof (abuf)); 30207c478bd9Sstevel@tonic-gate (void) strlcat(abuf, COLSPSEP, sizeof (abuf)); 30217c478bd9Sstevel@tonic-gate break; 30227c478bd9Sstevel@tonic-gate default: 30237c478bd9Sstevel@tonic-gate break; 30247c478bd9Sstevel@tonic-gate } 30257c478bd9Sstevel@tonic-gate alen = strlen(abuf); 30267c478bd9Sstevel@tonic-gate if (alen > bufsz) 30277c478bd9Sstevel@tonic-gate return (NULL); 30287c478bd9Sstevel@tonic-gate 30297c478bd9Sstevel@tonic-gate buf = str; 30307c478bd9Sstevel@tonic-gate (void) strlcpy(buf, abuf, bufsz); 30317c478bd9Sstevel@tonic-gate 30327c478bd9Sstevel@tonic-gate switch (ptr->ns_ptype) { 30337c478bd9Sstevel@tonic-gate case ARRAYAUTH: 30347c478bd9Sstevel@tonic-gate count = ptr->ns_acnt; 30357c478bd9Sstevel@tonic-gate sz = 0; 30367c478bd9Sstevel@tonic-gate for (i = 0; i < count; i++) { 30377c478bd9Sstevel@tonic-gate sz += strlen(__s_get_auth_name(cfg, 30387ddae043Siz (AuthType_t)(ptr->ns_pi[i]))) + seplen; 30397c478bd9Sstevel@tonic-gate } 30407c478bd9Sstevel@tonic-gate sz = sz + alen + 1; 30417c478bd9Sstevel@tonic-gate if (sz <= bufsz) { 30427c478bd9Sstevel@tonic-gate buf = str; 30437c478bd9Sstevel@tonic-gate } else { 30447c478bd9Sstevel@tonic-gate buf = (char *)calloc(sz, sizeof (char)); 30457c478bd9Sstevel@tonic-gate if (buf == NULL) 30467c478bd9Sstevel@tonic-gate return (NULL); 30477c478bd9Sstevel@tonic-gate (void) strcpy(buf, abuf); 30487c478bd9Sstevel@tonic-gate } 30497c478bd9Sstevel@tonic-gate for (i = 0; i < count; i++) { 30507c478bd9Sstevel@tonic-gate (void) strcat(buf, 30517ddae043Siz __s_get_auth_name(cfg, 30527ddae043Siz (AuthType_t)(ptr->ns_pi[i]))); 30537c478bd9Sstevel@tonic-gate if (i != count-1) { 30547c478bd9Sstevel@tonic-gate if (cfg->version == NS_LDAP_V1) 30557c478bd9Sstevel@tonic-gate (void) strcat(buf, COMMASEP); 30567c478bd9Sstevel@tonic-gate else 30577c478bd9Sstevel@tonic-gate (void) strcat(buf, SEMISEP); 30587c478bd9Sstevel@tonic-gate } 30597c478bd9Sstevel@tonic-gate } 30607c478bd9Sstevel@tonic-gate break; 30617c478bd9Sstevel@tonic-gate case ARRAYCRED: 30627c478bd9Sstevel@tonic-gate count = ptr->ns_acnt; 30637c478bd9Sstevel@tonic-gate sz = 0; 30647c478bd9Sstevel@tonic-gate for (i = 0; i < count; i++) { 30657c478bd9Sstevel@tonic-gate sz += strlen(__s_get_credlvl_name(cfg, 30667ddae043Siz (CredLevel_t)ptr->ns_pi[i])) + seplen; 30677c478bd9Sstevel@tonic-gate } 30687c478bd9Sstevel@tonic-gate sz = sz + alen + 1; 30697c478bd9Sstevel@tonic-gate if (sz <= bufsz) { 30707c478bd9Sstevel@tonic-gate buf = str; 30717c478bd9Sstevel@tonic-gate } else { 30727c478bd9Sstevel@tonic-gate buf = (char *)calloc(sz, sizeof (char)); 30737c478bd9Sstevel@tonic-gate if (buf == NULL) 30747c478bd9Sstevel@tonic-gate return (NULL); 30757c478bd9Sstevel@tonic-gate (void) strcpy(buf, abuf); 30767c478bd9Sstevel@tonic-gate } 30777c478bd9Sstevel@tonic-gate for (i = 0; i < count; i++) { 30787c478bd9Sstevel@tonic-gate (void) strcat(buf, 30797ddae043Siz __s_get_credlvl_name(cfg, 30807ddae043Siz (CredLevel_t)ptr->ns_pi[i])); 30817c478bd9Sstevel@tonic-gate if (i != count-1) { 30827c478bd9Sstevel@tonic-gate (void) strcat(buf, SPACESEP); 30837c478bd9Sstevel@tonic-gate } 30847c478bd9Sstevel@tonic-gate } 30857c478bd9Sstevel@tonic-gate break; 30867c478bd9Sstevel@tonic-gate case SAMLIST: 30877c478bd9Sstevel@tonic-gate case SCLLIST: 30887c478bd9Sstevel@tonic-gate case SSDLIST: 30897c478bd9Sstevel@tonic-gate count = ptr->ns_acnt; 30907c478bd9Sstevel@tonic-gate sz = 0; 30917c478bd9Sstevel@tonic-gate for (i = 0; i < count; i++) { 30927c478bd9Sstevel@tonic-gate sz += strlen(ptr->ns_ppc[i]) + seplen; 30937c478bd9Sstevel@tonic-gate } 30947c478bd9Sstevel@tonic-gate sz = sz + alen + 1; 30957c478bd9Sstevel@tonic-gate /* 30967c478bd9Sstevel@tonic-gate * We need to allocate buffer depending on the 'fmt' and 30977c478bd9Sstevel@tonic-gate * on the number of ns_ptype's present(count) as we add 30987c478bd9Sstevel@tonic-gate * name' or 'profile_name' and DOORLINESEP or new line 30997c478bd9Sstevel@tonic-gate * char to the buffer - see below. 31007c478bd9Sstevel@tonic-gate */ 31017c478bd9Sstevel@tonic-gate switch (fmt) { 31027c478bd9Sstevel@tonic-gate case NS_LDIF_FMT: 31037c478bd9Sstevel@tonic-gate sz += count * (strlen(def->profile_name) 31047ddae043Siz + strlen(COLSPSEP) + strlen("\n")); 31057c478bd9Sstevel@tonic-gate break; 31067c478bd9Sstevel@tonic-gate case NS_FILE_FMT: 31077c478bd9Sstevel@tonic-gate sz += count * (strlen(def->name) 31087ddae043Siz + strlen(EQUALSEP) + strlen("\n")); 31097c478bd9Sstevel@tonic-gate break; 31107c478bd9Sstevel@tonic-gate case NS_DOOR_FMT: 31117c478bd9Sstevel@tonic-gate sz += count * (strlen(def->name) 31127ddae043Siz + strlen(EQUALSEP) + strlen(DOORLINESEP)); 31137c478bd9Sstevel@tonic-gate break; 31147c478bd9Sstevel@tonic-gate } 31157c478bd9Sstevel@tonic-gate if (sz <= bufsz) { 31167c478bd9Sstevel@tonic-gate buf = str; 31177c478bd9Sstevel@tonic-gate } else { 31187c478bd9Sstevel@tonic-gate buf = (char *)calloc(sz, sizeof (char)); 31197c478bd9Sstevel@tonic-gate if (buf == NULL) 31207c478bd9Sstevel@tonic-gate return (NULL); 31217c478bd9Sstevel@tonic-gate (void) strcpy(buf, abuf); 31227c478bd9Sstevel@tonic-gate } 31237c478bd9Sstevel@tonic-gate for (i = 0; i < count; i++) { 31247c478bd9Sstevel@tonic-gate (void) strcat(buf, ptr->ns_ppc[i]); 31257c478bd9Sstevel@tonic-gate if (i != count-1) { 31267c478bd9Sstevel@tonic-gate /* Separate items */ 31277c478bd9Sstevel@tonic-gate switch (fmt) { 31287c478bd9Sstevel@tonic-gate case NS_DOOR_FMT: 31297c478bd9Sstevel@tonic-gate (void) strcat(buf, DOORLINESEP); 31307c478bd9Sstevel@tonic-gate (void) strcat(buf, def->name); 31317c478bd9Sstevel@tonic-gate (void) strcat(buf, EQUALSEP); 31327c478bd9Sstevel@tonic-gate break; 31337c478bd9Sstevel@tonic-gate case NS_FILE_FMT: 31347c478bd9Sstevel@tonic-gate (void) strcat(buf, "\n"); 31357c478bd9Sstevel@tonic-gate (void) strcat(buf, def->name); 31367c478bd9Sstevel@tonic-gate (void) strcat(buf, EQUSPSEP); 31377c478bd9Sstevel@tonic-gate break; 31387c478bd9Sstevel@tonic-gate case NS_LDIF_FMT: 31397c478bd9Sstevel@tonic-gate (void) strcat(buf, "\n"); 31407c478bd9Sstevel@tonic-gate (void) strcat(buf, def->profile_name); 31417c478bd9Sstevel@tonic-gate (void) strcat(buf, COLSPSEP); 31427c478bd9Sstevel@tonic-gate break; 31437c478bd9Sstevel@tonic-gate } 31447c478bd9Sstevel@tonic-gate } 31457c478bd9Sstevel@tonic-gate } 31467c478bd9Sstevel@tonic-gate break; 31477c478bd9Sstevel@tonic-gate case ARRAYCP: 31487c478bd9Sstevel@tonic-gate count = ptr->ns_acnt; 31497c478bd9Sstevel@tonic-gate sz = 0; 31507c478bd9Sstevel@tonic-gate for (i = 0; i < count; i++) { 31517c478bd9Sstevel@tonic-gate sz += strlen(ptr->ns_ppc[i]) + seplen; 31527c478bd9Sstevel@tonic-gate } 31537c478bd9Sstevel@tonic-gate sz = sz + alen + 1; 31547c478bd9Sstevel@tonic-gate if (sz <= bufsz) { 31557c478bd9Sstevel@tonic-gate buf = str; 31567c478bd9Sstevel@tonic-gate } else { 31577c478bd9Sstevel@tonic-gate buf = (char *)calloc(sz, sizeof (char)); 31587c478bd9Sstevel@tonic-gate if (buf == NULL) 31597c478bd9Sstevel@tonic-gate return (NULL); 31607c478bd9Sstevel@tonic-gate (void) strcpy(buf, abuf); 31617c478bd9Sstevel@tonic-gate } 31627c478bd9Sstevel@tonic-gate for (i = 0; i < count; i++) { 31637c478bd9Sstevel@tonic-gate (void) strcat(buf, ptr->ns_ppc[i]); 31647c478bd9Sstevel@tonic-gate if (i != count-1) { 31657c478bd9Sstevel@tonic-gate (void) strcat(buf, COMMASEP); 31667c478bd9Sstevel@tonic-gate } 31677c478bd9Sstevel@tonic-gate } 31687c478bd9Sstevel@tonic-gate break; 31697c478bd9Sstevel@tonic-gate case SERVLIST: 31707c478bd9Sstevel@tonic-gate count = ptr->ns_acnt; 31717c478bd9Sstevel@tonic-gate sz = 0; 31727c478bd9Sstevel@tonic-gate for (i = 0; i < count; i++) { 31737c478bd9Sstevel@tonic-gate sz += strlen(ptr->ns_ppc[i]) + seplen; 31747c478bd9Sstevel@tonic-gate } 31757c478bd9Sstevel@tonic-gate sz = sz + alen + 1; 31767c478bd9Sstevel@tonic-gate if (sz <= bufsz) { 31777c478bd9Sstevel@tonic-gate buf = str; 31787c478bd9Sstevel@tonic-gate } else { 31797c478bd9Sstevel@tonic-gate buf = (char *)calloc(sz, sizeof (char)); 31807c478bd9Sstevel@tonic-gate if (buf == NULL) 31817c478bd9Sstevel@tonic-gate return (NULL); 31827c478bd9Sstevel@tonic-gate (void) strcpy(buf, abuf); 31837c478bd9Sstevel@tonic-gate } 31847c478bd9Sstevel@tonic-gate for (i = 0; i < count; i++) { 31857c478bd9Sstevel@tonic-gate (void) strcat(buf, ptr->ns_ppc[i]); 31867c478bd9Sstevel@tonic-gate if (i != count-1) { 31877c478bd9Sstevel@tonic-gate if (fmt == NS_LDIF_FMT) 31887c478bd9Sstevel@tonic-gate (void) strcat(buf, SPACESEP); 31897c478bd9Sstevel@tonic-gate else 31907c478bd9Sstevel@tonic-gate (void) strcat(buf, COMMASEP); 31917c478bd9Sstevel@tonic-gate } 31927c478bd9Sstevel@tonic-gate } 31937c478bd9Sstevel@tonic-gate break; 31947c478bd9Sstevel@tonic-gate case CHARPTR: 31957c478bd9Sstevel@tonic-gate if (ptr->ns_pc == NULL) 31967c478bd9Sstevel@tonic-gate break; 31977c478bd9Sstevel@tonic-gate sz = strlen(ptr->ns_pc) + alen + 1; 31987c478bd9Sstevel@tonic-gate if (sz > bufsz) { 31997c478bd9Sstevel@tonic-gate buf = (char *)calloc(sz, sizeof (char)); 32007c478bd9Sstevel@tonic-gate if (buf == NULL) 32017c478bd9Sstevel@tonic-gate return (NULL); 32027c478bd9Sstevel@tonic-gate (void) strcpy(buf, abuf); 32037c478bd9Sstevel@tonic-gate } 32047c478bd9Sstevel@tonic-gate (void) strcat(buf, ptr->ns_pc); 32057c478bd9Sstevel@tonic-gate break; 32067c478bd9Sstevel@tonic-gate case INT: 32077c478bd9Sstevel@tonic-gate switch (def->index) { 32087c478bd9Sstevel@tonic-gate case NS_LDAP_PREF_ONLY_P: 32097c478bd9Sstevel@tonic-gate (void) strcat(buf, 32107ddae043Siz __s_get_pref_name((PrefOnly_t)ptr->ns_i)); 32117c478bd9Sstevel@tonic-gate break; 32127c478bd9Sstevel@tonic-gate case NS_LDAP_SEARCH_REF_P: 32137c478bd9Sstevel@tonic-gate (void) strcat(buf, 32147ddae043Siz __s_get_searchref_name(cfg, 32157ddae043Siz (SearchRef_t)ptr->ns_i)); 32167c478bd9Sstevel@tonic-gate break; 32177c478bd9Sstevel@tonic-gate case NS_LDAP_SEARCH_SCOPE_P: 32187c478bd9Sstevel@tonic-gate (void) strcat(buf, 32197ddae043Siz __s_get_scope_name(cfg, 32207ddae043Siz (ScopeType_t)ptr->ns_i)); 32217c478bd9Sstevel@tonic-gate break; 32227c478bd9Sstevel@tonic-gate default: 32237c478bd9Sstevel@tonic-gate (void) snprintf(ibuf, sizeof (ibuf), 32247ddae043Siz "%d", ptr->ns_i); 32257c478bd9Sstevel@tonic-gate (void) strcat(buf, ibuf); 32267c478bd9Sstevel@tonic-gate break; 32277c478bd9Sstevel@tonic-gate } 32287c478bd9Sstevel@tonic-gate break; 32297c478bd9Sstevel@tonic-gate case ATTRMAP: 32307c478bd9Sstevel@tonic-gate buf[0] = '\0'; 32317c478bd9Sstevel@tonic-gate first = 1; 32327c478bd9Sstevel@tonic-gate for (hptr = cfg->llHead; hptr; hptr = hptr->h_llnext) { 32337c478bd9Sstevel@tonic-gate if (hptr->h_type != NS_HASH_AMAP) { 32347c478bd9Sstevel@tonic-gate continue; 32357c478bd9Sstevel@tonic-gate } 32367c478bd9Sstevel@tonic-gate if (!first) { 32377c478bd9Sstevel@tonic-gate if (fmt == NS_DOOR_FMT) 32387c478bd9Sstevel@tonic-gate (void) strcat(buf, DOORLINESEP); 32397c478bd9Sstevel@tonic-gate else 32407c478bd9Sstevel@tonic-gate (void) strcat(buf, "\n"); 32417c478bd9Sstevel@tonic-gate } 32427c478bd9Sstevel@tonic-gate mptr = hptr->h_map; 32437c478bd9Sstevel@tonic-gate (void) strcat(buf, abuf); 32447c478bd9Sstevel@tonic-gate (void) strcat(buf, mptr->service); 32457c478bd9Sstevel@tonic-gate (void) strcat(buf, COLONSEP); 32467c478bd9Sstevel@tonic-gate (void) strcat(buf, mptr->orig); 32477c478bd9Sstevel@tonic-gate (void) strcat(buf, EQUALSEP); 32487c478bd9Sstevel@tonic-gate for (cpp = mptr->map; cpp && *cpp; cpp++) { 32497c478bd9Sstevel@tonic-gate if (cpp != mptr->map) 32507c478bd9Sstevel@tonic-gate (void) strcat(buf, SPACESEP); 32517c478bd9Sstevel@tonic-gate (void) strcat(buf, *cpp); 32527c478bd9Sstevel@tonic-gate } 32537c478bd9Sstevel@tonic-gate first = 0; 32547c478bd9Sstevel@tonic-gate } 32557c478bd9Sstevel@tonic-gate break; 32567c478bd9Sstevel@tonic-gate case OBJMAP: 32577c478bd9Sstevel@tonic-gate buf[0] = '\0'; 32587c478bd9Sstevel@tonic-gate first = 1; 32597c478bd9Sstevel@tonic-gate for (hptr = cfg->llHead; hptr; hptr = hptr->h_llnext) { 32607c478bd9Sstevel@tonic-gate if (hptr->h_type != NS_HASH_OMAP) { 32617c478bd9Sstevel@tonic-gate continue; 32627c478bd9Sstevel@tonic-gate } 32637c478bd9Sstevel@tonic-gate if (!first) { 32647c478bd9Sstevel@tonic-gate if (fmt == NS_DOOR_FMT) 32657c478bd9Sstevel@tonic-gate (void) strcat(buf, DOORLINESEP); 32667c478bd9Sstevel@tonic-gate else 32677c478bd9Sstevel@tonic-gate (void) strcat(buf, "\n"); 32687c478bd9Sstevel@tonic-gate } 32697c478bd9Sstevel@tonic-gate mptr = hptr->h_map; 32707c478bd9Sstevel@tonic-gate (void) strcat(buf, abuf); 32717c478bd9Sstevel@tonic-gate (void) strcat(buf, mptr->service); 32727c478bd9Sstevel@tonic-gate (void) strcat(buf, COLONSEP); 32737c478bd9Sstevel@tonic-gate (void) strcat(buf, mptr->orig); 32747c478bd9Sstevel@tonic-gate (void) strcat(buf, EQUALSEP); 32757c478bd9Sstevel@tonic-gate for (cpp = mptr->map; cpp && *cpp; cpp++) { 32767c478bd9Sstevel@tonic-gate if (cpp != mptr->map) 32777c478bd9Sstevel@tonic-gate (void) strcat(buf, SPACESEP); 32787c478bd9Sstevel@tonic-gate (void) strcat(buf, *cpp); 32797c478bd9Sstevel@tonic-gate } 32807c478bd9Sstevel@tonic-gate first = 0; 32817c478bd9Sstevel@tonic-gate } 32827c478bd9Sstevel@tonic-gate break; 32837c478bd9Sstevel@tonic-gate } 32847c478bd9Sstevel@tonic-gate return (buf); 32857c478bd9Sstevel@tonic-gate } 32867c478bd9Sstevel@tonic-gate 32877c478bd9Sstevel@tonic-gate static int 32887c478bd9Sstevel@tonic-gate __door_getldapconfig(char **buffer, int *buflen, ns_ldap_error_t **error) 32897c478bd9Sstevel@tonic-gate { 32907c478bd9Sstevel@tonic-gate typedef union { 32917c478bd9Sstevel@tonic-gate ldap_data_t s_d; 32927c478bd9Sstevel@tonic-gate char s_b[DOORBUFFERSIZE]; 32937c478bd9Sstevel@tonic-gate } space_t; 32947ddae043Siz space_t *space; 32957c478bd9Sstevel@tonic-gate 32967ddae043Siz ldap_data_t *sptr; 32977ddae043Siz int ndata; 32987ddae043Siz int adata; 32997ddae043Siz char errstr[MAXERROR]; 33007ddae043Siz char *domainname; 33017ddae043Siz ns_ldap_return_code retCode; 3302e1dd0a2fSth ldap_config_out_t *cfghdr; 33037ddae043Siz 33047ddae043Siz *error = NULL; 33057c478bd9Sstevel@tonic-gate 33067c478bd9Sstevel@tonic-gate domainname = __getdomainname(); 33077c478bd9Sstevel@tonic-gate if (domainname == NULL || buffer == NULL || buflen == NULL || 33087c478bd9Sstevel@tonic-gate (strlen(domainname) >= (sizeof (space_t) 33097ddae043Siz - sizeof (space->s_d.ldap_call.ldap_callnumber)))) { 33107c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED); 33117c478bd9Sstevel@tonic-gate } 33127c478bd9Sstevel@tonic-gate 33137c478bd9Sstevel@tonic-gate space = (space_t *)calloc(1, sizeof (space_t)); 33147c478bd9Sstevel@tonic-gate if (space == NULL) 33157ddae043Siz return (NS_LDAP_MEMORY); 33167c478bd9Sstevel@tonic-gate 33177c478bd9Sstevel@tonic-gate adata = (sizeof (ldap_call_t) + strlen(domainname) +1); 33187c478bd9Sstevel@tonic-gate ndata = sizeof (space_t); 33197c478bd9Sstevel@tonic-gate space->s_d.ldap_call.ldap_callnumber = GETLDAPCONFIGV1; 33207c478bd9Sstevel@tonic-gate (void) strcpy(space->s_d.ldap_call.ldap_u.domainname, domainname); 33217c478bd9Sstevel@tonic-gate free(domainname); 33227c478bd9Sstevel@tonic-gate domainname = NULL; 33237c478bd9Sstevel@tonic-gate sptr = &space->s_d; 33247c478bd9Sstevel@tonic-gate 33257c478bd9Sstevel@tonic-gate switch (__ns_ldap_trydoorcall(&sptr, &ndata, &adata)) { 3326e1dd0a2fSth case NS_CACHE_SUCCESS: 33277c478bd9Sstevel@tonic-gate break; 3328e1dd0a2fSth case NS_CACHE_NOTFOUND: 33297c478bd9Sstevel@tonic-gate (void) snprintf(errstr, sizeof (errstr), 33307ddae043Siz gettext("Door call to " 33317ddae043Siz "ldap_cachemgr failed - error: %d."), 33327ddae043Siz space->s_d.ldap_ret.ldap_errno); 33337c478bd9Sstevel@tonic-gate MKERROR(LOG_WARNING, *error, NS_CONFIG_CACHEMGR, 33347ddae043Siz strdup(errstr), NULL); 33357c478bd9Sstevel@tonic-gate free(space); 33367c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED); 33377c478bd9Sstevel@tonic-gate default: 33387c478bd9Sstevel@tonic-gate free(space); 33397c478bd9Sstevel@tonic-gate return (NS_LDAP_OP_FAILED); 33407c478bd9Sstevel@tonic-gate } 33417c478bd9Sstevel@tonic-gate 33427ddae043Siz retCode = NS_LDAP_SUCCESS; 33437ddae043Siz 33447c478bd9Sstevel@tonic-gate /* copy info from door call to buffer here */ 3345e1dd0a2fSth cfghdr = &sptr->ldap_ret.ldap_u.config_str; 3346e1dd0a2fSth *buflen = offsetof(ldap_config_out_t, config_str) + 3347e1dd0a2fSth cfghdr->data_size + 1; 33487c478bd9Sstevel@tonic-gate *buffer = calloc(*buflen, sizeof (char)); 33497c478bd9Sstevel@tonic-gate if (*buffer == NULL) { 33507ddae043Siz retCode = NS_LDAP_MEMORY; 3351e1dd0a2fSth } else 3352e1dd0a2fSth (void) memcpy(*buffer, cfghdr, *buflen - 1); 33537c478bd9Sstevel@tonic-gate 33547c478bd9Sstevel@tonic-gate if (sptr != &space->s_d) { 33557c478bd9Sstevel@tonic-gate (void) munmap((char *)sptr, ndata); 33567c478bd9Sstevel@tonic-gate } 33577ddae043Siz free(space); 33587c478bd9Sstevel@tonic-gate 33597ddae043Siz return (retCode); 33607c478bd9Sstevel@tonic-gate } 33617c478bd9Sstevel@tonic-gate 33627c478bd9Sstevel@tonic-gate /* 33637c478bd9Sstevel@tonic-gate * SetDoorInfo parses ldapcachemgr configuration information 33647c478bd9Sstevel@tonic-gate * and verifies that the profile is version 1 or version 2 based. 33657c478bd9Sstevel@tonic-gate * version 2 profiles must have a version number as the first profile 33667c478bd9Sstevel@tonic-gate * attribute in the configuration. 33677c478bd9Sstevel@tonic-gate */ 33687c478bd9Sstevel@tonic-gate static ns_config_t * 33697c478bd9Sstevel@tonic-gate SetDoorInfo(char *buffer, ns_ldap_error_t **errorp) 33707c478bd9Sstevel@tonic-gate { 33717c478bd9Sstevel@tonic-gate ns_config_t *ptr; 33727c478bd9Sstevel@tonic-gate char errstr[MAXERROR], errbuf[MAXERROR]; 33737c478bd9Sstevel@tonic-gate char *name, *value, valbuf[BUFSIZE]; 33747c478bd9Sstevel@tonic-gate char *strptr; 33757c478bd9Sstevel@tonic-gate char *rest; 33767c478bd9Sstevel@tonic-gate char *bufptr = buffer; 33777c478bd9Sstevel@tonic-gate ParamIndexType i; 33787c478bd9Sstevel@tonic-gate int ret; 33797c478bd9Sstevel@tonic-gate int first = 1; 33807c478bd9Sstevel@tonic-gate int errfnd = 0; 3381e1dd0a2fSth ldap_config_out_t *cfghdr; 33827c478bd9Sstevel@tonic-gate 33837c478bd9Sstevel@tonic-gate if (errorp == NULL) 33847c478bd9Sstevel@tonic-gate return (NULL); 33857c478bd9Sstevel@tonic-gate *errorp = NULL; 33867c478bd9Sstevel@tonic-gate 33877c478bd9Sstevel@tonic-gate ptr = __s_api_create_config(); 33887c478bd9Sstevel@tonic-gate if (ptr == NULL) { 33897c478bd9Sstevel@tonic-gate return (NULL); 33907c478bd9Sstevel@tonic-gate } 33917c478bd9Sstevel@tonic-gate 3392e1dd0a2fSth /* get config cookie from the header */ 3393e1dd0a2fSth cfghdr = (ldap_config_out_t *)bufptr; 3394e1dd0a2fSth ptr->config_cookie = cfghdr->cookie; 3395e1dd0a2fSth bufptr = (char *)cfghdr->config_str; 3396e1dd0a2fSth 33977c478bd9Sstevel@tonic-gate strptr = (char *)strtok_r(bufptr, DOORLINESEP, &rest); 33987c478bd9Sstevel@tonic-gate for (; ; ) { 33997c478bd9Sstevel@tonic-gate if (strptr == NULL) 34007c478bd9Sstevel@tonic-gate break; 34017c478bd9Sstevel@tonic-gate (void) strlcpy(valbuf, strptr, sizeof (valbuf)); 34027c478bd9Sstevel@tonic-gate __s_api_split_key_value(valbuf, &name, &value); 34037c478bd9Sstevel@tonic-gate /* Use get_versiontype and check for V1 vs V2 prototypes */ 34047c478bd9Sstevel@tonic-gate if (__s_api_get_versiontype(ptr, name, &i) < 0) { 34057c478bd9Sstevel@tonic-gate (void) snprintf(errstr, sizeof (errstr), 34067ddae043Siz "%s (%s)\n", 34077ddae043Siz gettext("Illegal profile entry " 34087ddae043Siz "line in configuration."), 34097ddae043Siz name); 34107c478bd9Sstevel@tonic-gate errfnd++; 34117c478bd9Sstevel@tonic-gate /* Write verify routines and get rid of verify_value here */ 34127c478bd9Sstevel@tonic-gate } else if (verify_value(ptr, name, 34137ddae043Siz value, errbuf) != NS_SUCCESS) { 34147c478bd9Sstevel@tonic-gate (void) snprintf(errstr, sizeof (errstr), 34157ddae043Siz gettext("%s\n"), errbuf); 34167c478bd9Sstevel@tonic-gate errfnd++; 34177c478bd9Sstevel@tonic-gate } else if (!first && i == NS_LDAP_FILE_VERSION_P) { 34187c478bd9Sstevel@tonic-gate (void) snprintf(errstr, sizeof (errstr), 34197ddae043Siz gettext("Illegal NS_LDAP_FILE_VERSION " 34207ddae043Siz "line in configuration.\n")); 34217c478bd9Sstevel@tonic-gate errfnd++; 34227c478bd9Sstevel@tonic-gate } 34237c478bd9Sstevel@tonic-gate if (errfnd) { 34247c478bd9Sstevel@tonic-gate MKERROR(LOG_ERR, *errorp, NS_CONFIG_SYNTAX, 34257ddae043Siz strdup(errstr), NULL); 34267c478bd9Sstevel@tonic-gate } else { 34277c478bd9Sstevel@tonic-gate ret = set_default_value(ptr, name, value, errorp); 34287c478bd9Sstevel@tonic-gate } 34297c478bd9Sstevel@tonic-gate if (errfnd || ret != NS_SUCCESS) { 34307c478bd9Sstevel@tonic-gate __s_api_destroy_config(ptr); 34317c478bd9Sstevel@tonic-gate return (NULL); 34327c478bd9Sstevel@tonic-gate } 34337c478bd9Sstevel@tonic-gate first = 0; 34347c478bd9Sstevel@tonic-gate 34357c478bd9Sstevel@tonic-gate strptr = (char *)strtok_r(NULL, DOORLINESEP, &rest); 34367c478bd9Sstevel@tonic-gate } 34377c478bd9Sstevel@tonic-gate 34387c478bd9Sstevel@tonic-gate if (__s_api_crosscheck(ptr, errstr, B_TRUE) != NS_SUCCESS) { 34397c478bd9Sstevel@tonic-gate __s_api_destroy_config(ptr); 34407c478bd9Sstevel@tonic-gate MKERROR(LOG_WARNING, *errorp, NS_CONFIG_SYNTAX, strdup(errstr), 34417ddae043Siz NULL); 34427c478bd9Sstevel@tonic-gate return (NULL); 34437c478bd9Sstevel@tonic-gate } 34447c478bd9Sstevel@tonic-gate 34457c478bd9Sstevel@tonic-gate return (ptr); 34467c478bd9Sstevel@tonic-gate } 34477c478bd9Sstevel@tonic-gate 34487c478bd9Sstevel@tonic-gate static ns_config_t * 3449e1dd0a2fSth LoadCacheConfiguration(ns_config_t *oldcfg, ns_ldap_error_t **error) 34507c478bd9Sstevel@tonic-gate { 34517c478bd9Sstevel@tonic-gate char *buffer = NULL; 34527c478bd9Sstevel@tonic-gate int buflen = 0; 34537c478bd9Sstevel@tonic-gate int ret; 34547c478bd9Sstevel@tonic-gate ns_config_t *cfg; 3455e1dd0a2fSth ldap_config_out_t *cfghdr; 3456e1dd0a2fSth ldap_get_chg_cookie_t old_cookie; 3457e1dd0a2fSth ldap_get_chg_cookie_t new_cookie; 34587c478bd9Sstevel@tonic-gate 34597c478bd9Sstevel@tonic-gate *error = NULL; 34607c478bd9Sstevel@tonic-gate ret = __door_getldapconfig(&buffer, &buflen, error); 34617c478bd9Sstevel@tonic-gate 34627c478bd9Sstevel@tonic-gate if (ret != NS_LDAP_SUCCESS) { 34637c478bd9Sstevel@tonic-gate if (*error != NULL && (*error)->message != NULL) 34647c478bd9Sstevel@tonic-gate syslog(LOG_WARNING, "libsldap: %s", (*error)->message); 34657c478bd9Sstevel@tonic-gate return (NULL); 34667c478bd9Sstevel@tonic-gate } 34677c478bd9Sstevel@tonic-gate 3468e1dd0a2fSth /* No need to reload configuration if config cookie is the same */ 3469e1dd0a2fSth cfghdr = (ldap_config_out_t *)buffer; 3470e1dd0a2fSth new_cookie = cfghdr->cookie; 3471e1dd0a2fSth if (oldcfg != NULL) 3472e1dd0a2fSth old_cookie = oldcfg->config_cookie; 3473e1dd0a2fSth 3474e1dd0a2fSth if (oldcfg != NULL && old_cookie.mgr_pid == new_cookie.mgr_pid && 3475e1dd0a2fSth old_cookie.seq_num == new_cookie.seq_num) { 3476e1dd0a2fSth free(buffer); 3477e1dd0a2fSth return (oldcfg); 3478e1dd0a2fSth } 3479e1dd0a2fSth 34807c478bd9Sstevel@tonic-gate /* now convert from door format */ 34817c478bd9Sstevel@tonic-gate cfg = SetDoorInfo(buffer, error); 34827c478bd9Sstevel@tonic-gate free(buffer); 34837c478bd9Sstevel@tonic-gate 34847c478bd9Sstevel@tonic-gate if (cfg == NULL && *error != NULL && (*error)->message != NULL) 34857c478bd9Sstevel@tonic-gate syslog(LOG_WARNING, "libsldap: %s", (*error)->message); 34867c478bd9Sstevel@tonic-gate return (cfg); 34877c478bd9Sstevel@tonic-gate } 34887c478bd9Sstevel@tonic-gate 34897c478bd9Sstevel@tonic-gate /* 34907c478bd9Sstevel@tonic-gate * converts the time string into seconds. The time string can be specified 34917c478bd9Sstevel@tonic-gate * using one of the following time units: 34927c478bd9Sstevel@tonic-gate * #s (# of seconds) 34937c478bd9Sstevel@tonic-gate * #m (# of minutes) 34947c478bd9Sstevel@tonic-gate * #h (# of hours) 34957c478bd9Sstevel@tonic-gate * #d (# of days) 34967c478bd9Sstevel@tonic-gate * #w (# of weeks) 34977c478bd9Sstevel@tonic-gate * NOTE: you can only specify one the above. No combination of the above 34987c478bd9Sstevel@tonic-gate * units is allowed. If no unit specified, it will default to "seconds". 34997c478bd9Sstevel@tonic-gate */ 35007c478bd9Sstevel@tonic-gate static time_t 35017c478bd9Sstevel@tonic-gate conv_time(char *s) 35027c478bd9Sstevel@tonic-gate { 35037c478bd9Sstevel@tonic-gate time_t t; 35047c478bd9Sstevel@tonic-gate char c; 35057c478bd9Sstevel@tonic-gate int l, m; 35067c478bd9Sstevel@tonic-gate long tot; 35077c478bd9Sstevel@tonic-gate 35087c478bd9Sstevel@tonic-gate l = strlen(s); 35097c478bd9Sstevel@tonic-gate if (l == 0) 35107c478bd9Sstevel@tonic-gate return (0); 35117c478bd9Sstevel@tonic-gate c = s[--l]; 35127c478bd9Sstevel@tonic-gate m = 0; 35137c478bd9Sstevel@tonic-gate switch (c) { 35147c478bd9Sstevel@tonic-gate case 'w': /* weeks */ 35157c478bd9Sstevel@tonic-gate m = 604800; 35167c478bd9Sstevel@tonic-gate break; 35177c478bd9Sstevel@tonic-gate case 'd': /* days */ 35187c478bd9Sstevel@tonic-gate m = 86400; 35197c478bd9Sstevel@tonic-gate break; 35207c478bd9Sstevel@tonic-gate case 'h': /* hours */ 35217c478bd9Sstevel@tonic-gate m = 3600; 35227c478bd9Sstevel@tonic-gate break; 35237c478bd9Sstevel@tonic-gate case 'm': /* minutes */ 35247c478bd9Sstevel@tonic-gate m = 60; 35257c478bd9Sstevel@tonic-gate break; 35267c478bd9Sstevel@tonic-gate case 's': /* seconds */ 35277c478bd9Sstevel@tonic-gate m = 1; 35287c478bd9Sstevel@tonic-gate break; 35297c478bd9Sstevel@tonic-gate /* the default case is set to "second" */ 35307c478bd9Sstevel@tonic-gate } 35317c478bd9Sstevel@tonic-gate if (m != 0) 35327c478bd9Sstevel@tonic-gate s[l] = '\0'; 35337c478bd9Sstevel@tonic-gate else 35347c478bd9Sstevel@tonic-gate m = 1; 35357c478bd9Sstevel@tonic-gate errno = 0; 35367c478bd9Sstevel@tonic-gate tot = atol(s); 35377c478bd9Sstevel@tonic-gate if ((0 == tot) && (EINVAL == errno)) 35387c478bd9Sstevel@tonic-gate return (0); 35397c478bd9Sstevel@tonic-gate if (((LONG_MAX == tot) || (LONG_MIN == tot)) && (EINVAL == errno)) 35407c478bd9Sstevel@tonic-gate return (0); 35417c478bd9Sstevel@tonic-gate 35427c478bd9Sstevel@tonic-gate tot = tot * m; 35437c478bd9Sstevel@tonic-gate t = (time_t)tot; 35447c478bd9Sstevel@tonic-gate return (t); 35457c478bd9Sstevel@tonic-gate } 35467c478bd9Sstevel@tonic-gate 35477c478bd9Sstevel@tonic-gate 35487c478bd9Sstevel@tonic-gate ns_auth_t * 35497c478bd9Sstevel@tonic-gate __s_api_AuthEnumtoStruct(const EnumAuthType_t i) 35507c478bd9Sstevel@tonic-gate { 35517c478bd9Sstevel@tonic-gate ns_auth_t *ap; 35527c478bd9Sstevel@tonic-gate 35537c478bd9Sstevel@tonic-gate ap = (ns_auth_t *)calloc(1, sizeof (ns_auth_t)); 35547c478bd9Sstevel@tonic-gate if (ap == NULL) 35557c478bd9Sstevel@tonic-gate return (NULL); 35567c478bd9Sstevel@tonic-gate switch (i) { 35577c478bd9Sstevel@tonic-gate case NS_LDAP_EA_NONE: 35587c478bd9Sstevel@tonic-gate break; 35597c478bd9Sstevel@tonic-gate case NS_LDAP_EA_SIMPLE: 35607c478bd9Sstevel@tonic-gate ap->type = NS_LDAP_AUTH_SIMPLE; 35617c478bd9Sstevel@tonic-gate break; 35627c478bd9Sstevel@tonic-gate case NS_LDAP_EA_SASL_CRAM_MD5: 35637c478bd9Sstevel@tonic-gate ap->type = NS_LDAP_AUTH_SASL; 35647c478bd9Sstevel@tonic-gate ap->saslmech = NS_LDAP_SASL_CRAM_MD5; 35657c478bd9Sstevel@tonic-gate break; 35667c478bd9Sstevel@tonic-gate case NS_LDAP_EA_SASL_DIGEST_MD5: 35677c478bd9Sstevel@tonic-gate ap->type = NS_LDAP_AUTH_SASL; 35687c478bd9Sstevel@tonic-gate ap->saslmech = NS_LDAP_SASL_DIGEST_MD5; 35697c478bd9Sstevel@tonic-gate break; 35707c478bd9Sstevel@tonic-gate case NS_LDAP_EA_SASL_DIGEST_MD5_INT: 35717c478bd9Sstevel@tonic-gate ap->type = NS_LDAP_AUTH_SASL; 35727c478bd9Sstevel@tonic-gate ap->saslmech = NS_LDAP_SASL_DIGEST_MD5; 35737c478bd9Sstevel@tonic-gate ap->saslopt = NS_LDAP_SASLOPT_INT; 35747c478bd9Sstevel@tonic-gate break; 35757c478bd9Sstevel@tonic-gate case NS_LDAP_EA_SASL_DIGEST_MD5_CONF: 35767c478bd9Sstevel@tonic-gate ap->type = NS_LDAP_AUTH_SASL; 35777c478bd9Sstevel@tonic-gate ap->saslmech = NS_LDAP_SASL_DIGEST_MD5; 35787c478bd9Sstevel@tonic-gate ap->saslopt = NS_LDAP_SASLOPT_PRIV; 35797c478bd9Sstevel@tonic-gate break; 35807c478bd9Sstevel@tonic-gate case NS_LDAP_EA_SASL_EXTERNAL: 35817c478bd9Sstevel@tonic-gate ap->type = NS_LDAP_AUTH_SASL; 35827c478bd9Sstevel@tonic-gate ap->saslmech = NS_LDAP_SASL_EXTERNAL; 35837c478bd9Sstevel@tonic-gate break; 3584cb5caa98Sdjl case NS_LDAP_EA_SASL_GSSAPI: 3585cb5caa98Sdjl ap->type = NS_LDAP_AUTH_SASL; 3586cb5caa98Sdjl ap->saslmech = NS_LDAP_SASL_GSSAPI; 3587cb5caa98Sdjl ap->saslopt = NS_LDAP_SASLOPT_INT | 35887ddae043Siz NS_LDAP_SASLOPT_PRIV; 3589cb5caa98Sdjl break; 35907c478bd9Sstevel@tonic-gate case NS_LDAP_EA_TLS_NONE: 35917c478bd9Sstevel@tonic-gate ap->type = NS_LDAP_AUTH_TLS; 35927c478bd9Sstevel@tonic-gate ap->tlstype = NS_LDAP_TLS_NONE; 35937c478bd9Sstevel@tonic-gate break; 35947c478bd9Sstevel@tonic-gate case NS_LDAP_EA_TLS_SIMPLE: 35957c478bd9Sstevel@tonic-gate ap->type = NS_LDAP_AUTH_TLS; 35967c478bd9Sstevel@tonic-gate ap->tlstype = NS_LDAP_TLS_SIMPLE; 35977c478bd9Sstevel@tonic-gate break; 35987c478bd9Sstevel@tonic-gate case NS_LDAP_EA_TLS_SASL_CRAM_MD5: 35997c478bd9Sstevel@tonic-gate ap->type = NS_LDAP_AUTH_TLS; 36007c478bd9Sstevel@tonic-gate ap->tlstype = NS_LDAP_TLS_SASL; 36017c478bd9Sstevel@tonic-gate ap->saslmech = NS_LDAP_SASL_CRAM_MD5; 36027c478bd9Sstevel@tonic-gate break; 36037c478bd9Sstevel@tonic-gate case NS_LDAP_EA_TLS_SASL_DIGEST_MD5: 36047c478bd9Sstevel@tonic-gate ap->type = NS_LDAP_AUTH_TLS; 36057c478bd9Sstevel@tonic-gate ap->tlstype = NS_LDAP_TLS_SASL; 36067c478bd9Sstevel@tonic-gate ap->saslmech = NS_LDAP_SASL_DIGEST_MD5; 36077c478bd9Sstevel@tonic-gate break; 36087c478bd9Sstevel@tonic-gate case NS_LDAP_EA_TLS_SASL_DIGEST_MD5_INT: 36097c478bd9Sstevel@tonic-gate ap->type = NS_LDAP_AUTH_TLS; 36107c478bd9Sstevel@tonic-gate ap->tlstype = NS_LDAP_TLS_SASL; 36117c478bd9Sstevel@tonic-gate ap->saslmech = NS_LDAP_SASL_DIGEST_MD5; 36127c478bd9Sstevel@tonic-gate ap->saslopt = NS_LDAP_SASLOPT_INT; 36137c478bd9Sstevel@tonic-gate break; 36147c478bd9Sstevel@tonic-gate case NS_LDAP_EA_TLS_SASL_DIGEST_MD5_CONF: 36157c478bd9Sstevel@tonic-gate ap->type = NS_LDAP_AUTH_TLS; 36167c478bd9Sstevel@tonic-gate ap->tlstype = NS_LDAP_TLS_SASL; 36177c478bd9Sstevel@tonic-gate ap->saslmech = NS_LDAP_SASL_DIGEST_MD5; 36187c478bd9Sstevel@tonic-gate ap->saslopt = NS_LDAP_SASLOPT_PRIV; 36197c478bd9Sstevel@tonic-gate break; 36207c478bd9Sstevel@tonic-gate case NS_LDAP_EA_TLS_SASL_EXTERNAL: 36217c478bd9Sstevel@tonic-gate ap->type = NS_LDAP_AUTH_TLS; 36227c478bd9Sstevel@tonic-gate ap->tlstype = NS_LDAP_TLS_SASL; 36237c478bd9Sstevel@tonic-gate ap->saslmech = NS_LDAP_SASL_EXTERNAL; 36247c478bd9Sstevel@tonic-gate break; 36257c478bd9Sstevel@tonic-gate default: 36267c478bd9Sstevel@tonic-gate /* should never get here */ 36277c478bd9Sstevel@tonic-gate free(ap); 36287c478bd9Sstevel@tonic-gate return (NULL); 36297c478bd9Sstevel@tonic-gate } 36307c478bd9Sstevel@tonic-gate return (ap); 36317c478bd9Sstevel@tonic-gate } 36327c478bd9Sstevel@tonic-gate 36337c478bd9Sstevel@tonic-gate 36347c478bd9Sstevel@tonic-gate /* 36357c478bd9Sstevel@tonic-gate * Parameter Index Type validation routines 36367c478bd9Sstevel@tonic-gate */ 36377c478bd9Sstevel@tonic-gate 36387c478bd9Sstevel@tonic-gate /* Validate a positive integer */ 36397c478bd9Sstevel@tonic-gate /* Size of errbuf needs to be MAXERROR */ 36407c478bd9Sstevel@tonic-gate /* ARGSUSED */ 36417c478bd9Sstevel@tonic-gate static int 36427c478bd9Sstevel@tonic-gate __s_val_postime(ParamIndexType i, ns_default_config *def, 36437c478bd9Sstevel@tonic-gate ns_param_t *param, char *errbuf) 36447c478bd9Sstevel@tonic-gate { 36457c478bd9Sstevel@tonic-gate char *cp; 36467c478bd9Sstevel@tonic-gate long tot; 36477c478bd9Sstevel@tonic-gate 36487c478bd9Sstevel@tonic-gate if (param && param->ns_ptype == CHARPTR && param->ns_pc) { 36497c478bd9Sstevel@tonic-gate for (cp = param->ns_pc; cp && *cp; cp++) { 36507c478bd9Sstevel@tonic-gate if (*cp >= '0' && *cp <= '9') 36517c478bd9Sstevel@tonic-gate continue; 36527c478bd9Sstevel@tonic-gate switch (*cp) { 36537c478bd9Sstevel@tonic-gate case 'w': /* weeks */ 36547c478bd9Sstevel@tonic-gate case 'd': /* days */ 36557c478bd9Sstevel@tonic-gate case 'h': /* hours */ 36567c478bd9Sstevel@tonic-gate case 'm': /* minutes */ 36577c478bd9Sstevel@tonic-gate case 's': /* seconds */ 36587c478bd9Sstevel@tonic-gate if (*(cp+1) == '\0') { 36597c478bd9Sstevel@tonic-gate break; 36607c478bd9Sstevel@tonic-gate } 36617c478bd9Sstevel@tonic-gate default: 36627c478bd9Sstevel@tonic-gate (void) strcpy(errbuf, "Illegal time value"); 36637c478bd9Sstevel@tonic-gate return (NS_PARSE_ERR); 36647c478bd9Sstevel@tonic-gate } 36657c478bd9Sstevel@tonic-gate } 36667c478bd9Sstevel@tonic-gate /* Valid form: [0-9][0-9]*[wdhms]* */ 36677c478bd9Sstevel@tonic-gate tot = atol(param->ns_pc); /* check overflow */ 36687c478bd9Sstevel@tonic-gate if (tot >= 0) 36697c478bd9Sstevel@tonic-gate return (NS_SUCCESS); 36707c478bd9Sstevel@tonic-gate } 36717c478bd9Sstevel@tonic-gate (void) snprintf(errbuf, MAXERROR, 36727ddae043Siz gettext("Illegal time value in %s"), def->name); 36737c478bd9Sstevel@tonic-gate return (NS_PARSE_ERR); 36747c478bd9Sstevel@tonic-gate } 36757c478bd9Sstevel@tonic-gate 36767c478bd9Sstevel@tonic-gate 36777c478bd9Sstevel@tonic-gate /* Validate the Base DN */ 36787c478bd9Sstevel@tonic-gate /* It can be empty (RootDSE request) or needs to have an '=' */ 36797c478bd9Sstevel@tonic-gate /* Size of errbuf needs to be MAXERROR */ 36807c478bd9Sstevel@tonic-gate /* ARGSUSED */ 36817c478bd9Sstevel@tonic-gate static int 36827c478bd9Sstevel@tonic-gate __s_val_basedn(ParamIndexType i, ns_default_config *def, 36837c478bd9Sstevel@tonic-gate ns_param_t *param, char *errbuf) 36847c478bd9Sstevel@tonic-gate { 36857c478bd9Sstevel@tonic-gate if (param && param->ns_ptype == CHARPTR && 36867c478bd9Sstevel@tonic-gate i == NS_LDAP_SEARCH_BASEDN_P && 36877ddae043Siz ((param->ns_pc == NULL) || /* empty */ 36887ddae043Siz (*(param->ns_pc) == '\0') || /* empty */ 36897ddae043Siz (strchr(param->ns_pc, '=') != NULL))) /* '=' */ 36907c478bd9Sstevel@tonic-gate { 36917c478bd9Sstevel@tonic-gate return (NS_SUCCESS); 36927c478bd9Sstevel@tonic-gate } 36937c478bd9Sstevel@tonic-gate (void) snprintf(errbuf, MAXERROR, 36947ddae043Siz gettext("Non-existent or invalid DN in %s"), 36957ddae043Siz def->name); 36967c478bd9Sstevel@tonic-gate return (NS_PARSE_ERR); 36977c478bd9Sstevel@tonic-gate } 36987c478bd9Sstevel@tonic-gate 36997c478bd9Sstevel@tonic-gate 37007c478bd9Sstevel@tonic-gate /* Validate the serverList */ 37017c478bd9Sstevel@tonic-gate /* For each server in list, check if valid IP or hostname */ 37027c478bd9Sstevel@tonic-gate /* Size of errbuf needs to be MAXERROR */ 37037c478bd9Sstevel@tonic-gate /* ARGSUSED */ 37047c478bd9Sstevel@tonic-gate static int 37057c478bd9Sstevel@tonic-gate __s_val_serverList(ParamIndexType i, ns_default_config *def, 37067c478bd9Sstevel@tonic-gate ns_param_t *param, char *errbuf) 37077c478bd9Sstevel@tonic-gate { 37087c478bd9Sstevel@tonic-gate for (i = 0; i < param->ns_acnt; i++) { 37097c478bd9Sstevel@tonic-gate if ((__s_api_isipv4(param->ns_ppc[i])) || 37107ddae043Siz (__s_api_isipv6(param->ns_ppc[i])) || 37117ddae043Siz (__s_api_ishost(param->ns_ppc[i]))) { 37127c478bd9Sstevel@tonic-gate continue; 37137c478bd9Sstevel@tonic-gate } 37147c478bd9Sstevel@tonic-gate /* err */ 37157c478bd9Sstevel@tonic-gate (void) snprintf(errbuf, MAXERROR, 37167ddae043Siz gettext("Invalid server (%s) in %s"), 37177ddae043Siz param->ns_ppc[i], def->name); 37187c478bd9Sstevel@tonic-gate return (NS_PARSE_ERR); 37197c478bd9Sstevel@tonic-gate } 37207c478bd9Sstevel@tonic-gate 37217c478bd9Sstevel@tonic-gate return (NS_SUCCESS); 37227c478bd9Sstevel@tonic-gate } 37237c478bd9Sstevel@tonic-gate 37247c478bd9Sstevel@tonic-gate 37257c478bd9Sstevel@tonic-gate /* Check for a BINDDN */ 37267c478bd9Sstevel@tonic-gate /* It can not be empty and needs to have an '=' */ 37277c478bd9Sstevel@tonic-gate /* Size of errbuf needs to be MAXERROR */ 37287c478bd9Sstevel@tonic-gate /* ARGSUSED */ 37297c478bd9Sstevel@tonic-gate static int 37307c478bd9Sstevel@tonic-gate __s_val_binddn(ParamIndexType i, ns_default_config *def, 37317c478bd9Sstevel@tonic-gate ns_param_t *param, char *errbuf) 37327c478bd9Sstevel@tonic-gate { 37337c478bd9Sstevel@tonic-gate if (param && param->ns_ptype == CHARPTR && 37347c478bd9Sstevel@tonic-gate i == NS_LDAP_BINDDN_P && 37357ddae043Siz ((param->ns_pc == NULL) || 37367ddae043Siz ((*(param->ns_pc) != '\0') && 37377ddae043Siz (strchr(param->ns_pc, '=') != NULL)))) { 37387c478bd9Sstevel@tonic-gate return (NS_SUCCESS); 37397c478bd9Sstevel@tonic-gate } 37407c478bd9Sstevel@tonic-gate (void) snprintf(errbuf, MAXERROR, 37417ddae043Siz gettext("NULL or invalid proxy bind DN")); 37427c478bd9Sstevel@tonic-gate return (NS_PARSE_ERR); 37437c478bd9Sstevel@tonic-gate } 37447c478bd9Sstevel@tonic-gate 37457c478bd9Sstevel@tonic-gate 37467c478bd9Sstevel@tonic-gate /* Check for a BINDPASSWD */ 37477c478bd9Sstevel@tonic-gate /* The string can not be NULL or empty */ 37487c478bd9Sstevel@tonic-gate /* Size of errbuf needs to be MAXERROR */ 37497c478bd9Sstevel@tonic-gate /* ARGSUSED */ 37507c478bd9Sstevel@tonic-gate static int 37517c478bd9Sstevel@tonic-gate __s_val_bindpw(ParamIndexType i, ns_default_config *def, 37527c478bd9Sstevel@tonic-gate ns_param_t *param, char *errbuf) 37537c478bd9Sstevel@tonic-gate { 37547c478bd9Sstevel@tonic-gate if (param && param->ns_ptype == CHARPTR && 37557c478bd9Sstevel@tonic-gate i == NS_LDAP_BINDPASSWD_P && 37567ddae043Siz ((param->ns_pc == NULL) || 37577ddae043Siz (*(param->ns_pc) != '\0'))) { 37587c478bd9Sstevel@tonic-gate return (NS_SUCCESS); 37597c478bd9Sstevel@tonic-gate } 37607c478bd9Sstevel@tonic-gate (void) snprintf(errbuf, MAXERROR, 37617ddae043Siz gettext("NULL proxy bind password")); 37627c478bd9Sstevel@tonic-gate return (NS_PARSE_ERR); 37637c478bd9Sstevel@tonic-gate } 37647c478bd9Sstevel@tonic-gate 37657c478bd9Sstevel@tonic-gate /* 37667c478bd9Sstevel@tonic-gate * __s_get_hostcertpath returns either the configured host certificate path 37677c478bd9Sstevel@tonic-gate * or, if none, the default host certificate path (/var/ldap). Note that this 37687c478bd9Sstevel@tonic-gate * does not use __ns_ldap_getParam because it may be called during connection 37697c478bd9Sstevel@tonic-gate * setup. This can fail due to insufficient memory. 37707c478bd9Sstevel@tonic-gate */ 37717c478bd9Sstevel@tonic-gate 37727c478bd9Sstevel@tonic-gate char * 37737c478bd9Sstevel@tonic-gate __s_get_hostcertpath(void) 37747c478bd9Sstevel@tonic-gate { 37757c478bd9Sstevel@tonic-gate ns_config_t *cfg; 37767c478bd9Sstevel@tonic-gate ns_param_t *param; 37777c478bd9Sstevel@tonic-gate char *ret = NULL; 37787c478bd9Sstevel@tonic-gate 37797c478bd9Sstevel@tonic-gate cfg = __s_api_get_default_config(); 37807c478bd9Sstevel@tonic-gate if (cfg != NULL) { 37817c478bd9Sstevel@tonic-gate param = &cfg->paramList[NS_LDAP_HOST_CERTPATH_P]; 37827c478bd9Sstevel@tonic-gate if (param->ns_ptype == CHARPTR) 37837c478bd9Sstevel@tonic-gate ret = strdup(param->ns_pc); 37847c478bd9Sstevel@tonic-gate __s_api_release_config(cfg); 37857c478bd9Sstevel@tonic-gate } 37867c478bd9Sstevel@tonic-gate if (ret == NULL) 37877c478bd9Sstevel@tonic-gate ret = strdup(NSLDAPDIRECTORY); 37887c478bd9Sstevel@tonic-gate return (ret); 37897c478bd9Sstevel@tonic-gate } 37907c478bd9Sstevel@tonic-gate 37917c478bd9Sstevel@tonic-gate static void 37927c478bd9Sstevel@tonic-gate _free_config() 37937c478bd9Sstevel@tonic-gate { 37947c478bd9Sstevel@tonic-gate if (current_config != NULL) 37957c478bd9Sstevel@tonic-gate destroy_config(current_config); 37967c478bd9Sstevel@tonic-gate 37977c478bd9Sstevel@tonic-gate current_config = NULL; 37987c478bd9Sstevel@tonic-gate } 3799