17c478bd9Sstevel@tonic-gate /* 27c478bd9Sstevel@tonic-gate * CDDL HEADER START 37c478bd9Sstevel@tonic-gate * 47c478bd9Sstevel@tonic-gate * The contents of this file are subject to the terms of the 5*7800901eSjbeck * Common Development and Distribution License (the "License"). 6*7800901eSjbeck * You may not use this file except in compliance with the License. 77c478bd9Sstevel@tonic-gate * 87c478bd9Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 97c478bd9Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 107c478bd9Sstevel@tonic-gate * See the License for the specific language governing permissions 117c478bd9Sstevel@tonic-gate * and limitations under the License. 127c478bd9Sstevel@tonic-gate * 137c478bd9Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 147c478bd9Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 157c478bd9Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 167c478bd9Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 177c478bd9Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 187c478bd9Sstevel@tonic-gate * 197c478bd9Sstevel@tonic-gate * CDDL HEADER END 207c478bd9Sstevel@tonic-gate */ 21*7800901eSjbeck 227c478bd9Sstevel@tonic-gate /* 23*7800901eSjbeck * Copyright 2007 Sun Microsystems, Inc. All rights reserved. 247c478bd9Sstevel@tonic-gate * Use is subject to license terms. 257c478bd9Sstevel@tonic-gate */ 267c478bd9Sstevel@tonic-gate 277c478bd9Sstevel@tonic-gate #pragma ident "%Z%%M% %I% %E% SMI" 287c478bd9Sstevel@tonic-gate 297c478bd9Sstevel@tonic-gate #include <stdlib.h> 307c478bd9Sstevel@tonic-gate #include <libintl.h> 317c478bd9Sstevel@tonic-gate #include <stdio.h> 327c478bd9Sstevel@tonic-gate #include <errno.h> 337c478bd9Sstevel@tonic-gate #include <strings.h> 347c478bd9Sstevel@tonic-gate #include "ns_sldap.h" 357c478bd9Sstevel@tonic-gate #include "ns_internal.h" 367c478bd9Sstevel@tonic-gate 377c478bd9Sstevel@tonic-gate /* 387c478bd9Sstevel@tonic-gate * getldaplaliasbyname() retrieves the aliases information from the LDAP server. 397c478bd9Sstevel@tonic-gate * This is requires that the LDAP naming information (ie. LDAP_CLIENT_CACHE 407c478bd9Sstevel@tonic-gate * file) is configured properly on the client machine. 417c478bd9Sstevel@tonic-gate * 427c478bd9Sstevel@tonic-gate * Return value: 437c478bd9Sstevel@tonic-gate * 0 = success; 447c478bd9Sstevel@tonic-gate * 1 = alias not found; 457c478bd9Sstevel@tonic-gate * -1 = other failure. Contents in answer are undefined. 467c478bd9Sstevel@tonic-gate */ 477c478bd9Sstevel@tonic-gate 487c478bd9Sstevel@tonic-gate #define ALIAS_FILTER "(&(objectclass=mailgroup)(|(cn=%s)(mail=%s)))" 497c478bd9Sstevel@tonic-gate #define ALIAS_FILTER_SSD "(&(%%s)(|(cn=%s)(mail=%s)))" 507c478bd9Sstevel@tonic-gate #define MAIL_CN "cn" 517c478bd9Sstevel@tonic-gate #define MAIL_ATTRIBUTE "mail" 527c478bd9Sstevel@tonic-gate #define MAIL_MEMBER "mgrpRFC822MailMember" 537c478bd9Sstevel@tonic-gate 547c478bd9Sstevel@tonic-gate /* 557c478bd9Sstevel@tonic-gate * This is a generic filter call back function for 567c478bd9Sstevel@tonic-gate * merging the filter from service search descriptor with 577c478bd9Sstevel@tonic-gate * an existing search filter. This routine expects userdata 587c478bd9Sstevel@tonic-gate * contain a format string with a single %s in it, and will 597c478bd9Sstevel@tonic-gate * use the format string with sprintf() to insert the SSD filter. 607c478bd9Sstevel@tonic-gate * 617c478bd9Sstevel@tonic-gate * This routine is passed to the __ns_ldap_list() API as the 627c478bd9Sstevel@tonic-gate * filter call back together with filter and userdata. For example, 637c478bd9Sstevel@tonic-gate * "(&(objectclass=mailgroup)(|(cn=abc)(mail=abc)))" as filter 647c478bd9Sstevel@tonic-gate * and "(&(%s)(|(cn=abc)(mail=abc)))" as userdata. 657c478bd9Sstevel@tonic-gate * This routine will then be called by __ns_ldap_list() to output 667c478bd9Sstevel@tonic-gate * "(&(dept=sds)(|(cn=abc)(mail=abc)))" as the real search 677c478bd9Sstevel@tonic-gate * filter, if the input SSD contains a filter "dpet=sds". 687c478bd9Sstevel@tonic-gate */ 697c478bd9Sstevel@tonic-gate int 707c478bd9Sstevel@tonic-gate __s_api_merge_SSD_filter(const ns_ldap_search_desc_t *desc, 717c478bd9Sstevel@tonic-gate char **realfilter, 727c478bd9Sstevel@tonic-gate const void *userdata) 737c478bd9Sstevel@tonic-gate { 747c478bd9Sstevel@tonic-gate int len; 757c478bd9Sstevel@tonic-gate 767c478bd9Sstevel@tonic-gate /* sanity check */ 777c478bd9Sstevel@tonic-gate if (realfilter == NULL) 787c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 797c478bd9Sstevel@tonic-gate *realfilter = NULL; 807c478bd9Sstevel@tonic-gate 817c478bd9Sstevel@tonic-gate if (desc == NULL || desc->filter == NULL || 827c478bd9Sstevel@tonic-gate userdata == NULL) 837c478bd9Sstevel@tonic-gate return (NS_LDAP_INVALID_PARAM); 847c478bd9Sstevel@tonic-gate 857c478bd9Sstevel@tonic-gate len = strlen(userdata) + strlen(desc->filter) + 1; 867c478bd9Sstevel@tonic-gate 877c478bd9Sstevel@tonic-gate *realfilter = (char *)malloc(len); 887c478bd9Sstevel@tonic-gate if (*realfilter == NULL) 897c478bd9Sstevel@tonic-gate return (NS_LDAP_MEMORY); 907c478bd9Sstevel@tonic-gate 917c478bd9Sstevel@tonic-gate (void) sprintf(*realfilter, (char *)userdata, 927c478bd9Sstevel@tonic-gate desc->filter); 937c478bd9Sstevel@tonic-gate 947c478bd9Sstevel@tonic-gate return (NS_LDAP_SUCCESS); 957c478bd9Sstevel@tonic-gate } 96*7800901eSjbeck char * 97*7800901eSjbeck __getldapaliasbyname(char *alias, int *retval) 987c478bd9Sstevel@tonic-gate { 997c478bd9Sstevel@tonic-gate char *service = "aliases"; 1007c478bd9Sstevel@tonic-gate char filter[BUFSIZE]; 1017c478bd9Sstevel@tonic-gate char userdata[BUFSIZE]; 1027c478bd9Sstevel@tonic-gate char *attribute[2]; 1037c478bd9Sstevel@tonic-gate ns_ldap_result_t *result = NULL; 1047c478bd9Sstevel@tonic-gate ns_ldap_error_t *errorp = NULL; 1057c478bd9Sstevel@tonic-gate int rc, i, j, len, comma; 1067c478bd9Sstevel@tonic-gate ns_ldap_entry_t *entry = NULL; 1077c478bd9Sstevel@tonic-gate char **attr_value = NULL; 108*7800901eSjbeck char *answer, *new_answer; 109*7800901eSjbeck size_t ans_size = BUFSIZE; 1107c478bd9Sstevel@tonic-gate 111*7800901eSjbeck if (!alias || !*alias) { 1127c478bd9Sstevel@tonic-gate errno = EINVAL; 113*7800901eSjbeck *retval = -1; 114*7800901eSjbeck return (NULL); 1157c478bd9Sstevel@tonic-gate } 1167c478bd9Sstevel@tonic-gate 117*7800901eSjbeck answer = malloc(ans_size); 118*7800901eSjbeck if (answer == NULL) { 119*7800901eSjbeck errno = ENOMEM; 120*7800901eSjbeck *retval = -1; 121*7800901eSjbeck return (NULL); 122*7800901eSjbeck } 1237c478bd9Sstevel@tonic-gate answer[0] = '\0'; 1247c478bd9Sstevel@tonic-gate 1257c478bd9Sstevel@tonic-gate /* get the aliases */ 1267c478bd9Sstevel@tonic-gate if (snprintf(filter, sizeof (filter), ALIAS_FILTER, alias, alias) < 0) { 1277c478bd9Sstevel@tonic-gate errno = EINVAL; 128*7800901eSjbeck *retval = -1; 129*7800901eSjbeck return (NULL); 1307c478bd9Sstevel@tonic-gate } 1317c478bd9Sstevel@tonic-gate 1327c478bd9Sstevel@tonic-gate /* get the userdata for __ns_ldap_list filter call back */ 1337c478bd9Sstevel@tonic-gate if (snprintf(userdata, sizeof (userdata), ALIAS_FILTER_SSD, 1347c478bd9Sstevel@tonic-gate alias, alias) < 0) { 1357c478bd9Sstevel@tonic-gate errno = EINVAL; 136*7800901eSjbeck *retval = -1; 137*7800901eSjbeck return (NULL); 1387c478bd9Sstevel@tonic-gate } 1397c478bd9Sstevel@tonic-gate 1407c478bd9Sstevel@tonic-gate attribute[0] = MAIL_MEMBER; 1417c478bd9Sstevel@tonic-gate attribute[1] = NULL; 1427c478bd9Sstevel@tonic-gate 1437c478bd9Sstevel@tonic-gate /* should we do hardlookup */ 1447c478bd9Sstevel@tonic-gate rc = __ns_ldap_list(service, (const char *)filter, 1457c478bd9Sstevel@tonic-gate __s_api_merge_SSD_filter, 1467c478bd9Sstevel@tonic-gate (const char **)attribute, NULL, 0, &result, 1477c478bd9Sstevel@tonic-gate &errorp, NULL, userdata); 1487c478bd9Sstevel@tonic-gate 1497c478bd9Sstevel@tonic-gate if (rc == NS_LDAP_NOTFOUND) { 1507c478bd9Sstevel@tonic-gate errno = ENOENT; 151*7800901eSjbeck *retval = 1; 152*7800901eSjbeck return (NULL); 1537c478bd9Sstevel@tonic-gate } else if (rc != NS_LDAP_SUCCESS) { 1547c478bd9Sstevel@tonic-gate #ifdef DEBUG 1557c478bd9Sstevel@tonic-gate char *p; 1567c478bd9Sstevel@tonic-gate (void) __ns_ldap_err2str(rc, &p); 1577c478bd9Sstevel@tonic-gate if (errorp) { 1587c478bd9Sstevel@tonic-gate if (errorp->message) 1597c478bd9Sstevel@tonic-gate (void) fprintf(stderr, "%s (%s)\n", p, 1607c478bd9Sstevel@tonic-gate errorp->message); 1617c478bd9Sstevel@tonic-gate } else 1627c478bd9Sstevel@tonic-gate (void) fprintf(stderr, "%s\n", p); 1637c478bd9Sstevel@tonic-gate #endif /* DEBUG */ 1647c478bd9Sstevel@tonic-gate (void) __ns_ldap_freeError(&errorp); 165*7800901eSjbeck *retval = -1; 166*7800901eSjbeck return (NULL); 1677c478bd9Sstevel@tonic-gate } 1687c478bd9Sstevel@tonic-gate 1697c478bd9Sstevel@tonic-gate /* build the return value */ 1707c478bd9Sstevel@tonic-gate answer[0] = '\0'; 1717c478bd9Sstevel@tonic-gate len = 0; 1727c478bd9Sstevel@tonic-gate comma = 0; 1737c478bd9Sstevel@tonic-gate entry = result->entry; 1747c478bd9Sstevel@tonic-gate for (i = 0; i < result->entries_count; i++) { 1757c478bd9Sstevel@tonic-gate attr_value = __ns_ldap_getAttr(entry, MAIL_MEMBER); 1767c478bd9Sstevel@tonic-gate if (attr_value == NULL) { 1777c478bd9Sstevel@tonic-gate errno = ENOENT; 178*7800901eSjbeck *retval = -1; 179*7800901eSjbeck return (NULL); 1807c478bd9Sstevel@tonic-gate } 1817c478bd9Sstevel@tonic-gate for (j = 0; attr_value[j]; j++) { 1827c478bd9Sstevel@tonic-gate char *tmp, *newhead; 1837c478bd9Sstevel@tonic-gate 1847c478bd9Sstevel@tonic-gate tmp = attr_value[j]; 1857c478bd9Sstevel@tonic-gate while (*tmp == ' ' || *tmp == '\t' && *tmp != '\0') 1867c478bd9Sstevel@tonic-gate tmp++; 1877c478bd9Sstevel@tonic-gate newhead = tmp; 1887c478bd9Sstevel@tonic-gate while (*tmp != '\0') tmp++; 1897c478bd9Sstevel@tonic-gate while (*tmp == ' ' || *tmp == '\t' || *tmp == '\0' && 1907c478bd9Sstevel@tonic-gate tmp != newhead) { 1917c478bd9Sstevel@tonic-gate *tmp-- = '\0'; 1927c478bd9Sstevel@tonic-gate } 1937c478bd9Sstevel@tonic-gate len = len + comma + strlen(newhead); 194*7800901eSjbeck if ((len + 1) > ans_size) { 195*7800901eSjbeck ans_size += BUFSIZE; 196*7800901eSjbeck new_answer = realloc(answer, ans_size); 197*7800901eSjbeck if (new_answer == NULL) { 198*7800901eSjbeck (void) __ns_ldap_freeResult(&result); 199*7800901eSjbeck errno = ENOMEM; 200*7800901eSjbeck *retval = -1; 201*7800901eSjbeck free(answer); 202*7800901eSjbeck return (NULL); 203*7800901eSjbeck } 204*7800901eSjbeck answer = new_answer; 2057c478bd9Sstevel@tonic-gate } 2067c478bd9Sstevel@tonic-gate if (comma) 2077c478bd9Sstevel@tonic-gate (void) strcat(answer, ","); 2087c478bd9Sstevel@tonic-gate else 2097c478bd9Sstevel@tonic-gate comma = 1; 2107c478bd9Sstevel@tonic-gate (void) strcat(answer, newhead); 2117c478bd9Sstevel@tonic-gate } 2127c478bd9Sstevel@tonic-gate } 2137c478bd9Sstevel@tonic-gate 2147c478bd9Sstevel@tonic-gate (void) __ns_ldap_freeResult(&result); 2157c478bd9Sstevel@tonic-gate errno = 0; 216*7800901eSjbeck *retval = 0; 217*7800901eSjbeck return (answer); 2187c478bd9Sstevel@tonic-gate } 219