389-adminutil.pc.in | 2 Makefile.am | 13 Makefile.in | 24 configure | 782 ++++++++++++++-- configure.ac | 8 include/libadminutil/admutil-int.h | 190 +++ include/libadminutil/admutil.h | 2 include/libadminutil/prodinfo.h | 106 -- include/libadminutil/psetc.h | 4 include/libadmsslutil/psetcssl.h | 4 lib/libadminutil/admutil.c | 880 ++++++++++++++++-- lib/libadminutil/admutil_pvt.h | 142 -- lib/libadminutil/form_post.c | 28 lib/libadminutil/psetc.c | 151 +-- lib/libadminutil/psetc_pvt.h | 5 lib/libadminutil/srvutil.c | 6 lib/libadminutil/uginfo.c | 110 +- lib/libadmsslutil/admsslutil.c | 127 -- lib/libadmsslutil/psetcssl.c | 29 lib/libadmsslutil/srvutilssl.c | 4 lib/libadmsslutil/uginfossl.c | 25 m4/mozldap.m4 | 101 +- m4/openldap.m4 | 131 ++ tests/nsroot.ldif | 1788 ------------------------------------- tests/psetreadssl.c | 88 - tests/retrieveSIEssl.c | 4 tests/setup.sh | 148 ++- 27 files changed, 2324 insertions(+), 2578 deletions(-) New commits: commit e8abafe64771377d688a0718d62ea2de2aad22e6 Author: Rich Megginson <rmeggins(a)redhat.com&gt; Date: Fri Sep 24 16:04:10 2010 -0600 Port adminutil to use openldap This allows adminutil to build with either openldap or mozldap. Use the --with-openldap switch to use openldap. By default, it will use mozldap. Most of the API changes are to allow passing the security directory to the lower level ldap code - instead of the global NSS context, openldap uses its own context, so needs to be passed the security dir via the ldap_set_option(ld, LDAP_OPT_X_TLS_CACERTDIR, securitydir) api. diff --git a/389-adminutil.pc.in b/389-adminutil.pc.in index 6019ac2..caa62ff 100644 --- a/389-adminutil.pc.in +++ b/389-adminutil.pc.in @@ -6,6 +6,6 @@ includedir=@includedir@ Name: @PACKAGE_NAME@ Description: Utility library for directory server administration Version: @PACKAGE_VERSION@ -Requires: nspr, nss, svrcore, mozldap +Requires: nspr, nss Libs: -ladmsslutil -ladminutil Cflags: -I${includedir}/admsslutil -I${includedir}/adminutil diff --git a/Makefile.am b/Makefile.am index 3cb5914..b9e2996 100644 --- a/Makefile.am +++ b/Makefile.am @@ -19,7 +19,11 @@ AM_CPPFLAGS = $(PLATFORM_DEFINES) $(DEBUG_DEFINES) $(ADMINUTIL_DEFINES) $(ADMINU #------------------------ NSPR_LINK = @nspr_lib@ -lplc4 -lnspr4 NSS_LINK = @nss_lib@ -lssl3 -lnss3 -LDAPSDK_LINK = @ldapsdk_lib@ -lssldap60 -lldap60 -lprldap60 -lldif60 +if OPENLDAP +LDAPSDK_LINK = @openldap_lib@ -lldap@ol_libver@ +else +LDAPSDK_LINK = @ldapsdk_lib@ -lssldap60 -lprldap60 -lldap60 -lldif60 +endif if enable_tests SASL_LINK = @sasl_lib@ -lsasl2 endif @@ -43,7 +47,7 @@ if enable_tests check_PROGRAMS = retrieveSIE retrieveSIEssl psetread psetreadssl psetwrite TESTS = retrieveSIE retrieveSIEssl psetread psetreadssl psetwrite -TEST_CPPFLAGS = $(AM_CPPFLAGS) -I$(srcdir)/include @nss_inc@ @nspr_inc@ @ldapsdk_inc@ @icu_inc@ +TEST_CPPFLAGS = $(AM_CPPFLAGS) -I$(srcdir)/include @nss_inc@ @nspr_inc@ @openldap_inc@ @ldapsdk_inc@ @icu_inc@ TEST_LDADD = libadmsslutil.la libadminutil.la $(NSPR_LINK) $(NSS_LINK) $(LDAPSDK_LINK) $(SASL_LINK) $(ICU_LINK) retrieveSIE_SOURCES = tests/retrieveSIE.c @@ -75,7 +79,6 @@ admsslincdir=$(includedir)/libadmsslutil admininc_DATA = $(srcdir)/include/libadminutil/admutil.h \ $(srcdir)/include/libadminutil/distadm.h \ - $(srcdir)/include/libadminutil/prodinfo.h \ $(srcdir)/include/libadminutil/psetc.h \ $(srcdir)/include/libadminutil/resource.h \ $(srcdir)/include/libadminutil/srvutil.h @@ -122,7 +125,7 @@ libadminutil_la_SOURCES = lib/libadminutil/acclanglist.c \ lib/libadminutil/strlist.c \ lib/libadminutil/uginfo.c -libadminutil_la_CPPFLAGS = $(AM_CPPFLAGS) @nspr_inc@ @ldapsdk_inc@ @icu_inc@ +libadminutil_la_CPPFLAGS = $(AM_CPPFLAGS) @nspr_inc@ @openldap_inc@ @ldapsdk_inc@ @icu_inc@ libadminutil_la_LIBADD = $(NSPR_LINK) $(NSS_LINK) $(LDAPSDK_LINK) $(SASL_LINK) $(ICU_LINK) libadminutil_la_LDFLAGS = -version-number $(subst .,:,$(PACKAGE_VERSION)) if CXXLINK_REQUIRED @@ -142,7 +145,7 @@ libadmsslutil_la_SOURCES = lib/libadmsslutil/admsslutil.c \ lib/libadmsslutil/sslerror.c \ lib/libadmsslutil/uginfossl.c -libadmsslutil_la_CPPFLAGS = $(AM_CPPFLAGS) @nss_inc@ @nspr_inc@ @ldapsdk_inc@ @icu_inc@ +libadmsslutil_la_CPPFLAGS = $(AM_CPPFLAGS) @nss_inc@ @nspr_inc@ @openldap_inc@ @ldapsdk_inc@ @icu_inc@ libadmsslutil_la_LIBADD = $(NSPR_LINK) $(NSS_LINK) $(LDAPSDK_LINK) $(SASL_LINK) $(ICU_LINK) libadminutil.la libadmsslutil_la_LDFLAGS = -version-number $(subst .,:,$(PACKAGE_VERSION)) if CXXLINK_REQUIRED diff --git a/Makefile.in b/Makefile.in index fd7c95c..e333ec0 100644 --- a/Makefile.in +++ b/Makefile.in @@ -49,9 +49,9 @@ DIST_COMMON = README $(am__configure_deps) \ subdir = . ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/m4/nspr.m4 $(top_srcdir)/m4/nss.m4 \ - $(top_srcdir)/m4/mozldap.m4 $(top_srcdir)/m4/sasl.m4 \ - $(top_srcdir)/m4/icu.m4 $(top_srcdir)/m4/fhs.m4 \ - $(top_srcdir)/configure.ac + $(top_srcdir)/m4/openldap.m4 $(top_srcdir)/m4/mozldap.m4 \ + $(top_srcdir)/m4/sasl.m4 $(top_srcdir)/m4/icu.m4 \ + $(top_srcdir)/m4/fhs.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) am__CONFIG_DISTCLEAN_FILES = config.status config.cache config.log \ @@ -230,6 +230,8 @@ MAINTAINER_MODE_FALSE = @MAINTAINER_MODE_FALSE@ MAINTAINER_MODE_TRUE = @MAINTAINER_MODE_TRUE@ MAKEINFO = @MAKEINFO@ OBJEXT = @OBJEXT@ +OPENLDAP_FALSE = @OPENLDAP_FALSE@ +OPENLDAP_TRUE = @OPENLDAP_TRUE@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ @@ -298,7 +300,11 @@ nspr_libdir = @nspr_libdir@ nss_inc = @nss_inc@ nss_lib = @nss_lib@ nss_libdir = @nss_libdir@ +ol_libver = @ol_libver@ oldincludedir = @oldincludedir@ +openldap_inc = @openldap_inc@ +openldap_lib = @openldap_lib@ +openldap_libdir = @openldap_libdir@ platform_defs = @platform_defs@ prefix = @prefix@ program_transform_name = @program_transform_name@ @@ -327,7 +333,8 @@ AM_CPPFLAGS = $(PLATFORM_DEFINES) $(DEBUG_DEFINES) $(ADMINUTIL_DEFINES) $(ADMINU #------------------------ NSPR_LINK = @nspr_lib@ -lplc4 -lnspr4 NSS_LINK = @nss_lib@ -lssl3 -lnss3 -LDAPSDK_LINK = @ldapsdk_lib@ -lssldap60 -lldap60 -lprldap60 -lldif60 +@OPENLDAP_FALSE@LDAPSDK_LINK = @ldapsdk_lib@ -lssldap60 -lprldap60 -lldap60 -lldif60 +@OPENLDAP_TRUE@LDAPSDK_LINK = @openldap_lib@ -lldap@ol_libver@ @enable_tests_TRUE@SASL_LINK = @sasl_lib@ -lsasl2 ICU_LINK = @icu_lib@ -licui18n -licuuc -licudata $(LIBCSTD) $(LIBCRUN) @@ -339,7 +346,7 @@ pkgdata_DATA = root.res en.res en_US.res @CXXLINK_REQUIRED_TRUE@dummy_SOURCES = lib/dummy.cpp @CXXLINK_REQUIRED_TRUE@dummy_LINK = $(CXXLINK) @enable_tests_TRUE@TESTS = retrieveSIE retrieveSIEssl psetread psetreadssl psetwrite -@enable_tests_TRUE@TEST_CPPFLAGS = $(AM_CPPFLAGS) -I$(srcdir)/include @nss_inc@ @nspr_inc@ @ldapsdk_inc@ @icu_inc@ +@enable_tests_TRUE@TEST_CPPFLAGS = $(AM_CPPFLAGS) -I$(srcdir)/include @nss_inc@ @nspr_inc@ @openldap_inc@ @ldapsdk_inc@ @icu_inc@ @enable_tests_TRUE@TEST_LDADD = libadmsslutil.la libadminutil.la $(NSPR_LINK) $(NSS_LINK) $(LDAPSDK_LINK) $(SASL_LINK) $(ICU_LINK) @enable_tests_TRUE@retrieveSIE_SOURCES = tests/retrieveSIE.c @enable_tests_TRUE@retrieveSIE_CPPFLAGS = $(TEST_CPPFLAGS) @@ -364,7 +371,6 @@ adminincdir = $(includedir)/libadminutil admsslincdir = $(includedir)/libadmsslutil admininc_DATA = $(srcdir)/include/libadminutil/admutil.h \ $(srcdir)/include/libadminutil/distadm.h \ - $(srcdir)/include/libadminutil/prodinfo.h \ $(srcdir)/include/libadminutil/psetc.h \ $(srcdir)/include/libadminutil/resource.h \ $(srcdir)/include/libadminutil/srvutil.h @@ -399,7 +405,7 @@ libadminutil_la_SOURCES = lib/libadminutil/acclanglist.c \ lib/libadminutil/strlist.c \ lib/libadminutil/uginfo.c -libadminutil_la_CPPFLAGS = $(AM_CPPFLAGS) @nspr_inc@ @ldapsdk_inc@ @icu_inc@ +libadminutil_la_CPPFLAGS = $(AM_CPPFLAGS) @nspr_inc@ @openldap_inc@ @ldapsdk_inc@ @icu_inc@ libadminutil_la_LIBADD = $(NSPR_LINK) $(NSS_LINK) $(LDAPSDK_LINK) $(SASL_LINK) $(ICU_LINK) libadminutil_la_LDFLAGS = -version-number $(subst .,:,$(PACKAGE_VERSION)) @CXXLINK_REQUIRED_FALSE@libadminutil_la_LINK = $(LINK) @@ -416,7 +422,7 @@ libadmsslutil_la_SOURCES = lib/libadmsslutil/admsslutil.c \ lib/libadmsslutil/sslerror.c \ lib/libadmsslutil/uginfossl.c -libadmsslutil_la_CPPFLAGS = $(AM_CPPFLAGS) @nss_inc@ @nspr_inc@ @ldapsdk_inc@ @icu_inc@ +libadmsslutil_la_CPPFLAGS = $(AM_CPPFLAGS) @nss_inc@ @nspr_inc@ @openldap_inc@ @ldapsdk_inc@ @icu_inc@ libadmsslutil_la_LIBADD = $(NSPR_LINK) $(NSS_LINK) $(LDAPSDK_LINK) $(SASL_LINK) $(ICU_LINK) libadminutil.la libadmsslutil_la_LDFLAGS = -version-number $(subst .,:,$(PACKAGE_VERSION)) @CXXLINK_REQUIRED_FALSE@libadmsslutil_la_LINK = $(LINK) @@ -1148,7 +1154,7 @@ distdir: $(DISTFILES) || exit 1; \ fi; \ done - -find $(distdir) -type d ! -perm -777 -exec chmod a+rwx {} \; -o \ + -find $(distdir) -type d ! -perm -755 -exec chmod a+rwx,go+rx {} \; -o \ ! -type d ! -perm -444 -links 1 -exec chmod a+r {} \; -o \ ! -type d ! -perm -400 -exec chmod a+r {} \; -o \ ! -type d ! -perm -444 -exec $(SHELL) $(install_sh) -c -m a+r {} {} \; \ diff --git a/configure b/configure index 2f9dad6..62dc4c0 100755 --- a/configure +++ b/configure @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.59 for 389-adminutil 1.1.10. +# Generated by GNU Autoconf 2.59 for 389-adminutil 1.1.11. # # Report bugs to <http://bugzilla.redhat.com/>;. # @@ -423,8 +423,8 @@ SHELL=${CONFIG_SHELL-/bin/sh} # Identity of this package. PACKAGE_NAME='389-adminutil' PACKAGE_TARNAME='389-adminutil' -PACKAGE_VERSION='1.1.10' -PACKAGE_STRING='389-adminutil 1.1.10' +PACKAGE_VERSION='1.1.11' +PACKAGE_STRING='389-adminutil 1.1.11' PACKAGE_BUGREPORT='http://bugzilla.redhat.com/' # Factoring default headers for most tests. @@ -465,7 +465,7 @@ ac_includes_default="\ #endif" ac_default_prefix=/opt/$PACKAGE_NAME -ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA CYGPATH_W PACKAGE VERSION ACLOCAL AUTOCONF AUTOMAKE AUTOHEADER MAKEINFO install_sh STRIP ac_ct_STRIP INSTALL_STRIP_PROGRAM mkdir_p AWK SET_MAKE am__leading_dot AMTAR am__tar am__untar MAINTAINER_MODE_TRUE MAINTAINER_MODE_FALSE MAINT build build_cpu build_vendor build_os host host_cpu host_vendor host_os CXX CXXFLAGS LDFLAGS CPPFLAGS ac_ct_CXX EXEEXT OBJEXT DEPDIR am__include am__quote AMDEP_TRUE AMDEP_FALSE AMDEPBACKSLASH CXXDEPMODE am__fastdepCXX_TRUE am__fastdepCXX_FALSE CC CFLAGS ac_ct_CC CCDEPMODE am__fastdepCC_TRUE am__fastdepCC_FALSE SED EGREP LN_S ECHO AR ac_ct_AR RANLIB ac_ct_RANLIB CPP CXXCPP F77 FFLAGS ac_ct_F77 LIBTOOL LIBOBJS LIBCSTD LIBCRUN platform_defs CXXLINK_REQUIRED_TRUE CXXLINK_REQUIRED_FALSE debug_defs enable_tests_TRUE enable_tests_FALSE PKG_CONFIG ICU_CONFIG GENRB nspr_inc nspr_lib nspr_libdir nss_inc nss_lib nss_libdir ldapsdk_inc ldapsdk_lib ldapsdk_libdir sasl_inc sasl_lib icu_inc icu_lib icu_libdir icu_bin WINNT_TRUE WINNT_FALSE LTLIBOBJS' +ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA CYGPATH_W PACKAGE VERSION ACLOCAL AUTOCONF AUTOMAKE AUTOHEADER MAKEINFO install_sh STRIP ac_ct_STRIP INSTALL_STRIP_PROGRAM mkdir_p AWK SET_MAKE am__leading_dot AMTAR am__tar am__untar MAINTAINER_MODE_TRUE MAINTAINER_MODE_FALSE MAINT build build_cpu build_vendor build_os host host_cpu host_vendor host_os CXX CXXFLAGS LDFLAGS CPPFLAGS ac_ct_CXX EXEEXT OBJEXT DEPDIR am__include am__quote AMDEP_TRUE AMDEP_FALSE AMDEPBACKSLASH CXXDEPMODE am__fastdepCXX_TRUE am__fastdepCXX_FALSE CC CFLAGS ac_ct_CC CCDEPMODE am__fastdepCC_TRUE am__fastdepCC_FALSE SED EGREP LN_S ECHO AR ac_ct_AR RANLIB ac_ct_RANLIB CPP CXXCPP F77 FFLAGS ac_ct_F77 LIBTOOL LIBOBJS LIBCSTD LIBCRUN platform_defs CXXLINK_REQUIRED_TRUE CXXLINK_REQUIRED_FALSE debug_defs enable_tests_TRUE enable_tests_FALSE PKG_CONFIG ICU_CONFIG GENRB nspr_inc nspr_lib nspr_libdir nss_inc nss_lib nss_libdir ldapsdk_inc ldapsdk_lib ldapsdk_libdir openldap_inc openldap_lib openldap_libdir ol_libver sasl_inc sasl_lib icu_inc icu_lib icu_libdir icu_bin OPENLDAP_TRUE OPENLDAP_FALSE WINNT_TRUE WINNT_FALSE LTLIBOBJS' ac_subst_files='' # Initialize some variables set by options. @@ -954,7 +954,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures 389-adminutil 1.1.10 to adapt to many kinds of systems. +\`configure' configures 389-adminutil 1.1.11 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1020,7 +1020,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of 389-adminutil 1.1.10:";; + short | recursive ) echo "Configuration of 389-adminutil 1.1.11:";; esac cat <<\_ACEOF @@ -1057,9 +1057,16 @@ Optional Packages: --with-nss=PATH Network Security Services (NSS) directory --with-nss-inc=PATH Network Security Services (NSS) include directory --with-nss-lib=PATH Network Security Services (NSS) library directory - --with-ldapsdk=PATH Mozilla LDAP SDK directory - --with-ldapsdk-inc=PATH Mozilla LDAP SDK include directory - --with-ldapsdk-lib=PATH Mozilla LDAP SDK library directory + --with-openldap[=PATH] + Use OpenLDAP - optional PATH is path to OpenLDAP SDK + --with-openldap-inc=PATH + OpenLDAP SDK include directory + --with-openldap-lib=PATH + OpenLDAP SDK library directory + --with-ldapsdk[=PATH] + Mozilla LDAP SDK directory + --with-ldapsdk-inc=PATH Mozilla LDAP SDK include directory + --with-ldapsdk-lib=PATH Mozilla LDAP SDK library directory --with-sasl=PATH Use sasl from supplied path --with-sasl-inc=PATH SASL include file directory --with-sasl-lib=PATH SASL library directory @@ -1182,7 +1189,7 @@ fi test -n "$ac_init_help" && exit 0 if $ac_init_version; then cat <<\_ACEOF -389-adminutil configure 1.1.10 +389-adminutil configure 1.1.11 generated by GNU Autoconf 2.59 Copyright (C) 2003 Free Software Foundation, Inc. @@ -1196,7 +1203,7 @@ cat >&5 <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by 389-adminutil $as_me 1.1.10, which was +It was created by 389-adminutil $as_me 1.1.11, which was generated by GNU Autoconf 2.59. Invocation command line was $ $0 $@ @@ -1839,7 +1846,7 @@ fi # Define the identity of the package. PACKAGE='389-adminutil' - VERSION='1.1.10' + VERSION='1.1.11' cat >>confdefs.h <<_ACEOF @@ -4288,7 +4295,7 @@ ia64-*-hpux*) ;; *-*-irix6*) # Find out which ABI we are using. - echo '#line 4291 "configure"' > conftest.$ac_ext + echo '#line 4298 "configure"' > conftest.$ac_ext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? @@ -5423,7 +5430,7 @@ fi # Provide some information about the compiler. -echo "$as_me:5426:" \ +echo "$as_me:5433:" \ "checking for Fortran 77 compiler version" >&5 ac_compiler=`set X $ac_compile; echo $2` { (eval echo "$as_me:$LINENO: \"$ac_compiler --version </dev/null >&5\"") >&5 @@ -6486,11 +6493,11 @@ else -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:6489: $lt_compile\"" >&5) + (eval echo "\"\$as_me:6496: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:6493: \$? = $ac_status" >&5 + echo "$as_me:6500: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings other than the usual output. @@ -6754,11 +6761,11 @@ else -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:6757: $lt_compile\"" >&5) + (eval echo "\"\$as_me:6764: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:6761: \$? = $ac_status" >&5 + echo "$as_me:6768: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings other than the usual output. @@ -6858,11 +6865,11 @@ else -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:6861: $lt_compile\"" >&5) + (eval echo "\"\$as_me:6868: $lt_compile\"" >&5) (eval "$lt_compile" 2>out/conftest.err) ac_status=$? cat out/conftest.err >&5 - echo "$as_me:6865: \$? = $ac_status" >&5 + echo "$as_me:6872: \$? = $ac_status" >&5 if (exit $ac_status) && test -s out/conftest2.$ac_objext then # The compiler can only warn and ignore the option if not recognized @@ -8327,7 +8334,7 @@ linux*) libsuff= case "$host_cpu" in x86_64*|s390x*|powerpc64*) - echo '#line 8330 "configure"' > conftest.$ac_ext + echo '#line 8337 "configure"' > conftest.$ac_ext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? @@ -9224,7 +9231,7 @@ else lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2 lt_status=$lt_dlunknown cat > conftest.$ac_ext <<EOF -#line 9227 "configure" +#line 9234 "configure" #include "confdefs.h" #if HAVE_DLFCN_H @@ -9324,7 +9331,7 @@ else lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2 lt_status=$lt_dlunknown cat > conftest.$ac_ext <<EOF -#line 9327 "configure" +#line 9334 "configure" #include "confdefs.h" #if HAVE_DLFCN_H @@ -11667,11 +11674,11 @@ else -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:11670: $lt_compile\"" >&5) + (eval echo "\"\$as_me:11677: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:11674: \$? = $ac_status" >&5 + echo "$as_me:11681: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings other than the usual output. @@ -11771,11 +11778,11 @@ else -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:11774: $lt_compile\"" >&5) + (eval echo "\"\$as_me:11781: $lt_compile\"" >&5) (eval "$lt_compile" 2>out/conftest.err) ac_status=$? cat out/conftest.err >&5 - echo "$as_me:11778: \$? = $ac_status" >&5 + echo "$as_me:11785: \$? = $ac_status" >&5 if (exit $ac_status) && test -s out/conftest2.$ac_objext then # The compiler can only warn and ignore the option if not recognized @@ -12307,7 +12314,7 @@ linux*) libsuff= case "$host_cpu" in x86_64*|s390x*|powerpc64*) - echo '#line 12310 "configure"' > conftest.$ac_ext + echo '#line 12317 "configure"' > conftest.$ac_ext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? @@ -13365,11 +13372,11 @@ else -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:13368: $lt_compile\"" >&5) + (eval echo "\"\$as_me:13375: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:13372: \$? = $ac_status" >&5 + echo "$as_me:13379: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings other than the usual output. @@ -13469,11 +13476,11 @@ else -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:13472: $lt_compile\"" >&5) + (eval echo "\"\$as_me:13479: $lt_compile\"" >&5) (eval "$lt_compile" 2>out/conftest.err) ac_status=$? cat out/conftest.err >&5 - echo "$as_me:13476: \$? = $ac_status" >&5 + echo "$as_me:13483: \$? = $ac_status" >&5 if (exit $ac_status) && test -s out/conftest2.$ac_objext then # The compiler can only warn and ignore the option if not recognized @@ -14918,7 +14925,7 @@ linux*) libsuff= case "$host_cpu" in x86_64*|s390x*|powerpc64*) - echo '#line 14921 "configure"' > conftest.$ac_ext + echo '#line 14928 "configure"' > conftest.$ac_ext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? @@ -15696,11 +15703,11 @@ else -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:15699: $lt_compile\"" >&5) + (eval echo "\"\$as_me:15706: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:15703: \$? = $ac_status" >&5 + echo "$as_me:15710: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings other than the usual output. @@ -15964,11 +15971,11 @@ else -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:15967: $lt_compile\"" >&5) + (eval echo "\"\$as_me:15974: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:15971: \$? = $ac_status" >&5 + echo "$as_me:15978: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings other than the usual output. @@ -16068,11 +16075,11 @@ else -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:16071: $lt_compile\"" >&5) + (eval echo "\"\$as_me:16078: $lt_compile\"" >&5) (eval "$lt_compile" 2>out/conftest.err) ac_status=$? cat out/conftest.err >&5 - echo "$as_me:16075: \$? = $ac_status" >&5 + echo "$as_me:16082: \$? = $ac_status" >&5 if (exit $ac_status) && test -s out/conftest2.$ac_objext then # The compiler can only warn and ignore the option if not recognized @@ -17537,7 +17544,7 @@ linux*) libsuff= case "$host_cpu" in x86_64*|s390x*|powerpc64*) - echo '#line 17540 "configure"' > conftest.$ac_ext + echo '#line 17547 "configure"' > conftest.$ac_ext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? @@ -23294,6 +23301,564 @@ echo "$as_me: error: NSS not found, specify with --with-nss." >&2;} fi # BEGIN COPYRIGHT BLOCK +# Copyright (C) 2009 Red Hat, Inc. +# All rights reserved. +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. +# +# END COPYRIGHT BLOCK + +{ echo "$as_me:$LINENO: checking for OpenLDAP..." >&5 +echo "$as_me: checking for OpenLDAP..." >&6;} + +# check for --with-openldap +echo "$as_me:$LINENO: checking for --with-openldap" >&5 +echo $ECHO_N "checking for --with-openldap... $ECHO_C" >&6 + +# Check whether --with-openldap or --without-openldap was given. +if test "${with_openldap+set}" = set; then + withval="$with_openldap" + + if test "$withval" = yes + then + echo "$as_me:$LINENO: result: using system OpenLDAP" >&5 +echo "${ECHO_T}using system OpenLDAP" >&6 + elif test "$withval" = no + then + echo "$as_me:$LINENO: result: no" >&5 +echo "${ECHO_T}no" >&6 + elif test -e "$withval"/include/ldap.h -a -d "$withval"/lib + then + echo "$as_me:$LINENO: result: using $withval" >&5 +echo "${ECHO_T}using $withval" >&6 + OPENLDAPDIR=$withval + openldap_incdir="$OPENLDAPDIR/include" + openldap_inc="-I$openldap_incdir" + openldap_lib="-L$OPENLDAPDIR/lib" + openldap_libdir="$OPENLDAPDIR/lib" + with_openldap=yes + else + echo + { { echo "$as_me:$LINENO: error: $withval not found" >&5 +echo "$as_me: error: $withval not found" >&2;} + { (exit 1); exit 1; }; } + fi + +else + echo "$as_me:$LINENO: result: no" >&5 +echo "${ECHO_T}no" >&6 +fi; + +# check for --with-openldap-inc +echo "$as_me:$LINENO: checking for --with-openldap-inc" >&5 +echo $ECHO_N "checking for --with-openldap-inc... $ECHO_C" >&6 + +# Check whether --with-openldap-inc or --without-openldap-inc was given. +if test "${with_openldap_inc+set}" = set; then + withval="$with_openldap_inc" + + if test -e "$withval"/ldap.h + then + echo "$as_me:$LINENO: result: using $withval" >&5 +echo "${ECHO_T}using $withval" >&6 + openldap_incdir="$withval" + openldap_inc="-I$withval" + with_openldap=yes + else + echo + { { echo "$as_me:$LINENO: error: $withval not found" >&5 +echo "$as_me: error: $withval not found" >&2;} + { (exit 1); exit 1; }; } + fi + +else + echo "$as_me:$LINENO: result: no" >&5 +echo "${ECHO_T}no" >&6 +fi; + +# check for --with-openldap-lib +echo "$as_me:$LINENO: checking for --with-openldap-lib" >&5 +echo $ECHO_N "checking for --with-openldap-lib... $ECHO_C" >&6 + +# Check whether --with-openldap-lib or --without-openldap-lib was given. +if test "${with_openldap_lib+set}" = set; then + withval="$with_openldap_lib" + + if test -d "$withval" + then + echo "$as_me:$LINENO: result: using $withval" >&5 +echo "${ECHO_T}using $withval" >&6 + openldap_lib="-L$withval" + openldap_libdir="$withval" + with_openldap=yes + else + echo + { { echo "$as_me:$LINENO: error: $withval not found" >&5 +echo "$as_me: error: $withval not found" >&2;} + { (exit 1); exit 1; }; } + fi + +else + echo "$as_me:$LINENO: result: no" >&5 +echo "${ECHO_T}no" >&6 +fi; + +# if OPENLDAP is not found yet, try pkg-config + +if test "$with_openldap" = yes ; then # user wants to use openldap, but didn't specify paths + if test -z "$openldap_inc" -o -z "$openldap_lib" -o -z "$openldap_libdir"; then + # Extract the first word of "pkg-config", so it can be a program name with args. +set dummy pkg-config; ac_word=$2 +echo "$as_me:$LINENO: checking for $ac_word" >&5 +echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 +if test "${ac_cv_path_PKG_CONFIG+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + case $PKG_CONFIG in + [\\/]* | ?:[\\/]*) + ac_cv_path_PKG_CONFIG="$PKG_CONFIG" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_PKG_CONFIG="$as_dir/$ac_word$ac_exec_ext" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done +done + + ;; +esac +fi +PKG_CONFIG=$ac_cv_path_PKG_CONFIG + +if test -n "$PKG_CONFIG"; then + echo "$as_me:$LINENO: result: $PKG_CONFIG" >&5 +echo "${ECHO_T}$PKG_CONFIG" >&6 +else + echo "$as_me:$LINENO: result: no" >&5 +echo "${ECHO_T}no" >&6 +fi + + echo "$as_me:$LINENO: checking for OpenLDAP with pkg-config" >&5 +echo $ECHO_N "checking for OpenLDAP with pkg-config... $ECHO_C" >&6 + if test -n "$PKG_CONFIG" && $PKG_CONFIG --exists openldap; then + openldap_inc=`$PKG_CONFIG --cflags-only-I openldap` + openldap_lib=`$PKG_CONFIG --libs-only-L openldap` + openldap_libdir=`$PKG_CONFIG --libs-only-L openldap | sed -e s/-L// | sed -e s/\ .*$//` + openldap_incdir=`$PKG_CONFIG --variable=includedir openldap` + echo "$as_me:$LINENO: result: using system OpenLDAP from pkg-config" >&5 +echo "${ECHO_T}using system OpenLDAP from pkg-config" >&6 + else + openldap_incdir="/usr/include" + openldap_inc="-I$openldap_incdir" + echo "$as_me:$LINENO: result: no OpenLDAP pkg-config files" >&5 +echo "${ECHO_T}no OpenLDAP pkg-config files" >&6 + fi + fi +fi + + +if test "$with_openldap" = yes ; then + save_cppflags="$CPPFLAGS" + CPPFLAGS="$openldap_inc $nss_inc $nspr_inc" + if test "${ac_cv_header_ldap_features_h+set}" = set; then + echo "$as_me:$LINENO: checking for ldap_features.h" >&5 +echo $ECHO_N "checking for ldap_features.h... $ECHO_C" >&6 +if test "${ac_cv_header_ldap_features_h+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +fi +echo "$as_me:$LINENO: result: $ac_cv_header_ldap_features_h" >&5 +echo "${ECHO_T}$ac_cv_header_ldap_features_h" >&6 +else + # Is the header compilable? +echo "$as_me:$LINENO: checking ldap_features.h usability" >&5 +echo $ECHO_N "checking ldap_features.h usability... $ECHO_C" >&6 +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +$ac_includes_default +#include <ldap_features.h> +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_header_compiler=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +ac_header_compiler=no +fi +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 +echo "${ECHO_T}$ac_header_compiler" >&6 + +# Is the header present? +echo "$as_me:$LINENO: checking ldap_features.h presence" >&5 +echo $ECHO_N "checking ldap_features.h presence... $ECHO_C" >&6 +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#include <ldap_features.h> +_ACEOF +if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 + (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } >/dev/null; then + if test -s conftest.err; then + ac_cpp_err=$ac_c_preproc_warn_flag + ac_cpp_err=$ac_cpp_err$ac_c_werror_flag + else + ac_cpp_err= + fi +else + ac_cpp_err=yes +fi +if test -z "$ac_cpp_err"; then + ac_header_preproc=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_header_preproc=no +fi +rm -f conftest.err conftest.$ac_ext +echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 +echo "${ECHO_T}$ac_header_preproc" >&6 + +# So? What about this header? +case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in + yes:no: ) + { echo "$as_me:$LINENO: WARNING: ldap_features.h: accepted by the compiler, rejected by the preprocessor!" >&5 +echo "$as_me: WARNING: ldap_features.h: accepted by the compiler, rejected by the preprocessor!" >&2;} + { echo "$as_me:$LINENO: WARNING: ldap_features.h: proceeding with the compiler's result" >&5 +echo "$as_me: WARNING: ldap_features.h: proceeding with the compiler's result" >&2;} + ac_header_preproc=yes + ;; + no:yes:* ) + { echo "$as_me:$LINENO: WARNING: ldap_features.h: present but cannot be compiled" >&5 +echo "$as_me: WARNING: ldap_features.h: present but cannot be compiled" >&2;} + { echo "$as_me:$LINENO: WARNING: ldap_features.h: check for missing prerequisite headers?" >&5 +echo "$as_me: WARNING: ldap_features.h: check for missing prerequisite headers?" >&2;} + { echo "$as_me:$LINENO: WARNING: ldap_features.h: see the Autoconf documentation" >&5 +echo "$as_me: WARNING: ldap_features.h: see the Autoconf documentation" >&2;} + { echo "$as_me:$LINENO: WARNING: ldap_features.h: section \"Present But Cannot Be Compiled\"" >&5 +echo "$as_me: WARNING: ldap_features.h: section \"Present But Cannot Be Compiled\"" >&2;} + { echo "$as_me:$LINENO: WARNING: ldap_features.h: proceeding with the preprocessor's result" >&5 +echo "$as_me: WARNING: ldap_features.h: proceeding with the preprocessor's result" >&2;} + { echo "$as_me:$LINENO: WARNING: ldap_features.h: in the future, the compiler will take precedence" >&5 +echo "$as_me: WARNING: ldap_features.h: in the future, the compiler will take precedence" >&2;} + ( + cat <<\_ASBOX +## ------------------------------------------ ## +## Report this to http://bugzilla.redhat.com/ ## +## ------------------------------------------ ## +_ASBOX + ) | + sed "s/^/$as_me: WARNING: /" >&2 + ;; +esac +echo "$as_me:$LINENO: checking for ldap_features.h" >&5 +echo $ECHO_N "checking for ldap_features.h... $ECHO_C" >&6 +if test "${ac_cv_header_ldap_features_h+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + ac_cv_header_ldap_features_h=$ac_header_preproc +fi +echo "$as_me:$LINENO: result: $ac_cv_header_ldap_features_h" >&5 +echo "${ECHO_T}$ac_cv_header_ldap_features_h" >&6 + +fi +if test $ac_cv_header_ldap_features_h = yes; then + : +else + { { echo "$as_me:$LINENO: error: specified with-openldap but ldap_features.h not found" >&5 +echo "$as_me: error: specified with-openldap but ldap_features.h not found" >&2;} + { (exit 1); exit 1; }; } +fi + + + ol_ver_maj=`grep LDAP_VENDOR_VERSION_MAJOR $openldap_incdir/ldap_features.h | awk '{print $3}'` + ol_ver_min=`grep LDAP_VENDOR_VERSION_MINOR $openldap_incdir/ldap_features.h | awk '{print $3}'` + ol_ver_pat=`grep LDAP_VENDOR_VERSION_PATCH $openldap_incdir/ldap_features.h | awk '{print $3}'` + ol_libver="-${ol_ver_maj}.${ol_ver_min}" + save_ldflags="$LDFLAGS" + LDFLAGS="$openldap_lib $LDFLAGS" + as_ac_Lib=`echo "ac_cv_lib_ldap$ol_libver''_ldap_initialize" | $as_tr_sh` +echo "$as_me:$LINENO: checking for ldap_initialize in -lldap$ol_libver" >&5 +echo $ECHO_N "checking for ldap_initialize in -lldap$ol_libver... $ECHO_C" >&6 +if eval "test \"\${$as_ac_Lib+set}\" = set"; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lldap$ol_libver $LIBS" +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ + +/* Override any gcc2 internal prototype to avoid an error. */ +#ifdef __cplusplus +extern "C" +#endif +/* We use char because int might match the return type of a gcc2 + builtin and then its argument prototype would still apply. */ +char ldap_initialize (); +int +main () +{ +ldap_initialize (); + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext conftest$ac_exeext +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 + (eval $ac_link) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest$ac_exeext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + eval "$as_ac_Lib=yes" +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +eval "$as_ac_Lib=no" +fi +rm -f conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Lib'}'`" >&5 +echo "${ECHO_T}`eval echo '${'$as_ac_Lib'}'`" >&6 +if test `eval echo '${'$as_ac_Lib'}'` = yes; then + have_ldap_lib=1 +fi + + if test -z "$have_ldap_lib" ; then + echo "$as_me:$LINENO: checking for ldap_initialize in -lldap" >&5 +echo $ECHO_N "checking for ldap_initialize in -lldap... $ECHO_C" >&6 +if test "${ac_cv_lib_ldap_ldap_initialize+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lldap $LIBS" +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ + +/* Override any gcc2 internal prototype to avoid an error. */ +#ifdef __cplusplus +extern "C" +#endif +/* We use char because int might match the return type of a gcc2 + builtin and then its argument prototype would still apply. */ +char ldap_initialize (); +int +main () +{ +ldap_initialize (); + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext conftest$ac_exeext +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 + (eval $ac_link) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest$ac_exeext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_cv_lib_ldap_ldap_initialize=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +ac_cv_lib_ldap_ldap_initialize=no +fi +rm -f conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +echo "$as_me:$LINENO: result: $ac_cv_lib_ldap_ldap_initialize" >&5 +echo "${ECHO_T}$ac_cv_lib_ldap_ldap_initialize" >&6 +if test $ac_cv_lib_ldap_ldap_initialize = yes; then + unset ol_libver +else + { { echo "$as_me:$LINENO: error: specified with-openldap but libldap not found" >&5 +echo "$as_me: error: specified with-openldap but libldap not found" >&2;} + { (exit 1); exit 1; }; } +fi + + fi + as_ac_Lib=`echo "ac_cv_lib_ldap$ol_libver''_ldap_url_parse_ext" | $as_tr_sh` +echo "$as_me:$LINENO: checking for ldap_url_parse_ext in -lldap$ol_libver" >&5 +echo $ECHO_N "checking for ldap_url_parse_ext in -lldap$ol_libver... $ECHO_C" >&6 +if eval "test \"\${$as_ac_Lib+set}\" = set"; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lldap$ol_libver $LIBS" +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ + +/* Override any gcc2 internal prototype to avoid an error. */ +#ifdef __cplusplus +extern "C" +#endif +/* We use char because int might match the return type of a gcc2 + builtin and then its argument prototype would still apply. */ +char ldap_url_parse_ext (); +int +main () +{ +ldap_url_parse_ext (); + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext conftest$ac_exeext +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 + (eval $ac_link) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest$ac_exeext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + eval "$as_ac_Lib=yes" +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +eval "$as_ac_Lib=no" +fi +rm -f conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Lib'}'`" >&5 +echo "${ECHO_T}`eval echo '${'$as_ac_Lib'}'`" >&6 +if test `eval echo '${'$as_ac_Lib'}'` = yes; then + +cat >>confdefs.h <<\_ACEOF +#define HAVE_LDAP_URL_PARSE_EXT 1 +_ACEOF + +fi + + LDFLAGS="$save_ldflags" + CPPFLAGS="$save_cppflags" + + +cat >>confdefs.h <<\_ACEOF +#define USE_OPENLDAP 1 +_ACEOF + +fi + +# BEGIN COPYRIGHT BLOCK # Copyright (C) 2006 Red Hat, Inc. # All rights reserved. # @@ -23313,8 +23878,8 @@ fi # # END COPYRIGHT BLOCK -{ echo "$as_me:$LINENO: checking for LDAPSDK..." >&5 -echo "$as_me: checking for LDAPSDK..." >&6;} +{ echo "$as_me:$LINENO: checking for Mozilla LDAPSDK..." >&5 +echo "$as_me: checking for Mozilla LDAPSDK..." >&6;} # check for --with-ldapsdk echo "$as_me:$LINENO: checking for --with-ldapsdk" >&5 @@ -23324,7 +23889,15 @@ echo $ECHO_N "checking for --with-ldapsdk... $ECHO_C" >&6 if test "${with_ldapsdk+set}" = set; then withval="$with_ldapsdk" - if test -e "$withval"/include/ldap.h -a -d "$withval"/lib + if test "$withval" = yes + then + echo "$as_me:$LINENO: result: yes" >&5 +echo "${ECHO_T}yes" >&6 + elif test "$withval" = no + then + echo "$as_me:$LINENO: result: no" >&5 +echo "${ECHO_T}no" >&6 + elif test -e "$withval"/include/ldap.h -a -d "$withval"/lib then echo "$as_me:$LINENO: result: using $withval" >&5 echo "${ECHO_T}using $withval" >&6 @@ -23332,6 +23905,7 @@ echo "${ECHO_T}using $withval" >&6 ldapsdk_inc="-I$LDAPSDKDIR/include" ldapsdk_lib="-L$LDAPSDKDIR/lib" ldapsdk_libdir="$LDAPSDKDIR/lib" + with_ldapsdk=yes else echo { { echo "$as_me:$LINENO: error: $withval not found" >&5 @@ -23339,9 +23913,31 @@ echo "$as_me: error: $withval not found" >&2;} { (exit 1); exit 1; }; } fi + if test "$with_ldapsdk" = yes -a "$with_openldap" = yes + then + { { echo "$as_me:$LINENO: error: Cannot use both LDAPSDK and OpenLDAP." >&5 +echo "$as_me: error: Cannot use both LDAPSDK and OpenLDAP." >&2;} + { (exit 1); exit 1; }; } + fi + if test "$with_ldapsdk" != yes -a "$with_openldap" != yes + then + { { echo "$as_me:$LINENO: error: Either LDAPSDK or OpenLDAP must be used." >&5 +echo "$as_me: error: Either LDAPSDK or OpenLDAP must be used." >&2;} + { (exit 1); exit 1; }; } + fi + else - echo "$as_me:$LINENO: result: no" >&5 + + if test "$with_openldap" = yes + then + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 + else + echo "$as_me:$LINENO: result: yes" >&5 +echo "${ECHO_T}yes" >&6 + with_ldapsdk=yes + fi + fi; # check for --with-ldapsdk-inc @@ -23357,6 +23953,7 @@ if test "${with_ldapsdk_inc+set}" = set; then echo "$as_me:$LINENO: result: using $withval" >&5 echo "${ECHO_T}using $withval" >&6 ldapsdk_inc="-I$withval" + with_ldapsdk=yes else echo { { echo "$as_me:$LINENO: error: $withval not found" >&5 @@ -23383,6 +23980,7 @@ if test "${with_ldapsdk_lib+set}" = set; then echo "${ECHO_T}using $withval" >&6 ldapsdk_lib="-L$withval" ldapsdk_libdir="$withval" + with_ldapsdk=yes else echo { { echo "$as_me:$LINENO: error: $withval not found" >&5 @@ -23398,10 +23996,9 @@ fi; # if LDAPSDK is not found yet, try pkg-config # last resort -if test -z "$ldapsdk_inc" -o -z "$ldapsdk_lib" -o -z "$ldapsdk_libdir"; then - echo "$as_me:$LINENO: checking for mozldap with pkg-config" >&5 -echo $ECHO_N "checking for mozldap with pkg-config... $ECHO_C" >&6 - # Extract the first word of "pkg-config", so it can be a program name with args. +if test "$with_ldapsdk" = yes ; then + if test -z "$ldapsdk_inc" -o -z "$ldapsdk_lib" -o -z "$ldapsdk_libdir"; then + # Extract the first word of "pkg-config", so it can be a program name with args. set dummy pkg-config; ac_word=$2 echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 @@ -23440,32 +24037,37 @@ else echo "${ECHO_T}no" >&6 fi - if test -n "$PKG_CONFIG"; then - if $PKG_CONFIG --exists mozldap6; then - ldapsdk_name=mozldap6 - elif $PKG_CONFIG --exists mozldap; then - ldapsdk_name=mozldap - else - { { echo "$as_me:$LINENO: error: LDAPSDK not found, specify with --with-ldapsdk-inc|-lib." >&5 + echo "$as_me:$LINENO: checking for mozldap with pkg-config" >&5 +echo $ECHO_N "checking for mozldap with pkg-config... $ECHO_C" >&6 + if test -n "$PKG_CONFIG"; then + if $PKG_CONFIG --exists mozldap6; then + mozldappkg=mozldap6 + elif $PKG_CONFIG --exists mozldap; then + mozldappkg=mozldap + else + { { echo "$as_me:$LINENO: error: LDAPSDK not found, specify with --with-ldapsdk-inc|-lib." >&5 echo "$as_me: error: LDAPSDK not found, specify with --with-ldapsdk-inc|-lib." >&2;} { (exit 1); exit 1; }; } + fi + ldapsdk_inc=`$PKG_CONFIG --cflags-only-I $mozldappkg` + ldapsdk_lib=`$PKG_CONFIG --libs-only-L $mozldappkg` + ldapsdk_libdir=`$PKG_CONFIG --libs-only-L $mozldappkg | sed -e s/-L// | sed -e s/\ .*$//` + echo "$as_me:$LINENO: result: using system $mozldappkg" >&5 +echo "${ECHO_T}using system $mozldappkg" >&6 fi - ldapsdk_inc=`$PKG_CONFIG --cflags-only-I $ldapsdk_name` - ldapsdk_lib=`$PKG_CONFIG --libs-only-L $ldapsdk_name` - ldapsdk_libdir=`$PKG_CONFIG --libs-only-L $ldapsdk_name | sed -e s/-L// | sed -e s/\ *$//` - echo "$as_me:$LINENO: result: using system $ldapsdk_name" >&5 -echo "${ECHO_T}using system $ldapsdk_name" >&6 fi fi -if test -z "$ldapsdk_inc" -o -z "$ldapsdk_lib"; then - { { echo "$as_me:$LINENO: error: LDAPSDK not found, specify with --with-ldapsdk-inc|-lib." >&5 + +if test "$with_ldapsdk" = yes ; then + if test -z "$ldapsdk_inc" -o -z "$ldapsdk_lib"; then + { { echo "$as_me:$LINENO: error: LDAPSDK not found, specify with --with-ldapsdk-inc|-lib." >&5 echo "$as_me: error: LDAPSDK not found, specify with --with-ldapsdk-inc|-lib." >&2;} { (exit 1); exit 1; }; } -fi + fi -save_cppflags="$CPPFLAGS" -CPPFLAGS="$ldapsdk_inc $nss_inc $nspr_inc" -echo "$as_me:$LINENO: checking for ldap.h" >&5 + save_cppflags="$CPPFLAGS" + CPPFLAGS="$ldapsdk_inc $nss_inc $nspr_inc" + echo "$as_me:$LINENO: checking for ldap.h" >&5 echo $ECHO_N "checking for ldap.h... $ECHO_C" >&6 if test "${ac_cv_header_ldap_h+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -23524,12 +24126,23 @@ else fi -CPPFLAGS="$save_cppflags" + CPPFLAGS="$save_cppflags" -if test -z "$isversion6" ; then - { { echo "$as_me:$LINENO: error: The LDAPSDK version in $ldapsdk_inc/ldap-standard.h is not supported" >&5 + if test -z "$isversion6" ; then + { { echo "$as_me:$LINENO: error: The LDAPSDK version in $ldapsdk_inc/ldap-standard.h is not supported" >&5 echo "$as_me: error: The LDAPSDK version in $ldapsdk_inc/ldap-standard.h is not supported" >&2;} { (exit 1); exit 1; }; } + fi + +cat >>confdefs.h <<\_ACEOF +#define USE_MOZLDAP 1 +_ACEOF + + +cat >>confdefs.h <<\_ACEOF +#define HAVE_LDAP_URL_PARSE_NO_DEFAULTS 1 +_ACEOF + fi if test "$enable_tests" = "yes" ; then @@ -23965,6 +24578,20 @@ fi + + + + + + +if test "$with_openldap" = "yes"; then + OPENLDAP_TRUE= + OPENLDAP_FALSE='#' +else + OPENLDAP_TRUE='#' + OPENLDAP_FALSE= +fi + # WINNT should be true if building on Windows system not using # cygnus, mingw, or the like and using cmd.exe as the shell @@ -24157,6 +24784,13 @@ echo "$as_me: error: conditional \"enable_tests\" was never defined. Usually this means the macro was only invoked conditionally." >&2;} { (exit 1); exit 1; }; } fi +if test -z "${OPENLDAP_TRUE}" && test -z "${OPENLDAP_FALSE}"; then + { { echo "$as_me:$LINENO: error: conditional \"OPENLDAP\" was never defined. +Usually this means the macro was only invoked conditionally." >&5 +echo "$as_me: error: conditional \"OPENLDAP\" was never defined. +Usually this means the macro was only invoked conditionally." >&2;} + { (exit 1); exit 1; }; } +fi if test -z "${WINNT_TRUE}" && test -z "${WINNT_FALSE}"; then { { echo "$as_me:$LINENO: error: conditional \"WINNT\" was never defined. Usually this means the macro was only invoked conditionally." >&5 @@ -24435,7 +25069,7 @@ _ASBOX } >&5 cat >&5 <<_CSEOF -This file was extended by 389-adminutil $as_me 1.1.10, which was +This file was extended by 389-adminutil $as_me 1.1.11, which was generated by GNU Autoconf 2.59. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -24493,7 +25127,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF ac_cs_version="\\ -389-adminutil config.status 1.1.10 +389-adminutil config.status 1.1.11 configured by $0, generated by GNU Autoconf 2.59, with options \\"`echo "$ac_configure_args" | sed 's/[\\""\`\$]/\\\\&/g'`\\" @@ -24780,12 +25414,18 @@ s,@nss_libdir@,$nss_libdir,;t t s,@ldapsdk_inc@,$ldapsdk_inc,;t t s,@ldapsdk_lib@,$ldapsdk_lib,;t t s,@ldapsdk_libdir@,$ldapsdk_libdir,;t t +s,@openldap_inc@,$openldap_inc,;t t +s,@openldap_lib@,$openldap_lib,;t t +s,@openldap_libdir@,$openldap_libdir,;t t +s,@ol_libver@,$ol_libver,;t t s,@sasl_inc@,$sasl_inc,;t t s,@sasl_lib@,$sasl_lib,;t t s,@icu_inc@,$icu_inc,;t t s,@icu_lib@,$icu_lib,;t t s,@icu_libdir@,$icu_libdir,;t t s,@icu_bin@,$icu_bin,;t t +s,@OPENLDAP_TRUE@,$OPENLDAP_TRUE,;t t +s,@OPENLDAP_FALSE@,$OPENLDAP_FALSE,;t t s,@WINNT_TRUE@,$WINNT_TRUE,;t t s,@WINNT_FALSE@,$WINNT_FALSE,;t t s,@LTLIBOBJS@,$LTLIBOBJS,;t t diff --git a/configure.ac b/configure.ac index 5440425..cc7fcb8 100644 --- a/configure.ac +++ b/configure.ac @@ -1,7 +1,7 @@ # -*- Autoconf -*- # Process this file with autoconf to produce a configure script. AC_PREREQ(2.59) -AC_INIT([389-adminutil], [1.1.10], [http://bugzilla.redhat.com/]) +AC_INIT([389-adminutil], [1.1.11], [http://bugzilla.redhat.com/]) AM_INIT_AUTOMAKE([1.9 foreign subdir-objects]) AM_MAINTAINER_MODE AC_CANONICAL_HOST @@ -120,6 +120,7 @@ AC_MSG_RESULT($enable_rpath) m4_include(m4/nspr.m4) m4_include(m4/nss.m4) +m4_include(m4/openldap.m4) m4_include(m4/mozldap.m4) if test "$enable_tests" = "yes" ; then m4_include(m4/sasl.m4) @@ -150,6 +151,10 @@ AC_SUBST(nss_libdir) AC_SUBST(ldapsdk_inc) AC_SUBST(ldapsdk_lib) AC_SUBST(ldapsdk_libdir) +AC_SUBST(openldap_inc) +AC_SUBST(openldap_lib) +AC_SUBST(openldap_libdir) +AC_SUBST(ol_libver) AC_SUBST(sasl_inc) AC_SUBST(sasl_lib) AC_SUBST(icu_inc) @@ -157,6 +162,7 @@ AC_SUBST(icu_lib) AC_SUBST(icu_libdir) AC_SUBST(icu_bin) +AM_CONDITIONAL(OPENLDAP,test "$with_openldap" = "yes") # WINNT should be true if building on Windows system not using # cygnus, mingw, or the like and using cmd.exe as the shell AM_CONDITIONAL([WINNT], false) diff --git a/include/libadminutil/admutil-int.h b/include/libadminutil/admutil-int.h new file mode 100644 index 0000000..ef38230 --- /dev/null +++ b/include/libadminutil/admutil-int.h @@ -0,0 +1,190 @@ +/** BEGIN COPYRIGHT BLOCK + * Copyright (C) 2001 Sun Microsystems, Inc. Used by permission. + * Copyright (C) 2005 Red Hat, Inc. + * All rights reserved. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation version + * 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + * END COPYRIGHT BLOCK **/ +/* + * These interfaces are private to adminutil - not exposed to the public + * api, but shared among the files in the adminutil libraries + */ +#ifndef __ADMUTIL_INT_H__ +#define __ADMUTIL_INT_H__ + +#include <stdio.h> +#include <sys/types.h> +#include <sys/stat.h> +#include <nspr.h> +#include <libadminutil/admutil.h> + +struct _AdmldapHdnl; +typedef struct _AdmldapHdnl *AdmldapHdnlPtr; + +char* +dn2AttrName(char* dn, char* rootDN); + +char* +attrName2dn(char* attrName, char* rootDN); + +/* + * LDAPMod related utility functions + */ +LDAPMod* +createSingleValMod( char* namep, char* value, int mode); + +LDAPMod* +createMod( char* namep, ValueType values, int mode); + +void +deleteMod(LDAPMod* mod); + +void +deleteMods(LDAPMod** mods); + +/* + * List related data structure and method + */ +typedef struct _ListNode { + char* name; + void* val; + int dflag; + struct _ListNode *next; +} ListNode, *ListNodePtr; + +/* + * Binary Tree related data structure and methods + */ +typedef struct _TreeNode { + char* name; + ListNodePtr val; + struct _TreeNode *left, *right; +} TreeNode, *TreeNodePtr; + +ListNodePtr +createListNode(char* name, void *val, int dflag); + +ListNodePtr +listFindNode(ListNodePtr list, char* name); + +void* +listGetValue(ListNodePtr list, char* name); + +int +listCount(ListNodePtr list); + +ListNodePtr +listCat(ListNodePtr list1, ListNodePtr list2); + +ListNodePtr +listAppend(ListNodePtr list, char* name, void* val,int dflag); + +ListNodePtr +listAdd(ListNodePtr list, char* name, void* val, int dflag); + +ListNodePtr +listDelete(ListNodePtr list, char* name); + +void +listDestroy(ListNodePtr list); + +/* Some utilities which use list */ +AttributeList +nvlistConvert(ListNodePtr list); + +void +nvlistDestroy(ListNodePtr list); + +ListNodePtr +createUpdateList(AttributeList nvl); + +void +destroyUpdateList(ListNodePtr); + + +TreeNodePtr +createTreeNode(char* name, char* val); + +int +treeCount(TreeNodePtr root); + +TreeNodePtr +treeFindNode(TreeNodePtr node, char* name); + +ValueType +treeFindValue(TreeNodePtr root, char* name); + +char* +treeFindValueAt(TreeNodePtr root, char* name, int index); + +TreeNodePtr +treeAddNode(TreeNodePtr node, TreeNodePtr newNode); + +TreeNodePtr +treeAddValue(TreeNodePtr node, char* val); + +TreeNodePtr +treeAddNameValue(TreeNodePtr node, char* name, char* val); + +int +treeRemoveNode(TreeNodePtr node, char* name, int* removeFlag); + +void +treeRemoveTree(TreeNodePtr node); + +ListNodePtr +treeBuildAttrList(char* nodeName, TreeNodePtr node); + +void +treeExport(FILE *fstream, char* parentString, TreeNodePtr node); + +TreeNodePtr +treeImport(FILE *fstream, int* errorcode); + +/* + * utility function for copy/free string array + */ +PR_IMPLEMENT(char**) +admutil_strsdup(char** orig); + +PR_IMPLEMENT(char**) +admutil_strsdup_berval(struct berval** orig); + +PR_IMPLEMENT(void) +admutil_strsFree(char** target); + +int admutil_ldap_url_parse(const char *url, LDAPURLDesc **ludpp, int require_dn, int *secure); +LDAP *admutil_ldap_init( + AdmldapInfo info, + const char *ldapurl, /* full ldap url */ + const char *hostname, /* can also use this to override + host in url */ + int port, /* can also use this to override port in url */ + int secure, /* 0 for ldap, 1 for ldaps */ + int shared, /* if true, LDAP* will be shared among multiple threads */ + const char *filename /* for ldapi */ +); +int admutil_ldap_bind( + LDAP *ld, /* ldap connection */ + const char *bindid, /* usually a bind DN for simple bind */ + const char *creds, /* usually a password for simple bind */ + const char *mech, /* name of mechanism */ + LDAPControl **serverctrls, /* additional controls to send */ + LDAPControl ***returnedctrls, /* returned controls */ + struct timeval *timeout, /* timeout */ + int *msgidp /* pass in non-NULL for async handling */ +); + +#endif /* __ADMUTIL_INT_H__ */ diff --git a/include/libadminutil/admutil.h b/include/libadminutil/admutil.h index fa61e8b..a1baa36 100644 --- a/include/libadminutil/admutil.h +++ b/include/libadminutil/admutil.h @@ -122,8 +122,6 @@ PR_IMPLEMENT(int) admutil_getline(FILE *fstream, int maxlen, int lineno, char* buf); /* Utility function to get ldap Information */ -PR_IMPLEMENT(int) -admutil_uuencode(unsigned char *src, unsigned char *dst, int srclen); typedef void* AdmldapInfo; diff --git a/include/libadminutil/prodinfo.h b/include/libadminutil/prodinfo.h deleted file mode 100644 index 03a25b4..0000000 --- a/include/libadminutil/prodinfo.h +++ /dev/null @@ -1,106 +0,0 @@ -/** BEGIN COPYRIGHT BLOCK - * Copyright (C) 2001 Sun Microsystems, Inc. Used by permission. - * Copyright (C) 2005 Red Hat, Inc. - * All rights reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation version - * 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - * END COPYRIGHT BLOCK **/ -/* - * prodinfo.h - * - * $Id: prodinfo.h,v 1.2 2005/12/06 18:38:31 nhosoi Exp $ - */ - -#ifndef prodinfo_h -#define prodinfo_h - -/*********************************************************************** -** Includes -***********************************************************************/ - -#include <netsite.h> - -typedef struct { - char *var; /* name of array */ - int numEls; /* how many names in array */ - char **els; /* names in array */ -} ADM_piList; - -typedef struct { - char *when; - int numVars; /* numVars is the number of vars and vals */ - char **vars; - char **vals; - int numBools; /* how many boolean variables? */ - char **boolVars; - char *boolVals; - int numLists; - ADM_piList *lists; -} ADM_piTree; - -/*********************************************************************** -** GLOBAL FUNCTIONS: -** DESCRIPTION: -** These functions allow one to use data from files which have name value -** pairs, boolean variables, and list variables. See -** http://poseidon/~flc/prodinfo.html for a description of the file format. -** -** EXAMPLE: -** @+@ Something that really gives the idea of how to use this set of functions -** -** RESTRICTIONS: -** -** -** RETURN CODE TABLE: -** -1: list or variable not found -** 0: boolean variable false or list entry not found -** 1: boolean variable true or list entry found -***********************************************************************/ - -NSPR_BEGIN_EXTERN_C - -PR_IMPLEMENT(ADM_piTree *) -ADM_pi_init( char *file ); - -PR_IMPLEMENT(void) -ADM_pi_done( ADM_piTree * ); - -PR_IMPLEMENT(char *) -ADM_pi_value( ADM_piTree *, char *var ); - -PR_IMPLEMENT(char *) -ADM_pi_when( ADM_piTree * ); - -PR_IMPLEMENT(int) -ADM_pi_canDo( ADM_piTree *, char *, char * ); - -PR_IMPLEMENT(int) -ADM_pi_list( ADM_piTree *, char *name, char ***list ); - -PR_IMPLEMENT(void) -ADM_pi_setValue (ADM_piTree *tree, char *name, char *value); - -PR_IMPLEMENT(void) -ADM_pi_setBoolean (ADM_piTree *tree, char *capability, char *value); - -PR_IMPLEMENT(void) -ADM_pi_setCapability (ADM_piTree *tree, char *capability, char *instance); - -PR_IMPLEMENT(int) -ADM_pi_write (ADM_piTree *tree, char *fileName); - -NSPR_END_EXTERN_C - -#endif /* prodinfo_h */ diff --git a/include/libadminutil/psetc.h b/include/libadminutil/psetc.h index 411f0e1..c5496a5 100644 --- a/include/libadminutil/psetc.h +++ b/include/libadminutil/psetc.h @@ -88,7 +88,7 @@ psetCreate(char* serverID, char* configRoot, char* userDN, char* passwd, int* errorcode); PR_IMPLEMENT(PsetHndl) -psetRealCreate(char* ldapHost, int ldapPort, char* sieDN, char* userDN, +psetRealCreate(AdmldapInfo ldapInfo, char* ldapHost, int ldapPort, char* sieDN, char* userDN, char* passwd, char* cacheFile, int* errorcode); PR_IMPLEMENT(PsetHndl) @@ -104,7 +104,7 @@ PR_IMPLEMENT(PsetHndl) psetFileCreate(char* configFile, char* filter, int* errorcode); PR_IMPLEMENT(PsetHndl) -psetRealLDAPImport(PsetHndl pset, char* ldapHost, int ldapPort, char* sieDN, char* userDN, +psetRealLDAPImport(AdmldapInfo ldapInfo, PsetHndl pset, char* ldapHost, int ldapPort, char* sieDN, char* userDN, char* passwd, char* cacheFile, char* filter, int* errorcode); PR_IMPLEMENT(PsetHndl) diff --git a/include/libadmsslutil/psetcssl.h b/include/libadmsslutil/psetcssl.h index 7de65c9..9379fb2 100644 --- a/include/libadmsslutil/psetcssl.h +++ b/include/libadmsslutil/psetcssl.h @@ -37,12 +37,12 @@ psetCreateSSL(char* serverID, char* configRoot, char* userDN, char* passwd, int* errorcode); PR_IMPLEMENT(PsetHndl) -psetRealCreateSSL(char* ldapHost, int ldapPort, int secure, char* sieDN, +psetRealCreateSSL(AdmldapInfo ldapInfo, char* ldapHost, int ldapPort, int secure, char* sieDN, char* userDN, char* passwd, char* configFile, int* errorcode); PR_IMPLEMENT(PsetHndl) -psetRealLDAPImportSSL(PsetHndl pseth, char* ldapHost, int ldapPort, +psetRealLDAPImportSSL(AdmldapInfo ldapInfo, PsetHndl pseth, char* ldapHost, int ldapPort, int secure, char* sieDN, char* userDN, char* passwd, char* configFile, char* filter, int* errorcode); #ifdef __cplusplus diff --git a/lib/libadminutil/admutil.c b/lib/libadminutil/admutil.c index 1b06085..fc63d31 100644 --- a/lib/libadminutil/admutil.c +++ b/lib/libadminutil/admutil.c @@ -24,8 +24,11 @@ #include <ctype.h> #include "version.h" #include "admutil_pvt.h" +#include "libadminutil/admutil-int.h" #include "libadminutil/distadm.h" - +#if defined(USE_OPENLDAP) +#include <lber.h> +#endif #ifdef XP_WIN32 #define strcasecmp stricmp #define strncasecmp _strnicmp @@ -96,14 +99,19 @@ find_file_in_paths( return retval; } -/* Copy from libadmin..... */ -static unsigned char uuset[] = { -'A','B','C','D','E','F','G','H','I','J','K','L','M','N','O','P','Q','R','S','T', -'U','V','W','X','Y','Z','a','b','c','d','e','f','g','h','i','j','k','l','m','n', -'o','p','q','r','s','t','u','v','w','x','y','z','0','1','2','3','4','5','6','7', -'8','9','+','/' }; - -static int LDAP_CALL LDAP_CALLBACK +#if defined(USE_OPENLDAP) +static int +admin_ldap_rebind_proc( + LDAP *ld, LDAP_CONST char *url, + ber_tag_t request, ber_int_t msgid, + void *arg) +{ + AdmldapHdnlPtr ptr = (AdmldapHdnlPtr)arg; + + return admutil_ldap_bind(ld, ptr->sieDN, ptr->passwd, LDAP_SASL_SIMPLE, NULL, NULL, NULL, NULL); +} +#else /* NOT USE_OPENLDAP */ +static int admin_ldap_rebind_proc (LDAP *ld, char **whop, char **passwdp, int *authmethodp, int freeit, void *arg) { AdmldapHdnlPtr ptr = (AdmldapHdnlPtr)arg; @@ -116,58 +124,7 @@ admin_ldap_rebind_proc (LDAP *ld, char **whop, char **passwdp, return LDAP_SUCCESS; } - -PR_IMPLEMENT(int) -admutil_uuencode(unsigned char *src, unsigned char *dst, int srclen) -{ - int i, r; - unsigned char *p; - -/* To uuencode, we snip 8 bits from 3 bytes and store them as - 6 bits in 4 bytes. 6*4 == 8*3 (get it?) and 6 bits per byte - yields nice clean bytes - - It goes like this: - AAAAAAAA BBBBBBBB CCCCCCCC - turns into the standard set of uuencode ascii chars indexed by numbers: - 00AAAAAA 00AABBBB 00BBBBCC 00CCCCCC - - Snip-n-shift, snip-n-shift, etc.... - */ - - for (p=dst,i=0; i < srclen; i += 3) { - /* Do 3 bytes of src */ - register char b0, b1, b2; - - b0 = src[0]; - if (i==srclen-1) - b1 = b2 = '\0'; - else if (i==srclen-2) { - b1 = src[1]; - b2 = '\0'; - } - else { - b1 = src[1]; - b2 = src[2]; - } - - *p++ = uuset[b0>>2]; - *p++ = uuset[(((b0 & 0x03) << 4) | ((b1 & 0xf0) >> 4))]; - *p++ = uuset[(((b1 & 0x0f) << 2) | ((b2 & 0xc0) >> 6))]; - *p++ = uuset[b2 & 0x3f]; - src += 3; - } - *p = 0; /* terminate the string */ - r = (unsigned char *)p - (unsigned char *)dst;/* remember how many we did */ - - /* Always do 4-for-3, but if not round threesome, have to go - clean up the last extra bytes */ - - for( ; i != srclen; i--) - *--p = '='; - - return r; -} +#endif PR_IMPLEMENT(char**) admutil_strsdup(char** orig) @@ -189,6 +146,27 @@ admutil_strsdup(char** orig) return dest; } +PR_IMPLEMENT(char**) +admutil_strsdup_berval(struct berval** orig) +{ + int cnt = 0, i = 0; + char **dest; + struct berval **tmpptr; + + if (!orig) return NULL; + + tmpptr = orig; + while (*tmpptr++ != NULL) cnt++; + + dest = (char**)PR_Malloc((cnt+1)*sizeof(char*)); + + for (i=0; i < cnt; i++) dest[i] = PL_strndup(orig[i]->bv_val, orig[i]->bv_len); + + dest[cnt] = NULL; + + return dest; +} + PR_IMPLEMENT(void) admutil_strsFree(char** target) { @@ -385,8 +363,8 @@ dn2AttrName(char* dn, char* rootDN) attrLen--; } - ldap_value_free(dnList); - ldap_value_free(rootList); + admutil_strsFree(dnList); + admutil_strsFree(rootList); return PL_strdup(buf); } @@ -729,6 +707,18 @@ treeFindNode(TreeNodePtr node, char* name) else return NULL; } +static int +treeHasNode(AdmldapInfo info, char* name) +{ + int result = 0; + AdmldapHdnlPtr admInfo = (AdmldapHdnlPtr)info; + + if (admInfo && admInfo->configInfo) { + result = treeFindNode(admInfo->configInfo, name) ? 1 : 0; + } + return result; +} + ValueType treeFindValue(TreeNodePtr root, char* name) { @@ -1185,21 +1175,26 @@ admldapBuildInfoOnly(char* configRoot, int *errorcode) configInfo = treeImport(fileStream, errorcode); fclose(fileStream); - if (!configInfo) { *errorcode = ADMUTIL_SYSTEM_ERR; return NULL; } + if (!configInfo) { + *errorcode = ADMUTIL_SYSTEM_ERR; + PR_smprintf_free(path); + return NULL; + } admInfo = (AdmldapHdnlPtr)PR_Malloc(sizeof(AdmldapHdnl)); - if (!admInfo) { *errorcode = ADMUTIL_SYSTEM_ERR; return NULL; } + if (!admInfo) { + *errorcode = ADMUTIL_SYSTEM_ERR; + treeRemoveTree(configInfo); + PR_smprintf_free(path); + return NULL; + } memset(admInfo, '\0', sizeof(AdmldapHdnl)); admInfo->configFilePath = path; /* hand off memory */ path = NULL; - if (!admInfo->configFilePath) { - PR_Free(admInfo); - *errorcode = ADMUTIL_SYSTEM_ERR; - return NULL; - } - admInfo->configInfo = configInfo; + admInfo->configInfo = configInfo; /* hand off memory */ + configInfo = NULL; if (!(admInfo->serverDirectoryURL = treeFindValueAt(admInfo->configInfo, "ldapurl", 0))) { /* admInfo owns malloced memory now */ /* Error open file */ @@ -1208,8 +1203,9 @@ admldapBuildInfoOnly(char* configRoot, int *errorcode) return NULL; } - if (ldap_url_parse(admInfo->serverDirectoryURL, &ldapInfo)) { + if (admutil_ldap_url_parse(admInfo->serverDirectoryURL, &ldapInfo, 0, &admInfo->secure)) { *errorcode = ADMUTIL_SYSTEM_ERR; + destroyAdmldap((AdmldapInfo)admInfo); return NULL; } @@ -1269,6 +1265,10 @@ admldapBuildInfoOnly(char* configRoot, int *errorcode) PR_smprintf_free(path); + if (!treeHasNode((AdmldapInfo)admInfo, "securitydir")) { + admldapSetSecurityDir((AdmldapInfo)admInfo, configRoot); + } + return (AdmldapInfo)admInfo; } @@ -1305,7 +1305,8 @@ admldapBuildInfoCbk(char* configRoot, char *(*cbk)(), int *errorcode) } if (!secureLDAP) { - admInfo->ldapHndl = ldap_init(admInfo->ldapInfo->lud_host, admInfo->ldapInfo->lud_port); + admInfo->ldapHndl = admutil_ldap_init(admInfo, NULL, admInfo->ldapInfo->lud_host, + admInfo->ldapInfo->lud_port, 0, 0, NULL); } /* authenticate to LDAP server*/ @@ -1338,7 +1339,7 @@ admldapBuildInfoCbk(char* configRoot, char *(*cbk)(), int *errorcode) } if (!secureLDAP) { - ldapError = ldap_simple_bind_s(admInfo->ldapHndl, admInfo->sieDN, siePasswd); + ldapError = admutil_ldap_bind(admInfo->ldapHndl, admInfo->sieDN, siePasswd, LDAP_SASL_SIMPLE, NULL, NULL, NULL, NULL); if (ldapError == LDAP_SUCCESS) break; /* Quit on errors other than password problems */ @@ -1349,14 +1350,14 @@ admldapBuildInfoCbk(char* configRoot, char *(*cbk)(), int *errorcode) if ((ldapError != LDAP_SUCCESS ) && !(secureLDAP)){ #ifdef LDAP_DEBUG - ldap_perror(admInfo->ldapHndl, "ldap_simple_bind_s"); + fprintf(stderr, "admutil_ldap_bind: [%s] error [%d:%s]\n", admInfo->sieDN, ldapError, ldap_err2string(ldapError)); #endif switch (ldapError) { case LDAP_INAPPROPRIATE_AUTH: case LDAP_INVALID_CREDENTIALS: case LDAP_INSUFFICIENT_ACCESS: /* authenticate failed: Should not continue */ - ldap_unbind(admInfo->ldapHndl); + ldap_unbind_ext(admInfo->ldapHndl, NULL, NULL); admInfo->ldapHndl = NULL; *errorcode = ADMUTIL_LDAP_ERR; break;; @@ -1364,12 +1365,12 @@ admldapBuildInfoCbk(char* configRoot, char *(*cbk)(), int *errorcode) case LDAP_ALIAS_PROBLEM: case LDAP_INVALID_DN_SYNTAX: /* Not a good user DN */ - ldap_unbind(admInfo->ldapHndl); + ldap_unbind_ext(admInfo->ldapHndl, NULL, NULL); admInfo->ldapHndl = NULL; *errorcode = ADMUTIL_LDAP_ERR; break; default: - ldap_unbind(admInfo->ldapHndl); + ldap_unbind_ext(admInfo->ldapHndl, NULL, NULL); admInfo->ldapHndl = NULL; *errorcode = ADMUTIL_LDAP_ERR; } @@ -1452,7 +1453,7 @@ destroyAdmldap(AdmldapInfo info) admInfo->passwd = NULL; } if (admInfo->ldapHndl) { - ldap_unbind(admInfo->ldapHndl); + ldap_unbind_ext(admInfo->ldapHndl, NULL, NULL); admInfo->ldapHndl = NULL; } @@ -1487,7 +1488,7 @@ admldapGetSecurity(AdmldapInfo info) AdmldapHdnlPtr admInfo = (AdmldapHdnlPtr)info; int ldapSecurity; - if (admInfo->ldapInfo->lud_options & LDAP_URL_OPT_SECURE) ldapSecurity = 1; + if (admInfo->secure) ldapSecurity = 1; else ldapSecurity = 0; return ldapSecurity; @@ -1514,8 +1515,7 @@ admldapGetSecurityDir(AdmldapInfo info) char *securitydir; securitydir = treeFindValueAt(admInfo->configInfo, "securitydir", 0); - if (!securitydir) return NULL; - else return securitydir; + return securitydir; } PR_IMPLEMENT(int) @@ -1540,8 +1540,7 @@ admldapGetSIEDN(AdmldapInfo info) char *ldapSIEDN = NULL; ldapSIEDN = treeFindValueAt(admInfo->configInfo, "sie", 0); - if (!ldapSIEDN) return NULL; - else return ldapSIEDN; + return ldapSIEDN; } PR_IMPLEMENT(int) @@ -1583,8 +1582,7 @@ admldapGetISIEDN(AdmldapInfo info) char *ldapISIEDN = NULL; ldapISIEDN = treeFindValueAt(admInfo->configInfo, "isie", 0); - if (!ldapISIEDN) return NULL; - else return ldapISIEDN; + return ldapISIEDN; } @@ -1618,8 +1616,9 @@ admldapSetDirectoryURL(AdmldapInfo info, const char *ldapurl) LDAPURLDesc *ldapInfo; int errorcode = ADMUTIL_OP_OK; int removeFlag = 0; + int secure = 0; - if (!ldapurl || ldap_url_parse(ldapurl, &ldapInfo)) { + if (!ldapurl || admutil_ldap_url_parse(ldapurl, &ldapInfo, 0, &secure)) { /* if the given url is not valid, don't do anything, just return an error */ errorcode = ADMUTIL_SYSTEM_ERR; goto done; @@ -1640,6 +1639,7 @@ admldapSetDirectoryURL(AdmldapInfo info, const char *ldapurl) /* set the new values */ admInfo->serverDirectoryURL = PL_strdup(ldapurl); admInfo->ldapInfo = ldapInfo; + admInfo->secure = secure; treeAddNameValue(admInfo->configInfo, "ldapurl", (char *)ldapurl); done: @@ -1651,7 +1651,7 @@ admldapSetLDAPHndl(AdmldapInfo info, LDAP *ld) { AdmldapHdnlPtr admInfo = (AdmldapHdnlPtr)info; - if (admInfo->ldapHndl) ldap_unbind(admInfo->ldapHndl); + if (admInfo->ldapHndl) ldap_unbind_ext(admInfo->ldapHndl, NULL, NULL); admInfo->ldapHndl = ld; } @@ -1670,8 +1670,7 @@ admldapGetSysUser(AdmldapInfo info) char *sysuser = NULL; sysuser = treeFindValueAt(admInfo->configInfo, "sysuser", 0); - if (!sysuser) return NULL; - else return sysuser; + return sysuser; } @@ -1682,8 +1681,7 @@ admldapGetSysGroup(AdmldapInfo info) char *sysgroup = NULL; sysgroup = treeFindValueAt(admInfo->configInfo, "sysgroup", 0); - if (!sysgroup) return NULL; - else return sysgroup; + return sysgroup; } @@ -1694,8 +1692,7 @@ admldapGetAdminDomain(AdmldapInfo info) char *admindomain = NULL; admindomain = treeFindValueAt(admInfo->configInfo, "AdminDomain", 0); - if (!admindomain) return NULL; - else return admindomain; + return admindomain; } @@ -1706,8 +1703,7 @@ admldapGetExpressRefreshRate(AdmldapInfo info) char *expressrefreshrate = NULL; expressrefreshrate = treeFindValueAt(admInfo->configInfo, "ExpressRefreshRate", 0); - if (!expressrefreshrate) return NULL; - else return expressrefreshrate; + return expressrefreshrate; } @@ -1718,8 +1714,7 @@ admldapGetExpressCGITimeout(AdmldapInfo info) char *expresscgitimeout = NULL; expresscgitimeout = treeFindValueAt(admInfo->configInfo, "ExpressCGITimeout", 0); - if (!expresscgitimeout) return NULL; - else return expresscgitimeout; + return expresscgitimeout; } @@ -1730,8 +1725,7 @@ admldapGetLdapStart(AdmldapInfo info) char *ldapstart = NULL; ldapstart = treeFindValueAt(admInfo->configInfo, "ldapStart", 0); - if (!ldapstart) return NULL; - else return ldapstart; + return ldapstart; } @@ -1787,8 +1781,8 @@ admldapGetUserDN(AdmldapInfo info, char *uid) goto done; } uidFilter = PR_smprintf("(uid=%s)", uid?uid:admInfo->localAdminName); - err = ldap_search_s(ld, baseDN, LDAP_SCOPE_SUBTREE, uidFilter, - NULL, 0, &result); + err = ldap_search_ext_s(ld, baseDN, LDAP_SCOPE_SUBTREE, uidFilter, + NULL, 0, NULL, NULL, NULL, -1, &result); if (err != LDAP_SUCCESS || ldap_count_entries(ld, result) == 0) { ldap_msgfree(result); goto done; @@ -1896,3 +1890,685 @@ admGetCachedSIEPWD() return result; } + +#if defined(USE_OPENLDAP) +/* mozldap ldap_init and ldap_url_parse accept a hostname in the form + host1[:port1]SPACEhost2[:port2]SPACEhostN[:portN] + where SPACE is a single space (0x20) character + for openldap, we have to convert this to a string like this: + PROTO://host1[:port1]/SPACEPROTO://host2[:port2]/SPACEPROTO://hostN[:portN]/ + where PROTO is ldap or ldaps or ldapi + if proto is NULL, assume hostname_or_uri is really a valid ldap uri +*/ +static char * +convert_to_openldap_uri(const char *hostname_or_uri, int port, const char *proto) +{ + char *retstr = NULL; + char *my_copy = NULL; + char *start = NULL; + char *iter = NULL; + char *s = NULL; + const char *brkstr = " "; + + if (!hostname_or_uri) { + return NULL; + } + + my_copy = PL_strdup(hostname_or_uri); + /* see if hostname_or_uri is an ldap uri */ + if (!proto && !PL_strncasecmp(my_copy, "ldap", 4)) { + start = my_copy + 4; + if ((*start == 's') || (*start == 'i')) { + start++; + } + if (!PL_strncmp(start, "://", 3)) { + *start = '\0'; + proto = my_copy; + start += 3; + } else { +#ifdef DEBUG + fprintf(stderr, "convert_to_openldap_uri: The given LDAP URI [%s] is not valid\n", hostname_or_uri); +#endif + goto end; + } + } else if (!proto) { +#ifdef DEBUG + fprintf(stderr, "convert_to_openldap_uri: The given LDAP URI [%s] is not valid\n", hostname_or_uri); +#endif + goto end; + } else { + start = my_copy; /* just assume it's not a uri */ + } + + for (s = strtok_r(my_copy, brkstr, &iter); s != NULL; + s = strtok_r(NULL, brkstr, &iter)) { + char *ptr; + int last = 0; + /* strtok will grab the '/' at the end of the uri, if any, + so terminate parsing there */ + if ((ptr = strchr(s, '/'))) { + *ptr = '\0'; + last = 1; + } + if (retstr) { + retstr = PR_sprintf_append(retstr, "/ %s://%s", proto, s); + } else { + retstr = PR_smprintf("%s://%s", proto, s); + } + if (last) { + break; + } + } + + /* add the port on the last one */ + retstr = PR_sprintf_append(retstr, ":%d/", port); +end: + PL_strfree(my_copy); + return retstr; +} +#endif /* USE_OPENLDAP */ + +const char * +admutil_urlparse_err2string( int err ) +{ + const char *s="internal error"; + + switch( err ) { + case 0: + s = "no error"; + break; + case LDAP_URL_ERR_BADSCOPE: + s = "invalid search scope"; + break; + case LDAP_URL_ERR_MEM: + s = "unable to allocate memory"; + break; + case LDAP_URL_ERR_PARAM: + s = "bad parameter to an LDAP URL function"; + break; +#if defined(USE_OPENLDAP) + case LDAP_URL_ERR_BADSCHEME: + s = "does not begin with ldap://, ldaps://, or ldapi://"; + break; + case LDAP_URL_ERR_BADENCLOSURE: + s = "missing trailing '>' in enclosure"; + break; + case LDAP_URL_ERR_BADURL: + s = "not a valid LDAP URL"; + break; + case LDAP_URL_ERR_BADHOST: + s = "hostname part of url is not valid or not given"; + break; + case LDAP_URL_ERR_BADATTRS: + s = "attribute list not formatted correctly or missing"; + break; + case LDAP_URL_ERR_BADFILTER: + s = "search filter not correct"; + break; + case LDAP_URL_ERR_BADEXTS: + s = "extensions not specified correctly"; + break; +#else /* !USE_OPENLDAP */ + case LDAP_URL_ERR_NOTLDAP: + s = "missing ldap:// or ldaps:// or ldapi://"; + break; + case LDAP_URL_ERR_NODN: + s = "missing suffix"; + break; +#endif + } + + return( s ); +} + +/* there are various differences among url parsers - directory server + needs the ability to parse partial URLs - those with no dn - and + needs to be able to tell if it is a secure url (ldaps) or not */ +int +admutil_ldap_url_parse(const char *url, LDAPURLDesc **ludpp, int require_dn, int *secure) +{ + PR_ASSERT(url); + PR_ASSERT(ludpp); + int rc; + const char *url_to_use = url; +#if defined(USE_OPENLDAP) + char *urlescaped = NULL; +#endif + + if (secure) { + *secure = 0; + } +#if defined(USE_OPENLDAP) + /* openldap does not support the non-standard multi host:port URLs supported + by mozldap - so we have to fake out openldap - replace all spaces with %20 - + replace all but the last colon with %3A + Go to the 3rd '/' or to the end of the string (convert only the host:port part) */ + if (url) { + char *p = strstr(url, "://"); + if (p) { + int foundspace = 0; + int coloncount = 0; + char *lastcolon = NULL; + p += 3; + for (; *p && (*p != '/'); p++) { + if (*p == ' ') { + foundspace = 1; + } + if (*p == ':') { + coloncount++; + lastcolon = p; + } + } + if (foundspace) { + char *src = NULL, *dest = NULL; + /* have to convert url */ + /* len * 3 is way too much, but acceptable */ + urlescaped = PR_Calloc(strlen(url) * 3, sizeof(char)); + dest = urlescaped; + /* copy the scheme */ + src = strstr(url, "://"); + src += 3; + memcpy(dest, url, src-url); + dest += (src-url); + /* we have to convert all spaces to %20 - we have to convert + all colons except the last one to %3A */ + for (; *src; ++src) { + if (src < p) { + if (*src == ' ') { + memcpy(dest, "%20", 3); + dest += 3; + } else if ((coloncount > 1) && (*src == ':') && (src != lastcolon)) { + memcpy(dest, "%3A", 3); + dest += 3; + } else { + *dest++ = *src; + } + } else { + *dest++ = *src; + } + } + *dest = '\0'; + url_to_use = urlescaped; + } + } + } +#endif + +#if defined(HAVE_LDAP_URL_PARSE_NO_DEFAULTS) + rc = ldap_url_parse_no_defaults(url_to_use, ludpp, require_dn); + if (!rc && *ludpp && secure) { + *secure = (*ludpp)->lud_options & LDAP_URL_OPT_SECURE; + } +#else /* openldap */ +#if defined(HAVE_LDAP_URL_PARSE_EXT) && defined(LDAP_PVT_URL_PARSE_NONE) && defined(LDAP_PVT_URL_PARSE_NOEMPTY_DN) + rc = ldap_url_parse_ext(url_to_use, ludpp, require_dn ? LDAP_PVT_URL_PARSE_NONE : LDAP_PVT_URL_PARSE_NOEMPTY_DN); +#else + rc = ldap_url_parse(url_to_use, ludpp); + if ((rc || !*ludpp) && !require_dn) { /* failed - see if failure was due to missing dn */ + size_t len = strlen(url_to_use); + /* assume the url is just scheme://host:port[/] - add the empty string + as the DN (adding a trailing / first if needed) and try to parse + again + */ + char *urlcopy = PR_smprintf("%s%s%s", url_to_use, (url_to_use[len-1] == '/' ? "" : "/"), ""); + if (*ludpp) { + ldap_free_urldesc(*ludpp); /* free the old one, if any */ + } + rc = ldap_url_parse(urlcopy, ludpp); + PL_strfree(urlcopy); + urlcopy = NULL; + if (0 == rc) { /* only problem was the DN - free it */ + PL_strfree((*ludpp)->lud_dn); + (*ludpp)->lud_dn = NULL; + } + } +#endif + if (!rc && *ludpp && secure) { + *secure = (*ludpp)->lud_scheme && !strcmp((*ludpp)->lud_scheme, "ldaps"); + } +#endif /* openldap */ + +#if defined(USE_OPENLDAP) + if (urlescaped && (*ludpp) && (*ludpp)->lud_host) { + /* have to unescape lud_host - can unescape in place */ + char *p = strstr((*ludpp)->lud_host, "://"); + if (p) { + char *dest = NULL; + p += 3; + dest = p; + /* up to the first '/', unescape the host */ + for (; *p && (*p != '/'); p++) { + if (!strncmp(p, "%20", 3)) { + *dest++ = ' '; + p += 2; + } else if (!strncmp(p, "%3A", 3)) { + *dest++ = ':'; + p += 2; + } else { + *dest++ = *p; + } + } + /* just copy the remainder of the host, if any */ + while (*p) { + *dest++ = *p++; + } + *dest = '\0'; + } + } + PL_strfree(urlescaped); +#endif + return rc; +} + +/* + Perform LDAP init and return an LDAP* handle. If ldapurl is given, + that is used as the basis for the protocol, host, port, and whether + to use starttls (given on the end as ldap://..../?????starttlsOID + If hostname is given, LDAP or LDAPS is assumed, and this will override + the hostname from the ldapurl, if any. If port is > 0, this is the + port number to use. It will override the port in the ldapurl, if any. + If no port is given in port or ldapurl, the default will be used based + on the secure setting (389 for ldap, 636 for ldaps) + secure takes 1 of 2 values - 0 means regular ldap, 1 means ldaps + filename is the ldapi file name - if this is given, and no other options + are given, ldapi is assumed. + */ +LDAP * +admutil_ldap_init( + AdmldapInfo info, + const char *ldapurl, /* full ldap url */ + const char *hostname, /* can also use this to override + host in url */ + int port, /* can also use this to override port in url */ + int secure, /* 0 for ldap, 1 for ldaps */ + int shared, /* if true, LDAP* will be shared among multiple threads */ + const char *filename /* for ldapi */ +) +{ + LDAPURLDesc *ludp = NULL; + LDAP *ld = NULL; + int rc = 0; + int secureurl = 0; + int ldap_version3 = LDAP_VERSION3; + + /* if ldapurl is given, parse it */ + if (ldapurl && ((rc = admutil_ldap_url_parse(ldapurl, &ludp, 0, &secureurl)) || + !ludp)) { +#ifdef DEBUG + fprintf(stderr, "admutil_ldap_init: Could not parse given LDAP URL [%s] : error [%s]\n", + ldapurl, /* ldapurl cannot be NULL here */ + admutil_urlparse_err2string(rc)); +#endif + goto done; + } + + /* use url host if no host given */ + if (!hostname && ludp && ludp->lud_host) { + hostname = ludp->lud_host; + } + + /* use url port if no port given */ + if (!port && ludp && ludp->lud_port) { + port = ludp->lud_port; + } + + /* use secure setting from url if none given */ + if (!secure && ludp) { + if (secureurl) { + secure = 1; + } + } + +#if defined(USE_OPENLDAP) + if (ldapurl) { + rc = ldap_initialize(&ld, ldapurl); + if (rc) { +#ifdef DEBUG + fprintf(stderr, "admutil_ldap_init: Could not initialize LDAP connection to [%s]: %d:%s\n", + ldapurl, rc, ldap_err2string(rc)); +#endif + goto done; + } + } else { + char *makeurl = NULL; + if (filename) { + makeurl = PR_smprintf("ldapi://%s/", filename); + } else { /* host port */ + makeurl = convert_to_openldap_uri(hostname, port, (secure == 1 ? "ldaps" : "ldap")); + } + rc = ldap_initialize(&ld, makeurl); + if (rc) { +#ifdef DEBUG + fprintf(stderr, "admutil_ldap_init: Could not initialize LDAP connection to [%s]: %d:%s\n", + makeurl, rc, ldap_err2string(rc)); +#endif + PL_strfree(makeurl); + makeurl = NULL; + goto done; + } + PL_strfree(makeurl); + makeurl = NULL; + } +#else /* !USE_OPENLDAP */ + if (filename) { + /* ldapi in mozldap client is not yet supported */ + } else if (secure == 1) { + ld = ldapssl_init(hostname, port, secure); + } else { /* regular ldap and/or starttls */ + /* + * Leverage the libprldap layer to take care of all the NSPR + * integration. + * Note that ldapssl_init() uses libprldap implicitly. + */ + ld = prldap_init(hostname, port, shared); + } +#endif /* !USE_OPENLDAP */ + + /* must explicitly set version to 3 */ + ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &ldap_version3); + + if ((ld != NULL) && !filename) { + /* + * Set SSL strength (server certificate validity checking). + */ + if (secure > 0) { +#if defined(USE_OPENLDAP) + char *certdir = admldapGetSecurityDir(info); + int optval = 0; +#endif /* !USE_OPENLDAP */ + int ssl_strength = 0; + LDAP *myld = NULL; + + /* we can only use the set functions below with a real + LDAP* if it has already gone through ldapssl_init - + so, use NULL if using starttls */ + if (secure == 1) { + myld = ld; + } + + /* verify certificate only */ +#if defined(USE_OPENLDAP) + ssl_strength = LDAP_OPT_X_TLS_NEVER; +#else /* !USE_OPENLDAP */ + ssl_strength = LDAPSSL_AUTH_CERT; +#endif /* !USE_OPENLDAP */ + +#if defined(USE_OPENLDAP) + if ((rc = ldap_set_option(ld, LDAP_OPT_X_TLS_NEWCTX, &optval))) { +#ifdef DEBUG + fprintf(stderr, "admutil_ldap_init: " + "failed: unable to create new TLS context\n"); +#endif + } + if ((rc = ldap_set_option(ld, LDAP_OPT_X_TLS_REQUIRE_CERT, &ssl_strength))) { +#ifdef DEBUG + fprint(stderr, "admutil_ldap_init: " + "failed: unable to set REQUIRE_CERT option to %d\n", ssl_strength); +#endif + } + /* tell it where our cert db is */ + if ((rc = ldap_set_option(ld, LDAP_OPT_X_TLS_CACERTDIR, certdir))) { +#ifdef DEBUG + fprintf(stderr, "admutil_ldap_init: " + "failed: unable to set CACERTDIR option to %s\n", certdir); +#endif + } + PL_strfree(certdir); + certdir = NULL; +#if defined(LDAP_OPT_X_TLS_PROTOCOL_MIN) + optval = LDAP_OPT_X_TLS_PROTOCOL_SSL3; + if ((rc = ldap_set_option(ld, LDAP_OPT_X_TLS_PROTOCOL_MIN, &optval))) { +#ifdef DEBUG + fprintf(stderr, "admutil_ldap_init: " + "failed: unable to set minimum TLS protocol level to SSL3\n"); +#endif + } +#endif /* LDAP_OPT_X_TLS_PROTOCOL_MIN */ +#else /* !USE_OPENLDAP */ + if ((rc = ldapssl_set_strength(myld, ssl_strength)) || + (rc = ldapssl_set_option(myld, SSL_ENABLE_SSL2, PR_FALSE)) || + (rc = ldapssl_set_option(myld, SSL_ENABLE_SSL3, PR_TRUE)) || + (rc = ldapssl_set_option(myld, SSL_ENABLE_TLS, PR_TRUE))) { + int prerr = PR_GetError(); + +#ifdef DEBUG + fprintf(stderr, "admutil_ldap_init: " + "failed: unable to set SSL options (" + "error %d - %s)\n", + prerr, PR_ErrorToString(prerr, PR_LANGUAGE_I_DEFAULT)); +#endif + } + if (secure == 1) { + /* tell bind code we are using SSL */ + ldap_set_option(ld, LDAP_OPT_SSL, LDAP_OPT_ON); + } +#endif /* !USE_OPENLDAP */ + } + } + +#ifdef DEBUG + fprintf(stderr, "admutil_ldap_init: " + "Success: set up conn to [%s:%d]%s\n", + hostname, port, + secure ? " using TLS/SSL" : ""); +#endif +done: + ldap_free_urldesc(ludp); + + return( ld ); +} + +static int +admutil_ldap_get_lderrno(LDAP *ld, char **m, char **s) +{ + int rc = LDAP_SUCCESS; + +#if defined(USE_OPENLDAP) + ldap_get_option(ld, LDAP_OPT_RESULT_CODE, &rc); + if (m) { + ldap_get_option(ld, LDAP_OPT_MATCHED_DN, m); + } + if (s) { +#ifdef LDAP_OPT_DIAGNOSTIC_MESSAGE + ldap_get_option(ld, LDAP_OPT_DIAGNOSTIC_MESSAGE, s); +#else + ldap_get_option(ld, LDAP_OPT_ERROR_STRING, s); +#endif + } +#else /* !USE_OPENLDAP */ + rc = ldap_get_lderrno( ld, m, s ); +#endif + return rc; +} + +#ifndef LDAP_SASL_EXTERNAL +#define LDAP_SASL_EXTERNAL "EXTERNAL" /* TLS/SSL extension */ +#endif + +/* + * Does the correct bind operation simple/sasl/cert depending + * on the arguments passed in. + */ +int +admutil_ldap_bind( + LDAP *ld, /* ldap connection */ + const char *bindid, /* usually a bind DN for simple bind */ + const char *creds, /* usually a password for simple bind */ + const char *mech, /* name of mechanism */ + LDAPControl **serverctrls, /* additional controls to send */ + LDAPControl ***returnedctrls, /* returned controls */ + struct timeval *timeout, /* timeout */ + int *msgidp /* pass in non-NULL for async handling */ +) +{ + int rc = LDAP_SUCCESS; + int secure = 0; + struct berval bvcreds = {0, NULL}; + LDAPMessage *result = NULL; + struct berval *servercredp = NULL; +#if defined(USE_OPENLDAP) + /* openldap doesn't have a SSL/TLS yes/no flag - so grab the + ldapurl, parse it, and see if it is a secure one */ + char *ldapurl = NULL; + + ldap_get_option(ld, LDAP_OPT_URI, &ldapurl); + if (ldapurl && !PL_strncasecmp(ldapurl, "ldaps", 5)) { + secure = 1; + } + PL_strfree(ldapurl); + ldapurl = NULL; +#else /* !USE_OPENLDAP */ + ldap_get_option(ld, LDAP_OPT_SSL, &secure); +#endif + +#ifdef EXTERNAL_AUTH_SUPPORTED + if (secure && mech && !strcmp(mech, LDAP_SASL_EXTERNAL)) { + /* SSL connections will use the server's security context + and cert for client auth */ + rc = slapd_SSL_client_auth(ld); + + if (rc != 0) { +#ifdef DEBUG + fprintf(stderr, "admutil_ldap_bind: " + "Error: could not configure the server for cert " + "auth - error %d - make sure the server is " + "correctly configured for SSL/TLS\n", rc); +#endif + goto done; + } else { +#ifdef DEBUG + fprintf(stderr, "admutil_ldap_bind: " + "Set up conn to use client auth\n"); +#endif + } + bvcreds.bv_val = NULL; /* ignore username and passed in creds */ + bvcreds.bv_len = 0; /* for external auth */ + bindid = NULL; + } else { /* other type of auth */ +#endif /* EXTERNAL_AUTH_SUPPORTED */ + bvcreds.bv_val = (char *)creds; + bvcreds.bv_len = creds ? strlen(creds) : 0; +#ifdef EXTERNAL_AUTH_SUPPORTED + } +#endif /* EXTERNAL_AUTH_SUPPORTED */ + + /* The connection has been set up - now do the actual bind, depending on + the mechanism and arguments */ + if (!mech || (mech == LDAP_SASL_SIMPLE) || + !strcmp(mech, LDAP_SASL_EXTERNAL)) { + int mymsgid = 0; +#ifdef DEBUG + fprintf(stderr, "admutil_ldap_bind: " + "attempting %s bind with id [%s] creds [%s]\n", + mech ? mech : "SIMPLE", + bindid, creds); +#endif + if ((rc = ldap_sasl_bind(ld, bindid, mech, &bvcreds, serverctrls, + NULL /* clientctrls */, &mymsgid))) { +#ifdef DEBUG + fprintf(stderr, "admutil_ldap_bind: " + "Error: could not send bind request for id " + "[%s] mech [%s]: error %d (%s) %d (%s) %d (%s)\n", + bindid ? bindid : "(anon)", + mech ? mech : "SIMPLE", + rc, ldap_err2string(rc), + PR_GetError(), PR_ErrorToString(PR_GetError(), PR_LANGUAGE_I_DEFAULT), + errno, strerror(errno)); +#endif + goto done; + } + + if (msgidp) { /* let caller process result */ + *msgidp = mymsgid; + } else { /* process results */ + rc = ldap_result(ld, mymsgid, LDAP_MSG_ALL, timeout, &result); + if (-1 == rc) { /* error */ + rc = admutil_ldap_get_lderrno(ld, NULL, NULL); +#ifdef DEBUG + fprintf(stderr, "admutil_ldap_bind: " + "Error reading bind response for id " + "[%s] mech [%s]: error %d (%s)\n", + bindid ? bindid : "(anon)", + mech ? mech : "SIMPLE", + rc, ldap_err2string(rc)); +#endif + goto done; + } else if (rc == 0) { /* timeout */ + rc = LDAP_TIMEOUT; +#ifdef DEBUG + fprintf(stderr, "admutil_ldap_bind: " + "Error: timeout after [%ld.%ld] seconds reading " + "bind response for [%s] mech [%s]\n", + timeout ? timeout->tv_sec : 0, + timeout ? timeout->tv_usec : 0, + bindid ? bindid : "(anon)", + mech ? mech : "SIMPLE"); +#endif + goto done; + } + /* if we got here, we were able to read success result */ + /* Get the controls sent by the server if requested */ + if (returnedctrls) { + if ((rc = ldap_parse_result(ld, result, &rc, NULL, NULL, + NULL, returnedctrls, + 0)) != LDAP_SUCCESS) { +#ifdef DEBUG + fprintf(stderr, "admutil_ldap_bind: " + "Error: could not bind id " + "[%s] mech [%s]: error %d (%s)\n", + bindid ? bindid : "(anon)", + mech ? mech : "SIMPLE", + rc, ldap_err2string(rc)); +#endif + goto done; + } + } + + /* parse the bind result and get the ldap error code */ + if ((rc = ldap_parse_sasl_bind_result(ld, result, &servercredp, + 0))) { + rc = admutil_ldap_get_lderrno(ld, NULL, NULL); +#ifdef DEBUG + fprintf(stderr, "admutil_ldap_bind: " + "Error: could not read bind results for id " + "[%s] mech [%s]: error %d (%s)\n", + bindid ? bindid : "(anon)", + mech ? mech : "SIMPLE", + rc, ldap_err2string(rc)); +#endif + goto done; + } + } + } else { + rc = -1; +#ifdef SASL_AUTH_SUPPORTED + /* a SASL mech */ + rc = slapd_ldap_sasl_interactive_bind(ld, bindid, creds, mech, + serverctrls, returnedctrls, + msgidp); + if (LDAP_SUCCESS != rc) { +#ifdef DEBUG + fprintf(stderr, "admutil_ldap_bind: " + "Error: could not perform interactive bind for id " + "[%s] mech [%s]: error %d (%s)\n", + bindid ? bindid : "(anon)", + mech, /* mech cannot be SIMPLE here */ + rc, ldap_err2string(rc)); +#endif + } +#endif /* SASL_AUTH_SUPPORTED */ + } + +done: + ber_bvfree(servercredp); + ldap_msgfree(result); + + return rc; +} + +/* + emacs settings + Local Variables: + c-basic-offset: 2 + End: +*/ diff --git a/lib/libadminutil/admutil_pvt.h b/lib/libadminutil/admutil_pvt.h index eded923..c242774 100644 --- a/lib/libadminutil/admutil_pvt.h +++ b/lib/libadminutil/admutil_pvt.h @@ -17,6 +17,13 @@ * License along with this library; if not, write to the Free Software * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA * END COPYRIGHT BLOCK **/ +/* + * These interfaces are private to admutil.c - these interfaces should + * not be used by other files + * For interfaces implemented by admutil that are to be shared internally + * among files in adminutil, but should not be part of the public api, + * use admutil-int.h + */ #ifndef __ADMUTIL_PVT_H__ #define __ADMUTIL_PVT_H__ @@ -24,15 +31,7 @@ #include <sys/types.h> #include <sys/stat.h> #include <libadminutil/admutil.h> - -/* - * utility function for copy/free string array - */ -PR_IMPLEMENT(char**) -admutil_strsdup(char** orig); - -PR_IMPLEMENT(void) -admutil_strsFree(char** target); +#include "libadminutil/admutil-int.h" /* * utility function for compare timestamp @@ -45,113 +44,6 @@ timecmp(char* ldapTime, time_t *cacheTime); * Utility for convert dn to/from attribute name */ -char* -dn2AttrName(char* dn, char* rootDN); - -char* -attrName2dn(char* attrName, char* rootDN); - -/* - * List related data structure and method - */ -typedef struct _ListNode { - char* name; - void* val; - int dflag; - struct _ListNode *next; -} ListNode, *ListNodePtr; - -ListNodePtr -createListNode(char* name, void *val, int dflag); - -ListNodePtr -listFindNode(ListNodePtr list, char* name); - -void* -listGetValue(ListNodePtr list, char* name); - -int -listCount(ListNodePtr list); - -ListNodePtr -listCat(ListNodePtr list1, ListNodePtr list2); - -ListNodePtr -listAppend(ListNodePtr list, char* name, void* val,int dflag); - -ListNodePtr -listAdd(ListNodePtr list, char* name, void* val, int dflag); - -ListNodePtr -listDelete(ListNodePtr list, char* name); - -void -listDestroy(ListNodePtr list); - -/* Some utilities which use list */ -AttributeList -nvlistConvert(ListNodePtr list); - -void -nvlistDestroy(ListNodePtr list); - -ListNodePtr -createUpdateList(AttributeList nvl); - -void -destroyUpdateList(ListNodePtr); - - -/* - * Binary Tree related data structure and methods - */ -typedef struct _TreeNode { - char* name; - ListNodePtr val; - struct _TreeNode *left, *right; -} TreeNode, *TreeNodePtr; - -TreeNodePtr -createTreeNode(char* name, char* val); - -int -treeCount(TreeNodePtr root); - -TreeNodePtr -treeFindNode(TreeNodePtr node, char* name); - -ValueType -treeFindValue(TreeNodePtr root, char* name); - -char* -treeFindValueAt(TreeNodePtr root, char* name, int index); - -TreeNodePtr -treeAddNode(TreeNodePtr node, TreeNodePtr newNode); - -TreeNodePtr -treeAddValue(TreeNodePtr node, char* val); - -TreeNodePtr -treeAddNameValue(TreeNodePtr node, char* name, char* val); - -int -treeRemoveNode(TreeNodePtr node, char* name, int* removeFlag); - -void -treeRemoveTree(TreeNodePtr node); - -ListNodePtr -treeBuildAttrList(char* nodeName, TreeNodePtr node); - -void -treeExport(FILE *fstream, char* parentString, TreeNodePtr node); - -TreeNodePtr -treeImport(FILE *fstream, int* errorcode); - - - /* * AdmldapInfo Data */ @@ -167,21 +59,7 @@ typedef struct _AdmldapHdnl { char *sieDN; char *userDN; char *passwd; -} AdmldapHdnl, *AdmldapHdnlPtr; - -/* - * LDAPMod related utility functions - */ -LDAPMod* -createSingleValMod( char* namep, char* value, int mode); - -LDAPMod* -createMod( char* namep, ValueType values, int mode); - -void -deleteMod(LDAPMod* mod); - -void -deleteMods(LDAPMod** mods); + int secure; +} AdmldapHdnl; #endif /* __ADMUTIL_PVT_H__ */ diff --git a/lib/libadminutil/form_post.c b/lib/libadminutil/form_post.c index 203a1b6..cbe5299 100644 --- a/lib/libadminutil/form_post.c +++ b/lib/libadminutil/form_post.c @@ -28,6 +28,34 @@ #include <string.h> #include "libadminutil/admutil.h" #include "dbtadmutil.h" +#if defined(USE_OPENLDAP) +#include <unicode/utf8.h> +static char * +my_ldap_utf8inc(char *s) { + int utf8index = 0; + UChar32 utf8char = 0; + U8_NEXT_UNSAFE(s,utf8index,utf8char); + return s + utf8index; +} + +static int +my_ldap_utf8copy(char *d, const char *s) { + int utf8index = 0; + UChar32 utf8char = 0; + + U8_GET_UNSAFE(s,0,utf8char); + U8_APPEND_UNSAFE(d,utf8index,utf8char); + return utf8index; +} + +#ifndef LDAP_UTF8INC +#define LDAP_UTF8INC(s) ((0x80 & *(unsigned char*)(s)) ? s = my_ldap_utf8inc(s) : ++s) +#endif +#ifndef LDAP_UTF8COPY +#define LDAP_UTF8COPY(d,s) ((0x80 & *(unsigned char*)(s)) ? my_ldap_utf8copy(d,s) : ((*(d) = *(s)), 1)) +#endif + +#endif /* USE_OPENLDAP */ extern Resource *admutil_i18nResource; extern char *admutil_acceptLang; diff --git a/lib/libadminutil/psetc.c b/lib/libadminutil/psetc.c index 8b441fd..e0ede60 100644 --- a/lib/libadminutil/psetc.c +++ b/lib/libadminutil/psetc.c @@ -33,7 +33,6 @@ #include "libadminutil/distadm.h" #include "libadminutil/srvutil.h" #include "dbtadmutil.h" -#include <ldap_ssl.h> #ifdef XP_WIN32 #define strcasecmp stricmp @@ -92,22 +91,6 @@ find_file_in_paths( return retval; } -static int LDAP_CALL LDAP_CALLBACK -pset_ldap_rebind_proc (LDAP *ld, char **whop, char **passwdp, - int *authmethodp, int freeit, void *arg) -{ - PsetPtr pset = (PsetPtr)arg; - - if (freeit == 0) { - *whop = pset->binddn; - *passwdp = pset->bindpw; - *authmethodp = LDAP_AUTH_SIMPLE; - } - - return LDAP_SUCCESS; -} - - /* * PsetNode related data structure and methods */ @@ -166,7 +149,7 @@ psetDeletePtr(PsetPtr psetp) if (psetp->info) psetNodeDestroy(psetp->info); if (psetp->ldapFilter) PR_Free(psetp->ldapFilter); if (psetp->ldunbindf) { - if (psetp->ld) ldap_unbind(psetp->ld); + if (psetp->ld) ldap_unbind_ext(psetp->ld, NULL, NULL); } if (psetp->configFile) PR_Free(psetp->configFile); if (psetp->sieDN) PR_Free(psetp->sieDN); @@ -199,9 +182,10 @@ psetNodeLDAPDestroy(PsetNodePtr target, LDAP *ld) if (ld) { nodeDN = ldap_get_dn(ld, target->attrLDAP); if (nodeDN) { - if ( (ldaperror = ldap_delete_s(ld, nodeDN)) != LDAP_SUCCESS ) { + if ( (ldaperror = ldap_delete_ext_s(ld, nodeDN, NULL, NULL)) != LDAP_SUCCESS ) { #ifdef LDAP_DEBUG - ldap_perror( ld, "ldap_delete_s" ); + fprintf(stderr, "ldap_delete_s [%s] error %d:%s\n", + nodeDN, ldaperror, ldap_err2string(ldaperror)); #endif ldap_memfree(nodeDN); /* Well, the destructor CAN NOT return status */ @@ -399,7 +383,7 @@ psetNodeFindNode(PsetNodePtr nodePtr, LDAP *ld, char *name, int* nodeFlag, int nameLen; PsetNodePtr result; char *attrName; - char **vals; + struct berval **vals; *errorcode = PSET_OP_OK; *nodeFlag = 1; @@ -442,8 +426,8 @@ psetNodeFindNode(PsetNodePtr nodePtr, LDAP *ld, char *name, int* nodeFlag, attrName = name+nodeNameLen; if (*attrName == '.') attrName++; if (nodePtr->attrLDAP) { - if ((vals = ldap_get_values(ld, nodePtr->attrLDAP, attrName)) != NULL ) { - ldap_value_free(vals); + if ((vals = ldap_get_values_len(ld, nodePtr->attrLDAP, attrName)) != NULL ) { + ldap_value_free_len(vals); *nodeFlag = 0; return nodePtr; } @@ -466,15 +450,15 @@ psetNodeFindNode(PsetNodePtr nodePtr, LDAP *ld, char *name, int* nodeFlag, ValueType psetNodeFindValue(PsetNodePtr nodePtr, LDAP *ld, char *name, int* errorcode) { - char **vals; + struct berval **vals; ValueType val; *errorcode = PSET_OP_OK; if (nodePtr->attrLDAP) { - if (( vals = ldap_get_values(ld, nodePtr->attrLDAP, name )) != NULL ) { - val = admutil_strsdup(vals); - ldap_value_free(vals); + if (( vals = ldap_get_values_len(ld, nodePtr->attrLDAP, name )) != NULL ) { + val = admutil_strsdup_berval(vals); + ldap_value_free_len(vals); return val; } /* ldap value not available */ @@ -482,9 +466,9 @@ psetNodeFindValue(PsetNodePtr nodePtr, LDAP *ld, char *name, int* errorcode) return NULL; } else if (nodePtr->attrFile) { - vals = treeFindValue(nodePtr->attrFile, name); + val = treeFindValue(nodePtr->attrFile, name); - if (vals) return vals; + if (val) return val; /* No value available in local cache */ *errorcode = PSET_NO_VALUE; @@ -573,7 +557,7 @@ psetNodeGetAll(PsetNodePtr psetNode, LDAP *ld, int deep, int* errorcode) { BerElement *ber; NameType attrName; - char **vals; + struct berval **vals; ListNodePtr resultList=NULL, tmpList, node; char wholeName[PATH_MAX]; @@ -590,16 +574,16 @@ psetNodeGetAll(PsetNodePtr psetNode, LDAP *ld, int deep, int* errorcode) strcmp( attrName, "createtimestamp") && strcmp( attrName, "modifytimestamp") && strcmp( attrName, "modifiersname" )) { - if ((vals = ldap_get_values(ld, psetNode->attrLDAP, attrName)) != + if ((vals = ldap_get_values_len(ld, psetNode->attrLDAP, attrName)) != NULL) { if (psetNode->attrName[0] == '\0') PR_snprintf(wholeName, sizeof(wholeName), "%s", attrName); else PR_snprintf(wholeName, sizeof(wholeName), "%s.%s", psetNode->attrName, attrName); - if (vals[0] && *(vals[0]) != '\0') { + if (vals[0] && vals[0]->bv_len && vals[0]->bv_val && *(vals[0]->bv_val) != '\0') { node = createListNode(wholeName, - (void*)(admutil_strsdup(vals)), + (void*)(admutil_strsdup_berval(vals)), 0); } else { @@ -607,7 +591,7 @@ psetNodeGetAll(PsetNodePtr psetNode, LDAP *ld, int deep, int* errorcode) } if (!resultList) resultList = node; else listCat(resultList, node); - ldap_value_free( vals ); + ldap_value_free_len( vals ); } } ldap_memfree(attrName); @@ -639,7 +623,7 @@ psetNodeGetAllACI(PsetNodePtr psetNode, LDAP *ld, int deep, int* errorcode) { BerElement *ber; NameType attrName; - char **vals; + struct berval **vals; ListNodePtr resultList=NULL, tmpList, node; char wholeName[PATH_MAX]; @@ -655,16 +639,16 @@ psetNodeGetAllACI(PsetNodePtr psetNode, LDAP *ld, int deep, int* errorcode) strcmp( attrName, "createtimestamp") && strcmp( attrName, "modifytimestamp") && strcmp( attrName, "modifiersname" )) { - if ((vals = ldap_get_values(ld, psetNode->attrLDAP, attrName)) != + if ((vals = ldap_get_values_len(ld, psetNode->attrLDAP, attrName)) != NULL) { if (psetNode->attrName[0] == '\0') PR_snprintf(wholeName, sizeof(wholeName), "%s", attrName); else PR_snprintf(wholeName, sizeof(wholeName), "%s.%s", psetNode->attrName, attrName); - if (vals[0] && *(vals[0]) != '\0') { + if (vals[0] && vals[0]->bv_len && vals[0]->bv_val && *(vals[0]->bv_val) != '\0') { node = createListNode(wholeName, - (void*)(admutil_strsdup(vals)), + (void*)(admutil_strsdup_berval(vals)), 0); } else { @@ -672,7 +656,7 @@ psetNodeGetAllACI(PsetNodePtr psetNode, LDAP *ld, int deep, int* errorcode) } if (!resultList) resultList = node; else listCat(resultList, node); - ldap_value_free( vals ); + ldap_value_free_len( vals ); } } ldap_memfree(attrName); @@ -711,9 +695,10 @@ psetNodeLDAPUpdate(PsetNodePtr nodePtr, LDAP *ld, char* ldFilter, LDAPMod **mods if (!nodeDN) return PSET_OP_FAIL; - if ( (ldaperror = ldap_modify_s(ld, nodeDN, mods)) != LDAP_SUCCESS ) { + if ( (ldaperror = ldap_modify_ext_s(ld, nodeDN, mods, NULL, NULL)) != LDAP_SUCCESS ) { #ifdef LDAP_DEBUG - ldap_perror( ld, "ldap_modify_s" ); + fprintf(stderr, "ldap_modify_s: [%s] error %d:%s\n", + nodeDN, ldaperror, ldap_err2string(ldaperror)); #endif ldap_memfree(nodeDN); if (ldaperror == LDAP_INSUFFICIENT_ACCESS) return PSET_ACCESS_FAIL; @@ -724,11 +709,12 @@ psetNodeLDAPUpdate(PsetNodePtr nodePtr, LDAP *ld, char* ldFilter, LDAPMod **mods if (ldFilter) filter = ldFilter; else filter = "(objectclass=*)"; - if ((ldaperror = ldap_search_s(ld, nodeDN, LDAP_SCOPE_BASE, - filter, NULL, 0, &result)) + if ((ldaperror = ldap_search_ext_s(ld, nodeDN, LDAP_SCOPE_BASE, + filter, NULL, 0, NULL, NULL, NULL, -1, &result)) != LDAP_SUCCESS ) { #ifdef LDAP_DEBUG - ldap_perror(ld, "ldap_search_s" ); + fprintf(stderr, "ldap_search_s: [%s:%s] error %d:%s\n", + nodeDN, filter, ldaperror, ldap_err2string(ldaperror)); #endif ldap_memfree(nodeDN); if (ldaperror == LDAP_INSUFFICIENT_ACCESS) return PSET_ACCESS_FAIL; @@ -812,11 +798,12 @@ psetLDAPRefresh(PsetPtr pset) if (pset->ldapFilter) filter = pset->ldapFilter; else filter = "(objectclass=*)"; - if ((ldaperror = ldap_search_s(pset->ld, pset->sieDN, LDAP_SCOPE_SUBTREE, - filter, NULL, 0, &result)) + if ((ldaperror = ldap_search_ext_s(pset->ld, pset->sieDN, LDAP_SCOPE_SUBTREE, + filter, NULL, 0, NULL, NULL, NULL, -1, &result)) != LDAP_SUCCESS ) { #ifdef LDAP_DEBUG - ldap_perror( pset->ld, "ldap_search_s" ); + fprintf(stderr, "ldap_search_s: [%s:%s] error %d:%s\n", + pset->sieDN, filter, ldaperror, ldap_err2string(ldaperror)); #endif ldap_msgfree(result); if (ldaperror == LDAP_INSUFFICIENT_ACCESS) return PSET_ACCESS_FAIL; @@ -1380,7 +1367,7 @@ psetCreate(char* serverID, char* configRoot, char* user, char* passwd, *errorcode = PSET_ENV_ERR; } - pset = psetRealCreate(ldapHost, ldapPort, sieDN, userDN, bindPasswd, path, + pset = psetRealCreate(ldapInfo, ldapHost, ldapPort, sieDN, userDN, bindPasswd, path, errorcode); done: PR_Free(ldapHost); @@ -1400,11 +1387,11 @@ done: PR_IMPLEMENT(PsetHndl) -psetRealCreate(char* ldapHost, int ldapPort, char* sieDN, char* userDN, +psetRealCreate(AdmldapInfo ldapInfo, char* ldapHost, int ldapPort, char* sieDN, char* userDN, char* passwd, char* configFile, int* errorcode) { - return psetRealLDAPImport(NULL, ldapHost, ldapPort, sieDN, userDN, + return psetRealLDAPImport(ldapInfo, NULL, ldapHost, ldapPort, sieDN, userDN, passwd, configFile, NULL, errorcode); } @@ -1432,7 +1419,7 @@ psetFileCreate(char* configFile, char* filter, int* errorcode) } PR_IMPLEMENT(PsetHndl) -psetRealLDAPImport(PsetHndl pseth, char* ldapHost, int ldapPort, char* sieDN, +psetRealLDAPImport(AdmldapInfo ldapInfo, PsetHndl pseth, char* ldapHost, int ldapPort, char* sieDN, char* userDN, char* passwd, char* cacheFile, char* filter, int* errorcode) { @@ -1447,9 +1434,9 @@ psetRealLDAPImport(PsetHndl pseth, char* ldapHost, int ldapPort, char* sieDN, } if (NULL != passwd) { - ld = ldap_init(ldapHost, ldapPort); + ld = admutil_ldap_init(ldapInfo, NULL, ldapHost, ldapPort, 0, 0, NULL); /* authenticate to LDAP server*/ - if ((ldapError = ldap_simple_bind_s(ld, userDN, passwd)) + if ((ldapError = admutil_ldap_bind(ld, userDN, passwd, LDAP_SASL_SIMPLE, NULL, NULL, NULL, NULL)) != LDAP_SUCCESS ) { switch (ldapError) { case LDAP_INAPPROPRIATE_AUTH: @@ -1457,20 +1444,21 @@ psetRealLDAPImport(PsetHndl pseth, char* ldapHost, int ldapPort, char* sieDN, case LDAP_INSUFFICIENT_ACCESS: /* authenticate failed: Should not continue */ #ifdef LDAP_DEBUG - ldap_perror( ld, "ldap_simple_bind_s" ); + fprintf(stderr, "ldap_bind: [%s] error %d:%s\n", + userDN, ldapError, ldap_err2string(ldapError)); #endif - ldap_unbind(ld); + ldap_unbind_ext(ld, NULL, NULL); *errorcode = PSET_AUTH_FAIL; return pset; case LDAP_NO_SUCH_OBJECT: case LDAP_ALIAS_PROBLEM: case LDAP_INVALID_DN_SYNTAX: /* Not a good DN */ - ldap_unbind(ld); + ldap_unbind_ext(ld, NULL, NULL); *errorcode = PSET_ENTRY_NOT_EXIST; return pset; default: - ldap_unbind(ld); + ldap_unbind_ext(ld, NULL, NULL); unbindF = 0; ld = NULL; } @@ -2054,6 +2042,8 @@ psetAddEntry(PsetHndl pseth, NameType parent, NameType name, errorCode = PSET_OP_OK; if (pset->ld) { + int adderr; + dn = attrName2dn(absAttrName, pset->sieDN); /* Build initial list */ @@ -2084,15 +2074,16 @@ psetAddEntry(PsetHndl pseth, NameType parent, NameType name, mods[i++] = createMod(nv->attrName, nv->attrVal, 0); mods[i] = NULL; - if ( ldap_add_s (pset->ld, dn, mods) == LDAP_SUCCESS ) { + if ( (adderr = ldap_add_ext_s (pset->ld, dn, mods, NULL, NULL)) == LDAP_SUCCESS ) { /* Refresh this node */ if (pset->ldapFilter) filter = pset->ldapFilter; else filter = "(objectclass=*)"; - if ((ldaperror = ldap_search_s(pset->ld, dn, LDAP_SCOPE_BASE, - filter, NULL, 0, &result)) + if ((ldaperror = ldap_search_ext_s(pset->ld, dn, LDAP_SCOPE_BASE, + filter, NULL, 0, NULL, NULL, NULL, -1, &result)) != LDAP_SUCCESS ) { #ifdef LDAP_DEBUG - ldap_perror(pset->ld, "ldap_search_s" ); + fprintf(stderr, "ldap_search_s: [%s:%s] error %d:%s\n", + dn, filter, ldaperror, ldap_err2string(ldaperror)); #endif if (ldaperror == LDAP_INSUFFICIENT_ACCESS) return PSET_ACCESS_FAIL; return PSET_SYSTEM_ERR; @@ -2112,7 +2103,8 @@ psetAddEntry(PsetHndl pseth, NameType parent, NameType name, } else { #ifdef LDAP_DEBUG - ldap_perror(pset->ld, "ldap_add_s"); + fprintf(stderr, "ldap_add_s: [%s] error %d:%s\n", + dn, adderr, ldap_err2string(adderr)); #endif errorCode = PSET_OP_FAIL; } @@ -2359,6 +2351,34 @@ psetErrorString(int errorNum, char* lang, char *buffer, size_t bufsize, int *rc) return PL_strdup(errorStr); } +#if defined(USE_OPENLDAP) +static int +pset_ldap_rebind_proc( + LDAP *ld, LDAP_CONST char *url, + ber_tag_t request, ber_int_t msgid, + void *arg) +{ + PsetPtr pset = (PsetPtr)arg; + + return admutil_ldap_bind(ld, pset->binddn, pset->bindpw, LDAP_SASL_SIMPLE, NULL, NULL, NULL, NULL); +} +#else /* NOT OPENLDAP */ +static int +pset_ldap_rebind_proc (LDAP *ld, char **whop, char **passwdp, + int *authmethodp, int freeit, void *arg) +{ + PsetPtr pset = (PsetPtr)arg; + + if (freeit == 0) { + *whop = pset->binddn; + *passwdp = pset->bindpw; + *authmethodp = LDAP_AUTH_SIMPLE; + } + + return LDAP_SUCCESS; +} +#endif /* OPENLDAP */ + /* Setting up LDAP referal */ PR_IMPLEMENT(int) psetSetLDAPReferalInfo(PsetHndl pseth, char* userDN, char* passwd) @@ -2618,3 +2638,10 @@ psetReplicateSIE(PsetHndl source, PsetHndl dest, char *source_groupDN, char *des return rv; } + +/* + emacs settings + Local Variables: + c-basic-offset: 2 + End: +*/ diff --git a/lib/libadminutil/psetc_pvt.h b/lib/libadminutil/psetc_pvt.h index 9d12300..494eaf1 100644 --- a/lib/libadminutil/psetc_pvt.h +++ b/lib/libadminutil/psetc_pvt.h @@ -24,7 +24,8 @@ #include <sys/types.h> #include <sys/stat.h> #include <libadminutil/psetc.h> -#include "admutil_pvt.h" +#include "libadminutil/admutil.h" +#include "libadminutil/admutil-int.h" /* * PsetNode related data structure and methods @@ -131,6 +132,8 @@ typedef struct _Pset { /* real info */ PsetNodePtr info; + AdmldapInfo admInfo; + } Pset, *PsetPtr; diff --git a/lib/libadminutil/srvutil.c b/lib/libadminutil/srvutil.c index f668bc3..1b963e3 100644 --- a/lib/libadminutil/srvutil.c +++ b/lib/libadminutil/srvutil.c @@ -20,7 +20,7 @@ #include <string.h> #include <libadminutil/srvutil.h> -#include "admutil_pvt.h" +#include "libadminutil/admutil-int.h" #ifdef XP_WIN32 #define strcasecmp stricmp @@ -65,7 +65,7 @@ getServerDNList(AdmldapInfo info) /* Use domainDN to create a pset */ host = admldapGetHost(info); siepwd = admldapGetSIEPWD(info); - domainPset = psetRealCreate(host, + domainPset = psetRealCreate(info, host, admldapGetPort(info), domainDN, sie, @@ -172,7 +172,7 @@ getInstalledServerDNList(AdmldapInfo info) host = admldapGetHost(info); sie = admldapGetSIEDN(info); siepwd = admldapGetSIEPWD(info); - domainPset = psetRealCreate(host, + domainPset = psetRealCreate(info, host, admldapGetPort(info), domainDN, sie, diff --git a/lib/libadminutil/uginfo.c b/lib/libadminutil/uginfo.c index 73eee8c..926f302 100644 --- a/lib/libadminutil/uginfo.c +++ b/lib/libadminutil/uginfo.c @@ -23,7 +23,7 @@ #include <stdlib.h> #include <ctype.h> #include <ldap.h> -#include "admutil_pvt.h" +#include "libadminutil/admutil-int.h" #include "libadminutil/psetc.h" #ifdef XP_WIN32 @@ -36,9 +36,8 @@ admldapCreateLDAPHndl(AdmldapInfo info, char *targetDN, int *error_code) { char *sieDN = NULL; char *resultDN = NULL; - AdmldapHdnlPtr hndl = (AdmldapHdnlPtr)info; - if (!hndl) { *error_code = UG_EMPTY_LDAPINFO; return NULL; } + if (!info) { *error_code = UG_EMPTY_LDAPINFO; return NULL; } *error_code = UG_OP_OK; if (targetDN) resultDN = PL_strdup(targetDN); @@ -46,7 +45,7 @@ admldapCreateLDAPHndl(AdmldapInfo info, char *targetDN, int *error_code) /* No target DN given, try to figure it out */ if (!sieDN) sieDN = admldapGetSIEDN(info); if (sieDN) { - resultDN = PR_smprintf("cn=configuration, %s", sieDN); + resultDN = PR_smprintf("cn=configuration,%s", sieDN); } else { *error_code = UG_NO_TARGETDN; @@ -61,12 +60,12 @@ admldapGetUserDirectoryInfo(LDAP *ld, char* targetDN, char** directoryURL, char** bindDN, char** bindPassword, char** directoryInfoRef, int* error_code) { - int ldaperror; - LDAPMessage *e, *result; - char **directoryURLVals = NULL, - **bindDNVals = NULL, - **bindPasswordVals = NULL, - **directoryInfoRefVals = NULL; + int ldaperror; + LDAPMessage *e, *result; + struct berval **directoryURLVals = NULL, + **bindDNVals = NULL, + **bindPasswordVals = NULL, + **directoryInfoRefVals = NULL; *error_code = UG_OP_OK; *directoryURL = NULL; @@ -77,17 +76,18 @@ admldapGetUserDirectoryInfo(LDAP *ld, char* targetDN, char** directoryURL, if (!ld) { *error_code = UG_NULL_LDAP; return 0; } if (!targetDN) { *error_code = UG_NULL_DN; return 0; } - if ((ldaperror = ldap_search_s(ld, - targetDN, - LDAP_SCOPE_BASE, - "(objectclass=nsDirectoryInfo)", - NULL, - 0, - &result)) + if ((ldaperror = ldap_search_ext_s(ld, + targetDN, + LDAP_SCOPE_BASE, + "(objectclass=nsDirectoryInfo)", + NULL, + 0, NULL, NULL, NULL, -1, + &result)) != LDAP_SUCCESS ) { ldap_msgfree(result); #ifdef LDAP_DEBUG - ldap_perror(ld, "ldap_search_s"); + fprintf(stderr, "ldap_search_s: [%s:%s] error %d:%s\n", + targetDN, "(objectclass=nsDirectoryInfo)", ldaperror, ldap_err2string(ldaperror)); #endif if (ldaperror == LDAP_INSUFFICIENT_ACCESS || ldaperror == LDAP_INAPPROPRIATE_AUTH) { @@ -110,48 +110,51 @@ admldapGetUserDirectoryInfo(LDAP *ld, char* targetDN, char** directoryURL, } e = ldap_first_entry(ld, result); - directoryURLVals = ldap_get_values(ld, e, "nsDirectoryURL"); - bindDNVals = ldap_get_values(ld, e, "nsBindDN"); - bindPasswordVals = ldap_get_values(ld, e, "nsBindPassword"); - directoryInfoRefVals = ldap_get_values(ld, e, "nsDirectoryInfoRef"); + directoryURLVals = ldap_get_values_len(ld, e, "nsDirectoryURL"); + bindDNVals = ldap_get_values_len(ld, e, "nsBindDN"); + bindPasswordVals = ldap_get_values_len(ld, e, "nsBindPassword"); + directoryInfoRefVals = ldap_get_values_len(ld, e, "nsDirectoryInfoRef"); - if (directoryURLVals) { - char **s; + if (directoryURLVals && directoryURLVals[0]) { + struct berval **s; char buffer[1024]; - s = ldap_get_values(ld, e, "nsDirectoryFailoverList"); - if (s && strcmp(s[0], "")) { - char *temp = strrchr(directoryURLVals[0], '/'); + s = ldap_get_values_len(ld, e, "nsDirectoryFailoverList"); + if (s && s[0] && s[0]->bv_len && s[0]->bv_val && strcmp(s[0]->bv_val, "")) { + char *temp = PL_strnchr(directoryURLVals[0]->bv_val, '/', directoryURLVals[0]->bv_len); /* append failover list to url */ if (NULL != temp) { *temp = '\0'; - PR_snprintf(buffer, sizeof(buffer), "%s %s/%s", - directoryURLVals[0], s[0], temp + 1); + PR_snprintf(buffer, sizeof(buffer), "%.*s %.*s/%s", + directoryURLVals[0]->bv_len, directoryURLVals[0]->bv_val, + s[0]->bv_len, s[0]->bv_val, temp + 1); } else { - PR_snprintf(buffer, sizeof(buffer), "%s %s", directoryURLVals[0], s[0]); + PR_snprintf(buffer, sizeof(buffer), "%.*s %.*s", + directoryURLVals[0]->bv_len, directoryURLVals[0]->bv_val, + s[0]->bv_len, s[0]->bv_val); } } else { - PR_snprintf(buffer, sizeof(buffer), "%s", directoryURLVals[0]); + PR_snprintf(buffer, sizeof(buffer), "%.*s", + directoryURLVals[0]->bv_len, directoryURLVals[0]->bv_val); } - ldap_value_free(s); + ldap_value_free_len(s); *directoryURL = PL_strdup(buffer); - ldap_value_free(directoryURLVals); + ldap_value_free_len(directoryURLVals); } - if (bindDNVals) { - *bindDN = PL_strdup(bindDNVals[0]); - ldap_value_free(bindDNVals); + if (bindDNVals && bindDNVals[0]) { + *bindDN = PL_strndup(bindDNVals[0]->bv_val, bindDNVals[0]->bv_len); + ldap_value_free_len(bindDNVals); } - if (bindPasswordVals) { - *bindPassword = PL_strdup(bindPasswordVals[0]); - if (bindPasswordVals[0]) { - memset(bindPasswordVals[0], '\0', strlen(bindPasswordVals[0])); - } - ldap_value_free(bindPasswordVals); + if (bindPasswordVals && bindPasswordVals[0]) { + *bindPassword = PL_strndup(bindPasswordVals[0]->bv_val, bindPasswordVals[0]->bv_len); + /* clear out this memory */ + memset(bindPasswordVals[0]->bv_val, '\0', bindPasswordVals[0]->bv_len); + ldap_value_free_len(bindPasswordVals); } - if (directoryInfoRefVals) { - *directoryInfoRef = PL_strdup(directoryInfoRefVals[0]); - ldap_value_free(directoryInfoRefVals); + if (directoryInfoRefVals && directoryInfoRefVals[0]) { + *directoryInfoRef = PL_strndup(directoryInfoRefVals[0]->bv_val, directoryInfoRefVals[0]->bv_len); + ldap_value_free_len(directoryInfoRefVals); } ldap_msgfree(result); @@ -176,7 +179,7 @@ admldapGetAdmGroupUGDN(char* sieDN) dnList[dnLen-2], dnList[dnLen-1]); } - ldap_value_free(dnList); + admutil_strsFree(dnList); return dnbuf; } @@ -191,11 +194,11 @@ admldapGetDomainUGDN(char* sieDN) while (dnList && dnList[dnLen]) dnLen++; if (dnLen >= 3) { - dnbuf = PR_smprintf("cn=UserDirectory, ou=Global Preferences,%s,%s", + dnbuf = PR_smprintf("cn=UserDirectory,ou=Global Preferences,%s,%s", dnList[dnLen-2], dnList[dnLen-1]); } - ldap_value_free(dnList); + admutil_strsFree(dnList); return dnbuf; } @@ -442,9 +445,10 @@ admldapSetUserDirectoryReal(LDAP *ld, char* targetDN, char* directoryURL, mods[i] = NULL; } - if ( (ldaperror = ldap_modify_s(ld, targetDN, mods)) != LDAP_SUCCESS ) { + if ( (ldaperror = ldap_modify_ext_s(ld, targetDN, mods, NULL, NULL)) != LDAP_SUCCESS ) { #ifdef LDAP_DEBUG - ldap_perror(ld, "ldap_modify_s"); + fprintf(stderr, "ldap_modify_s: [%s] error %d:%s\n", + targetDN, ldaperror, ldap_err2string(ldaperror)); #endif if (ldaperror == LDAP_INSUFFICIENT_ACCESS) *error_code = UG_ACCESS_FAIL; else *error_code = UG_LDAP_SYSTEM_ERR; @@ -480,13 +484,12 @@ admldapGetUserDirectory(AdmldapInfo info, char* targetDN, char** directoryURL, { int status = 1; char *realTargetDN; - AdmldapHdnlPtr hndl = (AdmldapHdnlPtr)info; realTargetDN = admldapCreateLDAPHndl(info, targetDN, error_code); if (!realTargetDN) return 0; - status = admldapGetUserDirectoryReal(hndl->ldapHndl, + status = admldapGetUserDirectoryReal(admldapGetLDAPHndl(info), realTargetDN, directoryURL, bindDN, @@ -505,13 +508,12 @@ admldapSetUserDirectory(AdmldapInfo info, char* targetDN, char* directoryURL, { int status = 1; char *realTargetDN; - AdmldapHdnlPtr hndl = (AdmldapHdnlPtr)info; realTargetDN = admldapCreateLDAPHndl(info, targetDN, error_code); if (!realTargetDN) return 0; - status = admldapSetUserDirectoryReal(hndl->ldapHndl, + status = admldapSetUserDirectoryReal(admldapGetLDAPHndl(info), realTargetDN, directoryURL, bindDN, diff --git a/lib/libadmsslutil/admsslutil.c b/lib/libadmsslutil/admsslutil.c index 04a3fa8..ab5132e 100644 --- a/lib/libadmsslutil/admsslutil.c +++ b/lib/libadmsslutil/admsslutil.c @@ -22,7 +22,6 @@ #include <libgen.h> #endif #include "ldap.h" -#include "ldap_ssl.h" #include "libadmsslutil/psetcssl.h" #include "libadmsslutil/admsslutil.h" #include "cert.h" @@ -33,6 +32,7 @@ #include "secpwd_pvt.h" #include "prprf.h" #include "sslproto.h" +#include "libadminutil/admutil-int.h" #include "errno.h" #include "secport.h" @@ -81,9 +81,9 @@ admldapBuildInfoSSL(AdmldapInfo info, int *errorcode) host = admldapGetHost(info); if (admldapGetSecurity(info)) - ld = ldapssl_init(host, admldapGetPort(info), 1); + ld = admutil_ldap_init(info, NULL, host, admldapGetPort(info), 1, 0, NULL); else - ld = ldap_init(host, admldapGetPort(info)); + ld = admutil_ldap_init(info, NULL, host, admldapGetPort(info), 0, 0, NULL); PL_strfree(host); if (!ld) { @@ -94,7 +94,12 @@ admldapBuildInfoSSL(AdmldapInfo info, int *errorcode) passwd = admldapGetSIEPWD(info); if (passwd) { char *dn = admldapGetSIEDN(info); - ldapError = ldap_simple_bind_s(ld, dn, passwd); + ldapError = admutil_ldap_bind(ld, dn, passwd, LDAP_SASL_SIMPLE, NULL, NULL, NULL, NULL); + if (ldapError != LDAP_SUCCESS) { +#ifdef LDAP_DEBUG + fprintf(stderr, "admutil_ldap_bind: [%s] error [%d:%s]\n", dn, ldapError, ldap_err2string(ldapError)); +#endif + } PL_strfree(dn); memset(passwd, '\0', strlen(passwd)); PL_strfree(passwd); @@ -106,27 +111,24 @@ admldapBuildInfoSSL(AdmldapInfo info, int *errorcode) } /* authenticate to LDAP server*/ if (ldapError != LDAP_SUCCESS) { -#ifdef LDAP_DEBUG - ldap_perror(ld, "ldap_simple_bind_s"); -#endif switch (ldapError) { case LDAP_INAPPROPRIATE_AUTH: case LDAP_INVALID_CREDENTIALS: case LDAP_INSUFFICIENT_ACCESS: /* authenticate failed: Should not continue */ - ldap_unbind(ld); + ldap_unbind_ext(ld, NULL, NULL); *errorcode = ADMUTIL_LDAP_ERR; return 0; case LDAP_NO_SUCH_OBJECT: case LDAP_ALIAS_PROBLEM: case LDAP_INVALID_DN_SYNTAX: /* Not a good user DN */ - ldap_unbind(ld); + ldap_unbind_ext(ld, NULL, NULL); *errorcode = ADMUTIL_LDAP_ERR; return 0; break; default: - ldap_unbind(ld); + ldap_unbind_ext(ld, NULL, NULL); *errorcode = ADMUTIL_LDAP_ERR; return 0; } @@ -277,102 +279,6 @@ void servssl_warn(char *fmt, ...) #endif } -/* ----------------------- Multiple cipher support ------------------------ */ - -#ifdef NET_SSL - -typedef struct { - char *name; - int num; -} cipherstruct; - -static cipherstruct _conf_ciphers[] = { - {"rc4", SSL_EN_RC4_128_WITH_MD5}, - {"rc4export", SSL_EN_RC4_128_EXPORT40_WITH_MD5}, - {"rc2", SSL_EN_RC2_128_CBC_WITH_MD5}, - {"rc2export", SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5}, - {"idea", SSL_EN_IDEA_128_CBC_WITH_MD5}, - {"des", SSL_EN_DES_64_CBC_WITH_MD5}, - {"desede3", SSL_EN_DES_192_EDE3_CBC_WITH_MD5}, - {"rsa_rc4_128_md5", SSL_RSA_WITH_RC4_128_MD5}, - {"rsa_3des_sha", SSL_RSA_WITH_3DES_EDE_CBC_SHA}, - {"rsa_des_sha", SSL_RSA_WITH_DES_CBC_SHA}, - {"rsa_rc4_40_md5", SSL_RSA_EXPORT_WITH_RC4_40_MD5}, - {"rsa_rc2_40_md5", SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5}, - {"tls_rsa_export1024_with_des_cbc_sha", TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA}, - {"tls_rsa_export1024_with_rc4_56_sha", TLS_RSA_EXPORT1024_WITH_RC4_56_SHA}, - {"rsa_null_md5", SSL_RSA_WITH_NULL_MD5}, - {"fortezza", SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA}, - {"fortezza_rc4_128_sha", SSL_FORTEZZA_DMS_WITH_RC4_128_SHA}, - {"fortezza_null", SSL_FORTEZZA_DMS_WITH_NULL_SHA}, - {"rsa_fips_des_sha", SSL_RSA_FIPS_WITH_DES_CBC_SHA}, - {"rsa_fips_3des_sha", SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA}, - {NULL, 0} -}; - -void _conf_setallciphers(int active) -{ - register int x; - - /* MLM - change: Because null_md5 is NOT encrypted at all, force - * them to activate it by name. */ - for(x = 0; _conf_ciphers[x].name; x++) { - if(active && !strcmp(_conf_ciphers[x].name, "rsa_null_md5")) { - continue; - } -#ifdef NET_SSL - SSL_CipherPrefSetDefault(_conf_ciphers[x].num, active ? PR_TRUE : PR_FALSE); -#endif - } -} - -char *_conf_setciphers(char *ciphers) -{ - char *t, err[ADMSSL_BUF_LEN]; - int x, active; - - /* Default is to activate all of them */ - if(!ciphers) { - _conf_setallciphers(1); - return NULL; - } - _conf_setallciphers(0); - - t = ciphers; - while(t) { - while((*ciphers) && (isspace(*ciphers))) ++ciphers; - - switch(*ciphers++) { - case '+': - active = 1; break; - case '-': - active = 0; break; - default: - return(PL_strdup("invalid ciphers: format is +cipher1,-cipher2...")); - } - if( (t = strchr(ciphers, ',')) ) - *t++ = '\0'; - - if(!strcmp(ciphers, "all")) - _conf_setallciphers(active); - else { - for(x = 0; _conf_ciphers[x].name; x++) { - if(!strcmp(ciphers, _conf_ciphers[x].name)) { - SSL_CipherPrefSetDefault(_conf_ciphers[x].num, active ? PR_TRUE : PR_FALSE); - break; - } - } - if(!_conf_ciphers[x].name) { - PR_snprintf(err, sizeof(err), "unknown cipher %s", ciphers); - return PL_strdup(err); - } - } - if(t) - ciphers = t; - } - return NULL; -} - /* * SSLPLCY_Install @@ -387,8 +293,6 @@ SSLPLCY_Install(void) } -#endif /* NET_SSL */ - /* * Modify "security" in adm.conf and DS */ @@ -580,3 +484,10 @@ SSLSocket_init(PRFileDesc *req_socket, const char *configdir, const char *securi return ssl_socket; } + +/* + emacs settings + Local Variables: + c-basic-offset: 2 + End: +*/ diff --git a/lib/libadmsslutil/psetcssl.c b/lib/libadmsslutil/psetcssl.c index 592f794..960be6f 100644 --- a/lib/libadmsslutil/psetcssl.c +++ b/lib/libadmsslutil/psetcssl.c @@ -24,10 +24,10 @@ #include <stdlib.h> #include <ctype.h> #include "ldap.h" -#include "ldap_ssl.h" #include "libadminutil/distadm.h" #include "libadmsslutil/psetcssl.h" #include "libadmsslutil/srvutilssl.h" +#include "libadminutil/admutil-int.h" #ifdef XP_WIN32 #define strcasecmp stricmp @@ -79,7 +79,7 @@ find_file_in_paths( } PR_IMPLEMENT(PsetHndl) -psetRealLDAPImportSSL(PsetHndl pseth, char* ldapHost, int ldapPort, +psetRealLDAPImportSSL(AdmldapInfo ldapInfo, PsetHndl pseth, char* ldapHost, int ldapPort, int secure, char* sieDN, char* userDN, char* passwd, char* configFile, char* filter, int* errorcode) { @@ -98,11 +98,11 @@ psetRealLDAPImportSSL(PsetHndl pseth, char* ldapHost, int ldapPort, ADM_GetCurrentPassword(errorcode, &passwd); } if (NULL != passwd) { /* if passwd is not given, let's use cache data */ - if (secure) ld = ldapssl_init(ldapHost, ldapPort, 1); - else ld = ldap_init(ldapHost, ldapPort); + if (secure) ld = admutil_ldap_init(ldapInfo, NULL, ldapHost, ldapPort, 1, 0, NULL); + else ld = admutil_ldap_init(ldapInfo, NULL, ldapHost, ldapPort, 0, 0, NULL); /* authenticate to LDAP server*/ - if ((ldapError = ldap_simple_bind_s(ld, userDN, passwd)) + if ((ldapError = admutil_ldap_bind(ld, userDN, passwd, LDAP_SASL_SIMPLE, NULL, NULL, NULL, NULL)) != LDAP_SUCCESS ) { switch (ldapError) { case LDAP_INAPPROPRIATE_AUTH: @@ -110,18 +110,18 @@ psetRealLDAPImportSSL(PsetHndl pseth, char* ldapHost, int ldapPort, case LDAP_INSUFFICIENT_ACCESS: /* authenticate failed: Should not continue */ /* ldap_perror( pset->ld, "ldap_simple_bind_s" ); */ - ldap_unbind(ld); + ldap_unbind_ext(ld, NULL, NULL); *errorcode = PSET_AUTH_FAIL; return NULL; case LDAP_NO_SUCH_OBJECT: case LDAP_ALIAS_PROBLEM: case LDAP_INVALID_DN_SYNTAX: /* Not a good DN */ - ldap_unbind(ld); + ldap_unbind_ext(ld, NULL, NULL); *errorcode = PSET_ENTRY_NOT_EXIST; return NULL; default: - ldap_unbind(ld); + ldap_unbind_ext(ld, NULL, NULL); unbindF = 0; ld = NULL; } @@ -141,11 +141,11 @@ psetRealLDAPImportSSL(PsetHndl pseth, char* ldapHost, int ldapPort, PR_IMPLEMENT(PsetHndl) -psetRealCreateSSL(char* ldapHost, int ldapPort, int secure, char* sieDN, +psetRealCreateSSL(AdmldapInfo ldapInfo, char* ldapHost, int ldapPort, int secure, char* sieDN, char* userDN, char* passwd, char* configFile, int* errorcode) { - return psetRealLDAPImportSSL(NULL, ldapHost, ldapPort, secure, sieDN, + return psetRealLDAPImportSSL(ldapInfo, NULL, ldapHost, ldapPort, secure, sieDN, userDN, passwd, configFile, NULL, errorcode); } @@ -220,7 +220,7 @@ psetCreateSSL(char* serverID, char* configRoot, char* user, char* passwd, *errorcode = PSET_ENV_ERR; } - pset = psetRealCreateSSL(ldapHost, ldapPort, secure, sieDN, userDN, + pset = psetRealCreateSSL(ldapInfo, ldapHost, ldapPort, secure, sieDN, userDN, bindPasswd, path, errorcode); done: destroyAdmldap(ldapInfo); @@ -237,4 +237,9 @@ done: return pset; } - +/* + emacs settings + Local Variables: + c-basic-offset: 2 + End: +*/ diff --git a/lib/libadmsslutil/srvutilssl.c b/lib/libadmsslutil/srvutilssl.c index 2281a1c..7bb2cfa 100644 --- a/lib/libadmsslutil/srvutilssl.c +++ b/lib/libadmsslutil/srvutilssl.c @@ -64,7 +64,7 @@ getServerDNListSSL(AdmldapInfo info) /* Use domainDN to create a pset */ host = admldapGetHost(info); siepwd = admldapGetSIEPWD(info); - domainPset = psetRealCreateSSL(host, + domainPset = psetRealCreateSSL(info, host, admldapGetPort(info), admldapGetSecurity(info), domainDN, @@ -123,7 +123,7 @@ getInstalledServerDNListSSL(AdmldapInfo info) host = admldapGetHost(info); siedn = admldapGetSIEDN(info); siepwd = admldapGetSIEPWD(info); - domainPset = psetRealCreateSSL(host, + domainPset = psetRealCreateSSL(info, host, admldapGetPort(info), admldapGetSecurity(info), domainDN, diff --git a/lib/libadmsslutil/uginfossl.c b/lib/libadmsslutil/uginfossl.c index 5691063..eb73c01 100644 --- a/lib/libadmsslutil/uginfossl.c +++ b/lib/libadmsslutil/uginfossl.c @@ -23,9 +23,9 @@ #include <stdlib.h> #include <ctype.h> #include <ldap.h> -#include <ldap_ssl.h> #include "libadminutil/distadm.h" #include "libadmsslutil/admsslutil.h" +#include "libadminutil/admutil-int.h" #ifdef XP_WIN32 #define strcasecmp stricmp @@ -93,9 +93,9 @@ admldapCGIbuild(AdmldapInfo ldapInfo, int* error_code) host = admldapGetHost(ldapInfo); if (admldapGetSecurity(ldapInfo)) - ld = ldapssl_init(host, admldapGetPort(ldapInfo), 1); + ld = admutil_ldap_init(ldapInfo, NULL, host, admldapGetPort(ldapInfo), 1, 0, NULL); else - ld = ldap_init(host, admldapGetPort(ldapInfo)); + ld = admutil_ldap_init(ldapInfo, NULL, host, admldapGetPort(ldapInfo), 1, 0, NULL); PL_strfree(host); host = NULL; @@ -110,9 +110,7 @@ admldapCGIbuild(AdmldapInfo ldapInfo, int* error_code) return NULL; } - ldapError = ldap_simple_bind_s(ld, - binddn, - bindpw); + ldapError = admutil_ldap_bind(ld, binddn, bindpw, LDAP_SASL_SIMPLE, NULL, NULL, NULL, NULL); PL_strfree(binddn); if (bindpw) { memset(bindpw, 0, strlen(bindpw)); @@ -123,14 +121,14 @@ admldapCGIbuild(AdmldapInfo ldapInfo, int* error_code) /* authenticate to LDAP server*/ if (ldapError != LDAP_SUCCESS) { #ifdef LDAP_DEBUG - ldap_perror(ld, "ldap_simple_bind_s"); + fprintf(stderr, "ldap_simple_bind_s: [%s] error %d:%s\n", binddn, ldapError, ldap_err2string(ldapError)); #endif switch (ldapError) { case LDAP_INAPPROPRIATE_AUTH: case LDAP_INVALID_CREDENTIALS: case LDAP_INSUFFICIENT_ACCESS: /* authenticate failed: Should not continue */ - ldap_unbind(ld); + ldap_unbind_ext(ld, NULL, NULL); *error_code = ADMUTIL_LDAP_ERR; destroyAdmldap(ldapInfo); return NULL; @@ -138,13 +136,13 @@ admldapCGIbuild(AdmldapInfo ldapInfo, int* error_code) case LDAP_ALIAS_PROBLEM: case LDAP_INVALID_DN_SYNTAX: /* Not a good user DN */ - ldap_unbind(ld); + ldap_unbind_ext(ld, NULL, NULL); *error_code = ADMUTIL_LDAP_ERR; destroyAdmldap(ldapInfo); return NULL; break; default: - ldap_unbind(ld); + ldap_unbind_ext(ld, NULL, NULL); *error_code = ADMUTIL_LDAP_ERR; destroyAdmldap(ldapInfo); return NULL; @@ -204,3 +202,10 @@ admldapSetDomainUserDirectoryCGI(AdmldapInfo ldapInfo, return status; } + +/* + emacs settings + Local Variables: + c-basic-offset: 2 + End: +*/ diff --git a/m4/mozldap.m4 b/m4/mozldap.m4 index 4cbb406..d115dd8 100644 --- a/m4/mozldap.m4 +++ b/m4/mozldap.m4 @@ -18,34 +18,59 @@ # # END COPYRIGHT BLOCK -AC_CHECKING(for LDAPSDK) +AC_CHECKING(for Mozilla LDAPSDK) # check for --with-ldapsdk AC_MSG_CHECKING(for --with-ldapsdk) -AC_ARG_WITH(ldapsdk, [ --with-ldapsdk=PATH Mozilla LDAP SDK directory], +AC_ARG_WITH(ldapsdk, AS_HELP_STRING([--with-ldapsdk@<:@=PATH@:>@],[Mozilla LDAP SDK directory]), [ - if test -e "$withval"/include/ldap.h -a -d "$withval"/lib + if test "$withval" = yes + then + AC_MSG_RESULT(yes) + elif test "$withval" = no + then + AC_MSG_RESULT(no) + elif test -e "$withval"/include/ldap.h -a -d "$withval"/lib then AC_MSG_RESULT([using $withval]) LDAPSDKDIR=$withval ldapsdk_inc="-I$LDAPSDKDIR/include" ldapsdk_lib="-L$LDAPSDKDIR/lib" ldapsdk_libdir="$LDAPSDKDIR/lib" + with_ldapsdk=yes else echo AC_MSG_ERROR([$withval not found]) fi + + if test "$with_ldapsdk" = yes -a "$with_openldap" = yes + then + AC_MSG_ERROR([Cannot use both LDAPSDK and OpenLDAP.]) + fi + if test "$with_ldapsdk" != yes -a "$with_openldap" != yes + then + AC_MSG_ERROR([Either LDAPSDK or OpenLDAP must be used.]) + fi ], -AC_MSG_RESULT(no)) +[ + if test "$with_openldap" = yes + then + AC_MSG_RESULT(no) + else + AC_MSG_RESULT(yes) + with_ldapsdk=yes + fi +]) # check for --with-ldapsdk-inc AC_MSG_CHECKING(for --with-ldapsdk-inc) -AC_ARG_WITH(ldapsdk-inc, [ --with-ldapsdk-inc=PATH Mozilla LDAP SDK include directory], +AC_ARG_WITH(ldapsdk-inc, AS_HELP_STRING([--with-ldapsdk-inc=PATH],[Mozilla LDAP SDK include directory]), [ if test -e "$withval"/ldap.h then AC_MSG_RESULT([using $withval]) ldapsdk_inc="-I$withval" + with_ldapsdk=yes else echo AC_MSG_ERROR([$withval not found]) @@ -55,13 +80,14 @@ AC_MSG_RESULT(no)) # check for --with-ldapsdk-lib AC_MSG_CHECKING(for --with-ldapsdk-lib) -AC_ARG_WITH(ldapsdk-lib, [ --with-ldapsdk-lib=PATH Mozilla LDAP SDK library directory], +AC_ARG_WITH(ldapsdk-lib, AS_HELP_STRING([--with-ldapsdk-lib=PATH],[Mozilla LDAP SDK library directory]), [ if test -d "$withval" then AC_MSG_RESULT([using $withval]) ldapsdk_lib="-L$withval" ldapsdk_libdir="$withval" + with_ldapsdk=yes else echo AC_MSG_ERROR([$withval not found]) @@ -72,40 +98,47 @@ AC_MSG_RESULT(no)) # if LDAPSDK is not found yet, try pkg-config # last resort -if test -z "$ldapsdk_inc" -o -z "$ldapsdk_lib" -o -z "$ldapsdk_libdir"; then - AC_MSG_CHECKING(for mozldap with pkg-config) - AC_PATH_PROG(PKG_CONFIG, pkg-config) - if test -n "$PKG_CONFIG"; then - if $PKG_CONFIG --exists mozldap6; then - ldapsdk_name=mozldap6 - elif $PKG_CONFIG --exists mozldap; then - ldapsdk_name=mozldap - else - AC_MSG_ERROR([LDAPSDK not found, specify with --with-ldapsdk[-inc|-lib].]) +if test "$with_ldapsdk" = yes ; then + if test -z "$ldapsdk_inc" -o -z "$ldapsdk_lib" -o -z "$ldapsdk_libdir"; then + AC_PATH_PROG(PKG_CONFIG, pkg-config) + AC_MSG_CHECKING(for mozldap with pkg-config) + if test -n "$PKG_CONFIG"; then + if $PKG_CONFIG --exists mozldap6; then + mozldappkg=mozldap6 + elif $PKG_CONFIG --exists mozldap; then + mozldappkg=mozldap + else + AC_MSG_ERROR([LDAPSDK not found, specify with --with-ldapsdk[-inc|-lib].]) + fi + ldapsdk_inc=`$PKG_CONFIG --cflags-only-I $mozldappkg` + ldapsdk_lib=`$PKG_CONFIG --libs-only-L $mozldappkg` + ldapsdk_libdir=`$PKG_CONFIG --libs-only-L $mozldappkg | sed -e s/-L// | sed -e s/\ .*$//` + AC_MSG_RESULT([using system $mozldappkg]) fi - ldapsdk_inc=`$PKG_CONFIG --cflags-only-I $ldapsdk_name` - ldapsdk_lib=`$PKG_CONFIG --libs-only-L $ldapsdk_name` - ldapsdk_libdir=`$PKG_CONFIG --libs-only-L $ldapsdk_name | sed -e s/-L// | sed -e s/\ *$//` - AC_MSG_RESULT([using system $ldapsdk_name]) fi fi -if test -z "$ldapsdk_inc" -o -z "$ldapsdk_lib"; then - AC_MSG_ERROR([LDAPSDK not found, specify with --with-ldapsdk[-inc|-lib].]) -fi -dnl make sure the ldap sdk version is 6 or greater - we do not support -dnl the old 5.x or prior versions - the ldap server code expects the new -dnl ber types and other code used with version 6 -save_cppflags="$CPPFLAGS" -CPPFLAGS="$ldapsdk_inc $nss_inc $nspr_inc" -AC_CHECK_HEADER([ldap.h], [isversion6=1], [isversion6=], -[#include <ldap-standard.h> +if test "$with_ldapsdk" = yes ; then + if test -z "$ldapsdk_inc" -o -z "$ldapsdk_lib"; then + AC_MSG_ERROR([LDAPSDK not found, specify with --with-ldapsdk[-inc|-lib].]) + fi + + dnl make sure the ldap sdk version is 6 or greater - we do not support + dnl the old 5.x or prior versions - the ldap server code expects the new + dnl ber types and other code used with version 6 + save_cppflags="$CPPFLAGS" + CPPFLAGS="$ldapsdk_inc $nss_inc $nspr_inc" + AC_CHECK_HEADER([ldap.h], [isversion6=1], [isversion6=], + [#include <ldap-standard.h> #if LDAP_VENDOR_VERSION < 600 #error The LDAP C SDK version is not supported #endif -]) -CPPFLAGS="$save_cppflags" + ]) + CPPFLAGS="$save_cppflags" -if test -z "$isversion6" ; then - AC_MSG_ERROR([The LDAPSDK version in $ldapsdk_inc/ldap-standard.h is not supported]) + if test -z "$isversion6" ; then + AC_MSG_ERROR([The LDAPSDK version in $ldapsdk_inc/ldap-standard.h is not supported]) + fi + AC_DEFINE([USE_MOZLDAP], [1], [If defined, using MozLDAP for LDAP SDK]) + AC_DEFINE([HAVE_LDAP_URL_PARSE_NO_DEFAULTS], [1], [have the function ldap_url_parse_no_defaults]) fi diff --git a/m4/openldap.m4 b/m4/openldap.m4 new file mode 100644 index 0000000..a4e2e88 --- /dev/null +++ b/m4/openldap.m4 @@ -0,0 +1,131 @@ +# BEGIN COPYRIGHT BLOCK +# Copyright (C) 2009 Red Hat, Inc. +# All rights reserved. +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. +# +# END COPYRIGHT BLOCK + +AC_CHECKING(for OpenLDAP) + +# check for --with-openldap +AC_MSG_CHECKING(for --with-openldap) +AC_ARG_WITH(openldap, AS_HELP_STRING([--with-openldap@<:@=PATH@:>@],[Use OpenLDAP - optional PATH is path to OpenLDAP SDK]), +[ + if test "$withval" = yes + then + AC_MSG_RESULT([using system OpenLDAP]) + elif test "$withval" = no + then + AC_MSG_RESULT(no) + elif test -e "$withval"/include/ldap.h -a -d "$withval"/lib + then + AC_MSG_RESULT([using $withval]) + OPENLDAPDIR=$withval + openldap_incdir="$OPENLDAPDIR/include" + openldap_inc="-I$openldap_incdir" + openldap_lib="-L$OPENLDAPDIR/lib" + openldap_libdir="$OPENLDAPDIR/lib" + with_openldap=yes + else + echo + AC_MSG_ERROR([$withval not found]) + fi +], +AC_MSG_RESULT(no)) + +# check for --with-openldap-inc +AC_MSG_CHECKING(for --with-openldap-inc) +AC_ARG_WITH(openldap-inc, AS_HELP_STRING([--with-openldap-inc=PATH],[OpenLDAP SDK include directory]), +[ + if test -e "$withval"/ldap.h + then + AC_MSG_RESULT([using $withval]) + openldap_incdir="$withval" + openldap_inc="-I$withval" + with_openldap=yes + else + echo + AC_MSG_ERROR([$withval not found]) + fi +], +AC_MSG_RESULT(no)) + +# check for --with-openldap-lib +AC_MSG_CHECKING(for --with-openldap-lib) +AC_ARG_WITH(openldap-lib, AS_HELP_STRING([--with-openldap-lib=PATH],[OpenLDAP SDK library directory]), +[ + if test -d "$withval" + then + AC_MSG_RESULT([using $withval]) + openldap_lib="-L$withval" + openldap_libdir="$withval" + with_openldap=yes + else + echo + AC_MSG_ERROR([$withval not found]) + fi +], +AC_MSG_RESULT(no)) + +# if OPENLDAP is not found yet, try pkg-config + +if test "$with_openldap" = yes ; then # user wants to use openldap, but didn't specify paths + if test -z "$openldap_inc" -o -z "$openldap_lib" -o -z "$openldap_libdir"; then + AC_PATH_PROG(PKG_CONFIG, pkg-config) + AC_MSG_CHECKING(for OpenLDAP with pkg-config) + if test -n "$PKG_CONFIG" && $PKG_CONFIG --exists openldap; then + openldap_inc=`$PKG_CONFIG --cflags-only-I openldap` + openldap_lib=`$PKG_CONFIG --libs-only-L openldap` + openldap_libdir=`$PKG_CONFIG --libs-only-L openldap | sed -e s/-L// | sed -e s/\ .*$//` + openldap_incdir=`$PKG_CONFIG --variable=includedir openldap` + AC_MSG_RESULT([using system OpenLDAP from pkg-config]) + else + openldap_incdir="/usr/include" + openldap_inc="-I$openldap_incdir" + AC_MSG_RESULT([no OpenLDAP pkg-config files]) + fi + fi +fi + +dnl lets see if we can find the headers and libs + +if test "$with_openldap" = yes ; then + save_cppflags="$CPPFLAGS" + CPPFLAGS="$openldap_inc $nss_inc $nspr_inc" + AC_CHECK_HEADER([ldap_features.h], [], + [AC_MSG_ERROR([specified with-openldap but ldap_features.h not found])]) + dnl figure out which version we're using from the header file + ol_ver_maj=`grep LDAP_VENDOR_VERSION_MAJOR $openldap_incdir/ldap_features.h | awk '{print $3}'` + ol_ver_min=`grep LDAP_VENDOR_VERSION_MINOR $openldap_incdir/ldap_features.h | awk '{print $3}'` + ol_ver_pat=`grep LDAP_VENDOR_VERSION_PATCH $openldap_incdir/ldap_features.h | awk '{print $3}'` + dnl full libname is libname-$maj.$min + ol_libver="-${ol_ver_maj}.${ol_ver_min}" + dnl look for ldap lib + save_ldflags="$LDFLAGS" + LDFLAGS="$openldap_lib $LDFLAGS" + AC_CHECK_LIB([ldap$ol_libver], [ldap_initialize], [have_ldap_lib=1]) + if test -z "$have_ldap_lib" ; then + AC_CHECK_LIB([ldap], [ldap_initialize], [unset ol_libver], + [AC_MSG_ERROR([specified with-openldap but libldap not found])]) + fi + dnl look for ldap_url_parse_ext + AC_CHECK_LIB([ldap$ol_libver], [ldap_url_parse_ext], + [AC_DEFINE([HAVE_LDAP_URL_PARSE_EXT], [1], [have the function ldap_url_parse_ext])]) + LDFLAGS="$save_ldflags" + CPPFLAGS="$save_cppflags" + + AC_DEFINE([USE_OPENLDAP], [1], [If defined, using OpenLDAP for LDAP SDK]) +fi diff --git a/tests/nsroot.ldif b/tests/nsroot.ldif deleted file mode 100644 index cbf3975..0000000 --- a/tests/nsroot.ldif +++ /dev/null @@ -1,1788 +0,0 @@ -version: 1 - -# entry-id: 1 -dn: o=NetscapeRoot -nsUniqueId: 5131a203-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: organization -o: NetscapeRoot -creatorsName: cn=directory manager -modifiersName: cn=directory manager -createTimestamp: 20070307172853Z -modifyTimestamp: 20070307172853Z -aci: (targetattr="*")(version 3.0; acl "Enable Configuration Administrator Group modification"; allow (all) groupdn="ldap:///cn=Configuration Administrators, ou=Groups, ou=TopologyManagement, o=NetscapeRoot";) -aci: (targetattr="*")(targetfilter=(o=NetscapeRoot))(version 3.0; acl "Default anonymous access"; allow (read, search) userdn="ldap:///anyone";) -aci: (targetattr="*")(version 3.0; acl "Enable Group Expansion"; allow (read, search, compare) groupdnattr="uniquemember";) - -# entry-id: 2 -dn: ou=TopologyManagement, o=NetscapeRoot -nsUniqueId: 5131a204-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: organizationalunit -ou: TopologyManagement -description: Branch for Configuration Administration users and groups -creatorsName: cn=directory manager -modifiersName: cn=directory manager -createTimestamp: 20070307172853Z -modifyTimestamp: 20070307172853Z -aci: (targetattr!="userPassword")(version 3.0; acl "Enable anonymous access"; allow (read, search, compare)userdn="ldap:///anyone";) - -# entry-id: 3 -dn: ou=Groups, ou=TopologyManagement, o=NetscapeRoot -nsUniqueId: 5131a205-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: organizationalunit -ou: Groups -description: Standard Branch for group entries -creatorsName: cn=directory manager -modifiersName: cn=directory manager -createTimestamp: 20070307172853Z -modifyTimestamp: 20070307172853Z - -# entry-id: 4 -dn: ou=Administrators, ou=TopologyManagement, o=NetscapeRoot -nsUniqueId: 5131a206-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: organizationalunit -ou: Administrators -description: Standard branch for Configuration Administrator (uid) entries -creatorsName: cn=directory manager -modifiersName: cn=directory manager -createTimestamp: 20070307172853Z -modifyTimestamp: 20070307172853Z - -# entry-id: 5 -dn: cn=Configuration Administrators, ou=Groups, ou=TopologyManagement, o=NetscapeRoot -nsUniqueId: 5131a207-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: groupofuniquenames -cn: Configuration Administrators -creatorsName: cn=directory manager -modifiersName: cn=directory manager -createTimestamp: 20070307172853Z -modifyTimestamp: 20070307172853Z -uniqueMember: uid=admin,ou=Administrators, ou=TopologyManagement, o=NetscapeRoot - -# entry-id: 6 -dn: uid=admin, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot -nsUniqueId: 5131a208-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: person -objectClass: organizationalperson -objectClass: inetorgperson -cn: Configuration Administrator -sn: Administrator -givenName: Configuration -uid: admin -passwordExpirationTime: 20380119031407Z -userPassword: {SSHA}reJj+X8MTuLLpc8VfPDfBVsIKlP4md3HMd0ZSw== -creatorsName: cn=directory manager -modifiersName: cn=directory manager -createTimestamp: 20070307172853Z -modifyTimestamp: 20070307172853Z - -# entry-id: 7 -dn: ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a209-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: organizationalunit -objectClass: nsadmindomain -ou: localdomain -description: Standard branch for configuration information -nsAdminDomainName: localdomain -creatorsName: cn=directory manager -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172853Z -modifyTimestamp: 20070307172952Z -aci: (targetattr=*)(targetfilter=(ou=localdomain))(version 3.0; acl "Enable anonymous access"; allow(read,search) userdn="ldap:///anyone";) - -# entry-id: 8 -dn: ou=Global Preferences, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a20a-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: organizationalunit -ou: Global Preferences -creatorsName: cn=directory manager -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172853Z -modifyTimestamp: 20070307174048Z -aci: (targetattr=*)(version 3.0; acl "Enable anonymous access"; allow(read,search) userdn="ldap:///anyone";) -description: Default branch for Fedora Server Products Global Preferences - -# entry-id: 9 -dn: ou=Host Preferences, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a20b-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: organizationalunit -ou: Host Preferences -creatorsName: cn=directory manager -modifiersName: cn=directory manager -createTimestamp: 20070307172853Z -modifyTimestamp: 20070307172853Z - -# entry-id: 10 -dn: cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a20c-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nsHost -objectClass: groupOfUniqueNames -cn: localhost.localdomain -serverHostName: localhost.localdomain -nsOsVersion: Linux 2.6.9-42.0.8.ELsmp #1 SMP Tue Jan 23 13:01:26 EST 2007 -nsHardwarePlatform: i686 -aci: (targetattr= *)(targetfilter=(nshardwarePlatform=*))(version 3.0; acl "Enable delegated access"; allow (read, search, compare) groupdn="ldap:///cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot";) -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172853Z -modifyTimestamp: 20070307172853Z -uniqueMember: cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot - -# entry-id: 11 -dn: cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a20d-1dd211b2-8008e98c-0e470000 -objectClass: nsAdminGroup -objectClass: groupOfUniqueNames -objectClass: nsDirectoryInfo -objectClass: top -nsAdminGroupName: Server Group -nsConfigRoot: /opt/fedora-ds -nsDirectoryInfoRef: cn=UserDirectory, ou=Global Preferences, ou=localdomain, o=NetscapeRoot -nsAdminSIEDN: cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -aci: (targetattr=*)(targetfilter=(nsconfigRoot=*))(version 3.0; acl "Enable delegated access"; allow (read,search, compare) groupdn="ldap:///cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot";) -aci: (targetattr=*)(version 3.0; acl "Enable delegated access"; allow (read,search,compare) userdn="ldap:///cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot";) -cn: Server Group -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172853Z -modifyTimestamp: 20070307172854Z -uniqueMember: cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -uniqueMember: cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot - -# entry-id: 12 -dn: cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a20e-1dd211b2-8008e98c-0e470000 -objectClass: nsApplication -objectClass: groupOfUniqueNames -objectClass: top -cn: Fedora Directory Server -nsProductName: Fedora Directory Server -nsProductVersion: 1.1.0 -nsNickName: slapd -nsBuildNumber: 2007.066.1710 -nsVendor: Fedora, Inc. -nsInstalledLocation: /opt/fedora-ds -installationTimeStamp: 20070307172853Z -nsExpirationDate: 1183655405 -nsBuildSecurity: domestic -aci: (targetattr=*)(targetfilter=(nsNickName=*))(version 3.0; acl "Enable delegated access"; allow (read,search, compare) groupdn="ldap:///cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot";) -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172853Z -modifyTimestamp: 20070307172853Z -uniqueMember: cn=slapd-localhost, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsServerMigrationClassname: com.netscape.admin.dirserv.task.MigrateCreate@ds11.jar(a)cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsServerCreationClassname: com.netscape.admin.dirserv.task.MigrateCreate@ds11.jar(a)cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot - -# entry-id: 13 -dn: cn=slapd-localhost, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a20f-1dd211b2-8008e98c-0e470000 -objectClass: netscapeServer -objectClass: nsDirectoryServer -objectClass: nsResourceRef -objectClass: nsConfig -objectClass: groupOfUniqueNames -objectClass: top -nsServerSecurity: off -nsServerID: slapd-localhost -nsBindDN: cn=Directory Manager -nsBaseDN: dc=example,dc=com -serverRoot: /opt/fedora-ds -nsServerPort: 389 -nsSecureServerPort: 636 -serverProductName: Directory Server (localhost) -serverVersionNumber: 1.1.0 -installationTimeStamp: 20070307172853Z -nsSuiteSpotUser: nobody -serverHostName: localhost.localdomain -cn: slapd-localhost -aci: (targetattr=*)(version 3.0; acl "Enable delegated access"; allow (read, search, compare) groupdn="ldap:///cn=slapd-localhost, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot";) -aci: (targetattr="uniquemember || serverProductName || administratorContactInfo || userpassword || description")(targetfilter=(objectclass=netscapeServer))(version 3.0; acl "Enable access delegation"; allow (write) groupdn="ldap:///cn=slapd-localhost, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot";) -uniqueMember: cn=slapd-localhost, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -uniqueMember: cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -userPassword: {SSHA}o6R0OcE3A3L2Ja8oSy610p3d3sKSp+qMr1xvWQ== -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172853Z -modifyTimestamp: 20070307172853Z - -# entry-id: 14 -dn: cn=configuration,cn=slapd-localhost, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a210-1dd211b2-8008e98c-0e470000 -objectClass: nsResourceRef -objectClass: nsAdminObject -objectClass: nsDirectoryInfo -objectClass: top -cn: configuration -nsClassname: com.netscape.admin.dirserv.DSAdmin@ds11.jar(a)cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsJarfilename: ds11.jar -nsDirectoryInfoRef: cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -aci: (targetattr=*)(version 3.0; acl "Enable Server configuration"; allow (all) groupdn="ldap:///cn=slapd-localhost, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot";) -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172853Z -modifyTimestamp: 20070307172853Z - -# entry-id: 15 -dn: cn=Tasks, cn=slapd-localhost, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a211-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nsResourceRef -cn: Tasks -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172853Z -modifyTimestamp: 20070307172853Z - -# entry-id: 16 -dn: cn=Operation, cn=Tasks, cn=slapd-localhost, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a212-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstaskgroup -nsTaskLabel: Operation Tasks Group -cn: Operation -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172853Z -modifyTimestamp: 20070307172853Z - -# entry-id: 17 -dn: cn=task summary, cn=Operation, cn=Tasks, cn=slapd-localhost, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a213-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nsConfig -description: start stop restart Backup Restore KeyCert Authenticate CompleteImport CompleteExport -cn: task summary -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172853Z -modifyTimestamp: 20070307172853Z - -# entry-id: 18 -dn: cn=start, cn=Operation, cn=Tasks, cn=slapd-localhost, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a214-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsClassname: com.netscape.admin.dirserv.task.Start@ds11.jar(a)cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsExecRef: start -cn: start -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172853Z -modifyTimestamp: 20070307172853Z - -# entry-id: 19 -dn: cn=stop, cn=Operation, cn=Tasks, cn=slapd-localhost, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a215-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsClassname: com.netscape.admin.dirserv.task.Stop@ds11.jar(a)cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsExecRef: shutdown -cn: stop -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172853Z -modifyTimestamp: 20070307172853Z - -# entry-id: 20 -dn: cn=restart, cn=Operation, cn=Tasks, cn=slapd-localhost, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a216-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsClassname: com.netscape.admin.dirserv.task.Restart@ds11.jar(a)cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsExecRef: restart -cn: restart -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172853Z -modifyTimestamp: 20070307172853Z - -# entry-id: 21 -dn: cn=Backup, cn=operation, cn=Tasks, cn=slapd-localhost, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a217-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsClassname: com.netscape.admin.dirserv.task.Backup@ds11.jar(a)cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsExecRef: ds_db2bak -cn: Backup -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172853Z -modifyTimestamp: 20070307172853Z - -# entry-id: 22 -dn: cn=Restore, cn=operation, cn=Tasks, cn=slapd-localhost, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a218-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsClassname: com.netscape.admin.dirserv.task.Restore@ds11.jar(a)cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsExecRef: ds_bak2db -cn: Restore -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172853Z -modifyTimestamp: 20070307172853Z - -# entry-id: 23 -dn: cn=KeyCert, cn=operation, cn=Tasks, cn=slapd-localhost, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a219-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsClassname: com.netscape.admin.dirserv.task.KeyCert@ds11.jar(a)cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -cn: KeyCert -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 24 -dn: cn=Authenticate, cn=operation, cn=Tasks, cn=slapd-localhost, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a21a-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsClassname: com.netscape.admin.dirserv.task.Authenticate@ds11.jar(a)cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -cn: Authenticate -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 25 -dn: cn=CompleteImport, cn=operation, cn=Tasks, cn=slapd-localhost, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a21b-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsClassname: com.netscape.admin.dirserv.task.CompleteImport@ds11.jar(a)cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -cn: CompleteImport -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 26 -dn: cn=CompleteExport, cn=operation, cn=Tasks, cn=slapd-localhost, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a21c-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsClassname: com.netscape.admin.dirserv.task.CompleteExport@ds11.jar(a)cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -cn: CompleteExport -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 27 -dn: cn=Export, cn=operation, cn=Tasks, cn=slapd-localhost, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a21d-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsExecRef: ds_db2ldif -cn: Export -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 28 -dn: cn=Import, cn=operation, cn=Tasks, cn=slapd-localhost, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a21e-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsExecRef: ds_ldif2db -cn: Import -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 29 -dn: cn=ViewLog, cn=operation, cn=Tasks, cn=slapd-localhost, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a21f-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsExecRef: perl?ds_viewlog.pl -cn: ViewLog -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 30 -dn: cn=ListBackups, cn=operation, cn=Tasks, cn=slapd-localhost, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a220-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsExecRef: ds_listdb -cn: ListBackups -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 31 -dn: cn=Remove, cn=operation, cn=Tasks, cn=slapd-localhost, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a221-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsExecRef: ds_remove -cn: Remove -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 32 -dn: cn=CreateVLVIndex, cn=operation, cn=Tasks, cn=slapd-localhost, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a222-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsExecRef: vlvindex -cn: CreateVLVIndex -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 33 -dn: cn=AddIndex, cn=operation, cn=Tasks, cn=slapd-localhost, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a223-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsExecRef: addindex -cn: AddIndex -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 34 -dn: cn=SNMPCtrl, cn=operation, cn=Tasks, cn=slapd-localhost, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a224-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsExecRef: ds_snmpctrl -cn: SNMPCtrl -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 35 -dn: cn=Tasks, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a225-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nsResourceRef -cn: Tasks -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 36 -dn: cn=Operation, cn=Tasks, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a226-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstaskgroup -nsTaskLabel: Operation Tasks Group -cn: Operation -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 37 -dn: cn=Migrate, cn=Operation, cn=Tasks, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a227-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsExecRef: perl?migrateInstance -cn: Migrate -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 38 -dn: cn=Create, cn=Operation, cn=Tasks, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a228-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsExecRef: ds_create -cn: Create -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 39 -dn: cn=GetConfigInfo, cn=Operation, cn=Tasks, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a229-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsExecRef: perl?getConfigInfo -cn: GetConfigInfo -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 40 -dn: cn=MigrateLocalDB, cn=Operation, cn=Tasks, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a22a-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsExecRef: perl?migrateLocalDB -cn: MigrateLocalDB -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 41 -dn: ou=Admin, ou=Global Preferences, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a22b-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: organizationalUnit -objectClass: extensibleObject -ou: admin -nsmerge: ADD_IF_EMPTY -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307174048Z - -# entry-id: 42 -dn: ou=4.0, ou=Admin, ou=Global Preferences, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a22c-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: organizationalunit -objectClass: extensibleObject -ou: 4.0 -nsmerge: ADD_IF_EMPTY -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307174048Z - -# entry-id: 43 -dn: cn=ResourceEditorExtension, ou=4.0, ou=Admin, ou=Global Preferences, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a22d-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nsResourceRef -objectClass: extensibleObject -cn: ResourceEditorExtension -nsmerge: ADD_IF_EMPTY -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307174048Z - -# entry-id: 44 -dn: cn=nsroledefinition, cn=ResourceEditorExtension, ou=4.0, ou=Admin, ou=Global Preferences, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a22e-1dd211b2-8008e98c-0e470000 -cn: nsroledefinition -objectClass: top -objectClass: extensibleObject -objectClass: nsResourceRef -objectClass: nsAdminResourceEditorExtension -objectClass: nsAdminObject -nsClassname: com.netscape.admin.dirserv.roledit.ResEditorRoleInfo(a)ds11.jar -nsClassname: com.netscape.admin.dirserv.roledit.ResEditorRoleMembers(a)ds11.jar -nsClassname: com.netscape.admin.dirserv.roledit.ResEditorRoleAccountPage(a)ds11.jar -nsmerge: {nsclassname}MULTI_MERGE -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307174048Z - -# entry-id: 45 -dn: cn=cossuperdefinition, cn=ResourceEditorExtension, ou=4.0, ou=Admin, ou=Global Preferences, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a22f-1dd211b2-8008e98c-0e470000 -cn: cossuperdefinition -objectClass: top -objectClass: extensibleObject -objectClass: nsResourceRef -objectClass: nsAdminResourceEditorExtension -objectClass: nsAdminObject -nsClassname: com.netscape.admin.dirserv.cosedit.ResEditorCosInfo(a)ds11.jar -nsClassname: com.netscape.admin.dirserv.cosedit.ResEditorCosAttributes(a)ds11.jar -nsClassname: com.netscape.admin.dirserv.cosedit.ResEditorCosTemplate(a)ds11.jar -nsmerge: {nsclassname}MULTI_MERGE -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307174048Z - -# entry-id: 46 -dn: cn=UserDirectory, ou=Global Preferences, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a230-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nsDirectoryInfo -cn: UserDirectory -nsDirectoryURL: ldap://localhost.localdomain:389/dc=example,dc=com -nsDirectoryFailoverList: -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 47 -dn: cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a238-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nsApplication -objectClass: groupOfUniqueNames -cn: Fedora Administration Server -nsVendor: Fedora, Inc. -nsProductName: Fedora Administration Server -nsNickName: admin -nsProductVersion: 7.0 -nsBuildNumber: 2006.207.021 -nsInstalledLocation: /opt/fedora-ds -installationTimeStamp: 20070307172854Z -nsBuildSecurity: domestic -nsServerMigrationClassname: com.netscape.management.admserv.AdminServerProduct(a)admserv70.jar -aci: (targetattr=*)(targetfilter=(nsNickName=*))(version 3.0; acl "Enable delegated access"; allow (read,search, compare) groupdn="ldap:///cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot";) -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z -uniqueMember: cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot - -# entry-id: 48 -dn: cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a239-1dd211b2-8008e98c-0e470000 -passwordExpirationTime: 20380118031417 -objectClass: top -objectClass: netscapeServer -objectClass: nsAdminServer -objectClass: nsResourceRef -objectClass: groupOfUniqueNames -cn: admin-serv-localhost -nsServerID: admin-serv -serverRoot: /opt/fedora-ds -serverProductName: Administration Server -serverHostName: localhost.localdomain -aci: (targetattr=*)(version 3.0; acl "Enable delegated access"; allow (read, search, compare) groupdn="ldap:///cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot";) -aci: (targetattr="uniquemember || serverProductName || administratorContactInfo || userpassword || description")(targetfilter=(objectclass=netscapeServer))(version 3.0; acl "Enable access delegation"; allow (write) groupdn="ldap:///cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot";) -uniqueMember: cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -installationTimeStamp: 20070307172854Z -userPassword: {SSHA}/Hki1EvTkF/WHA9HGGvxDMWpyyydXINotO3v8g== -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 49 -dn: cn=configuration, cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a23a-1dd211b2-8008e98c-0e470000 -objectClass: nsConfig -objectClass: nsAdminConfig -objectClass: nsAdminObject -objectClass: nsDirectoryInfo -objectClass: top -cn: Configuration -nsServerPort: 32348 -nsSuiteSpotUser: root -nsServerAddress: -nsAdminEnableEnduser: new value -nsAdminEnableDSGW: new value -nsDirectoryInfoRef: cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsAdminUsers: admin-serv/config/admpw -nsErrorLog: admin-serv/logs/error -nsPidLog: admin-serv/logs/pid -nsAccessLog: admin-serv/logs/access -nsAdminCacheLifetime: new value -nsAdminAccessHosts: new value -nsAdminAccessAddresses: new value -nsAdminOneACLDir: adminacl -aci: (targetattr=*)(version 3.0; acl "Enable delegated admin to access configuration"; allow (read,search) groupdn="ldap:///cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot";) -aci: (targetattr=*)(version 3.0; acl "Enable Server configuration"; allow (all) groupdn="ldap:///cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot";) -nsDefaultAcceptLanguage: en -nsClassname: com.netscape.management.admserv.AdminServer@admserv70.jar(a)cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070418172330Z - -# entry-id: 50 -dn: cn=Tasks, cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a23b-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nsResourceRef -cn: Tasks -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 51 -dn: cn=Operation, cn=Tasks, cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a23c-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstaskgroup -nsTaskLabel: Operation Tasks Group -cn: Operation -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 52 -dn: cn=Stop, cn=Operation, cn=Tasks, cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a23d-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsHelpRef: admin/stopadm.html -nsExecRef: stopsrv -nsClassname: com.netscape.management.admserv.task.Stop@admserv70.jar(a)cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -cn: Stop -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 53 -dn: cn=Restart, cn=Operation, cn=Tasks, cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a23e-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsHelpRef: admin/restartadm.html -nsExecRef: restartsrv -nsClassname: com.netscape.management.admserv.task.Restart@admserv70.jar(a)cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -cn: Restart -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 54 -dn: cn=Authenticate, cn=Operation, cn=Tasks, cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a23f-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -nsHelpRef: admin/userauth.html -nsExecRef: userauth -cn: Authenticate -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 55 -dn: cn=ListOldServers, cn=Operation, cn=Tasks, cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a240-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsExecRef: listOldSrvs -cn: ListOldServers -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 56 -dn: cn=StartConfigDS, cn=Operation, cn=Tasks, cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a241-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -nsExecRef: start_config_ds -cn: StartConfigDS -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 57 -dn: cn=MigrateConfig, cn=Operation, cn=Tasks, cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a242-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsExecRef: migrateConfig -cn: MigrateConfig -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 58 -dn: cn=MergeConfig, cn=Operation, cn=Tasks, cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a243-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsExecRef: mergeConfig -cn: MergeConfig -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 59 -dn: cn=StatusPing, cn=Operation, cn=Tasks, cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a244-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsExecRef: statusping -nsLogSuppress: true -cn: StatusPing -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 60 -dn: cn=Configuration, cn=Tasks, cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a245-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstaskgroup -nsTaskLabel: Configuration Tasks Group -cn: Configuration -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 61 -dn: cn=ServerSetup, cn=configuration, cn=Tasks, cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a246-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsExecRef: config -nsClassname: com.netscape.management.admserv.task.ServerSetup@admserv70.jar(a)cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -cn: ServerSetup -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 62 -dn: cn=DirectorySetup, cn=configuration, cn=Tasks, cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a247-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsExecRef: dsconfig -cn: DirectorySetup -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 63 -dn: cn=UGDirectorySetup, cn=configuration, cn=Tasks, cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a248-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsExecRef: ugdsconfig -cn: UGDirectorySetup -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 64 -dn: cn=AccessSetup, cn=configuration, cn=Tasks, cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a249-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsExecRef: admpw -cn: AccessSetup -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 65 -dn: cn=Logging, cn=configuration, cn=Tasks, cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a24a-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsHelpRef: admin/logging.html -nsExecRef: config -nsClassname: com.netscape.management.admserv.task.Logging@admserv70.jar(a)cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -cn: Logging -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 66 -dn: cn=SecurityOp, cn=configuration, cn=Tasks, cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a24b-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsExecRef: security -cn: SecurityOp -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 67 -dn: cn=CertSetup, cn=configuration, cn=Tasks, cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a24c-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsHelpRef: admin/certrequest.html -nsClassname: com.netscape.management.admserv.task.CertSetup@admserv70.jar(a)cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -cn: CertSetup -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 68 -dn: cn=SSLActivate, cn=configuration, cn=Tasks, cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a24d-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsHelpRef: admin/ssl_activate.html -nsExecRef: sec-activate -cn: SSLActivate -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 69 -dn: cn=ReadLog, cn=configuration, cn=Tasks, cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a24e-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsHelpRef: admin/logging.html -nsExecRef: ReadLog -cn: ReadLog -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 70 -dn: cn=HTMLAdmin, cn=configuration, cn=Tasks, cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a24f-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsHelpRef: admin/htmladmin.html -nsExecRef: htmladmin -cn: HTMLAdmin -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 71 -dn: cn=StatPingServ, cn=configuration, cn=Tasks, cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a250-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsHelpRef: admin/statpingserv.html -nsExecRef: statpingserv -cn: StatPingServ -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 72 -dn: cn=ViewData, cn=configuration, cn=Tasks, cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a251-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsHelpRef: admin/viewdata.html -nsExecRef: viewdata -cn: ViewData -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 73 -dn: cn=ViewLog, cn=configuration, cn=Tasks, cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a252-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsHelpRef: admin/viewlog.html -nsExecRef: viewlog -cn: ViewLog -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 74 -dn: cn=MonReplication, cn=configuration, cn=Tasks, cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a253-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsHelpRef: admin/monreplication.html -nsExecRef: monreplication -cn: MonReplication -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 75 -dn: cn=repl-monitor-cgi.pl, cn=configuration, cn=Tasks, cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a254-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsHelpRef: admin/monreplication.html -nsExecRef: perl?repl-monitor-cgi.pl -cn: repl-monitor-cgi.pl -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 76 -dn: cn=Commands, cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a255-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nsResourceRef -cn: Commands -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 77 -dn: cn=sync-task-sie-data, cn=Commands, cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a256-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -nsHelpRef: admin/sync-task-sie-data.html -nsExecRef: runtime -cn: sync-task-sie-data -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 78 -dn: cn=change-sie-password, cn=Commands, cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a257-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -nsExecRef: runtime -cn: change-sie-password -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 79 -dn: ou=UserPreferences, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a258-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: organizationalUnit -ou: UserPreferences -aci: (targetattr = "*")(version 3.0; acl "Allow saving of User Preferences"; allow (add) userdn = "ldap:///all";) -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 80 -dn: cn=Common, ou=Global Preferences, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a259-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nsResourceRef -objectClass: nsGlobalParameters -objectClass: extensibleObject -cn: common -nsUniqueAttribute: uid -nsUserIDFormat: firstletter_lastname -nsUserRDNComponent: uid -nsGroupRDNComponent: cn -nsmerge: {nsuniqueattribute}ADD_IF_EMPTY -nsmerge: {nsuseridformat}ADD_IF_EMPTY -nsmerge: {nsuserrdncomponent}ADD_IF_EMPTY -nsmerge: {nsgrouprdncomponent}ADD_IF_EMPTY -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 81 -dn: cn=Client, ou=Admin, ou=Global Preferences, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a25a-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nsResourceRef -objectClass: nsAdminGlobalParameters -objectClass: extensibleObject -cn: Client -nsAdminEndUserHTMLIndex: [--Category:general,General][--Option:edit.cgi?userpinfo,Personal Information][--Option:edit.cgi?userpasswd,Password] -nsNickName: admin,,Fedora Administration Server -nsNickName: https,netshare,Fedora Enterprise Server -nsNickName: httpd,httpd,Fedora FastTrack Server -nsNickName: msg,msg,Fedora Messaging Server -nsNickName: news,news,Fedora Collabra Server -nsNickName: proxy,proxy,Fedora Proxy Server -nsNickName: lmspd,lmspd,Fedora Media Server -nsNickName: slapd,slapd,Fedora Directory Server -nsNickName: cert,cert,Fedora Certificate Server -nsNickName: compass,compass,Fedora Compass Server -nsNickName: catalog,catalog,Fedora Catalog Server -nsNickName: calendar,calendar,Fedora Calendar Server -nsmerge: {nsadminenduserhtmlindex}MULTI_MERGE -nsmerge: {nsnickname}MULTI_MERGE -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 82 -dn: cn=PublicViews, ou=4.0, ou=Admin, ou=Global Preferences, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a25b-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nsAdminConsoleUser -cn: PublicViews -aci: (targetattr = "*")(version 3.0; acl "Allow Authenticated Users to Save Public Views"; allow (all) userdn = "ldap:///all";) -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 83 -dn: cn=CustomView, ou=4.0, ou=Admin, ou=Global Preferences, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a25c-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nsResourceRef -cn: CustomView -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 84 -dn: cn=inetorgPerson, cn=ResourceEditorExtension, ou=4.0, ou=Admin, ou=Global Preferences, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a25d-1dd211b2-8008e98c-0e470000 -cn: inetorgPerson -objectClass: nsResourceRef -objectClass: nsAdminResourceEditorExtension -objectClass: top -objectClass: extensibleObject -objectClass: nsAdminObject -nsClassname: com.netscape.management.client.ug.ResEditorUserPage -nsClassname: com.netscape.management.client.ug.ResEditorAccountPage -nsClassname: com.netscape.management.client.ug.LanguagePage -nsClassname: com.netscape.management.client.ug.ResEditorNTUser -nsClassname: com.netscape.management.client.ug.ResEditorPosixUser -nsmerge: {nsclassname}MULTI_MERGE -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 85 -dn: cn=organizationalPerson, cn=ResourceEditorExtension, ou=4.0, ou=Admin, ou=Global Preferences, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a25e-1dd211b2-8008e98c-0e470000 -cn: organizationalPerson -objectClass: nsResourceRef -objectClass: nsAdminResourceEditorExtension -objectClass: top -objectClass: extensibleObject -objectClass: nsAdminObject -nsClassname: com.netscape.management.client.ug.ResEditorUserPage -nsClassname: com.netscape.management.client.ug.ResEditorAccountPage -nsClassname: com.netscape.management.client.ug.LanguagePage -nsmerge: {nsclassname}MULTI_MERGE -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 86 -dn: cn=groupofuniquenames, cn=ResourceEditorExtension, ou=4.0, ou=Admin, ou=Global Preferences, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a25f-1dd211b2-8008e98c-0e470000 -cn: groupofuniquenames -objectClass: nsResourceRef -objectClass: nsAdminResourceEditorExtension -objectClass: top -objectClass: extensibleObject -objectClass: nsAdminObject -nsClassname: com.netscape.management.client.ug.ResEditorGroupInfo -nsClassname: com.netscape.management.client.ug.ResEditorGroupMembers -nsClassname: com.netscape.management.client.ug.ResEditorAccountPage -nsClassname: com.netscape.management.client.ug.LanguagePage -nsmerge: {nsclassname}MULTI_MERGE -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 87 -dn: cn=organizationalunit, cn=ResourceEditorExtension, ou=4.0, ou=Admin, ou=Global Preferences, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a260-1dd211b2-8008e98c-0e470000 -cn: organizationalunit -objectClass: nsResourceRef -objectClass: nsAdminResourceEditorExtension -objectClass: top -objectClass: extensibleObject -objectClass: nsAdminObject -nsClassname: com.netscape.management.client.ug.OUPage -nsClassname: com.netscape.management.client.ug.LanguagePage -nsmerge: {nsclassname}MULTI_MERGE -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 88 -dn: cn=defaultObjectClassesContainer, ou=4.0, ou=Admin, ou=Global Preferences, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a261-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nsResourceRef -cn: DefaultObjectClassesContainer -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 89 -dn: cn=user, cn=defaultObjectClassesContainer, ou=4.0, ou=Admin, ou=Global Preferences, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a262-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nsResourceRef -objectClass: nsdefaultObjectClasses -cn: user -nsDefaultObjectClass: top -nsDefaultObjectClass: person -nsDefaultObjectClass: organizationalPerson -nsDefaultObjectClass: inetorgperson -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 90 -dn: cn=group, cn=defaultObjectClassesContainer, ou=4.0, ou=Admin, ou=Global Preferences, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a263-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nsResourceRef -objectClass: nsdefaultObjectClasses -cn: group -nsDefaultObjectClass: top -nsDefaultObjectClass: groupofuniquenames -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 91 -dn: cn=ou, cn=defaultObjectClassesContainer, ou=4.0, ou=Admin, ou=Global Preferences, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a264-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nsResourceRef -objectClass: nsdefaultObjectClasses -cn: ou -nsDefaultObjectClass: top -nsDefaultObjectClass: organizationalunit -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 92 -dn: cn=topologyplugin, ou=4.0, ou=Admin, ou=Global Preferences, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a265-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nsResourceRef -objectClass: extensibleObject -cn: topologyplugin -nsmerge: ADD_IF_EMPTY -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 93 -dn: cn=defaultplugin, cn=topologyplugin, ou=4.0, ou=Admin, ou=Global Preferences, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a266-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstopologyplugin -objectClass: extensibleObject -objectClass: nsAdminObject -cn: defaultplugin -nsClassname: com.netscape.management.client.topology.DefaultTopologyPlugin -nsmerge: {nsclassname}MULTI_MERGE -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172854Z -modifyTimestamp: 20070307172854Z - -# entry-id: 94 -dn: ou="uid=admin, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot",ou=UserPreferences, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a267-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: organizationalUnit -aci: (targetattr=*)(version 3.0; acl "UserDNControl"; allow (all) userdnattr="creatorsname";) -ou: uid=admin, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172916Z -modifyTimestamp: 20070307172916Z - -# entry-id: 95 -dn: cn=UI,ou=4.0, ou=admin, ou=Global Preferences, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a268-1dd211b2-8008e98c-0e470000 -cn: UI -objectClass: top -objectClass: nsAdminConsoleUser -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172916Z -modifyTimestamp: 20070307172916Z - -# entry-id: 96 -dn: ou=Console,ou="uid=admin, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot",ou=UserPreferences, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a269-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: organizationalUnit -ou: Console -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172916Z -modifyTimestamp: 20070307172916Z - -# entry-id: 97 -dn: ou=4.0,ou=Console,ou="uid=admin, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot",ou=UserPreferences, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a26a-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: organizationalUnit -ou: 4.0 -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172916Z -modifyTimestamp: 20070307172916Z - -# entry-id: 98 -dn: cn=General,ou=4.0,ou=Console,ou="uid=admin, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot",ou=UserPreferences, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a26b-1dd211b2-8008e98c-0e470000 -cn: General -objectClass: top -objectClass: nsAdminConsoleUser -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172916Z -modifyTimestamp: 20070307174343Z -nsPreference:: IwojV2VkIE1hciAwNyAxMDo0Mzo0NCBNU1QgMjAwNwpXaWR0aD03NTAKU2hvd1N0YXR1c0Jhcj10cnVlClNob3dCYW5uZXJCYXI9dHJ1ZQpZPTE4NQpYPTIwMwpIZWlnaHQ9NTMwCg== - -# entry-id: 99 -dn: cn=Fonts,ou=4.0,ou=Console,ou="uid=admin, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot",ou=UserPreferences, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a26c-1dd211b2-8008e98c-0e470000 -cn: Fonts -objectClass: top -objectClass: nsAdminConsoleUser -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172916Z -modifyTimestamp: 20070307172916Z - -# entry-id: 100 -dn: cn=ResourcePage,ou=4.0,ou=Console,ou="uid=admin, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot",ou=UserPreferences, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a26d-1dd211b2-8008e98c-0e470000 -cn: ResourcePage -objectClass: top -objectClass: nsAdminConsoleUser -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172916Z -modifyTimestamp: 20070307174343Z -nsPreference:: IwojV2VkIE1hciAwNyAxMDo0Mzo0NCBNU1QgMjAwNwpTaG93VHJlZT10cnVlCg== - -# entry-id: 101 -dn: cn=CustomViews,ou=4.0,ou=Console,ou="uid=admin, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot",ou=UserPreferences, ou=localdomain, o=NetscapeRoot -nsUniqueId: 5131a26e-1dd211b2-8008e98c-0e470000 -cn: CustomViews -objectClass: top -objectClass: nsAdminConsoleUser -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172916Z -modifyTimestamp: 20070307172916Z - -# entry-id: 102 -dn: cn=slapd-localhost2, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 73c3bb04-1dd211b2-8008e98c-0e470000 -objectClass: netscapeServer -objectClass: nsDirectoryServer -objectClass: nsResourceRef -objectClass: nsConfig -objectClass: groupOfUniqueNames -objectClass: top -nsServerSecurity: off -nsServerID: slapd-localhost2 -nsBindDN: cn=directory manager -nsBaseDN: dc=example,dc=com -serverRoot: /opt/fedora-ds -nsServerPort: 399 -nsSecureServerPort: 636 -serverProductName: Directory Server (localhost2) -serverVersionNumber: 1.1.0 -installationTimeStamp: 20070307174048Z -nsSuiteSpotUser: nobody -serverHostName: localhost -cn: slapd-localhost2 -aci: (targetattr=*)(version 3.0; acl "Enable delegated access"; allow (read, search, compare) groupdn="ldap:///cn=slapd-localhost2, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot";) -aci: (targetattr="uniquemember || serverProductName || administratorContactInfo || userpassword || description")(targetfilter=(objectclass=netscapeServer))(version 3.0; acl "Enable access delegation"; allow (write) groupdn="ldap:///cn=slapd-localhost2, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot";) -uniqueMember: cn=slapd-localhost2, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -uniqueMember: cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -userPassword: {SSHA}KJeCJhQmZyQnjSR+AS1qL9wTa8rgaksW5Zcz6A== -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: cn=server,cn=plugins,cn=config -createTimestamp: 20070307172952Z -modifyTimestamp: 20070307174048Z -passwordGraceUserTime: 0 - -# entry-id: 103 -dn: cn=configuration,cn=slapd-localhost2, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 73c3bb05-1dd211b2-8008e98c-0e470000 -objectClass: nsResourceRef -objectClass: nsAdminObject -objectClass: nsDirectoryInfo -objectClass: top -cn: configuration -nsClassname: com.netscape.admin.dirserv.DSAdmin@ds11.jar(a)cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsJarfilename: ds11.jar -nsDirectoryInfoRef: cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -aci: (targetattr=*)(version 3.0; acl "Enable Server configuration"; allow (all) groupdn="ldap:///cn=slapd-localhost2, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot";) -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172952Z -modifyTimestamp: 20070307174048Z - -# entry-id: 104 -dn: cn=Tasks, cn=slapd-localhost2, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 73c3bb06-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nsResourceRef -cn: Tasks -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172952Z -modifyTimestamp: 20070307174048Z - -# entry-id: 105 -dn: cn=Operation, cn=Tasks, cn=slapd-localhost2, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 73c3bb07-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstaskgroup -nsTaskLabel: Operation Tasks Group -cn: Operation -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172952Z -modifyTimestamp: 20070307174048Z - -# entry-id: 106 -dn: cn=task summary, cn=Operation, cn=Tasks, cn=slapd-localhost2, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 73c3bb08-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nsConfig -description: start stop restart Backup Restore KeyCert Authenticate CompleteImport CompleteExport -cn: task summary -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172952Z -modifyTimestamp: 20070307174048Z - -# entry-id: 107 -dn: cn=start, cn=Operation, cn=Tasks, cn=slapd-localhost2, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 73c3bb09-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsClassname: com.netscape.admin.dirserv.task.Start@ds11.jar(a)cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsExecRef: start -cn: start -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172952Z -modifyTimestamp: 20070307174048Z - -# entry-id: 108 -dn: cn=stop, cn=Operation, cn=Tasks, cn=slapd-localhost2, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 73c3bb0a-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsClassname: com.netscape.admin.dirserv.task.Stop@ds11.jar(a)cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsExecRef: shutdown -cn: stop -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172952Z -modifyTimestamp: 20070307174048Z - -# entry-id: 109 -dn: cn=restart, cn=Operation, cn=Tasks, cn=slapd-localhost2, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 73c3bb0b-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsClassname: com.netscape.admin.dirserv.task.Restart@ds11.jar(a)cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsExecRef: restart -cn: restart -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172952Z -modifyTimestamp: 20070307174048Z - -# entry-id: 110 -dn: cn=Backup, cn=operation, cn=Tasks, cn=slapd-localhost2, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 73c3bb0c-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsClassname: com.netscape.admin.dirserv.task.Backup@ds11.jar(a)cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsExecRef: ds_db2bak -cn: Backup -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172952Z -modifyTimestamp: 20070307174048Z - -# entry-id: 111 -dn: cn=Restore, cn=operation, cn=Tasks, cn=slapd-localhost2, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 73c3bb0d-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsClassname: com.netscape.admin.dirserv.task.Restore@ds11.jar(a)cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsExecRef: ds_bak2db -cn: Restore -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172952Z -modifyTimestamp: 20070307174048Z - -# entry-id: 112 -dn: cn=KeyCert, cn=operation, cn=Tasks, cn=slapd-localhost2, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 73c3bb0e-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsClassname: com.netscape.admin.dirserv.task.KeyCert@ds11.jar(a)cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -cn: KeyCert -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172952Z -modifyTimestamp: 20070307174048Z - -# entry-id: 113 -dn: cn=Authenticate, cn=operation, cn=Tasks, cn=slapd-localhost2, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 73c3bb0f-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsClassname: com.netscape.admin.dirserv.task.Authenticate@ds11.jar(a)cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -cn: Authenticate -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172952Z -modifyTimestamp: 20070307174048Z - -# entry-id: 114 -dn: cn=CompleteImport, cn=operation, cn=Tasks, cn=slapd-localhost2, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 73c3bb10-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsClassname: com.netscape.admin.dirserv.task.CompleteImport@ds11.jar(a)cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -cn: CompleteImport -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172952Z -modifyTimestamp: 20070307174048Z - -# entry-id: 115 -dn: cn=CompleteExport, cn=operation, cn=Tasks, cn=slapd-localhost2, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 73c3bb11-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsClassname: com.netscape.admin.dirserv.task.CompleteExport@ds11.jar(a)cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -cn: CompleteExport -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172952Z -modifyTimestamp: 20070307174048Z - -# entry-id: 116 -dn: cn=Export, cn=operation, cn=Tasks, cn=slapd-localhost2, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 73c3bb12-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsExecRef: ds_db2ldif -cn: Export -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172952Z -modifyTimestamp: 20070307174048Z - -# entry-id: 117 -dn: cn=Import, cn=operation, cn=Tasks, cn=slapd-localhost2, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 73c3bb13-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsExecRef: ds_ldif2db -cn: Import -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172952Z -modifyTimestamp: 20070307174048Z - -# entry-id: 118 -dn: cn=ViewLog, cn=operation, cn=Tasks, cn=slapd-localhost2, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 73c3bb14-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsExecRef: perl?ds_viewlog.pl -cn: ViewLog -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172952Z -modifyTimestamp: 20070307174048Z - -# entry-id: 119 -dn: cn=ListBackups, cn=operation, cn=Tasks, cn=slapd-localhost2, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 73c3bb15-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsExecRef: ds_listdb -cn: ListBackups -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172952Z -modifyTimestamp: 20070307174048Z - -# entry-id: 120 -dn: cn=Remove, cn=operation, cn=Tasks, cn=slapd-localhost2, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 73c3bb16-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsExecRef: ds_remove -cn: Remove -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172952Z -modifyTimestamp: 20070307174048Z - -# entry-id: 121 -dn: cn=CreateVLVIndex, cn=operation, cn=Tasks, cn=slapd-localhost2, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 73c3bb17-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsExecRef: vlvindex -cn: CreateVLVIndex -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172952Z -modifyTimestamp: 20070307174048Z - -# entry-id: 122 -dn: cn=AddIndex, cn=operation, cn=Tasks, cn=slapd-localhost2, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 73c3bb18-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsExecRef: addindex -cn: AddIndex -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172952Z -modifyTimestamp: 20070307174048Z - -# entry-id: 123 -dn: cn=SNMPCtrl, cn=operation, cn=Tasks, cn=slapd-localhost2, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -nsUniqueId: 73c3bb19-1dd211b2-8008e98c-0e470000 -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsExecRef: ds_snmpctrl -cn: SNMPCtrl -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307172952Z -modifyTimestamp: 20070307174048Z - -# entry-id: 127 -dn: cn=DS_MISCELLANEOUS,ou=4.0,ou=Console,ou="uid=admin, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot",ou=UserPreferences, ou=localdomain, o=NetscapeRoot -nsUniqueId: 73c3bb20-1dd211b2-8008e98c-0e470000 -cn: DS_MISCELLANEOUS -objectClass: top -objectClass: nsAdminConsoleUser -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307173028Z -modifyTimestamp: 20070307173028Z - -# entry-id: 128 -dn: cn=TaskTab,ou=4.0,ou=Console,ou="uid=admin, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot",ou=UserPreferences, ou=localdomain, o=NetscapeRoot -nsUniqueId: 73c3bb21-1dd211b2-8008e98c-0e470000 -cn: TaskTab -objectClass: top -objectClass: nsAdminConsoleUser -creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot -createTimestamp: 20070307173030Z -modifyTimestamp: 20070307173030Z - diff --git a/tests/psetreadssl.c b/tests/psetreadssl.c index a266f9b..3f5f04e 100644 --- a/tests/psetreadssl.c +++ b/tests/psetreadssl.c @@ -26,11 +26,48 @@ #include <stdio.h> #include <stdlib.h> #include <string.h> +#include "libadminutil/distadm.h" #include "libadminutil/admutil.h" #include "libadminutil/srvutil.h" #include "libadmsslutil/psetcssl.h" #include "libadmsslutil/admsslutil.h" +#include <nss.h> +#include <ssl.h> + +static void +dump_pset_node(PsetHndl pset, char *nodeName) +{ + char buf[BUFSIZ]; + int rval = 0; + AttributeList iter; + AttributePtr attrPtr = NULL; + AttributeList nodeAttrs = psetGetAllAttrsACI(pset, nodeName, &rval); + + fprintf(stderr, "pset operation returned [%d: %s]\n", rval, psetErrorString(rval, NULL, buf, sizeof(buf), NULL)); + if (!nodeAttrs) { + goto localdone; + } + + iter = nodeAttrs; + while ((attrPtr = *iter++)) { + char *p = NULL; + int ii = 0; + if (attrPtr->attrVal) { + for (p = attrPtr->attrVal[0]; attrPtr->attrVal && attrPtr->attrVal[ii]; + p = attrPtr->attrVal[++ii]) { + fprintf(stderr, "%s: %s\n", attrPtr->attrName, attrPtr->attrVal[ii]); + } + } + } + +localdone: + deleteAttributeList(nodeAttrs); + + return; +} + +int main(int ac, char **av) { int _ai=ADMUTIL_Init(); @@ -38,10 +75,6 @@ main(int ac, char **av) char *configdir = NULL; char *securitydir = NULL; int rval = 0; - AttributeList nodeAttrs = NULL; - AttributeList iter = NULL; - char *nodeName = NULL; - AttributePtr attrPtr = NULL; char buf[BUFSIZ]; if (ac > 1) { @@ -74,58 +107,31 @@ main(int ac, char **av) goto done; } - pset = psetCreateSSL("slapd-localhost", configdir, NULL, NULL, &rval); + pset = psetCreateSSL("slapd-ds", configdir, NULL, NULL, &rval); fprintf(stderr, "pset operation returned [%d: %s]\n", rval, psetErrorString(rval, NULL, buf, sizeof(buf), NULL)); - if (!pset || rval) { + if (!pset || (rval && (rval != PSET_LOCAL_OPEN_FAIL))) { /* no local file for slapd - OK */ goto done; } - nodeName = PL_strdup(""); + dump_pset_node(pset, ""); + dump_pset_node(pset, "configuration"); - nodeAttrs = psetGetAllAttrsACI(pset, nodeName, &rval); - fprintf(stderr, "pset operation returned [%d: %s]\n", rval, psetErrorString(rval, NULL, buf, sizeof(buf), NULL)); - if (!nodeAttrs) { - goto done; - } - - iter = nodeAttrs; - while (attrPtr = *iter++) { - char *p = NULL; - int ii = 0; - for (p = attrPtr->attrVal[0]; attrPtr->attrVal && attrPtr->attrVal[ii]; - p = attrPtr->attrVal[++ii]) { - fprintf(stderr, "%s: %s\n", attrPtr->attrName, attrPtr->attrVal[ii]); - } - } - deleteAttributeList(nodeAttrs); - nodeAttrs = NULL; - - PL_strfree(nodeName); - nodeName = PL_strdup("configuration"); - - nodeAttrs = psetGetAllAttrsACI(pset, nodeName, &rval); + psetDelete(pset); + pset = psetCreateSSL(NULL, configdir, NULL, NULL, &rval); /* admin-serv */ fprintf(stderr, "pset operation returned [%d: %s]\n", rval, psetErrorString(rval, NULL, buf, sizeof(buf), NULL)); - if (!nodeAttrs) { + if (!pset || rval) { /* no local file for slapd - OK */ goto done; } - iter = nodeAttrs; - while (attrPtr = *iter++) { - char *p = NULL; - int ii = 0; - for (p = attrPtr->attrVal[0]; attrPtr->attrVal && attrPtr->attrVal[ii]; - p = attrPtr->attrVal[++ii]) { - fprintf(stderr, "%s: %s\n", attrPtr->attrName, attrPtr->attrVal[ii]); - } - } + dump_pset_node(pset, ""); + dump_pset_node(pset, "configuration"); done: free(configdir); free(securitydir); psetDelete(pset); - deleteAttributeList(nodeAttrs); - PL_strfree(nodeName); SSL_ClearSessionCache(); NSS_Shutdown(); + PR_Cleanup(); exit(rval); } diff --git a/tests/retrieveSIEssl.c b/tests/retrieveSIEssl.c index 3d54ef1..de1e9a9 100644 --- a/tests/retrieveSIEssl.c +++ b/tests/retrieveSIEssl.c @@ -46,7 +46,6 @@ main(int ac, char **av) int siecnt = 0; char *host = NULL; char *siedn = NULL; - char *siepwd = NULL; char buf[BUFSIZ]; char *userdn; char *passwd; @@ -116,7 +115,7 @@ main(int ac, char **av) } /* Create Pset for each individual server */ rval = 0; - pset = psetRealCreateSSL(host, + pset = psetRealCreateSSL(ldapInfo, host, admldapGetPort(ldapInfo), admldapGetSecurity(ldapInfo), *p, @@ -180,5 +179,6 @@ done: destroyAdmldap(ldapInfo); SSL_ClearSessionCache(); NSS_Shutdown(); + PR_Cleanup(); exit(rval); } diff --git a/tests/setup.sh b/tests/setup.sh index 00b47fa..d6bb1e3 100755 --- a/tests/setup.sh +++ b/tests/setup.sh @@ -1,58 +1,144 @@ #!/bin/sh testdir="$1" -#sroot=/home/$USER/11srv -sroot=/export/rmeggins/11srv -port=1100 -secport=1101 +hostname=vmhost.testdomain.com +domain=testdomain.com +sroot=/home/$USER/dsol +port=1200 +secport=1201 rootdn="cn=directory manager" +escapedrootdn='cn\\\\3Ddirectory manager' rootpw=password -#adminpw=boguspassword +adminpw=boguspassword adminpw=admin #needinstance=1 -needdata=1 -#usessl=1 -secdir=/path/to/etc/fedora-ds/slapd-localhost -PATH=/usr/lib64/mozldap:$PATH -export PATH +#needdata=1 +usessl=1 +secdir=/home/$USER/save +#PATH=/usr/lib64/mozldap:$PATH +#export PATH +instance=ds if [ "$needinstance" ] ; then -$sroot/bin/ds_newinst.pl - <<EOF +$sroot/sbin/setup-ds.pl -s -f - <<EOF [General] -FullMachineName= localhost.localdomain +FullMachineName= $hostname SuiteSpotUserID= $USER -ServerRoot= $sroot/lib/fedora-ds [slapd] ServerPort= $port -ServerIdentifier= localhost +ServerIdentifier= $instance Suffix= o=NetscapeRoot RootDN= $rootdn RootDNPwd= $rootpw EOF + +sslconf=/tmp/sslconf.$$.ldif +cat > $sslconf <<EOF +dn: cn=encryption,cn=config +changetype: modify +replace: nsSSL3 +nsSSL3: on +- +replace: nsSSLClientAuth +nsSSLClientAuth: allowed +- +add: nsSSL3Ciphers +nsSSL3Ciphers: -rsa_null_md5,+rsa_rc4_128_md5,+rsa_rc4_40_md5,+rsa_rc2_40_md5, + +rsa_des_sha,+rsa_fips_des_sha,+rsa_3des_sha,+rsa_fips_3des_sha,+fortezza, + +fortezza_rc4_128_sha,+fortezza_null,+tls_rsa_export1024_with_rc4_56_sha, + +tls_rsa_export1024_with_des_cbc_sha + +dn: cn=config +changetype: modify +add: nsslapd-security +nsslapd-security: on +- +replace: nsslapd-ssl-check-hostname +nsslapd-ssl-check-hostname: off +- +replace: nsslapd-secureport +nsslapd-secureport: $secport + +dn: cn=RSA,cn=encryption,cn=config +changetype: add +objectclass: top +objectclass: nsEncryptionModule +cn: RSA +nsSSLPersonalitySSL: Server-Cert +nsSSLToken: internal (software) +nsSSLActivation: on + +EOF + +ldapmodify -x -h $hostname -p $port -D "$rootdn" -w "$rootpw" -c -f $sslconf +rm -f $sslconf + +$sroot/lib/dirsrv/slapd-$instance/stop-slapd +cp $secdir/*.db $sroot/etc/dirsrv/slapd-$instance +cp $secdir/pin.txt $sroot/etc/dirsrv/slapd-$instance +$sroot/lib/dirsrv/slapd-$instance/start-slapd + fi if [ "$needdata" ] ; then -$sroot/lib/fedora-ds/slapd-localhost/ldif2db.pl -D "$rootdn" -w "$rootpw" -n userRoot -i $testdir/nsroot.ldif -sleep 10 + for file in $testdir/*.ldif.tmpl ; do + sed \ + -e "s/%as_uid%/admin/g" \ + -e "s/%as_passwd%/admin/g" \ + -e "s/%domain%/$domain/g" \ + -e "s/%console_version%/0.0/g" \ + -e "s/%as_baseversion%/0.0/g" \ + -e "s/%ds_console_jar%/389-ds.jar/g" \ + -e "s/%fqdn%/$hostname/g" \ + -e "s/%ds_port%/$port/g" \ + -e "s/%ds_secure_port%/$secport/g" \ + -e "s/%ds_suffix%/$suffix/g" \ + -e "s/%ds_user%/$USER/g" \ + -e "s/%brand%/389/g" \ + -e "s/%dsid%/$instance/g" \ + -e "s,%uname_a%,`uname -a`,g" \ + -e "s/%uname_m%/`uname -m`/g" \ + -e "s/%ds_version%/0.0/g" \ + -e "s/%ds_buildnum%/0.0/g" \ + -e "s/%asid%/$instance/g" \ + -e "s/%vendor%/389/g" \ + -e "s/%timestamp%/`date`/g" \ + -e "s/%rootdn%/$rootdn/g" \ + -e "s/%escapedrootdn%/$escapedrootdn/g" \ + -e "s/%ds_sie%/cn=slapd-$instance,cn=389 Directory Server,cn=Server Group,cn=$hostname,ou=$domain,o=NetscapeRoot/g" \ + -e "s/%as_sie%/cn=admin-serv-$instance,cn=389 Administration Server,cn=Server Group,cn=$hostname,ou=$domain,o=NetscapeRoot/g" \ + -e "s/%as_version%/0.0/g" \ + -e "s/%as_buildnum%/0.0/g" \ + -e "s/%as_console_jar%/389-admin.jar/g" \ + -e "s/%as_port%/9830/g" \ + -e "s/%as_user%/$USER/g" \ + -e "s/%as_addr%/127.0.0.1/g" \ + -e "s,%admpw%,testtmp/admpw,g" \ + -e "s,%as_error%,testtmp/error,g" \ + -e "s,%as_access%,testtmp/access,g" \ + -e "s,%as_pid%,testtmp/pid,g" \ + -e "s,%as_help_path%,testtmp,g" $file | ldapmodify -x -h $hostname -p $port -D "$rootdn" -w "$rootpw" -a -c + done fi rm -rf testtmp mkdir testtmp if [ "$usessl" ] ; then - ldapurl="ldaps://localhost:$secport/o=NetscapeRoot" + ldapurl="ldaps://$hostname:$secport/o=NetscapeRoot" else - ldapurl="ldap://localhost:$port/o=NetscapeRoot" + ldapurl="ldap://$hostname:$port/o=NetscapeRoot" fi cat > testtmp/adm.conf <<EOF ldapurl: $ldapurl -ldapHost: localhost.localdomain +ldapHost: $hostname ldapPort: $port -sie: cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -isie: cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot -port: 32348 -ldapStart: slapd-localhost/start-slapd +sie: cn=admin-serv-$instance,cn=389 Administration Server,cn=Server Group,cn=$hostname,ou=$domain,o=NetscapeRoot +isie: cn=389 Administration Server,cn=Server Group,cn=$hostname,ou=$domain,o=NetscapeRoot +port: 9830 +ldapStart: slapd-$instance/start-slapd +securitydir: $secdir EOF cat > testtmp/admpw <<EOF @@ -65,7 +151,7 @@ cat > $pwpfile <<EOF User: admin Password: $adminpw -UserDN: uid=admin, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot +UserDN: uid=admin,ou=Administrators,ou=TopologyManagement,o=NetscapeRoot SIEPWD: $adminpw EOF @@ -76,8 +162,8 @@ break main run $dir/testtmp $secdir < $pwpfile EOF -VALGRIND="valgrind --log-file=/var/tmp/vg.out --tool=memcheck --leak-check=yes --suppressions=/home/rmeggins/valgrind.supp --num-callers=40 " -GDB="gdb -x .gdbinit " +VALGRIND="valgrind --tool=memcheck --leak-check=yes --suppressions=/share/scripts/valgrind.supp --num-callers=40 --log-file=/var/tmp/vg.out" +#GDB="gdb -x .gdbinit " NOSSLTESTS="retrieveSIE psetread psetwrite" SSLTESTS="retrieveSIEssl psetreadssl" @@ -87,8 +173,14 @@ else TESTS="$NOSSLTESTS" fi for test in $TESTS ; do -# ./libtool --mode execute $GDB ./$test - cat $pwpfile | ./libtool --mode execute $VALGRIND ./$test $dir/testtmp $secdir + if [ -n "$GDB" ] ; then + ./libtool --mode execute $GDB ./$test + else + if [ -n "$VALGRIND" ] ; then + VGLOG=".$test" + fi + cat $pwpfile | ./libtool --mode execute ${VALGRIND}$VGLOG ./$test $dir/testtmp $secdir + fi done rm -f $pwpfile .gdbinit