389-adminutil.pc.in | 2
Makefile.am | 13
Makefile.in | 24
configure | 782 ++++++++++++++--
configure.ac | 8
include/libadminutil/admutil-int.h | 190 +++
include/libadminutil/admutil.h | 2
include/libadminutil/prodinfo.h | 106 --
include/libadminutil/psetc.h | 4
include/libadmsslutil/psetcssl.h | 4
lib/libadminutil/admutil.c | 880 ++++++++++++++++--
lib/libadminutil/admutil_pvt.h | 142 --
lib/libadminutil/form_post.c | 28
lib/libadminutil/psetc.c | 151 +--
lib/libadminutil/psetc_pvt.h | 5
lib/libadminutil/srvutil.c | 6
lib/libadminutil/uginfo.c | 110 +-
lib/libadmsslutil/admsslutil.c | 127 --
lib/libadmsslutil/psetcssl.c | 29
lib/libadmsslutil/srvutilssl.c | 4
lib/libadmsslutil/uginfossl.c | 25
m4/mozldap.m4 | 101 +-
m4/openldap.m4 | 131 ++
tests/nsroot.ldif | 1788 -------------------------------------
tests/psetreadssl.c | 88 -
tests/retrieveSIEssl.c | 4
tests/setup.sh | 148 ++-
27 files changed, 2324 insertions(+), 2578 deletions(-)
New commits:
commit e8abafe64771377d688a0718d62ea2de2aad22e6
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Fri Sep 24 16:04:10 2010 -0600
Port adminutil to use openldap
This allows adminutil to build with either openldap or mozldap. Use the
--with-openldap switch to use openldap. By default, it will use mozldap.
Most of the API changes are to allow passing the security directory to
the lower level ldap code - instead of the global NSS context, openldap
uses its own context, so needs to be passed the security dir via the
ldap_set_option(ld, LDAP_OPT_X_TLS_CACERTDIR, securitydir) api.
diff --git a/389-adminutil.pc.in b/389-adminutil.pc.in
index 6019ac2..caa62ff 100644
--- a/389-adminutil.pc.in
+++ b/389-adminutil.pc.in
@@ -6,6 +6,6 @@ includedir=@includedir@
Name: @PACKAGE_NAME@
Description: Utility library for directory server administration
Version: @PACKAGE_VERSION@
-Requires: nspr, nss, svrcore, mozldap
+Requires: nspr, nss
Libs: -ladmsslutil -ladminutil
Cflags: -I${includedir}/admsslutil -I${includedir}/adminutil
diff --git a/Makefile.am b/Makefile.am
index 3cb5914..b9e2996 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -19,7 +19,11 @@ AM_CPPFLAGS = $(PLATFORM_DEFINES) $(DEBUG_DEFINES) $(ADMINUTIL_DEFINES)
$(ADMINU
#------------------------
NSPR_LINK = @nspr_lib@ -lplc4 -lnspr4
NSS_LINK = @nss_lib@ -lssl3 -lnss3
-LDAPSDK_LINK = @ldapsdk_lib@ -lssldap60 -lldap60 -lprldap60 -lldif60
+if OPENLDAP
+LDAPSDK_LINK = @openldap_lib@ -lldap@ol_libver@
+else
+LDAPSDK_LINK = @ldapsdk_lib@ -lssldap60 -lprldap60 -lldap60 -lldif60
+endif
if enable_tests
SASL_LINK = @sasl_lib@ -lsasl2
endif
@@ -43,7 +47,7 @@ if enable_tests
check_PROGRAMS = retrieveSIE retrieveSIEssl psetread psetreadssl psetwrite
TESTS = retrieveSIE retrieveSIEssl psetread psetreadssl psetwrite
-TEST_CPPFLAGS = $(AM_CPPFLAGS) -I$(srcdir)/include @nss_inc@ @nspr_inc@ @ldapsdk_inc@
@icu_inc@
+TEST_CPPFLAGS = $(AM_CPPFLAGS) -I$(srcdir)/include @nss_inc@ @nspr_inc@ @openldap_inc@
@ldapsdk_inc@ @icu_inc@
TEST_LDADD = libadmsslutil.la libadminutil.la $(NSPR_LINK) $(NSS_LINK) $(LDAPSDK_LINK)
$(SASL_LINK) $(ICU_LINK)
retrieveSIE_SOURCES = tests/retrieveSIE.c
@@ -75,7 +79,6 @@ admsslincdir=$(includedir)/libadmsslutil
admininc_DATA = $(srcdir)/include/libadminutil/admutil.h \
$(srcdir)/include/libadminutil/distadm.h \
- $(srcdir)/include/libadminutil/prodinfo.h \
$(srcdir)/include/libadminutil/psetc.h \
$(srcdir)/include/libadminutil/resource.h \
$(srcdir)/include/libadminutil/srvutil.h
@@ -122,7 +125,7 @@ libadminutil_la_SOURCES = lib/libadminutil/acclanglist.c \
lib/libadminutil/strlist.c \
lib/libadminutil/uginfo.c
-libadminutil_la_CPPFLAGS = $(AM_CPPFLAGS) @nspr_inc@ @ldapsdk_inc@ @icu_inc@
+libadminutil_la_CPPFLAGS = $(AM_CPPFLAGS) @nspr_inc@ @openldap_inc@ @ldapsdk_inc@
@icu_inc@
libadminutil_la_LIBADD = $(NSPR_LINK) $(NSS_LINK) $(LDAPSDK_LINK) $(SASL_LINK)
$(ICU_LINK)
libadminutil_la_LDFLAGS = -version-number $(subst .,:,$(PACKAGE_VERSION))
if CXXLINK_REQUIRED
@@ -142,7 +145,7 @@ libadmsslutil_la_SOURCES = lib/libadmsslutil/admsslutil.c \
lib/libadmsslutil/sslerror.c \
lib/libadmsslutil/uginfossl.c
-libadmsslutil_la_CPPFLAGS = $(AM_CPPFLAGS) @nss_inc@ @nspr_inc@ @ldapsdk_inc@ @icu_inc@
+libadmsslutil_la_CPPFLAGS = $(AM_CPPFLAGS) @nss_inc@ @nspr_inc@ @openldap_inc@
@ldapsdk_inc@ @icu_inc@
libadmsslutil_la_LIBADD = $(NSPR_LINK) $(NSS_LINK) $(LDAPSDK_LINK) $(SASL_LINK)
$(ICU_LINK) libadminutil.la
libadmsslutil_la_LDFLAGS = -version-number $(subst .,:,$(PACKAGE_VERSION))
if CXXLINK_REQUIRED
diff --git a/Makefile.in b/Makefile.in
index fd7c95c..e333ec0 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -49,9 +49,9 @@ DIST_COMMON = README $(am__configure_deps) \
subdir = .
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/nspr.m4 $(top_srcdir)/m4/nss.m4 \
- $(top_srcdir)/m4/mozldap.m4 $(top_srcdir)/m4/sasl.m4 \
- $(top_srcdir)/m4/icu.m4 $(top_srcdir)/m4/fhs.m4 \
- $(top_srcdir)/configure.ac
+ $(top_srcdir)/m4/openldap.m4 $(top_srcdir)/m4/mozldap.m4 \
+ $(top_srcdir)/m4/sasl.m4 $(top_srcdir)/m4/icu.m4 \
+ $(top_srcdir)/m4/fhs.m4 $(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
am__CONFIG_DISTCLEAN_FILES = config.status config.cache config.log \
@@ -230,6 +230,8 @@ MAINTAINER_MODE_FALSE = @MAINTAINER_MODE_FALSE@
MAINTAINER_MODE_TRUE = @MAINTAINER_MODE_TRUE@
MAKEINFO = @MAKEINFO@
OBJEXT = @OBJEXT@
+OPENLDAP_FALSE = @OPENLDAP_FALSE@
+OPENLDAP_TRUE = @OPENLDAP_TRUE@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
PACKAGE_NAME = @PACKAGE_NAME@
@@ -298,7 +300,11 @@ nspr_libdir = @nspr_libdir@
nss_inc = @nss_inc@
nss_lib = @nss_lib@
nss_libdir = @nss_libdir@
+ol_libver = @ol_libver@
oldincludedir = @oldincludedir@
+openldap_inc = @openldap_inc@
+openldap_lib = @openldap_lib@
+openldap_libdir = @openldap_libdir@
platform_defs = @platform_defs@
prefix = @prefix@
program_transform_name = @program_transform_name@
@@ -327,7 +333,8 @@ AM_CPPFLAGS = $(PLATFORM_DEFINES) $(DEBUG_DEFINES)
$(ADMINUTIL_DEFINES) $(ADMINU
#------------------------
NSPR_LINK = @nspr_lib@ -lplc4 -lnspr4
NSS_LINK = @nss_lib@ -lssl3 -lnss3
-LDAPSDK_LINK = @ldapsdk_lib@ -lssldap60 -lldap60 -lprldap60 -lldif60
+@OPENLDAP_FALSE@LDAPSDK_LINK = @ldapsdk_lib@ -lssldap60 -lprldap60 -lldap60 -lldif60
+@OPENLDAP_TRUE@LDAPSDK_LINK = @openldap_lib@ -lldap@ol_libver@
@enable_tests_TRUE@SASL_LINK = @sasl_lib@ -lsasl2
ICU_LINK = @icu_lib@ -licui18n -licuuc -licudata $(LIBCSTD) $(LIBCRUN)
@@ -339,7 +346,7 @@ pkgdata_DATA = root.res en.res en_US.res
@CXXLINK_REQUIRED_TRUE@dummy_SOURCES = lib/dummy.cpp
@CXXLINK_REQUIRED_TRUE@dummy_LINK = $(CXXLINK)
@enable_tests_TRUE@TESTS = retrieveSIE retrieveSIEssl psetread psetreadssl psetwrite
-@enable_tests_TRUE@TEST_CPPFLAGS = $(AM_CPPFLAGS) -I$(srcdir)/include @nss_inc@
@nspr_inc@ @ldapsdk_inc@ @icu_inc@
+@enable_tests_TRUE@TEST_CPPFLAGS = $(AM_CPPFLAGS) -I$(srcdir)/include @nss_inc@
@nspr_inc@ @openldap_inc@ @ldapsdk_inc@ @icu_inc@
@enable_tests_TRUE@TEST_LDADD = libadmsslutil.la libadminutil.la $(NSPR_LINK) $(NSS_LINK)
$(LDAPSDK_LINK) $(SASL_LINK) $(ICU_LINK)
@enable_tests_TRUE@retrieveSIE_SOURCES = tests/retrieveSIE.c
@enable_tests_TRUE@retrieveSIE_CPPFLAGS = $(TEST_CPPFLAGS)
@@ -364,7 +371,6 @@ adminincdir = $(includedir)/libadminutil
admsslincdir = $(includedir)/libadmsslutil
admininc_DATA = $(srcdir)/include/libadminutil/admutil.h \
$(srcdir)/include/libadminutil/distadm.h \
- $(srcdir)/include/libadminutil/prodinfo.h \
$(srcdir)/include/libadminutil/psetc.h \
$(srcdir)/include/libadminutil/resource.h \
$(srcdir)/include/libadminutil/srvutil.h
@@ -399,7 +405,7 @@ libadminutil_la_SOURCES = lib/libadminutil/acclanglist.c \
lib/libadminutil/strlist.c \
lib/libadminutil/uginfo.c
-libadminutil_la_CPPFLAGS = $(AM_CPPFLAGS) @nspr_inc@ @ldapsdk_inc@ @icu_inc@
+libadminutil_la_CPPFLAGS = $(AM_CPPFLAGS) @nspr_inc@ @openldap_inc@ @ldapsdk_inc@
@icu_inc@
libadminutil_la_LIBADD = $(NSPR_LINK) $(NSS_LINK) $(LDAPSDK_LINK) $(SASL_LINK)
$(ICU_LINK)
libadminutil_la_LDFLAGS = -version-number $(subst .,:,$(PACKAGE_VERSION))
@CXXLINK_REQUIRED_FALSE@libadminutil_la_LINK = $(LINK)
@@ -416,7 +422,7 @@ libadmsslutil_la_SOURCES = lib/libadmsslutil/admsslutil.c \
lib/libadmsslutil/sslerror.c \
lib/libadmsslutil/uginfossl.c
-libadmsslutil_la_CPPFLAGS = $(AM_CPPFLAGS) @nss_inc@ @nspr_inc@ @ldapsdk_inc@ @icu_inc@
+libadmsslutil_la_CPPFLAGS = $(AM_CPPFLAGS) @nss_inc@ @nspr_inc@ @openldap_inc@
@ldapsdk_inc@ @icu_inc@
libadmsslutil_la_LIBADD = $(NSPR_LINK) $(NSS_LINK) $(LDAPSDK_LINK) $(SASL_LINK)
$(ICU_LINK) libadminutil.la
libadmsslutil_la_LDFLAGS = -version-number $(subst .,:,$(PACKAGE_VERSION))
@CXXLINK_REQUIRED_FALSE@libadmsslutil_la_LINK = $(LINK)
@@ -1148,7 +1154,7 @@ distdir: $(DISTFILES)
|| exit 1; \
fi; \
done
- -find $(distdir) -type d ! -perm -777 -exec chmod a+rwx {} \; -o \
+ -find $(distdir) -type d ! -perm -755 -exec chmod a+rwx,go+rx {} \; -o \
! -type d ! -perm -444 -links 1 -exec chmod a+r {} \; -o \
! -type d ! -perm -400 -exec chmod a+r {} \; -o \
! -type d ! -perm -444 -exec $(SHELL) $(install_sh) -c -m a+r {} {} \; \
diff --git a/configure b/configure
index 2f9dad6..62dc4c0 100755
--- a/configure
+++ b/configure
@@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.59 for 389-adminutil 1.1.10.
+# Generated by GNU Autoconf 2.59 for 389-adminutil 1.1.11.
#
# Report bugs to <
http://bugzilla.redhat.com/>.
#
@@ -423,8 +423,8 @@ SHELL=${CONFIG_SHELL-/bin/sh}
# Identity of this package.
PACKAGE_NAME='389-adminutil'
PACKAGE_TARNAME='389-adminutil'
-PACKAGE_VERSION='1.1.10'
-PACKAGE_STRING='389-adminutil 1.1.10'
+PACKAGE_VERSION='1.1.11'
+PACKAGE_STRING='389-adminutil 1.1.11'
PACKAGE_BUGREPORT='http://bugzilla.redhat.com/'
# Factoring default headers for most tests.
@@ -465,7 +465,7 @@ ac_includes_default="\
#endif"
ac_default_prefix=/opt/$PACKAGE_NAME
-ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION
PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir
libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir
infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS
INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA CYGPATH_W PACKAGE VERSION ACLOCAL AUTOCONF
AUTOMAKE AUTOHEADER MAKEINFO install_sh STRIP ac_ct_STRIP INSTALL_STRIP_PROGRAM mkdir_p
AWK SET_MAKE am__leading_dot AMTAR am__tar am__untar MAINTAINER_MODE_TRUE
MAINTAINER_MODE_FALSE MAINT build build_cpu build_vendor build_os host host_cpu
host_vendor host_os CXX CXXFLAGS LDFLAGS CPPFLAGS ac_ct_CXX EXEEXT OBJEXT DEPDIR
am__include am__quote AMDEP_TRUE AMDEP_FALSE AMDEPBACKSLASH CXXDEPMODE am__fastdepCXX_TRUE
am__fastdepCXX_FALSE CC CFLAGS ac_ct_CC CCDEPMODE am__fastdepCC_TRUE am__fastdepCC_FALSE
SED EGREP LN_S ECHO AR ac_ct_AR RANLIB ac_ct_RANLIB CPP
CXXCPP F77 FFLAGS ac_ct_F77 LIBTOOL LIBOBJS LIBCSTD LIBCRUN platform_defs
CXXLINK_REQUIRED_TRUE CXXLINK_REQUIRED_FALSE debug_defs enable_tests_TRUE
enable_tests_FALSE PKG_CONFIG ICU_CONFIG GENRB nspr_inc nspr_lib nspr_libdir nss_inc
nss_lib nss_libdir ldapsdk_inc ldapsdk_lib ldapsdk_libdir sasl_inc sasl_lib icu_inc
icu_lib icu_libdir icu_bin WINNT_TRUE WINNT_FALSE LTLIBOBJS'
+ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION
PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir
libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir
infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS
INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA CYGPATH_W PACKAGE VERSION ACLOCAL AUTOCONF
AUTOMAKE AUTOHEADER MAKEINFO install_sh STRIP ac_ct_STRIP INSTALL_STRIP_PROGRAM mkdir_p
AWK SET_MAKE am__leading_dot AMTAR am__tar am__untar MAINTAINER_MODE_TRUE
MAINTAINER_MODE_FALSE MAINT build build_cpu build_vendor build_os host host_cpu
host_vendor host_os CXX CXXFLAGS LDFLAGS CPPFLAGS ac_ct_CXX EXEEXT OBJEXT DEPDIR
am__include am__quote AMDEP_TRUE AMDEP_FALSE AMDEPBACKSLASH CXXDEPMODE am__fastdepCXX_TRUE
am__fastdepCXX_FALSE CC CFLAGS ac_ct_CC CCDEPMODE am__fastdepCC_TRUE am__fastdepCC_FALSE
SED EGREP LN_S ECHO AR ac_ct_AR RANLIB ac_ct_RANLIB CPP
CXXCPP F77 FFLAGS ac_ct_F77 LIBTOOL LIBOBJS LIBCSTD LIBCRUN platform_defs
CXXLINK_REQUIRED_TRUE CXXLINK_REQUIRED_FALSE debug_defs enable_tests_TRUE
enable_tests_FALSE PKG_CONFIG ICU_CONFIG GENRB nspr_inc nspr_lib nspr_libdir nss_inc
nss_lib nss_libdir ldapsdk_inc ldapsdk_lib ldapsdk_libdir openldap_inc openldap_lib
openldap_libdir ol_libver sasl_inc sasl_lib icu_inc icu_lib icu_libdir icu_bin
OPENLDAP_TRUE OPENLDAP_FALSE WINNT_TRUE WINNT_FALSE LTLIBOBJS'
ac_subst_files=''
# Initialize some variables set by options.
@@ -954,7 +954,7 @@ if test "$ac_init_help" = "long"; then
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures 389-adminutil 1.1.10 to adapt to many kinds of systems.
+\`configure' configures 389-adminutil 1.1.11 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1020,7 +1020,7 @@ fi
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of 389-adminutil 1.1.10:";;
+ short | recursive ) echo "Configuration of 389-adminutil 1.1.11:";;
esac
cat <<\_ACEOF
@@ -1057,9 +1057,16 @@ Optional Packages:
--with-nss=PATH Network Security Services (NSS) directory
--with-nss-inc=PATH Network Security Services (NSS) include directory
--with-nss-lib=PATH Network Security Services (NSS) library directory
- --with-ldapsdk=PATH Mozilla LDAP SDK directory
- --with-ldapsdk-inc=PATH Mozilla LDAP SDK include directory
- --with-ldapsdk-lib=PATH Mozilla LDAP SDK library directory
+ --with-openldap[=PATH]
+ Use OpenLDAP - optional PATH is path to OpenLDAP SDK
+ --with-openldap-inc=PATH
+ OpenLDAP SDK include directory
+ --with-openldap-lib=PATH
+ OpenLDAP SDK library directory
+ --with-ldapsdk[=PATH]
+ Mozilla LDAP SDK directory
+ --with-ldapsdk-inc=PATH Mozilla LDAP SDK include directory
+ --with-ldapsdk-lib=PATH Mozilla LDAP SDK library directory
--with-sasl=PATH Use sasl from supplied path
--with-sasl-inc=PATH SASL include file directory
--with-sasl-lib=PATH SASL library directory
@@ -1182,7 +1189,7 @@ fi
test -n "$ac_init_help" && exit 0
if $ac_init_version; then
cat <<\_ACEOF
-389-adminutil configure 1.1.10
+389-adminutil configure 1.1.11
generated by GNU Autoconf 2.59
Copyright (C) 2003 Free Software Foundation, Inc.
@@ -1196,7 +1203,7 @@ cat >&5 <<_ACEOF
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by 389-adminutil $as_me 1.1.10, which was
+It was created by 389-adminutil $as_me 1.1.11, which was
generated by GNU Autoconf 2.59. Invocation command line was
$ $0 $@
@@ -1839,7 +1846,7 @@ fi
# Define the identity of the package.
PACKAGE='389-adminutil'
- VERSION='1.1.10'
+ VERSION='1.1.11'
cat >>confdefs.h <<_ACEOF
@@ -4288,7 +4295,7 @@ ia64-*-hpux*)
;;
*-*-irix6*)
# Find out which ABI we are using.
- echo '#line 4291 "configure"' > conftest.$ac_ext
+ echo '#line 4298 "configure"' > conftest.$ac_ext
if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
(eval $ac_compile) 2>&5
ac_status=$?
@@ -5423,7 +5430,7 @@ fi
# Provide some information about the compiler.
-echo "$as_me:5426:" \
+echo "$as_me:5433:" \
"checking for Fortran 77 compiler version" >&5
ac_compiler=`set X $ac_compile; echo $2`
{ (eval echo "$as_me:$LINENO: \"$ac_compiler --version </dev/null
>&5\"") >&5
@@ -6486,11 +6493,11 @@ else
-e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
-e 's:$: $lt_compiler_flag:'`
- (eval echo "\"\$as_me:6489: $lt_compile\"" >&5)
+ (eval echo "\"\$as_me:6496: $lt_compile\"" >&5)
(eval "$lt_compile" 2>conftest.err)
ac_status=$?
cat conftest.err >&5
- echo "$as_me:6493: \$? = $ac_status" >&5
+ echo "$as_me:6500: \$? = $ac_status" >&5
if (exit $ac_status) && test -s "$ac_outfile"; then
# The compiler can only warn and ignore the option if not recognized
# So say no if there are warnings other than the usual output.
@@ -6754,11 +6761,11 @@ else
-e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
-e 's:$: $lt_compiler_flag:'`
- (eval echo "\"\$as_me:6757: $lt_compile\"" >&5)
+ (eval echo "\"\$as_me:6764: $lt_compile\"" >&5)
(eval "$lt_compile" 2>conftest.err)
ac_status=$?
cat conftest.err >&5
- echo "$as_me:6761: \$? = $ac_status" >&5
+ echo "$as_me:6768: \$? = $ac_status" >&5
if (exit $ac_status) && test -s "$ac_outfile"; then
# The compiler can only warn and ignore the option if not recognized
# So say no if there are warnings other than the usual output.
@@ -6858,11 +6865,11 @@ else
-e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
-e 's:$: $lt_compiler_flag:'`
- (eval echo "\"\$as_me:6861: $lt_compile\"" >&5)
+ (eval echo "\"\$as_me:6868: $lt_compile\"" >&5)
(eval "$lt_compile" 2>out/conftest.err)
ac_status=$?
cat out/conftest.err >&5
- echo "$as_me:6865: \$? = $ac_status" >&5
+ echo "$as_me:6872: \$? = $ac_status" >&5
if (exit $ac_status) && test -s out/conftest2.$ac_objext
then
# The compiler can only warn and ignore the option if not recognized
@@ -8327,7 +8334,7 @@ linux*)
libsuff=
case "$host_cpu" in
x86_64*|s390x*|powerpc64*)
- echo '#line 8330 "configure"' > conftest.$ac_ext
+ echo '#line 8337 "configure"' > conftest.$ac_ext
if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
(eval $ac_compile) 2>&5
ac_status=$?
@@ -9224,7 +9231,7 @@ else
lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
lt_status=$lt_dlunknown
cat > conftest.$ac_ext <<EOF
-#line 9227 "configure"
+#line 9234 "configure"
#include "confdefs.h"
#if HAVE_DLFCN_H
@@ -9324,7 +9331,7 @@ else
lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
lt_status=$lt_dlunknown
cat > conftest.$ac_ext <<EOF
-#line 9327 "configure"
+#line 9334 "configure"
#include "confdefs.h"
#if HAVE_DLFCN_H
@@ -11667,11 +11674,11 @@ else
-e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
-e 's:$: $lt_compiler_flag:'`
- (eval echo "\"\$as_me:11670: $lt_compile\"" >&5)
+ (eval echo "\"\$as_me:11677: $lt_compile\"" >&5)
(eval "$lt_compile" 2>conftest.err)
ac_status=$?
cat conftest.err >&5
- echo "$as_me:11674: \$? = $ac_status" >&5
+ echo "$as_me:11681: \$? = $ac_status" >&5
if (exit $ac_status) && test -s "$ac_outfile"; then
# The compiler can only warn and ignore the option if not recognized
# So say no if there are warnings other than the usual output.
@@ -11771,11 +11778,11 @@ else
-e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
-e 's:$: $lt_compiler_flag:'`
- (eval echo "\"\$as_me:11774: $lt_compile\"" >&5)
+ (eval echo "\"\$as_me:11781: $lt_compile\"" >&5)
(eval "$lt_compile" 2>out/conftest.err)
ac_status=$?
cat out/conftest.err >&5
- echo "$as_me:11778: \$? = $ac_status" >&5
+ echo "$as_me:11785: \$? = $ac_status" >&5
if (exit $ac_status) && test -s out/conftest2.$ac_objext
then
# The compiler can only warn and ignore the option if not recognized
@@ -12307,7 +12314,7 @@ linux*)
libsuff=
case "$host_cpu" in
x86_64*|s390x*|powerpc64*)
- echo '#line 12310 "configure"' > conftest.$ac_ext
+ echo '#line 12317 "configure"' > conftest.$ac_ext
if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
(eval $ac_compile) 2>&5
ac_status=$?
@@ -13365,11 +13372,11 @@ else
-e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
-e 's:$: $lt_compiler_flag:'`
- (eval echo "\"\$as_me:13368: $lt_compile\"" >&5)
+ (eval echo "\"\$as_me:13375: $lt_compile\"" >&5)
(eval "$lt_compile" 2>conftest.err)
ac_status=$?
cat conftest.err >&5
- echo "$as_me:13372: \$? = $ac_status" >&5
+ echo "$as_me:13379: \$? = $ac_status" >&5
if (exit $ac_status) && test -s "$ac_outfile"; then
# The compiler can only warn and ignore the option if not recognized
# So say no if there are warnings other than the usual output.
@@ -13469,11 +13476,11 @@ else
-e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
-e 's:$: $lt_compiler_flag:'`
- (eval echo "\"\$as_me:13472: $lt_compile\"" >&5)
+ (eval echo "\"\$as_me:13479: $lt_compile\"" >&5)
(eval "$lt_compile" 2>out/conftest.err)
ac_status=$?
cat out/conftest.err >&5
- echo "$as_me:13476: \$? = $ac_status" >&5
+ echo "$as_me:13483: \$? = $ac_status" >&5
if (exit $ac_status) && test -s out/conftest2.$ac_objext
then
# The compiler can only warn and ignore the option if not recognized
@@ -14918,7 +14925,7 @@ linux*)
libsuff=
case "$host_cpu" in
x86_64*|s390x*|powerpc64*)
- echo '#line 14921 "configure"' > conftest.$ac_ext
+ echo '#line 14928 "configure"' > conftest.$ac_ext
if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
(eval $ac_compile) 2>&5
ac_status=$?
@@ -15696,11 +15703,11 @@ else
-e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
-e 's:$: $lt_compiler_flag:'`
- (eval echo "\"\$as_me:15699: $lt_compile\"" >&5)
+ (eval echo "\"\$as_me:15706: $lt_compile\"" >&5)
(eval "$lt_compile" 2>conftest.err)
ac_status=$?
cat conftest.err >&5
- echo "$as_me:15703: \$? = $ac_status" >&5
+ echo "$as_me:15710: \$? = $ac_status" >&5
if (exit $ac_status) && test -s "$ac_outfile"; then
# The compiler can only warn and ignore the option if not recognized
# So say no if there are warnings other than the usual output.
@@ -15964,11 +15971,11 @@ else
-e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
-e 's:$: $lt_compiler_flag:'`
- (eval echo "\"\$as_me:15967: $lt_compile\"" >&5)
+ (eval echo "\"\$as_me:15974: $lt_compile\"" >&5)
(eval "$lt_compile" 2>conftest.err)
ac_status=$?
cat conftest.err >&5
- echo "$as_me:15971: \$? = $ac_status" >&5
+ echo "$as_me:15978: \$? = $ac_status" >&5
if (exit $ac_status) && test -s "$ac_outfile"; then
# The compiler can only warn and ignore the option if not recognized
# So say no if there are warnings other than the usual output.
@@ -16068,11 +16075,11 @@ else
-e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
-e 's:$: $lt_compiler_flag:'`
- (eval echo "\"\$as_me:16071: $lt_compile\"" >&5)
+ (eval echo "\"\$as_me:16078: $lt_compile\"" >&5)
(eval "$lt_compile" 2>out/conftest.err)
ac_status=$?
cat out/conftest.err >&5
- echo "$as_me:16075: \$? = $ac_status" >&5
+ echo "$as_me:16082: \$? = $ac_status" >&5
if (exit $ac_status) && test -s out/conftest2.$ac_objext
then
# The compiler can only warn and ignore the option if not recognized
@@ -17537,7 +17544,7 @@ linux*)
libsuff=
case "$host_cpu" in
x86_64*|s390x*|powerpc64*)
- echo '#line 17540 "configure"' > conftest.$ac_ext
+ echo '#line 17547 "configure"' > conftest.$ac_ext
if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
(eval $ac_compile) 2>&5
ac_status=$?
@@ -23294,6 +23301,564 @@ echo "$as_me: error: NSS not found, specify with
--with-nss." >&2;}
fi
# BEGIN COPYRIGHT BLOCK
+# Copyright (C) 2009 Red Hat, Inc.
+# All rights reserved.
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+#
+# END COPYRIGHT BLOCK
+
+{ echo "$as_me:$LINENO: checking for OpenLDAP..." >&5
+echo "$as_me: checking for OpenLDAP..." >&6;}
+
+# check for --with-openldap
+echo "$as_me:$LINENO: checking for --with-openldap" >&5
+echo $ECHO_N "checking for --with-openldap... $ECHO_C" >&6
+
+# Check whether --with-openldap or --without-openldap was given.
+if test "${with_openldap+set}" = set; then
+ withval="$with_openldap"
+
+ if test "$withval" = yes
+ then
+ echo "$as_me:$LINENO: result: using system OpenLDAP" >&5
+echo "${ECHO_T}using system OpenLDAP" >&6
+ elif test "$withval" = no
+ then
+ echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6
+ elif test -e "$withval"/include/ldap.h -a -d "$withval"/lib
+ then
+ echo "$as_me:$LINENO: result: using $withval" >&5
+echo "${ECHO_T}using $withval" >&6
+ OPENLDAPDIR=$withval
+ openldap_incdir="$OPENLDAPDIR/include"
+ openldap_inc="-I$openldap_incdir"
+ openldap_lib="-L$OPENLDAPDIR/lib"
+ openldap_libdir="$OPENLDAPDIR/lib"
+ with_openldap=yes
+ else
+ echo
+ { { echo "$as_me:$LINENO: error: $withval not found" >&5
+echo "$as_me: error: $withval not found" >&2;}
+ { (exit 1); exit 1; }; }
+ fi
+
+else
+ echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6
+fi;
+
+# check for --with-openldap-inc
+echo "$as_me:$LINENO: checking for --with-openldap-inc" >&5
+echo $ECHO_N "checking for --with-openldap-inc... $ECHO_C" >&6
+
+# Check whether --with-openldap-inc or --without-openldap-inc was given.
+if test "${with_openldap_inc+set}" = set; then
+ withval="$with_openldap_inc"
+
+ if test -e "$withval"/ldap.h
+ then
+ echo "$as_me:$LINENO: result: using $withval" >&5
+echo "${ECHO_T}using $withval" >&6
+ openldap_incdir="$withval"
+ openldap_inc="-I$withval"
+ with_openldap=yes
+ else
+ echo
+ { { echo "$as_me:$LINENO: error: $withval not found" >&5
+echo "$as_me: error: $withval not found" >&2;}
+ { (exit 1); exit 1; }; }
+ fi
+
+else
+ echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6
+fi;
+
+# check for --with-openldap-lib
+echo "$as_me:$LINENO: checking for --with-openldap-lib" >&5
+echo $ECHO_N "checking for --with-openldap-lib... $ECHO_C" >&6
+
+# Check whether --with-openldap-lib or --without-openldap-lib was given.
+if test "${with_openldap_lib+set}" = set; then
+ withval="$with_openldap_lib"
+
+ if test -d "$withval"
+ then
+ echo "$as_me:$LINENO: result: using $withval" >&5
+echo "${ECHO_T}using $withval" >&6
+ openldap_lib="-L$withval"
+ openldap_libdir="$withval"
+ with_openldap=yes
+ else
+ echo
+ { { echo "$as_me:$LINENO: error: $withval not found" >&5
+echo "$as_me: error: $withval not found" >&2;}
+ { (exit 1); exit 1; }; }
+ fi
+
+else
+ echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6
+fi;
+
+# if OPENLDAP is not found yet, try pkg-config
+
+if test "$with_openldap" = yes ; then # user wants to use openldap, but
didn't specify paths
+ if test -z "$openldap_inc" -o -z "$openldap_lib" -o -z
"$openldap_libdir"; then
+ # Extract the first word of "pkg-config", so it can be a program name with
args.
+set dummy pkg-config; ac_word=$2
+echo "$as_me:$LINENO: checking for $ac_word" >&5
+echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
+if test "${ac_cv_path_PKG_CONFIG+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ case $PKG_CONFIG in
+ [\\/]* | ?:[\\/]*)
+ ac_cv_path_PKG_CONFIG="$PKG_CONFIG" # Let the user override the test with a
path.
+ ;;
+ *)
+ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+ ac_cv_path_PKG_CONFIG="$as_dir/$ac_word$ac_exec_ext"
+ echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+done
+
+ ;;
+esac
+fi
+PKG_CONFIG=$ac_cv_path_PKG_CONFIG
+
+if test -n "$PKG_CONFIG"; then
+ echo "$as_me:$LINENO: result: $PKG_CONFIG" >&5
+echo "${ECHO_T}$PKG_CONFIG" >&6
+else
+ echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6
+fi
+
+ echo "$as_me:$LINENO: checking for OpenLDAP with pkg-config" >&5
+echo $ECHO_N "checking for OpenLDAP with pkg-config... $ECHO_C" >&6
+ if test -n "$PKG_CONFIG" && $PKG_CONFIG --exists openldap; then
+ openldap_inc=`$PKG_CONFIG --cflags-only-I openldap`
+ openldap_lib=`$PKG_CONFIG --libs-only-L openldap`
+ openldap_libdir=`$PKG_CONFIG --libs-only-L openldap | sed -e s/-L// | sed -e s/\
.*$//`
+ openldap_incdir=`$PKG_CONFIG --variable=includedir openldap`
+ echo "$as_me:$LINENO: result: using system OpenLDAP from pkg-config"
>&5
+echo "${ECHO_T}using system OpenLDAP from pkg-config" >&6
+ else
+ openldap_incdir="/usr/include"
+ openldap_inc="-I$openldap_incdir"
+ echo "$as_me:$LINENO: result: no OpenLDAP pkg-config files" >&5
+echo "${ECHO_T}no OpenLDAP pkg-config files" >&6
+ fi
+ fi
+fi
+
+
+if test "$with_openldap" = yes ; then
+ save_cppflags="$CPPFLAGS"
+ CPPFLAGS="$openldap_inc $nss_inc $nspr_inc"
+ if test "${ac_cv_header_ldap_features_h+set}" = set; then
+ echo "$as_me:$LINENO: checking for ldap_features.h" >&5
+echo $ECHO_N "checking for ldap_features.h... $ECHO_C" >&6
+if test "${ac_cv_header_ldap_features_h+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+fi
+echo "$as_me:$LINENO: result: $ac_cv_header_ldap_features_h" >&5
+echo "${ECHO_T}$ac_cv_header_ldap_features_h" >&6
+else
+ # Is the header compilable?
+echo "$as_me:$LINENO: checking ldap_features.h usability" >&5
+echo $ECHO_N "checking ldap_features.h usability... $ECHO_C" >&6
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+$ac_includes_default
+#include <ldap_features.h>
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_header_compiler=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ac_header_compiler=no
+fi
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
+echo "${ECHO_T}$ac_header_compiler" >&6
+
+# Is the header present?
+echo "$as_me:$LINENO: checking ldap_features.h presence" >&5
+echo $ECHO_N "checking ldap_features.h presence... $ECHO_C" >&6
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <ldap_features.h>
+_ACEOF
+if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"")
>&5
+ (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } >/dev/null; then
+ if test -s conftest.err; then
+ ac_cpp_err=$ac_c_preproc_warn_flag
+ ac_cpp_err=$ac_cpp_err$ac_c_werror_flag
+ else
+ ac_cpp_err=
+ fi
+else
+ ac_cpp_err=yes
+fi
+if test -z "$ac_cpp_err"; then
+ ac_header_preproc=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_header_preproc=no
+fi
+rm -f conftest.err conftest.$ac_ext
+echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
+echo "${ECHO_T}$ac_header_preproc" >&6
+
+# So? What about this header?
+case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
+ yes:no: )
+ { echo "$as_me:$LINENO: WARNING: ldap_features.h: accepted by the compiler,
rejected by the preprocessor!" >&5
+echo "$as_me: WARNING: ldap_features.h: accepted by the compiler, rejected by the
preprocessor!" >&2;}
+ { echo "$as_me:$LINENO: WARNING: ldap_features.h: proceeding with the
compiler's result" >&5
+echo "$as_me: WARNING: ldap_features.h: proceeding with the compiler's
result" >&2;}
+ ac_header_preproc=yes
+ ;;
+ no:yes:* )
+ { echo "$as_me:$LINENO: WARNING: ldap_features.h: present but cannot be
compiled" >&5
+echo "$as_me: WARNING: ldap_features.h: present but cannot be compiled"
>&2;}
+ { echo "$as_me:$LINENO: WARNING: ldap_features.h: check for missing
prerequisite headers?" >&5
+echo "$as_me: WARNING: ldap_features.h: check for missing prerequisite
headers?" >&2;}
+ { echo "$as_me:$LINENO: WARNING: ldap_features.h: see the Autoconf
documentation" >&5
+echo "$as_me: WARNING: ldap_features.h: see the Autoconf documentation"
>&2;}
+ { echo "$as_me:$LINENO: WARNING: ldap_features.h: section \"Present But
Cannot Be Compiled\"" >&5
+echo "$as_me: WARNING: ldap_features.h: section \"Present But Cannot Be
Compiled\"" >&2;}
+ { echo "$as_me:$LINENO: WARNING: ldap_features.h: proceeding with the
preprocessor's result" >&5
+echo "$as_me: WARNING: ldap_features.h: proceeding with the preprocessor's
result" >&2;}
+ { echo "$as_me:$LINENO: WARNING: ldap_features.h: in the future, the compiler
will take precedence" >&5
+echo "$as_me: WARNING: ldap_features.h: in the future, the compiler will take
precedence" >&2;}
+ (
+ cat <<\_ASBOX
+## ------------------------------------------ ##
+## Report this to
http://bugzilla.redhat.com/ ##
+## ------------------------------------------ ##
+_ASBOX
+ ) |
+ sed "s/^/$as_me: WARNING: /" >&2
+ ;;
+esac
+echo "$as_me:$LINENO: checking for ldap_features.h" >&5
+echo $ECHO_N "checking for ldap_features.h... $ECHO_C" >&6
+if test "${ac_cv_header_ldap_features_h+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ ac_cv_header_ldap_features_h=$ac_header_preproc
+fi
+echo "$as_me:$LINENO: result: $ac_cv_header_ldap_features_h" >&5
+echo "${ECHO_T}$ac_cv_header_ldap_features_h" >&6
+
+fi
+if test $ac_cv_header_ldap_features_h = yes; then
+ :
+else
+ { { echo "$as_me:$LINENO: error: specified with-openldap but ldap_features.h not
found" >&5
+echo "$as_me: error: specified with-openldap but ldap_features.h not found"
>&2;}
+ { (exit 1); exit 1; }; }
+fi
+
+
+ ol_ver_maj=`grep LDAP_VENDOR_VERSION_MAJOR $openldap_incdir/ldap_features.h | awk
'{print $3}'`
+ ol_ver_min=`grep LDAP_VENDOR_VERSION_MINOR $openldap_incdir/ldap_features.h | awk
'{print $3}'`
+ ol_ver_pat=`grep LDAP_VENDOR_VERSION_PATCH $openldap_incdir/ldap_features.h | awk
'{print $3}'`
+ ol_libver="-${ol_ver_maj}.${ol_ver_min}"
+ save_ldflags="$LDFLAGS"
+ LDFLAGS="$openldap_lib $LDFLAGS"
+ as_ac_Lib=`echo "ac_cv_lib_ldap$ol_libver''_ldap_initialize" |
$as_tr_sh`
+echo "$as_me:$LINENO: checking for ldap_initialize in -lldap$ol_libver"
>&5
+echo $ECHO_N "checking for ldap_initialize in -lldap$ol_libver... $ECHO_C"
>&6
+if eval "test \"\${$as_ac_Lib+set}\" = set"; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ ac_check_lib_save_LIBS=$LIBS
+LIBS="-lldap$ol_libver $LIBS"
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+/* Override any gcc2 internal prototype to avoid an error. */
+#ifdef __cplusplus
+extern "C"
+#endif
+/* We use char because int might match the return type of a gcc2
+ builtin and then its argument prototype would still apply. */
+char ldap_initialize ();
+int
+main ()
+{
+ldap_initialize ();
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest$ac_exeext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ eval "$as_ac_Lib=yes"
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+eval "$as_ac_Lib=no"
+fi
+rm -f conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Lib'}'`"
>&5
+echo "${ECHO_T}`eval echo '${'$as_ac_Lib'}'`" >&6
+if test `eval echo '${'$as_ac_Lib'}'` = yes; then
+ have_ldap_lib=1
+fi
+
+ if test -z "$have_ldap_lib" ; then
+ echo "$as_me:$LINENO: checking for ldap_initialize in -lldap" >&5
+echo $ECHO_N "checking for ldap_initialize in -lldap... $ECHO_C" >&6
+if test "${ac_cv_lib_ldap_ldap_initialize+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ ac_check_lib_save_LIBS=$LIBS
+LIBS="-lldap $LIBS"
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+/* Override any gcc2 internal prototype to avoid an error. */
+#ifdef __cplusplus
+extern "C"
+#endif
+/* We use char because int might match the return type of a gcc2
+ builtin and then its argument prototype would still apply. */
+char ldap_initialize ();
+int
+main ()
+{
+ldap_initialize ();
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest$ac_exeext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_cv_lib_ldap_ldap_initialize=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ac_cv_lib_ldap_ldap_initialize=no
+fi
+rm -f conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+echo "$as_me:$LINENO: result: $ac_cv_lib_ldap_ldap_initialize" >&5
+echo "${ECHO_T}$ac_cv_lib_ldap_ldap_initialize" >&6
+if test $ac_cv_lib_ldap_ldap_initialize = yes; then
+ unset ol_libver
+else
+ { { echo "$as_me:$LINENO: error: specified with-openldap but libldap not
found" >&5
+echo "$as_me: error: specified with-openldap but libldap not found"
>&2;}
+ { (exit 1); exit 1; }; }
+fi
+
+ fi
+ as_ac_Lib=`echo "ac_cv_lib_ldap$ol_libver''_ldap_url_parse_ext" |
$as_tr_sh`
+echo "$as_me:$LINENO: checking for ldap_url_parse_ext in -lldap$ol_libver"
>&5
+echo $ECHO_N "checking for ldap_url_parse_ext in -lldap$ol_libver... $ECHO_C"
>&6
+if eval "test \"\${$as_ac_Lib+set}\" = set"; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ ac_check_lib_save_LIBS=$LIBS
+LIBS="-lldap$ol_libver $LIBS"
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+/* Override any gcc2 internal prototype to avoid an error. */
+#ifdef __cplusplus
+extern "C"
+#endif
+/* We use char because int might match the return type of a gcc2
+ builtin and then its argument prototype would still apply. */
+char ldap_url_parse_ext ();
+int
+main ()
+{
+ldap_url_parse_ext ();
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest$ac_exeext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ eval "$as_ac_Lib=yes"
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+eval "$as_ac_Lib=no"
+fi
+rm -f conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Lib'}'`"
>&5
+echo "${ECHO_T}`eval echo '${'$as_ac_Lib'}'`" >&6
+if test `eval echo '${'$as_ac_Lib'}'` = yes; then
+
+cat >>confdefs.h <<\_ACEOF
+#define HAVE_LDAP_URL_PARSE_EXT 1
+_ACEOF
+
+fi
+
+ LDFLAGS="$save_ldflags"
+ CPPFLAGS="$save_cppflags"
+
+
+cat >>confdefs.h <<\_ACEOF
+#define USE_OPENLDAP 1
+_ACEOF
+
+fi
+
+# BEGIN COPYRIGHT BLOCK
# Copyright (C) 2006 Red Hat, Inc.
# All rights reserved.
#
@@ -23313,8 +23878,8 @@ fi
#
# END COPYRIGHT BLOCK
-{ echo "$as_me:$LINENO: checking for LDAPSDK..." >&5
-echo "$as_me: checking for LDAPSDK..." >&6;}
+{ echo "$as_me:$LINENO: checking for Mozilla LDAPSDK..." >&5
+echo "$as_me: checking for Mozilla LDAPSDK..." >&6;}
# check for --with-ldapsdk
echo "$as_me:$LINENO: checking for --with-ldapsdk" >&5
@@ -23324,7 +23889,15 @@ echo $ECHO_N "checking for --with-ldapsdk... $ECHO_C"
>&6
if test "${with_ldapsdk+set}" = set; then
withval="$with_ldapsdk"
- if test -e "$withval"/include/ldap.h -a -d "$withval"/lib
+ if test "$withval" = yes
+ then
+ echo "$as_me:$LINENO: result: yes" >&5
+echo "${ECHO_T}yes" >&6
+ elif test "$withval" = no
+ then
+ echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6
+ elif test -e "$withval"/include/ldap.h -a -d "$withval"/lib
then
echo "$as_me:$LINENO: result: using $withval" >&5
echo "${ECHO_T}using $withval" >&6
@@ -23332,6 +23905,7 @@ echo "${ECHO_T}using $withval" >&6
ldapsdk_inc="-I$LDAPSDKDIR/include"
ldapsdk_lib="-L$LDAPSDKDIR/lib"
ldapsdk_libdir="$LDAPSDKDIR/lib"
+ with_ldapsdk=yes
else
echo
{ { echo "$as_me:$LINENO: error: $withval not found" >&5
@@ -23339,9 +23913,31 @@ echo "$as_me: error: $withval not found" >&2;}
{ (exit 1); exit 1; }; }
fi
+ if test "$with_ldapsdk" = yes -a "$with_openldap" = yes
+ then
+ { { echo "$as_me:$LINENO: error: Cannot use both LDAPSDK and OpenLDAP."
>&5
+echo "$as_me: error: Cannot use both LDAPSDK and OpenLDAP." >&2;}
+ { (exit 1); exit 1; }; }
+ fi
+ if test "$with_ldapsdk" != yes -a "$with_openldap" != yes
+ then
+ { { echo "$as_me:$LINENO: error: Either LDAPSDK or OpenLDAP must be used."
>&5
+echo "$as_me: error: Either LDAPSDK or OpenLDAP must be used." >&2;}
+ { (exit 1); exit 1; }; }
+ fi
+
else
- echo "$as_me:$LINENO: result: no" >&5
+
+ if test "$with_openldap" = yes
+ then
+ echo "$as_me:$LINENO: result: no" >&5
echo "${ECHO_T}no" >&6
+ else
+ echo "$as_me:$LINENO: result: yes" >&5
+echo "${ECHO_T}yes" >&6
+ with_ldapsdk=yes
+ fi
+
fi;
# check for --with-ldapsdk-inc
@@ -23357,6 +23953,7 @@ if test "${with_ldapsdk_inc+set}" = set; then
echo "$as_me:$LINENO: result: using $withval" >&5
echo "${ECHO_T}using $withval" >&6
ldapsdk_inc="-I$withval"
+ with_ldapsdk=yes
else
echo
{ { echo "$as_me:$LINENO: error: $withval not found" >&5
@@ -23383,6 +23980,7 @@ if test "${with_ldapsdk_lib+set}" = set; then
echo "${ECHO_T}using $withval" >&6
ldapsdk_lib="-L$withval"
ldapsdk_libdir="$withval"
+ with_ldapsdk=yes
else
echo
{ { echo "$as_me:$LINENO: error: $withval not found" >&5
@@ -23398,10 +23996,9 @@ fi;
# if LDAPSDK is not found yet, try pkg-config
# last resort
-if test -z "$ldapsdk_inc" -o -z "$ldapsdk_lib" -o -z
"$ldapsdk_libdir"; then
- echo "$as_me:$LINENO: checking for mozldap with pkg-config" >&5
-echo $ECHO_N "checking for mozldap with pkg-config... $ECHO_C" >&6
- # Extract the first word of "pkg-config", so it can be a program name with
args.
+if test "$with_ldapsdk" = yes ; then
+ if test -z "$ldapsdk_inc" -o -z "$ldapsdk_lib" -o -z
"$ldapsdk_libdir"; then
+ # Extract the first word of "pkg-config", so it can be a program name with
args.
set dummy pkg-config; ac_word=$2
echo "$as_me:$LINENO: checking for $ac_word" >&5
echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
@@ -23440,32 +24037,37 @@ else
echo "${ECHO_T}no" >&6
fi
- if test -n "$PKG_CONFIG"; then
- if $PKG_CONFIG --exists mozldap6; then
- ldapsdk_name=mozldap6
- elif $PKG_CONFIG --exists mozldap; then
- ldapsdk_name=mozldap
- else
- { { echo "$as_me:$LINENO: error: LDAPSDK not found, specify with
--with-ldapsdk-inc|-lib." >&5
+ echo "$as_me:$LINENO: checking for mozldap with pkg-config" >&5
+echo $ECHO_N "checking for mozldap with pkg-config... $ECHO_C" >&6
+ if test -n "$PKG_CONFIG"; then
+ if $PKG_CONFIG --exists mozldap6; then
+ mozldappkg=mozldap6
+ elif $PKG_CONFIG --exists mozldap; then
+ mozldappkg=mozldap
+ else
+ { { echo "$as_me:$LINENO: error: LDAPSDK not found, specify with
--with-ldapsdk-inc|-lib." >&5
echo "$as_me: error: LDAPSDK not found, specify with --with-ldapsdk-inc|-lib."
>&2;}
{ (exit 1); exit 1; }; }
+ fi
+ ldapsdk_inc=`$PKG_CONFIG --cflags-only-I $mozldappkg`
+ ldapsdk_lib=`$PKG_CONFIG --libs-only-L $mozldappkg`
+ ldapsdk_libdir=`$PKG_CONFIG --libs-only-L $mozldappkg | sed -e s/-L// | sed -e s/\
.*$//`
+ echo "$as_me:$LINENO: result: using system $mozldappkg" >&5
+echo "${ECHO_T}using system $mozldappkg" >&6
fi
- ldapsdk_inc=`$PKG_CONFIG --cflags-only-I $ldapsdk_name`
- ldapsdk_lib=`$PKG_CONFIG --libs-only-L $ldapsdk_name`
- ldapsdk_libdir=`$PKG_CONFIG --libs-only-L $ldapsdk_name | sed -e s/-L// | sed -e s/\
*$//`
- echo "$as_me:$LINENO: result: using system $ldapsdk_name" >&5
-echo "${ECHO_T}using system $ldapsdk_name" >&6
fi
fi
-if test -z "$ldapsdk_inc" -o -z "$ldapsdk_lib"; then
- { { echo "$as_me:$LINENO: error: LDAPSDK not found, specify with
--with-ldapsdk-inc|-lib." >&5
+
+if test "$with_ldapsdk" = yes ; then
+ if test -z "$ldapsdk_inc" -o -z "$ldapsdk_lib"; then
+ { { echo "$as_me:$LINENO: error: LDAPSDK not found, specify with
--with-ldapsdk-inc|-lib." >&5
echo "$as_me: error: LDAPSDK not found, specify with --with-ldapsdk-inc|-lib."
>&2;}
{ (exit 1); exit 1; }; }
-fi
+ fi
-save_cppflags="$CPPFLAGS"
-CPPFLAGS="$ldapsdk_inc $nss_inc $nspr_inc"
-echo "$as_me:$LINENO: checking for ldap.h" >&5
+ save_cppflags="$CPPFLAGS"
+ CPPFLAGS="$ldapsdk_inc $nss_inc $nspr_inc"
+ echo "$as_me:$LINENO: checking for ldap.h" >&5
echo $ECHO_N "checking for ldap.h... $ECHO_C" >&6
if test "${ac_cv_header_ldap_h+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
@@ -23524,12 +24126,23 @@ else
fi
-CPPFLAGS="$save_cppflags"
+ CPPFLAGS="$save_cppflags"
-if test -z "$isversion6" ; then
- { { echo "$as_me:$LINENO: error: The LDAPSDK version in
$ldapsdk_inc/ldap-standard.h is not supported" >&5
+ if test -z "$isversion6" ; then
+ { { echo "$as_me:$LINENO: error: The LDAPSDK version in
$ldapsdk_inc/ldap-standard.h is not supported" >&5
echo "$as_me: error: The LDAPSDK version in $ldapsdk_inc/ldap-standard.h is not
supported" >&2;}
{ (exit 1); exit 1; }; }
+ fi
+
+cat >>confdefs.h <<\_ACEOF
+#define USE_MOZLDAP 1
+_ACEOF
+
+
+cat >>confdefs.h <<\_ACEOF
+#define HAVE_LDAP_URL_PARSE_NO_DEFAULTS 1
+_ACEOF
+
fi
if test "$enable_tests" = "yes" ; then
@@ -23965,6 +24578,20 @@ fi
+
+
+
+
+
+
+if test "$with_openldap" = "yes"; then
+ OPENLDAP_TRUE=
+ OPENLDAP_FALSE='#'
+else
+ OPENLDAP_TRUE='#'
+ OPENLDAP_FALSE=
+fi
+
# WINNT should be true if building on Windows system not using
# cygnus, mingw, or the like and using cmd.exe as the shell
@@ -24157,6 +24784,13 @@ echo "$as_me: error: conditional \"enable_tests\"
was never defined.
Usually this means the macro was only invoked conditionally." >&2;}
{ (exit 1); exit 1; }; }
fi
+if test -z "${OPENLDAP_TRUE}" && test -z "${OPENLDAP_FALSE}";
then
+ { { echo "$as_me:$LINENO: error: conditional \"OPENLDAP\" was never
defined.
+Usually this means the macro was only invoked conditionally." >&5
+echo "$as_me: error: conditional \"OPENLDAP\" was never defined.
+Usually this means the macro was only invoked conditionally." >&2;}
+ { (exit 1); exit 1; }; }
+fi
if test -z "${WINNT_TRUE}" && test -z "${WINNT_FALSE}"; then
{ { echo "$as_me:$LINENO: error: conditional \"WINNT\" was never
defined.
Usually this means the macro was only invoked conditionally." >&5
@@ -24435,7 +25069,7 @@ _ASBOX
} >&5
cat >&5 <<_CSEOF
-This file was extended by 389-adminutil $as_me 1.1.10, which was
+This file was extended by 389-adminutil $as_me 1.1.11, which was
generated by GNU Autoconf 2.59. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -24493,7 +25127,7 @@ _ACEOF
cat >>$CONFIG_STATUS <<_ACEOF
ac_cs_version="\\
-389-adminutil config.status 1.1.10
+389-adminutil config.status 1.1.11
configured by $0, generated by GNU Autoconf 2.59,
with options \\"`echo "$ac_configure_args" | sed
's/[\\""\`\$]/\\\\&/g'`\\"
@@ -24780,12 +25414,18 @@ s,@nss_libdir@,$nss_libdir,;t t
s,@ldapsdk_inc@,$ldapsdk_inc,;t t
s,@ldapsdk_lib@,$ldapsdk_lib,;t t
s,@ldapsdk_libdir@,$ldapsdk_libdir,;t t
+s,@openldap_inc@,$openldap_inc,;t t
+s,@openldap_lib@,$openldap_lib,;t t
+s,@openldap_libdir@,$openldap_libdir,;t t
+s,@ol_libver@,$ol_libver,;t t
s,@sasl_inc@,$sasl_inc,;t t
s,@sasl_lib@,$sasl_lib,;t t
s,@icu_inc@,$icu_inc,;t t
s,@icu_lib@,$icu_lib,;t t
s,@icu_libdir@,$icu_libdir,;t t
s,@icu_bin@,$icu_bin,;t t
+s,@OPENLDAP_TRUE@,$OPENLDAP_TRUE,;t t
+s,@OPENLDAP_FALSE@,$OPENLDAP_FALSE,;t t
s,@WINNT_TRUE@,$WINNT_TRUE,;t t
s,@WINNT_FALSE@,$WINNT_FALSE,;t t
s,@LTLIBOBJS@,$LTLIBOBJS,;t t
diff --git a/configure.ac b/configure.ac
index 5440425..cc7fcb8 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,7 +1,7 @@
# -*- Autoconf -*-
# Process this file with autoconf to produce a configure script.
AC_PREREQ(2.59)
-AC_INIT([389-adminutil], [1.1.10], [
http://bugzilla.redhat.com/])
+AC_INIT([389-adminutil], [1.1.11], [
http://bugzilla.redhat.com/])
AM_INIT_AUTOMAKE([1.9 foreign subdir-objects])
AM_MAINTAINER_MODE
AC_CANONICAL_HOST
@@ -120,6 +120,7 @@ AC_MSG_RESULT($enable_rpath)
m4_include(m4/nspr.m4)
m4_include(m4/nss.m4)
+m4_include(m4/openldap.m4)
m4_include(m4/mozldap.m4)
if test "$enable_tests" = "yes" ; then
m4_include(m4/sasl.m4)
@@ -150,6 +151,10 @@ AC_SUBST(nss_libdir)
AC_SUBST(ldapsdk_inc)
AC_SUBST(ldapsdk_lib)
AC_SUBST(ldapsdk_libdir)
+AC_SUBST(openldap_inc)
+AC_SUBST(openldap_lib)
+AC_SUBST(openldap_libdir)
+AC_SUBST(ol_libver)
AC_SUBST(sasl_inc)
AC_SUBST(sasl_lib)
AC_SUBST(icu_inc)
@@ -157,6 +162,7 @@ AC_SUBST(icu_lib)
AC_SUBST(icu_libdir)
AC_SUBST(icu_bin)
+AM_CONDITIONAL(OPENLDAP,test "$with_openldap" = "yes")
# WINNT should be true if building on Windows system not using
# cygnus, mingw, or the like and using cmd.exe as the shell
AM_CONDITIONAL([WINNT], false)
diff --git a/include/libadminutil/admutil-int.h b/include/libadminutil/admutil-int.h
new file mode 100644
index 0000000..ef38230
--- /dev/null
+++ b/include/libadminutil/admutil-int.h
@@ -0,0 +1,190 @@
+/** BEGIN COPYRIGHT BLOCK
+ * Copyright (C) 2001 Sun Microsystems, Inc. Used by permission.
+ * Copyright (C) 2005 Red Hat, Inc.
+ * All rights reserved.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation version
+ * 2.1 of the License.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
+ * END COPYRIGHT BLOCK **/
+/*
+ * These interfaces are private to adminutil - not exposed to the public
+ * api, but shared among the files in the adminutil libraries
+ */
+#ifndef __ADMUTIL_INT_H__
+#define __ADMUTIL_INT_H__
+
+#include <stdio.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <nspr.h>
+#include <libadminutil/admutil.h>
+
+struct _AdmldapHdnl;
+typedef struct _AdmldapHdnl *AdmldapHdnlPtr;
+
+char*
+dn2AttrName(char* dn, char* rootDN);
+
+char*
+attrName2dn(char* attrName, char* rootDN);
+
+/*
+ * LDAPMod related utility functions
+ */
+LDAPMod*
+createSingleValMod( char* namep, char* value, int mode);
+
+LDAPMod*
+createMod( char* namep, ValueType values, int mode);
+
+void
+deleteMod(LDAPMod* mod);
+
+void
+deleteMods(LDAPMod** mods);
+
+/*
+ * List related data structure and method
+ */
+typedef struct _ListNode {
+ char* name;
+ void* val;
+ int dflag;
+ struct _ListNode *next;
+} ListNode, *ListNodePtr;
+
+/*
+ * Binary Tree related data structure and methods
+ */
+typedef struct _TreeNode {
+ char* name;
+ ListNodePtr val;
+ struct _TreeNode *left, *right;
+} TreeNode, *TreeNodePtr;
+
+ListNodePtr
+createListNode(char* name, void *val, int dflag);
+
+ListNodePtr
+listFindNode(ListNodePtr list, char* name);
+
+void*
+listGetValue(ListNodePtr list, char* name);
+
+int
+listCount(ListNodePtr list);
+
+ListNodePtr
+listCat(ListNodePtr list1, ListNodePtr list2);
+
+ListNodePtr
+listAppend(ListNodePtr list, char* name, void* val,int dflag);
+
+ListNodePtr
+listAdd(ListNodePtr list, char* name, void* val, int dflag);
+
+ListNodePtr
+listDelete(ListNodePtr list, char* name);
+
+void
+listDestroy(ListNodePtr list);
+
+/* Some utilities which use list */
+AttributeList
+nvlistConvert(ListNodePtr list);
+
+void
+nvlistDestroy(ListNodePtr list);
+
+ListNodePtr
+createUpdateList(AttributeList nvl);
+
+void
+destroyUpdateList(ListNodePtr);
+
+
+TreeNodePtr
+createTreeNode(char* name, char* val);
+
+int
+treeCount(TreeNodePtr root);
+
+TreeNodePtr
+treeFindNode(TreeNodePtr node, char* name);
+
+ValueType
+treeFindValue(TreeNodePtr root, char* name);
+
+char*
+treeFindValueAt(TreeNodePtr root, char* name, int index);
+
+TreeNodePtr
+treeAddNode(TreeNodePtr node, TreeNodePtr newNode);
+
+TreeNodePtr
+treeAddValue(TreeNodePtr node, char* val);
+
+TreeNodePtr
+treeAddNameValue(TreeNodePtr node, char* name, char* val);
+
+int
+treeRemoveNode(TreeNodePtr node, char* name, int* removeFlag);
+
+void
+treeRemoveTree(TreeNodePtr node);
+
+ListNodePtr
+treeBuildAttrList(char* nodeName, TreeNodePtr node);
+
+void
+treeExport(FILE *fstream, char* parentString, TreeNodePtr node);
+
+TreeNodePtr
+treeImport(FILE *fstream, int* errorcode);
+
+/*
+ * utility function for copy/free string array
+ */
+PR_IMPLEMENT(char**)
+admutil_strsdup(char** orig);
+
+PR_IMPLEMENT(char**)
+admutil_strsdup_berval(struct berval** orig);
+
+PR_IMPLEMENT(void)
+admutil_strsFree(char** target);
+
+int admutil_ldap_url_parse(const char *url, LDAPURLDesc **ludpp, int require_dn, int
*secure);
+LDAP *admutil_ldap_init(
+ AdmldapInfo info,
+ const char *ldapurl, /* full ldap url */
+ const char *hostname, /* can also use this to override
+ host in url */
+ int port, /* can also use this to override port in url */
+ int secure, /* 0 for ldap, 1 for ldaps */
+ int shared, /* if true, LDAP* will be shared among multiple threads */
+ const char *filename /* for ldapi */
+);
+int admutil_ldap_bind(
+ LDAP *ld, /* ldap connection */
+ const char *bindid, /* usually a bind DN for simple bind */
+ const char *creds, /* usually a password for simple bind */
+ const char *mech, /* name of mechanism */
+ LDAPControl **serverctrls, /* additional controls to send */
+ LDAPControl ***returnedctrls, /* returned controls */
+ struct timeval *timeout, /* timeout */
+ int *msgidp /* pass in non-NULL for async handling */
+);
+
+#endif /* __ADMUTIL_INT_H__ */
diff --git a/include/libadminutil/admutil.h b/include/libadminutil/admutil.h
index fa61e8b..a1baa36 100644
--- a/include/libadminutil/admutil.h
+++ b/include/libadminutil/admutil.h
@@ -122,8 +122,6 @@ PR_IMPLEMENT(int)
admutil_getline(FILE *fstream, int maxlen, int lineno, char* buf);
/* Utility function to get ldap Information */
-PR_IMPLEMENT(int)
-admutil_uuencode(unsigned char *src, unsigned char *dst, int srclen);
typedef void* AdmldapInfo;
diff --git a/include/libadminutil/prodinfo.h b/include/libadminutil/prodinfo.h
deleted file mode 100644
index 03a25b4..0000000
--- a/include/libadminutil/prodinfo.h
+++ /dev/null
@@ -1,106 +0,0 @@
-/** BEGIN COPYRIGHT BLOCK
- * Copyright (C) 2001 Sun Microsystems, Inc. Used by permission.
- * Copyright (C) 2005 Red Hat, Inc.
- * All rights reserved.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation version
- * 2.1 of the License.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
- * END COPYRIGHT BLOCK **/
-/*
- * prodinfo.h
- *
- * $Id: prodinfo.h,v 1.2 2005/12/06 18:38:31 nhosoi Exp $
- */
-
-#ifndef prodinfo_h
-#define prodinfo_h
-
-/***********************************************************************
-** Includes
-***********************************************************************/
-
-#include <netsite.h>
-
-typedef struct {
- char *var; /* name of array */
- int numEls; /* how many names in array */
- char **els; /* names in array */
-} ADM_piList;
-
-typedef struct {
- char *when;
- int numVars; /* numVars is the number of vars and vals */
- char **vars;
- char **vals;
- int numBools; /* how many boolean variables? */
- char **boolVars;
- char *boolVals;
- int numLists;
- ADM_piList *lists;
-} ADM_piTree;
-
-/***********************************************************************
-** GLOBAL FUNCTIONS:
-** DESCRIPTION:
-** These functions allow one to use data from files which have name value
-** pairs, boolean variables, and list variables. See
-**
http://poseidon/~flc/prodinfo.html for a description of the file format.
-**
-** EXAMPLE:
-** @+@ Something that really gives the idea of how to use this set of functions
-**
-** RESTRICTIONS:
-**
-**
-** RETURN CODE TABLE:
-** -1: list or variable not found
-** 0: boolean variable false or list entry not found
-** 1: boolean variable true or list entry found
-***********************************************************************/
-
-NSPR_BEGIN_EXTERN_C
-
-PR_IMPLEMENT(ADM_piTree *)
-ADM_pi_init( char *file );
-
-PR_IMPLEMENT(void)
-ADM_pi_done( ADM_piTree * );
-
-PR_IMPLEMENT(char *)
-ADM_pi_value( ADM_piTree *, char *var );
-
-PR_IMPLEMENT(char *)
-ADM_pi_when( ADM_piTree * );
-
-PR_IMPLEMENT(int)
-ADM_pi_canDo( ADM_piTree *, char *, char * );
-
-PR_IMPLEMENT(int)
-ADM_pi_list( ADM_piTree *, char *name, char ***list );
-
-PR_IMPLEMENT(void)
-ADM_pi_setValue (ADM_piTree *tree, char *name, char *value);
-
-PR_IMPLEMENT(void)
-ADM_pi_setBoolean (ADM_piTree *tree, char *capability, char *value);
-
-PR_IMPLEMENT(void)
-ADM_pi_setCapability (ADM_piTree *tree, char *capability, char *instance);
-
-PR_IMPLEMENT(int)
-ADM_pi_write (ADM_piTree *tree, char *fileName);
-
-NSPR_END_EXTERN_C
-
-#endif /* prodinfo_h */
diff --git a/include/libadminutil/psetc.h b/include/libadminutil/psetc.h
index 411f0e1..c5496a5 100644
--- a/include/libadminutil/psetc.h
+++ b/include/libadminutil/psetc.h
@@ -88,7 +88,7 @@ psetCreate(char* serverID, char* configRoot, char* userDN, char*
passwd,
int* errorcode);
PR_IMPLEMENT(PsetHndl)
-psetRealCreate(char* ldapHost, int ldapPort, char* sieDN, char* userDN,
+psetRealCreate(AdmldapInfo ldapInfo, char* ldapHost, int ldapPort, char* sieDN, char*
userDN,
char* passwd, char* cacheFile, int* errorcode);
PR_IMPLEMENT(PsetHndl)
@@ -104,7 +104,7 @@ PR_IMPLEMENT(PsetHndl)
psetFileCreate(char* configFile, char* filter, int* errorcode);
PR_IMPLEMENT(PsetHndl)
-psetRealLDAPImport(PsetHndl pset, char* ldapHost, int ldapPort, char* sieDN, char*
userDN,
+psetRealLDAPImport(AdmldapInfo ldapInfo, PsetHndl pset, char* ldapHost, int ldapPort,
char* sieDN, char* userDN,
char* passwd, char* cacheFile, char* filter, int* errorcode);
PR_IMPLEMENT(PsetHndl)
diff --git a/include/libadmsslutil/psetcssl.h b/include/libadmsslutil/psetcssl.h
index 7de65c9..9379fb2 100644
--- a/include/libadmsslutil/psetcssl.h
+++ b/include/libadmsslutil/psetcssl.h
@@ -37,12 +37,12 @@ psetCreateSSL(char* serverID, char* configRoot, char* userDN, char*
passwd,
int* errorcode);
PR_IMPLEMENT(PsetHndl)
-psetRealCreateSSL(char* ldapHost, int ldapPort, int secure, char* sieDN,
+psetRealCreateSSL(AdmldapInfo ldapInfo, char* ldapHost, int ldapPort, int secure, char*
sieDN,
char* userDN, char* passwd, char* configFile,
int* errorcode);
PR_IMPLEMENT(PsetHndl)
-psetRealLDAPImportSSL(PsetHndl pseth, char* ldapHost, int ldapPort,
+psetRealLDAPImportSSL(AdmldapInfo ldapInfo, PsetHndl pseth, char* ldapHost, int
ldapPort,
int secure, char* sieDN, char* userDN, char* passwd,
char* configFile, char* filter, int* errorcode);
#ifdef __cplusplus
diff --git a/lib/libadminutil/admutil.c b/lib/libadminutil/admutil.c
index 1b06085..fc63d31 100644
--- a/lib/libadminutil/admutil.c
+++ b/lib/libadminutil/admutil.c
@@ -24,8 +24,11 @@
#include <ctype.h>
#include "version.h"
#include "admutil_pvt.h"
+#include "libadminutil/admutil-int.h"
#include "libadminutil/distadm.h"
-
+#if defined(USE_OPENLDAP)
+#include <lber.h>
+#endif
#ifdef XP_WIN32
#define strcasecmp stricmp
#define strncasecmp _strnicmp
@@ -96,14 +99,19 @@ find_file_in_paths(
return retval;
}
-/* Copy from libadmin..... */
-static unsigned char uuset[] = {
-'A','B','C','D','E','F','G','H','I','J','K','L','M','N','O','P','Q','R','S','T',
-'U','V','W','X','Y','Z','a','b','c','d','e','f','g','h','i','j','k','l','m','n',
-'o','p','q','r','s','t','u','v','w','x','y','z','0','1','2','3','4','5','6','7',
-'8','9','+','/' };
-
-static int LDAP_CALL LDAP_CALLBACK
+#if defined(USE_OPENLDAP)
+static int
+admin_ldap_rebind_proc(
+ LDAP *ld, LDAP_CONST char *url,
+ ber_tag_t request, ber_int_t msgid,
+ void *arg)
+{
+ AdmldapHdnlPtr ptr = (AdmldapHdnlPtr)arg;
+
+ return admutil_ldap_bind(ld, ptr->sieDN, ptr->passwd, LDAP_SASL_SIMPLE, NULL,
NULL, NULL, NULL);
+}
+#else /* NOT USE_OPENLDAP */
+static int
admin_ldap_rebind_proc (LDAP *ld, char **whop, char **passwdp,
int *authmethodp, int freeit, void *arg) {
AdmldapHdnlPtr ptr = (AdmldapHdnlPtr)arg;
@@ -116,58 +124,7 @@ admin_ldap_rebind_proc (LDAP *ld, char **whop, char **passwdp,
return LDAP_SUCCESS;
}
-
-PR_IMPLEMENT(int)
-admutil_uuencode(unsigned char *src, unsigned char *dst, int srclen)
-{
- int i, r;
- unsigned char *p;
-
-/* To uuencode, we snip 8 bits from 3 bytes and store them as
- 6 bits in 4 bytes. 6*4 == 8*3 (get it?) and 6 bits per byte
- yields nice clean bytes
-
- It goes like this:
- AAAAAAAA BBBBBBBB CCCCCCCC
- turns into the standard set of uuencode ascii chars indexed by numbers:
- 00AAAAAA 00AABBBB 00BBBBCC 00CCCCCC
-
- Snip-n-shift, snip-n-shift, etc....
- */
-
- for (p=dst,i=0; i < srclen; i += 3) {
- /* Do 3 bytes of src */
- register char b0, b1, b2;
-
- b0 = src[0];
- if (i==srclen-1)
- b1 = b2 = '\0';
- else if (i==srclen-2) {
- b1 = src[1];
- b2 = '\0';
- }
- else {
- b1 = src[1];
- b2 = src[2];
- }
-
- *p++ = uuset[b0>>2];
- *p++ = uuset[(((b0 & 0x03) << 4) | ((b1 & 0xf0) >> 4))];
- *p++ = uuset[(((b1 & 0x0f) << 2) | ((b2 & 0xc0) >> 6))];
- *p++ = uuset[b2 & 0x3f];
- src += 3;
- }
- *p = 0; /* terminate the string */
- r = (unsigned char *)p - (unsigned char *)dst;/* remember how many we did */
-
- /* Always do 4-for-3, but if not round threesome, have to go
- clean up the last extra bytes */
-
- for( ; i != srclen; i--)
- *--p = '=';
-
- return r;
-}
+#endif
PR_IMPLEMENT(char**)
admutil_strsdup(char** orig)
@@ -189,6 +146,27 @@ admutil_strsdup(char** orig)
return dest;
}
+PR_IMPLEMENT(char**)
+admutil_strsdup_berval(struct berval** orig)
+{
+ int cnt = 0, i = 0;
+ char **dest;
+ struct berval **tmpptr;
+
+ if (!orig) return NULL;
+
+ tmpptr = orig;
+ while (*tmpptr++ != NULL) cnt++;
+
+ dest = (char**)PR_Malloc((cnt+1)*sizeof(char*));
+
+ for (i=0; i < cnt; i++) dest[i] = PL_strndup(orig[i]->bv_val,
orig[i]->bv_len);
+
+ dest[cnt] = NULL;
+
+ return dest;
+}
+
PR_IMPLEMENT(void)
admutil_strsFree(char** target)
{
@@ -385,8 +363,8 @@ dn2AttrName(char* dn, char* rootDN)
attrLen--;
}
- ldap_value_free(dnList);
- ldap_value_free(rootList);
+ admutil_strsFree(dnList);
+ admutil_strsFree(rootList);
return PL_strdup(buf);
}
@@ -729,6 +707,18 @@ treeFindNode(TreeNodePtr node, char* name)
else return NULL;
}
+static int
+treeHasNode(AdmldapInfo info, char* name)
+{
+ int result = 0;
+ AdmldapHdnlPtr admInfo = (AdmldapHdnlPtr)info;
+
+ if (admInfo && admInfo->configInfo) {
+ result = treeFindNode(admInfo->configInfo, name) ? 1 : 0;
+ }
+ return result;
+}
+
ValueType
treeFindValue(TreeNodePtr root, char* name)
{
@@ -1185,21 +1175,26 @@ admldapBuildInfoOnly(char* configRoot, int *errorcode)
configInfo = treeImport(fileStream, errorcode);
fclose(fileStream);
- if (!configInfo) { *errorcode = ADMUTIL_SYSTEM_ERR; return NULL; }
+ if (!configInfo) {
+ *errorcode = ADMUTIL_SYSTEM_ERR;
+ PR_smprintf_free(path);
+ return NULL;
+ }
admInfo = (AdmldapHdnlPtr)PR_Malloc(sizeof(AdmldapHdnl));
- if (!admInfo) { *errorcode = ADMUTIL_SYSTEM_ERR; return NULL; }
+ if (!admInfo) {
+ *errorcode = ADMUTIL_SYSTEM_ERR;
+ treeRemoveTree(configInfo);
+ PR_smprintf_free(path);
+ return NULL;
+ }
memset(admInfo, '\0', sizeof(AdmldapHdnl));
admInfo->configFilePath = path; /* hand off memory */
path = NULL;
- if (!admInfo->configFilePath) {
- PR_Free(admInfo);
- *errorcode = ADMUTIL_SYSTEM_ERR;
- return NULL;
- }
- admInfo->configInfo = configInfo;
+ admInfo->configInfo = configInfo; /* hand off memory */
+ configInfo = NULL;
if (!(admInfo->serverDirectoryURL = treeFindValueAt(admInfo->configInfo,
"ldapurl", 0))) { /* admInfo owns malloced memory now */
/* Error open file */
@@ -1208,8 +1203,9 @@ admldapBuildInfoOnly(char* configRoot, int *errorcode)
return NULL;
}
- if (ldap_url_parse(admInfo->serverDirectoryURL, &ldapInfo)) {
+ if (admutil_ldap_url_parse(admInfo->serverDirectoryURL, &ldapInfo, 0,
&admInfo->secure)) {
*errorcode = ADMUTIL_SYSTEM_ERR;
+ destroyAdmldap((AdmldapInfo)admInfo);
return NULL;
}
@@ -1269,6 +1265,10 @@ admldapBuildInfoOnly(char* configRoot, int *errorcode)
PR_smprintf_free(path);
+ if (!treeHasNode((AdmldapInfo)admInfo, "securitydir")) {
+ admldapSetSecurityDir((AdmldapInfo)admInfo, configRoot);
+ }
+
return (AdmldapInfo)admInfo;
}
@@ -1305,7 +1305,8 @@ admldapBuildInfoCbk(char* configRoot, char *(*cbk)(), int
*errorcode)
}
if (!secureLDAP) {
- admInfo->ldapHndl = ldap_init(admInfo->ldapInfo->lud_host,
admInfo->ldapInfo->lud_port);
+ admInfo->ldapHndl = admutil_ldap_init(admInfo, NULL,
admInfo->ldapInfo->lud_host,
+ admInfo->ldapInfo->lud_port, 0, 0,
NULL);
}
/* authenticate to LDAP server*/
@@ -1338,7 +1339,7 @@ admldapBuildInfoCbk(char* configRoot, char *(*cbk)(), int
*errorcode)
}
if (!secureLDAP) {
- ldapError = ldap_simple_bind_s(admInfo->ldapHndl, admInfo->sieDN,
siePasswd);
+ ldapError = admutil_ldap_bind(admInfo->ldapHndl, admInfo->sieDN,
siePasswd, LDAP_SASL_SIMPLE, NULL, NULL, NULL, NULL);
if (ldapError == LDAP_SUCCESS) break;
/* Quit on errors other than password problems */
@@ -1349,14 +1350,14 @@ admldapBuildInfoCbk(char* configRoot, char *(*cbk)(), int
*errorcode)
if ((ldapError != LDAP_SUCCESS ) && !(secureLDAP)){
#ifdef LDAP_DEBUG
- ldap_perror(admInfo->ldapHndl, "ldap_simple_bind_s");
+ fprintf(stderr, "admutil_ldap_bind: [%s] error [%d:%s]\n",
admInfo->sieDN, ldapError, ldap_err2string(ldapError));
#endif
switch (ldapError) {
case LDAP_INAPPROPRIATE_AUTH:
case LDAP_INVALID_CREDENTIALS:
case LDAP_INSUFFICIENT_ACCESS:
/* authenticate failed: Should not continue */
- ldap_unbind(admInfo->ldapHndl);
+ ldap_unbind_ext(admInfo->ldapHndl, NULL, NULL);
admInfo->ldapHndl = NULL;
*errorcode = ADMUTIL_LDAP_ERR;
break;;
@@ -1364,12 +1365,12 @@ admldapBuildInfoCbk(char* configRoot, char *(*cbk)(), int
*errorcode)
case LDAP_ALIAS_PROBLEM:
case LDAP_INVALID_DN_SYNTAX:
/* Not a good user DN */
- ldap_unbind(admInfo->ldapHndl);
+ ldap_unbind_ext(admInfo->ldapHndl, NULL, NULL);
admInfo->ldapHndl = NULL;
*errorcode = ADMUTIL_LDAP_ERR;
break;
default:
- ldap_unbind(admInfo->ldapHndl);
+ ldap_unbind_ext(admInfo->ldapHndl, NULL, NULL);
admInfo->ldapHndl = NULL;
*errorcode = ADMUTIL_LDAP_ERR;
}
@@ -1452,7 +1453,7 @@ destroyAdmldap(AdmldapInfo info)
admInfo->passwd = NULL;
}
if (admInfo->ldapHndl) {
- ldap_unbind(admInfo->ldapHndl);
+ ldap_unbind_ext(admInfo->ldapHndl, NULL, NULL);
admInfo->ldapHndl = NULL;
}
@@ -1487,7 +1488,7 @@ admldapGetSecurity(AdmldapInfo info)
AdmldapHdnlPtr admInfo = (AdmldapHdnlPtr)info;
int ldapSecurity;
- if (admInfo->ldapInfo->lud_options & LDAP_URL_OPT_SECURE) ldapSecurity = 1;
+ if (admInfo->secure) ldapSecurity = 1;
else ldapSecurity = 0;
return ldapSecurity;
@@ -1514,8 +1515,7 @@ admldapGetSecurityDir(AdmldapInfo info)
char *securitydir;
securitydir = treeFindValueAt(admInfo->configInfo, "securitydir", 0);
- if (!securitydir) return NULL;
- else return securitydir;
+ return securitydir;
}
PR_IMPLEMENT(int)
@@ -1540,8 +1540,7 @@ admldapGetSIEDN(AdmldapInfo info)
char *ldapSIEDN = NULL;
ldapSIEDN = treeFindValueAt(admInfo->configInfo, "sie", 0);
- if (!ldapSIEDN) return NULL;
- else return ldapSIEDN;
+ return ldapSIEDN;
}
PR_IMPLEMENT(int)
@@ -1583,8 +1582,7 @@ admldapGetISIEDN(AdmldapInfo info)
char *ldapISIEDN = NULL;
ldapISIEDN = treeFindValueAt(admInfo->configInfo, "isie", 0);
- if (!ldapISIEDN) return NULL;
- else return ldapISIEDN;
+ return ldapISIEDN;
}
@@ -1618,8 +1616,9 @@ admldapSetDirectoryURL(AdmldapInfo info, const char *ldapurl)
LDAPURLDesc *ldapInfo;
int errorcode = ADMUTIL_OP_OK;
int removeFlag = 0;
+ int secure = 0;
- if (!ldapurl || ldap_url_parse(ldapurl, &ldapInfo)) {
+ if (!ldapurl || admutil_ldap_url_parse(ldapurl, &ldapInfo, 0, &secure)) {
/* if the given url is not valid, don't do anything, just return an error */
errorcode = ADMUTIL_SYSTEM_ERR;
goto done;
@@ -1640,6 +1639,7 @@ admldapSetDirectoryURL(AdmldapInfo info, const char *ldapurl)
/* set the new values */
admInfo->serverDirectoryURL = PL_strdup(ldapurl);
admInfo->ldapInfo = ldapInfo;
+ admInfo->secure = secure;
treeAddNameValue(admInfo->configInfo, "ldapurl", (char *)ldapurl);
done:
@@ -1651,7 +1651,7 @@ admldapSetLDAPHndl(AdmldapInfo info, LDAP *ld)
{
AdmldapHdnlPtr admInfo = (AdmldapHdnlPtr)info;
- if (admInfo->ldapHndl) ldap_unbind(admInfo->ldapHndl);
+ if (admInfo->ldapHndl) ldap_unbind_ext(admInfo->ldapHndl, NULL, NULL);
admInfo->ldapHndl = ld;
}
@@ -1670,8 +1670,7 @@ admldapGetSysUser(AdmldapInfo info)
char *sysuser = NULL;
sysuser = treeFindValueAt(admInfo->configInfo, "sysuser", 0);
- if (!sysuser) return NULL;
- else return sysuser;
+ return sysuser;
}
@@ -1682,8 +1681,7 @@ admldapGetSysGroup(AdmldapInfo info)
char *sysgroup = NULL;
sysgroup = treeFindValueAt(admInfo->configInfo, "sysgroup", 0);
- if (!sysgroup) return NULL;
- else return sysgroup;
+ return sysgroup;
}
@@ -1694,8 +1692,7 @@ admldapGetAdminDomain(AdmldapInfo info)
char *admindomain = NULL;
admindomain = treeFindValueAt(admInfo->configInfo, "AdminDomain", 0);
- if (!admindomain) return NULL;
- else return admindomain;
+ return admindomain;
}
@@ -1706,8 +1703,7 @@ admldapGetExpressRefreshRate(AdmldapInfo info)
char *expressrefreshrate = NULL;
expressrefreshrate = treeFindValueAt(admInfo->configInfo,
"ExpressRefreshRate", 0);
- if (!expressrefreshrate) return NULL;
- else return expressrefreshrate;
+ return expressrefreshrate;
}
@@ -1718,8 +1714,7 @@ admldapGetExpressCGITimeout(AdmldapInfo info)
char *expresscgitimeout = NULL;
expresscgitimeout = treeFindValueAt(admInfo->configInfo,
"ExpressCGITimeout", 0);
- if (!expresscgitimeout) return NULL;
- else return expresscgitimeout;
+ return expresscgitimeout;
}
@@ -1730,8 +1725,7 @@ admldapGetLdapStart(AdmldapInfo info)
char *ldapstart = NULL;
ldapstart = treeFindValueAt(admInfo->configInfo, "ldapStart", 0);
- if (!ldapstart) return NULL;
- else return ldapstart;
+ return ldapstart;
}
@@ -1787,8 +1781,8 @@ admldapGetUserDN(AdmldapInfo info, char *uid)
goto done;
}
uidFilter = PR_smprintf("(uid=%s)", uid?uid:admInfo->localAdminName);
- err = ldap_search_s(ld, baseDN, LDAP_SCOPE_SUBTREE, uidFilter,
- NULL, 0, &result);
+ err = ldap_search_ext_s(ld, baseDN, LDAP_SCOPE_SUBTREE, uidFilter,
+ NULL, 0, NULL, NULL, NULL, -1, &result);
if (err != LDAP_SUCCESS || ldap_count_entries(ld, result) == 0) {
ldap_msgfree(result);
goto done;
@@ -1896,3 +1890,685 @@ admGetCachedSIEPWD()
return result;
}
+
+#if defined(USE_OPENLDAP)
+/* mozldap ldap_init and ldap_url_parse accept a hostname in the form
+ host1[:port1]SPACEhost2[:port2]SPACEhostN[:portN]
+ where SPACE is a single space (0x20) character
+ for openldap, we have to convert this to a string like this:
+ PROTO://host1[:port1]/SPACEPROTO://host2[:port2]/SPACEPROTO://hostN[:portN]/
+ where PROTO is ldap or ldaps or ldapi
+ if proto is NULL, assume hostname_or_uri is really a valid ldap uri
+*/
+static char *
+convert_to_openldap_uri(const char *hostname_or_uri, int port, const char *proto)
+{
+ char *retstr = NULL;
+ char *my_copy = NULL;
+ char *start = NULL;
+ char *iter = NULL;
+ char *s = NULL;
+ const char *brkstr = " ";
+
+ if (!hostname_or_uri) {
+ return NULL;
+ }
+
+ my_copy = PL_strdup(hostname_or_uri);
+ /* see if hostname_or_uri is an ldap uri */
+ if (!proto && !PL_strncasecmp(my_copy, "ldap", 4)) {
+ start = my_copy + 4;
+ if ((*start == 's') || (*start == 'i')) {
+ start++;
+ }
+ if (!PL_strncmp(start, "://", 3)) {
+ *start = '\0';
+ proto = my_copy;
+ start += 3;
+ } else {
+#ifdef DEBUG
+ fprintf(stderr, "convert_to_openldap_uri: The given LDAP URI [%s] is not
valid\n", hostname_or_uri);
+#endif
+ goto end;
+ }
+ } else if (!proto) {
+#ifdef DEBUG
+ fprintf(stderr, "convert_to_openldap_uri: The given LDAP URI [%s] is not
valid\n", hostname_or_uri);
+#endif
+ goto end;
+ } else {
+ start = my_copy; /* just assume it's not a uri */
+ }
+
+ for (s = strtok_r(my_copy, brkstr, &iter); s != NULL;
+ s = strtok_r(NULL, brkstr, &iter)) {
+ char *ptr;
+ int last = 0;
+ /* strtok will grab the '/' at the end of the uri, if any,
+ so terminate parsing there */
+ if ((ptr = strchr(s, '/'))) {
+ *ptr = '\0';
+ last = 1;
+ }
+ if (retstr) {
+ retstr = PR_sprintf_append(retstr, "/ %s://%s", proto, s);
+ } else {
+ retstr = PR_smprintf("%s://%s", proto, s);
+ }
+ if (last) {
+ break;
+ }
+ }
+
+ /* add the port on the last one */
+ retstr = PR_sprintf_append(retstr, ":%d/", port);
+end:
+ PL_strfree(my_copy);
+ return retstr;
+}
+#endif /* USE_OPENLDAP */
+
+const char *
+admutil_urlparse_err2string( int err )
+{
+ const char *s="internal error";
+
+ switch( err ) {
+ case 0:
+ s = "no error";
+ break;
+ case LDAP_URL_ERR_BADSCOPE:
+ s = "invalid search scope";
+ break;
+ case LDAP_URL_ERR_MEM:
+ s = "unable to allocate memory";
+ break;
+ case LDAP_URL_ERR_PARAM:
+ s = "bad parameter to an LDAP URL function";
+ break;
+#if defined(USE_OPENLDAP)
+ case LDAP_URL_ERR_BADSCHEME:
+ s = "does not begin with ldap://, ldaps://, or ldapi://";
+ break;
+ case LDAP_URL_ERR_BADENCLOSURE:
+ s = "missing trailing '>' in enclosure";
+ break;
+ case LDAP_URL_ERR_BADURL:
+ s = "not a valid LDAP URL";
+ break;
+ case LDAP_URL_ERR_BADHOST:
+ s = "hostname part of url is not valid or not given";
+ break;
+ case LDAP_URL_ERR_BADATTRS:
+ s = "attribute list not formatted correctly or missing";
+ break;
+ case LDAP_URL_ERR_BADFILTER:
+ s = "search filter not correct";
+ break;
+ case LDAP_URL_ERR_BADEXTS:
+ s = "extensions not specified correctly";
+ break;
+#else /* !USE_OPENLDAP */
+ case LDAP_URL_ERR_NOTLDAP:
+ s = "missing ldap:// or ldaps:// or ldapi://";
+ break;
+ case LDAP_URL_ERR_NODN:
+ s = "missing suffix";
+ break;
+#endif
+ }
+
+ return( s );
+}
+
+/* there are various differences among url parsers - directory server
+ needs the ability to parse partial URLs - those with no dn - and
+ needs to be able to tell if it is a secure url (ldaps) or not */
+int
+admutil_ldap_url_parse(const char *url, LDAPURLDesc **ludpp, int require_dn, int
*secure)
+{
+ PR_ASSERT(url);
+ PR_ASSERT(ludpp);
+ int rc;
+ const char *url_to_use = url;
+#if defined(USE_OPENLDAP)
+ char *urlescaped = NULL;
+#endif
+
+ if (secure) {
+ *secure = 0;
+ }
+#if defined(USE_OPENLDAP)
+ /* openldap does not support the non-standard multi host:port URLs supported
+ by mozldap - so we have to fake out openldap - replace all spaces with %20 -
+ replace all but the last colon with %3A
+ Go to the 3rd '/' or to the end of the string (convert only the host:port
part) */
+ if (url) {
+ char *p = strstr(url, "://");
+ if (p) {
+ int foundspace = 0;
+ int coloncount = 0;
+ char *lastcolon = NULL;
+ p += 3;
+ for (; *p && (*p != '/'); p++) {
+ if (*p == ' ') {
+ foundspace = 1;
+ }
+ if (*p == ':') {
+ coloncount++;
+ lastcolon = p;
+ }
+ }
+ if (foundspace) {
+ char *src = NULL, *dest = NULL;
+ /* have to convert url */
+ /* len * 3 is way too much, but acceptable */
+ urlescaped = PR_Calloc(strlen(url) * 3, sizeof(char));
+ dest = urlescaped;
+ /* copy the scheme */
+ src = strstr(url, "://");
+ src += 3;
+ memcpy(dest, url, src-url);
+ dest += (src-url);
+ /* we have to convert all spaces to %20 - we have to convert
+ all colons except the last one to %3A */
+ for (; *src; ++src) {
+ if (src < p) {
+ if (*src == ' ') {
+ memcpy(dest, "%20", 3);
+ dest += 3;
+ } else if ((coloncount > 1) && (*src == ':') && (src !=
lastcolon)) {
+ memcpy(dest, "%3A", 3);
+ dest += 3;
+ } else {
+ *dest++ = *src;
+ }
+ } else {
+ *dest++ = *src;
+ }
+ }
+ *dest = '\0';
+ url_to_use = urlescaped;
+ }
+ }
+ }
+#endif
+
+#if defined(HAVE_LDAP_URL_PARSE_NO_DEFAULTS)
+ rc = ldap_url_parse_no_defaults(url_to_use, ludpp, require_dn);
+ if (!rc && *ludpp && secure) {
+ *secure = (*ludpp)->lud_options & LDAP_URL_OPT_SECURE;
+ }
+#else /* openldap */
+#if defined(HAVE_LDAP_URL_PARSE_EXT) && defined(LDAP_PVT_URL_PARSE_NONE)
&& defined(LDAP_PVT_URL_PARSE_NOEMPTY_DN)
+ rc = ldap_url_parse_ext(url_to_use, ludpp, require_dn ? LDAP_PVT_URL_PARSE_NONE :
LDAP_PVT_URL_PARSE_NOEMPTY_DN);
+#else
+ rc = ldap_url_parse(url_to_use, ludpp);
+ if ((rc || !*ludpp) && !require_dn) { /* failed - see if failure was due to
missing dn */
+ size_t len = strlen(url_to_use);
+ /* assume the url is just scheme://host:port[/] - add the empty string
+ as the DN (adding a trailing / first if needed) and try to parse
+ again
+ */
+ char *urlcopy = PR_smprintf("%s%s%s", url_to_use, (url_to_use[len-1] ==
'/' ? "" : "/"), "");
+ if (*ludpp) {
+ ldap_free_urldesc(*ludpp); /* free the old one, if any */
+ }
+ rc = ldap_url_parse(urlcopy, ludpp);
+ PL_strfree(urlcopy);
+ urlcopy = NULL;
+ if (0 == rc) { /* only problem was the DN - free it */
+ PL_strfree((*ludpp)->lud_dn);
+ (*ludpp)->lud_dn = NULL;
+ }
+ }
+#endif
+ if (!rc && *ludpp && secure) {
+ *secure = (*ludpp)->lud_scheme && !strcmp((*ludpp)->lud_scheme,
"ldaps");
+ }
+#endif /* openldap */
+
+#if defined(USE_OPENLDAP)
+ if (urlescaped && (*ludpp) && (*ludpp)->lud_host) {
+ /* have to unescape lud_host - can unescape in place */
+ char *p = strstr((*ludpp)->lud_host, "://");
+ if (p) {
+ char *dest = NULL;
+ p += 3;
+ dest = p;
+ /* up to the first '/', unescape the host */
+ for (; *p && (*p != '/'); p++) {
+ if (!strncmp(p, "%20", 3)) {
+ *dest++ = ' ';
+ p += 2;
+ } else if (!strncmp(p, "%3A", 3)) {
+ *dest++ = ':';
+ p += 2;
+ } else {
+ *dest++ = *p;
+ }
+ }
+ /* just copy the remainder of the host, if any */
+ while (*p) {
+ *dest++ = *p++;
+ }
+ *dest = '\0';
+ }
+ }
+ PL_strfree(urlescaped);
+#endif
+ return rc;
+}
+
+/*
+ Perform LDAP init and return an LDAP* handle. If ldapurl is given,
+ that is used as the basis for the protocol, host, port, and whether
+ to use starttls (given on the end as ldap://..../?????starttlsOID
+ If hostname is given, LDAP or LDAPS is assumed, and this will override
+ the hostname from the ldapurl, if any. If port is > 0, this is the
+ port number to use. It will override the port in the ldapurl, if any.
+ If no port is given in port or ldapurl, the default will be used based
+ on the secure setting (389 for ldap, 636 for ldaps)
+ secure takes 1 of 2 values - 0 means regular ldap, 1 means ldaps
+ filename is the ldapi file name - if this is given, and no other options
+ are given, ldapi is assumed.
+ */
+LDAP *
+admutil_ldap_init(
+ AdmldapInfo info,
+ const char *ldapurl, /* full ldap url */
+ const char *hostname, /* can also use this to override
+ host in url */
+ int port, /* can also use this to override port in url */
+ int secure, /* 0 for ldap, 1 for ldaps */
+ int shared, /* if true, LDAP* will be shared among multiple threads */
+ const char *filename /* for ldapi */
+)
+{
+ LDAPURLDesc *ludp = NULL;
+ LDAP *ld = NULL;
+ int rc = 0;
+ int secureurl = 0;
+ int ldap_version3 = LDAP_VERSION3;
+
+ /* if ldapurl is given, parse it */
+ if (ldapurl && ((rc = admutil_ldap_url_parse(ldapurl, &ludp, 0,
&secureurl)) ||
+ !ludp)) {
+#ifdef DEBUG
+ fprintf(stderr, "admutil_ldap_init: Could not parse given LDAP URL [%s] : error
[%s]\n",
+ ldapurl, /* ldapurl cannot be NULL here */
+ admutil_urlparse_err2string(rc));
+#endif
+ goto done;
+ }
+
+ /* use url host if no host given */
+ if (!hostname && ludp && ludp->lud_host) {
+ hostname = ludp->lud_host;
+ }
+
+ /* use url port if no port given */
+ if (!port && ludp && ludp->lud_port) {
+ port = ludp->lud_port;
+ }
+
+ /* use secure setting from url if none given */
+ if (!secure && ludp) {
+ if (secureurl) {
+ secure = 1;
+ }
+ }
+
+#if defined(USE_OPENLDAP)
+ if (ldapurl) {
+ rc = ldap_initialize(&ld, ldapurl);
+ if (rc) {
+#ifdef DEBUG
+ fprintf(stderr, "admutil_ldap_init: Could not initialize LDAP connection to
[%s]: %d:%s\n",
+ ldapurl, rc, ldap_err2string(rc));
+#endif
+ goto done;
+ }
+ } else {
+ char *makeurl = NULL;
+ if (filename) {
+ makeurl = PR_smprintf("ldapi://%s/", filename);
+ } else { /* host port */
+ makeurl = convert_to_openldap_uri(hostname, port, (secure == 1 ? "ldaps"
: "ldap"));
+ }
+ rc = ldap_initialize(&ld, makeurl);
+ if (rc) {
+#ifdef DEBUG
+ fprintf(stderr, "admutil_ldap_init: Could not initialize LDAP connection to
[%s]: %d:%s\n",
+ makeurl, rc, ldap_err2string(rc));
+#endif
+ PL_strfree(makeurl);
+ makeurl = NULL;
+ goto done;
+ }
+ PL_strfree(makeurl);
+ makeurl = NULL;
+ }
+#else /* !USE_OPENLDAP */
+ if (filename) {
+ /* ldapi in mozldap client is not yet supported */
+ } else if (secure == 1) {
+ ld = ldapssl_init(hostname, port, secure);
+ } else { /* regular ldap and/or starttls */
+ /*
+ * Leverage the libprldap layer to take care of all the NSPR
+ * integration.
+ * Note that ldapssl_init() uses libprldap implicitly.
+ */
+ ld = prldap_init(hostname, port, shared);
+ }
+#endif /* !USE_OPENLDAP */
+
+ /* must explicitly set version to 3 */
+ ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &ldap_version3);
+
+ if ((ld != NULL) && !filename) {
+ /*
+ * Set SSL strength (server certificate validity checking).
+ */
+ if (secure > 0) {
+#if defined(USE_OPENLDAP)
+ char *certdir = admldapGetSecurityDir(info);
+ int optval = 0;
+#endif /* !USE_OPENLDAP */
+ int ssl_strength = 0;
+ LDAP *myld = NULL;
+
+ /* we can only use the set functions below with a real
+ LDAP* if it has already gone through ldapssl_init -
+ so, use NULL if using starttls */
+ if (secure == 1) {
+ myld = ld;
+ }
+
+ /* verify certificate only */
+#if defined(USE_OPENLDAP)
+ ssl_strength = LDAP_OPT_X_TLS_NEVER;
+#else /* !USE_OPENLDAP */
+ ssl_strength = LDAPSSL_AUTH_CERT;
+#endif /* !USE_OPENLDAP */
+
+#if defined(USE_OPENLDAP)
+ if ((rc = ldap_set_option(ld, LDAP_OPT_X_TLS_NEWCTX, &optval))) {
+#ifdef DEBUG
+ fprintf(stderr, "admutil_ldap_init: "
+ "failed: unable to create new TLS context\n");
+#endif
+ }
+ if ((rc = ldap_set_option(ld, LDAP_OPT_X_TLS_REQUIRE_CERT, &ssl_strength))) {
+#ifdef DEBUG
+ fprint(stderr, "admutil_ldap_init: "
+ "failed: unable to set REQUIRE_CERT option to %d\n",
ssl_strength);
+#endif
+ }
+ /* tell it where our cert db is */
+ if ((rc = ldap_set_option(ld, LDAP_OPT_X_TLS_CACERTDIR, certdir))) {
+#ifdef DEBUG
+ fprintf(stderr, "admutil_ldap_init: "
+ "failed: unable to set CACERTDIR option to %s\n",
certdir);
+#endif
+ }
+ PL_strfree(certdir);
+ certdir = NULL;
+#if defined(LDAP_OPT_X_TLS_PROTOCOL_MIN)
+ optval = LDAP_OPT_X_TLS_PROTOCOL_SSL3;
+ if ((rc = ldap_set_option(ld, LDAP_OPT_X_TLS_PROTOCOL_MIN, &optval))) {
+#ifdef DEBUG
+ fprintf(stderr, "admutil_ldap_init: "
+ "failed: unable to set minimum TLS protocol level to
SSL3\n");
+#endif
+ }
+#endif /* LDAP_OPT_X_TLS_PROTOCOL_MIN */
+#else /* !USE_OPENLDAP */
+ if ((rc = ldapssl_set_strength(myld, ssl_strength)) ||
+ (rc = ldapssl_set_option(myld, SSL_ENABLE_SSL2, PR_FALSE)) ||
+ (rc = ldapssl_set_option(myld, SSL_ENABLE_SSL3, PR_TRUE)) ||
+ (rc = ldapssl_set_option(myld, SSL_ENABLE_TLS, PR_TRUE))) {
+ int prerr = PR_GetError();
+
+#ifdef DEBUG
+ fprintf(stderr, "admutil_ldap_init: "
+ "failed: unable to set SSL options ("
+ "error %d - %s)\n",
+ prerr, PR_ErrorToString(prerr, PR_LANGUAGE_I_DEFAULT));
+#endif
+ }
+ if (secure == 1) {
+ /* tell bind code we are using SSL */
+ ldap_set_option(ld, LDAP_OPT_SSL, LDAP_OPT_ON);
+ }
+#endif /* !USE_OPENLDAP */
+ }
+ }
+
+#ifdef DEBUG
+ fprintf(stderr, "admutil_ldap_init: "
+ "Success: set up conn to [%s:%d]%s\n",
+ hostname, port,
+ secure ? " using TLS/SSL" : "");
+#endif
+done:
+ ldap_free_urldesc(ludp);
+
+ return( ld );
+}
+
+static int
+admutil_ldap_get_lderrno(LDAP *ld, char **m, char **s)
+{
+ int rc = LDAP_SUCCESS;
+
+#if defined(USE_OPENLDAP)
+ ldap_get_option(ld, LDAP_OPT_RESULT_CODE, &rc);
+ if (m) {
+ ldap_get_option(ld, LDAP_OPT_MATCHED_DN, m);
+ }
+ if (s) {
+#ifdef LDAP_OPT_DIAGNOSTIC_MESSAGE
+ ldap_get_option(ld, LDAP_OPT_DIAGNOSTIC_MESSAGE, s);
+#else
+ ldap_get_option(ld, LDAP_OPT_ERROR_STRING, s);
+#endif
+ }
+#else /* !USE_OPENLDAP */
+ rc = ldap_get_lderrno( ld, m, s );
+#endif
+ return rc;
+}
+
+#ifndef LDAP_SASL_EXTERNAL
+#define LDAP_SASL_EXTERNAL "EXTERNAL" /* TLS/SSL extension */
+#endif
+
+/*
+ * Does the correct bind operation simple/sasl/cert depending
+ * on the arguments passed in.
+ */
+int
+admutil_ldap_bind(
+ LDAP *ld, /* ldap connection */
+ const char *bindid, /* usually a bind DN for simple bind */
+ const char *creds, /* usually a password for simple bind */
+ const char *mech, /* name of mechanism */
+ LDAPControl **serverctrls, /* additional controls to send */
+ LDAPControl ***returnedctrls, /* returned controls */
+ struct timeval *timeout, /* timeout */
+ int *msgidp /* pass in non-NULL for async handling */
+)
+{
+ int rc = LDAP_SUCCESS;
+ int secure = 0;
+ struct berval bvcreds = {0, NULL};
+ LDAPMessage *result = NULL;
+ struct berval *servercredp = NULL;
+#if defined(USE_OPENLDAP)
+ /* openldap doesn't have a SSL/TLS yes/no flag - so grab the
+ ldapurl, parse it, and see if it is a secure one */
+ char *ldapurl = NULL;
+
+ ldap_get_option(ld, LDAP_OPT_URI, &ldapurl);
+ if (ldapurl && !PL_strncasecmp(ldapurl, "ldaps", 5)) {
+ secure = 1;
+ }
+ PL_strfree(ldapurl);
+ ldapurl = NULL;
+#else /* !USE_OPENLDAP */
+ ldap_get_option(ld, LDAP_OPT_SSL, &secure);
+#endif
+
+#ifdef EXTERNAL_AUTH_SUPPORTED
+ if (secure && mech && !strcmp(mech, LDAP_SASL_EXTERNAL)) {
+ /* SSL connections will use the server's security context
+ and cert for client auth */
+ rc = slapd_SSL_client_auth(ld);
+
+ if (rc != 0) {
+#ifdef DEBUG
+ fprintf(stderr, "admutil_ldap_bind: "
+ "Error: could not configure the server for cert "
+ "auth - error %d - make sure the server is "
+ "correctly configured for SSL/TLS\n", rc);
+#endif
+ goto done;
+ } else {
+#ifdef DEBUG
+ fprintf(stderr, "admutil_ldap_bind: "
+ "Set up conn to use client auth\n");
+#endif
+ }
+ bvcreds.bv_val = NULL; /* ignore username and passed in creds */
+ bvcreds.bv_len = 0; /* for external auth */
+ bindid = NULL;
+ } else { /* other type of auth */
+#endif /* EXTERNAL_AUTH_SUPPORTED */
+ bvcreds.bv_val = (char *)creds;
+ bvcreds.bv_len = creds ? strlen(creds) : 0;
+#ifdef EXTERNAL_AUTH_SUPPORTED
+ }
+#endif /* EXTERNAL_AUTH_SUPPORTED */
+
+ /* The connection has been set up - now do the actual bind, depending on
+ the mechanism and arguments */
+ if (!mech || (mech == LDAP_SASL_SIMPLE) ||
+ !strcmp(mech, LDAP_SASL_EXTERNAL)) {
+ int mymsgid = 0;
+#ifdef DEBUG
+ fprintf(stderr, "admutil_ldap_bind: "
+ "attempting %s bind with id [%s] creds [%s]\n",
+ mech ? mech : "SIMPLE",
+ bindid, creds);
+#endif
+ if ((rc = ldap_sasl_bind(ld, bindid, mech, &bvcreds, serverctrls,
+ NULL /* clientctrls */, &mymsgid))) {
+#ifdef DEBUG
+ fprintf(stderr, "admutil_ldap_bind: "
+ "Error: could not send bind request for id "
+ "[%s] mech [%s]: error %d (%s) %d (%s) %d (%s)\n",
+ bindid ? bindid : "(anon)",
+ mech ? mech : "SIMPLE",
+ rc, ldap_err2string(rc),
+ PR_GetError(), PR_ErrorToString(PR_GetError(),
PR_LANGUAGE_I_DEFAULT),
+ errno, strerror(errno));
+#endif
+ goto done;
+ }
+
+ if (msgidp) { /* let caller process result */
+ *msgidp = mymsgid;
+ } else { /* process results */
+ rc = ldap_result(ld, mymsgid, LDAP_MSG_ALL, timeout, &result);
+ if (-1 == rc) { /* error */
+ rc = admutil_ldap_get_lderrno(ld, NULL, NULL);
+#ifdef DEBUG
+ fprintf(stderr, "admutil_ldap_bind: "
+ "Error reading bind response for id "
+ "[%s] mech [%s]: error %d (%s)\n",
+ bindid ? bindid : "(anon)",
+ mech ? mech : "SIMPLE",
+ rc, ldap_err2string(rc));
+#endif
+ goto done;
+ } else if (rc == 0) { /* timeout */
+ rc = LDAP_TIMEOUT;
+#ifdef DEBUG
+ fprintf(stderr, "admutil_ldap_bind: "
+ "Error: timeout after [%ld.%ld] seconds reading "
+ "bind response for [%s] mech [%s]\n",
+ timeout ? timeout->tv_sec : 0,
+ timeout ? timeout->tv_usec : 0,
+ bindid ? bindid : "(anon)",
+ mech ? mech : "SIMPLE");
+#endif
+ goto done;
+ }
+ /* if we got here, we were able to read success result */
+ /* Get the controls sent by the server if requested */
+ if (returnedctrls) {
+ if ((rc = ldap_parse_result(ld, result, &rc, NULL, NULL,
+ NULL, returnedctrls,
+ 0)) != LDAP_SUCCESS) {
+#ifdef DEBUG
+ fprintf(stderr, "admutil_ldap_bind: "
+ "Error: could not bind id "
+ "[%s] mech [%s]: error %d (%s)\n",
+ bindid ? bindid : "(anon)",
+ mech ? mech : "SIMPLE",
+ rc, ldap_err2string(rc));
+#endif
+ goto done;
+ }
+ }
+
+ /* parse the bind result and get the ldap error code */
+ if ((rc = ldap_parse_sasl_bind_result(ld, result, &servercredp,
+ 0))) {
+ rc = admutil_ldap_get_lderrno(ld, NULL, NULL);
+#ifdef DEBUG
+ fprintf(stderr, "admutil_ldap_bind: "
+ "Error: could not read bind results for id "
+ "[%s] mech [%s]: error %d (%s)\n",
+ bindid ? bindid : "(anon)",
+ mech ? mech : "SIMPLE",
+ rc, ldap_err2string(rc));
+#endif
+ goto done;
+ }
+ }
+ } else {
+ rc = -1;
+#ifdef SASL_AUTH_SUPPORTED
+ /* a SASL mech */
+ rc = slapd_ldap_sasl_interactive_bind(ld, bindid, creds, mech,
+ serverctrls, returnedctrls,
+ msgidp);
+ if (LDAP_SUCCESS != rc) {
+#ifdef DEBUG
+ fprintf(stderr, "admutil_ldap_bind: "
+ "Error: could not perform interactive bind for id "
+ "[%s] mech [%s]: error %d (%s)\n",
+ bindid ? bindid : "(anon)",
+ mech, /* mech cannot be SIMPLE here */
+ rc, ldap_err2string(rc));
+#endif
+ }
+#endif /* SASL_AUTH_SUPPORTED */
+ }
+
+done:
+ ber_bvfree(servercredp);
+ ldap_msgfree(result);
+
+ return rc;
+}
+
+/*
+ emacs settings
+ Local Variables:
+ c-basic-offset: 2
+ End:
+*/
diff --git a/lib/libadminutil/admutil_pvt.h b/lib/libadminutil/admutil_pvt.h
index eded923..c242774 100644
--- a/lib/libadminutil/admutil_pvt.h
+++ b/lib/libadminutil/admutil_pvt.h
@@ -17,6 +17,13 @@
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
* END COPYRIGHT BLOCK **/
+/*
+ * These interfaces are private to admutil.c - these interfaces should
+ * not be used by other files
+ * For interfaces implemented by admutil that are to be shared internally
+ * among files in adminutil, but should not be part of the public api,
+ * use admutil-int.h
+ */
#ifndef __ADMUTIL_PVT_H__
#define __ADMUTIL_PVT_H__
@@ -24,15 +31,7 @@
#include <sys/types.h>
#include <sys/stat.h>
#include <libadminutil/admutil.h>
-
-/*
- * utility function for copy/free string array
- */
-PR_IMPLEMENT(char**)
-admutil_strsdup(char** orig);
-
-PR_IMPLEMENT(void)
-admutil_strsFree(char** target);
+#include "libadminutil/admutil-int.h"
/*
* utility function for compare timestamp
@@ -45,113 +44,6 @@ timecmp(char* ldapTime, time_t *cacheTime);
* Utility for convert dn to/from attribute name
*/
-char*
-dn2AttrName(char* dn, char* rootDN);
-
-char*
-attrName2dn(char* attrName, char* rootDN);
-
-/*
- * List related data structure and method
- */
-typedef struct _ListNode {
- char* name;
- void* val;
- int dflag;
- struct _ListNode *next;
-} ListNode, *ListNodePtr;
-
-ListNodePtr
-createListNode(char* name, void *val, int dflag);
-
-ListNodePtr
-listFindNode(ListNodePtr list, char* name);
-
-void*
-listGetValue(ListNodePtr list, char* name);
-
-int
-listCount(ListNodePtr list);
-
-ListNodePtr
-listCat(ListNodePtr list1, ListNodePtr list2);
-
-ListNodePtr
-listAppend(ListNodePtr list, char* name, void* val,int dflag);
-
-ListNodePtr
-listAdd(ListNodePtr list, char* name, void* val, int dflag);
-
-ListNodePtr
-listDelete(ListNodePtr list, char* name);
-
-void
-listDestroy(ListNodePtr list);
-
-/* Some utilities which use list */
-AttributeList
-nvlistConvert(ListNodePtr list);
-
-void
-nvlistDestroy(ListNodePtr list);
-
-ListNodePtr
-createUpdateList(AttributeList nvl);
-
-void
-destroyUpdateList(ListNodePtr);
-
-
-/*
- * Binary Tree related data structure and methods
- */
-typedef struct _TreeNode {
- char* name;
- ListNodePtr val;
- struct _TreeNode *left, *right;
-} TreeNode, *TreeNodePtr;
-
-TreeNodePtr
-createTreeNode(char* name, char* val);
-
-int
-treeCount(TreeNodePtr root);
-
-TreeNodePtr
-treeFindNode(TreeNodePtr node, char* name);
-
-ValueType
-treeFindValue(TreeNodePtr root, char* name);
-
-char*
-treeFindValueAt(TreeNodePtr root, char* name, int index);
-
-TreeNodePtr
-treeAddNode(TreeNodePtr node, TreeNodePtr newNode);
-
-TreeNodePtr
-treeAddValue(TreeNodePtr node, char* val);
-
-TreeNodePtr
-treeAddNameValue(TreeNodePtr node, char* name, char* val);
-
-int
-treeRemoveNode(TreeNodePtr node, char* name, int* removeFlag);
-
-void
-treeRemoveTree(TreeNodePtr node);
-
-ListNodePtr
-treeBuildAttrList(char* nodeName, TreeNodePtr node);
-
-void
-treeExport(FILE *fstream, char* parentString, TreeNodePtr node);
-
-TreeNodePtr
-treeImport(FILE *fstream, int* errorcode);
-
-
-
/*
* AdmldapInfo Data
*/
@@ -167,21 +59,7 @@ typedef struct _AdmldapHdnl {
char *sieDN;
char *userDN;
char *passwd;
-} AdmldapHdnl, *AdmldapHdnlPtr;
-
-/*
- * LDAPMod related utility functions
- */
-LDAPMod*
-createSingleValMod( char* namep, char* value, int mode);
-
-LDAPMod*
-createMod( char* namep, ValueType values, int mode);
-
-void
-deleteMod(LDAPMod* mod);
-
-void
-deleteMods(LDAPMod** mods);
+ int secure;
+} AdmldapHdnl;
#endif /* __ADMUTIL_PVT_H__ */
diff --git a/lib/libadminutil/form_post.c b/lib/libadminutil/form_post.c
index 203a1b6..cbe5299 100644
--- a/lib/libadminutil/form_post.c
+++ b/lib/libadminutil/form_post.c
@@ -28,6 +28,34 @@
#include <string.h>
#include "libadminutil/admutil.h"
#include "dbtadmutil.h"
+#if defined(USE_OPENLDAP)
+#include <unicode/utf8.h>
+static char *
+my_ldap_utf8inc(char *s) {
+ int utf8index = 0;
+ UChar32 utf8char = 0;
+ U8_NEXT_UNSAFE(s,utf8index,utf8char);
+ return s + utf8index;
+}
+
+static int
+my_ldap_utf8copy(char *d, const char *s) {
+ int utf8index = 0;
+ UChar32 utf8char = 0;
+
+ U8_GET_UNSAFE(s,0,utf8char);
+ U8_APPEND_UNSAFE(d,utf8index,utf8char);
+ return utf8index;
+}
+
+#ifndef LDAP_UTF8INC
+#define LDAP_UTF8INC(s) ((0x80 & *(unsigned char*)(s)) ? s = my_ldap_utf8inc(s) :
++s)
+#endif
+#ifndef LDAP_UTF8COPY
+#define LDAP_UTF8COPY(d,s) ((0x80 & *(unsigned char*)(s)) ? my_ldap_utf8copy(d,s) :
((*(d) = *(s)), 1))
+#endif
+
+#endif /* USE_OPENLDAP */
extern Resource *admutil_i18nResource;
extern char *admutil_acceptLang;
diff --git a/lib/libadminutil/psetc.c b/lib/libadminutil/psetc.c
index 8b441fd..e0ede60 100644
--- a/lib/libadminutil/psetc.c
+++ b/lib/libadminutil/psetc.c
@@ -33,7 +33,6 @@
#include "libadminutil/distadm.h"
#include "libadminutil/srvutil.h"
#include "dbtadmutil.h"
-#include <ldap_ssl.h>
#ifdef XP_WIN32
#define strcasecmp stricmp
@@ -92,22 +91,6 @@ find_file_in_paths(
return retval;
}
-static int LDAP_CALL LDAP_CALLBACK
-pset_ldap_rebind_proc (LDAP *ld, char **whop, char **passwdp,
- int *authmethodp, int freeit, void *arg)
-{
- PsetPtr pset = (PsetPtr)arg;
-
- if (freeit == 0) {
- *whop = pset->binddn;
- *passwdp = pset->bindpw;
- *authmethodp = LDAP_AUTH_SIMPLE;
- }
-
- return LDAP_SUCCESS;
-}
-
-
/*
* PsetNode related data structure and methods
*/
@@ -166,7 +149,7 @@ psetDeletePtr(PsetPtr psetp)
if (psetp->info) psetNodeDestroy(psetp->info);
if (psetp->ldapFilter) PR_Free(psetp->ldapFilter);
if (psetp->ldunbindf) {
- if (psetp->ld) ldap_unbind(psetp->ld);
+ if (psetp->ld) ldap_unbind_ext(psetp->ld, NULL, NULL);
}
if (psetp->configFile) PR_Free(psetp->configFile);
if (psetp->sieDN) PR_Free(psetp->sieDN);
@@ -199,9 +182,10 @@ psetNodeLDAPDestroy(PsetNodePtr target, LDAP *ld)
if (ld) {
nodeDN = ldap_get_dn(ld, target->attrLDAP);
if (nodeDN) {
- if ( (ldaperror = ldap_delete_s(ld, nodeDN)) != LDAP_SUCCESS ) {
+ if ( (ldaperror = ldap_delete_ext_s(ld, nodeDN, NULL, NULL)) != LDAP_SUCCESS ) {
#ifdef LDAP_DEBUG
- ldap_perror( ld, "ldap_delete_s" );
+ fprintf(stderr, "ldap_delete_s [%s] error %d:%s\n",
+ nodeDN, ldaperror, ldap_err2string(ldaperror));
#endif
ldap_memfree(nodeDN);
/* Well, the destructor CAN NOT return status */
@@ -399,7 +383,7 @@ psetNodeFindNode(PsetNodePtr nodePtr, LDAP *ld, char *name, int*
nodeFlag,
int nameLen;
PsetNodePtr result;
char *attrName;
- char **vals;
+ struct berval **vals;
*errorcode = PSET_OP_OK;
*nodeFlag = 1;
@@ -442,8 +426,8 @@ psetNodeFindNode(PsetNodePtr nodePtr, LDAP *ld, char *name, int*
nodeFlag,
attrName = name+nodeNameLen;
if (*attrName == '.') attrName++;
if (nodePtr->attrLDAP) {
- if ((vals = ldap_get_values(ld, nodePtr->attrLDAP, attrName)) != NULL ) {
- ldap_value_free(vals);
+ if ((vals = ldap_get_values_len(ld, nodePtr->attrLDAP, attrName)) != NULL ) {
+ ldap_value_free_len(vals);
*nodeFlag = 0;
return nodePtr;
}
@@ -466,15 +450,15 @@ psetNodeFindNode(PsetNodePtr nodePtr, LDAP *ld, char *name, int*
nodeFlag,
ValueType
psetNodeFindValue(PsetNodePtr nodePtr, LDAP *ld, char *name, int* errorcode)
{
- char **vals;
+ struct berval **vals;
ValueType val;
*errorcode = PSET_OP_OK;
if (nodePtr->attrLDAP) {
- if (( vals = ldap_get_values(ld, nodePtr->attrLDAP, name )) != NULL ) {
- val = admutil_strsdup(vals);
- ldap_value_free(vals);
+ if (( vals = ldap_get_values_len(ld, nodePtr->attrLDAP, name )) != NULL ) {
+ val = admutil_strsdup_berval(vals);
+ ldap_value_free_len(vals);
return val;
}
/* ldap value not available */
@@ -482,9 +466,9 @@ psetNodeFindValue(PsetNodePtr nodePtr, LDAP *ld, char *name, int*
errorcode)
return NULL;
}
else if (nodePtr->attrFile) {
- vals = treeFindValue(nodePtr->attrFile, name);
+ val = treeFindValue(nodePtr->attrFile, name);
- if (vals) return vals;
+ if (val) return val;
/* No value available in local cache */
*errorcode = PSET_NO_VALUE;
@@ -573,7 +557,7 @@ psetNodeGetAll(PsetNodePtr psetNode, LDAP *ld, int deep, int*
errorcode)
{
BerElement *ber;
NameType attrName;
- char **vals;
+ struct berval **vals;
ListNodePtr resultList=NULL, tmpList, node;
char wholeName[PATH_MAX];
@@ -590,16 +574,16 @@ psetNodeGetAll(PsetNodePtr psetNode, LDAP *ld, int deep, int*
errorcode)
strcmp( attrName, "createtimestamp") &&
strcmp( attrName, "modifytimestamp") &&
strcmp( attrName, "modifiersname" )) {
- if ((vals = ldap_get_values(ld, psetNode->attrLDAP, attrName)) !=
+ if ((vals = ldap_get_values_len(ld, psetNode->attrLDAP, attrName)) !=
NULL) {
if (psetNode->attrName[0] == '\0')
PR_snprintf(wholeName, sizeof(wholeName), "%s", attrName);
else
PR_snprintf(wholeName, sizeof(wholeName), "%s.%s",
psetNode->attrName, attrName);
- if (vals[0] && *(vals[0]) != '\0') {
+ if (vals[0] && vals[0]->bv_len && vals[0]->bv_val
&& *(vals[0]->bv_val) != '\0') {
node = createListNode(wholeName,
- (void*)(admutil_strsdup(vals)),
+ (void*)(admutil_strsdup_berval(vals)),
0);
}
else {
@@ -607,7 +591,7 @@ psetNodeGetAll(PsetNodePtr psetNode, LDAP *ld, int deep, int*
errorcode)
}
if (!resultList) resultList = node;
else listCat(resultList, node);
- ldap_value_free( vals );
+ ldap_value_free_len( vals );
}
}
ldap_memfree(attrName);
@@ -639,7 +623,7 @@ psetNodeGetAllACI(PsetNodePtr psetNode, LDAP *ld, int deep, int*
errorcode)
{
BerElement *ber;
NameType attrName;
- char **vals;
+ struct berval **vals;
ListNodePtr resultList=NULL, tmpList, node;
char wholeName[PATH_MAX];
@@ -655,16 +639,16 @@ psetNodeGetAllACI(PsetNodePtr psetNode, LDAP *ld, int deep, int*
errorcode)
strcmp( attrName, "createtimestamp") &&
strcmp( attrName, "modifytimestamp") &&
strcmp( attrName, "modifiersname" )) {
- if ((vals = ldap_get_values(ld, psetNode->attrLDAP, attrName)) !=
+ if ((vals = ldap_get_values_len(ld, psetNode->attrLDAP, attrName)) !=
NULL) {
if (psetNode->attrName[0] == '\0')
PR_snprintf(wholeName, sizeof(wholeName), "%s", attrName);
else
PR_snprintf(wholeName, sizeof(wholeName), "%s.%s",
psetNode->attrName, attrName);
- if (vals[0] && *(vals[0]) != '\0') {
+ if (vals[0] && vals[0]->bv_len && vals[0]->bv_val
&& *(vals[0]->bv_val) != '\0') {
node = createListNode(wholeName,
- (void*)(admutil_strsdup(vals)),
+ (void*)(admutil_strsdup_berval(vals)),
0);
}
else {
@@ -672,7 +656,7 @@ psetNodeGetAllACI(PsetNodePtr psetNode, LDAP *ld, int deep, int*
errorcode)
}
if (!resultList) resultList = node;
else listCat(resultList, node);
- ldap_value_free( vals );
+ ldap_value_free_len( vals );
}
}
ldap_memfree(attrName);
@@ -711,9 +695,10 @@ psetNodeLDAPUpdate(PsetNodePtr nodePtr, LDAP *ld, char* ldFilter,
LDAPMod **mods
if (!nodeDN) return PSET_OP_FAIL;
- if ( (ldaperror = ldap_modify_s(ld, nodeDN, mods)) != LDAP_SUCCESS ) {
+ if ( (ldaperror = ldap_modify_ext_s(ld, nodeDN, mods, NULL, NULL)) != LDAP_SUCCESS ) {
#ifdef LDAP_DEBUG
- ldap_perror( ld, "ldap_modify_s" );
+ fprintf(stderr, "ldap_modify_s: [%s] error %d:%s\n",
+ nodeDN, ldaperror, ldap_err2string(ldaperror));
#endif
ldap_memfree(nodeDN);
if (ldaperror == LDAP_INSUFFICIENT_ACCESS) return PSET_ACCESS_FAIL;
@@ -724,11 +709,12 @@ psetNodeLDAPUpdate(PsetNodePtr nodePtr, LDAP *ld, char* ldFilter,
LDAPMod **mods
if (ldFilter) filter = ldFilter;
else filter = "(objectclass=*)";
- if ((ldaperror = ldap_search_s(ld, nodeDN, LDAP_SCOPE_BASE,
- filter, NULL, 0, &result))
+ if ((ldaperror = ldap_search_ext_s(ld, nodeDN, LDAP_SCOPE_BASE,
+ filter, NULL, 0, NULL, NULL, NULL, -1, &result))
!= LDAP_SUCCESS ) {
#ifdef LDAP_DEBUG
- ldap_perror(ld, "ldap_search_s" );
+ fprintf(stderr, "ldap_search_s: [%s:%s] error %d:%s\n",
+ nodeDN, filter, ldaperror, ldap_err2string(ldaperror));
#endif
ldap_memfree(nodeDN);
if (ldaperror == LDAP_INSUFFICIENT_ACCESS) return PSET_ACCESS_FAIL;
@@ -812,11 +798,12 @@ psetLDAPRefresh(PsetPtr pset)
if (pset->ldapFilter) filter = pset->ldapFilter;
else filter = "(objectclass=*)";
- if ((ldaperror = ldap_search_s(pset->ld, pset->sieDN, LDAP_SCOPE_SUBTREE,
- filter, NULL, 0, &result))
+ if ((ldaperror = ldap_search_ext_s(pset->ld, pset->sieDN, LDAP_SCOPE_SUBTREE,
+ filter, NULL, 0, NULL, NULL, NULL, -1, &result))
!= LDAP_SUCCESS ) {
#ifdef LDAP_DEBUG
- ldap_perror( pset->ld, "ldap_search_s" );
+ fprintf(stderr, "ldap_search_s: [%s:%s] error %d:%s\n",
+ pset->sieDN, filter, ldaperror, ldap_err2string(ldaperror));
#endif
ldap_msgfree(result);
if (ldaperror == LDAP_INSUFFICIENT_ACCESS) return PSET_ACCESS_FAIL;
@@ -1380,7 +1367,7 @@ psetCreate(char* serverID, char* configRoot, char* user, char*
passwd,
*errorcode = PSET_ENV_ERR;
}
- pset = psetRealCreate(ldapHost, ldapPort, sieDN, userDN, bindPasswd, path,
+ pset = psetRealCreate(ldapInfo, ldapHost, ldapPort, sieDN, userDN, bindPasswd, path,
errorcode);
done:
PR_Free(ldapHost);
@@ -1400,11 +1387,11 @@ done:
PR_IMPLEMENT(PsetHndl)
-psetRealCreate(char* ldapHost, int ldapPort, char* sieDN, char* userDN,
+psetRealCreate(AdmldapInfo ldapInfo, char* ldapHost, int ldapPort, char* sieDN, char*
userDN,
char* passwd, char* configFile, int* errorcode)
{
- return psetRealLDAPImport(NULL, ldapHost, ldapPort, sieDN, userDN,
+ return psetRealLDAPImport(ldapInfo, NULL, ldapHost, ldapPort, sieDN, userDN,
passwd, configFile, NULL, errorcode);
}
@@ -1432,7 +1419,7 @@ psetFileCreate(char* configFile, char* filter, int* errorcode)
}
PR_IMPLEMENT(PsetHndl)
-psetRealLDAPImport(PsetHndl pseth, char* ldapHost, int ldapPort, char* sieDN,
+psetRealLDAPImport(AdmldapInfo ldapInfo, PsetHndl pseth, char* ldapHost, int ldapPort,
char* sieDN,
char* userDN, char* passwd, char* cacheFile, char* filter,
int* errorcode)
{
@@ -1447,9 +1434,9 @@ psetRealLDAPImport(PsetHndl pseth, char* ldapHost, int ldapPort,
char* sieDN,
}
if (NULL != passwd) {
- ld = ldap_init(ldapHost, ldapPort);
+ ld = admutil_ldap_init(ldapInfo, NULL, ldapHost, ldapPort, 0, 0, NULL);
/* authenticate to LDAP server*/
- if ((ldapError = ldap_simple_bind_s(ld, userDN, passwd))
+ if ((ldapError = admutil_ldap_bind(ld, userDN, passwd, LDAP_SASL_SIMPLE, NULL, NULL,
NULL, NULL))
!= LDAP_SUCCESS ) {
switch (ldapError) {
case LDAP_INAPPROPRIATE_AUTH:
@@ -1457,20 +1444,21 @@ psetRealLDAPImport(PsetHndl pseth, char* ldapHost, int ldapPort,
char* sieDN,
case LDAP_INSUFFICIENT_ACCESS:
/* authenticate failed: Should not continue */
#ifdef LDAP_DEBUG
- ldap_perror( ld, "ldap_simple_bind_s" );
+ fprintf(stderr, "ldap_bind: [%s] error %d:%s\n",
+ userDN, ldapError, ldap_err2string(ldapError));
#endif
- ldap_unbind(ld);
+ ldap_unbind_ext(ld, NULL, NULL);
*errorcode = PSET_AUTH_FAIL;
return pset;
case LDAP_NO_SUCH_OBJECT:
case LDAP_ALIAS_PROBLEM:
case LDAP_INVALID_DN_SYNTAX:
/* Not a good DN */
- ldap_unbind(ld);
+ ldap_unbind_ext(ld, NULL, NULL);
*errorcode = PSET_ENTRY_NOT_EXIST;
return pset;
default:
- ldap_unbind(ld);
+ ldap_unbind_ext(ld, NULL, NULL);
unbindF = 0;
ld = NULL;
}
@@ -2054,6 +2042,8 @@ psetAddEntry(PsetHndl pseth, NameType parent, NameType name,
errorCode = PSET_OP_OK;
if (pset->ld) {
+ int adderr;
+
dn = attrName2dn(absAttrName, pset->sieDN);
/* Build initial list */
@@ -2084,15 +2074,16 @@ psetAddEntry(PsetHndl pseth, NameType parent, NameType name,
mods[i++] = createMod(nv->attrName, nv->attrVal, 0);
mods[i] = NULL;
- if ( ldap_add_s (pset->ld, dn, mods) == LDAP_SUCCESS ) {
+ if ( (adderr = ldap_add_ext_s (pset->ld, dn, mods, NULL, NULL)) == LDAP_SUCCESS )
{
/* Refresh this node */
if (pset->ldapFilter) filter = pset->ldapFilter;
else filter = "(objectclass=*)";
- if ((ldaperror = ldap_search_s(pset->ld, dn, LDAP_SCOPE_BASE,
- filter, NULL, 0, &result))
+ if ((ldaperror = ldap_search_ext_s(pset->ld, dn, LDAP_SCOPE_BASE,
+ filter, NULL, 0, NULL, NULL, NULL, -1,
&result))
!= LDAP_SUCCESS ) {
#ifdef LDAP_DEBUG
- ldap_perror(pset->ld, "ldap_search_s" );
+ fprintf(stderr, "ldap_search_s: [%s:%s] error %d:%s\n",
+ dn, filter, ldaperror, ldap_err2string(ldaperror));
#endif
if (ldaperror == LDAP_INSUFFICIENT_ACCESS) return PSET_ACCESS_FAIL;
return PSET_SYSTEM_ERR;
@@ -2112,7 +2103,8 @@ psetAddEntry(PsetHndl pseth, NameType parent, NameType name,
}
else {
#ifdef LDAP_DEBUG
- ldap_perror(pset->ld, "ldap_add_s");
+ fprintf(stderr, "ldap_add_s: [%s] error %d:%s\n",
+ dn, adderr, ldap_err2string(adderr));
#endif
errorCode = PSET_OP_FAIL;
}
@@ -2359,6 +2351,34 @@ psetErrorString(int errorNum, char* lang, char *buffer, size_t
bufsize, int *rc)
return PL_strdup(errorStr);
}
+#if defined(USE_OPENLDAP)
+static int
+pset_ldap_rebind_proc(
+ LDAP *ld, LDAP_CONST char *url,
+ ber_tag_t request, ber_int_t msgid,
+ void *arg)
+{
+ PsetPtr pset = (PsetPtr)arg;
+
+ return admutil_ldap_bind(ld, pset->binddn, pset->bindpw, LDAP_SASL_SIMPLE, NULL,
NULL, NULL, NULL);
+}
+#else /* NOT OPENLDAP */
+static int
+pset_ldap_rebind_proc (LDAP *ld, char **whop, char **passwdp,
+ int *authmethodp, int freeit, void *arg)
+{
+ PsetPtr pset = (PsetPtr)arg;
+
+ if (freeit == 0) {
+ *whop = pset->binddn;
+ *passwdp = pset->bindpw;
+ *authmethodp = LDAP_AUTH_SIMPLE;
+ }
+
+ return LDAP_SUCCESS;
+}
+#endif /* OPENLDAP */
+
/* Setting up LDAP referal */
PR_IMPLEMENT(int)
psetSetLDAPReferalInfo(PsetHndl pseth, char* userDN, char* passwd)
@@ -2618,3 +2638,10 @@ psetReplicateSIE(PsetHndl source, PsetHndl dest, char
*source_groupDN, char *des
return rv;
}
+
+/*
+ emacs settings
+ Local Variables:
+ c-basic-offset: 2
+ End:
+*/
diff --git a/lib/libadminutil/psetc_pvt.h b/lib/libadminutil/psetc_pvt.h
index 9d12300..494eaf1 100644
--- a/lib/libadminutil/psetc_pvt.h
+++ b/lib/libadminutil/psetc_pvt.h
@@ -24,7 +24,8 @@
#include <sys/types.h>
#include <sys/stat.h>
#include <libadminutil/psetc.h>
-#include "admutil_pvt.h"
+#include "libadminutil/admutil.h"
+#include "libadminutil/admutil-int.h"
/*
* PsetNode related data structure and methods
@@ -131,6 +132,8 @@ typedef struct _Pset {
/* real info */
PsetNodePtr info;
+ AdmldapInfo admInfo;
+
} Pset, *PsetPtr;
diff --git a/lib/libadminutil/srvutil.c b/lib/libadminutil/srvutil.c
index f668bc3..1b963e3 100644
--- a/lib/libadminutil/srvutil.c
+++ b/lib/libadminutil/srvutil.c
@@ -20,7 +20,7 @@
#include <string.h>
#include <libadminutil/srvutil.h>
-#include "admutil_pvt.h"
+#include "libadminutil/admutil-int.h"
#ifdef XP_WIN32
#define strcasecmp stricmp
@@ -65,7 +65,7 @@ getServerDNList(AdmldapInfo info)
/* Use domainDN to create a pset */
host = admldapGetHost(info);
siepwd = admldapGetSIEPWD(info);
- domainPset = psetRealCreate(host,
+ domainPset = psetRealCreate(info, host,
admldapGetPort(info),
domainDN,
sie,
@@ -172,7 +172,7 @@ getInstalledServerDNList(AdmldapInfo info)
host = admldapGetHost(info);
sie = admldapGetSIEDN(info);
siepwd = admldapGetSIEPWD(info);
- domainPset = psetRealCreate(host,
+ domainPset = psetRealCreate(info, host,
admldapGetPort(info),
domainDN,
sie,
diff --git a/lib/libadminutil/uginfo.c b/lib/libadminutil/uginfo.c
index 73eee8c..926f302 100644
--- a/lib/libadminutil/uginfo.c
+++ b/lib/libadminutil/uginfo.c
@@ -23,7 +23,7 @@
#include <stdlib.h>
#include <ctype.h>
#include <ldap.h>
-#include "admutil_pvt.h"
+#include "libadminutil/admutil-int.h"
#include "libadminutil/psetc.h"
#ifdef XP_WIN32
@@ -36,9 +36,8 @@ admldapCreateLDAPHndl(AdmldapInfo info, char *targetDN, int
*error_code)
{
char *sieDN = NULL;
char *resultDN = NULL;
- AdmldapHdnlPtr hndl = (AdmldapHdnlPtr)info;
- if (!hndl) { *error_code = UG_EMPTY_LDAPINFO; return NULL; }
+ if (!info) { *error_code = UG_EMPTY_LDAPINFO; return NULL; }
*error_code = UG_OP_OK;
if (targetDN) resultDN = PL_strdup(targetDN);
@@ -46,7 +45,7 @@ admldapCreateLDAPHndl(AdmldapInfo info, char *targetDN, int
*error_code)
/* No target DN given, try to figure it out */
if (!sieDN) sieDN = admldapGetSIEDN(info);
if (sieDN) {
- resultDN = PR_smprintf("cn=configuration, %s", sieDN);
+ resultDN = PR_smprintf("cn=configuration,%s", sieDN);
}
else {
*error_code = UG_NO_TARGETDN;
@@ -61,12 +60,12 @@ admldapGetUserDirectoryInfo(LDAP *ld, char* targetDN, char**
directoryURL,
char** bindDN, char** bindPassword,
char** directoryInfoRef, int* error_code)
{
- int ldaperror;
- LDAPMessage *e, *result;
- char **directoryURLVals = NULL,
- **bindDNVals = NULL,
- **bindPasswordVals = NULL,
- **directoryInfoRefVals = NULL;
+ int ldaperror;
+ LDAPMessage *e, *result;
+ struct berval **directoryURLVals = NULL,
+ **bindDNVals = NULL,
+ **bindPasswordVals = NULL,
+ **directoryInfoRefVals = NULL;
*error_code = UG_OP_OK;
*directoryURL = NULL;
@@ -77,17 +76,18 @@ admldapGetUserDirectoryInfo(LDAP *ld, char* targetDN, char**
directoryURL,
if (!ld) { *error_code = UG_NULL_LDAP; return 0; }
if (!targetDN) { *error_code = UG_NULL_DN; return 0; }
- if ((ldaperror = ldap_search_s(ld,
- targetDN,
- LDAP_SCOPE_BASE,
- "(objectclass=nsDirectoryInfo)",
- NULL,
- 0,
- &result))
+ if ((ldaperror = ldap_search_ext_s(ld,
+ targetDN,
+ LDAP_SCOPE_BASE,
+ "(objectclass=nsDirectoryInfo)",
+ NULL,
+ 0, NULL, NULL, NULL, -1,
+ &result))
!= LDAP_SUCCESS ) {
ldap_msgfree(result);
#ifdef LDAP_DEBUG
- ldap_perror(ld, "ldap_search_s");
+ fprintf(stderr, "ldap_search_s: [%s:%s] error %d:%s\n",
+ targetDN, "(objectclass=nsDirectoryInfo)", ldaperror,
ldap_err2string(ldaperror));
#endif
if (ldaperror == LDAP_INSUFFICIENT_ACCESS ||
ldaperror == LDAP_INAPPROPRIATE_AUTH) {
@@ -110,48 +110,51 @@ admldapGetUserDirectoryInfo(LDAP *ld, char* targetDN, char**
directoryURL,
}
e = ldap_first_entry(ld, result);
- directoryURLVals = ldap_get_values(ld, e, "nsDirectoryURL");
- bindDNVals = ldap_get_values(ld, e, "nsBindDN");
- bindPasswordVals = ldap_get_values(ld, e, "nsBindPassword");
- directoryInfoRefVals = ldap_get_values(ld, e, "nsDirectoryInfoRef");
+ directoryURLVals = ldap_get_values_len(ld, e, "nsDirectoryURL");
+ bindDNVals = ldap_get_values_len(ld, e, "nsBindDN");
+ bindPasswordVals = ldap_get_values_len(ld, e, "nsBindPassword");
+ directoryInfoRefVals = ldap_get_values_len(ld, e, "nsDirectoryInfoRef");
- if (directoryURLVals) {
- char **s;
+ if (directoryURLVals && directoryURLVals[0]) {
+ struct berval **s;
char buffer[1024];
- s = ldap_get_values(ld, e, "nsDirectoryFailoverList");
- if (s && strcmp(s[0], "")) {
- char *temp = strrchr(directoryURLVals[0], '/');
+ s = ldap_get_values_len(ld, e, "nsDirectoryFailoverList");
+ if (s && s[0] && s[0]->bv_len && s[0]->bv_val
&& strcmp(s[0]->bv_val, "")) {
+ char *temp = PL_strnchr(directoryURLVals[0]->bv_val, '/',
directoryURLVals[0]->bv_len);
/* append failover list to url */
if (NULL != temp) {
*temp = '\0';
- PR_snprintf(buffer, sizeof(buffer), "%s %s/%s",
- directoryURLVals[0], s[0], temp + 1);
+ PR_snprintf(buffer, sizeof(buffer), "%.*s %.*s/%s",
+ directoryURLVals[0]->bv_len, directoryURLVals[0]->bv_val,
+ s[0]->bv_len, s[0]->bv_val, temp + 1);
} else {
- PR_snprintf(buffer, sizeof(buffer), "%s %s", directoryURLVals[0],
s[0]);
+ PR_snprintf(buffer, sizeof(buffer), "%.*s %.*s",
+ directoryURLVals[0]->bv_len, directoryURLVals[0]->bv_val,
+ s[0]->bv_len, s[0]->bv_val);
}
} else {
- PR_snprintf(buffer, sizeof(buffer), "%s", directoryURLVals[0]);
+ PR_snprintf(buffer, sizeof(buffer), "%.*s",
+ directoryURLVals[0]->bv_len, directoryURLVals[0]->bv_val);
}
- ldap_value_free(s);
+ ldap_value_free_len(s);
*directoryURL = PL_strdup(buffer);
- ldap_value_free(directoryURLVals);
+ ldap_value_free_len(directoryURLVals);
}
- if (bindDNVals) {
- *bindDN = PL_strdup(bindDNVals[0]);
- ldap_value_free(bindDNVals);
+ if (bindDNVals && bindDNVals[0]) {
+ *bindDN = PL_strndup(bindDNVals[0]->bv_val, bindDNVals[0]->bv_len);
+ ldap_value_free_len(bindDNVals);
}
- if (bindPasswordVals) {
- *bindPassword = PL_strdup(bindPasswordVals[0]);
- if (bindPasswordVals[0]) {
- memset(bindPasswordVals[0], '\0', strlen(bindPasswordVals[0]));
- }
- ldap_value_free(bindPasswordVals);
+ if (bindPasswordVals && bindPasswordVals[0]) {
+ *bindPassword = PL_strndup(bindPasswordVals[0]->bv_val,
bindPasswordVals[0]->bv_len);
+ /* clear out this memory */
+ memset(bindPasswordVals[0]->bv_val, '\0',
bindPasswordVals[0]->bv_len);
+ ldap_value_free_len(bindPasswordVals);
}
- if (directoryInfoRefVals) {
- *directoryInfoRef = PL_strdup(directoryInfoRefVals[0]);
- ldap_value_free(directoryInfoRefVals);
+ if (directoryInfoRefVals && directoryInfoRefVals[0]) {
+ *directoryInfoRef = PL_strndup(directoryInfoRefVals[0]->bv_val,
directoryInfoRefVals[0]->bv_len);
+ ldap_value_free_len(directoryInfoRefVals);
}
ldap_msgfree(result);
@@ -176,7 +179,7 @@ admldapGetAdmGroupUGDN(char* sieDN)
dnList[dnLen-2],
dnList[dnLen-1]);
}
- ldap_value_free(dnList);
+ admutil_strsFree(dnList);
return dnbuf;
}
@@ -191,11 +194,11 @@ admldapGetDomainUGDN(char* sieDN)
while (dnList && dnList[dnLen]) dnLen++;
if (dnLen >= 3) {
- dnbuf = PR_smprintf("cn=UserDirectory, ou=Global Preferences,%s,%s",
+ dnbuf = PR_smprintf("cn=UserDirectory,ou=Global Preferences,%s,%s",
dnList[dnLen-2],
dnList[dnLen-1]);
}
- ldap_value_free(dnList);
+ admutil_strsFree(dnList);
return dnbuf;
}
@@ -442,9 +445,10 @@ admldapSetUserDirectoryReal(LDAP *ld, char* targetDN, char*
directoryURL,
mods[i] = NULL;
}
- if ( (ldaperror = ldap_modify_s(ld, targetDN, mods)) != LDAP_SUCCESS ) {
+ if ( (ldaperror = ldap_modify_ext_s(ld, targetDN, mods, NULL, NULL)) != LDAP_SUCCESS )
{
#ifdef LDAP_DEBUG
- ldap_perror(ld, "ldap_modify_s");
+ fprintf(stderr, "ldap_modify_s: [%s] error %d:%s\n",
+ targetDN, ldaperror, ldap_err2string(ldaperror));
#endif
if (ldaperror == LDAP_INSUFFICIENT_ACCESS) *error_code = UG_ACCESS_FAIL;
else *error_code = UG_LDAP_SYSTEM_ERR;
@@ -480,13 +484,12 @@ admldapGetUserDirectory(AdmldapInfo info, char* targetDN, char**
directoryURL,
{
int status = 1;
char *realTargetDN;
- AdmldapHdnlPtr hndl = (AdmldapHdnlPtr)info;
realTargetDN = admldapCreateLDAPHndl(info, targetDN, error_code);
if (!realTargetDN) return 0;
- status = admldapGetUserDirectoryReal(hndl->ldapHndl,
+ status = admldapGetUserDirectoryReal(admldapGetLDAPHndl(info),
realTargetDN,
directoryURL,
bindDN,
@@ -505,13 +508,12 @@ admldapSetUserDirectory(AdmldapInfo info, char* targetDN, char*
directoryURL,
{
int status = 1;
char *realTargetDN;
- AdmldapHdnlPtr hndl = (AdmldapHdnlPtr)info;
realTargetDN = admldapCreateLDAPHndl(info, targetDN, error_code);
if (!realTargetDN) return 0;
- status = admldapSetUserDirectoryReal(hndl->ldapHndl,
+ status = admldapSetUserDirectoryReal(admldapGetLDAPHndl(info),
realTargetDN,
directoryURL,
bindDN,
diff --git a/lib/libadmsslutil/admsslutil.c b/lib/libadmsslutil/admsslutil.c
index 04a3fa8..ab5132e 100644
--- a/lib/libadmsslutil/admsslutil.c
+++ b/lib/libadmsslutil/admsslutil.c
@@ -22,7 +22,6 @@
#include <libgen.h>
#endif
#include "ldap.h"
-#include "ldap_ssl.h"
#include "libadmsslutil/psetcssl.h"
#include "libadmsslutil/admsslutil.h"
#include "cert.h"
@@ -33,6 +32,7 @@
#include "secpwd_pvt.h"
#include "prprf.h"
#include "sslproto.h"
+#include "libadminutil/admutil-int.h"
#include "errno.h"
#include "secport.h"
@@ -81,9 +81,9 @@ admldapBuildInfoSSL(AdmldapInfo info, int *errorcode)
host = admldapGetHost(info);
if (admldapGetSecurity(info))
- ld = ldapssl_init(host, admldapGetPort(info), 1);
+ ld = admutil_ldap_init(info, NULL, host, admldapGetPort(info), 1, 0, NULL);
else
- ld = ldap_init(host, admldapGetPort(info));
+ ld = admutil_ldap_init(info, NULL, host, admldapGetPort(info), 0, 0, NULL);
PL_strfree(host);
if (!ld) {
@@ -94,7 +94,12 @@ admldapBuildInfoSSL(AdmldapInfo info, int *errorcode)
passwd = admldapGetSIEPWD(info);
if (passwd) {
char *dn = admldapGetSIEDN(info);
- ldapError = ldap_simple_bind_s(ld, dn, passwd);
+ ldapError = admutil_ldap_bind(ld, dn, passwd, LDAP_SASL_SIMPLE, NULL, NULL, NULL,
NULL);
+ if (ldapError != LDAP_SUCCESS) {
+#ifdef LDAP_DEBUG
+ fprintf(stderr, "admutil_ldap_bind: [%s] error [%d:%s]\n", dn,
ldapError, ldap_err2string(ldapError));
+#endif
+ }
PL_strfree(dn);
memset(passwd, '\0', strlen(passwd));
PL_strfree(passwd);
@@ -106,27 +111,24 @@ admldapBuildInfoSSL(AdmldapInfo info, int *errorcode)
}
/* authenticate to LDAP server*/
if (ldapError != LDAP_SUCCESS) {
-#ifdef LDAP_DEBUG
- ldap_perror(ld, "ldap_simple_bind_s");
-#endif
switch (ldapError) {
case LDAP_INAPPROPRIATE_AUTH:
case LDAP_INVALID_CREDENTIALS:
case LDAP_INSUFFICIENT_ACCESS:
/* authenticate failed: Should not continue */
- ldap_unbind(ld);
+ ldap_unbind_ext(ld, NULL, NULL);
*errorcode = ADMUTIL_LDAP_ERR;
return 0;
case LDAP_NO_SUCH_OBJECT:
case LDAP_ALIAS_PROBLEM:
case LDAP_INVALID_DN_SYNTAX:
/* Not a good user DN */
- ldap_unbind(ld);
+ ldap_unbind_ext(ld, NULL, NULL);
*errorcode = ADMUTIL_LDAP_ERR;
return 0;
break;
default:
- ldap_unbind(ld);
+ ldap_unbind_ext(ld, NULL, NULL);
*errorcode = ADMUTIL_LDAP_ERR;
return 0;
}
@@ -277,102 +279,6 @@ void servssl_warn(char *fmt, ...)
#endif
}
-/* ----------------------- Multiple cipher support ------------------------ */
-
-#ifdef NET_SSL
-
-typedef struct {
- char *name;
- int num;
-} cipherstruct;
-
-static cipherstruct _conf_ciphers[] = {
- {"rc4", SSL_EN_RC4_128_WITH_MD5},
- {"rc4export", SSL_EN_RC4_128_EXPORT40_WITH_MD5},
- {"rc2", SSL_EN_RC2_128_CBC_WITH_MD5},
- {"rc2export", SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5},
- {"idea", SSL_EN_IDEA_128_CBC_WITH_MD5},
- {"des", SSL_EN_DES_64_CBC_WITH_MD5},
- {"desede3", SSL_EN_DES_192_EDE3_CBC_WITH_MD5},
- {"rsa_rc4_128_md5", SSL_RSA_WITH_RC4_128_MD5},
- {"rsa_3des_sha", SSL_RSA_WITH_3DES_EDE_CBC_SHA},
- {"rsa_des_sha", SSL_RSA_WITH_DES_CBC_SHA},
- {"rsa_rc4_40_md5", SSL_RSA_EXPORT_WITH_RC4_40_MD5},
- {"rsa_rc2_40_md5", SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5},
- {"tls_rsa_export1024_with_des_cbc_sha",
TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA},
- {"tls_rsa_export1024_with_rc4_56_sha",
TLS_RSA_EXPORT1024_WITH_RC4_56_SHA},
- {"rsa_null_md5", SSL_RSA_WITH_NULL_MD5},
- {"fortezza", SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA},
- {"fortezza_rc4_128_sha", SSL_FORTEZZA_DMS_WITH_RC4_128_SHA},
- {"fortezza_null", SSL_FORTEZZA_DMS_WITH_NULL_SHA},
- {"rsa_fips_des_sha", SSL_RSA_FIPS_WITH_DES_CBC_SHA},
- {"rsa_fips_3des_sha", SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA},
- {NULL, 0}
-};
-
-void _conf_setallciphers(int active)
-{
- register int x;
-
- /* MLM - change: Because null_md5 is NOT encrypted at all, force
- * them to activate it by name. */
- for(x = 0; _conf_ciphers[x].name; x++) {
- if(active && !strcmp(_conf_ciphers[x].name, "rsa_null_md5"))
{
- continue;
- }
-#ifdef NET_SSL
- SSL_CipherPrefSetDefault(_conf_ciphers[x].num, active ? PR_TRUE : PR_FALSE);
-#endif
- }
-}
-
-char *_conf_setciphers(char *ciphers)
-{
- char *t, err[ADMSSL_BUF_LEN];
- int x, active;
-
- /* Default is to activate all of them */
- if(!ciphers) {
- _conf_setallciphers(1);
- return NULL;
- }
- _conf_setallciphers(0);
-
- t = ciphers;
- while(t) {
- while((*ciphers) && (isspace(*ciphers))) ++ciphers;
-
- switch(*ciphers++) {
- case '+':
- active = 1; break;
- case '-':
- active = 0; break;
- default:
- return(PL_strdup("invalid ciphers: format is
+cipher1,-cipher2..."));
- }
- if( (t = strchr(ciphers, ',')) )
- *t++ = '\0';
-
- if(!strcmp(ciphers, "all"))
- _conf_setallciphers(active);
- else {
- for(x = 0; _conf_ciphers[x].name; x++) {
- if(!strcmp(ciphers, _conf_ciphers[x].name)) {
- SSL_CipherPrefSetDefault(_conf_ciphers[x].num, active ? PR_TRUE :
PR_FALSE);
- break;
- }
- }
- if(!_conf_ciphers[x].name) {
- PR_snprintf(err, sizeof(err), "unknown cipher %s", ciphers);
- return PL_strdup(err);
- }
- }
- if(t)
- ciphers = t;
- }
- return NULL;
-}
-
/*
* SSLPLCY_Install
@@ -387,8 +293,6 @@ SSLPLCY_Install(void)
}
-#endif /* NET_SSL */
-
/*
* Modify "security" in adm.conf and DS
*/
@@ -580,3 +484,10 @@ SSLSocket_init(PRFileDesc *req_socket, const char *configdir, const
char *securi
return ssl_socket;
}
+
+/*
+ emacs settings
+ Local Variables:
+ c-basic-offset: 2
+ End:
+*/
diff --git a/lib/libadmsslutil/psetcssl.c b/lib/libadmsslutil/psetcssl.c
index 592f794..960be6f 100644
--- a/lib/libadmsslutil/psetcssl.c
+++ b/lib/libadmsslutil/psetcssl.c
@@ -24,10 +24,10 @@
#include <stdlib.h>
#include <ctype.h>
#include "ldap.h"
-#include "ldap_ssl.h"
#include "libadminutil/distadm.h"
#include "libadmsslutil/psetcssl.h"
#include "libadmsslutil/srvutilssl.h"
+#include "libadminutil/admutil-int.h"
#ifdef XP_WIN32
#define strcasecmp stricmp
@@ -79,7 +79,7 @@ find_file_in_paths(
}
PR_IMPLEMENT(PsetHndl)
-psetRealLDAPImportSSL(PsetHndl pseth, char* ldapHost, int ldapPort,
+psetRealLDAPImportSSL(AdmldapInfo ldapInfo, PsetHndl pseth, char* ldapHost, int
ldapPort,
int secure, char* sieDN, char* userDN, char* passwd,
char* configFile, char* filter, int* errorcode)
{
@@ -98,11 +98,11 @@ psetRealLDAPImportSSL(PsetHndl pseth, char* ldapHost, int ldapPort,
ADM_GetCurrentPassword(errorcode, &passwd);
}
if (NULL != passwd) { /* if passwd is not given, let's use cache data */
- if (secure) ld = ldapssl_init(ldapHost, ldapPort, 1);
- else ld = ldap_init(ldapHost, ldapPort);
+ if (secure) ld = admutil_ldap_init(ldapInfo, NULL, ldapHost, ldapPort, 1, 0, NULL);
+ else ld = admutil_ldap_init(ldapInfo, NULL, ldapHost, ldapPort, 0, 0, NULL);
/* authenticate to LDAP server*/
- if ((ldapError = ldap_simple_bind_s(ld, userDN, passwd))
+ if ((ldapError = admutil_ldap_bind(ld, userDN, passwd, LDAP_SASL_SIMPLE, NULL, NULL,
NULL, NULL))
!= LDAP_SUCCESS ) {
switch (ldapError) {
case LDAP_INAPPROPRIATE_AUTH:
@@ -110,18 +110,18 @@ psetRealLDAPImportSSL(PsetHndl pseth, char* ldapHost, int ldapPort,
case LDAP_INSUFFICIENT_ACCESS:
/* authenticate failed: Should not continue */
/* ldap_perror( pset->ld, "ldap_simple_bind_s" ); */
- ldap_unbind(ld);
+ ldap_unbind_ext(ld, NULL, NULL);
*errorcode = PSET_AUTH_FAIL;
return NULL;
case LDAP_NO_SUCH_OBJECT:
case LDAP_ALIAS_PROBLEM:
case LDAP_INVALID_DN_SYNTAX:
/* Not a good DN */
- ldap_unbind(ld);
+ ldap_unbind_ext(ld, NULL, NULL);
*errorcode = PSET_ENTRY_NOT_EXIST;
return NULL;
default:
- ldap_unbind(ld);
+ ldap_unbind_ext(ld, NULL, NULL);
unbindF = 0;
ld = NULL;
}
@@ -141,11 +141,11 @@ psetRealLDAPImportSSL(PsetHndl pseth, char* ldapHost, int ldapPort,
PR_IMPLEMENT(PsetHndl)
-psetRealCreateSSL(char* ldapHost, int ldapPort, int secure, char* sieDN,
+psetRealCreateSSL(AdmldapInfo ldapInfo, char* ldapHost, int ldapPort, int secure, char*
sieDN,
char* userDN, char* passwd, char* configFile,
int* errorcode)
{
- return psetRealLDAPImportSSL(NULL, ldapHost, ldapPort, secure, sieDN,
+ return psetRealLDAPImportSSL(ldapInfo, NULL, ldapHost, ldapPort, secure, sieDN,
userDN, passwd, configFile, NULL, errorcode);
}
@@ -220,7 +220,7 @@ psetCreateSSL(char* serverID, char* configRoot, char* user, char*
passwd,
*errorcode = PSET_ENV_ERR;
}
- pset = psetRealCreateSSL(ldapHost, ldapPort, secure, sieDN, userDN,
+ pset = psetRealCreateSSL(ldapInfo, ldapHost, ldapPort, secure, sieDN, userDN,
bindPasswd, path, errorcode);
done:
destroyAdmldap(ldapInfo);
@@ -237,4 +237,9 @@ done:
return pset;
}
-
+/*
+ emacs settings
+ Local Variables:
+ c-basic-offset: 2
+ End:
+*/
diff --git a/lib/libadmsslutil/srvutilssl.c b/lib/libadmsslutil/srvutilssl.c
index 2281a1c..7bb2cfa 100644
--- a/lib/libadmsslutil/srvutilssl.c
+++ b/lib/libadmsslutil/srvutilssl.c
@@ -64,7 +64,7 @@ getServerDNListSSL(AdmldapInfo info)
/* Use domainDN to create a pset */
host = admldapGetHost(info);
siepwd = admldapGetSIEPWD(info);
- domainPset = psetRealCreateSSL(host,
+ domainPset = psetRealCreateSSL(info, host,
admldapGetPort(info),
admldapGetSecurity(info),
domainDN,
@@ -123,7 +123,7 @@ getInstalledServerDNListSSL(AdmldapInfo info)
host = admldapGetHost(info);
siedn = admldapGetSIEDN(info);
siepwd = admldapGetSIEPWD(info);
- domainPset = psetRealCreateSSL(host,
+ domainPset = psetRealCreateSSL(info, host,
admldapGetPort(info),
admldapGetSecurity(info),
domainDN,
diff --git a/lib/libadmsslutil/uginfossl.c b/lib/libadmsslutil/uginfossl.c
index 5691063..eb73c01 100644
--- a/lib/libadmsslutil/uginfossl.c
+++ b/lib/libadmsslutil/uginfossl.c
@@ -23,9 +23,9 @@
#include <stdlib.h>
#include <ctype.h>
#include <ldap.h>
-#include <ldap_ssl.h>
#include "libadminutil/distadm.h"
#include "libadmsslutil/admsslutil.h"
+#include "libadminutil/admutil-int.h"
#ifdef XP_WIN32
#define strcasecmp stricmp
@@ -93,9 +93,9 @@ admldapCGIbuild(AdmldapInfo ldapInfo, int* error_code)
host = admldapGetHost(ldapInfo);
if (admldapGetSecurity(ldapInfo))
- ld = ldapssl_init(host, admldapGetPort(ldapInfo), 1);
+ ld = admutil_ldap_init(ldapInfo, NULL, host, admldapGetPort(ldapInfo), 1, 0, NULL);
else
- ld = ldap_init(host, admldapGetPort(ldapInfo));
+ ld = admutil_ldap_init(ldapInfo, NULL, host, admldapGetPort(ldapInfo), 1, 0, NULL);
PL_strfree(host);
host = NULL;
@@ -110,9 +110,7 @@ admldapCGIbuild(AdmldapInfo ldapInfo, int* error_code)
return NULL;
}
- ldapError = ldap_simple_bind_s(ld,
- binddn,
- bindpw);
+ ldapError = admutil_ldap_bind(ld, binddn, bindpw, LDAP_SASL_SIMPLE, NULL, NULL, NULL,
NULL);
PL_strfree(binddn);
if (bindpw) {
memset(bindpw, 0, strlen(bindpw));
@@ -123,14 +121,14 @@ admldapCGIbuild(AdmldapInfo ldapInfo, int* error_code)
/* authenticate to LDAP server*/
if (ldapError != LDAP_SUCCESS) {
#ifdef LDAP_DEBUG
- ldap_perror(ld, "ldap_simple_bind_s");
+ fprintf(stderr, "ldap_simple_bind_s: [%s] error %d:%s\n", binddn,
ldapError, ldap_err2string(ldapError));
#endif
switch (ldapError) {
case LDAP_INAPPROPRIATE_AUTH:
case LDAP_INVALID_CREDENTIALS:
case LDAP_INSUFFICIENT_ACCESS:
/* authenticate failed: Should not continue */
- ldap_unbind(ld);
+ ldap_unbind_ext(ld, NULL, NULL);
*error_code = ADMUTIL_LDAP_ERR;
destroyAdmldap(ldapInfo);
return NULL;
@@ -138,13 +136,13 @@ admldapCGIbuild(AdmldapInfo ldapInfo, int* error_code)
case LDAP_ALIAS_PROBLEM:
case LDAP_INVALID_DN_SYNTAX:
/* Not a good user DN */
- ldap_unbind(ld);
+ ldap_unbind_ext(ld, NULL, NULL);
*error_code = ADMUTIL_LDAP_ERR;
destroyAdmldap(ldapInfo);
return NULL;
break;
default:
- ldap_unbind(ld);
+ ldap_unbind_ext(ld, NULL, NULL);
*error_code = ADMUTIL_LDAP_ERR;
destroyAdmldap(ldapInfo);
return NULL;
@@ -204,3 +202,10 @@ admldapSetDomainUserDirectoryCGI(AdmldapInfo ldapInfo,
return status;
}
+
+/*
+ emacs settings
+ Local Variables:
+ c-basic-offset: 2
+ End:
+*/
diff --git a/m4/mozldap.m4 b/m4/mozldap.m4
index 4cbb406..d115dd8 100644
--- a/m4/mozldap.m4
+++ b/m4/mozldap.m4
@@ -18,34 +18,59 @@
#
# END COPYRIGHT BLOCK
-AC_CHECKING(for LDAPSDK)
+AC_CHECKING(for Mozilla LDAPSDK)
# check for --with-ldapsdk
AC_MSG_CHECKING(for --with-ldapsdk)
-AC_ARG_WITH(ldapsdk, [ --with-ldapsdk=PATH Mozilla LDAP SDK directory],
+AC_ARG_WITH(ldapsdk, AS_HELP_STRING([--with-ldapsdk@<:@=PATH@:>@],[Mozilla LDAP SDK
directory]),
[
- if test -e "$withval"/include/ldap.h -a -d "$withval"/lib
+ if test "$withval" = yes
+ then
+ AC_MSG_RESULT(yes)
+ elif test "$withval" = no
+ then
+ AC_MSG_RESULT(no)
+ elif test -e "$withval"/include/ldap.h -a -d "$withval"/lib
then
AC_MSG_RESULT([using $withval])
LDAPSDKDIR=$withval
ldapsdk_inc="-I$LDAPSDKDIR/include"
ldapsdk_lib="-L$LDAPSDKDIR/lib"
ldapsdk_libdir="$LDAPSDKDIR/lib"
+ with_ldapsdk=yes
else
echo
AC_MSG_ERROR([$withval not found])
fi
+
+ if test "$with_ldapsdk" = yes -a "$with_openldap" = yes
+ then
+ AC_MSG_ERROR([Cannot use both LDAPSDK and OpenLDAP.])
+ fi
+ if test "$with_ldapsdk" != yes -a "$with_openldap" != yes
+ then
+ AC_MSG_ERROR([Either LDAPSDK or OpenLDAP must be used.])
+ fi
],
-AC_MSG_RESULT(no))
+[
+ if test "$with_openldap" = yes
+ then
+ AC_MSG_RESULT(no)
+ else
+ AC_MSG_RESULT(yes)
+ with_ldapsdk=yes
+ fi
+])
# check for --with-ldapsdk-inc
AC_MSG_CHECKING(for --with-ldapsdk-inc)
-AC_ARG_WITH(ldapsdk-inc, [ --with-ldapsdk-inc=PATH Mozilla LDAP SDK include
directory],
+AC_ARG_WITH(ldapsdk-inc, AS_HELP_STRING([--with-ldapsdk-inc=PATH],[Mozilla LDAP SDK
include directory]),
[
if test -e "$withval"/ldap.h
then
AC_MSG_RESULT([using $withval])
ldapsdk_inc="-I$withval"
+ with_ldapsdk=yes
else
echo
AC_MSG_ERROR([$withval not found])
@@ -55,13 +80,14 @@ AC_MSG_RESULT(no))
# check for --with-ldapsdk-lib
AC_MSG_CHECKING(for --with-ldapsdk-lib)
-AC_ARG_WITH(ldapsdk-lib, [ --with-ldapsdk-lib=PATH Mozilla LDAP SDK library
directory],
+AC_ARG_WITH(ldapsdk-lib, AS_HELP_STRING([--with-ldapsdk-lib=PATH],[Mozilla LDAP SDK
library directory]),
[
if test -d "$withval"
then
AC_MSG_RESULT([using $withval])
ldapsdk_lib="-L$withval"
ldapsdk_libdir="$withval"
+ with_ldapsdk=yes
else
echo
AC_MSG_ERROR([$withval not found])
@@ -72,40 +98,47 @@ AC_MSG_RESULT(no))
# if LDAPSDK is not found yet, try pkg-config
# last resort
-if test -z "$ldapsdk_inc" -o -z "$ldapsdk_lib" -o -z
"$ldapsdk_libdir"; then
- AC_MSG_CHECKING(for mozldap with pkg-config)
- AC_PATH_PROG(PKG_CONFIG, pkg-config)
- if test -n "$PKG_CONFIG"; then
- if $PKG_CONFIG --exists mozldap6; then
- ldapsdk_name=mozldap6
- elif $PKG_CONFIG --exists mozldap; then
- ldapsdk_name=mozldap
- else
- AC_MSG_ERROR([LDAPSDK not found, specify with --with-ldapsdk[-inc|-lib].])
+if test "$with_ldapsdk" = yes ; then
+ if test -z "$ldapsdk_inc" -o -z "$ldapsdk_lib" -o -z
"$ldapsdk_libdir"; then
+ AC_PATH_PROG(PKG_CONFIG, pkg-config)
+ AC_MSG_CHECKING(for mozldap with pkg-config)
+ if test -n "$PKG_CONFIG"; then
+ if $PKG_CONFIG --exists mozldap6; then
+ mozldappkg=mozldap6
+ elif $PKG_CONFIG --exists mozldap; then
+ mozldappkg=mozldap
+ else
+ AC_MSG_ERROR([LDAPSDK not found, specify with --with-ldapsdk[-inc|-lib].])
+ fi
+ ldapsdk_inc=`$PKG_CONFIG --cflags-only-I $mozldappkg`
+ ldapsdk_lib=`$PKG_CONFIG --libs-only-L $mozldappkg`
+ ldapsdk_libdir=`$PKG_CONFIG --libs-only-L $mozldappkg | sed -e s/-L// | sed -e s/\
.*$//`
+ AC_MSG_RESULT([using system $mozldappkg])
fi
- ldapsdk_inc=`$PKG_CONFIG --cflags-only-I $ldapsdk_name`
- ldapsdk_lib=`$PKG_CONFIG --libs-only-L $ldapsdk_name`
- ldapsdk_libdir=`$PKG_CONFIG --libs-only-L $ldapsdk_name | sed -e s/-L// | sed -e s/\
*$//`
- AC_MSG_RESULT([using system $ldapsdk_name])
fi
fi
-if test -z "$ldapsdk_inc" -o -z "$ldapsdk_lib"; then
- AC_MSG_ERROR([LDAPSDK not found, specify with --with-ldapsdk[-inc|-lib].])
-fi
-dnl make sure the ldap sdk version is 6 or greater - we do not support
-dnl the old 5.x or prior versions - the ldap server code expects the new
-dnl ber types and other code used with version 6
-save_cppflags="$CPPFLAGS"
-CPPFLAGS="$ldapsdk_inc $nss_inc $nspr_inc"
-AC_CHECK_HEADER([ldap.h], [isversion6=1], [isversion6=],
-[#include <ldap-standard.h>
+if test "$with_ldapsdk" = yes ; then
+ if test -z "$ldapsdk_inc" -o -z "$ldapsdk_lib"; then
+ AC_MSG_ERROR([LDAPSDK not found, specify with --with-ldapsdk[-inc|-lib].])
+ fi
+
+ dnl make sure the ldap sdk version is 6 or greater - we do not support
+ dnl the old 5.x or prior versions - the ldap server code expects the new
+ dnl ber types and other code used with version 6
+ save_cppflags="$CPPFLAGS"
+ CPPFLAGS="$ldapsdk_inc $nss_inc $nspr_inc"
+ AC_CHECK_HEADER([ldap.h], [isversion6=1], [isversion6=],
+ [#include <ldap-standard.h>
#if LDAP_VENDOR_VERSION < 600
#error The LDAP C SDK version is not supported
#endif
-])
-CPPFLAGS="$save_cppflags"
+ ])
+ CPPFLAGS="$save_cppflags"
-if test -z "$isversion6" ; then
- AC_MSG_ERROR([The LDAPSDK version in $ldapsdk_inc/ldap-standard.h is not supported])
+ if test -z "$isversion6" ; then
+ AC_MSG_ERROR([The LDAPSDK version in $ldapsdk_inc/ldap-standard.h is not supported])
+ fi
+ AC_DEFINE([USE_MOZLDAP], [1], [If defined, using MozLDAP for LDAP SDK])
+ AC_DEFINE([HAVE_LDAP_URL_PARSE_NO_DEFAULTS], [1], [have the function
ldap_url_parse_no_defaults])
fi
diff --git a/m4/openldap.m4 b/m4/openldap.m4
new file mode 100644
index 0000000..a4e2e88
--- /dev/null
+++ b/m4/openldap.m4
@@ -0,0 +1,131 @@
+# BEGIN COPYRIGHT BLOCK
+# Copyright (C) 2009 Red Hat, Inc.
+# All rights reserved.
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+#
+# END COPYRIGHT BLOCK
+
+AC_CHECKING(for OpenLDAP)
+
+# check for --with-openldap
+AC_MSG_CHECKING(for --with-openldap)
+AC_ARG_WITH(openldap, AS_HELP_STRING([--with-openldap@<:@=PATH@:>@],[Use OpenLDAP -
optional PATH is path to OpenLDAP SDK]),
+[
+ if test "$withval" = yes
+ then
+ AC_MSG_RESULT([using system OpenLDAP])
+ elif test "$withval" = no
+ then
+ AC_MSG_RESULT(no)
+ elif test -e "$withval"/include/ldap.h -a -d "$withval"/lib
+ then
+ AC_MSG_RESULT([using $withval])
+ OPENLDAPDIR=$withval
+ openldap_incdir="$OPENLDAPDIR/include"
+ openldap_inc="-I$openldap_incdir"
+ openldap_lib="-L$OPENLDAPDIR/lib"
+ openldap_libdir="$OPENLDAPDIR/lib"
+ with_openldap=yes
+ else
+ echo
+ AC_MSG_ERROR([$withval not found])
+ fi
+],
+AC_MSG_RESULT(no))
+
+# check for --with-openldap-inc
+AC_MSG_CHECKING(for --with-openldap-inc)
+AC_ARG_WITH(openldap-inc, AS_HELP_STRING([--with-openldap-inc=PATH],[OpenLDAP SDK include
directory]),
+[
+ if test -e "$withval"/ldap.h
+ then
+ AC_MSG_RESULT([using $withval])
+ openldap_incdir="$withval"
+ openldap_inc="-I$withval"
+ with_openldap=yes
+ else
+ echo
+ AC_MSG_ERROR([$withval not found])
+ fi
+],
+AC_MSG_RESULT(no))
+
+# check for --with-openldap-lib
+AC_MSG_CHECKING(for --with-openldap-lib)
+AC_ARG_WITH(openldap-lib, AS_HELP_STRING([--with-openldap-lib=PATH],[OpenLDAP SDK library
directory]),
+[
+ if test -d "$withval"
+ then
+ AC_MSG_RESULT([using $withval])
+ openldap_lib="-L$withval"
+ openldap_libdir="$withval"
+ with_openldap=yes
+ else
+ echo
+ AC_MSG_ERROR([$withval not found])
+ fi
+],
+AC_MSG_RESULT(no))
+
+# if OPENLDAP is not found yet, try pkg-config
+
+if test "$with_openldap" = yes ; then # user wants to use openldap, but
didn't specify paths
+ if test -z "$openldap_inc" -o -z "$openldap_lib" -o -z
"$openldap_libdir"; then
+ AC_PATH_PROG(PKG_CONFIG, pkg-config)
+ AC_MSG_CHECKING(for OpenLDAP with pkg-config)
+ if test -n "$PKG_CONFIG" && $PKG_CONFIG --exists openldap; then
+ openldap_inc=`$PKG_CONFIG --cflags-only-I openldap`
+ openldap_lib=`$PKG_CONFIG --libs-only-L openldap`
+ openldap_libdir=`$PKG_CONFIG --libs-only-L openldap | sed -e s/-L// | sed -e s/\
.*$//`
+ openldap_incdir=`$PKG_CONFIG --variable=includedir openldap`
+ AC_MSG_RESULT([using system OpenLDAP from pkg-config])
+ else
+ openldap_incdir="/usr/include"
+ openldap_inc="-I$openldap_incdir"
+ AC_MSG_RESULT([no OpenLDAP pkg-config files])
+ fi
+ fi
+fi
+
+dnl lets see if we can find the headers and libs
+
+if test "$with_openldap" = yes ; then
+ save_cppflags="$CPPFLAGS"
+ CPPFLAGS="$openldap_inc $nss_inc $nspr_inc"
+ AC_CHECK_HEADER([ldap_features.h], [],
+ [AC_MSG_ERROR([specified with-openldap but ldap_features.h not found])])
+ dnl figure out which version we're using from the header file
+ ol_ver_maj=`grep LDAP_VENDOR_VERSION_MAJOR $openldap_incdir/ldap_features.h | awk
'{print $3}'`
+ ol_ver_min=`grep LDAP_VENDOR_VERSION_MINOR $openldap_incdir/ldap_features.h | awk
'{print $3}'`
+ ol_ver_pat=`grep LDAP_VENDOR_VERSION_PATCH $openldap_incdir/ldap_features.h | awk
'{print $3}'`
+ dnl full libname is libname-$maj.$min
+ ol_libver="-${ol_ver_maj}.${ol_ver_min}"
+ dnl look for ldap lib
+ save_ldflags="$LDFLAGS"
+ LDFLAGS="$openldap_lib $LDFLAGS"
+ AC_CHECK_LIB([ldap$ol_libver], [ldap_initialize], [have_ldap_lib=1])
+ if test -z "$have_ldap_lib" ; then
+ AC_CHECK_LIB([ldap], [ldap_initialize], [unset ol_libver],
+ [AC_MSG_ERROR([specified with-openldap but libldap not found])])
+ fi
+ dnl look for ldap_url_parse_ext
+ AC_CHECK_LIB([ldap$ol_libver], [ldap_url_parse_ext],
+ [AC_DEFINE([HAVE_LDAP_URL_PARSE_EXT], [1], [have the function ldap_url_parse_ext])])
+ LDFLAGS="$save_ldflags"
+ CPPFLAGS="$save_cppflags"
+
+ AC_DEFINE([USE_OPENLDAP], [1], [If defined, using OpenLDAP for LDAP SDK])
+fi
diff --git a/tests/nsroot.ldif b/tests/nsroot.ldif
deleted file mode 100644
index cbf3975..0000000
--- a/tests/nsroot.ldif
+++ /dev/null
@@ -1,1788 +0,0 @@
-version: 1
-
-# entry-id: 1
-dn: o=NetscapeRoot
-nsUniqueId: 5131a203-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: organization
-o: NetscapeRoot
-creatorsName: cn=directory manager
-modifiersName: cn=directory manager
-createTimestamp: 20070307172853Z
-modifyTimestamp: 20070307172853Z
-aci: (targetattr="*")(version 3.0; acl "Enable Configuration Administrator
Group modification"; allow (all) groupdn="ldap:///cn=Configuration
Administrators, ou=Groups, ou=TopologyManagement, o=NetscapeRoot";)
-aci: (targetattr="*")(targetfilter=(o=NetscapeRoot))(version 3.0; acl
"Default anonymous access"; allow (read, search)
userdn="ldap:///anyone";)
-aci: (targetattr="*")(version 3.0; acl "Enable Group Expansion";
allow (read, search, compare) groupdnattr="uniquemember";)
-
-# entry-id: 2
-dn: ou=TopologyManagement, o=NetscapeRoot
-nsUniqueId: 5131a204-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: organizationalunit
-ou: TopologyManagement
-description: Branch for Configuration Administration users and groups
-creatorsName: cn=directory manager
-modifiersName: cn=directory manager
-createTimestamp: 20070307172853Z
-modifyTimestamp: 20070307172853Z
-aci: (targetattr!="userPassword")(version 3.0; acl "Enable anonymous
access"; allow (read, search, compare)userdn="ldap:///anyone";)
-
-# entry-id: 3
-dn: ou=Groups, ou=TopologyManagement, o=NetscapeRoot
-nsUniqueId: 5131a205-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: organizationalunit
-ou: Groups
-description: Standard Branch for group entries
-creatorsName: cn=directory manager
-modifiersName: cn=directory manager
-createTimestamp: 20070307172853Z
-modifyTimestamp: 20070307172853Z
-
-# entry-id: 4
-dn: ou=Administrators, ou=TopologyManagement, o=NetscapeRoot
-nsUniqueId: 5131a206-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: organizationalunit
-ou: Administrators
-description: Standard branch for Configuration Administrator (uid) entries
-creatorsName: cn=directory manager
-modifiersName: cn=directory manager
-createTimestamp: 20070307172853Z
-modifyTimestamp: 20070307172853Z
-
-# entry-id: 5
-dn: cn=Configuration Administrators, ou=Groups, ou=TopologyManagement, o=NetscapeRoot
-nsUniqueId: 5131a207-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: groupofuniquenames
-cn: Configuration Administrators
-creatorsName: cn=directory manager
-modifiersName: cn=directory manager
-createTimestamp: 20070307172853Z
-modifyTimestamp: 20070307172853Z
-uniqueMember: uid=admin,ou=Administrators, ou=TopologyManagement, o=NetscapeRoot
-
-# entry-id: 6
-dn: uid=admin, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot
-nsUniqueId: 5131a208-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: person
-objectClass: organizationalperson
-objectClass: inetorgperson
-cn: Configuration Administrator
-sn: Administrator
-givenName: Configuration
-uid: admin
-passwordExpirationTime: 20380119031407Z
-userPassword: {SSHA}reJj+X8MTuLLpc8VfPDfBVsIKlP4md3HMd0ZSw==
-creatorsName: cn=directory manager
-modifiersName: cn=directory manager
-createTimestamp: 20070307172853Z
-modifyTimestamp: 20070307172853Z
-
-# entry-id: 7
-dn: ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a209-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: organizationalunit
-objectClass: nsadmindomain
-ou: localdomain
-description: Standard branch for configuration information
-nsAdminDomainName: localdomain
-creatorsName: cn=directory manager
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172853Z
-modifyTimestamp: 20070307172952Z
-aci: (targetattr=*)(targetfilter=(ou=localdomain))(version 3.0; acl "Enable
anonymous access"; allow(read,search) userdn="ldap:///anyone";)
-
-# entry-id: 8
-dn: ou=Global Preferences, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a20a-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: organizationalunit
-ou: Global Preferences
-creatorsName: cn=directory manager
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172853Z
-modifyTimestamp: 20070307174048Z
-aci: (targetattr=*)(version 3.0; acl "Enable anonymous access";
allow(read,search) userdn="ldap:///anyone";)
-description: Default branch for Fedora Server Products Global Preferences
-
-# entry-id: 9
-dn: ou=Host Preferences, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a20b-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: organizationalunit
-ou: Host Preferences
-creatorsName: cn=directory manager
-modifiersName: cn=directory manager
-createTimestamp: 20070307172853Z
-modifyTimestamp: 20070307172853Z
-
-# entry-id: 10
-dn: cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a20c-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nsHost
-objectClass: groupOfUniqueNames
-cn: localhost.localdomain
-serverHostName: localhost.localdomain
-nsOsVersion: Linux 2.6.9-42.0.8.ELsmp #1 SMP Tue Jan 23 13:01:26 EST 2007
-nsHardwarePlatform: i686
-aci: (targetattr= *)(targetfilter=(nshardwarePlatform=*))(version 3.0; acl "Enable
delegated access"; allow (read, search, compare)
groupdn="ldap:///cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot";)
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172853Z
-modifyTimestamp: 20070307172853Z
-uniqueMember: cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-
-# entry-id: 11
-dn: cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a20d-1dd211b2-8008e98c-0e470000
-objectClass: nsAdminGroup
-objectClass: groupOfUniqueNames
-objectClass: nsDirectoryInfo
-objectClass: top
-nsAdminGroupName: Server Group
-nsConfigRoot: /opt/fedora-ds
-nsDirectoryInfoRef: cn=UserDirectory, ou=Global Preferences, ou=localdomain,
o=NetscapeRoot
-nsAdminSIEDN: cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group,
cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-aci: (targetattr=*)(targetfilter=(nsconfigRoot=*))(version 3.0; acl "Enable
delegated access"; allow (read,search, compare) groupdn="ldap:///cn=Server
Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot";)
-aci: (targetattr=*)(version 3.0; acl "Enable delegated access"; allow
(read,search,compare) userdn="ldap:///cn=admin-serv-localhost, cn=Fedora
Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain,
o=NetscapeRoot";)
-cn: Server Group
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172853Z
-modifyTimestamp: 20070307172854Z
-uniqueMember: cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain,
ou=localdomain, o=NetscapeRoot
-uniqueMember: cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain,
ou=localdomain, o=NetscapeRoot
-
-# entry-id: 12
-dn: cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain,
ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a20e-1dd211b2-8008e98c-0e470000
-objectClass: nsApplication
-objectClass: groupOfUniqueNames
-objectClass: top
-cn: Fedora Directory Server
-nsProductName: Fedora Directory Server
-nsProductVersion: 1.1.0
-nsNickName: slapd
-nsBuildNumber: 2007.066.1710
-nsVendor: Fedora, Inc.
-nsInstalledLocation: /opt/fedora-ds
-installationTimeStamp: 20070307172853Z
-nsExpirationDate: 1183655405
-nsBuildSecurity: domestic
-aci: (targetattr=*)(targetfilter=(nsNickName=*))(version 3.0; acl "Enable delegated
access"; allow (read,search, compare) groupdn="ldap:///cn=Fedora Directory
Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot";)
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172853Z
-modifyTimestamp: 20070307172853Z
-uniqueMember: cn=slapd-localhost, cn=Fedora Directory Server, cn=Server Group,
cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsServerMigrationClassname:
com.netscape.admin.dirserv.task.MigrateCreate@ds11.jar(a)cn=admin-serv-localhost, cn=Fedora
Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain,
o=NetscapeRoot
-nsServerCreationClassname:
com.netscape.admin.dirserv.task.MigrateCreate@ds11.jar(a)cn=admin-serv-localhost, cn=Fedora
Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain,
o=NetscapeRoot
-
-# entry-id: 13
-dn: cn=slapd-localhost, cn=Fedora Directory Server, cn=Server Group,
cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a20f-1dd211b2-8008e98c-0e470000
-objectClass: netscapeServer
-objectClass: nsDirectoryServer
-objectClass: nsResourceRef
-objectClass: nsConfig
-objectClass: groupOfUniqueNames
-objectClass: top
-nsServerSecurity: off
-nsServerID: slapd-localhost
-nsBindDN: cn=Directory Manager
-nsBaseDN: dc=example,dc=com
-serverRoot: /opt/fedora-ds
-nsServerPort: 389
-nsSecureServerPort: 636
-serverProductName: Directory Server (localhost)
-serverVersionNumber: 1.1.0
-installationTimeStamp: 20070307172853Z
-nsSuiteSpotUser: nobody
-serverHostName: localhost.localdomain
-cn: slapd-localhost
-aci: (targetattr=*)(version 3.0; acl "Enable delegated access"; allow (read,
search, compare) groupdn="ldap:///cn=slapd-localhost, cn=Fedora Directory Server,
cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot";)
-aci: (targetattr="uniquemember || serverProductName || administratorContactInfo ||
userpassword || description")(targetfilter=(objectclass=netscapeServer))(version 3.0;
acl "Enable access delegation"; allow (write)
groupdn="ldap:///cn=slapd-localhost, cn=Fedora Directory Server, cn=Server Group,
cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot";)
-uniqueMember: cn=slapd-localhost, cn=Fedora Directory Server, cn=Server Group,
cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-uniqueMember: cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group,
cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-userPassword: {SSHA}o6R0OcE3A3L2Ja8oSy610p3d3sKSp+qMr1xvWQ==
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172853Z
-modifyTimestamp: 20070307172853Z
-
-# entry-id: 14
-dn: cn=configuration,cn=slapd-localhost, cn=Fedora Directory Server, cn=Server Group,
cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a210-1dd211b2-8008e98c-0e470000
-objectClass: nsResourceRef
-objectClass: nsAdminObject
-objectClass: nsDirectoryInfo
-objectClass: top
-cn: configuration
-nsClassname: com.netscape.admin.dirserv.DSAdmin@ds11.jar(a)cn=admin-serv-localhost,
cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain,
ou=localdomain, o=NetscapeRoot
-nsJarfilename: ds11.jar
-nsDirectoryInfoRef: cn=Server Group, cn=localhost.localdomain, ou=localdomain,
o=NetscapeRoot
-aci: (targetattr=*)(version 3.0; acl "Enable Server configuration"; allow (all)
groupdn="ldap:///cn=slapd-localhost, cn=Fedora Directory Server, cn=Server Group,
cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot";)
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172853Z
-modifyTimestamp: 20070307172853Z
-
-# entry-id: 15
-dn: cn=Tasks, cn=slapd-localhost, cn=Fedora Directory Server, cn=Server Group,
cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a211-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nsResourceRef
-cn: Tasks
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172853Z
-modifyTimestamp: 20070307172853Z
-
-# entry-id: 16
-dn: cn=Operation, cn=Tasks, cn=slapd-localhost, cn=Fedora Directory Server, cn=Server
Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a212-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstaskgroup
-nsTaskLabel: Operation Tasks Group
-cn: Operation
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172853Z
-modifyTimestamp: 20070307172853Z
-
-# entry-id: 17
-dn: cn=task summary, cn=Operation, cn=Tasks, cn=slapd-localhost, cn=Fedora Directory
Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a213-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nsConfig
-description: start stop restart Backup Restore KeyCert Authenticate CompleteImport
CompleteExport
-cn: task summary
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172853Z
-modifyTimestamp: 20070307172853Z
-
-# entry-id: 18
-dn: cn=start, cn=Operation, cn=Tasks, cn=slapd-localhost, cn=Fedora Directory Server,
cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a214-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsClassname: com.netscape.admin.dirserv.task.Start@ds11.jar(a)cn=admin-serv-localhost,
cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain,
ou=localdomain, o=NetscapeRoot
-nsExecRef: start
-cn: start
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172853Z
-modifyTimestamp: 20070307172853Z
-
-# entry-id: 19
-dn: cn=stop, cn=Operation, cn=Tasks, cn=slapd-localhost, cn=Fedora Directory Server,
cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a215-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsClassname: com.netscape.admin.dirserv.task.Stop@ds11.jar(a)cn=admin-serv-localhost,
cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain,
ou=localdomain, o=NetscapeRoot
-nsExecRef: shutdown
-cn: stop
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172853Z
-modifyTimestamp: 20070307172853Z
-
-# entry-id: 20
-dn: cn=restart, cn=Operation, cn=Tasks, cn=slapd-localhost, cn=Fedora Directory Server,
cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a216-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsClassname: com.netscape.admin.dirserv.task.Restart@ds11.jar(a)cn=admin-serv-localhost,
cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain,
ou=localdomain, o=NetscapeRoot
-nsExecRef: restart
-cn: restart
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172853Z
-modifyTimestamp: 20070307172853Z
-
-# entry-id: 21
-dn: cn=Backup, cn=operation, cn=Tasks, cn=slapd-localhost, cn=Fedora Directory Server,
cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a217-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsClassname: com.netscape.admin.dirserv.task.Backup@ds11.jar(a)cn=admin-serv-localhost,
cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain,
ou=localdomain, o=NetscapeRoot
-nsExecRef: ds_db2bak
-cn: Backup
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172853Z
-modifyTimestamp: 20070307172853Z
-
-# entry-id: 22
-dn: cn=Restore, cn=operation, cn=Tasks, cn=slapd-localhost, cn=Fedora Directory Server,
cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a218-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsClassname: com.netscape.admin.dirserv.task.Restore@ds11.jar(a)cn=admin-serv-localhost,
cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain,
ou=localdomain, o=NetscapeRoot
-nsExecRef: ds_bak2db
-cn: Restore
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172853Z
-modifyTimestamp: 20070307172853Z
-
-# entry-id: 23
-dn: cn=KeyCert, cn=operation, cn=Tasks, cn=slapd-localhost, cn=Fedora Directory Server,
cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a219-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsClassname: com.netscape.admin.dirserv.task.KeyCert@ds11.jar(a)cn=admin-serv-localhost,
cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain,
ou=localdomain, o=NetscapeRoot
-cn: KeyCert
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 24
-dn: cn=Authenticate, cn=operation, cn=Tasks, cn=slapd-localhost, cn=Fedora Directory
Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a21a-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsClassname:
com.netscape.admin.dirserv.task.Authenticate@ds11.jar(a)cn=admin-serv-localhost, cn=Fedora
Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain,
o=NetscapeRoot
-cn: Authenticate
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 25
-dn: cn=CompleteImport, cn=operation, cn=Tasks, cn=slapd-localhost, cn=Fedora Directory
Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a21b-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsClassname:
com.netscape.admin.dirserv.task.CompleteImport@ds11.jar(a)cn=admin-serv-localhost, cn=Fedora
Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain,
o=NetscapeRoot
-cn: CompleteImport
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 26
-dn: cn=CompleteExport, cn=operation, cn=Tasks, cn=slapd-localhost, cn=Fedora Directory
Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a21c-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsClassname:
com.netscape.admin.dirserv.task.CompleteExport@ds11.jar(a)cn=admin-serv-localhost, cn=Fedora
Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain,
o=NetscapeRoot
-cn: CompleteExport
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 27
-dn: cn=Export, cn=operation, cn=Tasks, cn=slapd-localhost, cn=Fedora Directory Server,
cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a21d-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsExecRef: ds_db2ldif
-cn: Export
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 28
-dn: cn=Import, cn=operation, cn=Tasks, cn=slapd-localhost, cn=Fedora Directory Server,
cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a21e-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsExecRef: ds_ldif2db
-cn: Import
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 29
-dn: cn=ViewLog, cn=operation, cn=Tasks, cn=slapd-localhost, cn=Fedora Directory Server,
cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a21f-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsExecRef: perl?ds_viewlog.pl
-cn: ViewLog
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 30
-dn: cn=ListBackups, cn=operation, cn=Tasks, cn=slapd-localhost, cn=Fedora Directory
Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a220-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsExecRef: ds_listdb
-cn: ListBackups
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 31
-dn: cn=Remove, cn=operation, cn=Tasks, cn=slapd-localhost, cn=Fedora Directory Server,
cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a221-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsExecRef: ds_remove
-cn: Remove
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 32
-dn: cn=CreateVLVIndex, cn=operation, cn=Tasks, cn=slapd-localhost, cn=Fedora Directory
Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a222-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsExecRef: vlvindex
-cn: CreateVLVIndex
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 33
-dn: cn=AddIndex, cn=operation, cn=Tasks, cn=slapd-localhost, cn=Fedora Directory Server,
cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a223-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsExecRef: addindex
-cn: AddIndex
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 34
-dn: cn=SNMPCtrl, cn=operation, cn=Tasks, cn=slapd-localhost, cn=Fedora Directory Server,
cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a224-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsExecRef: ds_snmpctrl
-cn: SNMPCtrl
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 35
-dn: cn=Tasks, cn=Fedora Directory Server, cn=Server Group, cn=localhost.localdomain,
ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a225-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nsResourceRef
-cn: Tasks
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 36
-dn: cn=Operation, cn=Tasks, cn=Fedora Directory Server, cn=Server Group,
cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a226-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstaskgroup
-nsTaskLabel: Operation Tasks Group
-cn: Operation
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 37
-dn: cn=Migrate, cn=Operation, cn=Tasks, cn=Fedora Directory Server, cn=Server Group,
cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a227-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsExecRef: perl?migrateInstance
-cn: Migrate
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 38
-dn: cn=Create, cn=Operation, cn=Tasks, cn=Fedora Directory Server, cn=Server Group,
cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a228-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsExecRef: ds_create
-cn: Create
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 39
-dn: cn=GetConfigInfo, cn=Operation, cn=Tasks, cn=Fedora Directory Server, cn=Server
Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a229-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsExecRef: perl?getConfigInfo
-cn: GetConfigInfo
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 40
-dn: cn=MigrateLocalDB, cn=Operation, cn=Tasks, cn=Fedora Directory Server, cn=Server
Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a22a-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsExecRef: perl?migrateLocalDB
-cn: MigrateLocalDB
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 41
-dn: ou=Admin, ou=Global Preferences, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a22b-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: organizationalUnit
-objectClass: extensibleObject
-ou: admin
-nsmerge: ADD_IF_EMPTY
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307174048Z
-
-# entry-id: 42
-dn: ou=4.0, ou=Admin, ou=Global Preferences, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a22c-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: organizationalunit
-objectClass: extensibleObject
-ou: 4.0
-nsmerge: ADD_IF_EMPTY
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307174048Z
-
-# entry-id: 43
-dn: cn=ResourceEditorExtension, ou=4.0, ou=Admin, ou=Global Preferences, ou=localdomain,
o=NetscapeRoot
-nsUniqueId: 5131a22d-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nsResourceRef
-objectClass: extensibleObject
-cn: ResourceEditorExtension
-nsmerge: ADD_IF_EMPTY
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307174048Z
-
-# entry-id: 44
-dn: cn=nsroledefinition, cn=ResourceEditorExtension, ou=4.0, ou=Admin, ou=Global
Preferences, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a22e-1dd211b2-8008e98c-0e470000
-cn: nsroledefinition
-objectClass: top
-objectClass: extensibleObject
-objectClass: nsResourceRef
-objectClass: nsAdminResourceEditorExtension
-objectClass: nsAdminObject
-nsClassname: com.netscape.admin.dirserv.roledit.ResEditorRoleInfo(a)ds11.jar
-nsClassname: com.netscape.admin.dirserv.roledit.ResEditorRoleMembers(a)ds11.jar
-nsClassname: com.netscape.admin.dirserv.roledit.ResEditorRoleAccountPage(a)ds11.jar
-nsmerge: {nsclassname}MULTI_MERGE
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307174048Z
-
-# entry-id: 45
-dn: cn=cossuperdefinition, cn=ResourceEditorExtension, ou=4.0, ou=Admin, ou=Global
Preferences, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a22f-1dd211b2-8008e98c-0e470000
-cn: cossuperdefinition
-objectClass: top
-objectClass: extensibleObject
-objectClass: nsResourceRef
-objectClass: nsAdminResourceEditorExtension
-objectClass: nsAdminObject
-nsClassname: com.netscape.admin.dirserv.cosedit.ResEditorCosInfo(a)ds11.jar
-nsClassname: com.netscape.admin.dirserv.cosedit.ResEditorCosAttributes(a)ds11.jar
-nsClassname: com.netscape.admin.dirserv.cosedit.ResEditorCosTemplate(a)ds11.jar
-nsmerge: {nsclassname}MULTI_MERGE
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307174048Z
-
-# entry-id: 46
-dn: cn=UserDirectory, ou=Global Preferences, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a230-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nsDirectoryInfo
-cn: UserDirectory
-nsDirectoryURL: ldap://localhost.localdomain:389/dc=example,dc=com
-nsDirectoryFailoverList:
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 47
-dn: cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain,
ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a238-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nsApplication
-objectClass: groupOfUniqueNames
-cn: Fedora Administration Server
-nsVendor: Fedora, Inc.
-nsProductName: Fedora Administration Server
-nsNickName: admin
-nsProductVersion: 7.0
-nsBuildNumber: 2006.207.021
-nsInstalledLocation: /opt/fedora-ds
-installationTimeStamp: 20070307172854Z
-nsBuildSecurity: domestic
-nsServerMigrationClassname:
com.netscape.management.admserv.AdminServerProduct(a)admserv70.jar
-aci: (targetattr=*)(targetfilter=(nsNickName=*))(version 3.0; acl "Enable delegated
access"; allow (read,search, compare) groupdn="ldap:///cn=Fedora Administration
Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot";)
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-uniqueMember: cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group,
cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-
-# entry-id: 48
-dn: cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group,
cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a239-1dd211b2-8008e98c-0e470000
-passwordExpirationTime: 20380118031417
-objectClass: top
-objectClass: netscapeServer
-objectClass: nsAdminServer
-objectClass: nsResourceRef
-objectClass: groupOfUniqueNames
-cn: admin-serv-localhost
-nsServerID: admin-serv
-serverRoot: /opt/fedora-ds
-serverProductName: Administration Server
-serverHostName: localhost.localdomain
-aci: (targetattr=*)(version 3.0; acl "Enable delegated access"; allow (read,
search, compare) groupdn="ldap:///cn=admin-serv-localhost, cn=Fedora Administration
Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot";)
-aci: (targetattr="uniquemember || serverProductName || administratorContactInfo ||
userpassword || description")(targetfilter=(objectclass=netscapeServer))(version 3.0;
acl "Enable access delegation"; allow (write)
groupdn="ldap:///cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server
Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot";)
-uniqueMember: cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group,
cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-installationTimeStamp: 20070307172854Z
-userPassword: {SSHA}/Hki1EvTkF/WHA9HGGvxDMWpyyydXINotO3v8g==
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 49
-dn: cn=configuration, cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server
Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a23a-1dd211b2-8008e98c-0e470000
-objectClass: nsConfig
-objectClass: nsAdminConfig
-objectClass: nsAdminObject
-objectClass: nsDirectoryInfo
-objectClass: top
-cn: Configuration
-nsServerPort: 32348
-nsSuiteSpotUser: root
-nsServerAddress:
-nsAdminEnableEnduser: new value
-nsAdminEnableDSGW: new value
-nsDirectoryInfoRef: cn=Server Group, cn=localhost.localdomain, ou=localdomain,
o=NetscapeRoot
-nsAdminUsers: admin-serv/config/admpw
-nsErrorLog: admin-serv/logs/error
-nsPidLog: admin-serv/logs/pid
-nsAccessLog: admin-serv/logs/access
-nsAdminCacheLifetime: new value
-nsAdminAccessHosts: new value
-nsAdminAccessAddresses: new value
-nsAdminOneACLDir: adminacl
-aci: (targetattr=*)(version 3.0; acl "Enable delegated admin to access
configuration"; allow (read,search) groupdn="ldap:///cn=Server Group,
cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot";)
-aci: (targetattr=*)(version 3.0; acl "Enable Server configuration"; allow (all)
groupdn="ldap:///cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server
Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot";)
-nsDefaultAcceptLanguage: en
-nsClassname:
com.netscape.management.admserv.AdminServer@admserv70.jar(a)cn=admin-serv-localhost,
cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain,
ou=localdomain, o=NetscapeRoot
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070418172330Z
-
-# entry-id: 50
-dn: cn=Tasks, cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group,
cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a23b-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nsResourceRef
-cn: Tasks
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 51
-dn: cn=Operation, cn=Tasks, cn=admin-serv-localhost, cn=Fedora Administration Server,
cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a23c-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstaskgroup
-nsTaskLabel: Operation Tasks Group
-cn: Operation
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 52
-dn: cn=Stop, cn=Operation, cn=Tasks, cn=admin-serv-localhost, cn=Fedora Administration
Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a23d-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsHelpRef: admin/stopadm.html
-nsExecRef: stopsrv
-nsClassname:
com.netscape.management.admserv.task.Stop@admserv70.jar(a)cn=admin-serv-localhost, cn=Fedora
Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain,
o=NetscapeRoot
-cn: Stop
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 53
-dn: cn=Restart, cn=Operation, cn=Tasks, cn=admin-serv-localhost, cn=Fedora Administration
Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a23e-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsHelpRef: admin/restartadm.html
-nsExecRef: restartsrv
-nsClassname:
com.netscape.management.admserv.task.Restart@admserv70.jar(a)cn=admin-serv-localhost,
cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain,
ou=localdomain, o=NetscapeRoot
-cn: Restart
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 54
-dn: cn=Authenticate, cn=Operation, cn=Tasks, cn=admin-serv-localhost, cn=Fedora
Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain,
o=NetscapeRoot
-nsUniqueId: 5131a23f-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-nsHelpRef: admin/userauth.html
-nsExecRef: userauth
-cn: Authenticate
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 55
-dn: cn=ListOldServers, cn=Operation, cn=Tasks, cn=admin-serv-localhost, cn=Fedora
Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain,
o=NetscapeRoot
-nsUniqueId: 5131a240-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsExecRef: listOldSrvs
-cn: ListOldServers
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 56
-dn: cn=StartConfigDS, cn=Operation, cn=Tasks, cn=admin-serv-localhost, cn=Fedora
Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain,
o=NetscapeRoot
-nsUniqueId: 5131a241-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-nsExecRef: start_config_ds
-cn: StartConfigDS
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 57
-dn: cn=MigrateConfig, cn=Operation, cn=Tasks, cn=admin-serv-localhost, cn=Fedora
Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain,
o=NetscapeRoot
-nsUniqueId: 5131a242-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsExecRef: migrateConfig
-cn: MigrateConfig
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 58
-dn: cn=MergeConfig, cn=Operation, cn=Tasks, cn=admin-serv-localhost, cn=Fedora
Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain,
o=NetscapeRoot
-nsUniqueId: 5131a243-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsExecRef: mergeConfig
-cn: MergeConfig
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 59
-dn: cn=StatusPing, cn=Operation, cn=Tasks, cn=admin-serv-localhost, cn=Fedora
Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain,
o=NetscapeRoot
-nsUniqueId: 5131a244-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsExecRef: statusping
-nsLogSuppress: true
-cn: StatusPing
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 60
-dn: cn=Configuration, cn=Tasks, cn=admin-serv-localhost, cn=Fedora Administration Server,
cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a245-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstaskgroup
-nsTaskLabel: Configuration Tasks Group
-cn: Configuration
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 61
-dn: cn=ServerSetup, cn=configuration, cn=Tasks, cn=admin-serv-localhost, cn=Fedora
Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain,
o=NetscapeRoot
-nsUniqueId: 5131a246-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsExecRef: config
-nsClassname:
com.netscape.management.admserv.task.ServerSetup@admserv70.jar(a)cn=admin-serv-localhost,
cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain,
ou=localdomain, o=NetscapeRoot
-cn: ServerSetup
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 62
-dn: cn=DirectorySetup, cn=configuration, cn=Tasks, cn=admin-serv-localhost, cn=Fedora
Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain,
o=NetscapeRoot
-nsUniqueId: 5131a247-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsExecRef: dsconfig
-cn: DirectorySetup
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 63
-dn: cn=UGDirectorySetup, cn=configuration, cn=Tasks, cn=admin-serv-localhost, cn=Fedora
Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain,
o=NetscapeRoot
-nsUniqueId: 5131a248-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsExecRef: ugdsconfig
-cn: UGDirectorySetup
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 64
-dn: cn=AccessSetup, cn=configuration, cn=Tasks, cn=admin-serv-localhost, cn=Fedora
Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain,
o=NetscapeRoot
-nsUniqueId: 5131a249-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsExecRef: admpw
-cn: AccessSetup
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 65
-dn: cn=Logging, cn=configuration, cn=Tasks, cn=admin-serv-localhost, cn=Fedora
Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain,
o=NetscapeRoot
-nsUniqueId: 5131a24a-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsHelpRef: admin/logging.html
-nsExecRef: config
-nsClassname:
com.netscape.management.admserv.task.Logging@admserv70.jar(a)cn=admin-serv-localhost,
cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain,
ou=localdomain, o=NetscapeRoot
-cn: Logging
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 66
-dn: cn=SecurityOp, cn=configuration, cn=Tasks, cn=admin-serv-localhost, cn=Fedora
Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain,
o=NetscapeRoot
-nsUniqueId: 5131a24b-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsExecRef: security
-cn: SecurityOp
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 67
-dn: cn=CertSetup, cn=configuration, cn=Tasks, cn=admin-serv-localhost, cn=Fedora
Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain,
o=NetscapeRoot
-nsUniqueId: 5131a24c-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsHelpRef: admin/certrequest.html
-nsClassname:
com.netscape.management.admserv.task.CertSetup@admserv70.jar(a)cn=admin-serv-localhost,
cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain,
ou=localdomain, o=NetscapeRoot
-cn: CertSetup
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 68
-dn: cn=SSLActivate, cn=configuration, cn=Tasks, cn=admin-serv-localhost, cn=Fedora
Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain,
o=NetscapeRoot
-nsUniqueId: 5131a24d-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsHelpRef: admin/ssl_activate.html
-nsExecRef: sec-activate
-cn: SSLActivate
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 69
-dn: cn=ReadLog, cn=configuration, cn=Tasks, cn=admin-serv-localhost, cn=Fedora
Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain,
o=NetscapeRoot
-nsUniqueId: 5131a24e-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsHelpRef: admin/logging.html
-nsExecRef: ReadLog
-cn: ReadLog
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 70
-dn: cn=HTMLAdmin, cn=configuration, cn=Tasks, cn=admin-serv-localhost, cn=Fedora
Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain,
o=NetscapeRoot
-nsUniqueId: 5131a24f-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsHelpRef: admin/htmladmin.html
-nsExecRef: htmladmin
-cn: HTMLAdmin
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 71
-dn: cn=StatPingServ, cn=configuration, cn=Tasks, cn=admin-serv-localhost, cn=Fedora
Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain,
o=NetscapeRoot
-nsUniqueId: 5131a250-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsHelpRef: admin/statpingserv.html
-nsExecRef: statpingserv
-cn: StatPingServ
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 72
-dn: cn=ViewData, cn=configuration, cn=Tasks, cn=admin-serv-localhost, cn=Fedora
Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain,
o=NetscapeRoot
-nsUniqueId: 5131a251-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsHelpRef: admin/viewdata.html
-nsExecRef: viewdata
-cn: ViewData
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 73
-dn: cn=ViewLog, cn=configuration, cn=Tasks, cn=admin-serv-localhost, cn=Fedora
Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain,
o=NetscapeRoot
-nsUniqueId: 5131a252-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsHelpRef: admin/viewlog.html
-nsExecRef: viewlog
-cn: ViewLog
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 74
-dn: cn=MonReplication, cn=configuration, cn=Tasks, cn=admin-serv-localhost, cn=Fedora
Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain,
o=NetscapeRoot
-nsUniqueId: 5131a253-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsHelpRef: admin/monreplication.html
-nsExecRef: monreplication
-cn: MonReplication
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 75
-dn: cn=repl-monitor-cgi.pl, cn=configuration, cn=Tasks, cn=admin-serv-localhost,
cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain,
ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a254-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsHelpRef: admin/monreplication.html
-nsExecRef: perl?repl-monitor-cgi.pl
-cn: repl-monitor-cgi.pl
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 76
-dn: cn=Commands, cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server
Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a255-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nsResourceRef
-cn: Commands
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 77
-dn: cn=sync-task-sie-data, cn=Commands, cn=admin-serv-localhost, cn=Fedora Administration
Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a256-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-nsHelpRef: admin/sync-task-sie-data.html
-nsExecRef: runtime
-cn: sync-task-sie-data
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 78
-dn: cn=change-sie-password, cn=Commands, cn=admin-serv-localhost, cn=Fedora
Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain,
o=NetscapeRoot
-nsUniqueId: 5131a257-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-nsExecRef: runtime
-cn: change-sie-password
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 79
-dn: ou=UserPreferences, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a258-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: organizationalUnit
-ou: UserPreferences
-aci: (targetattr = "*")(version 3.0; acl "Allow saving of User
Preferences"; allow (add) userdn = "ldap:///all";)
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 80
-dn: cn=Common, ou=Global Preferences, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a259-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nsResourceRef
-objectClass: nsGlobalParameters
-objectClass: extensibleObject
-cn: common
-nsUniqueAttribute: uid
-nsUserIDFormat: firstletter_lastname
-nsUserRDNComponent: uid
-nsGroupRDNComponent: cn
-nsmerge: {nsuniqueattribute}ADD_IF_EMPTY
-nsmerge: {nsuseridformat}ADD_IF_EMPTY
-nsmerge: {nsuserrdncomponent}ADD_IF_EMPTY
-nsmerge: {nsgrouprdncomponent}ADD_IF_EMPTY
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 81
-dn: cn=Client, ou=Admin, ou=Global Preferences, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a25a-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nsResourceRef
-objectClass: nsAdminGlobalParameters
-objectClass: extensibleObject
-cn: Client
-nsAdminEndUserHTMLIndex:
[--Category:general,General][--Option:edit.cgi?userpinfo,Personal
Information][--Option:edit.cgi?userpasswd,Password]
-nsNickName: admin,,Fedora Administration Server
-nsNickName: https,netshare,Fedora Enterprise Server
-nsNickName: httpd,httpd,Fedora FastTrack Server
-nsNickName: msg,msg,Fedora Messaging Server
-nsNickName: news,news,Fedora Collabra Server
-nsNickName: proxy,proxy,Fedora Proxy Server
-nsNickName: lmspd,lmspd,Fedora Media Server
-nsNickName: slapd,slapd,Fedora Directory Server
-nsNickName: cert,cert,Fedora Certificate Server
-nsNickName: compass,compass,Fedora Compass Server
-nsNickName: catalog,catalog,Fedora Catalog Server
-nsNickName: calendar,calendar,Fedora Calendar Server
-nsmerge: {nsadminenduserhtmlindex}MULTI_MERGE
-nsmerge: {nsnickname}MULTI_MERGE
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 82
-dn: cn=PublicViews, ou=4.0, ou=Admin, ou=Global Preferences, ou=localdomain,
o=NetscapeRoot
-nsUniqueId: 5131a25b-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nsAdminConsoleUser
-cn: PublicViews
-aci: (targetattr = "*")(version 3.0; acl "Allow Authenticated Users to
Save Public Views"; allow (all) userdn = "ldap:///all";)
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 83
-dn: cn=CustomView, ou=4.0, ou=Admin, ou=Global Preferences, ou=localdomain,
o=NetscapeRoot
-nsUniqueId: 5131a25c-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nsResourceRef
-cn: CustomView
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 84
-dn: cn=inetorgPerson, cn=ResourceEditorExtension, ou=4.0, ou=Admin, ou=Global
Preferences, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a25d-1dd211b2-8008e98c-0e470000
-cn: inetorgPerson
-objectClass: nsResourceRef
-objectClass: nsAdminResourceEditorExtension
-objectClass: top
-objectClass: extensibleObject
-objectClass: nsAdminObject
-nsClassname: com.netscape.management.client.ug.ResEditorUserPage
-nsClassname: com.netscape.management.client.ug.ResEditorAccountPage
-nsClassname: com.netscape.management.client.ug.LanguagePage
-nsClassname: com.netscape.management.client.ug.ResEditorNTUser
-nsClassname: com.netscape.management.client.ug.ResEditorPosixUser
-nsmerge: {nsclassname}MULTI_MERGE
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 85
-dn: cn=organizationalPerson, cn=ResourceEditorExtension, ou=4.0, ou=Admin, ou=Global
Preferences, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a25e-1dd211b2-8008e98c-0e470000
-cn: organizationalPerson
-objectClass: nsResourceRef
-objectClass: nsAdminResourceEditorExtension
-objectClass: top
-objectClass: extensibleObject
-objectClass: nsAdminObject
-nsClassname: com.netscape.management.client.ug.ResEditorUserPage
-nsClassname: com.netscape.management.client.ug.ResEditorAccountPage
-nsClassname: com.netscape.management.client.ug.LanguagePage
-nsmerge: {nsclassname}MULTI_MERGE
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 86
-dn: cn=groupofuniquenames, cn=ResourceEditorExtension, ou=4.0, ou=Admin, ou=Global
Preferences, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a25f-1dd211b2-8008e98c-0e470000
-cn: groupofuniquenames
-objectClass: nsResourceRef
-objectClass: nsAdminResourceEditorExtension
-objectClass: top
-objectClass: extensibleObject
-objectClass: nsAdminObject
-nsClassname: com.netscape.management.client.ug.ResEditorGroupInfo
-nsClassname: com.netscape.management.client.ug.ResEditorGroupMembers
-nsClassname: com.netscape.management.client.ug.ResEditorAccountPage
-nsClassname: com.netscape.management.client.ug.LanguagePage
-nsmerge: {nsclassname}MULTI_MERGE
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 87
-dn: cn=organizationalunit, cn=ResourceEditorExtension, ou=4.0, ou=Admin, ou=Global
Preferences, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a260-1dd211b2-8008e98c-0e470000
-cn: organizationalunit
-objectClass: nsResourceRef
-objectClass: nsAdminResourceEditorExtension
-objectClass: top
-objectClass: extensibleObject
-objectClass: nsAdminObject
-nsClassname: com.netscape.management.client.ug.OUPage
-nsClassname: com.netscape.management.client.ug.LanguagePage
-nsmerge: {nsclassname}MULTI_MERGE
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 88
-dn: cn=defaultObjectClassesContainer, ou=4.0, ou=Admin, ou=Global Preferences,
ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a261-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nsResourceRef
-cn: DefaultObjectClassesContainer
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 89
-dn: cn=user, cn=defaultObjectClassesContainer, ou=4.0, ou=Admin, ou=Global Preferences,
ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a262-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nsResourceRef
-objectClass: nsdefaultObjectClasses
-cn: user
-nsDefaultObjectClass: top
-nsDefaultObjectClass: person
-nsDefaultObjectClass: organizationalPerson
-nsDefaultObjectClass: inetorgperson
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 90
-dn: cn=group, cn=defaultObjectClassesContainer, ou=4.0, ou=Admin, ou=Global Preferences,
ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a263-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nsResourceRef
-objectClass: nsdefaultObjectClasses
-cn: group
-nsDefaultObjectClass: top
-nsDefaultObjectClass: groupofuniquenames
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 91
-dn: cn=ou, cn=defaultObjectClassesContainer, ou=4.0, ou=Admin, ou=Global Preferences,
ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a264-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nsResourceRef
-objectClass: nsdefaultObjectClasses
-cn: ou
-nsDefaultObjectClass: top
-nsDefaultObjectClass: organizationalunit
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 92
-dn: cn=topologyplugin, ou=4.0, ou=Admin, ou=Global Preferences, ou=localdomain,
o=NetscapeRoot
-nsUniqueId: 5131a265-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nsResourceRef
-objectClass: extensibleObject
-cn: topologyplugin
-nsmerge: ADD_IF_EMPTY
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 93
-dn: cn=defaultplugin, cn=topologyplugin, ou=4.0, ou=Admin, ou=Global Preferences,
ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a266-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstopologyplugin
-objectClass: extensibleObject
-objectClass: nsAdminObject
-cn: defaultplugin
-nsClassname: com.netscape.management.client.topology.DefaultTopologyPlugin
-nsmerge: {nsclassname}MULTI_MERGE
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172854Z
-modifyTimestamp: 20070307172854Z
-
-# entry-id: 94
-dn: ou="uid=admin, ou=Administrators, ou=TopologyManagement,
o=NetscapeRoot",ou=UserPreferences, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a267-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: organizationalUnit
-aci: (targetattr=*)(version 3.0; acl "UserDNControl"; allow (all)
userdnattr="creatorsname";)
-ou: uid=admin, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172916Z
-modifyTimestamp: 20070307172916Z
-
-# entry-id: 95
-dn: cn=UI,ou=4.0, ou=admin, ou=Global Preferences, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a268-1dd211b2-8008e98c-0e470000
-cn: UI
-objectClass: top
-objectClass: nsAdminConsoleUser
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172916Z
-modifyTimestamp: 20070307172916Z
-
-# entry-id: 96
-dn: ou=Console,ou="uid=admin, ou=Administrators, ou=TopologyManagement,
o=NetscapeRoot",ou=UserPreferences, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a269-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: organizationalUnit
-ou: Console
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172916Z
-modifyTimestamp: 20070307172916Z
-
-# entry-id: 97
-dn: ou=4.0,ou=Console,ou="uid=admin, ou=Administrators, ou=TopologyManagement,
o=NetscapeRoot",ou=UserPreferences, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 5131a26a-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: organizationalUnit
-ou: 4.0
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172916Z
-modifyTimestamp: 20070307172916Z
-
-# entry-id: 98
-dn: cn=General,ou=4.0,ou=Console,ou="uid=admin, ou=Administrators,
ou=TopologyManagement, o=NetscapeRoot",ou=UserPreferences, ou=localdomain,
o=NetscapeRoot
-nsUniqueId: 5131a26b-1dd211b2-8008e98c-0e470000
-cn: General
-objectClass: top
-objectClass: nsAdminConsoleUser
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172916Z
-modifyTimestamp: 20070307174343Z
-nsPreference::
IwojV2VkIE1hciAwNyAxMDo0Mzo0NCBNU1QgMjAwNwpXaWR0aD03NTAKU2hvd1N0YXR1c0Jhcj10cnVlClNob3dCYW5uZXJCYXI9dHJ1ZQpZPTE4NQpYPTIwMwpIZWlnaHQ9NTMwCg==
-
-# entry-id: 99
-dn: cn=Fonts,ou=4.0,ou=Console,ou="uid=admin, ou=Administrators,
ou=TopologyManagement, o=NetscapeRoot",ou=UserPreferences, ou=localdomain,
o=NetscapeRoot
-nsUniqueId: 5131a26c-1dd211b2-8008e98c-0e470000
-cn: Fonts
-objectClass: top
-objectClass: nsAdminConsoleUser
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172916Z
-modifyTimestamp: 20070307172916Z
-
-# entry-id: 100
-dn: cn=ResourcePage,ou=4.0,ou=Console,ou="uid=admin, ou=Administrators,
ou=TopologyManagement, o=NetscapeRoot",ou=UserPreferences, ou=localdomain,
o=NetscapeRoot
-nsUniqueId: 5131a26d-1dd211b2-8008e98c-0e470000
-cn: ResourcePage
-objectClass: top
-objectClass: nsAdminConsoleUser
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172916Z
-modifyTimestamp: 20070307174343Z
-nsPreference:: IwojV2VkIE1hciAwNyAxMDo0Mzo0NCBNU1QgMjAwNwpTaG93VHJlZT10cnVlCg==
-
-# entry-id: 101
-dn: cn=CustomViews,ou=4.0,ou=Console,ou="uid=admin, ou=Administrators,
ou=TopologyManagement, o=NetscapeRoot",ou=UserPreferences, ou=localdomain,
o=NetscapeRoot
-nsUniqueId: 5131a26e-1dd211b2-8008e98c-0e470000
-cn: CustomViews
-objectClass: top
-objectClass: nsAdminConsoleUser
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172916Z
-modifyTimestamp: 20070307172916Z
-
-# entry-id: 102
-dn: cn=slapd-localhost2, cn=Fedora Directory Server, cn=Server Group,
cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 73c3bb04-1dd211b2-8008e98c-0e470000
-objectClass: netscapeServer
-objectClass: nsDirectoryServer
-objectClass: nsResourceRef
-objectClass: nsConfig
-objectClass: groupOfUniqueNames
-objectClass: top
-nsServerSecurity: off
-nsServerID: slapd-localhost2
-nsBindDN: cn=directory manager
-nsBaseDN: dc=example,dc=com
-serverRoot: /opt/fedora-ds
-nsServerPort: 399
-nsSecureServerPort: 636
-serverProductName: Directory Server (localhost2)
-serverVersionNumber: 1.1.0
-installationTimeStamp: 20070307174048Z
-nsSuiteSpotUser: nobody
-serverHostName: localhost
-cn: slapd-localhost2
-aci: (targetattr=*)(version 3.0; acl "Enable delegated access"; allow (read,
search, compare) groupdn="ldap:///cn=slapd-localhost2, cn=Fedora Directory Server,
cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot";)
-aci: (targetattr="uniquemember || serverProductName || administratorContactInfo ||
userpassword || description")(targetfilter=(objectclass=netscapeServer))(version 3.0;
acl "Enable access delegation"; allow (write)
groupdn="ldap:///cn=slapd-localhost2, cn=Fedora Directory Server, cn=Server Group,
cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot";)
-uniqueMember: cn=slapd-localhost2, cn=Fedora Directory Server, cn=Server Group,
cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-uniqueMember: cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group,
cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-userPassword: {SSHA}KJeCJhQmZyQnjSR+AS1qL9wTa8rgaksW5Zcz6A==
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: cn=server,cn=plugins,cn=config
-createTimestamp: 20070307172952Z
-modifyTimestamp: 20070307174048Z
-passwordGraceUserTime: 0
-
-# entry-id: 103
-dn: cn=configuration,cn=slapd-localhost2, cn=Fedora Directory Server, cn=Server Group,
cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 73c3bb05-1dd211b2-8008e98c-0e470000
-objectClass: nsResourceRef
-objectClass: nsAdminObject
-objectClass: nsDirectoryInfo
-objectClass: top
-cn: configuration
-nsClassname: com.netscape.admin.dirserv.DSAdmin@ds11.jar(a)cn=admin-serv-localhost,
cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain,
ou=localdomain, o=NetscapeRoot
-nsJarfilename: ds11.jar
-nsDirectoryInfoRef: cn=Server Group, cn=localhost.localdomain, ou=localdomain,
o=NetscapeRoot
-aci: (targetattr=*)(version 3.0; acl "Enable Server configuration"; allow (all)
groupdn="ldap:///cn=slapd-localhost2, cn=Fedora Directory Server, cn=Server Group,
cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot";)
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172952Z
-modifyTimestamp: 20070307174048Z
-
-# entry-id: 104
-dn: cn=Tasks, cn=slapd-localhost2, cn=Fedora Directory Server, cn=Server Group,
cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 73c3bb06-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nsResourceRef
-cn: Tasks
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172952Z
-modifyTimestamp: 20070307174048Z
-
-# entry-id: 105
-dn: cn=Operation, cn=Tasks, cn=slapd-localhost2, cn=Fedora Directory Server, cn=Server
Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 73c3bb07-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstaskgroup
-nsTaskLabel: Operation Tasks Group
-cn: Operation
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172952Z
-modifyTimestamp: 20070307174048Z
-
-# entry-id: 106
-dn: cn=task summary, cn=Operation, cn=Tasks, cn=slapd-localhost2, cn=Fedora Directory
Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 73c3bb08-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nsConfig
-description: start stop restart Backup Restore KeyCert Authenticate CompleteImport
CompleteExport
-cn: task summary
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172952Z
-modifyTimestamp: 20070307174048Z
-
-# entry-id: 107
-dn: cn=start, cn=Operation, cn=Tasks, cn=slapd-localhost2, cn=Fedora Directory Server,
cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 73c3bb09-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsClassname: com.netscape.admin.dirserv.task.Start@ds11.jar(a)cn=admin-serv-localhost,
cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain,
ou=localdomain, o=NetscapeRoot
-nsExecRef: start
-cn: start
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172952Z
-modifyTimestamp: 20070307174048Z
-
-# entry-id: 108
-dn: cn=stop, cn=Operation, cn=Tasks, cn=slapd-localhost2, cn=Fedora Directory Server,
cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 73c3bb0a-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsClassname: com.netscape.admin.dirserv.task.Stop@ds11.jar(a)cn=admin-serv-localhost,
cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain,
ou=localdomain, o=NetscapeRoot
-nsExecRef: shutdown
-cn: stop
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172952Z
-modifyTimestamp: 20070307174048Z
-
-# entry-id: 109
-dn: cn=restart, cn=Operation, cn=Tasks, cn=slapd-localhost2, cn=Fedora Directory Server,
cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 73c3bb0b-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsClassname: com.netscape.admin.dirserv.task.Restart@ds11.jar(a)cn=admin-serv-localhost,
cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain,
ou=localdomain, o=NetscapeRoot
-nsExecRef: restart
-cn: restart
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172952Z
-modifyTimestamp: 20070307174048Z
-
-# entry-id: 110
-dn: cn=Backup, cn=operation, cn=Tasks, cn=slapd-localhost2, cn=Fedora Directory Server,
cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 73c3bb0c-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsClassname: com.netscape.admin.dirserv.task.Backup@ds11.jar(a)cn=admin-serv-localhost,
cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain,
ou=localdomain, o=NetscapeRoot
-nsExecRef: ds_db2bak
-cn: Backup
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172952Z
-modifyTimestamp: 20070307174048Z
-
-# entry-id: 111
-dn: cn=Restore, cn=operation, cn=Tasks, cn=slapd-localhost2, cn=Fedora Directory Server,
cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 73c3bb0d-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsClassname: com.netscape.admin.dirserv.task.Restore@ds11.jar(a)cn=admin-serv-localhost,
cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain,
ou=localdomain, o=NetscapeRoot
-nsExecRef: ds_bak2db
-cn: Restore
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172952Z
-modifyTimestamp: 20070307174048Z
-
-# entry-id: 112
-dn: cn=KeyCert, cn=operation, cn=Tasks, cn=slapd-localhost2, cn=Fedora Directory Server,
cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 73c3bb0e-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsClassname: com.netscape.admin.dirserv.task.KeyCert@ds11.jar(a)cn=admin-serv-localhost,
cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain,
ou=localdomain, o=NetscapeRoot
-cn: KeyCert
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172952Z
-modifyTimestamp: 20070307174048Z
-
-# entry-id: 113
-dn: cn=Authenticate, cn=operation, cn=Tasks, cn=slapd-localhost2, cn=Fedora Directory
Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 73c3bb0f-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsClassname:
com.netscape.admin.dirserv.task.Authenticate@ds11.jar(a)cn=admin-serv-localhost, cn=Fedora
Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain,
o=NetscapeRoot
-cn: Authenticate
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172952Z
-modifyTimestamp: 20070307174048Z
-
-# entry-id: 114
-dn: cn=CompleteImport, cn=operation, cn=Tasks, cn=slapd-localhost2, cn=Fedora Directory
Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 73c3bb10-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsClassname:
com.netscape.admin.dirserv.task.CompleteImport@ds11.jar(a)cn=admin-serv-localhost, cn=Fedora
Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain,
o=NetscapeRoot
-cn: CompleteImport
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172952Z
-modifyTimestamp: 20070307174048Z
-
-# entry-id: 115
-dn: cn=CompleteExport, cn=operation, cn=Tasks, cn=slapd-localhost2, cn=Fedora Directory
Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 73c3bb11-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsClassname:
com.netscape.admin.dirserv.task.CompleteExport@ds11.jar(a)cn=admin-serv-localhost, cn=Fedora
Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain,
o=NetscapeRoot
-cn: CompleteExport
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172952Z
-modifyTimestamp: 20070307174048Z
-
-# entry-id: 116
-dn: cn=Export, cn=operation, cn=Tasks, cn=slapd-localhost2, cn=Fedora Directory Server,
cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 73c3bb12-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsExecRef: ds_db2ldif
-cn: Export
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172952Z
-modifyTimestamp: 20070307174048Z
-
-# entry-id: 117
-dn: cn=Import, cn=operation, cn=Tasks, cn=slapd-localhost2, cn=Fedora Directory Server,
cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 73c3bb13-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsExecRef: ds_ldif2db
-cn: Import
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172952Z
-modifyTimestamp: 20070307174048Z
-
-# entry-id: 118
-dn: cn=ViewLog, cn=operation, cn=Tasks, cn=slapd-localhost2, cn=Fedora Directory Server,
cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 73c3bb14-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsExecRef: perl?ds_viewlog.pl
-cn: ViewLog
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172952Z
-modifyTimestamp: 20070307174048Z
-
-# entry-id: 119
-dn: cn=ListBackups, cn=operation, cn=Tasks, cn=slapd-localhost2, cn=Fedora Directory
Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 73c3bb15-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsExecRef: ds_listdb
-cn: ListBackups
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172952Z
-modifyTimestamp: 20070307174048Z
-
-# entry-id: 120
-dn: cn=Remove, cn=operation, cn=Tasks, cn=slapd-localhost2, cn=Fedora Directory Server,
cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 73c3bb16-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsExecRef: ds_remove
-cn: Remove
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172952Z
-modifyTimestamp: 20070307174048Z
-
-# entry-id: 121
-dn: cn=CreateVLVIndex, cn=operation, cn=Tasks, cn=slapd-localhost2, cn=Fedora Directory
Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 73c3bb17-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsExecRef: vlvindex
-cn: CreateVLVIndex
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172952Z
-modifyTimestamp: 20070307174048Z
-
-# entry-id: 122
-dn: cn=AddIndex, cn=operation, cn=Tasks, cn=slapd-localhost2, cn=Fedora Directory Server,
cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 73c3bb18-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsExecRef: addindex
-cn: AddIndex
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172952Z
-modifyTimestamp: 20070307174048Z
-
-# entry-id: 123
-dn: cn=SNMPCtrl, cn=operation, cn=Tasks, cn=slapd-localhost2, cn=Fedora Directory Server,
cn=Server Group, cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-nsUniqueId: 73c3bb19-1dd211b2-8008e98c-0e470000
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsExecRef: ds_snmpctrl
-cn: SNMPCtrl
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307172952Z
-modifyTimestamp: 20070307174048Z
-
-# entry-id: 127
-dn: cn=DS_MISCELLANEOUS,ou=4.0,ou=Console,ou="uid=admin, ou=Administrators,
ou=TopologyManagement, o=NetscapeRoot",ou=UserPreferences, ou=localdomain,
o=NetscapeRoot
-nsUniqueId: 73c3bb20-1dd211b2-8008e98c-0e470000
-cn: DS_MISCELLANEOUS
-objectClass: top
-objectClass: nsAdminConsoleUser
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307173028Z
-modifyTimestamp: 20070307173028Z
-
-# entry-id: 128
-dn: cn=TaskTab,ou=4.0,ou=Console,ou="uid=admin, ou=Administrators,
ou=TopologyManagement, o=NetscapeRoot",ou=UserPreferences, ou=localdomain,
o=NetscapeRoot
-nsUniqueId: 73c3bb21-1dd211b2-8008e98c-0e470000
-cn: TaskTab
-objectClass: top
-objectClass: nsAdminConsoleUser
-creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
-createTimestamp: 20070307173030Z
-modifyTimestamp: 20070307173030Z
-
diff --git a/tests/psetreadssl.c b/tests/psetreadssl.c
index a266f9b..3f5f04e 100644
--- a/tests/psetreadssl.c
+++ b/tests/psetreadssl.c
@@ -26,11 +26,48 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
+#include "libadminutil/distadm.h"
#include "libadminutil/admutil.h"
#include "libadminutil/srvutil.h"
#include "libadmsslutil/psetcssl.h"
#include "libadmsslutil/admsslutil.h"
+#include <nss.h>
+#include <ssl.h>
+
+static void
+dump_pset_node(PsetHndl pset, char *nodeName)
+{
+ char buf[BUFSIZ];
+ int rval = 0;
+ AttributeList iter;
+ AttributePtr attrPtr = NULL;
+ AttributeList nodeAttrs = psetGetAllAttrsACI(pset, nodeName, &rval);
+
+ fprintf(stderr, "pset operation returned [%d: %s]\n", rval,
psetErrorString(rval, NULL, buf, sizeof(buf), NULL));
+ if (!nodeAttrs) {
+ goto localdone;
+ }
+
+ iter = nodeAttrs;
+ while ((attrPtr = *iter++)) {
+ char *p = NULL;
+ int ii = 0;
+ if (attrPtr->attrVal) {
+ for (p = attrPtr->attrVal[0]; attrPtr->attrVal &&
attrPtr->attrVal[ii];
+ p = attrPtr->attrVal[++ii]) {
+ fprintf(stderr, "%s: %s\n", attrPtr->attrName,
attrPtr->attrVal[ii]);
+ }
+ }
+ }
+
+localdone:
+ deleteAttributeList(nodeAttrs);
+
+ return;
+}
+
+int
main(int ac, char **av)
{
int _ai=ADMUTIL_Init();
@@ -38,10 +75,6 @@ main(int ac, char **av)
char *configdir = NULL;
char *securitydir = NULL;
int rval = 0;
- AttributeList nodeAttrs = NULL;
- AttributeList iter = NULL;
- char *nodeName = NULL;
- AttributePtr attrPtr = NULL;
char buf[BUFSIZ];
if (ac > 1) {
@@ -74,58 +107,31 @@ main(int ac, char **av)
goto done;
}
- pset = psetCreateSSL("slapd-localhost", configdir, NULL, NULL, &rval);
+ pset = psetCreateSSL("slapd-ds", configdir, NULL, NULL, &rval);
fprintf(stderr, "pset operation returned [%d: %s]\n", rval,
psetErrorString(rval, NULL, buf, sizeof(buf), NULL));
- if (!pset || rval) {
+ if (!pset || (rval && (rval != PSET_LOCAL_OPEN_FAIL))) { /* no local file for
slapd - OK */
goto done;
}
- nodeName = PL_strdup("");
+ dump_pset_node(pset, "");
+ dump_pset_node(pset, "configuration");
- nodeAttrs = psetGetAllAttrsACI(pset, nodeName, &rval);
- fprintf(stderr, "pset operation returned [%d: %s]\n", rval,
psetErrorString(rval, NULL, buf, sizeof(buf), NULL));
- if (!nodeAttrs) {
- goto done;
- }
-
- iter = nodeAttrs;
- while (attrPtr = *iter++) {
- char *p = NULL;
- int ii = 0;
- for (p = attrPtr->attrVal[0]; attrPtr->attrVal &&
attrPtr->attrVal[ii];
- p = attrPtr->attrVal[++ii]) {
- fprintf(stderr, "%s: %s\n", attrPtr->attrName,
attrPtr->attrVal[ii]);
- }
- }
- deleteAttributeList(nodeAttrs);
- nodeAttrs = NULL;
-
- PL_strfree(nodeName);
- nodeName = PL_strdup("configuration");
-
- nodeAttrs = psetGetAllAttrsACI(pset, nodeName, &rval);
+ psetDelete(pset);
+ pset = psetCreateSSL(NULL, configdir, NULL, NULL, &rval); /* admin-serv */
fprintf(stderr, "pset operation returned [%d: %s]\n", rval,
psetErrorString(rval, NULL, buf, sizeof(buf), NULL));
- if (!nodeAttrs) {
+ if (!pset || rval) { /* no local file for slapd - OK */
goto done;
}
- iter = nodeAttrs;
- while (attrPtr = *iter++) {
- char *p = NULL;
- int ii = 0;
- for (p = attrPtr->attrVal[0]; attrPtr->attrVal &&
attrPtr->attrVal[ii];
- p = attrPtr->attrVal[++ii]) {
- fprintf(stderr, "%s: %s\n", attrPtr->attrName,
attrPtr->attrVal[ii]);
- }
- }
+ dump_pset_node(pset, "");
+ dump_pset_node(pset, "configuration");
done:
free(configdir);
free(securitydir);
psetDelete(pset);
- deleteAttributeList(nodeAttrs);
- PL_strfree(nodeName);
SSL_ClearSessionCache();
NSS_Shutdown();
+ PR_Cleanup();
exit(rval);
}
diff --git a/tests/retrieveSIEssl.c b/tests/retrieveSIEssl.c
index 3d54ef1..de1e9a9 100644
--- a/tests/retrieveSIEssl.c
+++ b/tests/retrieveSIEssl.c
@@ -46,7 +46,6 @@ main(int ac, char **av)
int siecnt = 0;
char *host = NULL;
char *siedn = NULL;
- char *siepwd = NULL;
char buf[BUFSIZ];
char *userdn;
char *passwd;
@@ -116,7 +115,7 @@ main(int ac, char **av)
}
/* Create Pset for each individual server */
rval = 0;
- pset = psetRealCreateSSL(host,
+ pset = psetRealCreateSSL(ldapInfo, host,
admldapGetPort(ldapInfo),
admldapGetSecurity(ldapInfo),
*p,
@@ -180,5 +179,6 @@ done:
destroyAdmldap(ldapInfo);
SSL_ClearSessionCache();
NSS_Shutdown();
+ PR_Cleanup();
exit(rval);
}
diff --git a/tests/setup.sh b/tests/setup.sh
index 00b47fa..d6bb1e3 100755
--- a/tests/setup.sh
+++ b/tests/setup.sh
@@ -1,58 +1,144 @@
#!/bin/sh
testdir="$1"
-#sroot=/home/$USER/11srv
-sroot=/export/rmeggins/11srv
-port=1100
-secport=1101
+hostname=vmhost.testdomain.com
+domain=testdomain.com
+sroot=/home/$USER/dsol
+port=1200
+secport=1201
rootdn="cn=directory manager"
+escapedrootdn='cn\\\\3Ddirectory manager'
rootpw=password
-#adminpw=boguspassword
+adminpw=boguspassword
adminpw=admin
#needinstance=1
-needdata=1
-#usessl=1
-secdir=/path/to/etc/fedora-ds/slapd-localhost
-PATH=/usr/lib64/mozldap:$PATH
-export PATH
+#needdata=1
+usessl=1
+secdir=/home/$USER/save
+#PATH=/usr/lib64/mozldap:$PATH
+#export PATH
+instance=ds
if [ "$needinstance" ] ; then
-$sroot/bin/ds_newinst.pl - <<EOF
+$sroot/sbin/setup-ds.pl -s -f - <<EOF
[General]
-FullMachineName= localhost.localdomain
+FullMachineName= $hostname
SuiteSpotUserID= $USER
-ServerRoot= $sroot/lib/fedora-ds
[slapd]
ServerPort= $port
-ServerIdentifier= localhost
+ServerIdentifier= $instance
Suffix= o=NetscapeRoot
RootDN= $rootdn
RootDNPwd= $rootpw
EOF
+
+sslconf=/tmp/sslconf.$$.ldif
+cat > $sslconf <<EOF
+dn: cn=encryption,cn=config
+changetype: modify
+replace: nsSSL3
+nsSSL3: on
+-
+replace: nsSSLClientAuth
+nsSSLClientAuth: allowed
+-
+add: nsSSL3Ciphers
+nsSSL3Ciphers: -rsa_null_md5,+rsa_rc4_128_md5,+rsa_rc4_40_md5,+rsa_rc2_40_md5,
+ +rsa_des_sha,+rsa_fips_des_sha,+rsa_3des_sha,+rsa_fips_3des_sha,+fortezza,
+ +fortezza_rc4_128_sha,+fortezza_null,+tls_rsa_export1024_with_rc4_56_sha,
+ +tls_rsa_export1024_with_des_cbc_sha
+
+dn: cn=config
+changetype: modify
+add: nsslapd-security
+nsslapd-security: on
+-
+replace: nsslapd-ssl-check-hostname
+nsslapd-ssl-check-hostname: off
+-
+replace: nsslapd-secureport
+nsslapd-secureport: $secport
+
+dn: cn=RSA,cn=encryption,cn=config
+changetype: add
+objectclass: top
+objectclass: nsEncryptionModule
+cn: RSA
+nsSSLPersonalitySSL: Server-Cert
+nsSSLToken: internal (software)
+nsSSLActivation: on
+
+EOF
+
+ldapmodify -x -h $hostname -p $port -D "$rootdn" -w "$rootpw" -c -f
$sslconf
+rm -f $sslconf
+
+$sroot/lib/dirsrv/slapd-$instance/stop-slapd
+cp $secdir/*.db $sroot/etc/dirsrv/slapd-$instance
+cp $secdir/pin.txt $sroot/etc/dirsrv/slapd-$instance
+$sroot/lib/dirsrv/slapd-$instance/start-slapd
+
fi
if [ "$needdata" ] ; then
-$sroot/lib/fedora-ds/slapd-localhost/ldif2db.pl -D "$rootdn" -w
"$rootpw" -n userRoot -i $testdir/nsroot.ldif
-sleep 10
+ for file in $testdir/*.ldif.tmpl ; do
+ sed \
+ -e "s/%as_uid%/admin/g" \
+ -e "s/%as_passwd%/admin/g" \
+ -e "s/%domain%/$domain/g" \
+ -e "s/%console_version%/0.0/g" \
+ -e "s/%as_baseversion%/0.0/g" \
+ -e "s/%ds_console_jar%/389-ds.jar/g" \
+ -e "s/%fqdn%/$hostname/g" \
+ -e "s/%ds_port%/$port/g" \
+ -e "s/%ds_secure_port%/$secport/g" \
+ -e "s/%ds_suffix%/$suffix/g" \
+ -e "s/%ds_user%/$USER/g" \
+ -e "s/%brand%/389/g" \
+ -e "s/%dsid%/$instance/g" \
+ -e "s,%uname_a%,`uname -a`,g" \
+ -e "s/%uname_m%/`uname -m`/g" \
+ -e "s/%ds_version%/0.0/g" \
+ -e "s/%ds_buildnum%/0.0/g" \
+ -e "s/%asid%/$instance/g" \
+ -e "s/%vendor%/389/g" \
+ -e "s/%timestamp%/`date`/g" \
+ -e "s/%rootdn%/$rootdn/g" \
+ -e "s/%escapedrootdn%/$escapedrootdn/g" \
+ -e "s/%ds_sie%/cn=slapd-$instance,cn=389 Directory Server,cn=Server
Group,cn=$hostname,ou=$domain,o=NetscapeRoot/g" \
+ -e "s/%as_sie%/cn=admin-serv-$instance,cn=389 Administration
Server,cn=Server Group,cn=$hostname,ou=$domain,o=NetscapeRoot/g" \
+ -e "s/%as_version%/0.0/g" \
+ -e "s/%as_buildnum%/0.0/g" \
+ -e "s/%as_console_jar%/389-admin.jar/g" \
+ -e "s/%as_port%/9830/g" \
+ -e "s/%as_user%/$USER/g" \
+ -e "s/%as_addr%/127.0.0.1/g" \
+ -e "s,%admpw%,testtmp/admpw,g" \
+ -e "s,%as_error%,testtmp/error,g" \
+ -e "s,%as_access%,testtmp/access,g" \
+ -e "s,%as_pid%,testtmp/pid,g" \
+ -e "s,%as_help_path%,testtmp,g" $file | ldapmodify -x -h $hostname
-p $port -D "$rootdn" -w "$rootpw" -a -c
+ done
fi
rm -rf testtmp
mkdir testtmp
if [ "$usessl" ] ; then
- ldapurl="ldaps://localhost:$secport/o=NetscapeRoot"
+ ldapurl="ldaps://$hostname:$secport/o=NetscapeRoot"
else
- ldapurl="ldap://localhost:$port/o=NetscapeRoot"
+ ldapurl="ldap://$hostname:$port/o=NetscapeRoot"
fi
cat > testtmp/adm.conf <<EOF
ldapurl: $ldapurl
-ldapHost: localhost.localdomain
+ldapHost: $hostname
ldapPort: $port
-sie: cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group,
cn=localhost.localdomain, ou=localdomain, o=NetscapeRoot
-isie: cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain,
ou=localdomain, o=NetscapeRoot
-port: 32348
-ldapStart: slapd-localhost/start-slapd
+sie: cn=admin-serv-$instance,cn=389 Administration Server,cn=Server
Group,cn=$hostname,ou=$domain,o=NetscapeRoot
+isie: cn=389 Administration Server,cn=Server
Group,cn=$hostname,ou=$domain,o=NetscapeRoot
+port: 9830
+ldapStart: slapd-$instance/start-slapd
+securitydir: $secdir
EOF
cat > testtmp/admpw <<EOF
@@ -65,7 +151,7 @@ cat > $pwpfile <<EOF
User: admin
Password: $adminpw
-UserDN: uid=admin, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot
+UserDN: uid=admin,ou=Administrators,ou=TopologyManagement,o=NetscapeRoot
SIEPWD: $adminpw
EOF
@@ -76,8 +162,8 @@ break main
run $dir/testtmp $secdir < $pwpfile
EOF
-VALGRIND="valgrind --log-file=/var/tmp/vg.out --tool=memcheck --leak-check=yes
--suppressions=/home/rmeggins/valgrind.supp --num-callers=40 "
-GDB="gdb -x .gdbinit "
+VALGRIND="valgrind --tool=memcheck --leak-check=yes
--suppressions=/share/scripts/valgrind.supp --num-callers=40
--log-file=/var/tmp/vg.out"
+#GDB="gdb -x .gdbinit "
NOSSLTESTS="retrieveSIE psetread psetwrite"
SSLTESTS="retrieveSIEssl psetreadssl"
@@ -87,8 +173,14 @@ else
TESTS="$NOSSLTESTS"
fi
for test in $TESTS ; do
-# ./libtool --mode execute $GDB ./$test
- cat $pwpfile | ./libtool --mode execute $VALGRIND ./$test $dir/testtmp $secdir
+ if [ -n "$GDB" ] ; then
+ ./libtool --mode execute $GDB ./$test
+ else
+ if [ -n "$VALGRIND" ] ; then
+ VGLOG=".$test"
+ fi
+ cat $pwpfile | ./libtool --mode execute ${VALGRIND}$VGLOG ./$test $dir/testtmp
$secdir
+ fi
done
rm -f $pwpfile .gdbinit