10Sstevel@tonic-gate /*
20Sstevel@tonic-gate * CDDL HEADER START
30Sstevel@tonic-gate *
40Sstevel@tonic-gate * The contents of this file are subject to the terms of the
5*11262SRajagopal.Andra@Sun.COM * Common Development and Distribution License (the "License").
6*11262SRajagopal.Andra@Sun.COM * You may not use this file except in compliance with the License.
70Sstevel@tonic-gate *
80Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
90Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing.
100Sstevel@tonic-gate * See the License for the specific language governing permissions
110Sstevel@tonic-gate * and limitations under the License.
120Sstevel@tonic-gate *
130Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each
140Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
150Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the
160Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying
170Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner]
180Sstevel@tonic-gate *
190Sstevel@tonic-gate * CDDL HEADER END
200Sstevel@tonic-gate */
210Sstevel@tonic-gate /*
220Sstevel@tonic-gate * ns_ldap.c
230Sstevel@tonic-gate *
24*11262SRajagopal.Andra@Sun.COM * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
250Sstevel@tonic-gate * Use is subject to license terms.
260Sstevel@tonic-gate */
270Sstevel@tonic-gate
280Sstevel@tonic-gate #include <stdio.h>
290Sstevel@tonic-gate #include <stdlib.h>
300Sstevel@tonic-gate #include <syslog.h>
310Sstevel@tonic-gate #include <string.h>
320Sstevel@tonic-gate #include <ctype.h>
330Sstevel@tonic-gate #include <nsswitch.h>
340Sstevel@tonic-gate #include <sys/param.h>
350Sstevel@tonic-gate #include <sys/types.h>
360Sstevel@tonic-gate #include <rpc/rpc.h>
370Sstevel@tonic-gate #include <rpcsvc/nfs_prot.h>
380Sstevel@tonic-gate #include <sys/errno.h>
390Sstevel@tonic-gate #include <libintl.h>
400Sstevel@tonic-gate #include "automount.h"
410Sstevel@tonic-gate #include "../../../lib/libsldap/common/ns_sldap.h"
420Sstevel@tonic-gate
430Sstevel@tonic-gate /*
440Sstevel@tonic-gate * LDAP schema used for automounter:
450Sstevel@tonic-gate *
460Sstevel@tonic-gate * automountMapName: mapname i.e. auto_home, etc.
470Sstevel@tonic-gate * automountKey: contains the key i.e. the mount point
480Sstevel@tonic-gate * automountInformation: contains the mount options and remote mount location
490Sstevel@tonic-gate * description: an optional description (not used by automounter)
500Sstevel@tonic-gate *
510Sstevel@tonic-gate * For example, if auto_direct has the following line of data:
520Sstevel@tonic-gate *
530Sstevel@tonic-gate * /work -rw,intr,nosuid,noquota hosta:/export/work
540Sstevel@tonic-gate *
550Sstevel@tonic-gate * Then this would map to the the following LDAP entry:
560Sstevel@tonic-gate *
570Sstevel@tonic-gate * dn: automountKey=/work,automountMapName=auto_direct,...
580Sstevel@tonic-gate * automountKey: /work
590Sstevel@tonic-gate * automountInformation: -rw,intr,nosuid,noquota hosta:/export/work
600Sstevel@tonic-gate * objectclass: top
610Sstevel@tonic-gate * objectclass: automount
620Sstevel@tonic-gate *
630Sstevel@tonic-gate * In this container:
640Sstevel@tonic-gate *
650Sstevel@tonic-gate * dn: automountMapName=auto_direct,...
660Sstevel@tonic-gate * automountMapName: auto_direct
670Sstevel@tonic-gate * objectClass: top
680Sstevel@tonic-gate * objectClass: automountMap
690Sstevel@tonic-gate *
700Sstevel@tonic-gate * Note that the schema can be mapped and SSD's can be used to relocate
710Sstevel@tonic-gate * the default location of these entries.
720Sstevel@tonic-gate *
730Sstevel@tonic-gate */
740Sstevel@tonic-gate
750Sstevel@tonic-gate #define CAPCHAR '%'
760Sstevel@tonic-gate #define MAXERROR 4000
770Sstevel@tonic-gate
780Sstevel@tonic-gate static char *automountKey = NULL;
790Sstevel@tonic-gate static char *automountInformation = NULL;
800Sstevel@tonic-gate static char *defaultFilter = NULL;
810Sstevel@tonic-gate static int encode = 0;
820Sstevel@tonic-gate
830Sstevel@tonic-gate static int mastermap_callback_ldap();
840Sstevel@tonic-gate static int directmap_callback();
850Sstevel@tonic-gate static int ldap_err(int);
860Sstevel@tonic-gate static int ldap_match();
870Sstevel@tonic-gate static int readdir_callback();
880Sstevel@tonic-gate
890Sstevel@tonic-gate struct loadmaster_cbdata {
900Sstevel@tonic-gate char *ptr1;
910Sstevel@tonic-gate char **ptr2;
920Sstevel@tonic-gate char ***ptr3;
930Sstevel@tonic-gate };
940Sstevel@tonic-gate
950Sstevel@tonic-gate struct loaddirect_cbdata {
960Sstevel@tonic-gate char *ptr1;
970Sstevel@tonic-gate char *ptr2;
980Sstevel@tonic-gate char **ptr3;
990Sstevel@tonic-gate char ***ptr4;
1000Sstevel@tonic-gate };
1010Sstevel@tonic-gate
1020Sstevel@tonic-gate struct dir_cbdata {
1030Sstevel@tonic-gate struct dir_entry **list;
1040Sstevel@tonic-gate struct dir_entry *last;
1050Sstevel@tonic-gate int error;
1060Sstevel@tonic-gate };
1070Sstevel@tonic-gate
1080Sstevel@tonic-gate static char *tosunds_str(char *);
1090Sstevel@tonic-gate static char *tounix_str(char *);
1100Sstevel@tonic-gate
1110Sstevel@tonic-gate static int
isAttrMapped(char * orig,char * mapped)1120Sstevel@tonic-gate isAttrMapped(char *orig, char *mapped)
1130Sstevel@tonic-gate {
1140Sstevel@tonic-gate char **s;
1150Sstevel@tonic-gate char **mappedschema = NULL;
1160Sstevel@tonic-gate
1170Sstevel@tonic-gate mappedschema = __ns_ldap_getMappedAttributes("automount", orig);
1180Sstevel@tonic-gate if (mappedschema == NULL)
1190Sstevel@tonic-gate return (0);
1200Sstevel@tonic-gate if (strcasecmp(mappedschema[0], mapped) != 0) {
1210Sstevel@tonic-gate for (s = mappedschema; *s != NULL; s++)
1220Sstevel@tonic-gate free(*s);
1230Sstevel@tonic-gate free(mappedschema);
1240Sstevel@tonic-gate return (0);
1250Sstevel@tonic-gate }
1260Sstevel@tonic-gate for (s = mappedschema; *s != NULL; s++)
1270Sstevel@tonic-gate free(*s);
1280Sstevel@tonic-gate free(mappedschema);
1290Sstevel@tonic-gate return (1);
1300Sstevel@tonic-gate }
1310Sstevel@tonic-gate
1320Sstevel@tonic-gate static int
isObjectMapped(char * orig,char * mapped)1330Sstevel@tonic-gate isObjectMapped(char *orig, char *mapped)
1340Sstevel@tonic-gate {
1350Sstevel@tonic-gate char **s;
1360Sstevel@tonic-gate char **mappedschema = NULL;
1370Sstevel@tonic-gate
1380Sstevel@tonic-gate mappedschema = __ns_ldap_getMappedObjectClass("automount", orig);
1390Sstevel@tonic-gate if (mappedschema == NULL)
1400Sstevel@tonic-gate return (0);
1410Sstevel@tonic-gate if (strcasecmp(mappedschema[0], mapped) != 0) {
1420Sstevel@tonic-gate for (s = mappedschema; *s != NULL; s++)
1430Sstevel@tonic-gate free(*s);
1440Sstevel@tonic-gate free(mappedschema);
1450Sstevel@tonic-gate return (0);
1460Sstevel@tonic-gate }
1470Sstevel@tonic-gate for (s = mappedschema; *s != NULL; s++)
1480Sstevel@tonic-gate free(*s);
1490Sstevel@tonic-gate free(mappedschema);
1500Sstevel@tonic-gate return (1);
1510Sstevel@tonic-gate }
1520Sstevel@tonic-gate
1530Sstevel@tonic-gate void
init_ldap(char ** stack,char *** stkptr)1540Sstevel@tonic-gate init_ldap(char **stack, char ***stkptr)
1550Sstevel@tonic-gate {
1560Sstevel@tonic-gate /*
1570Sstevel@tonic-gate * Check for version of the profile the client is using
1580Sstevel@tonic-gate *
1590Sstevel@tonic-gate * For version 1 profiles we do encoding of attributes
1600Sstevel@tonic-gate * and use nisMap and nisObject schema for backward compatibility.
1610Sstevel@tonic-gate *
1620Sstevel@tonic-gate * For version 2 profiles we don't do encoding and use
1630Sstevel@tonic-gate * automountMap and automount as default attributes (which can
1640Sstevel@tonic-gate * then be overridden in libsldap if schema mapping is configured
1650Sstevel@tonic-gate * in the profile).
1660Sstevel@tonic-gate *
1670Sstevel@tonic-gate * If profile version is not available, use version 2 as default
1680Sstevel@tonic-gate * and syslog message.
1690Sstevel@tonic-gate */
1700Sstevel@tonic-gate int rc, v2 = 1;
1710Sstevel@tonic-gate void **paramVal = NULL;
1720Sstevel@tonic-gate ns_ldap_error_t *errorp = NULL;
1730Sstevel@tonic-gate struct __nsw_switchconfig *conf = NULL;
1740Sstevel@tonic-gate struct __nsw_lookup *lkp = NULL;
1750Sstevel@tonic-gate enum __nsw_parse_err pserr;
1760Sstevel@tonic-gate int ldap_configured = 0;
1770Sstevel@tonic-gate
1780Sstevel@tonic-gate #ifdef lint
1790Sstevel@tonic-gate stack = stack;
1800Sstevel@tonic-gate stkptr = stkptr;
1810Sstevel@tonic-gate #endif /* lint */
1820Sstevel@tonic-gate
1830Sstevel@tonic-gate /* get nsswitch info of "automount */
1840Sstevel@tonic-gate conf = __nsw_getconfig("automount", &pserr);
1850Sstevel@tonic-gate
1860Sstevel@tonic-gate /* find out if LDAP backend is configured */
1870Sstevel@tonic-gate if (conf != NULL) {
1880Sstevel@tonic-gate for (lkp = conf->lookups; lkp != NULL; lkp = lkp->next) {
1890Sstevel@tonic-gate if (strcmp(lkp->service_name, "ldap") == 0) {
1900Sstevel@tonic-gate ldap_configured = 1;
1910Sstevel@tonic-gate break;
1920Sstevel@tonic-gate }
1930Sstevel@tonic-gate }
1940Sstevel@tonic-gate /* free conf at the end of "if" bracket */
1950Sstevel@tonic-gate (void) __nsw_freeconfig(conf);
1960Sstevel@tonic-gate }
1970Sstevel@tonic-gate
1980Sstevel@tonic-gate /* if ldap is not configured, init_ldap is a no op */
1990Sstevel@tonic-gate if (!ldap_configured)
2000Sstevel@tonic-gate return;
2010Sstevel@tonic-gate
2020Sstevel@tonic-gate rc = __ns_ldap_getParam(NS_LDAP_FILE_VERSION_P, ¶mVal, &errorp);
2030Sstevel@tonic-gate if (rc != NS_LDAP_SUCCESS || !paramVal || !*paramVal) {
2040Sstevel@tonic-gate syslog(LOG_ERR, "Can not determine version of LDAP profile"
205*11262SRajagopal.Andra@Sun.COM " that is used (%d, %s). Using version 2 profile"
206*11262SRajagopal.Andra@Sun.COM " defaults", rc, (errorp && errorp->message ?
207*11262SRajagopal.Andra@Sun.COM errorp->message : ""));
2080Sstevel@tonic-gate (void) __ns_ldap_freeError(&errorp);
2090Sstevel@tonic-gate } else {
2100Sstevel@tonic-gate if (strcasecmp(*paramVal, NS_LDAP_VERSION_1) == 0)
2110Sstevel@tonic-gate v2 = 0;
2120Sstevel@tonic-gate (void) __ns_ldap_freeParam(¶mVal);
2130Sstevel@tonic-gate }
2140Sstevel@tonic-gate
2150Sstevel@tonic-gate if (v2) {
2160Sstevel@tonic-gate if (trace > 1)
2170Sstevel@tonic-gate trace_prt(1, "init_ldap: setting up for version 2\n");
2180Sstevel@tonic-gate automountKey = "automountKey";
2190Sstevel@tonic-gate automountInformation = "automountInformation";
2200Sstevel@tonic-gate defaultFilter = "(&(objectClass=automount)(automountKey=%s))";
2210Sstevel@tonic-gate
2220Sstevel@tonic-gate /* check for automountMapName mapped to nisMapName */
2230Sstevel@tonic-gate if (!isAttrMapped("automountMapName", "nisMapName"))
2240Sstevel@tonic-gate return;
2250Sstevel@tonic-gate
2260Sstevel@tonic-gate /* check for automountKey mapped to cn */
2270Sstevel@tonic-gate if (!isAttrMapped("automountKey", "cn"))
2280Sstevel@tonic-gate return;
2290Sstevel@tonic-gate
2300Sstevel@tonic-gate /* check for automountInformation mapped to nisMapEntry */
2310Sstevel@tonic-gate if (!isAttrMapped("automountInformation", "nisMapEntry"))
2320Sstevel@tonic-gate return;
2330Sstevel@tonic-gate
2340Sstevel@tonic-gate /* check for automountMap mapped to nisMap */
2350Sstevel@tonic-gate if (!isObjectMapped("automountMap", "nisMap"))
2360Sstevel@tonic-gate return;
2370Sstevel@tonic-gate
2380Sstevel@tonic-gate /* check for automount mapped to nisObject */
2390Sstevel@tonic-gate if (!isObjectMapped("automount", "nisObject"))
2400Sstevel@tonic-gate return;
2410Sstevel@tonic-gate
2420Sstevel@tonic-gate if (trace > 1)
2430Sstevel@tonic-gate trace_prt(1, "init_ldap: encode = TRUE\n");
2440Sstevel@tonic-gate encode = 1;
2450Sstevel@tonic-gate } else {
2460Sstevel@tonic-gate if (trace > 1) {
2470Sstevel@tonic-gate trace_prt(1, "init_ldap: setting up for version 1\n");
2480Sstevel@tonic-gate trace_prt(1, "init_ldap: encode = TRUE\n");
2490Sstevel@tonic-gate }
2500Sstevel@tonic-gate encode = 1;
2510Sstevel@tonic-gate automountKey = "cn";
2520Sstevel@tonic-gate automountInformation = "nisMapEntry";
2530Sstevel@tonic-gate defaultFilter = "(&(objectClass=nisObject)(cn=%s))";
2540Sstevel@tonic-gate }
2550Sstevel@tonic-gate }
2560Sstevel@tonic-gate
2570Sstevel@tonic-gate /*ARGSUSED*/
2580Sstevel@tonic-gate int
getmapent_ldap(char * key,char * map,struct mapline * ml,char ** stack,char *** stkptr,bool_t * iswildcard,bool_t isrestricted)2590Sstevel@tonic-gate getmapent_ldap(char *key, char *map, struct mapline *ml,
2600Sstevel@tonic-gate char **stack, char ***stkptr, bool_t *iswildcard, bool_t isrestricted)
2610Sstevel@tonic-gate {
2620Sstevel@tonic-gate char *ldap_line = NULL;
2630Sstevel@tonic-gate char *lp;
2640Sstevel@tonic-gate int ldap_len, len;
2650Sstevel@tonic-gate int nserr;
2660Sstevel@tonic-gate
2670Sstevel@tonic-gate if (trace > 1)
2680Sstevel@tonic-gate trace_prt(1, "getmapent_ldap called\n");
2690Sstevel@tonic-gate
2700Sstevel@tonic-gate if (trace > 1) {
2710Sstevel@tonic-gate trace_prt(1, "getmapent_ldap: key=[ %s ]\n", key);
2720Sstevel@tonic-gate }
2730Sstevel@tonic-gate
2740Sstevel@tonic-gate if (iswildcard)
2750Sstevel@tonic-gate *iswildcard = FALSE;
2760Sstevel@tonic-gate nserr = ldap_match(map, key, &ldap_line, &ldap_len);
2770Sstevel@tonic-gate if (nserr) {
2780Sstevel@tonic-gate if (nserr == __NSW_NOTFOUND) {
2790Sstevel@tonic-gate /* Try the default entry "*" */
2800Sstevel@tonic-gate if ((nserr = ldap_match(map, "\\2a", &ldap_line,
2810Sstevel@tonic-gate &ldap_len)))
2820Sstevel@tonic-gate goto done;
2830Sstevel@tonic-gate else {
2840Sstevel@tonic-gate if (iswildcard)
2850Sstevel@tonic-gate *iswildcard = TRUE;
2860Sstevel@tonic-gate }
2870Sstevel@tonic-gate } else
2880Sstevel@tonic-gate goto done;
2890Sstevel@tonic-gate }
2900Sstevel@tonic-gate
2910Sstevel@tonic-gate /*
2920Sstevel@tonic-gate * at this point we are sure that ldap_match
2930Sstevel@tonic-gate * succeeded so massage the entry by
2940Sstevel@tonic-gate * 1. ignoring # and beyond
2950Sstevel@tonic-gate * 2. trim the trailing whitespace
2960Sstevel@tonic-gate */
2970Sstevel@tonic-gate if (lp = strchr(ldap_line, '#'))
2980Sstevel@tonic-gate *lp = '\0';
2990Sstevel@tonic-gate len = strlen(ldap_line);
3000Sstevel@tonic-gate if (len == 0) {
3010Sstevel@tonic-gate nserr = __NSW_NOTFOUND;
3020Sstevel@tonic-gate goto done;
3030Sstevel@tonic-gate }
3040Sstevel@tonic-gate lp = &ldap_line[len - 1];
3050Sstevel@tonic-gate while (lp > ldap_line && isspace(*lp))
3060Sstevel@tonic-gate *lp-- = '\0';
3070Sstevel@tonic-gate if (lp == ldap_line) {
3080Sstevel@tonic-gate nserr = __NSW_NOTFOUND;
3090Sstevel@tonic-gate goto done;
3100Sstevel@tonic-gate }
3110Sstevel@tonic-gate (void) strncpy(ml->linebuf, ldap_line, LINESZ);
3120Sstevel@tonic-gate unquote(ml->linebuf, ml->lineqbuf);
3130Sstevel@tonic-gate nserr = __NSW_SUCCESS;
3140Sstevel@tonic-gate done:
3150Sstevel@tonic-gate if (ldap_line)
3160Sstevel@tonic-gate free((char *)ldap_line);
3170Sstevel@tonic-gate
3180Sstevel@tonic-gate if (trace > 1)
3190Sstevel@tonic-gate trace_prt(1, "getmapent_ldap: exiting ...\n");
3200Sstevel@tonic-gate
3210Sstevel@tonic-gate return (nserr);
3220Sstevel@tonic-gate }
3230Sstevel@tonic-gate
3240Sstevel@tonic-gate static int
ldap_match(char * map,char * key,char ** ldap_line,int * ldap_len)3250Sstevel@tonic-gate ldap_match(char *map, char *key, char **ldap_line, int *ldap_len)
3260Sstevel@tonic-gate {
3270Sstevel@tonic-gate char searchfilter[LDAP_FILT_MAXSIZ];
3280Sstevel@tonic-gate int res, attr_found;
3290Sstevel@tonic-gate ns_ldap_result_t *result = NULL;
3300Sstevel@tonic-gate ns_ldap_error_t *errp = NULL;
3310Sstevel@tonic-gate ns_ldap_entry_t *entry = NULL;
3320Sstevel@tonic-gate char *ldapkey;
3330Sstevel@tonic-gate int i;
3340Sstevel@tonic-gate
3350Sstevel@tonic-gate if (trace > 1) {
3360Sstevel@tonic-gate trace_prt(1, "ldap_match called\n");
3370Sstevel@tonic-gate trace_prt(1, "ldap_match: key =[ %s ]\n", key);
3380Sstevel@tonic-gate }
3390Sstevel@tonic-gate
3400Sstevel@tonic-gate /*
3410Sstevel@tonic-gate * need to handle uppercase characters in the key because LDAP
3420Sstevel@tonic-gate * searches are case insensitive. Note, key = attribute automountKey.
3430Sstevel@tonic-gate */
3440Sstevel@tonic-gate if (encode)
3450Sstevel@tonic-gate ldapkey = tosunds_str(key);
3460Sstevel@tonic-gate else
3470Sstevel@tonic-gate ldapkey = key;
3480Sstevel@tonic-gate
3490Sstevel@tonic-gate if (trace > 1) {
3500Sstevel@tonic-gate trace_prt(1, "ldap_match: ldapkey =[ %s ]\n", ldapkey);
3510Sstevel@tonic-gate }
3520Sstevel@tonic-gate
3530Sstevel@tonic-gate (void) sprintf(searchfilter, defaultFilter, ldapkey);
3540Sstevel@tonic-gate
3550Sstevel@tonic-gate if (trace > 1)
3560Sstevel@tonic-gate trace_prt(1, " ldap_match: Requesting list for %s in %s\n",
3570Sstevel@tonic-gate searchfilter, map);
3580Sstevel@tonic-gate
3590Sstevel@tonic-gate res = __ns_ldap_list(map, searchfilter, NULL,
3600Sstevel@tonic-gate NULL, NULL, 0, &result, &errp, NULL, NULL);
3610Sstevel@tonic-gate
3620Sstevel@tonic-gate if (trace > 1) {
3630Sstevel@tonic-gate if (res != NS_LDAP_SUCCESS)
3640Sstevel@tonic-gate trace_prt(1,
3650Sstevel@tonic-gate " ldap_match: __ns_ldap_list FAILED (%d)\n", res);
3660Sstevel@tonic-gate else
3670Sstevel@tonic-gate trace_prt(1, " ldap_match: __ns_ldap_list OK\n");
3680Sstevel@tonic-gate }
3690Sstevel@tonic-gate
3700Sstevel@tonic-gate if (res != NS_LDAP_SUCCESS && res != NS_LDAP_NOTFOUND) {
3710Sstevel@tonic-gate if (errp) {
3720Sstevel@tonic-gate if (verbose) {
3730Sstevel@tonic-gate char errstr[MAXERROR];
3740Sstevel@tonic-gate (void) sprintf(errstr,
375*11262SRajagopal.Andra@Sun.COM gettext("ldap server can't list map,"
376*11262SRajagopal.Andra@Sun.COM " '%s': '%s' - '%d'."),
377*11262SRajagopal.Andra@Sun.COM map, errp->message, errp->status);
3780Sstevel@tonic-gate syslog(LOG_ERR, errstr);
3790Sstevel@tonic-gate }
3800Sstevel@tonic-gate __ns_ldap_freeError(&errp);
3810Sstevel@tonic-gate } else {
3820Sstevel@tonic-gate if (verbose) {
3830Sstevel@tonic-gate char *errmsg;
3840Sstevel@tonic-gate __ns_ldap_err2str(res, &errmsg);
3850Sstevel@tonic-gate syslog(LOG_ERR, errmsg);
3860Sstevel@tonic-gate }
3870Sstevel@tonic-gate }
3880Sstevel@tonic-gate if (result)
3890Sstevel@tonic-gate __ns_ldap_freeResult(&result);
3900Sstevel@tonic-gate return (ldap_err(res));
3910Sstevel@tonic-gate }
3920Sstevel@tonic-gate
3930Sstevel@tonic-gate if (res == NS_LDAP_NOTFOUND || result == NULL ||
3940Sstevel@tonic-gate result->entries_count == 0 || result->entry->attr_count == 0) {
3950Sstevel@tonic-gate if (trace > 1)
3960Sstevel@tonic-gate trace_prt(1, " ldap_match: no entries found\n");
3970Sstevel@tonic-gate if (errp)
3980Sstevel@tonic-gate __ns_ldap_freeError(&errp);
3990Sstevel@tonic-gate if (result)
4000Sstevel@tonic-gate __ns_ldap_freeResult(&result);
4010Sstevel@tonic-gate return (__NSW_NOTFOUND);
4020Sstevel@tonic-gate }
4030Sstevel@tonic-gate
4040Sstevel@tonic-gate /*
4050Sstevel@tonic-gate * get value of attribute nisMapEntry. This attribute contains a
4060Sstevel@tonic-gate * list of mount options AND mount location for a particular mount
4070Sstevel@tonic-gate * point (key).
4080Sstevel@tonic-gate * For example:
4090Sstevel@tonic-gate *
4100Sstevel@tonic-gate * key: /work
4110Sstevel@tonic-gate * ^^^^^
4120Sstevel@tonic-gate * (mount point)
4130Sstevel@tonic-gate *
4140Sstevel@tonic-gate * nisMapEntry: -rw,intr,nosuid,noquota hosta:/export/work
4150Sstevel@tonic-gate * ^^^^^^^^^^^^^^^^^^^^^^^ ^^^^^^^^^^^^^^^^^^
4160Sstevel@tonic-gate * ( mount options ) (remote mount location)
4170Sstevel@tonic-gate *
4180Sstevel@tonic-gate */
4190Sstevel@tonic-gate attr_found = 0;
4200Sstevel@tonic-gate entry = result->entry;
4210Sstevel@tonic-gate for (i = 0; i < entry->attr_count; i++) {
4220Sstevel@tonic-gate ns_ldap_attr_t *attr;
4230Sstevel@tonic-gate
4240Sstevel@tonic-gate attr = entry->attr_pair[i];
4250Sstevel@tonic-gate if (strcasecmp(attr->attrname, automountInformation) == 0) {
4260Sstevel@tonic-gate char *attrval;
4270Sstevel@tonic-gate
4280Sstevel@tonic-gate attr_found = 1;
4290Sstevel@tonic-gate if (encode)
4300Sstevel@tonic-gate attrval = tounix_str(attr->attrvalue[0]);
4310Sstevel@tonic-gate else
4320Sstevel@tonic-gate attrval = attr->attrvalue[0];
4330Sstevel@tonic-gate *ldap_len = strlen(key) + strlen(attrval);
4340Sstevel@tonic-gate
4350Sstevel@tonic-gate /*
4360Sstevel@tonic-gate * so check for the length; it should be less than
4370Sstevel@tonic-gate * LINESZ
4380Sstevel@tonic-gate */
4390Sstevel@tonic-gate if ((*ldap_len + 2) > LINESZ) {
4400Sstevel@tonic-gate syslog(LOG_ERR,
4410Sstevel@tonic-gate "ldap server map %s, entry for %s"
4420Sstevel@tonic-gate " is too long %d chars (max %d)",
4430Sstevel@tonic-gate map, key, (*ldap_len + 2), LINESZ);
4440Sstevel@tonic-gate __ns_ldap_freeResult(&result);
4450Sstevel@tonic-gate return (__NSW_UNAVAIL);
4460Sstevel@tonic-gate }
4470Sstevel@tonic-gate *ldap_line = (char *)malloc(*ldap_len + 2);
4480Sstevel@tonic-gate if (*ldap_line == NULL) {
4490Sstevel@tonic-gate syslog(LOG_ERR, "ldap_match: malloc failed");
4500Sstevel@tonic-gate __ns_ldap_freeResult(&result);
4510Sstevel@tonic-gate return (__NSW_UNAVAIL);
4520Sstevel@tonic-gate }
4530Sstevel@tonic-gate
4540Sstevel@tonic-gate (void) sprintf(*ldap_line, "%s", attrval);
4550Sstevel@tonic-gate
4560Sstevel@tonic-gate break;
4570Sstevel@tonic-gate }
4580Sstevel@tonic-gate }
4590Sstevel@tonic-gate
4600Sstevel@tonic-gate __ns_ldap_freeError(&errp);
4610Sstevel@tonic-gate __ns_ldap_freeResult(&result);
4620Sstevel@tonic-gate
4630Sstevel@tonic-gate if (!attr_found)
4640Sstevel@tonic-gate return (__NSW_NOTFOUND);
4650Sstevel@tonic-gate
4660Sstevel@tonic-gate if (trace > 1)
4670Sstevel@tonic-gate trace_prt(1, " ldap_match: found: %s\n", *ldap_line);
4680Sstevel@tonic-gate
4690Sstevel@tonic-gate return (__NSW_SUCCESS);
4700Sstevel@tonic-gate }
4710Sstevel@tonic-gate
472249Sjwahlig int
loadmaster_ldap(char * mapname,char * defopts,char ** stack,char *** stkptr)4730Sstevel@tonic-gate loadmaster_ldap(char *mapname, char *defopts, char **stack, char ***stkptr)
4740Sstevel@tonic-gate {
4750Sstevel@tonic-gate char searchfilter[LDAP_FILT_MAXSIZ];
4760Sstevel@tonic-gate int res;
4770Sstevel@tonic-gate ns_ldap_result_t *result = NULL;
4780Sstevel@tonic-gate ns_ldap_error_t *errp = NULL;
4790Sstevel@tonic-gate struct loadmaster_cbdata master_cbdata;
4800Sstevel@tonic-gate
4810Sstevel@tonic-gate if (trace > 1)
4820Sstevel@tonic-gate trace_prt(1, "loadmaster_ldap called\n");
4830Sstevel@tonic-gate
4840Sstevel@tonic-gate master_cbdata.ptr1 = defopts;
4850Sstevel@tonic-gate master_cbdata.ptr2 = stack;
4860Sstevel@tonic-gate master_cbdata.ptr3 = stkptr;
4870Sstevel@tonic-gate
4880Sstevel@tonic-gate /* filter gets all the entries for the specified mapname */
4890Sstevel@tonic-gate (void) sprintf(searchfilter, defaultFilter, "*");
4900Sstevel@tonic-gate
4910Sstevel@tonic-gate if (trace > 1)
4920Sstevel@tonic-gate trace_prt(1, "loadmaster_ldap: Requesting list for %s in %s\n",
4930Sstevel@tonic-gate searchfilter, mapname);
4940Sstevel@tonic-gate
4950Sstevel@tonic-gate res = __ns_ldap_list(mapname, searchfilter, NULL, NULL, NULL,
496*11262SRajagopal.Andra@Sun.COM 0, &result, &errp, mastermap_callback_ldap,
497*11262SRajagopal.Andra@Sun.COM (void *) &master_cbdata);
4980Sstevel@tonic-gate
4990Sstevel@tonic-gate if (trace > 1)
5000Sstevel@tonic-gate trace_prt(1,
501*11262SRajagopal.Andra@Sun.COM "loadmaster_ldap: __ns_ldap_list just returned: %d\n",
502*11262SRajagopal.Andra@Sun.COM res);
5030Sstevel@tonic-gate
5040Sstevel@tonic-gate if (res != NS_LDAP_SUCCESS) {
5050Sstevel@tonic-gate if (errp) {
5060Sstevel@tonic-gate char errstr[MAXERROR];
5070Sstevel@tonic-gate if (verbose) {
5080Sstevel@tonic-gate (void) sprintf(errstr, gettext(
509*11262SRajagopal.Andra@Sun.COM "ldap server can't list map,"
510*11262SRajagopal.Andra@Sun.COM "'%s': '%s' - '%d'."),
511*11262SRajagopal.Andra@Sun.COM mapname, errp->message, errp->status);
5120Sstevel@tonic-gate syslog(LOG_ERR, errstr);
5130Sstevel@tonic-gate }
5140Sstevel@tonic-gate __ns_ldap_freeError(&errp);
5150Sstevel@tonic-gate } else {
5160Sstevel@tonic-gate if (verbose) {
5170Sstevel@tonic-gate char *errmsg;
5180Sstevel@tonic-gate __ns_ldap_err2str(res, &errmsg);
5190Sstevel@tonic-gate syslog(LOG_ERR, errmsg);
5200Sstevel@tonic-gate }
5210Sstevel@tonic-gate }
5220Sstevel@tonic-gate if (result)
5230Sstevel@tonic-gate __ns_ldap_freeResult(&result);
5240Sstevel@tonic-gate return (ldap_err(res));
5250Sstevel@tonic-gate }
5260Sstevel@tonic-gate
5270Sstevel@tonic-gate if (trace > 1)
5280Sstevel@tonic-gate trace_prt(1,
529*11262SRajagopal.Andra@Sun.COM "loadmaster_ldap: calling __ns_ldap_freeResult...\n");
5300Sstevel@tonic-gate
5310Sstevel@tonic-gate __ns_ldap_freeResult(&result);
5320Sstevel@tonic-gate
5330Sstevel@tonic-gate if (trace > 1)
5340Sstevel@tonic-gate trace_prt(1,
535*11262SRajagopal.Andra@Sun.COM "loadmaster_ldap: about to return __NSW_SUCCESS...\n");
5360Sstevel@tonic-gate
5370Sstevel@tonic-gate return (__NSW_SUCCESS);
5380Sstevel@tonic-gate }
5390Sstevel@tonic-gate
540249Sjwahlig int
loaddirect_ldap(char * nsmap,char * localmap,char * opts,char ** stack,char *** stkptr)5410Sstevel@tonic-gate loaddirect_ldap(char *nsmap, char *localmap, char *opts,
5420Sstevel@tonic-gate char **stack, char ***stkptr)
5430Sstevel@tonic-gate {
5440Sstevel@tonic-gate char searchfilter[LDAP_FILT_MAXSIZ];
5450Sstevel@tonic-gate int res;
5460Sstevel@tonic-gate ns_ldap_result_t *result = NULL;
5470Sstevel@tonic-gate ns_ldap_error_t *errp = NULL;
5480Sstevel@tonic-gate struct loaddirect_cbdata direct_cbdata;
5490Sstevel@tonic-gate
5500Sstevel@tonic-gate if (trace > 1) {
5510Sstevel@tonic-gate trace_prt(1, "loaddirect_ldap called\n");
5520Sstevel@tonic-gate }
5530Sstevel@tonic-gate
5540Sstevel@tonic-gate direct_cbdata.ptr1 = opts;
5550Sstevel@tonic-gate direct_cbdata.ptr2 = localmap;
5560Sstevel@tonic-gate direct_cbdata.ptr3 = stack;
5570Sstevel@tonic-gate direct_cbdata.ptr4 = stkptr;
5580Sstevel@tonic-gate
5590Sstevel@tonic-gate /* filter gets all the entries for the specified mapname */
5600Sstevel@tonic-gate (void) sprintf(searchfilter, defaultFilter, "*");
5610Sstevel@tonic-gate
5620Sstevel@tonic-gate if (trace > 1)
5630Sstevel@tonic-gate trace_prt(1, "loaddirect_ldap: Requesting list for %s in %s\n",
5640Sstevel@tonic-gate searchfilter, nsmap);
5650Sstevel@tonic-gate
5660Sstevel@tonic-gate res = __ns_ldap_list(nsmap, searchfilter, NULL, NULL,
5670Sstevel@tonic-gate NULL, 0, &result, &errp,
5680Sstevel@tonic-gate directmap_callback, (void *) &direct_cbdata);
5690Sstevel@tonic-gate
5700Sstevel@tonic-gate
5710Sstevel@tonic-gate if (res != NS_LDAP_SUCCESS) {
5720Sstevel@tonic-gate if (errp) {
5730Sstevel@tonic-gate char errstr[MAXERROR];
5740Sstevel@tonic-gate if (verbose) {
5750Sstevel@tonic-gate (void) sprintf(errstr,
576*11262SRajagopal.Andra@Sun.COM gettext("ldap server can't list map,"
577*11262SRajagopal.Andra@Sun.COM " '%s': '%s' - '%d'."),
578*11262SRajagopal.Andra@Sun.COM nsmap, errp->message, errp->status);
5790Sstevel@tonic-gate syslog(LOG_ERR, errstr);
5800Sstevel@tonic-gate }
5810Sstevel@tonic-gate __ns_ldap_freeError(&errp);
5820Sstevel@tonic-gate } else {
5830Sstevel@tonic-gate if (verbose) {
5840Sstevel@tonic-gate char *errmsg;
5850Sstevel@tonic-gate __ns_ldap_err2str(res, &errmsg);
5860Sstevel@tonic-gate syslog(LOG_ERR, errmsg);
5870Sstevel@tonic-gate }
5880Sstevel@tonic-gate }
5890Sstevel@tonic-gate if (result)
5900Sstevel@tonic-gate __ns_ldap_freeResult(&result);
5910Sstevel@tonic-gate return (ldap_err(res));
5920Sstevel@tonic-gate }
5930Sstevel@tonic-gate
5940Sstevel@tonic-gate __ns_ldap_freeResult(&result);
5950Sstevel@tonic-gate return (__NSW_SUCCESS);
5960Sstevel@tonic-gate }
5970Sstevel@tonic-gate
5980Sstevel@tonic-gate static int
ldap_err(int err)5990Sstevel@tonic-gate ldap_err(int err)
6000Sstevel@tonic-gate {
6010Sstevel@tonic-gate if (trace > 1)
6020Sstevel@tonic-gate trace_prt(1, "ldap_err called\n");
6030Sstevel@tonic-gate
6040Sstevel@tonic-gate switch (err) {
6050Sstevel@tonic-gate
6060Sstevel@tonic-gate case NS_LDAP_SUCCESS:
6070Sstevel@tonic-gate return (__NSW_SUCCESS);
6080Sstevel@tonic-gate
6090Sstevel@tonic-gate case NS_LDAP_NOTFOUND:
6100Sstevel@tonic-gate return (__NSW_NOTFOUND);
6110Sstevel@tonic-gate
6120Sstevel@tonic-gate case NS_LDAP_PARTIAL:
6130Sstevel@tonic-gate return (__NSW_TRYAGAIN);
6140Sstevel@tonic-gate
6150Sstevel@tonic-gate default:
6160Sstevel@tonic-gate return (__NSW_UNAVAIL);
6170Sstevel@tonic-gate }
6180Sstevel@tonic-gate }
6190Sstevel@tonic-gate
6200Sstevel@tonic-gate static int
mastermap_callback_ldap(ns_ldap_entry_t * entry,void * udata)6210Sstevel@tonic-gate mastermap_callback_ldap(ns_ldap_entry_t *entry, void *udata)
6220Sstevel@tonic-gate {
6230Sstevel@tonic-gate char *key, *contents, *pmap, *opts;
6240Sstevel@tonic-gate char dir[LINESZ], map[LINESZ], qbuff[LINESZ];
6250Sstevel@tonic-gate char cont_temp[LINESZ], key_temp[LINESZ];
6260Sstevel@tonic-gate int key_len, contents_len;
6270Sstevel@tonic-gate struct loadmaster_cbdata *temp = (struct loadmaster_cbdata *)udata;
6280Sstevel@tonic-gate char *defopts = temp->ptr1;
6290Sstevel@tonic-gate char **stack = temp->ptr2;
6300Sstevel@tonic-gate char ***stkptr = temp->ptr3;
6310Sstevel@tonic-gate int i;
6320Sstevel@tonic-gate
6330Sstevel@tonic-gate if (trace > 1) {
6340Sstevel@tonic-gate trace_prt(1, "mastermap_callback_ldap called\n");
6350Sstevel@tonic-gate trace_prt(1, "mastermap_callback_ldap: entry=%x\n", entry);
6360Sstevel@tonic-gate if (entry) {
6370Sstevel@tonic-gate trace_prt(1,
6380Sstevel@tonic-gate "mastermap_callback_ldap: entry->attr_count=[ %d ]\n",
6390Sstevel@tonic-gate entry->attr_count);
6400Sstevel@tonic-gate }
6410Sstevel@tonic-gate }
6420Sstevel@tonic-gate
6430Sstevel@tonic-gate /*
6440Sstevel@tonic-gate * For the current entry, obtain the values of the cn and the
6450Sstevel@tonic-gate * nisMapEntry attributes and the length of each value (cn=key,
6460Sstevel@tonic-gate * nisMapEntry=contents).
6470Sstevel@tonic-gate * We skip the description. Even though LDAP allows for multiple
6480Sstevel@tonic-gate * values per attribute, we take only the 1st value for each
649*11262SRajagopal.Andra@Sun.COM * attribute because the automount data is organized as such.
6500Sstevel@tonic-gate */
6510Sstevel@tonic-gate key_len = 0;
6520Sstevel@tonic-gate contents_len = 0;
6530Sstevel@tonic-gate key = NULL;
6540Sstevel@tonic-gate contents = NULL;
6550Sstevel@tonic-gate for (i = 0; i < entry->attr_count; i++) {
6560Sstevel@tonic-gate ns_ldap_attr_t *attr;
6570Sstevel@tonic-gate
6580Sstevel@tonic-gate attr = entry->attr_pair[i];
6590Sstevel@tonic-gate if (trace > 1) {
6600Sstevel@tonic-gate trace_prt(1,
6610Sstevel@tonic-gate "mastermap_callback_ldap: attr[%d]: %s=%s\n",
6620Sstevel@tonic-gate i, attr->attrname, attr->attrvalue[0]);
6630Sstevel@tonic-gate }
6640Sstevel@tonic-gate if (strcasecmp(attr->attrname, automountInformation) == 0) {
6650Sstevel@tonic-gate if (encode)
6660Sstevel@tonic-gate (void) strncpy(cont_temp,
667*11262SRajagopal.Andra@Sun.COM tounix_str(attr->attrvalue[0]), LINESZ);
6680Sstevel@tonic-gate else
6690Sstevel@tonic-gate (void) strncpy(cont_temp, attr->attrvalue[0],
670*11262SRajagopal.Andra@Sun.COM LINESZ);
6710Sstevel@tonic-gate contents = cont_temp;
6720Sstevel@tonic-gate contents_len = strlen(contents);
6730Sstevel@tonic-gate if (trace > 1) {
6740Sstevel@tonic-gate trace_prt(1,
675*11262SRajagopal.Andra@Sun.COM "mastermap_callback_ldap: contents=[ %s ],"
676*11262SRajagopal.Andra@Sun.COM " contents_len=[ %d ]\n",
677*11262SRajagopal.Andra@Sun.COM contents, contents_len);
6780Sstevel@tonic-gate }
6790Sstevel@tonic-gate }
6800Sstevel@tonic-gate if (strcasecmp(attr->attrname, automountKey) == 0) {
6810Sstevel@tonic-gate if (encode)
6820Sstevel@tonic-gate (void) strncpy(key_temp,
683*11262SRajagopal.Andra@Sun.COM tounix_str(attr->attrvalue[0]), LINESZ);
6840Sstevel@tonic-gate else
6850Sstevel@tonic-gate (void) strncpy(key_temp, attr->attrvalue[0],
686*11262SRajagopal.Andra@Sun.COM LINESZ);
6870Sstevel@tonic-gate key = key_temp;
6880Sstevel@tonic-gate key_len = strlen(key);
6890Sstevel@tonic-gate if (trace > 1) {
6900Sstevel@tonic-gate trace_prt(1,
691*11262SRajagopal.Andra@Sun.COM "mastermap_callback_ldap: key=[ %s ],"
692*11262SRajagopal.Andra@Sun.COM " key_len=[ %d ]\n",
693*11262SRajagopal.Andra@Sun.COM key, key_len);
6940Sstevel@tonic-gate }
6950Sstevel@tonic-gate }
6960Sstevel@tonic-gate }
6970Sstevel@tonic-gate
6980Sstevel@tonic-gate if (key_len >= LINESZ || contents_len >= LINESZ)
6990Sstevel@tonic-gate return (0);
7000Sstevel@tonic-gate if (key_len < 2 || contents_len < 2)
7010Sstevel@tonic-gate return (0);
7020Sstevel@tonic-gate
7030Sstevel@tonic-gate while (isspace(*contents))
7040Sstevel@tonic-gate contents++;
7050Sstevel@tonic-gate if (contents == NULL)
7060Sstevel@tonic-gate return (0);
7070Sstevel@tonic-gate if (isspace(*key) || *key == '#')
7080Sstevel@tonic-gate return (0);
7090Sstevel@tonic-gate
7100Sstevel@tonic-gate (void) strncpy(dir, key, key_len);
7110Sstevel@tonic-gate dir[key_len] = '\0';
7120Sstevel@tonic-gate if (trace > 1)
7130Sstevel@tonic-gate trace_prt(1, "mastermap_callback_ldap: dir= [ %s ]\n", dir);
7140Sstevel@tonic-gate for (i = 0; i < LINESZ; i++)
7150Sstevel@tonic-gate qbuff[i] = ' ';
7160Sstevel@tonic-gate if (macro_expand("", dir, qbuff, sizeof (dir))) {
7170Sstevel@tonic-gate syslog(LOG_ERR,
7180Sstevel@tonic-gate "%s in ldap server map: entry too long (max %d chars)",
7190Sstevel@tonic-gate dir, sizeof (dir) - 1);
7200Sstevel@tonic-gate return (0);
7210Sstevel@tonic-gate }
7220Sstevel@tonic-gate (void) strncpy(map, contents, contents_len);
7230Sstevel@tonic-gate map[contents_len] = '\0';
7240Sstevel@tonic-gate if (trace > 1)
7250Sstevel@tonic-gate trace_prt(1, "mastermap_callback_ldap: map= [ %s ]\n", map);
7260Sstevel@tonic-gate if (macro_expand("", map, qbuff, sizeof (map))) {
7270Sstevel@tonic-gate syslog(LOG_ERR,
7280Sstevel@tonic-gate "%s in ldap server map: entry too long (max %d chars)",
7290Sstevel@tonic-gate map, sizeof (map) - 1);
7300Sstevel@tonic-gate return (0);
7310Sstevel@tonic-gate }
7320Sstevel@tonic-gate pmap = map;
7330Sstevel@tonic-gate while (*pmap && isspace(*pmap))
7340Sstevel@tonic-gate pmap++; /* skip blanks in front of map */
7350Sstevel@tonic-gate opts = pmap;
7360Sstevel@tonic-gate while (*opts && !isspace(*opts))
7370Sstevel@tonic-gate opts++;
7380Sstevel@tonic-gate if (*opts) {
7390Sstevel@tonic-gate *opts++ = '\0';
7400Sstevel@tonic-gate while (*opts && isspace(*opts))
7410Sstevel@tonic-gate opts++;
7420Sstevel@tonic-gate if (*opts == '-')
7430Sstevel@tonic-gate opts++;
7440Sstevel@tonic-gate else
7450Sstevel@tonic-gate opts = defopts;
7460Sstevel@tonic-gate }
7470Sstevel@tonic-gate /*
7480Sstevel@tonic-gate * Check for no embedded blanks.
7490Sstevel@tonic-gate */
7500Sstevel@tonic-gate if (strcspn(opts, " ") == strlen(opts)) {
7510Sstevel@tonic-gate if (trace > 1)
7520Sstevel@tonic-gate trace_prt(1,
7530Sstevel@tonic-gate "mastermap_callback_ldap: dir=[ %s ], pmap=[ %s ]\n",
7540Sstevel@tonic-gate dir, pmap);
7550Sstevel@tonic-gate dirinit(dir, pmap, opts, 0, stack, stkptr);
7560Sstevel@tonic-gate } else {
7570Sstevel@tonic-gate char *dn = NULL;
7580Sstevel@tonic-gate
7590Sstevel@tonic-gate /* get the value for the dn */
7600Sstevel@tonic-gate for (i = 0; i < entry->attr_count; i++) {
7610Sstevel@tonic-gate ns_ldap_attr_t *attr;
7620Sstevel@tonic-gate
7630Sstevel@tonic-gate attr = entry->attr_pair[i];
7640Sstevel@tonic-gate if (strcasecmp(attr->attrname, "dn")
765*11262SRajagopal.Andra@Sun.COM == 0) {
7660Sstevel@tonic-gate dn = attr->attrvalue[0];
7670Sstevel@tonic-gate break;
7680Sstevel@tonic-gate }
7690Sstevel@tonic-gate }
7700Sstevel@tonic-gate pr_msg(
771*11262SRajagopal.Andra@Sun.COM "Warning: invalid entry for %s in ldap server"
772*11262SRajagopal.Andra@Sun.COM " dn: %s ignored.\n",
7730Sstevel@tonic-gate dir, dn);
7740Sstevel@tonic-gate }
7750Sstevel@tonic-gate if (trace > 1)
7760Sstevel@tonic-gate trace_prt(1, "mastermap_callback_ldap exiting...\n");
7770Sstevel@tonic-gate return (0);
7780Sstevel@tonic-gate }
7790Sstevel@tonic-gate
7800Sstevel@tonic-gate static int
directmap_callback(ns_ldap_entry_t * entry,void * udata)7810Sstevel@tonic-gate directmap_callback(ns_ldap_entry_t *entry, void *udata)
7820Sstevel@tonic-gate {
7830Sstevel@tonic-gate char *key;
7840Sstevel@tonic-gate char dir[256];
7850Sstevel@tonic-gate int key_len;
7860Sstevel@tonic-gate struct loaddirect_cbdata *temp = (struct loaddirect_cbdata *)udata;
7870Sstevel@tonic-gate char *opts = temp->ptr1;
7880Sstevel@tonic-gate char *localmap = temp->ptr2;
7890Sstevel@tonic-gate char **stack = temp->ptr3;
7900Sstevel@tonic-gate char ***stkptr = temp->ptr4;
7910Sstevel@tonic-gate int i;
7920Sstevel@tonic-gate
7930Sstevel@tonic-gate /*
7940Sstevel@tonic-gate * For the current entry, obtain the value and length of the cn i.e.
7950Sstevel@tonic-gate * the contents of key and its key length.
7960Sstevel@tonic-gate */
7970Sstevel@tonic-gate key_len = 0;
7980Sstevel@tonic-gate key = NULL;
7990Sstevel@tonic-gate for (i = 0; i < entry->attr_count; i++) {
8000Sstevel@tonic-gate ns_ldap_attr_t *attr;
8010Sstevel@tonic-gate
8020Sstevel@tonic-gate attr = entry->attr_pair[i];
8030Sstevel@tonic-gate if (strcasecmp(attr->attrname, automountKey) == 0) {
8040Sstevel@tonic-gate if (encode)
8050Sstevel@tonic-gate key = tounix_str(attr->attrvalue[0]);
8060Sstevel@tonic-gate else
8070Sstevel@tonic-gate key = attr->attrvalue[0];
8080Sstevel@tonic-gate key_len = strlen(key);
8090Sstevel@tonic-gate break;
8100Sstevel@tonic-gate }
8110Sstevel@tonic-gate }
8120Sstevel@tonic-gate
8130Sstevel@tonic-gate if (key_len >= 100 || key_len < 2)
8140Sstevel@tonic-gate return (0);
8150Sstevel@tonic-gate
8160Sstevel@tonic-gate if (isspace(*key) || *key == '#')
8170Sstevel@tonic-gate return (0);
8180Sstevel@tonic-gate (void) strncpy(dir, key, key_len);
8190Sstevel@tonic-gate dir[key_len] = '\0';
8200Sstevel@tonic-gate
8210Sstevel@tonic-gate dirinit(dir, localmap, opts, 1, stack, stkptr);
8220Sstevel@tonic-gate
8230Sstevel@tonic-gate return (0);
8240Sstevel@tonic-gate }
8250Sstevel@tonic-gate
8260Sstevel@tonic-gate int
getmapkeys_ldap(char * nsmap,struct dir_entry ** list,int * error,int * cache_time,char ** stack,char *** stkptr)8270Sstevel@tonic-gate getmapkeys_ldap(char *nsmap, struct dir_entry **list, int *error,
8280Sstevel@tonic-gate int *cache_time, char **stack, char ***stkptr)
8290Sstevel@tonic-gate {
8300Sstevel@tonic-gate char searchfilter[LDAP_FILT_MAXSIZ];
8310Sstevel@tonic-gate int res;
8320Sstevel@tonic-gate ns_ldap_result_t *result = NULL;
8330Sstevel@tonic-gate ns_ldap_error_t *errp = NULL;
8340Sstevel@tonic-gate struct dir_cbdata readdir_cbdata;
8350Sstevel@tonic-gate
8360Sstevel@tonic-gate #ifdef lint
8370Sstevel@tonic-gate stack = stack;
8380Sstevel@tonic-gate stkptr = stkptr;
8390Sstevel@tonic-gate #endif /* lint */
8400Sstevel@tonic-gate
8410Sstevel@tonic-gate if (trace > 1)
8420Sstevel@tonic-gate trace_prt(1, "getmapkeys_ldap called\n");
8430Sstevel@tonic-gate
8440Sstevel@tonic-gate *cache_time = RDDIR_CACHE_TIME;
8450Sstevel@tonic-gate *error = 0;
8460Sstevel@tonic-gate readdir_cbdata.list = list;
8470Sstevel@tonic-gate readdir_cbdata.last = NULL;
8480Sstevel@tonic-gate
8490Sstevel@tonic-gate /* filter gets all the entries for the specified mapname */
8500Sstevel@tonic-gate (void) sprintf(searchfilter, defaultFilter, "*");
8510Sstevel@tonic-gate
8520Sstevel@tonic-gate if (trace > 1)
8530Sstevel@tonic-gate trace_prt(1, "getmapkeys_ldap: Requesting list for %s in %s\n",
8540Sstevel@tonic-gate searchfilter, nsmap);
8550Sstevel@tonic-gate
8560Sstevel@tonic-gate res = __ns_ldap_list(nsmap, searchfilter, NULL, NULL, NULL, 0,
857*11262SRajagopal.Andra@Sun.COM &result, &errp, readdir_callback, (void *) &readdir_cbdata);
8580Sstevel@tonic-gate
8590Sstevel@tonic-gate if (trace > 1)
8600Sstevel@tonic-gate trace_prt(1, " getmapkeys_ldap: __ns_ldap_list returned %d\n",
861*11262SRajagopal.Andra@Sun.COM res);
8620Sstevel@tonic-gate
8630Sstevel@tonic-gate if (readdir_cbdata.error)
8640Sstevel@tonic-gate *error = readdir_cbdata.error;
8650Sstevel@tonic-gate
8660Sstevel@tonic-gate if (res != NS_LDAP_SUCCESS && res != NS_LDAP_NOTFOUND) {
8670Sstevel@tonic-gate if (errp) {
8680Sstevel@tonic-gate if (verbose) {
8690Sstevel@tonic-gate char errstr[MAXERROR];
8700Sstevel@tonic-gate (void) sprintf(errstr, gettext(
871*11262SRajagopal.Andra@Sun.COM "ldap server can't list map,"
872*11262SRajagopal.Andra@Sun.COM " '%s': '%s' - '%d'."),
873*11262SRajagopal.Andra@Sun.COM nsmap, errp->message, errp->status);
8740Sstevel@tonic-gate syslog(LOG_ERR, errstr);
8750Sstevel@tonic-gate }
8760Sstevel@tonic-gate __ns_ldap_freeError(&errp);
8770Sstevel@tonic-gate } else {
8780Sstevel@tonic-gate if (verbose) {
8790Sstevel@tonic-gate char *errmsg;
8800Sstevel@tonic-gate __ns_ldap_err2str(res, &errmsg);
8810Sstevel@tonic-gate syslog(LOG_ERR, errmsg);
8820Sstevel@tonic-gate }
8830Sstevel@tonic-gate }
8840Sstevel@tonic-gate if (result)
8850Sstevel@tonic-gate __ns_ldap_freeResult(&result);
8860Sstevel@tonic-gate if (*error == 0)
8870Sstevel@tonic-gate *error = ECOMM;
8880Sstevel@tonic-gate return (ldap_err(res));
8890Sstevel@tonic-gate }
8900Sstevel@tonic-gate if (result)
8910Sstevel@tonic-gate __ns_ldap_freeResult(&result);
8920Sstevel@tonic-gate
8930Sstevel@tonic-gate return (__NSW_SUCCESS);
8940Sstevel@tonic-gate }
8950Sstevel@tonic-gate
8960Sstevel@tonic-gate static int
readdir_callback(const ns_ldap_entry_t * entry,const void * udata)8970Sstevel@tonic-gate readdir_callback(const ns_ldap_entry_t *entry, const void *udata)
8980Sstevel@tonic-gate {
8990Sstevel@tonic-gate char *key;
9000Sstevel@tonic-gate int key_len;
9010Sstevel@tonic-gate struct dir_cbdata *temp = (struct dir_cbdata *)udata;
9020Sstevel@tonic-gate struct dir_entry **list = temp->list;
9030Sstevel@tonic-gate struct dir_entry *last = temp->last;
9040Sstevel@tonic-gate int i;
9050Sstevel@tonic-gate
9060Sstevel@tonic-gate if (trace > 1)
9070Sstevel@tonic-gate trace_prt(1, "readdir_callback called\n");
9080Sstevel@tonic-gate /*
9090Sstevel@tonic-gate * For the current entry, obtain the value and length of the cn i.e. the
9100Sstevel@tonic-gate * contents of key and its key length.
9110Sstevel@tonic-gate */
9120Sstevel@tonic-gate key_len = 0;
9130Sstevel@tonic-gate key = NULL;
9140Sstevel@tonic-gate
9150Sstevel@tonic-gate if (trace > 1)
9160Sstevel@tonic-gate trace_prt(1, "readdir_callback: entry->attr_count=[ %d ]\n",
9170Sstevel@tonic-gate entry->attr_count);
9180Sstevel@tonic-gate
9190Sstevel@tonic-gate for (i = 0; i < entry->attr_count; i++) {
9200Sstevel@tonic-gate ns_ldap_attr_t *attr;
9210Sstevel@tonic-gate
9220Sstevel@tonic-gate attr = entry->attr_pair[i];
9230Sstevel@tonic-gate
9240Sstevel@tonic-gate if (trace > 1)
9250Sstevel@tonic-gate trace_prt(1,
9260Sstevel@tonic-gate "readdir_callback: attr->attrname=[ %s ]\n",
9270Sstevel@tonic-gate attr->attrname);
9280Sstevel@tonic-gate
9290Sstevel@tonic-gate if (strcasecmp(attr->attrname, automountKey) == 0) {
9300Sstevel@tonic-gate if (encode)
9310Sstevel@tonic-gate key = tounix_str(attr->attrvalue[0]);
9320Sstevel@tonic-gate else
9330Sstevel@tonic-gate key = attr->attrvalue[0];
9340Sstevel@tonic-gate key_len = strlen(key);
9350Sstevel@tonic-gate
9360Sstevel@tonic-gate if (trace > 1)
9370Sstevel@tonic-gate trace_prt(1,
9380Sstevel@tonic-gate "readdir_callback: key=[ %s ], key_len=[ %d ]\n",
9390Sstevel@tonic-gate key, key_len);
9400Sstevel@tonic-gate
9410Sstevel@tonic-gate break;
9420Sstevel@tonic-gate }
9430Sstevel@tonic-gate }
9440Sstevel@tonic-gate
9450Sstevel@tonic-gate if (key_len >= 100 || key_len < 2)
9460Sstevel@tonic-gate return (0);
9470Sstevel@tonic-gate
9480Sstevel@tonic-gate if (isspace(*key) || *key == '#')
9490Sstevel@tonic-gate return (0);
9500Sstevel@tonic-gate
9510Sstevel@tonic-gate /*
9520Sstevel@tonic-gate * Wildcard entry should be ignored - following entries should continue
9530Sstevel@tonic-gate * to be read to corroborate with the way we search for entries in
9540Sstevel@tonic-gate * LDAP, i.e., first for an exact key match and then a wildcard
9550Sstevel@tonic-gate * if there's no exact key match.
9560Sstevel@tonic-gate */
9570Sstevel@tonic-gate if (key[0] == '*' && key[1] == '\0')
9580Sstevel@tonic-gate return (0);
9590Sstevel@tonic-gate
9600Sstevel@tonic-gate if (add_dir_entry(key, list, &last)) {
9610Sstevel@tonic-gate temp->error = ENOMEM;
9620Sstevel@tonic-gate return (1);
9630Sstevel@tonic-gate }
9640Sstevel@tonic-gate
9650Sstevel@tonic-gate temp->last = last;
9660Sstevel@tonic-gate temp->error = 0;
9670Sstevel@tonic-gate
9680Sstevel@tonic-gate if (trace > 1)
9690Sstevel@tonic-gate trace_prt(1, "readdir_callback returning 0...\n");
9700Sstevel@tonic-gate
9710Sstevel@tonic-gate return (0);
9720Sstevel@tonic-gate }
9730Sstevel@tonic-gate
9740Sstevel@tonic-gate /*
9750Sstevel@tonic-gate * Puts CAPCHAR in front of uppercase characters or surrounds a set of
9760Sstevel@tonic-gate * contiguous uppercase characters with CAPCHARS and square brackets.
9770Sstevel@tonic-gate *
9780Sstevel@tonic-gate * For example (assuming CAPCHAR = '%'):
9790Sstevel@tonic-gate *
9800Sstevel@tonic-gate * if str = Abc, it returns %Abc
9810Sstevel@tonic-gate * if str = ABc, it returns %[AB]c
9820Sstevel@tonic-gate * if str = AbC, it returns %Ab%C
9830Sstevel@tonic-gate *
9840Sstevel@tonic-gate */
9850Sstevel@tonic-gate static char *
tosunds_str(char * str)9860Sstevel@tonic-gate tosunds_str(char *str)
9870Sstevel@tonic-gate {
9880Sstevel@tonic-gate static char buf[BUFSIZ];
9890Sstevel@tonic-gate int i, j, er = FALSE;
9900Sstevel@tonic-gate #ifdef NEWCAP
9910Sstevel@tonic-gate int openBracket = FALSE, closeBracket = FALSE;
9920Sstevel@tonic-gate #endif
9930Sstevel@tonic-gate
9940Sstevel@tonic-gate (void) memset(buf, 0, BUFSIZ);
9950Sstevel@tonic-gate
9960Sstevel@tonic-gate j = 0;
9970Sstevel@tonic-gate for (i = 0; i < strlen(str); i++) {
9980Sstevel@tonic-gate /* Check the current element */
9990Sstevel@tonic-gate if (isupper(str[i])) {
10000Sstevel@tonic-gate #ifdef NEWCAP
10010Sstevel@tonic-gate /* check the next element */
10020Sstevel@tonic-gate if (isupper(str[i+1])) {
10030Sstevel@tonic-gate if (openBracket == FALSE) {
10040Sstevel@tonic-gate openBracket = TRUE;
10050Sstevel@tonic-gate buf[j] = CAPCHAR;
10060Sstevel@tonic-gate buf[j+1] = '[';
10070Sstevel@tonic-gate j += 2;
10080Sstevel@tonic-gate }
10090Sstevel@tonic-gate } else {
10100Sstevel@tonic-gate if (openBracket == FALSE) {
10110Sstevel@tonic-gate buf[j] = CAPCHAR;
10120Sstevel@tonic-gate j++;
10130Sstevel@tonic-gate } else {
10140Sstevel@tonic-gate openBracket = FALSE;
10150Sstevel@tonic-gate closeBracket = TRUE;
10160Sstevel@tonic-gate }
10170Sstevel@tonic-gate }
10180Sstevel@tonic-gate #else
10190Sstevel@tonic-gate buf[j++] = CAPCHAR;
10200Sstevel@tonic-gate #endif
10210Sstevel@tonic-gate }
10220Sstevel@tonic-gate buf[j] = str[i];
10230Sstevel@tonic-gate j++;
10240Sstevel@tonic-gate
10250Sstevel@tonic-gate #ifdef NEWCAP
10260Sstevel@tonic-gate if (closeBracket == TRUE) {
10270Sstevel@tonic-gate closeBracket = FALSE;
10280Sstevel@tonic-gate buf[j] = ']';
10290Sstevel@tonic-gate j++;
10300Sstevel@tonic-gate }
10310Sstevel@tonic-gate #endif
10320Sstevel@tonic-gate if (j >= BUFSIZ) {
10330Sstevel@tonic-gate er = TRUE;
10340Sstevel@tonic-gate break;
10350Sstevel@tonic-gate }
10360Sstevel@tonic-gate }
10370Sstevel@tonic-gate
10380Sstevel@tonic-gate if (er) {
10390Sstevel@tonic-gate syslog(LOG_ERR, "Buffer size exceeded.");
10400Sstevel@tonic-gate (void) memset(buf, 0, BUFSIZ);
10410Sstevel@tonic-gate } else
10420Sstevel@tonic-gate buf[j] = '\0';
10430Sstevel@tonic-gate
10440Sstevel@tonic-gate return (buf);
10450Sstevel@tonic-gate
10460Sstevel@tonic-gate }
10470Sstevel@tonic-gate
10480Sstevel@tonic-gate /*
10490Sstevel@tonic-gate * Reverses what tosunds_str() did
10500Sstevel@tonic-gate */
10510Sstevel@tonic-gate static char *
tounix_str(char * str)10520Sstevel@tonic-gate tounix_str(char *str)
10530Sstevel@tonic-gate {
10540Sstevel@tonic-gate static char buf[BUFSIZ];
10550Sstevel@tonic-gate int i, j;
10560Sstevel@tonic-gate int openBracket = FALSE;
10570Sstevel@tonic-gate
10580Sstevel@tonic-gate (void) memset(buf, 0, BUFSIZ);
10590Sstevel@tonic-gate j = 0;
10600Sstevel@tonic-gate
10610Sstevel@tonic-gate for (i = 0; i < strlen(str); i++) {
10620Sstevel@tonic-gate if (str[i] == '%') {
10630Sstevel@tonic-gate if (isupper(str[i+1])) {
10640Sstevel@tonic-gate i += 1;
10650Sstevel@tonic-gate } else if ((str[i+1] == '[') && (isupper(str[i+2]))) {
10660Sstevel@tonic-gate i += 2;
10670Sstevel@tonic-gate openBracket = TRUE;
10680Sstevel@tonic-gate }
10690Sstevel@tonic-gate } else if (str[i] == ']') {
10700Sstevel@tonic-gate if ((isupper(str[i-1])) && (openBracket == TRUE))
10710Sstevel@tonic-gate i += 1;
10720Sstevel@tonic-gate openBracket = FALSE;
10730Sstevel@tonic-gate }
10740Sstevel@tonic-gate buf[j] = str[i];
10750Sstevel@tonic-gate j++;
10760Sstevel@tonic-gate }
10770Sstevel@tonic-gate return (buf);
10780Sstevel@tonic-gate }
1079