From 6277c3923e7d9c26753424b1e77ac62f8e0729a4 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Sat, 18 Jun 2005 09:01:09 +0000 Subject: [PATCH] r7714: enable samba credentials handling in ldb tools. So you can now do a encrypted ldbedit against w2k3 --- source/lib/ldb/ldb_ildap/ldb_ildap.c | 14 ++++++++++++++ source/lib/ldb/tools/cmdline.c | 21 +++++++++++++++++++++ source/lib/ldb/tools/cmdline.h | 1 + source/lib/ldb/tools/ldbadd.c | 10 +--------- source/lib/ldb/tools/ldbdel.c | 8 -------- source/lib/ldb/tools/ldbedit.c | 8 -------- source/lib/ldb/tools/ldbmodify.c | 8 -------- source/lib/ldb/tools/ldbrename.c | 8 -------- source/lib/ldb/tools/ldbsearch.c | 10 +--------- source/lib/ldb/tools/ldbtest.c | 8 -------- 10 files changed, 38 insertions(+), 58 deletions(-) diff --git a/source/lib/ldb/ldb_ildap/ldb_ildap.c b/source/lib/ldb/ldb_ildap/ldb_ildap.c index aa0efee4810..9cccec03136 100644 --- a/source/lib/ldb/ldb_ildap/ldb_ildap.c +++ b/source/lib/ldb/ldb_ildap/ldb_ildap.c @@ -34,6 +34,7 @@ #include "ldb/include/ldb_private.h" #include "libcli/ldap/ldap.h" #include "libcli/ldap/ldap_client.h" +#include "lib/cmdline/popt_common.h" struct ildb_private { const char *basedn; @@ -110,6 +111,10 @@ static int ildb_search(struct ldb_module *module, const char *base, int count, i; struct ldap_message **ldapres, *msg; + if (scope == LDB_SCOPE_DEFAULT) { + scope = LDB_SCOPE_SUBTREE; + } + if (base == NULL) { base = ""; } @@ -384,6 +389,15 @@ int ildb_connect(struct ldb_context *ldb, const char *url, ldb->modules->private_data = ildb; ldb->modules->ops = &ildb_ops; + if (cmdline_credentials->username_obtained > CRED_GUESSED) { + status = ldap_bind_sasl(ildb->ldap, cmdline_credentials); + if (!NT_STATUS_IS_OK(status)) { + ldb_debug(ldb, LDB_DEBUG_ERROR, "Failed to bind - %s\n", + ldap_errstr(ildb->ldap, status)); + goto failed; + } + } + return 0; failed: diff --git a/source/lib/ldb/tools/cmdline.c b/source/lib/ldb/tools/cmdline.c index a7bfac8bb42..1f4a7544a5e 100644 --- a/source/lib/ldb/tools/cmdline.c +++ b/source/lib/ldb/tools/cmdline.c @@ -26,6 +26,9 @@ #include "ldb/include/ldb.h" #include "ldb/include/ldb_private.h" #include "ldb/tools/cmdline.h" +#ifdef _SAMBA_BUILD_ +#include "lib/cmdline/popt_common.h" +#endif /* process command line options @@ -50,10 +53,20 @@ struct ldb_cmdline *ldb_cmdline_process(struct ldb_context *ldb, int argc, const { "num-records", 0, POPT_ARG_INT, &options.num_records, 0, "number of test records", NULL }, { "all", 'a', POPT_ARG_NONE, &options.all_records, 0, "dn=*", NULL }, { "sorted", 'S', POPT_ARG_NONE, &options.sorted, 0, "sort attributes", NULL }, + { "sasl-mechanism", 0, POPT_ARG_STRING, &options.sasl_mechanism, 0, "choose SASL mechanism", "MECHANISM" }, { NULL, 'o', POPT_ARG_STRING, NULL, 'o', "ldb_connect option", "OPTION" }, +#ifdef _SAMBA_BUILD_ + POPT_COMMON_SAMBA + POPT_COMMON_CREDENTIALS + POPT_COMMON_VERSION +#endif POPT_TABLEEND }; +#ifdef _SAMBA_BUILD_ + ldbsearch_init_subsystems; +#endif + ret = talloc_zero(ldb, struct ldb_cmdline); if (ret == NULL) { ldb_oom(ldb); @@ -74,6 +87,8 @@ struct ldb_cmdline *ldb_cmdline_process(struct ldb_context *ldb, int argc, const options.editor = "vi"; } + options.scope = LDB_SCOPE_DEFAULT; + pc = poptGetContext(argv[0], argc, argv, popt_options, POPT_CONTEXT_KEEP_FIRST); @@ -133,6 +148,12 @@ struct ldb_cmdline *ldb_cmdline_process(struct ldb_context *ldb, int argc, const goto failed; } + if (ldb_connect(ldb, ret->url, 0, ret->options) != 0) { + fprintf(stderr, "Failed to connect to %s - %s\n", + ret->url, ldb_errstring(ldb)); + goto failed; + } + return ret; failed: diff --git a/source/lib/ldb/tools/cmdline.h b/source/lib/ldb/tools/cmdline.h index f3eae26cce9..8e479c5538c 100644 --- a/source/lib/ldb/tools/cmdline.h +++ b/source/lib/ldb/tools/cmdline.h @@ -39,6 +39,7 @@ struct ldb_cmdline { const char **argv; int num_records; int num_searches; + const char *sasl_mechanism; }; struct ldb_cmdline *ldb_cmdline_process(struct ldb_context *ldb, int argc, const char **argv, diff --git a/source/lib/ldb/tools/ldbadd.c b/source/lib/ldb/tools/ldbadd.c index 35a41527bef..7794b9de392 100644 --- a/source/lib/ldb/tools/ldbadd.c +++ b/source/lib/ldb/tools/ldbadd.c @@ -90,21 +90,13 @@ static int process_file(struct ldb_context *ldb, FILE *f) int main(int argc, const char **argv) { struct ldb_context *ldb; - int i, ret, count=0; + int i, count=0; struct ldb_cmdline *options; ldb = ldb_init(NULL); options = ldb_cmdline_process(ldb, argc, argv, usage); - ret = ldb_connect(ldb, options->url, 0, options->options); - if (ret != 0) { - fprintf(stderr, "Failed to connect to %s - %s\n", - options->url, ldb_errstring(ldb)); - talloc_free(ldb); - exit(1); - } - if (options->argc == 0) { count += process_file(ldb, stdin); } else { diff --git a/source/lib/ldb/tools/ldbdel.c b/source/lib/ldb/tools/ldbdel.c index fcf1d26d539..fdb1f7ef3b2 100644 --- a/source/lib/ldb/tools/ldbdel.c +++ b/source/lib/ldb/tools/ldbdel.c @@ -93,14 +93,6 @@ static void usage(void) exit(1); } - ret = ldb_connect(ldb, options->url, 0, options->options); - if (ret != 0) { - fprintf(stderr, "Failed to connect to %s - %s\n", - options->url, ldb_errstring(ldb)); - talloc_free(ldb); - exit(1); - } - for (i=0;iargc;i++) { const char *dn = options->argv[i]; if (options->recursive) { diff --git a/source/lib/ldb/tools/ldbedit.c b/source/lib/ldb/tools/ldbedit.c index 6c599ee2ec2..73fb77dfd1c 100644 --- a/source/lib/ldb/tools/ldbedit.c +++ b/source/lib/ldb/tools/ldbedit.c @@ -303,14 +303,6 @@ static void usage(void) attrs = (const char * const *)options->argv; } - ret = ldb_connect(ldb, options->url, LDB_FLG_RDONLY, options->options); - if (ret != 0) { - fprintf(stderr, "Failed to connect to %s - %s\n", - options->url, ldb_errstring(ldb)); - talloc_free(ldb); - exit(1); - } - ret = ldb_search(ldb, options->basedn, options->scope, expression, attrs, &msgs); if (ret == -1) { printf("search failed - %s\n", ldb_errstring(ldb)); diff --git a/source/lib/ldb/tools/ldbmodify.c b/source/lib/ldb/tools/ldbmodify.c index c54c573ab0e..39725b195d7 100644 --- a/source/lib/ldb/tools/ldbmodify.c +++ b/source/lib/ldb/tools/ldbmodify.c @@ -100,14 +100,6 @@ static int process_file(struct ldb_context *ldb, FILE *f) options = ldb_cmdline_process(ldb, argc, argv, usage); - ret = ldb_connect(ldb, options->url, 0, options->options); - if (ret != 0) { - fprintf(stderr, "Failed to connect to %s - %s\n", - options->url, ldb_errstring(ldb)); - talloc_free(ldb); - exit(1); - } - if (options->argc == 0) { usage(); exit(1); diff --git a/source/lib/ldb/tools/ldbrename.c b/source/lib/ldb/tools/ldbrename.c index 5566c3d7d7f..c74516869ee 100644 --- a/source/lib/ldb/tools/ldbrename.c +++ b/source/lib/ldb/tools/ldbrename.c @@ -67,14 +67,6 @@ static void usage(void) options = ldb_cmdline_process(ldb, argc, argv, usage); - ret = ldb_connect(ldb, options->url, 0, options->options); - if (ret != 0) { - fprintf(stderr, "Failed to connect to %s - %s\n", - options->url, ldb_errstring(ldb)); - talloc_free(ldb); - exit(1); - } - if (options->argc < 2) { usage(); } diff --git a/source/lib/ldb/tools/ldbsearch.c b/source/lib/ldb/tools/ldbsearch.c index 04f83ca3668..0e81da5de34 100644 --- a/source/lib/ldb/tools/ldbsearch.c +++ b/source/lib/ldb/tools/ldbsearch.c @@ -119,7 +119,7 @@ static int do_search(struct ldb_context *ldb, struct ldb_context *ldb; const char * const * attrs = NULL; struct ldb_cmdline *options; - int ret; + int ret = -1; ldb = ldb_init(NULL); @@ -134,14 +134,6 @@ static int do_search(struct ldb_context *ldb, attrs = (const char * const *)(options->argv+1); } - ret = ldb_connect(ldb, options->url, LDB_FLG_RDONLY, options->options); - if (ret != 0) { - fprintf(stderr, "Failed to connect to %s - %s\n", - options->url, ldb_errstring(ldb)); - talloc_free(ldb); - exit(1); - } - if (options->interactive) { char line[1024]; while (fgets(line, sizeof(line), stdin)) { diff --git a/source/lib/ldb/tools/ldbtest.c b/source/lib/ldb/tools/ldbtest.c index a7c9a3123ac..28ac7545a4e 100644 --- a/source/lib/ldb/tools/ldbtest.c +++ b/source/lib/ldb/tools/ldbtest.c @@ -365,14 +365,6 @@ static void usage(void) options->basedn = "ou=Ldb Test,ou=People,o=University of Michigan,c=US"; } - ret = ldb_connect(ldb, options->url, 0, options->options); - if (ret != 0) { - fprintf(stderr, "Failed to connect to %s - %s\n", - options->url, ldb_errstring(ldb)); - talloc_free(ldb); - exit(1); - } - srandom(1); start_test(ldb, options->num_records, options->num_searches);