Mirrors/ldap2dns
1
0
Fork 0
mirror of https://github.com/bklang/ldap2dns.git synced 2025-10-27 06:14:15 -04:00
Code Issues Packages Projects Releases Wiki Activity

* Replaced deprecated ldap_bind_s function call

Browse Source 
* Improved sanity checking (won't seg if -o isn't passed now)
* Added version number to data output


git-svn-id: https://svn.alkaloid.net/gpl/ldap2dns/trunk@318 06cd67b6-e706-0410-b29e-9de616bca6e9
This commit is contained in:
Ben Klang
2006-06-03 20:40:15 +00:00
parent 221e666036
commit 610105004f
1 changed files with 66 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

90
ldap2dns.c
View File

@@ -109,6 +109,7 @@ static struct
unsigned short port[MAXHOSTS];
char password[128];
int usedhosts;
int useduris;
int is_daemon;
unsigned int update_iv;
unsigned int output;
@@ -167,7 +168,7 @@ static void print_usage(void)
printf(" -o db\t\tGenerate a BIND compatible zone files\n");
printf(" -L [filename]\tPrint output in LDIF format for reimport\n");
printf(" -h host\tHostname of LDAP server, defaults to localhost\n");
printf(" -p port\tPortnumber to connect to LDAP server, defaults to %d\n", LDAP_PORT);
printf(" -p port\tPort number to connect to LDAP server, defaults to %d\n", LDAP_PORT);
printf(" -H hostURI\tURI (ldap://hostname or ldaps://hostname of LDAP server\n");
printf(" -u numsecs\tUpdate DNS data after numsecs. Defaults to %d. Daemon mode only\n\t\t", UPDATE_INTERVAL);
printf("\n");
@@ -185,6 +186,7 @@ static void parse_hosts(char* buf)
char value[128], rest[512];
options.usedhosts = 0;
options.useduris = 0;
for (i = 0; i<MAXHOSTS; i++) {
if (!strncasecmp(buf, "ldaps://", 8) || !strncasecmp(buf, "ldap://", 7)) {
// LDAP-URI is given/found, at the moment only the standard-ports 389 and 636 are supported
@@ -194,7 +196,7 @@ static void parse_hosts(char* buf)
strncpy(options.urildap[i], value, sizeof(options.urildap[i]));
options.urildap[i][ sizeof(options.urildap[i]) -1 ] = '\0';
options.usedhosts++;
options.useduris++;
if (k==1)
break;
buf = rest;
@@ -315,7 +317,7 @@ static int parse_options()
case 'H':
strncpy(options.urildap[0], optarg, sizeof(options.urildap[0]));
options.urildap[0][ sizeof( options.urildap[0] ) -1 ] = '\0';
options.usedhosts = 1;
options.useduris = 1;
break;
case 'L':
if (optarg==NULL)
@@ -326,10 +328,11 @@ static int parse_options()
}
break;
case 'o':
options.output = 0;
if (strcmp(optarg, "data")==0)
options.output |= OUTPUT_DATA;
options.output = OUTPUT_DATA;
else if (strcmp(optarg, "db")==0)
options.output |= OUTPUT_DB;
options.output = OUTPUT_DB;
break;
case 'p':
if (sscanf(optarg, "%hd", &options.port[0])!=1)
@@ -722,7 +725,7 @@ static void write_zone(void)
zone.domainname, zone.class, zone.domainname);
}
if (namedzone) {
fprintf(namedzone, "; Automatically generated by ldap2dns - DO NOT EDIT!\n");
fprintf(namedzone, "; Automatically generated by ldap2dns v%s - DO NOT EDIT!\n", VERSION);
if (zone.ttl[0])
fprintf(namedzone, "$TTL %s\n", zone.ttl);
else
@@ -776,9 +779,9 @@ static void read_dnszones(void)
int ldaperr;
if (tinyfile)
fprintf(tinyfile, "# Automatically generated by ldap2dns - DO NOT EDIT!\n");
fprintf(tinyfile, "# Automatically generated by ldap2dns v%s - DO NOT EDIT!\n", VERSION);
if (namedmaster)
fprintf(namedmaster, "# Automatically generated by ldap2dns - DO NOT EDIT!\n");
fprintf(namedmaster, "# Automatically generated by ldap2dns v%s - DO NOT EDIT!\n", VERSION);
if ( (ldaperr = ldap_search_s(ldap_con, options.searchbase[0] ? options.searchbase : NULL, LDAP_SCOPE_SUBTREE, "objectclass=DNSzone", NULL, 0, &res))!=LDAP_SUCCESS )
die_ldap(ldaperr);
for (m = ldap_first_entry(ldap_con, res); m; m = ldap_next_entry(ldap_con, m)) {
@@ -918,7 +921,7 @@ static void read_loccodes(void)
int ldaperr;
if (tinyfile)
fprintf(tinyfile, "# Location Codes (if any) - generated by ldap2dns - DO NOT EDIT!\n");
fprintf(tinyfile, "# Location Codes (if any) - generated by ldap2dns v%s - DO NOT EDIT!\n", VERSION);
if ( (ldaperr = ldap_search_s(ldap_con, options.searchbase[0] ? options.searchbase : NULL,
LDAP_SCOPE_SUBTREE,
@@ -989,50 +992,73 @@ static void read_loccodes(void)
static int do_connect()
{
int i, version, res;
if (options.usedhosts < 1) {
struct berval* creds = malloc(sizeof(struct berval));
struct berval* msgid = malloc(sizeof(struct berval));
if (options.useduris < 1) {
fprintf(stderr, "\n[!!] Must define at least one LDAP host with which to connect.\n\n");
print_usage();
exit(1);
}
for (i = 0; i<options.usedhosts; i++) {
for (i = 0; i<options.useduris; i++) {
if ( strlen(options.urildap[i]) > 0) {
res = ldap_initialize(&ldap_con, options.urildap[i]);
if (options.verbose&1 && res == LDAP_SUCCESS) {
printf("ldap_initialization successful (%s)\n", options.urildap[i]);
} else if ( res != LDAP_SUCCESS ) {
printf("ldap_initialization to %s failed %d\n", options.urildap[i], ldap_err2string(res));
fprintf(stderr, "ldap_initialization to %s failed %d\n", options.urildap[i], ldap_err2string(res));
ldap_con = NULL;
return res;
}
version = LDAP_VERSION3;
if ( (res = ldap_set_option(ldap_con, LDAP_OPT_PROTOCOL_VERSION, &version)) != LDAP_SUCCESS ) {
printf("ldap_set_option to %s failed with err %s!\n", options.urildap[i], ldap_err2string(res));
fprintf(stderr, "ldap_set_option to %s failed with err %s!\n", options.urildap[i], ldap_err2string(res));
ldap_con = NULL;
return res;
}
if ( options.use_tls[i] && (res = ldap_start_tls_s( ldap_con, NULL, NULL )) != LDAP_SUCCESS ) {
printf("ldap_start_tls_s to %s failed with err %s!\n", options.urildap[i], ldap_err2string(res));
fprintf(stderr, "ldap_start_tls_s to %s failed with err %s!\n", options.urildap[i], ldap_err2string(res));
ldap_con = NULL;
return res;
}
} else {
ldap_con = ldap_init(options.hostname[i], options.port[i]);
res = ldap_simple_bind_s(ldap_con, options.binddn, options.password);
if (res == LDAP_SUCCESS) {
if (options.verbose&1 && strlen(options.urildap[i]) > 0) {
printf("Connected to %s as \"%s\"\n", options.urildap[i], options.binddn);
} else if (options.verbose&1) {
printf("Connected to %s:%d as \"%s\"\n", options.hostname[i], options.port[i], options.binddn);
// Yes, you really do use ldap_sasl_bind_s() when doing a simple
// bind. This is apparently the "new" way, if not entirely obvious
if (strlen(options.binddn)) {
if (strlen(options.password)) {
creds->bv_len = strlen(options.password);
creds->bv_val = options.password;
}
// FIXME: Allow *real* SASL binds
if ((res = ldap_sasl_bind_s(ldap_con, options.binddn, NULL, creds, NULL, NULL, &msgid)) != LDAP_SUCCESS) {
fprintf(stderr, "LDAP bind problem:\n\t%s\n", ldap_err2string(res));
fprintf(stderr, "Attempting to continue with anonymous credentials.");
res = LDAP_SUCCESS;
}
return res;
}
}
}
ldap_con = NULL;
return res;
}
void hosts2uri(void)
{
int i, t;
// Convert any old host:port sets into URIs. This allows us
// to use the more modern ldap_initialize() instead of the
// deprecated ldap_init()
for (i = 0; i<options.usedhosts; i++) {
if ( strlen(options.hostname[i]) > 0) {
t = options.useduris++;
snprintf(options.urildap[t],
sizeof(options.urildap[t]),
"ldap://%s:%d",
options.hostname[i],
options.port[i] ? options.port[i] : LDAP_PORT);
}
}
}
int main(int argc, char** argv)
{
@@ -1045,6 +1071,19 @@ int main(int argc, char** argv)
main_argv = argv;
parse_options();
if (!options.output) {
fprintf(stderr, "[!!]\tMust select an output type (\"db\" or \"data\")\n");
print_usage();
exit(1);
}
if (!strlen(options.searchbase)) {
fprintf(stderr, "[!!]\tMust provide the base DN for the search.\n");
print_usage();
exit(1);
}
/* Initialization complete. If we're in daemon mode, fork and continue */
if (options.is_daemon) {
if (options.is_daemon==1 && fork()) {
@@ -1060,6 +1099,9 @@ int main(int argc, char** argv)
set_datadir();
for (;;) {
int ldaperr = -1;
hosts2uri();
res = do_connect();
if (res != LDAP_SUCCESS || ldap_con == NULL) {
fprintf(stderr, "Warning - Problem while connecting to LDAP server:\n\t%s\n", ldap_err2string(res));