4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
22 * Copyright 2015 Gary Mills
23 * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
24 * Use is subject to license terms.
42 #include "ldap_parse.h"
43 #include "ldap_glob.h"
44 #include "nis_parse_ldap_conf.h"
46 __nis_ldap_proxy_info proxyInfo
=
47 {NULL
, (auth_method_t
)NO_VALUE_SET
, (tls_method_t
)NO_VALUE_SET
, NULL
,
48 NULL
, NULL
, NULL
, NULL
, (follow_referral_t
)NO_VALUE_SET
};
49 __nis_config_t ldapConfig
;
50 __nisdb_table_mapping_t ldapDBTableMapping
;
51 __nis_table_mapping_t
*ldapTableMapping
= NULL
;
52 __yp_domain_context_t ypDomains
;
54 parse_error p_error
= no_parse_error
;
56 int start_line_num
= 0;
58 const char *warn_file
= NULL
;
61 const char *command_line_source
= NULL
;
62 const char *file_source
= NULL
;
63 const char *ldap_source
= NULL
;
66 const char *const *cmdline_config
= NULL
;
67 static bool_t got_config_data
= FALSE
;
69 /* high level parsing functions functions */
70 static int parse_ldap_cmd_line(const char *const *cmdline_options
,
71 __nis_ldap_proxy_info
*proxy_info
, __nis_config_t
*nis_config
,
72 __nis_table_mapping_t
**table_mapping
, __nis_config_info_t
*config_info
,
73 __nisdb_table_mapping_t
*table_info
);
74 static int parse_ldap_default_conf(__nis_ldap_proxy_info
*proxy_info
,
75 __nis_config_t
*nis_config
, __nis_config_info_t
*config_info
,
76 __nisdb_table_mapping_t
*table_info
);
77 static int parse_ldap_config_file(const char *config_file
,
78 __nis_ldap_proxy_info
*proxy_info
, __nis_config_t
*nis_config
,
79 __nis_table_mapping_t
**table_mapping
, __nis_config_info_t
*config_info
,
80 __nisdb_table_mapping_t
*table_info
);
81 static int parse_ldap_config_dn_attrs(__nis_ldap_proxy_info
*proxy_info
,
82 __nis_config_t
*nis_config
, __nis_table_mapping_t
**table_mapping
,
83 __nis_config_info_t
*config_info
, __nisdb_table_mapping_t
*table_info
);
84 static int yp_parse_ldap_default_conf(__nis_ldap_proxy_info
*proxy_info
,
85 __nis_config_t
*nis_config
, __nis_config_info_t
*config_info
,
86 __nisdb_table_mapping_t
*table_info
);
88 /* Forward declarations */
89 int yp_parse_ldap_config_file(const char *, __nis_ldap_proxy_info
*,
90 __nis_config_t
*, __nis_table_mapping_t
**, __nis_config_info_t
*,
91 __nisdb_table_mapping_t
*, __yp_domain_context_t
*);
94 /* helper functions */
95 static config_key
get_attrib_num_cmdline(const char *s
,
96 const char **begin_s
, const char **end_s
);
97 static config_key
get_file_attr_val(int fd
, char **attr_val
);
98 static void get_attribute_list(
99 const __nis_ldap_proxy_info
*proxy_info
,
100 const __nis_config_t
*nis_config
,
101 const __nis_config_info_t
*config_info
,
102 const __nisdb_table_mapping_t
*table_info
,
103 char **ldap_config_attributes
);
106 * FUNCTION: parse_ldap_migration
108 * Parses the information for LDAP. The values are first
109 * obtained from the command line, secondly from the preference
110 * file, and finally from an LDAP profile (if so configured in
111 * the command line or preference file). Any unset values will
112 * be set to their default values.
114 * If no command line options, no settings in the /etc/default
115 * configuration file, and no mapping file, then no mapping
120 * -1 Config file stat/open or parse error
121 * 1 No mapping should be used.
123 * INPUT: command line parameters, configuration file
127 parse_ldap_migration(
128 const char *const *cmdline_options
,
129 const char *config_file
)
132 __nis_config_info_t config_info
133 = {NULL
, NULL
, (auth_method_t
)NO_VALUE_SET
,
134 (tls_method_t
)NO_VALUE_SET
, NULL
,
138 p_error
= no_parse_error
;
141 report_info("Getting LDAP configuration", NULL
);
143 initialize_parse_structs(&proxyInfo
, &ldapConfig
, &ldapDBTableMapping
);
146 initialize_yp_parse_structs(&ypDomains
);
148 if (cmdline_options
!= NULL
) {
149 got_config_data
= TRUE
;
150 /* NIS to LDAP does not read command line attributes */
152 rc
= parse_ldap_cmd_line(cmdline_options
, &proxyInfo
,
153 &ldapConfig
, &ldapTableMapping
, &config_info
,
154 &ldapDBTableMapping
);
161 rc
= yp_parse_ldap_default_conf(&proxyInfo
, &ldapConfig
,
162 &config_info
, &ldapDBTableMapping
);
164 rc
= parse_ldap_default_conf(&proxyInfo
, &ldapConfig
,
165 &config_info
, &ldapDBTableMapping
);
168 if (config_file
== NULL
) {
170 if (stat(YP_DEFAULT_MAPPING_FILE
, &buf
) == 0)
171 config_file
= YP_DEFAULT_MAPPING_FILE
;
173 if (stat(DEFAULT_MAPPING_FILE
, &buf
) == 0)
174 config_file
= DEFAULT_MAPPING_FILE
;
178 if (rc
== 0 && config_file
!= NULL
) {
179 got_config_data
= TRUE
;
180 warn_file
= config_file
;
181 cmdline_config
= cmdline_options
;
183 rc
= yp_parse_ldap_config_file(config_file
, &proxyInfo
,
184 &ldapConfig
, &ldapTableMapping
, &config_info
,
185 &ldapDBTableMapping
, &ypDomains
);
187 rc
= parse_ldap_config_file(config_file
, &proxyInfo
,
188 &ldapConfig
, &ldapTableMapping
, &config_info
,
189 &ldapDBTableMapping
);
192 cmdline_config
= NULL
;
194 if (rc
== 0 && (config_info
.config_dn
!= NULL
) &&
195 (config_info
.config_dn
[0] != '\0')) {
196 rc
= parse_ldap_config_dn_attrs(&proxyInfo
,
197 &ldapConfig
, &ldapTableMapping
, &config_info
,
198 &ldapDBTableMapping
);
201 free_config_info(&config_info
);
203 if (rc
== 0 && got_config_data
== FALSE
)
206 set_default_values(&proxyInfo
, &ldapConfig
, &ldapDBTableMapping
);
208 if (yp2ldap
== 1 && rc
== 0) {
209 rc
= second_parser_pass(&ldapTableMapping
);
211 rc
= final_parser_pass(&ldapTableMapping
, &ypDomains
);
217 rc
= finish_parse(&proxyInfo
, &ldapTableMapping
);
220 rc
= linked2hash(ldapTableMapping
);
222 if ((rc
== 0) && yptol_mode
)
223 rc
= map_id_list_init();
226 free_parse_structs();
228 report_info("LDAP configuration complete", NULL
);
233 * FUNCTION: parse_ldap_cmd_line
235 * Parses the information for LDAP from the command line
237 * RETURN VALUE: 0 on success, -1 on failure
239 * INPUT: command line values
244 const char *const *cmdline_options
,
245 __nis_ldap_proxy_info
*proxy_info
,
246 __nis_config_t
*nis_config
,
247 __nis_table_mapping_t
**table_mapping
,
248 __nis_config_info_t
*config_info
,
249 __nisdb_table_mapping_t
*table_info
)
252 config_key attrib_num
;
257 report_info("Command line values: ", NULL
);
258 while (*cmdline_options
!= NULL
) {
260 report_info("\t", *cmdline_options
);
262 attrib_num
= get_attrib_num_cmdline(
263 *cmdline_options
, &begin_s
, &end_s
);
264 if (attrib_num
== key_bad
) {
265 command_line_source
= "command line";
266 report_error(*cmdline_options
, NULL
);
267 command_line_source
= NULL
;
270 } else if (IS_CONFIG_KEYWORD(attrib_num
)) {
271 rc
= add_config_attribute(attrib_num
,
272 begin_s
, end_s
- begin_s
, config_info
);
273 } else if (IS_BIND_INFO(attrib_num
)) {
274 rc
= add_bind_attribute(attrib_num
,
275 begin_s
, end_s
- begin_s
, proxy_info
);
276 } else if (IS_OPER_INFO(attrib_num
)) {
277 rc
= add_operation_attribute(attrib_num
,
278 begin_s
, end_s
- begin_s
, nis_config
,
281 rc
= add_mapping_attribute(attrib_num
,
282 begin_s
, end_s
- begin_s
, table_mapping
);
286 command_line_source
= "command line";
287 report_error(begin_s
, _key_val
);
288 command_line_source
= NULL
;
297 parse_ldap_default_conf(
298 __nis_ldap_proxy_info
*proxy_info
,
299 __nis_config_t
*nis_config
,
300 __nis_config_info_t
*config_info
,
301 __nisdb_table_mapping_t
*table_info
)
304 char *ldap_config_attributes
[n_config_keys
];
309 config_key attrib_num
;
315 if ((defp
= defopen_r(ETCCONFFILE
)) != NULL
) {
316 file_source
= ETCCONFFILE
;
318 report_info("default configuration values: ", NULL
);
319 /* Set defread_r() to be case insensitive */
320 defflags
= defcntl_r(DC_GETFLAGS
, 0, defp
);
321 TURNOFF(defflags
, DC_CASE
);
322 (void) defcntl_r(DC_SETFLAGS
, defflags
, defp
);
324 get_attribute_list(proxy_info
, nis_config
, config_info
,
325 table_info
, ldap_config_attributes
);
327 while ((attr
= ldap_config_attributes
[i
++]) != NULL
) {
328 (void) strlcpy(attr_buf
, attr
, sizeof (attr_buf
));
330 * if nisplusUpdateBatching, make sure
331 * we don't match nisplusUpdateBatchingTimeout
333 if (strcmp(attr
, UPDATE_BATCHING
) == 0) {
334 attr_len
= strlen(attr
);
335 attr_buf
[attr_len
] = '=';
336 attr_buf
[attr_len
+ 1] = '\0';
337 attr_val
= defread_r(attr_buf
, defp
);
340 attr_buf
[attr_len
] = ' ';
341 attr_val
= defread_r(attr_buf
, defp
);
344 attr_buf
[attr_len
] = '\t';
345 attr_val
= defread_r(attr_buf
, defp
);
348 attr_buf
[attr_len
] = '\n';
349 attr_val
= defread_r(attr_buf
, defp
);
352 attr_val
= defread_r(attr_buf
, defp
);
354 if (attr_val
== NULL
)
357 got_config_data
= TRUE
;
358 attrib_num
= get_attrib_num(attr
, strlen(attr
));
359 if (attrib_num
== key_bad
) {
360 report_error(attr
, NULL
);
366 * Allow either entries of the form
371 while (is_whitespace(*attr_val
))
373 if (*attr_val
== '=')
375 while (is_whitespace(*attr_val
))
377 len
= strlen(attr_val
);
378 while (len
> 0 && is_whitespace(attr_val
[len
- 1]))
382 report_info("\t", attr
);
383 report_info("\t\t", attr_val
);
385 if (IS_BIND_INFO(attrib_num
)) {
386 rc
= add_bind_attribute(attrib_num
,
387 attr_val
, len
, proxy_info
);
388 } else if (IS_OPER_INFO(attrib_num
)) {
389 rc
= add_operation_attribute(attrib_num
,
390 attr_val
, len
, nis_config
,
393 if (p_error
!= no_parse_error
) {
394 report_error(attr_val
, attr
);
400 /* Close the /etc/default file */
407 yp_parse_ldap_default_conf(
408 __nis_ldap_proxy_info
*proxy_info
,
409 __nis_config_t
*nis_config
,
410 __nis_config_info_t
*config_info
,
411 __nisdb_table_mapping_t
*table_info
)
414 char *ldap_config_attributes
[n_config_keys
];
419 config_key attrib_num
;
423 if ((defp
= defopen_r(YP_ETCCONFFILE
)) != NULL
) {
424 file_source
= YP_ETCCONFFILE
;
426 report_info("default configuration values: ", NULL
);
427 /* Set defread_r() to be case insensitive */
428 defflags
= defcntl_r(DC_GETFLAGS
, 0, defp
);
429 TURNOFF(defflags
, DC_CASE
);
430 (void) defcntl_r(DC_SETFLAGS
, defflags
, defp
);
432 get_attribute_list(proxy_info
, nis_config
, config_info
,
433 table_info
, ldap_config_attributes
);
435 while ((attr
= ldap_config_attributes
[i
++]) != NULL
) {
436 if ((strlcpy(attr_buf
, attr
, sizeof (attr_buf
))) >=
439 "Static buffer attr_buf overflow", NULL
);
444 if ((attr_val
= defread_r(attr_buf
, defp
)) == NULL
)
447 got_config_data
= TRUE
;
448 attrib_num
= get_attrib_num(attr
, strlen(attr
));
449 if (attrib_num
== key_bad
) {
450 report_error(attr
, NULL
);
456 * Allow either entries of the form
461 while (is_whitespace(*attr_val
))
463 if (*attr_val
== '=')
465 while (is_whitespace(*attr_val
))
467 len
= strlen(attr_val
);
468 while (len
> 0 && is_whitespace(attr_val
[len
- 1]))
472 report_info("\t", attr
);
473 report_info("\t\t", attr_val
);
475 if (IS_YP_BIND_INFO(attrib_num
)) {
476 rc
= add_bind_attribute(attrib_num
,
477 attr_val
, len
, proxy_info
);
478 } else if (IS_YP_OPER_INFO(attrib_num
)) {
479 rc
= add_operation_attribute(attrib_num
,
480 attr_val
, len
, nis_config
,
483 if (p_error
!= no_parse_error
) {
484 report_error(attr_val
, attr
);
490 /* Close the /etc/default file */
497 * FUNCTION: get_attrib_num_cmdline
499 * Parses the information for LDAP from the command line
500 * The form of the command line request is
503 * RETURN VALUE: 0 on success, -1 on failure
505 * INPUT: command line values
509 get_attrib_num_cmdline(
511 const char **begin_s
,
514 const char *s_end
= s
+ strlen(s
);
517 config_key attrib_num
;
519 while (s
< s_end
&& is_whitespace(*s
))
522 for (equal_s
= s
; equal_s
< s_end
; equal_s
++)
523 if (*equal_s
== EQUAL_CHAR
)
526 if (equal_s
== s_end
) {
527 p_error
= parse_bad_command_line_attribute_format
;
531 for (s1
= equal_s
; s1
> s
&& is_whitespace(s1
[-1]); s1
--)
535 p_error
= parse_bad_command_line_attribute_format
;
539 attrib_num
= get_attrib_num(s
, s1
- s
);
541 if (attrib_num
!= key_bad
) {
543 while (s1
< s_end
&& is_whitespace(*s1
))
546 while (s_end
> s1
&& is_whitespace(s_end
[-1]))
555 * FUNCTION: parse_ldap_config_file
557 * Parses the information for LDAP from a configuration
558 * file. If no file is specified, /var/nis/NIS+LDAPmapping
561 * RETURN VALUE: 0 on success, -1 on failure
563 * INPUT: configuration file name
567 parse_ldap_config_file(
568 const char *config_file
,
569 __nis_ldap_proxy_info
*proxy_info
,
570 __nis_config_t
*nis_config
,
571 __nis_table_mapping_t
**table_mapping
,
572 __nis_config_info_t
*config_info
,
573 __nisdb_table_mapping_t
*table_info
)
576 config_key attrib_num
;
581 if ((fd
= open(config_file
, O_RDONLY
)) == -1) {
582 p_error
= parse_open_file_error
;
583 report_error(config_file
, NULL
);
591 report_info("Reading configuration from ", config_file
);
593 file_source
= config_file
;
594 while ((attrib_num
= get_file_attr_val(fd
, &attr_val
)) > 0) {
595 len
= attr_val
== NULL
? 0 : strlen(attr_val
);
596 if (IS_CONFIG_KEYWORD(attrib_num
)) {
597 rc
= add_config_attribute(attrib_num
,
598 attr_val
, len
, config_info
);
599 } else if (IS_BIND_INFO(attrib_num
)) {
600 rc
= add_bind_attribute(attrib_num
,
601 attr_val
, len
, proxy_info
);
602 } else if (IS_OPER_INFO(attrib_num
)) {
603 rc
= add_operation_attribute(attrib_num
,
604 attr_val
, len
, nis_config
, table_info
);
606 rc
= add_mapping_attribute(attrib_num
,
607 attr_val
, len
, table_mapping
);
611 report_error(attr_val
== NULL
?
612 "<no attribute>" : attr_val
, _key_val
);
620 if (attrib_num
== key_bad
) {
621 report_error(_key_val
, NULL
);
630 * FUNCTION: yp_parse_ldap_config_file
632 * Parses the information for LDAP from a configuration
633 * file. If no file is specified, /var/yp/NISLDAPmapping
636 * RETURN VALUE: 0 on success, -1 on failure
638 * INPUT: configuration file name
642 yp_parse_ldap_config_file(
643 const char *config_file
,
644 __nis_ldap_proxy_info
*proxy_info
,
645 __nis_config_t
*nis_config
,
646 __nis_table_mapping_t
**table_mapping
,
647 __nis_config_info_t
*config_info
,
648 __nisdb_table_mapping_t
*table_info
,
649 __yp_domain_context_t
*ypDomains
)
652 config_key attrib_num
;
654 char *attr_val
= NULL
;
657 if ((fd
= open(config_file
, O_RDONLY
)) == -1) {
658 p_error
= parse_open_file_error
;
659 report_error(config_file
, NULL
);
667 report_info("Reading configuration from ", config_file
);
669 file_source
= config_file
;
670 while ((attrib_num
= get_file_attr_val(fd
, &attr_val
)) > 0) {
671 len
= attr_val
== NULL
? 0 : strlen(attr_val
);
672 if (IS_YP_CONFIG_KEYWORD(attrib_num
)) {
673 rc
= add_config_attribute(attrib_num
,
674 attr_val
, len
, config_info
);
675 } else if (IS_YP_BIND_INFO(attrib_num
)) {
676 rc
= add_bind_attribute(attrib_num
,
677 attr_val
, len
, proxy_info
);
678 } else if (IS_YP_OPER_INFO(attrib_num
)) {
679 rc
= add_operation_attribute(attrib_num
,
680 attr_val
, len
, nis_config
, table_info
);
681 } else if (IS_YP_DOMAIN_INFO(attrib_num
)) {
682 rc
= add_ypdomains_attribute(attrib_num
,
683 attr_val
, len
, ypDomains
);
684 } else if (IS_YP_MAP_ATTR(attrib_num
)) {
685 rc
= add_mapping_attribute(attrib_num
,
686 attr_val
, len
, table_mapping
);
689 p_error
= parse_unsupported_format
;
693 report_error(attr_val
== NULL
?
694 "<no attribute>" : attr_val
, _key_val
);
705 if (attrib_num
== key_bad
) {
706 report_error(_key_val
, NULL
);
715 * FUNCTION: get_file_attr_val
717 * Gets the next attribute from the configuration file.
719 * RETURN VALUE: The config key if more attributes
720 * no_more_keys if eof
725 get_file_attr_val(int fd
, char **attr_val
)
734 char *attribute_value
;
736 config_key attrib_num
= no_more_keys
;
740 if ((ret
= read_line(fd
, buf
, sizeof (buf
))) > 0) {
741 for (s
= buf
; is_whitespace(*s
); s
++)
745 while (*s
!= '\0' && !is_whitespace(*s
))
749 report_info("\t", start_tag
);
750 attrib_num
= get_attrib_num(start_tag
, s
- start_tag
);
751 if (attrib_num
== key_bad
)
754 while (is_whitespace(*s
))
760 /* note that read_line will not return a line ending with \ */
761 for (; *s
!= '\0'; s
++) {
762 if (*s
== ESCAPE_CHAR
)
765 while (s
> start_val
&& is_whitespace(s
[-1]))
769 calloc(1, (size_t)(s
- start_val
) + 1);
770 if (attribute_value
== NULL
) {
771 p_error
= parse_no_mem_error
;
774 attr_val
[0] = attribute_value
;
779 for (s
= start_val
; s
< end_val
; s
++) {
780 if (*s
== POUND_SIGN
) {
782 while (s
< end_val
) {
783 if (*s
== DOUBLE_QUOTE_CHAR
||
784 *s
== SINGLE_QUOTE_CHAR
) {
795 for (s
= start_val
; s
< end_val
; s
++)
806 connect_to_ldap_config_server(
809 __nis_config_info_t
*config_info
)
812 int ldapVersion
= LDAP_VERSION3
;
813 int derefOption
= LDAP_DEREF_ALWAYS
;
814 int timelimit
= LDAP_NO_LIMIT
;
815 int sizelimit
= LDAP_NO_LIMIT
;
817 bool_t retrying
= FALSE
;
818 int sleep_seconds
= 1;
821 if (config_info
->tls_method
== no_tls
) {
822 ld
= ldap_init(sever_name
, server_port
);
824 p_error
= parse_ldap_init_error
;
825 report_error(strerror(errno
), NULL
);
829 if ((errnum
= ldapssl_client_init(
830 config_info
->tls_cert_db
, NULL
)) < 0) {
831 p_error
= parse_ldapssl_client_init_error
;
832 report_error(ldapssl_err2string(errnum
), NULL
);
835 ld
= ldapssl_init(sever_name
, server_port
, 1);
837 p_error
= parse_ldapssl_init_error
;
838 report_error(strerror(errno
), NULL
);
843 (void) ldap_set_option(ld
, LDAP_OPT_PROTOCOL_VERSION
,
845 (void) ldap_set_option(ld
, LDAP_OPT_DEREF
, &derefOption
);
846 (void) ldap_set_option(ld
, LDAP_OPT_REFERRALS
, LDAP_OPT_OFF
);
847 (void) ldap_set_option(ld
, LDAP_OPT_TIMELIMIT
, &timelimit
);
848 (void) ldap_set_option(ld
, LDAP_OPT_SIZELIMIT
, &sizelimit
);
851 * Attempt to bind to the LDAP server.
852 * We will loop until success or until an error other
853 * than LDAP_CONNECT_ERROR or LDAP_SERVER_DOWN
856 report_info("Connecting to ", sever_name
);
859 if (config_info
->auth_method
== simple
) {
860 errnum
= ldap_simple_bind_s(ld
, config_info
->proxy_dn
,
861 config_info
->proxy_passwd
);
862 } else if (config_info
->auth_method
== cram_md5
) {
863 cred
.bv_len
= strlen(config_info
->proxy_passwd
);
864 cred
.bv_val
= config_info
->proxy_passwd
;
865 errnum
= ldap_sasl_cram_md5_bind_s(ld
,
866 config_info
->proxy_dn
, &cred
, NULL
, NULL
);
867 } else if (config_info
->auth_method
== digest_md5
) {
868 cred
.bv_len
= strlen(config_info
->proxy_passwd
);
869 cred
.bv_val
= config_info
->proxy_passwd
;
870 errnum
= ldap_x_sasl_digest_md5_bind_s(ld
,
871 config_info
->proxy_dn
, &cred
, NULL
, NULL
);
873 errnum
= ldap_simple_bind_s(ld
, NULL
, NULL
);
876 if (errnum
== LDAP_SUCCESS
)
879 if (errnum
== LDAP_CONNECT_ERROR
||
880 errnum
== LDAP_SERVER_DOWN
) {
884 "LDAP server unavailable. Retrying...",
888 (void) sleep(sleep_seconds
);
890 if (sleep_seconds
> MAX_LDAP_CONFIG_RETRY_TIME
)
891 sleep_seconds
= MAX_LDAP_CONFIG_RETRY_TIME
;
892 p_error
= no_parse_error
;
895 p_error
= parse_ldap_bind_error
;
896 report_error2(config_info
->proxy_dn
, ldap_err2string(errnum
));
897 (void) ldap_unbind(ld
);
902 report_info("Reading values from ", config_info
->config_dn
);
908 * FUNCTION: process_ldap_config_result
910 * Extracts the LDAPMessage containing the nis+/LDAP
913 * RETURN VALUE: 0 on success, -1 on failure
915 * INPUT: LDAP the LDAP connection
916 * LDAPMessage the LDAP message
920 process_ldap_config_result(
922 LDAPMessage
*resultMsg
,
923 __nis_ldap_proxy_info
*proxy_info
,
924 __nis_config_t
*nis_config
,
925 __nis_table_mapping_t
**table_mapping
,
926 __nisdb_table_mapping_t
*table_info
)
931 BerElement
*ber
= NULL
;
932 config_key attrib_num
;
939 bool_t error_reported
= FALSE
;
941 e
= ldap_first_entry(ld
, resultMsg
);
944 for (attr
= ldap_first_attribute(ld
, e
, &ber
); attr
!= NULL
;
945 attr
= ldap_next_attribute(ld
, e
, ber
)) {
947 report_info("\t", attr
);
948 attrib_num
= get_attrib_num(attr
, strlen(attr
));
949 if (attrib_num
== key_bad
) {
950 report_error(attr
, NULL
);
953 if ((vals
= ldap_get_values(ld
, e
, attr
)) != NULL
) {
954 n
= ldap_count_values(vals
);
955 /* parse the attribute values */
956 for (i
= 0; i
< n
; i
++) {
958 while (is_whitespace(*attr_val
))
961 report_info("\t\t", attr_val
);
962 len
= strlen(attr_val
);
964 is_whitespace(attr_val
[len
- 1]))
967 if (IS_YP_BIND_INFO(attrib_num
)) {
968 rc
= add_bind_attribute(attrib_num
, attr_val
,
970 } else if (IS_YP_OPER_INFO(attrib_num
)) {
971 rc
= add_operation_attribute(attrib_num
,
972 attr_val
, len
, nis_config
, table_info
);
973 } else if (IS_YP_MAP_ATTR(attrib_num
)) {
974 rc
= add_mapping_attribute(attrib_num
, attr_val
,
977 p_error
= parse_unsupported_format
;
980 if (IS_BIND_INFO(attrib_num
)) {
981 rc
= add_bind_attribute(attrib_num
, attr_val
,
983 } else if (IS_OPER_INFO(attrib_num
)) {
984 rc
= add_operation_attribute(attrib_num
,
985 attr_val
, len
, nis_config
, table_info
);
987 rc
= add_mapping_attribute(attrib_num
, attr_val
,
991 if (p_error
!= no_parse_error
) {
992 report_error(attr_val
, attr
);
993 error_reported
= TRUE
;
997 ldap_value_free(vals
);
999 (void) ldap_get_option(ld
,
1000 LDAP_OPT_ERROR_NUMBER
, &errnum
);
1001 if (errnum
!= LDAP_SUCCESS
)
1002 p_error
= parse_ldap_get_values_error
;
1005 if (p_error
!= no_parse_error
)
1009 errnum
= ldap_result2error(ld
, resultMsg
, FALSE
);
1010 if (errnum
!= LDAP_SUCCESS
)
1011 p_error
= parse_ldap_search_error
;
1016 if (!error_reported
&& p_error
!= no_parse_error
) {
1017 report_error(ldap_err2string(errnum
), 0);
1020 if (p_error
!= no_parse_error
)
1026 * FUNCTION: process_ldap_referral
1028 * Retrieves the configuration for a referral url
1030 * RETURN VALUE: 0 on success, -1 on failure, 1 on skip
1032 * INPUT: url the ldap url
1033 * __nis_ldap_proxy_info
1037 process_ldap_referral(
1040 __nis_ldap_proxy_info
*proxy_info
,
1041 __nis_config_t
*nis_config
,
1042 __nis_table_mapping_t
**table_mapping
,
1043 __nis_config_info_t
*config_info
,
1044 __nisdb_table_mapping_t
*table_info
)
1046 LDAPURLDesc
*ludpp
= NULL
;
1050 LDAPMessage
*resultMsg
= NULL
;
1052 if ((rc
= ldap_url_parse(url
, &ludpp
)) != LDAP_SUCCESS
)
1055 #ifdef LDAP_URL_OPT_SECURE
1056 if (ludpp
->lud_options
& LDAP_URL_OPT_SECURE
) {
1057 if (config_info
->tls_method
!= ssl_tls
) {
1058 ldap_free_urldesc(ludpp
);
1062 if (config_info
->tls_method
!= no_tls
) {
1063 ldap_free_urldesc(ludpp
);
1069 if ((ld
= connect_to_ldap_config_server(ludpp
->lud_host
,
1070 ludpp
->lud_port
, config_info
)) == NULL
) {
1071 ldap_free_urldesc(ludpp
);
1075 errnum
= ldap_search_s(ld
, config_info
->config_dn
, LDAP_SCOPE_BASE
,
1076 "objectclass=nisplusLDAPconfig", attrs
, 0, &resultMsg
);
1078 ldap_source
= config_info
->config_dn
;
1080 if (errnum
!= LDAP_SUCCESS
) {
1081 p_error
= parse_ldap_search_error
;
1082 report_error(ldap_err2string(errnum
), 0);
1085 rc
= process_ldap_config_result(ld
, resultMsg
, proxy_info
,
1086 nis_config
, table_mapping
, table_info
);
1090 (void) ldap_unbind(ld
);
1091 if (resultMsg
!= NULL
)
1092 (void) ldap_msgfree(resultMsg
);
1098 * FUNCTION: process_ldap_referral_msg
1100 * Retrieves the configuration from referred servers
1102 * RETURN VALUE: 0 on success, -1 on failure
1104 * INPUT: LDAP the LDAP connection
1105 * LDAPMessage the LDAP message
1106 * __nis_ldap_proxy_info
1110 process_ldap_referral_msg(
1112 LDAPMessage
*resultMsg
,
1114 __nis_ldap_proxy_info
*proxy_info
,
1115 __nis_config_t
*nis_config
,
1116 __nis_table_mapping_t
**table_mapping
,
1117 __nis_config_info_t
*config_info
,
1118 __nisdb_table_mapping_t
*table_info
)
1121 char **referralsp
= NULL
;
1125 rc
= ldap_parse_result(ld
, resultMsg
, &errCode
, NULL
, NULL
, &referralsp
,
1128 if (rc
!= LDAP_SUCCESS
|| errCode
!= LDAP_REFERRAL
) {
1129 p_error
= parse_ldap_get_values_error
;
1130 report_error(ldap_err2string(errCode
), 0);
1133 for (i
= 0; referralsp
[i
] != NULL
; i
++) {
1134 rc
= process_ldap_referral(referralsp
[i
], attrs
,
1135 proxy_info
, nis_config
, table_mapping
,
1136 config_info
, table_info
);
1140 report_info("Cannot use referral \n",
1145 p_error
= parse_no_available_referrals_error
;
1151 ldap_value_free(referralsp
);
1157 * FUNCTION: parse_ldap_config_dn_attrs
1159 * Parses the information for LDAP from the LDAP profile
1160 * - the profile object name, the LDAP server, and the
1161 * authentication method must be specified.
1163 * RETURN VALUE: 0 on success, -1 on failure
1165 * INPUT: __nis_ldap_proxy_info
1169 parse_ldap_config_dn_attrs(
1170 __nis_ldap_proxy_info
*proxy_info
,
1171 __nis_config_t
*nis_config
,
1172 __nis_table_mapping_t
**table_mapping
,
1173 __nis_config_info_t
*config_info
,
1174 __nisdb_table_mapping_t
*table_info
)
1179 char *ldap_config_attributes
[n_config_keys
];
1180 LDAPMessage
*resultMsg
= NULL
;
1182 /* Determine if properly configured for LDAP lookup */
1183 if (config_info
->auth_method
== simple
&&
1184 config_info
->proxy_dn
== NULL
)
1185 p_error
= parse_no_proxy_dn_error
;
1186 else if (config_info
->auth_method
==
1187 (auth_method_t
)NO_VALUE_SET
)
1188 p_error
= parse_no_config_auth_error
;
1189 else if ((config_info
->default_servers
== NULL
) ||
1190 (config_info
->default_servers
[0] == '\0'))
1191 p_error
= parse_no_config_server_addr
;
1192 if (p_error
!= no_parse_error
) {
1193 report_error(NULL
, NULL
);
1197 if (config_info
->tls_method
== (tls_method_t
)NO_VALUE_SET
)
1198 config_info
->tls_method
= no_tls
;
1199 else if (config_info
->tls_method
== ssl_tls
&&
1200 (config_info
->tls_cert_db
== NULL
||
1201 *config_info
->tls_cert_db
== '\0')) {
1202 p_error
= parse_no_config_cert_db
;
1203 report_error(NULL
, NULL
);
1209 "Getting configuration from LDAP server(s): ",
1210 config_info
->default_servers
);
1212 /* Determine which attributes should be retrieved */
1213 get_attribute_list(proxy_info
, nis_config
, NULL
, table_info
,
1214 ldap_config_attributes
);
1216 if ((ld
= connect_to_ldap_config_server(config_info
->default_servers
, 0,
1217 config_info
)) == NULL
)
1220 /* Get the attribute values */
1221 errnum
= ldap_search_s(ld
, config_info
->config_dn
, LDAP_SCOPE_BASE
,
1222 "objectclass=nisplusLDAPconfig",
1223 ldap_config_attributes
, 0, &resultMsg
);
1224 ldap_source
= config_info
->config_dn
;
1226 if (errnum
== LDAP_REFERRAL
) {
1227 rc
= process_ldap_referral_msg(ld
, resultMsg
,
1228 ldap_config_attributes
, proxy_info
, nis_config
,
1229 table_mapping
, config_info
, table_info
);
1230 } else if (errnum
!= LDAP_SUCCESS
) {
1231 p_error
= parse_ldap_search_error
;
1232 report_error(ldap_err2string(errnum
), 0);
1235 rc
= process_ldap_config_result(ld
, resultMsg
, proxy_info
,
1236 nis_config
, table_mapping
, table_info
);
1240 (void) ldap_unbind(ld
);
1241 if (resultMsg
!= NULL
)
1242 (void) ldap_msgfree(resultMsg
);
1248 is_cmd_line_option(config_key a_num
)
1250 const char *const *cmdline_options
= cmdline_config
;
1251 config_key attrib_num
;
1252 const char *begin_s
;
1255 if (cmdline_options
== NULL
)
1258 while (*cmdline_options
!= NULL
) {
1259 attrib_num
= get_attrib_num_cmdline(
1260 *cmdline_options
, &begin_s
, &end_s
);
1261 if (attrib_num
== a_num
)
1265 return (*cmdline_options
!= NULL
);
1269 * FUNCTION: get_attribute_list
1271 * Get a list of attributes from the LDAP server that have not yet
1272 * been gotten. If config_info is NULL, the associated parameters
1275 * RETURN VALUE: none
1277 * INPUT: Returns a list of parameters in attributes
1278 * which is assumed to be of sufficient size.
1283 const __nis_ldap_proxy_info
*proxy_info
,
1284 const __nis_config_t
*nis_config
,
1285 const __nis_config_info_t
*config_info
,
1286 const __nisdb_table_mapping_t
*table_info
,
1291 /* Determine which attributes should be retrieved */
1294 if (config_info
!= NULL
) {
1296 if (config_info
->config_dn
== NULL
)
1297 attributes
[n_attrs
++] = YP_CONFIG_DN
;
1298 if (config_info
->default_servers
== NULL
)
1299 attributes
[n_attrs
++] = YP_CONFIG_SERVER_LIST
;
1300 if (config_info
->auth_method
==
1301 (auth_method_t
)NO_VALUE_SET
)
1302 attributes
[n_attrs
++] = YP_CONFIG_AUTH_METHOD
;
1303 if (config_info
->tls_method
==
1304 (tls_method_t
)NO_VALUE_SET
)
1305 attributes
[n_attrs
++] = YP_CONFIG_TLS_OPTION
;
1306 if (config_info
->proxy_dn
== NULL
)
1307 attributes
[n_attrs
++] = YP_CONFIG_PROXY_USER
;
1308 if (config_info
->proxy_passwd
== NULL
)
1309 attributes
[n_attrs
++] = YP_CONFIG_PROXY_PASSWD
;
1310 if (config_info
->tls_cert_db
== NULL
)
1311 attributes
[n_attrs
++] = YP_CONFIG_TLS_CERT_DB
;
1313 if (config_info
->config_dn
== NULL
)
1314 attributes
[n_attrs
++] = CONFIG_DN
;
1315 if (config_info
->default_servers
== NULL
)
1316 attributes
[n_attrs
++] = CONFIG_SERVER_LIST
;
1317 if (config_info
->auth_method
==
1318 (auth_method_t
)NO_VALUE_SET
)
1319 attributes
[n_attrs
++] = CONFIG_AUTH_METHOD
;
1320 if (config_info
->tls_method
==
1321 (tls_method_t
)NO_VALUE_SET
)
1322 attributes
[n_attrs
++] = CONFIG_TLS_OPTION
;
1323 if (config_info
->proxy_dn
== NULL
)
1324 attributes
[n_attrs
++] = CONFIG_PROXY_USER
;
1325 if (config_info
->proxy_passwd
== NULL
)
1326 attributes
[n_attrs
++] = CONFIG_PROXY_PASSWD
;
1327 if (config_info
->tls_cert_db
== NULL
)
1328 attributes
[n_attrs
++] = CONFIG_TLS_CERT_DB
;
1332 attributes
[n_attrs
++] = YP_DOMAIN_CONTEXT
;
1333 attributes
[n_attrs
++] = YPPASSWDD_DOMAINS
;
1334 attributes
[n_attrs
++] = YP_DB_ID_MAP
;
1335 attributes
[n_attrs
++] = YP_COMMENT_CHAR
;
1336 attributes
[n_attrs
++] = YP_MAP_FLAGS
;
1337 attributes
[n_attrs
++] = YP_ENTRY_TTL
;
1338 attributes
[n_attrs
++] = YP_NAME_FIELDS
;
1339 attributes
[n_attrs
++] = YP_SPLIT_FIELD
;
1340 attributes
[n_attrs
++] = YP_REPEATED_FIELD_SEPARATORS
;
1341 attributes
[n_attrs
++] = YP_LDAP_OBJECT_DN
;
1342 attributes
[n_attrs
++] = NIS_TO_LDAP_MAP
;
1343 attributes
[n_attrs
++] = LDAP_TO_NIS_MAP
;
1345 attributes
[n_attrs
++] = DB_ID_MAP
;
1346 attributes
[n_attrs
++] = ENTRY_TTL
;
1347 attributes
[n_attrs
++] = LDAP_OBJECT_DN
;
1348 attributes
[n_attrs
++] = NISPLUS_TO_LDAP_MAP
;
1349 attributes
[n_attrs
++] = LDAP_TO_NISPLUS_MAP
;
1354 if (proxy_info
->default_servers
== NULL
)
1355 attributes
[n_attrs
++] = PREFERRED_SERVERS
;
1356 if (proxy_info
->auth_method
== (auth_method_t
)NO_VALUE_SET
)
1357 attributes
[n_attrs
++] = AUTH_METHOD
;
1358 if (proxy_info
->tls_method
== (tls_method_t
)NO_VALUE_SET
)
1359 attributes
[n_attrs
++] = YP_TLS_OPTION
;
1360 if (proxy_info
->tls_cert_db
== NULL
)
1361 attributes
[n_attrs
++] = YP_TLS_CERT_DB
;
1362 if (proxy_info
->default_search_base
== NULL
)
1363 attributes
[n_attrs
++] = SEARCH_BASE
;
1364 if (proxy_info
->proxy_dn
== NULL
)
1365 attributes
[n_attrs
++] = YP_PROXY_USER
;
1366 if (proxy_info
->proxy_passwd
== NULL
)
1367 attributes
[n_attrs
++] = YP_PROXY_PASSWD
;
1368 if (proxy_info
->default_nis_domain
== NULL
)
1369 attributes
[n_attrs
++] = YP_LDAP_BASE_DOMAIN
;
1370 if (proxy_info
->bind_timeout
.tv_sec
==
1371 (time_t)NO_VALUE_SET
)
1372 attributes
[n_attrs
++] = YP_BIND_TIMEOUT
;
1373 if (proxy_info
->search_timeout
.tv_sec
==
1374 (time_t)NO_VALUE_SET
)
1375 attributes
[n_attrs
++] = YP_SEARCH_TIMEOUT
;
1376 if (proxy_info
->modify_timeout
.tv_sec
==
1377 (time_t)NO_VALUE_SET
)
1378 attributes
[n_attrs
++] = YP_MODIFY_TIMEOUT
;
1379 if (proxy_info
->add_timeout
.tv_sec
== (time_t)NO_VALUE_SET
)
1380 attributes
[n_attrs
++] = YP_ADD_TIMEOUT
;
1381 if (proxy_info
->delete_timeout
.tv_sec
==
1382 (time_t)NO_VALUE_SET
)
1383 attributes
[n_attrs
++] = YP_DELETE_TIMEOUT
;
1384 if (proxy_info
->search_time_limit
== (int)NO_VALUE_SET
)
1385 attributes
[n_attrs
++] = YP_SEARCH_TIME_LIMIT
;
1386 if (proxy_info
->search_size_limit
== (int)NO_VALUE_SET
)
1387 attributes
[n_attrs
++] = YP_SEARCH_SIZE_LIMIT
;
1388 if (proxy_info
->follow_referral
==
1389 (follow_referral_t
)NO_VALUE_SET
)
1390 attributes
[n_attrs
++] = YP_FOLLOW_REFERRAL
;
1392 if (table_info
->retrieveError
==
1393 (__nis_retrieve_error_t
)NO_VALUE_SET
)
1394 attributes
[n_attrs
++] = YP_RETRIEVE_ERROR_ACTION
;
1395 if (table_info
->retrieveErrorRetry
.attempts
== NO_VALUE_SET
)
1396 attributes
[n_attrs
++] = YP_RETREIVE_ERROR_ATTEMPTS
;
1397 if (table_info
->retrieveErrorRetry
.timeout
==
1398 (time_t)NO_VALUE_SET
)
1399 attributes
[n_attrs
++] = YP_RETREIVE_ERROR_TIMEOUT
;
1400 if (table_info
->storeError
==
1401 (__nis_store_error_t
)NO_VALUE_SET
)
1402 attributes
[n_attrs
++] = YP_STORE_ERROR_ACTION
;
1403 if (table_info
->storeErrorRetry
.attempts
== NO_VALUE_SET
)
1404 attributes
[n_attrs
++] = YP_STORE_ERROR_ATTEMPTS
;
1405 if (table_info
->storeErrorRetry
.timeout
==
1406 (time_t)NO_VALUE_SET
)
1407 attributes
[n_attrs
++] = YP_STORE_ERROR_TIMEOUT
;
1408 if (table_info
->refreshError
==
1409 (__nis_refresh_error_t
)NO_VALUE_SET
)
1410 attributes
[n_attrs
++] = REFRESH_ERROR_ACTION
;
1411 if (table_info
->refreshErrorRetry
.attempts
== NO_VALUE_SET
)
1412 attributes
[n_attrs
++] = REFRESH_ERROR_ATTEMPTS
;
1413 if (table_info
->refreshErrorRetry
.timeout
==
1414 (time_t)NO_VALUE_SET
)
1415 attributes
[n_attrs
++] = REFRESH_ERROR_TIMEOUT
;
1416 if (table_info
->matchFetch
==
1417 (__nis_match_fetch_t
)NO_VALUE_SET
)
1418 attributes
[n_attrs
++] = YP_MATCH_FETCH
;
1420 if (proxy_info
->default_servers
== NULL
)
1421 attributes
[n_attrs
++] = PREFERRED_SERVERS
;
1422 if (proxy_info
->auth_method
== (auth_method_t
)NO_VALUE_SET
)
1423 attributes
[n_attrs
++] = AUTH_METHOD
;
1424 if (proxy_info
->tls_method
== (tls_method_t
)NO_VALUE_SET
)
1425 attributes
[n_attrs
++] = TLS_OPTION
;
1426 if (proxy_info
->tls_cert_db
== NULL
)
1427 attributes
[n_attrs
++] = TLS_CERT_DB
;
1428 if (proxy_info
->default_search_base
== NULL
)
1429 attributes
[n_attrs
++] = SEARCH_BASE
;
1430 if (proxy_info
->proxy_dn
== NULL
)
1431 attributes
[n_attrs
++] = PROXY_USER
;
1432 if (proxy_info
->proxy_passwd
== NULL
)
1433 attributes
[n_attrs
++] = PROXY_PASSWD
;
1434 if (proxy_info
->default_nis_domain
== NULL
)
1435 attributes
[n_attrs
++] = LDAP_BASE_DOMAIN
;
1436 if (proxy_info
->bind_timeout
.tv_sec
==
1437 (time_t)NO_VALUE_SET
)
1438 attributes
[n_attrs
++] = BIND_TIMEOUT
;
1439 if (proxy_info
->search_timeout
.tv_sec
==
1440 (time_t)NO_VALUE_SET
)
1441 attributes
[n_attrs
++] = SEARCH_TIMEOUT
;
1442 if (proxy_info
->modify_timeout
.tv_sec
==
1443 (time_t)NO_VALUE_SET
)
1444 attributes
[n_attrs
++] = MODIFY_TIMEOUT
;
1445 if (proxy_info
->add_timeout
.tv_sec
== (time_t)NO_VALUE_SET
)
1446 attributes
[n_attrs
++] = ADD_TIMEOUT
;
1447 if (proxy_info
->delete_timeout
.tv_sec
==
1448 (time_t)NO_VALUE_SET
)
1449 attributes
[n_attrs
++] = DELETE_TIMEOUT
;
1450 if (proxy_info
->search_time_limit
== (int)NO_VALUE_SET
)
1451 attributes
[n_attrs
++] = SEARCH_TIME_LIMIT
;
1452 if (proxy_info
->search_size_limit
== (int)NO_VALUE_SET
)
1453 attributes
[n_attrs
++] = SEARCH_SIZE_LIMIT
;
1454 if (proxy_info
->follow_referral
==
1455 (follow_referral_t
)NO_VALUE_SET
)
1456 attributes
[n_attrs
++] = FOLLOW_REFERRAL
;
1458 if (table_info
->retrieveError
==
1459 (__nis_retrieve_error_t
)NO_VALUE_SET
)
1460 attributes
[n_attrs
++] = RETRIEVE_ERROR_ACTION
;
1461 if (table_info
->retrieveErrorRetry
.attempts
== NO_VALUE_SET
)
1462 attributes
[n_attrs
++] = RETREIVE_ERROR_ATTEMPTS
;
1463 if (table_info
->retrieveErrorRetry
.timeout
==
1464 (time_t)NO_VALUE_SET
)
1465 attributes
[n_attrs
++] = RETREIVE_ERROR_TIMEOUT
;
1466 if (table_info
->storeError
==
1467 (__nis_store_error_t
)NO_VALUE_SET
)
1468 attributes
[n_attrs
++] = STORE_ERROR_ACTION
;
1469 if (table_info
->storeErrorRetry
.attempts
== NO_VALUE_SET
)
1470 attributes
[n_attrs
++] = STORE_ERROR_ATTEMPTS
;
1471 if (table_info
->storeErrorRetry
.timeout
==
1472 (time_t)NO_VALUE_SET
)
1473 attributes
[n_attrs
++] = STORE_ERROR_TIMEOUT
;
1474 if (table_info
->refreshError
==
1475 (__nis_refresh_error_t
)NO_VALUE_SET
)
1476 attributes
[n_attrs
++] = REFRESH_ERROR_ACTION
;
1477 if (table_info
->refreshErrorRetry
.attempts
== NO_VALUE_SET
)
1478 attributes
[n_attrs
++] = REFRESH_ERROR_ATTEMPTS
;
1479 if (table_info
->refreshErrorRetry
.timeout
==
1480 (time_t)NO_VALUE_SET
)
1481 attributes
[n_attrs
++] = REFRESH_ERROR_TIMEOUT
;
1482 if (table_info
->matchFetch
==
1483 (__nis_match_fetch_t
)NO_VALUE_SET
)
1484 attributes
[n_attrs
++] = MATCH_FETCH
;
1487 switch (nis_config
->initialUpdate
) {
1488 case (__nis_initial_update_t
)NO_VALUE_SET
:
1489 attributes
[n_attrs
++] = INITIAL_UPDATE_ACTION
;
1490 attributes
[n_attrs
++] = INITIAL_UPDATE_ONLY
;
1492 case (__nis_initial_update_t
)INITIAL_UPDATE_NO_ACTION
:
1493 case (__nis_initial_update_t
)NO_INITIAL_UPDATE_NO_ACTION
:
1494 attributes
[n_attrs
++] = INITIAL_UPDATE_ACTION
;
1496 case (__nis_initial_update_t
)FROM_NO_INITIAL_UPDATE
:
1497 case (__nis_initial_update_t
)TO_NO_INITIAL_UPDATE
:
1498 attributes
[n_attrs
++] = INITIAL_UPDATE_ONLY
;
1502 if (nis_config
->threadCreationError
==
1503 (__nis_thread_creation_error_t
)NO_VALUE_SET
)
1504 attributes
[n_attrs
++] = THREAD_CREATE_ERROR_ACTION
;
1505 if (nis_config
->threadCreationErrorTimeout
.attempts
== NO_VALUE_SET
)
1506 attributes
[n_attrs
++] = THREAD_CREATE_ERROR_ATTEMPTS
;
1507 if (nis_config
->threadCreationErrorTimeout
.timeout
==
1508 (time_t)NO_VALUE_SET
)
1509 attributes
[n_attrs
++] = THREAD_CREATE_ERROR_TIMEOUT
;
1510 if (nis_config
->dumpError
== (__nis_dump_error_t
)NO_VALUE_SET
)
1511 attributes
[n_attrs
++] = DUMP_ERROR_ACTION
;
1512 if (nis_config
->dumpErrorTimeout
.attempts
== NO_VALUE_SET
)
1513 attributes
[n_attrs
++] = DUMP_ERROR_ATTEMPTS
;
1514 if (nis_config
->dumpErrorTimeout
.timeout
== (time_t)NO_VALUE_SET
)
1515 attributes
[n_attrs
++] = DUMP_ERROR_TIMEOUT
;
1516 if (nis_config
->resyncService
== (__nis_resync_service_t
)NO_VALUE_SET
)
1517 attributes
[n_attrs
++] = RESYNC
;
1518 if (nis_config
->updateBatching
==
1519 (__nis_update_batching_t
)NO_VALUE_SET
)
1520 attributes
[n_attrs
++] = UPDATE_BATCHING
;
1521 if (nis_config
->updateBatchingTimeout
.timeout
== (time_t)NO_VALUE_SET
)
1522 attributes
[n_attrs
++] = UPDATE_BATCHING_TIMEOUT
;
1523 if (nis_config
->numberOfServiceThreads
== (int)NO_VALUE_SET
)
1524 attributes
[n_attrs
++] = NUMBER_THEADS
;
1525 if (nis_config
->emulate_yp
== (int)NO_VALUE_SET
)
1526 attributes
[n_attrs
++] = YP_EMULATION
;
1528 /* maxRPCRecordSize is not configurable through LDAP profiles */
1529 if (nis_config
->maxRPCRecordSize
== (int)NO_VALUE_SET
)
1530 attributes
[n_attrs
++] = MAX_RPC_RECSIZE
;
1532 attributes
[n_attrs
++] = NULL
;
1536 * Notes on adding new attributes
1537 * 1. Determine where the attribute value will be saved
1538 * Currently, the following structures are defined:
1539 * __nis_config_info_t config_info
1540 * __nis_ldap_proxy_info proxyInfo
1541 * __nis_config_t ldapConfig
1542 * __nisdb_table_mapping_t ldapDBTableMapping
1543 * __nis_table_mapping_t ldapTableMapping
1544 * or add a new structure or variable - this will require
1546 * 2. Initialize the value to a known unconfigured value.
1547 * This can be done in initialize_parse_structs or
1548 * parse_ldap_migration.
1549 * 3. In the header file nis_parse_ldap_conf.h, add the name
1550 * of the attribute. (Currently, the attribute name is assumed
1551 * to be the same for the command line, the preference file,
1552 * and LDAP.) The names are grouped logically. Add a corresponding
1553 * config_key to the enum. Note that position in this file is
1554 * essential because the macros such as IS_BIND_INFO depend on
1555 * the sequence. The corresponding macro (IS_CONFIG_KEYWORD,
1556 * IS_BIND_INFO, or IS_OPER_INFO) may need to be adjusted. These
1557 * are used to partition the attributes into smaller chunks.
1558 * 4. Add the correspond entry to the keyword_lookup array in
1559 * nis_parse_ldap_attr.c, which is used to determine the config_key
1560 * from the corresponding key word.
1561 * 5. Add the attribute to the list of attributes to retrieve from
1562 * the LDAP server if no value has been set in the function
1563 * parse_ldap_config_dn_attrs. (This assumes that the attribute
1564 * is not used to get the configuration from the LDAP server.)
1565 * 6. Add logic to parse the individual attribute in
1566 * add_config_attribute, add_bind_attribute,
1567 * add_operation_attribute, or add_mapping_attribute depending
1568 * which group of attributes the added attribute belongs to.
1569 * 7. In set_default_values, if the attribute value has not been set, set
1570 * the default value. If any additional fixup is needed depending
1571 * on other configuration values, it should be done here.
1572 * 8. If an attribute name is a subset of another, parse_ldap_default_conf
1573 * should be modified.