Branch: Tag:

2001-11-05

2001-11-05 11:53:20 by Honza Petrous <hop@unibase.cz>

Backported changes from 7.3

Rev: lib/modules/Protocols.pmod/LDAP.pmod/client.pike:1.27

2:      // LDAP client protocol implementation for Pike.   // - // $Id: client.pike,v 1.26 2001/09/17 02:45:42 hop Exp $ + // $Id: client.pike,v 1.27 2001/11/05 11:53:20 hop Exp $   //   // Honza Petrous, hop@unibase.cz   //
93:   #define ASN1_GET_ATTR_ARRAY(X) (array)((X)->elements[1]->elements)   #define ASN1_GET_ATTR_NAME(X) ((X)->elements[0]->value)    -  //! module Protocols -  //! submodule LDAP -  //! -  //! class client -  //! +     //! Contains the client implementation of the LDAP protocol.    //! All of the version 2 protocol features are implemented    //! but only the base parts of the version 3.
246:    //! @[LDAP.client.result.first], @[LDAP.client.result.next]    int count_entries() { return(entrycnt - actnum); }    -  //! @decl mapping(string:array(string)) fetch() -  //! @decl mapping(string:array(string)) fetch(int) -  //! +     //! Returns a mapping with an entry for each attribute.    //! Each entry is an array of values of the attribute.    //! -  //! @param idx +  //! @param index    //! Optional argument can be used for direct access    //! to the entry other then currently pointed by cursor.    int|mapping(string:array(string)) fetch(int|void idx) {
336:    mapping info;       //! @decl void create() -  //! @decl void create(string) -  //! @decl void create(string, object) +  //! @decl void create(string url) +  //! @decl void create(string url, object context)    //!    //! Create object. The first optional argument can be used later    //! for subsequence operations. The second one can specify -  //! TLS context of connection. +  //! TLS context of connection. The default context only allows +  //! 128-bit encryption methods, so you may need to provide your +  //! own context if your LDAP server supports only export encryption.    //!    //! @param url    //! LDAP server URL in form
355:    void create(string|void url, object|void context)    {    -  info = ([ "code_revision" : ("$Revision: 1.26 $"/" ")[1] ]); +  info = ([ "code_revision" : ("$Revision: 1.27 $"/" ")[1] ]);       if(!url || !sizeof(url))    url = LDAP_DEFAULT_URL;
432:    }       //! @decl int bind() -  //! @decl int bind(string, string) -  //! @decl int bind(string, string, version) +  //! @decl int bind(string dn, string password) +  //! @decl int bind(string dn, string password, int version)    //!    //! Authenticates connection to the direcory.    //!
639:    }       -  // API function (ldap_add) -  // -  // add(string dn, mapping(string:array(string)) attrs) -  // -  // dn: DN of compared object -  // ttrs: attribute(s) and value +  //! The Add Operation allows a client to request the addition +  //! of an entry into the directory +  //! +  //! @param dn +  //! The Distinguished Name of the entry to be added. +  //! +  //! @param attrs +  //! The mapping of attributes and their values that make up the content +  //! of the entry being added. +  //!    int add (string dn, mapping(string:array(string)) attrs) {       int id;
966:    return(old_dn);    }    -  // API function (ldap_setscope) -  // -  // set_scope(string base_dn) -  // -  // scope: scope; 0: base, 1: onelevel, 2: subtree -  int set_scope (int scope) { +  //! +  //! Sets value of scope for search operation. +  //! +  //! @param scope +  //! Value can be integer or its corresponding string value. +  //! 0: base, 1: one, 2: sub +  //! +  int set_scope (int|string scope) {       int old_scope = ldap_scope;    -  +  // support for string based values +  if(stringp(scope)) +  switch (lower_case(scope)) { +  case "sub": scope = 2; break; +  case "one": scope = 1; break; +  case "base": scope = 0; break; +  default: return (-1); +  } +  else +  if(scope != 0 && scope != 1 && scope != 2) +  return (-1); +     ldap_scope = scope;    DWRITE_HI("client.SET_SCOPE = " + (string)scope + "\n");    return(old_scope);
1038:    return(-1);    }    -  +     private int|string send_modify_op(string dn,    mapping(string:array(mixed)) attropval) {    // MODIFY
1077:    return (do_op(msgval));    }    +  private int|string send_modifydn_op(string dn, string newrdn, +  int deleteoldrdn, string newsuperior) {    -  // API function (ldap_modify) -  // -  // modify(string dn, mapping(string:array(mix)) attropval) -  // -  // dn: DN of compared object -  // attropval: attribute(s), operation and value(s) +  object msgval; +  array seq=({ Standards.ASN1.Types.asn1_octet_string(dn), +  Standards.ASN1.Types.asn1_octet_string(newrdn), +  Standards.ASN1.Types.asn1_boolean(deleteoldrdn) +  }); +  if(newsuperior) +  seq+=({Standards.ASN1.Types.asn1_octet_string(newsuperior)}); +  +  msgval = ASN1_APPLICATION_SEQUENCE(12, seq); +  +  return (do_op(msgval)); +  } +  +  //! The Modify DN Operation allows a client to change the leftmost +  //! (least significant) component of the name of an entry in the directory, +  //! or to move a subtree of entries to a new location in the directory. +  //! +  //! @param dn +  //! DN of source object +  //! +  //! @param newrdn +  //! RDN of destination +  //! +  //! @param deleteoldrdn +  //! The parameter controls whether the old RDN attribute values +  //! are to be retained as attributes of the entry, or deleted +  //! from the entry. +  //! +  //! @param newsuperior +  //! If present, this is the Distinguished Name of the entry +  //! which becomes the immediate superior of the existing entry. +  //! +  int modifydn (string dn, string newrdn, int deleteoldrdn, +  string|void newsuperior) { +  +  mixed raw; +  object rv; +  +  if (chk_ver()) +  return(-ldap_errno); +  if (chk_binded()) +  return(-ldap_errno); +  if (chk_dn(dn)) +  return(-ldap_errno); +  if(ldap_version == 3) { +  dn = string_to_utf8(dn); +  newrdn = string_to_utf8(newrdn); +  if(newsuperior) newsuperior = string_to_utf8(newsuperior); +  } +  if(intp(raw = send_modifydn_op(dn, newrdn, deleteoldrdn, newsuperior))) { +  THROW(({error_string()+"\n",backtrace()})); +  return(-ldap_errno); +  } +  +  rv = result(({raw})); +  DWRITE_HI(sprintf("client.MODIFYDN: %s\n", rv->error_string())); +  return (seterr (rv->error_number())); +  +  } //modifydn +  +  //! The Modify Operation allows a client to request that a modification +  //! of an entry be performed on its behalf by a server. +  //! +  //! @param dn +  //! The distinguished name of modified entry. +  //! +  //! @param attropval +  //! The mapping of attributes with requested operation and attribute's +  //! values. +  //! +  //! attropval=([ attribute: ({operation, value1, value2, ...}) ]) +  //! +  //! where operation is one of the following: +  //! 0 (LDAP_OPERATION_ADD) - +  //! add values listed to the given attribute, creating the attribute +  //! if necessary +  //! 1 (LDAP_OPERATION_DELETE) - +  //! delete values listed from the given attribute, removing the entire +  //! attribute if no values are listed, or if all current values +  //! of the attribute are listed for deletion +  //! 2 (LDAP_OPERATION_REPLACE) - +  //! replace all existing values of the given attribute with the new +  //! values listed, creating the attribute if it did not already exist. +  //! A replace with no value will delete the entire attribute if it +  //! exists, and is ignored if the attribute does not exist +  //!    int modify (string dn, mapping(string:array(mixed)) attropval) {       int id;