pike.git / lib / modules / Protocols.pmod / LDAP.pmod / client.pike

version» Context lines:

pike.git/lib/modules/Protocols.pmod/LDAP.pmod/client.pike:1:   #pike __REAL_VERSION__      // LDAP client protocol implementation for Pike.   // - // $Id: client.pike,v 1.37 2002/02/14 01:46:18 nilsson Exp $ + // $Id: client.pike,v 1.38 2002/07/12 13:35:56 hop Exp $   //   // Honza Petrous, hop@unibase.cz   //   // ----------------------------------------------------------------------   //   // History:   //   // v0.0 1998-05-25 Starting up!   // v1.0 1998-06-21 Core functions (open, bind, unbind, delete, add,   // compare, search), only V2 operations,
pike.git/lib/modules/Protocols.pmod/LDAP.pmod/client.pike:99:       inherit .protocol;       private int binded = 0; // flag for v2 operations    private string ldap_basedn = ""; // baseDN    private int ldap_scope = 0; // 0: base, 1: onelevel, 2: subtree    private int ldap_deref = 0; // 0: ...    private int ldap_sizelimit = 0;    private int ldap_timelimit = 0;    private mapping lauth = ([]); +  private object last_rv = 0; // last returned value       -  +     //! Contains the result of a LDAP search.    //!    //! @seealso    //! @[LDAP.client.search], @[LDAP.client.result.fetch]    //!    class result // ------------------    {       private int resultcode = LDAP_SUCCESS;    private string resultstring;
pike.git/lib/modules/Protocols.pmod/LDAP.pmod/client.pike:351:    //! @tt{"ldap://hostname/basedn?attrlist?scope?ext"@}    //!    //! @param context    //! TLS context of connection    //!    //! @seealso    //! @[LDAP.client.bind], @[LDAP.client.search]    void create(string|void url, object|void context)    {    -  info = ([ "code_revision" : ("$Revision: 1.37 $"/" ")[1] ]); +  info = ([ "code_revision" : ("$Revision: 1.38 $"/" ")[1] ]);       if(!url || !sizeof(url))    url = LDAP_DEFAULT_URL;       lauth = parse_url(url);       if(!stringp(lauth->scheme) ||    ((lauth->scheme != "ldap") && (lauth->scheme != "ldaps"))) {    THROW(({"Unknown scheme in server URL.\n",backtrace()}));    }
pike.git/lib/modules/Protocols.pmod/LDAP.pmod/client.pike:449:    //! be made authentication.    //! @param password    //! Password used for authentication.    //!    //! Third form allows specify the version of LDAP protocol used    //! by connection to the LDAP server.    //!    //! @param version    //! Only @tt{2@} or @tt{3@} can be entered.    //! +  //! @returns +  //! Returns @tt{1@} on uccess, @tt{0@} otherwise. +  //!    //! @note    //! Only simple authentication type is implemented. So be warned    //! clear text passwords are sent to the directory server. -  +  //! +  //! @note +  //! The API change: the returning code was changed in Pike 7.3+ +  //! to follow his logic better.    int bind (string|void dn, string|void password, int|void version) {       int id;    mixed raw; -  object rv; +        if (!version)    version = LDAP_DEFAULT_VERSION;    if (chk_ver()) -  return(-ldap_errno); +  return(0);    if (!stringp(dn))    dn = mappingp(lauth->ext) ? lauth->ext->bindname||"" : "";    if (!stringp(password))    password = "";    ldap_version = version;    if(ldap_version == 3) {    dn = string_to_utf8(dn);    password = string_to_utf8(password);    }    if(intp(raw = send_bind_op(dn, password))) {    THROW(({error_string()+"\n",backtrace()}));    return(-ldap_errno);    }    -  rv = result(({raw}),1); -  if (!rv->error_number()) +  binded = 0; +  last_rv = result(({raw}),1); +  if (!last_rv->error_number())    binded = 1; -  DWRITE_HI(sprintf("client.BIND: %s\n", rv->error_string())); -  return (seterr (rv->error_number())); +  DWRITE_HI(sprintf("client.BIND: %s\n", last_rv->error_string())); +  seterr (last_rv->error_number()); +  return binded;       } // bind       private int send_unbind_op() {    // UNBIND operation       writemsg(ASN1_APPLICATION_OCTET_STRING(2, ""));       //ldap::close();   
pike.git/lib/modules/Protocols.pmod/LDAP.pmod/client.pike:525:       return (do_op(ASN1_APPLICATION_OCTET_STRING(op, dn)));       }       //!    //! Deletes entry from the LDAP server.    //!    //! @param dn    //! The distinguished name of deleted entry. +  //! +  //! @note +  //! The API change: the returning code was changed in Pike 7.3+ +  //! to follow his logic better.    int delete (string dn) {       int id;    mixed raw; -  object rv; +        if (chk_ver()) -  return(-ldap_errno); +  return(0);    if (chk_binded()) -  return(-ldap_errno); +  return(0);    if (chk_dn(dn)) -  return(-ldap_errno); +  return(0);    if(ldap_version == 3) {    dn = string_to_utf8(dn);    }    if(intp(raw = send_op_withdn(10, dn))) {    THROW(({error_string()+"\n",backtrace()})); -  return(-ldap_errno); +  return(0);    }    -  rv = result(({raw})); -  DWRITE_HI(sprintf("client.DELETE: %s\n", rv->error_string())); -  return (seterr (rv->error_number())); +  last_rv = result(({raw})); +  DWRITE_HI(sprintf("client.DELETE: %s\n", last_rv->error_string())); +  seterr (last_rv->error_number()); +  return (!last_rv->error_number());       } // delete       private int|string send_compare_op(string dn, array(string) aval) {    // COMPARE       object msgval;       msgval = ASN1_APPLICATION_SEQUENCE(14,    ({ Standards.ASN1.Types.asn1_octet_string(dn),
pike.git/lib/modules/Protocols.pmod/LDAP.pmod/client.pike:577:          //!    //! Compares given attribute value with one in the directory.    //!    //! @param dn    //! The distinguished name of compared entry.    //!    //! @param aval    //! The mapping of compared attributes and theirs values. +  //! +  //! @note +  //! The API change: the returning code was changed in Pike 7.3+ +  //! to follow his logic better.    int compare (string dn, array(string) aval) {       int id;    mixed raw; -  object rv; +        // if (!aval || sizeof(aval)<2)    // error    if (chk_ver()) -  return(-ldap_errno); +  return(0);    if (chk_binded()) -  return(-ldap_errno); +  return(0);    if (chk_dn(dn)) -  return(-ldap_errno); +  return(0);    if(ldap_version == 3) {    dn = string_to_utf8(dn);    aval = Array.map(aval, string_to_utf8);    }    if(intp(raw = send_compare_op(dn, aval))) {    THROW(({error_string()+"\n",backtrace()})); -  return(-ldap_errno); +  return(0);    }    -  rv = result(({raw})); -  DWRITE_HI(sprintf("client.COMPARE: %s\n", rv->error_string())); -  return (seterr (rv->error_number())); +  last_rv = result(({raw})); +  DWRITE_HI(sprintf("client.COMPARE: %s\n", last_rv->error_string())); +  seterr (last_rv->error_number()); +  return (!last_rv->error_number());       } // compare       private int|string send_add_op(string dn, mapping(string:array(string)) attrs) {    // ADD       object msgval;    string atype;    array(object) oatt = ({});   
pike.git/lib/modules/Protocols.pmod/LDAP.pmod/client.pike:645:    //! The Add Operation allows a client to request the addition    //! of an entry into the directory    //!    //! @param dn    //! The Distinguished Name of the entry to be added.    //!    //! @param attrs    //! The mapping of attributes and their values that make up the content    //! of the entry being added.    //! +  //! @note +  //! The API change: the returning code was changed in Pike 7.3+ +  //! to follow his logic better.    int add (string dn, mapping(string:array(string)) attrs) {       int id;    mixed raw; -  object rv; +        if (chk_ver()) -  return(-ldap_errno); +  return(0);    if (chk_binded()) -  return(-ldap_errno); +  return(0);    if (chk_dn(dn)) -  return(-ldap_errno); +  return(0);    if(ldap_version == 3) {    dn = string_to_utf8(dn);    array(string) keys = indices(attrs);    array(array(string)) vals = values(attrs);    attrs = mkmapping(Array.map(keys, string_to_utf8),    Array.map(vals, Array.map, string_to_utf8));    }    if(intp(raw = send_add_op(dn, attrs))) {    THROW(({error_string()+"\n",backtrace()})); -  return(-ldap_errno); +  return(0);    }    -  rv = result(({raw})); -  DWRITE_HI(sprintf("client.ADD: %s\n", rv->error_string())); -  return (seterr (rv->error_number())); +  last_rv = result(({raw})); +  DWRITE_HI(sprintf("client.ADD: %s\n", last_rv->error_string())); +  seterr (last_rv->error_number()); +  return (!last_rv->error_number());       } // add       private static array(string) filter_get_sub1expr(string fstr) {    // returns one-level brackets enclosed expressions       array(string) rvarr = ({});    int leftflg = 0, nskip = 0;       for(int ix=0; ix<sizeof(fstr); ix++)
pike.git/lib/modules/Protocols.pmod/LDAP.pmod/client.pike:873:    Standards.ASN1.Types.asn1_integer(sizelimit),    Standards.ASN1.Types.asn1_integer(timelimit),    ASN1_BOOLEAN(attrsonly ? -1 : 0),    @ohlp    })) ;       return (do_op(msgval));    }       +  //! Search LDAP directory. +  //!    //! @param filter -  //! search filter -  //! @param attrsonly -  //! flag +  //! Search filter used when searching directory objects. +  //!    //! @param attrs -  //! attribute(s) name -  object|int search (string|void filter, int|void attrsonly, array(string)|void attrs) { +  //! The array of attribute names which will be returned by server. +  //! for every entry. +  //! +  //! @param attrsonly +  //! The flag causes server return only attribute name but not +  //! the attribute values. +  //! +  //! @returns +  //! Returns object @[LDAP.client.result] on success, @tt{0@} +  //! otherwise. +  //! +  //! @note +  //! For syntax of search filter see at RFC 1960 +  //! (http://community.roxen.com/developers/idocs/rfc/rfc1960.html). +  //! +  //! @note +  //! The API change: the returning code was changed in Pike 7.3+ +  //! to follow his logic better. +  //! +  //! @seealso +  //! @[LDAP.client.result], @[LDAP.client.result.fetch] +  object|int search (string|void filter, array(string)|void attrs, +  int|void attrsonly) {       int id,nv;    mixed raw;    array(string) rawarr = ({}); -  mixed rv; +        filter=filter||lauth->filter; // default from LDAP URI       DWRITE_HI("client.SEARCH: " + (string)filter + "\n");    if (chk_ver()) -  return(-ldap_errno); +  return(0);    if (chk_binded()) -  return(-ldap_errno); +  return(0);    if(ldap_version == 3) {    filter = string_to_utf8(filter);    }   #ifdef LDAP_PROTOCOL_PROFILE    _prof_gtim = gauge{   #endif    if(intp(raw = send_search_op(ldap_basedn, ldap_scope, ldap_deref,    ldap_sizelimit, ldap_timelimit, attrsonly, filter,    attrs||lauth->attributes))) {    THROW(({error_string()+"\n",backtrace()})); -  return(-ldap_errno); +  return(0);    }   #ifdef LDAP_PROTOCOL_PROFILE    };    DWRITE_PROF("send_search_op: %O\n", _prof_gtim);   #endif       rawarr = ({raw});   #ifdef LDAP_PROTOCOL_PROFILE    _prof_gtim = gauge{   #endif    while (ASN1_DECODE_RESULTAPP(raw) != 5) {   #ifdef LDAP_PROTOCOL_PROFILEx    DWRITE_PROF("readmsg: %O\n", gauge { raw = readmsg(id); });   #else    raw = readmsg(id);   #endif    if (intp(raw)) {    THROW(({error_string()+"\n",backtrace()})); -  return(-ldap_errno); +  return(0);    }    rawarr += ({raw});    } // while   #ifdef LDAP_PROTOCOL_PROFILE    };    DWRITE_PROF("rawarr++: %O\n", _prof_gtim);   #endif      #ifdef LDAP_PROTOCOL_PROFILE -  _prof_gtim = gauge{ rv = result(rawarr); }; +  _prof_gtim = gauge{ last_rv = result(rawarr); };    DWRITE_PROF("result: %O\n", _prof_gtim);   #else -  rv = result(rawarr); +  last_rv = result(rawarr);   #endif -  if(objectp(rv)) -  seterr (rv->error_number()); +  if(objectp(last_rv)) +  seterr (last_rv->error_number());    //if (rv->error_number() || !rv->num_entries()) // if error or entries=0    // rv = rv->error_number();    -  DWRITE_HI(sprintf("client.SEARCH: %s (entries: %d)\n", rv->error_string(), rv->num_entries())); -  return(rv); +  DWRITE_HI(sprintf("client.SEARCH: %s (entries: %d)\n", +  last_rv->error_string(), last_rv->num_entries())); +  return(last_rv);       } // search          //! @param base_dn    //! base DN for search    string set_basedn (string base_dn) {       string old_dn = ldap_basedn;   
pike.git/lib/modules/Protocols.pmod/LDAP.pmod/client.pike:1116:    //!    //! @param deleteoldrdn    //! The parameter controls whether the old RDN attribute values    //! are to be retained as attributes of the entry, or deleted    //! from the entry.    //!    //! @param newsuperior    //! If present, this is the Distinguished Name of the entry    //! which becomes the immediate superior of the existing entry.    //! +  //! @note +  //! The API change: the returning code was changed in Pike 7.3+ +  //! to follow his logic better.    int modifydn (string dn, string newrdn, int deleteoldrdn,    string|void newsuperior) {       mixed raw; -  object rv; +        if (chk_ver()) -  return(-ldap_errno); +  return(0);    if (chk_binded()) -  return(-ldap_errno); +  return(0);    if (chk_dn(dn)) -  return(-ldap_errno); +  return(0);    if(ldap_version == 3) {    dn = string_to_utf8(dn);    newrdn = string_to_utf8(newrdn);    if(newsuperior) newsuperior = string_to_utf8(newsuperior);    }    if(intp(raw = send_modifydn_op(dn, newrdn, deleteoldrdn, newsuperior))) {    THROW(({error_string()+"\n",backtrace()})); -  return(-ldap_errno); +  return(0);    }    -  rv = result(({raw})); -  DWRITE_HI(sprintf("client.MODIFYDN: %s\n", rv->error_string())); -  return (seterr (rv->error_number())); +  last_rv = result(({raw})); +  DWRITE_HI(sprintf("client.MODIFYDN: %s\n", last_rv->error_string())); +  seterr (last_rv->error_number()); +  return (!last_rv->error_number());       } //modifydn       //! The Modify Operation allows a client to request that a modification    //! of an entry be performed on its behalf by a server.    //!    //! @param dn    //! The distinguished name of modified entry.    //!    //! @param attropval
pike.git/lib/modules/Protocols.pmod/LDAP.pmod/client.pike:1170:    //! 1 (LDAP_OPERATION_DELETE) -    //! delete values listed from the given attribute, removing the entire    //! attribute if no values are listed, or if all current values    //! of the attribute are listed for deletion    //! 2 (LDAP_OPERATION_REPLACE) -    //! replace all existing values of the given attribute with the new    //! values listed, creating the attribute if it did not already exist.    //! A replace with no value will delete the entire attribute if it    //! exists, and is ignored if the attribute does not exist    //! +  //! @returns +  //! Returns @tt{1@} on uccess, @tt{0@} otherwise. +  //! +  //! @note +  //! The API change: the returning code was changed in Pike 7.3+ +  //! to follow his logic better.    int modify (string dn, mapping(string:array(mixed)) attropval) {       int id;    mixed raw; -  object rv; +        if (chk_ver()) -  return(-ldap_errno); +  return(0);    if (chk_binded()) -  return(-ldap_errno); +  return(0);    if (chk_dn(dn)) -  return(-ldap_errno); +  return(0);    if(ldap_version == 3) {    dn = string_to_utf8(dn);    array(string) keys = indices(attropval);    array(array(mixed)) vals = values(attropval);    attropval = mkmapping(Array.map(keys, string_to_utf8),    Array.map(vals, Array.map, lambda(mixed x) {    return    (stringp(x)?    string_to_utf8(x) :    x);    }));    }    if(intp(raw = send_modify_op(dn, attropval))) {    THROW(({error_string()+"\n",backtrace()})); -  return(-ldap_errno); +  return(0);    }    -  rv = result(({raw})); -  DWRITE_HI(sprintf("client.MODIFY: %s\n", rv->error_string())); -  return (seterr (rv->error_number())); +  last_rv = result(({raw})); +  DWRITE_HI(sprintf("client.MODIFY: %s\n", last_rv->error_string())); +  seterr (last_rv->error_number()); +  return (!last_rv->error_number());       } // modify    -  +  //! Gets referrals. +  //! +  //! @returns +  //! Returns mapping of referrals or @tt[0@]. +  mapping|int get_referrals() { +  if(last_rv->referrals) +  return last_rv->referrals; +  return 0; +  }       //! @param ldapuri    //! LDAP URL    mapping|int parse_url (string ldapuri) {       // ldap://machine.at.home.cz:123/c=cz?attr1,attr2,attr3?sub?(uid=*)?!bindname=uid=hop,dc=unibase,dc=cz"       string url=ldapuri, s, scheme;    array ar;    mapping res;