pike.git / lib / modules / Protocols.pmod / LDAP.pmod / client.pike

version» Context lines:

pike.git/lib/modules/Protocols.pmod/LDAP.pmod/client.pike:1:   #pike __REAL_VERSION__      // LDAP client protocol implementation for Pike.   // - // $Id: client.pike,v 1.77 2005/03/11 13:22:10 mast Exp $ + // $Id: client.pike,v 1.78 2005/03/11 15:33:38 mast Exp $   //   // Honza Petrous, hop@unibase.cz   //   // ----------------------------------------------------------------------   //   // History:   //   // v0.0 1998-05-25 Starting up!   // v1.0 1998-06-21 Core functions (open, bind, unbind, delete, add,   // compare, search), only V2 operations,
pike.git/lib/modules/Protocols.pmod/LDAP.pmod/client.pike:106:    int binded = 0; // flag for v2 operations    string ldap_basedn = ""; // baseDN    int ldap_scope = 0; // 0: base, 1: onelevel, 2: subtree    int ldap_deref = 0; // 0: ...    int ldap_sizelimit = 0;    int ldap_timelimit = 0;    mapping lauth = ([]);    object last_rv = 0; // last returned value    }    - constant supported_extensions = (<"bindname">); + static constant supported_extensions = (<"bindname">);      static function(string:string) get_attr_decoder (string attr,    DO_IF_DEBUG (void|int nowarn))   {    if (mapping(string:mixed) attr_descr = get_attr_type_descr (attr)) {    if (function(string:string) decoder =    Protocols.LDAP.syntax_decode_fns[attr_descr->syntax_oid])    return decoder;   #ifdef DEBUG    else if (!Protocols.LDAP.get_constant_name (attr_descr->syntax_oid))
pike.git/lib/modules/Protocols.pmod/LDAP.pmod/client.pike:161:    //! @seealso    //! @[LDAP.client.search], @[LDAP.client.result.fetch]    //!    class result // ------------------    {       private int resultcode = LDAP_SUCCESS;    private string resultstring;    private int actnum = 0;    private array(mapping(string:array(string))) entry = ({}); +  private int flags;    array(string) referrals;       static array decode_entries (array(string) rawres)    {    array(mapping(string:array(string))) res = ({});    -  foreach (rawres, string rawent) { -  object derent = .ldap_privates.ldap_der_decode (rawent)->elements[1]; + #define DECODE_ENTRIES(SET_ATTR) do { \ +  foreach (rawres, string rawent) { \ +  object derent = .ldap_privates.ldap_der_decode (rawent)->elements[1]; \ +  if (array(object) derattribs = ASN1_GET_ATTR_ARRAY (derent)) { \ +  mapping(string:array) attrs = (["dn": ({ASN1_DECODE_DN (derent)})]); \ +  foreach (derattribs, object derattr) \ +  {SET_ATTR;} \ +  res += ({attrs}); \ +  } \ +  } \ +  } while (0)    -  if (array(object) derattribs = ASN1_GET_ATTR_ARRAY (derent)) { -  mapping(string:array) attrs = (["dn": ({ASN1_DECODE_DN (derent)})]); -  +     if (ldap_version < 3) {    // Use the values raw. -  foreach (derattribs, object derattr) -  attrs[ASN1_GET_ATTR_NAME (derattr)] = ASN1_GET_ATTR_VALUES (derattr); +  if (flags & Protocols.LDAP.SEARCH_LOWER_ATTRS) +  DECODE_ENTRIES ({ +  attrs[lower_case (ASN1_GET_ATTR_NAME (derattr))] = +  ASN1_GET_ATTR_VALUES (derattr); +  }); +  else +  DECODE_ENTRIES ({ +  attrs[ASN1_GET_ATTR_NAME (derattr)] = +  ASN1_GET_ATTR_VALUES (derattr); +  });    }       else { -  // Decode values as appropriate according to the schema. -  // Note that attributes with the ";binary" option won't be -  // matched by get_attr_type_descr and are therefore left -  // untouched. -  foreach (derattribs, object derattr) { +  // LDAPv3: Decode values as appropriate according to the +  // schema. Note that attributes with the ";binary" option +  // won't be matched by get_attr_type_descr and are therefore +  // left untouched. +  if (flags & Protocols.LDAP.SEARCH_LOWER_ATTRS) +  DECODE_ENTRIES ({ +  string attr = lower_case (ASN1_GET_ATTR_NAME (derattr)); +  if (function(string:string) decoder = get_attr_decoder (attr)) +  attrs[attr] = map (ASN1_GET_ATTR_VALUES (derattr), decoder); +  else +  attrs[attr] = ASN1_GET_ATTR_VALUES (derattr); +  }); +  else +  DECODE_ENTRIES ({    string attr = ASN1_GET_ATTR_NAME (derattr);    if (function(string:string) decoder = get_attr_decoder (attr))    attrs[attr] = map (ASN1_GET_ATTR_VALUES (derattr), decoder);    else    attrs[attr] = ASN1_GET_ATTR_VALUES (derattr); -  +  });    } -  } +     -  res += ({attrs}); -  } -  } + #undef DECODE_ENTRIES       return res;    }       //!    //! You can't create instances of this object yourself.    //! The only way to create it is via a search of a LDAP server. -  object|int create(array rawres, int|void stuff) { +  object|int create(array rawres, void|int stuff, void|int flags) {    // rawres: array of result in raw format, but WITHOUT LDAP PDU !!!    // stuff: 1=bind result; ...    -  +  this_program::flags = flags; +     // Note: Might do additional schema queries to the server while    // decoding the result. That means possible interleaving problem    // if search() is extended to not retrieve the complete reply at    // once.       int lastel = sizeof(rawres) - 1;       if (lastel < 0) {    seterr (LDAP_LOCAL_ERROR);    THROW(({"LDAP: Internal error.\n",backtrace()}));
pike.git/lib/modules/Protocols.pmod/LDAP.pmod/client.pike:449: Inside #if undefined(PARSE_RFCS)
   //! 2255.    //!    //! @param context    //! TLS context of connection    //!    //! @seealso    //! @[LDAP.client.bind], @[LDAP.client.search]    void create(string|void url, object|void context)    {    -  info = ([ "code_revision" : ("$Revision: 1.77 $"/" ")[1] ]); +  info = ([ "code_revision" : ("$Revision: 1.78 $"/" ")[1] ]);       if(!url || !sizeof(url))    url = LDAP_DEFAULT_URL;       lauth = parse_url(url);       if(!stringp(lauth->scheme) ||    ((lauth->scheme != "ldap")   #if constant(SSL.Cipher.CipherAlgorithm)    && (lauth->scheme != "ldaps")
pike.git/lib/modules/Protocols.pmod/LDAP.pmod/client.pike:1304:    //! whether the control is critical or not. If it is nonzero,    //! the server returns an error if it doesn't understand the    //! control. If it is zero, the server ignores it instead.    //!    //! @elem string|int(0..0) 1    //! The second element is the string value to pass with the    //! control. It may also be zero to not pass any value at all.    //! @endarray    //! @endmapping    //! +  //! @param flags +  //! Bitfield with flags to control various behavior at the client +  //! side of the search operation. See the +  //! @expr{Protocol.LDAP.SEARCH_*@} constants for details. +  //!    //! @returns    //! Returns object @[LDAP.client.result] on success, @expr{0@}    //! otherwise.    //!    //! @note    //! The API change: the returning code was changed in Pike 7.3+    //! to follow his logic better.    //!    //! @seealso    //! @[result], @[result.fetch], @[get_supported_controls],    //! @[Protocols.LDAP.quote_filter_value]    object|int search (string|void filter, array(string)|void attrs,    int|void attrsonly, -  void|mapping(string:array(int|string)) controls) { +  void|mapping(string:array(int|string)) controls, +  void|int flags) {       int id,nv;    mixed raw;    array(string) rawarr = ({});       filter=filter||lauth->filter; // default from LDAP URI       DWRITE_HI("client.SEARCH: " + (string)filter + "\n");    if (chk_ver())    return 0;
pike.git/lib/modules/Protocols.pmod/LDAP.pmod/client.pike:1462:    }    if (cookie) {    // Remove the extra end marker.    rawarr = rawarr[..sizeof(rawarr)-2];    }    }       },);    } while (cookie);    -  PROFILE("result", last_rv = result(rawarr)); +  PROFILE("result", last_rv = result (rawarr, 0, flags));    if(objectp(last_rv))    seterr (last_rv->error_number());    //if (rv->error_number() || !rv->num_entries()) // if error or entries=0    // rv = rv->error_number();       DWRITE_HI(sprintf("client.SEARCH: %s (entries: %d)\n",    last_rv->error_string(), last_rv->num_entries()));    return last_rv;       } // search       -  + //! Return the LDAP protocol version in use. + int get_protocol_version() {return ldap_version;} +     //! @param base_dn    //! base DN for search    string set_basedn (string base_dn) {       string old_dn = ldap_basedn;       if(ldap_version == 3) {    base_dn = string_to_utf8(base_dn);    }    ldap_basedn = base_dn;