version 1.1, 2018/06/13 15:45:58 |
version 1.2, 2018/06/26 09:47:20 |
|
|
#include <sys/param.h> |
#include <sys/param.h> |
#include <sys/queue.h> |
#include <sys/queue.h> |
#include <sys/socket.h> |
#include <sys/socket.h> |
|
#include <sys/stat.h> |
#include <sys/tree.h> |
#include <sys/tree.h> |
#include <sys/un.h> |
#include <sys/un.h> |
|
|
|
|
#define LDAPHOST "localhost" |
#define LDAPHOST "localhost" |
#define LDAPFILTER "(objectClass=*)" |
#define LDAPFILTER "(objectClass=*)" |
#define LDIF_LINELENGTH 79 |
#define LDIF_LINELENGTH 79 |
|
#define LDAPPASSMAX 1024 |
|
|
struct ldapc { |
struct ldapc { |
struct aldap *ldap_al; |
struct aldap *ldap_al; |
|
|
|
|
fprintf(stderr, |
fprintf(stderr, |
"usage: %s search [-LvxZ] [-b basedn] [-c capath] [-D binddn] [-H host]\n" |
"usage: %s search [-LvxZ] [-b basedn] [-c capath] [-D binddn] [-H host]\n" |
" [-l timelimit] [-s scope] [-w secret|-W] [-z sizelimit]\n" |
" [-l timelimit] [-s scope] [-w secret|-W] [-y secretfile]\n" |
" [filter] [attributes ...]\n", |
" [-z sizelimit] [filter] [attributes ...]\n", |
__progname); |
__progname); |
|
|
exit(1); |
exit(1); |
|
|
int |
int |
main(int argc, char *argv[]) |
main(int argc, char *argv[]) |
{ |
{ |
char passbuf[BUFSIZ]; |
char passbuf[LDAPPASSMAX]; |
const char *errstr, *url = NULL; |
const char *errstr, *url = NULL, *secretfile = NULL; |
|
struct stat st; |
struct ldapc ldap; |
struct ldapc ldap; |
struct ldapc_search ls; |
struct ldapc_search ls; |
int ch; |
int ch; |
int verbose = 1; |
int verbose = 1; |
|
FILE *fp; |
|
|
if (pledge("stdio inet unix tty rpath dns", NULL) == -1) |
if (pledge("stdio inet unix tty rpath dns", NULL) == -1) |
err(1, "pledge"); |
err(1, "pledge"); |
|
|
argc--; |
argc--; |
argv++; |
argv++; |
|
|
while ((ch = getopt(argc, argv, "b:c:D:H:Ll:s:vWw:xZz:")) != -1) { |
while ((ch = getopt(argc, argv, "b:c:D:H:Ll:s:vWw:xy:Zz:")) != -1) { |
switch (ch) { |
switch (ch) { |
case 'b': |
case 'b': |
ls.ls_basedn = optarg; |
ls.ls_basedn = optarg; |
|
|
case 'x': |
case 'x': |
/* provided for compatibility */ |
/* provided for compatibility */ |
break; |
break; |
|
case 'y': |
|
secretfile = optarg; |
|
ldap.ldap_flags |= F_NEEDAUTH; |
|
break; |
case 'Z': |
case 'Z': |
ldap.ldap_flags |= F_STARTTLS; |
ldap.ldap_flags |= F_STARTTLS; |
break; |
break; |
|
|
if (ldap.ldap_binddn == NULL) { |
if (ldap.ldap_binddn == NULL) { |
log_warnx("missing -D binddn"); |
log_warnx("missing -D binddn"); |
usage(); |
usage(); |
|
} |
|
if (secretfile != NULL) { |
|
if (ldap.ldap_secret != NULL) |
|
errx(1, "conflicting -w/-y options"); |
|
|
|
/* read password from stdin or file (first line) */ |
|
if (strcmp(secretfile, "-") == 0) |
|
fp = stdin; |
|
else if (stat(secretfile, &st) == -1) |
|
err(1, "failed to access %s", secretfile); |
|
else if (S_ISREG(st.st_mode) && (st.st_mode & S_IROTH)) |
|
errx(1, "%s is world-readable", secretfile); |
|
else if ((fp = fopen(secretfile, "r")) == NULL) |
|
err(1, "failed to open %s", secretfile); |
|
if (fgets(passbuf, sizeof(passbuf), fp) == NULL) |
|
err(1, "failed to read %s", secretfile); |
|
if (fp != stdin) |
|
fclose(fp); |
|
|
|
passbuf[strcspn(passbuf, "\n")] = '\0'; |
|
ldap.ldap_secret = passbuf; |
} |
} |
if (ldap.ldap_secret == NULL) { |
if (ldap.ldap_secret == NULL) { |
if (readpassphrase("Password: ", |
if (readpassphrase("Password: ", |