2 /* test parameters for creating a user account - done
3 * users 10 10 a_chen 31275 sh cmd Lastname Firstname Middlename 0 950000000 STAFF a_chen 31275 sh cmd Lastname Firstname Middlename 2 950000000 STAFF
4 * users 10 10 a_chen 31275 sh cmd Lastname Firstname Middlename 2 950000000 STAFF a_chen 31275 sh cmd Lastname Firstname Middlename 1 950000000 STAFF
5 * login, unix_uid, shell, winconsoleshell, last, first, middle, status, clearid, type
7 * test parameters for deactivating/deleting a user account - done
8 * users 10 10 testacc 31275 sh cmd Lastname Firstname Middlename 1 950000000 STAFF testacc 31275 sh cmd Lastname Firstname Middlename 3 950000000 STAFF
9 * users 10 10 testacc 31275 sh cmd Lastname Firstname Middlename 2 950000000 STAFF testacc 31275 sh cmd Lastname Firstname Middlename 3 950000000 STAFF
10 * login, unix_uid, shell, winconsoleshell, last, first, middle, status, clearid, type
11 * comment: clearid is the MIT ID
13 * test parameters for reactivating a user account - done
14 * users 10 10 testacc 31275 sh cmd Lastname Firstname Middlename 3 950000000 STAFF testacc 31275 sh cmd Lastname Firstname Middlename 2 950000000 STAFF
15 * login, unix_uid, shell, winconsoleshell, last, first, middle, status, clearid, type
17 * test parameters for updating user account info - done
18 * users 10 10 testacc 31275 sh cmd Lastname Firstname Middlename 2 950000000 STAFF testacc 31275 sh cmd newLastname Firstname Middlename 2 950000000 STAFF
19 * users 10 10 6_d0006 950 sh cmd Lastname Firstname Middlename 1 900012345 STAFF 6_d0006 950 sh cmd Lastname Firstname Middlename 1 950012345 STAFF
20 * login, unix_uid, shell, winconsoleshell, last, first, middle, status, clearid, type
21 * currently, if the unix_id doesn't change, only the U_UID or U_MITID fields will be updated
23 * test parameters for changing user name - testing
24 * users 10 10 testacc 31275 sh cmd Lastname Firstname Middlename 2 950000000 STAFF testacc1 31275 sh cmd Lastname Firstname Middlename 2 950000000 STAFF
25 * users 10 10 testacc 31275 sh cmd Lastname Firstname Middlename 1 950000000 STAFF testacc1 31275 sh cmd Lastname Firstname Middlename 1 950000000 STAFF
26 * login, unix_uid, shell, winconsoleshell, last, first, middle, status, clearid, type
28 * test parameters for add member to group/list - done
29 * imembers 0 10 pismere-team USER dtanner 1 1 0 1 1 -1 1
30 * imembers 0 9 pismere-team STRING hope@ful.net 1 1 0 1 1 -1
31 * list_name, user_type, name, active, publicflg, hidden, maillist, grouplist, gid
33 * test parameters for remove member from group/list - done
34 * imembers 10 0 pismere-team USER dtanner 1 1 0 1 1 -1 1
35 * imembers 9 0 pismere-team STRING hope@ful.net 1 1 0 1 1 -1
36 * list_name, user_type, name, active, publicflg, hidden, maillist, grouplist, gid
38 * test parameters for creating and/or populating a group/list - done
39 * list 0 10 pismere-team 1 1 0 1 0 -1 USER 95260 description
40 * name, active, publicflg, hidden, maillist, grouplist, gid, acl_type, acl_id, description
42 * test parameters for deleting a group/list - done
43 * list 10 0 pismere-team 1 1 0 1 0 -1 USER 95260 description
44 * name, active, publicflg, hidden, maillist, grouplist, gid, acl_type, acl_id, description
46 * test parameters for renaming a group/list - done
47 * list 10 10 adtestlist 1 1 0 1 0 -1 USER 95260 description pismere-team 1 1 0 1 1 -1 USER 95260 description
48 * list 10 10 pismere-team 1 1 0 1 1 -1 USER 95260 description adtestlist1 1 1 0 1 0 -1 USER 95260 description
49 * name, active, publicflg, hidden, maillist, grouplist, gid, acl_type, acl_id, description
51 #include <mit-copyright.h>
63 #include <moira_site.h>
73 #define ECONNABORTED WSAECONNABORTED
76 #define ECONNREFUSED WSAECONNREFUSED
79 #define EHOSTUNREACH WSAEHOSTUNREACH
81 #define krb5_xfree free
83 #define sleep(A) Sleep(A * 1000);
87 #include <sys/utsname.h>
90 #define UCHAR unsigned char
92 #define UF_SCRIPT 0x0001
93 #define UF_ACCOUNTDISABLE 0x0002
94 #define UF_HOMEDIR_REQUIRED 0x0008
95 #define UF_LOCKOUT 0x0010
96 #define UF_PASSWD_NOTREQD 0x0020
97 #define UF_PASSWD_CANT_CHANGE 0x0040
98 #define UF_DONT_EXPIRE_PASSWD 0x10000
100 #define UF_TEMP_DUPLICATE_ACCOUNT 0x0100
101 #define UF_NORMAL_ACCOUNT 0x0200
102 #define UF_INTERDOMAIN_TRUST_ACCOUNT 0x0800
103 #define UF_WORKSTATION_TRUST_ACCOUNT 0x1000
104 #define UF_SERVER_TRUST_ACCOUNT 0x2000
107 #define BYTE unsigned char
109 typedef unsigned int DWORD;
110 typedef unsigned long ULONG;
115 unsigned short Data2;
116 unsigned short Data3;
117 unsigned char Data4[8];
120 typedef struct _SID_IDENTIFIER_AUTHORITY {
122 } SID_IDENTIFIER_AUTHORITY, *PSID_IDENTIFIER_AUTHORITY;
124 typedef struct _SID {
126 BYTE SubAuthorityCount;
127 SID_IDENTIFIER_AUTHORITY IdentifierAuthority;
128 DWORD SubAuthority[512];
132 #define ADS_GROUP_TYPE_GLOBAL_GROUP 0x00000002
133 #define ADS_GROUP_TYPE_DOMAIN_LOCAL_GROUP 0x00000004
134 #define ADS_GROUP_TYPE_LOCAL_GROUP 0x00000004
135 #define ADS_GROUP_TYPE_UNIVERSAL_GROUP 0x00000008
136 #define ADS_GROUP_TYPE_SECURITY_ENABLED 0x80000000
138 #define QUERY_VERSION -1
139 #define PRIMARY_REALM "ATHENA.MIT.EDU"
148 #define MEMBER_REMOVE 2
149 #define MEMBER_CHANGE_NAME 3
150 #define MEMBER_ACTIVATE 4
151 #define MEMBER_DEACTIVATE 5
152 #define MEMBER_CREATE 6
154 typedef struct lk_entry {
164 struct lk_entry *next;
167 #define STOP_FILE "/moira/winad/nowinad"
168 #define file_exists(file) (access((file), F_OK) == 0)
170 #define LDAP_BERVAL struct berval
171 #define MAX_SERVER_NAMES 32
173 #define ADD_ATTR(t, v, o) \
174 mods[n] = malloc(sizeof(LDAPMod)); \
175 mods[n]->mod_op = o; \
176 mods[n]->mod_type = t; \
177 mods[n++]->mod_values = v
179 LK_ENTRY *member_base = NULL;
180 LK_ENTRY *sid_base = NULL;
181 LK_ENTRY **sid_ptr = NULL;
182 static char tbl_buf[1024];
183 char kerberos_ou[] = "OU=kerberos, OU=moira, OU=athena";
184 char contact_ou[] = "OU=strings, OU=moira, OU=athena";
185 char user_ou[] = "OU=users, OU=moira, OU=athena";
186 char group_ou_distribution[] = "OU=distribution, OU=lists, OU=moira, OU=athena";
187 char group_ou_security[] = "OU=security, OU=lists, OU=moira, OU=athena";
188 char group_ou_neither[] = "OU=neither, OU=lists, OU=moira, OU=athena";
189 char group_ou_both[] = "OU=both, OU=lists, OU=moira, OU=athena";
190 char group_ou_root[] = "OU=lists, OU=moira, OU=athena";
192 char group_manager[64];
193 char ldap_domain[256];
198 int mr_connections = 0;
201 extern int locate_ldap_server(char *domain, char *server_name[]);
202 extern int set_password(char *user, char *domain);
204 void check_winad(void);
205 int user_create(int ac, char **av, void *ptr);
206 int user_change_status(int ac, char **av, void *ptr);
207 int user_delete(LDAP *ldap_handle, char *dn_path, char *u_name);
208 int user_rename(int ac, char **av, void *ptr);
209 int user_update(int ac, char **av, void *ptr);
210 int contact_create(LDAP *ld, char *bind_path, char *user, char *group_ou);
211 int get_group_info(int ac, char**av, void *ptr);
212 int group_create(int ac, char **av, void *ptr);
213 int group_delete(int ac, char **av, void *ptr);
214 int group_ad_delete(LDAP *ldap_handle, char *dn_path, char *group_name);
215 int group_list_build(int ac, char **av, void *ptr);
216 int group_rename(int ac, char **av, void *ptr);
217 int member_list_build(int ac, char **av, void *ptr);
218 int member_list_process(LDAP *ldap_handle, char *dn_path, char *group_name,
219 char *group_ou, char *group_membership, char *group_gid);
220 int member_remove(LDAP *ldap_handle, char *dn_path, char *group_name,
221 char *group_ou, char *group_membership, char *group_gid);
222 int sid_update(LDAP *ldap_handle, char *dn_path);
223 int check_string(char *s);
224 void convert_b_to_a(char *string, UCHAR *binary, int length);
225 int mr_connect_cl(char *server, char *client, int version, int auth);
227 void do_list(LDAP *ldap_handle, char *dn_path, char *ldap_hostname,
228 char **before, int beforec, char **after, int afterc);
229 void do_user(LDAP *ldap_handle, LDAPMessage *ldap_entry, char *ldap_hostname,
230 char *dn_path, char **before, int beforec, char **after,
232 void do_member(LDAP *ldap_handle, char *dn_path, char *ldap_hostname,
233 char **before, int beforec, char **after, int afterc);
234 int linklist_create_entry(char *attribute, char *value,
235 LK_ENTRY **linklist_entry);
236 int linklist_build(LDAP *ldap_handle, char *dn_path, char *search_exp,
237 char **attr_array, LK_ENTRY **linklist_base,
238 int *linklist_count);
239 void linklist_free(LK_ENTRY *linklist_base);
241 int retrieve_attributes(LDAP *ldap_handle, LDAPMessage *ldap_entry,
242 char *distinguished_name, LK_ENTRY **linklist_current);
243 int retrieve_entries(LDAP *ldap_handle, LDAPMessage *ldap_entry,
244 LK_ENTRY **linklist_base, int *linklist_count);
245 int retrieve_values(LDAP *ldap_handle, LDAPMessage *ldap_entry,
246 char *Attribute, char *distinguished_name,
247 LK_ENTRY **linklist_current);
249 int construct_newvalues(LK_ENTRY *linklist_base, int modvalue_count,
250 char *oldValue, char *newValue,
251 char ***modvalues, int type);
252 void free_values(char **modvalues);
254 int convert_domain_to_dn(char *domain, char **bind_path);
255 void get_distinguished_name(LDAP *ldap_handle, LDAPMessage *ldap_entry,
256 char *distinguished_name);
257 int moira_disconnect(void);
258 int moira_connect(void);
259 void print_to_screen(const char *fmt, ...);
261 int main(int argc, char **argv)
266 int Max_wait_time = 500;
267 int Max_size_limit = LDAP_NO_LIMIT;
273 char search_exp[1024];
274 char *server_name[MAX_SERVER_NAMES];
275 ULONG version = LDAP_VERSION3;
277 LDAPMessage *ldap_entry;
280 whoami = ((whoami = (char *)strrchr(argv[0], '/')) ? whoami+1 : argv[0]);
284 com_err(whoami, 0, "%s", "argc < 4");
287 beforec = atoi(argv[2]);
288 afterc = atoi(argv[3]);
290 if (argc < (4 + beforec + afterc))
292 com_err(whoami, 0, "%s", "argc < (4 + breforec + afterc)");
298 after = &argv[4 + beforec];
300 strcpy(tbl_buf, table);
301 strcat(tbl_buf, " (");
302 for (i = 0; i < beforec; i++)
305 strcat(tbl_buf, ",");
306 strcat(tbl_buf, before[i]);
308 strcat(tbl_buf, ")->(");
309 for (i = 0; i < afterc; i++)
312 strcat(tbl_buf, ",");
313 strcat(tbl_buf, after[i]);
315 strcat(tbl_buf, ")");
318 memset(ldap_domain, '\0', sizeof(ldap_domain));
319 if ((fptr = fopen("winad.cfg", "r")) != NULL)
321 fread(ldap_domain, sizeof(char), sizeof(ldap_domain), fptr);
324 if (strlen(ldap_domain) == 0)
325 strcpy(ldap_domain, "win.mit.edu");
326 initialize_sms_error_table();
327 initialize_krb_error_table();
329 memset(search_exp, '\0', sizeof(search_exp));
332 convert_domain_to_dn(ldap_domain, &dn_path);
335 com_err(whoami, 0, "%s", "cannot create AD path");
338 memset(server_name, '\0', sizeof(server_name[0]) * MAX_SERVER_NAMES);
339 if (locate_ldap_server(ldap_domain, server_name) == -1)
341 com_err(whoami, 0, "%s %s", "cannot locate any server in domain ",
346 for (i = 0; i < MAX_SERVER_NAMES; i++)
348 if (server_name[i] != NULL)
350 if ((ldap_handle = ldap_open(server_name[i], LDAP_PORT)) != NULL)
356 if (i >= MAX_SERVER_NAMES)
358 com_err(whoami, 0, "%s %s", "cannot connect to any server in domain ",
362 for (i = 0; i < MAX_SERVER_NAMES; i++)
364 if (server_name[i] != NULL)
365 free(server_name[i]);
367 rc = ldap_set_option(ldap_handle, LDAP_OPT_PROTOCOL_VERSION, &version);
368 rc = ldap_set_option(ldap_handle, LDAP_OPT_TIMELIMIT,
369 (void *)&Max_wait_time);
370 rc = ldap_set_option(ldap_handle, LDAP_OPT_SIZELIMIT,
371 (void *)&Max_size_limit);
372 rc = ldap_set_option(ldap_handle, LDAP_OPT_REFERRALS, LDAP_OPT_OFF);
373 rc = ldap_adgssapi_bind(ldap_handle, dn_path, GSSSASL_PRIVACY_PROTECTION);
374 if (rc != LDAP_SUCCESS)
377 for (i = 0; i < (int)strlen(table); i++)
378 table[i] = tolower(table[i]);
379 if (!strcmp(table, "users"))
380 do_user(ldap_handle, ldap_entry, ldap_domain, dn_path, before, beforec,
382 else if (!strcmp(table, "list"))
383 do_list(ldap_handle, dn_path, ldap_domain, before, beforec, after,
385 else if (!strcmp(table, "imembers"))
386 do_member(ldap_handle, dn_path, ldap_domain, before, beforec, after,
389 else if (!strcmp(table, "filesys"))
390 do_filesys(before, beforec, after, afterc);
391 else if (!strcmp(table, "quota"))
392 do_quota(before, beforec, after, afterc);
394 rc = ldap_unbind_s(ldap_handle);
399 void do_list(LDAP *ldap_handle, char *dn_path, char *ldap_hostname,
400 char **before, int beforec, char **after, int afterc)
417 if (beforec == 0 && afterc == 0)
420 astatus = bstatus = 0;
422 apublic = bpublic = 0;
423 amaillist = bmaillist = 0;
426 if (atoi(before[L_ACTIVE]))
428 bstatus = atoi(before[L_ACTIVE]);
429 bhide = atoi(before[L_HIDDEN]);
430 bpublic = atoi(before[L_PUBLIC]);
431 bmaillist = atoi(before[L_MAILLIST]);
432 bgroup = atoi(before[L_GROUP]);
437 if (atoi(after[L_ACTIVE]))
439 astatus = atoi(after[L_ACTIVE]);
440 ahide = atoi(after[L_HIDDEN]);
441 apublic = atoi(after[L_PUBLIC]);
442 amaillist = atoi(after[L_MAILLIST]);
443 agroup = atoi(after[L_GROUP]);
447 if (rc = moira_connect())
449 critical_alert("AD incremental",
450 "Error contacting Moira server : %s",
455 if (astatus && bstatus)
457 if ((bmaillist == amaillist) && (bgroup == agroup) &&
458 (!strcmp(before[L_NAME], after[L_NAME])))
460 com_err(whoami, 0, "Changing group %s to %s",
461 before[L_NAME], after[L_NAME]);
463 av[0] = after[L_NAME];
464 call_args[0] = (char *)ldap_handle;
465 call_args[1] = dn_path;
466 call_args[2] = before[L_NAME];
467 call_args[3] = before[L_MAILLIST];
468 call_args[4] = before[L_GROUP];
471 if (rc = mr_query("get_list_info", 1, av, group_rename, call_args))
473 if (callback_rc != LDAP_NO_SUCH_OBJECT)
475 critical_alert("AD incremental",
476 "Could not change list %s to %s : %s",
478 after[L_NAME], error_message(rc));
481 callback_rc = LDAP_NO_SUCH_OBJECT;
483 if (callback_rc != LDAP_NO_SUCH_OBJECT)
489 com_err(whoami, 0, "Deleting group %s", before[L_NAME]);
490 rc = group_ad_delete(ldap_handle, dn_path, before[L_NAME]);
495 com_err(whoami, 0, "Creating group %s", after[L_NAME]);
497 av[0] = after[L_NAME];
498 call_args[0] = (char *)ldap_handle;
499 call_args[1] = dn_path;
500 call_args[2] = after[L_NAME];
506 if (rc = mr_query("get_list_info", 1, av, group_create, call_args))
508 critical_alert("AD incremental", "Couldn't create list %s : %s",
509 after[L_NAME], error_message(rc));
512 if (sid_base != NULL)
514 sid_update(ldap_handle, dn_path);
515 linklist_free(sid_base);
521 if (!(rc = mr_query("get_members_of_list", 1, av, member_list_build,
524 if (member_base != NULL)
525 rc = member_list_process(ldap_handle, dn_path, after[L_NAME],
526 call_args[3], call_args[4], call_args[5]);
530 critical_alert("AD incremental",
531 "Error contacting Moira server to resolve %s : %s",
532 after[L_NAME], error_message(rc));
534 linklist_free(member_base);
541 #define LM_EXTRA_ACTIVE (LM_END)
543 void do_member(LDAP *ldap_handle, char *dn_path, char *ldap_hostname,
544 char **before, int beforec, char **after, int afterc)
548 char group_name[128];
555 if (!atoi(after[LM_EXTRA_ACTIVE]))
557 strcpy(user_name, after[LM_MEMBER]);
558 strcpy(group_name, after[LM_LIST]);
559 strcpy(user_type, after[LM_TYPE]);
564 if (!atoi(before[LM_EXTRA_ACTIVE]))
566 strcpy(user_name, before[LM_MEMBER]);
567 strcpy(group_name, before[LM_LIST]);
568 strcpy(user_type, before[LM_TYPE]);
571 if (rc = moira_connect())
573 critical_alert("AD incremental",
574 "Moira error retrieving grouplist of user %s : %s",
575 user_name, error_message(rc));
579 call_args[0] = (char *)ldap_handle;
580 call_args[1] = dn_path;
581 call_args[2] = group_name;
588 if (!(rc = mr_query("get_list_info", 1, av, group_create, call_args)))
590 if (sid_base != NULL)
592 sid_update(ldap_handle, dn_path);
593 linklist_free(sid_base);
596 if (!(rc = mr_query("get_members_of_list", 1, av, member_list_build,
599 if (member_base == NULL)
601 member_remove(ldap_handle, dn_path, group_name,
602 call_args[3], call_args[4], call_args[5]);
606 rc = member_list_process(ldap_handle, dn_path, group_name,
607 call_args[3], call_args[4], call_args[5]);
614 critical_alert("AD incremental", "Couldn't add %s to group %s ",
615 user_name, group_name);
617 critical_alert("AD incremental", "Couldn't remove %s from group %s ",
618 user_name, group_name);
620 linklist_free(member_base);
621 if (call_args[3] != NULL)
623 if (call_args[4] != NULL)
629 void do_user(LDAP *ldap_handle, LDAPMessage *ldap_entry, char *ldap_hostname,
630 char *dn_path, char **before, int beforec, char **after,
640 if ((beforec == 0) || (afterc == 0))
645 if (afterc > U_STATE)
646 astate = atoi(after[U_STATE]);
647 if (beforec > U_STATE)
648 bstate = atoi(before[U_STATE]);
655 if ((bstate == 0) && (astate == 0))
658 if (rc = moira_connect())
660 critical_alert("AD incremental",
661 "Error connection to Moira : %s",
666 if (astate == bstate)
668 if (!strcmp(before[U_NAME], after[U_NAME]))
670 com_err(whoami, 0, "Updating user %s info", before[U_NAME]);
671 av[0] = before[U_NAME];
672 call_args[0] = (char *)ldap_handle;
673 call_args[1] = dn_path;
677 if (rc = mr_query("get_user_account_by_login", 1, av, user_update,
680 if (callback_rc != LDAP_NO_SUCH_OBJECT)
682 critical_alert("AD incremental",
683 "Could not update user %s info : %s",
692 com_err(whoami, 0, "Changing user %s to %s", before[U_NAME],
694 av[0] = after[U_NAME];
695 call_args[0] = (char *)ldap_handle;
696 call_args[1] = dn_path;
697 call_args[2] = (char *)MEMBER_ACTIVATE;
698 call_args[3] = before[U_NAME];
702 if (rc = mr_query("get_user_account_by_login", 1, av, user_rename,
705 if (callback_rc != LDAP_NO_SUCH_OBJECT)
707 critical_alert("AD incremental",
708 "Could not change user %s to %s : %s",
710 after[U_NAME], error_message(rc));
715 if (callback_rc != LDAP_NO_SUCH_OBJECT)
721 com_err(whoami, 0, "Deactivate user %s in the AD", before[U_NAME]);
722 av[0] = before[U_NAME];
723 call_args[0] = (char *)ldap_handle;
724 call_args[1] = dn_path;
725 call_args[2] = (char *)MEMBER_DEACTIVATE;
726 if (rc = mr_query("get_user_account_by_login", 1, av, user_change_status,
729 critical_alert("AD incremental",
730 "Couldn't deactivate user %s in the AD : %s",
731 before[U_NAME], error_message(rc));
737 com_err(whoami, 0, "%s user %s", "Creating/Reactivating",
740 av[0] = after[U_NAME];
741 call_args[0] = (char *)ldap_handle;
742 call_args[1] = dn_path;
743 call_args[2] = (char *)MEMBER_ACTIVATE;
747 if (rc = mr_query("get_user_account_by_login", 1, av, user_create,
750 critical_alert("AD incremental", "Couldn't create/activate user %s : %s",
751 after[U_NAME], error_message(rc));
754 if (sid_base != NULL)
756 sid_update(ldap_handle, dn_path);
757 linklist_free(sid_base);
764 int construct_newvalues(LK_ENTRY *linklist_base, int modvalue_count,
765 char *oldValue, char *newValue,
766 char ***modvalues, int type)
768 LK_ENTRY *linklist_ptr;
772 if (((*modvalues) = calloc(1, (modvalue_count + 1) * sizeof(char *)))
777 for (i = 0; i < (modvalue_count + 1); i++)
778 (*modvalues)[i] = NULL;
779 if (modvalue_count != 0)
781 linklist_ptr = linklist_base;
782 for (i = 0; i < modvalue_count; i++)
784 if ((oldValue != NULL) && (newValue != NULL))
786 if ((cPtr = (char *)strstr(linklist_ptr->value, oldValue))
791 if (((*modvalues)[i] = calloc(1, strlen(newValue) + 1))
794 memset((*modvalues)[i], '\0', strlen(newValue) + 1);
795 strcpy((*modvalues)[i], newValue);
799 if (((*modvalues)[i] = calloc(1,
800 (int)(cPtr - linklist_ptr->value) +
801 (linklist_ptr->length - strlen(oldValue)) +
802 strlen(newValue) + 1)) == NULL)
804 memset((*modvalues)[i], '\0',
805 (int)(cPtr - linklist_ptr->value) +
806 (linklist_ptr->length - strlen(oldValue)) +
807 strlen(newValue) + 1);
808 memcpy((*modvalues)[i], linklist_ptr->value,
809 (int)(cPtr - linklist_ptr->value));
810 strcat((*modvalues)[i], newValue);
811 strcat((*modvalues)[i],
812 &linklist_ptr->value[(int)(cPtr - linklist_ptr->value) + strlen(oldValue)]);
817 (*modvalues)[i] = calloc(1, linklist_ptr->length + 1);
818 memset((*modvalues)[i], '\0', linklist_ptr->length + 1);
819 memcpy((*modvalues)[i], linklist_ptr->value,
820 linklist_ptr->length);
825 (*modvalues)[i] = calloc(1, linklist_ptr->length + 1);
826 memset((*modvalues)[i], '\0', linklist_ptr->length + 1);
827 memcpy((*modvalues)[i], linklist_ptr->value,
828 linklist_ptr->length);
830 linklist_ptr = linklist_ptr->next;
832 (*modvalues)[i] = NULL;
838 int linklist_build(LDAP *ldap_handle, char *dn_path, char *search_exp,
839 char **attr_array, LK_ENTRY **linklist_base,
843 LDAPMessage *ldap_entry;
847 (*linklist_base) = NULL;
848 (*linklist_count) = 0;
849 if ((rc = ldap_search_s(ldap_handle, dn_path, LDAP_SCOPE_SUBTREE,
850 search_exp, attr_array, 0, &ldap_entry))
853 rc = retrieve_entries(ldap_handle, ldap_entry, linklist_base, linklist_count);
855 ldap_msgfree(ldap_entry);
860 int retrieve_entries(LDAP *ldap_handle, LDAPMessage *ldap_entry,
861 LK_ENTRY **linklist_base, int *linklist_count)
863 char distinguished_name[1024];
864 LK_ENTRY *linklist_ptr;
867 if ((ldap_entry = ldap_first_entry(ldap_handle, ldap_entry)) == NULL)
870 memset(distinguished_name, '\0', sizeof(distinguished_name));
871 get_distinguished_name(ldap_handle, ldap_entry, distinguished_name);
873 if ((rc = retrieve_attributes(ldap_handle, ldap_entry, distinguished_name,
874 linklist_base)) != 0)
877 while ((ldap_entry = ldap_next_entry(ldap_handle, ldap_entry)) != NULL)
879 memset(distinguished_name, '\0', sizeof(distinguished_name));
880 get_distinguished_name(ldap_handle, ldap_entry, distinguished_name);
882 if ((rc = retrieve_attributes(ldap_handle, ldap_entry, distinguished_name,
883 linklist_base)) != 0)
887 linklist_ptr = (*linklist_base);
888 (*linklist_count) = 0;
889 while (linklist_ptr != NULL)
892 linklist_ptr = linklist_ptr->next;
897 int retrieve_attributes(LDAP *ldap_handle, LDAPMessage *ldap_entry,
898 char *distinguished_name, LK_ENTRY **linklist_current)
904 if ((Attribute = ldap_first_attribute(ldap_handle, ldap_entry, &ptr)) != NULL)
906 retrieve_values(ldap_handle, ldap_entry, Attribute, distinguished_name,
908 ldap_memfree(Attribute);
909 while ((Attribute = ldap_next_attribute(ldap_handle, ldap_entry,
912 retrieve_values(ldap_handle, ldap_entry, Attribute,
913 distinguished_name, linklist_current);
914 ldap_memfree(Attribute);
917 ldap_ber_free(ptr, 0);
921 int retrieve_values(LDAP *ldap_handle, LDAPMessage *ldap_entry,
922 char *Attribute, char *distinguished_name,
923 LK_ENTRY **linklist_current)
929 LK_ENTRY *linklist_previous;
930 LDAP_BERVAL **ber_value;
938 SID_IDENTIFIER_AUTHORITY *sid_auth;
939 unsigned char *subauth_count;
940 #endif /*LDAP_BEGUG*/
943 memset(temp, '\0', sizeof(temp));
944 if ((!strcmp(Attribute, "objectSid")) ||
945 (!strcmp(Attribute, "objectGUID")))
950 ber_value = ldap_get_values_len(ldap_handle, ldap_entry, Attribute);
951 Ptr = (void **)ber_value;
956 str_value = ldap_get_values(ldap_handle, ldap_entry, Attribute);
957 Ptr = (void **)str_value;
964 if ((linklist_previous = calloc(1, sizeof(LK_ENTRY))) == NULL)
966 memset(linklist_previous, '\0', sizeof(LK_ENTRY));
967 linklist_previous->next = (*linklist_current);
968 (*linklist_current) = linklist_previous;
970 if (((*linklist_current)->attribute = calloc(1,
971 strlen(Attribute) + 1)) == NULL)
973 memset((*linklist_current)->attribute, '\0', strlen(Attribute) + 1);
974 strcpy((*linklist_current)->attribute, Attribute);
977 ber_length = (*(LDAP_BERVAL **)Ptr)->bv_len;
978 if (((*linklist_current)->value = calloc(1, ber_length)) == NULL)
980 memset((*linklist_current)->value, '\0', ber_length);
981 memcpy((*linklist_current)->value, (*(LDAP_BERVAL **)Ptr)->bv_val,
983 (*linklist_current)->length = ber_length;
987 if (((*linklist_current)->value = calloc(1,
988 strlen(*Ptr) + 1)) == NULL)
990 memset((*linklist_current)->value, '\0', strlen(*Ptr) + 1);
991 (*linklist_current)->length = strlen(*Ptr);
992 strcpy((*linklist_current)->value, *Ptr);
994 (*linklist_current)->ber_value = use_bervalue;
995 if (((*linklist_current)->dn = calloc(1,
996 strlen(distinguished_name) + 1)) == NULL)
998 memset((*linklist_current)->dn, '\0', strlen(distinguished_name) + 1);
999 strcpy((*linklist_current)->dn, distinguished_name);
1002 if (!strcmp(Attribute, "objectGUID"))
1004 guid = (GUID *)((*linklist_current)->value);
1005 sprintf(temp, "%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x",
1006 guid->Data1, guid->Data2, guid->Data3,
1007 guid->Data4[0], guid->Data4[1], guid->Data4[2],
1008 guid->Data4[3], guid->Data4[4], guid->Data4[5],
1009 guid->Data4[6], guid->Data4[7]);
1010 print_to_screen(" %20s : {%s}\n", Attribute, temp);
1012 else if (!strcmp(Attribute, "objectSid"))
1014 sid = (SID *)((*(LDAP_BERVAL **)Ptr)->bv_val);
1016 print_to_screen(" Revision = %d\n", sid->Revision);
1017 print_to_screen(" SID Identifier Authority:\n");
1018 sid_auth = &sid->IdentifierAuthority;
1019 if (sid_auth->Value[0])
1020 print_to_screen(" SECURITY_NULL_SID_AUTHORITY\n");
1021 else if (sid_auth->Value[1])
1022 print_to_screen(" SECURITY_WORLD_SID_AUTHORITY\n");
1023 else if (sid_auth->Value[2])
1024 print_to_screen(" SECURITY_LOCAL_SID_AUTHORITY\n");
1025 else if (sid_auth->Value[3])
1026 print_to_screen(" SECURITY_CREATOR_SID_AUTHORITY\n");
1027 else if (sid_auth->Value[5])
1028 print_to_screen(" SECURITY_NT_AUTHORITY\n");
1030 print_to_screen(" UNKNOWN SID AUTHORITY\n");
1031 subauth_count = GetSidSubAuthorityCount(sid);
1032 print_to_screen(" SidSubAuthorityCount = %d\n",
1034 print_to_screen(" SidSubAuthority:\n");
1035 for (i = 0; i < *subauth_count; i++)
1037 if ((subauth = GetSidSubAuthority(sid, i)) != NULL)
1038 print_to_screen(" %u\n", *subauth);
1042 else if ((!memcmp(Attribute, "userAccountControl",
1043 strlen("userAccountControl"))) ||
1044 (!memcmp(Attribute, "sAMAccountType",
1045 strlen("sAmAccountType"))))
1047 intValue = atoi(*Ptr);
1048 print_to_screen(" %20s : %ld\n",Attribute, intValue);
1049 if (!memcmp(Attribute, "userAccountControl",
1050 strlen("userAccountControl")))
1052 if (intValue & UF_ACCOUNTDISABLE)
1053 print_to_screen(" %20s : %s\n",
1054 "", "Account disabled");
1056 print_to_screen(" %20s : %s\n",
1057 "", "Account active");
1058 if (intValue & UF_HOMEDIR_REQUIRED)
1059 print_to_screen(" %20s : %s\n",
1060 "", "Home directory required");
1061 if (intValue & UF_LOCKOUT)
1062 print_to_screen(" %20s : %s\n",
1063 "", "Account locked out");
1064 if (intValue & UF_PASSWD_NOTREQD)
1065 print_to_screen(" %20s : %s\n",
1066 "", "No password required");
1067 if (intValue & UF_PASSWD_CANT_CHANGE)
1068 print_to_screen(" %20s : %s\n",
1069 "", "Cannot change password");
1070 if (intValue & UF_TEMP_DUPLICATE_ACCOUNT)
1071 print_to_screen(" %20s : %s\n",
1072 "", "Temp duplicate account");
1073 if (intValue & UF_NORMAL_ACCOUNT)
1074 print_to_screen(" %20s : %s\n",
1075 "", "Normal account");
1076 if (intValue & UF_INTERDOMAIN_TRUST_ACCOUNT)
1077 print_to_screen(" %20s : %s\n",
1078 "", "Interdomain trust account");
1079 if (intValue & UF_WORKSTATION_TRUST_ACCOUNT)
1080 print_to_screen(" %20s : %s\n",
1081 "", "Workstation trust account");
1082 if (intValue & UF_SERVER_TRUST_ACCOUNT)
1083 print_to_screen(" %20s : %s\n",
1084 "", "Server trust account");
1089 print_to_screen(" %20s : %s\n",Attribute, *Ptr);
1091 #endif /*LDAP_DEBUG*/
1093 if (str_value != NULL)
1094 ldap_value_free(str_value);
1095 if (ber_value != NULL)
1096 ldap_value_free_len(ber_value);
1098 (*linklist_current) = linklist_previous;
1102 int moira_connect(void)
1107 if (!mr_connections++)
1110 memset(HostName, '\0', sizeof(HostName));
1111 strcpy(HostName, "ttsp");
1112 rc = mr_connect_cl(HostName, "winad.incr", QUERY_VERSION, 1);
1114 rc = mr_connect(HostName);
1119 rc = mr_connect_cl(uts.nodename, "winad.incr", QUERY_VERSION, 1);
1121 rc = mr_connect(uts.nodename);
1126 rc = mr_auth("winad.incr");
1133 void check_winad(void)
1137 for (i = 0; file_exists(STOP_FILE); i++)
1141 critical_alert("incremental",
1142 "WINAD incremental failed (%s exists): %s",
1143 STOP_FILE, tbl_buf);
1150 int moira_disconnect(void)
1153 if (!--mr_connections)
1160 int convert_domain_to_dn(char *domain, char **dnp)
1167 memset(dn, 0, sizeof(dn));
1170 for (fp = domain; *fp; fp++)
1181 *dnp = (char *)strdup(dn);
1185 void get_distinguished_name(LDAP *ldap_handle, LDAPMessage *ldap_entry,
1186 char *distinguished_name)
1190 CName = ldap_get_dn(ldap_handle, ldap_entry);
1193 strcpy(distinguished_name, CName);
1194 ldap_memfree(CName);
1197 int linklist_create_entry(char *attribute, char *value,
1198 LK_ENTRY **linklist_entry)
1200 (*linklist_entry) = calloc(1, sizeof(LK_ENTRY));
1201 if (!(*linklist_entry))
1205 memset((*linklist_entry), '\0', sizeof(LK_ENTRY));
1206 (*linklist_entry)->attribute = calloc(1, strlen(attribute) + 1);
1207 memset((*linklist_entry)->attribute, '\0', strlen(attribute) + 1);
1208 strcpy((*linklist_entry)->attribute, attribute);
1209 (*linklist_entry)->value = calloc(1, strlen(value) + 1);
1210 memset((*linklist_entry)->value, '\0', strlen(value) + 1);
1211 strcpy((*linklist_entry)->value, value);
1212 (*linklist_entry)->length = strlen(value);
1213 (*linklist_entry)->next = NULL;
1217 void print_to_screen(const char *fmt, ...)
1221 va_start(pvar, fmt);
1222 vfprintf(stderr, fmt, pvar);
1227 int get_group_membership(char *group_membership, char *group_ou,
1228 int *security_flag, char **av)
1233 maillist_flag = atoi(av[L_MAILLIST]);
1234 group_flag = atoi(av[L_GROUP]);
1235 if (security_flag != NULL)
1236 (*security_flag) = 0;
1238 if ((maillist_flag) && (group_flag))
1240 if (group_membership != NULL)
1241 group_membership[0] = 'B';
1242 if (security_flag != NULL)
1243 (*security_flag) = 1;
1244 if (group_ou != NULL)
1245 strcpy(group_ou, group_ou_both);
1247 else if ((!maillist_flag) && (group_flag))
1249 if (group_membership != NULL)
1250 group_membership[0] = 'S';
1251 if (security_flag != NULL)
1252 (*security_flag) = 1;
1253 if (group_ou != NULL)
1254 strcpy(group_ou, group_ou_security);
1256 else if ((maillist_flag) && (!group_flag))
1258 if (group_membership != NULL)
1259 group_membership[0] = 'D';
1260 if (group_ou != NULL)
1261 strcpy(group_ou, group_ou_distribution);
1265 if (group_membership != NULL)
1266 group_membership[0] = 'N';
1267 if (group_ou != NULL)
1268 strcpy(group_ou, group_ou_neither);
1273 int get_group_info(int ac, char**av, void *ptr)
1279 if (!atoi(av[L_ACTIVE]))
1283 get_group_membership(GroupType, NULL, NULL, av);
1287 call_args[5] = av[L_NAME];
1288 get_group_membership(call_args[4], call_args[3], NULL, av);
1294 int group_rename(int ac, char **av, void *ptr)
1299 char new_dn_path[512];
1302 char group_membership[2];
1303 char filter_exp[4096];
1304 char *attr_array[3];
1305 char *name_v[] = {NULL, NULL};
1306 char *samAccountName_v[] = {NULL, NULL};
1311 LK_ENTRY *group_base;
1314 char *maillist_flag = NULL;
1315 char *group_flag = NULL;
1319 if (!check_string(call_args[2]))
1321 callback_rc = LDAP_NO_SUCH_OBJECT;
1324 if (!check_string(av[L_NAME]))
1326 critical_alert("AD incremental - list rename",
1327 "invalid LDAP list name %s",
1332 memset(group_ou, 0, sizeof(group_ou));
1333 memset(group_membership, 0, sizeof(group_membership));
1336 maillist_flag = av[L_MAILLIST];
1337 group_flag = av[L_GROUP];
1338 av[L_MAILLIST] = call_args[3];
1339 av[L_GROUP] = call_args[4];
1340 get_group_membership(group_membership, NULL, NULL, av);
1341 av[L_MAILLIST] = maillist_flag;
1342 av[L_GROUP] = group_flag;
1344 sprintf(filter_exp, "(sAMAccountName=%s_zZx%c)", call_args[2], group_membership[0]);
1345 attr_array[0] = "distinguishedName";
1346 attr_array[1] = NULL;
1347 if ((rc = linklist_build((LDAP *)call_args[0], call_args[1], filter_exp, attr_array,
1348 &group_base, &group_count)) != 0)
1350 critical_alert("AD incremental - list rename",
1351 "LDAP server unable to get list %s dn : %s",
1352 call_args[2], ldap_err2string(rc));
1355 if (group_count != 1)
1357 critical_alert("AD incremental - list rename",
1358 "LDAP server unable to find list %s in AD.",
1360 callback_rc = LDAP_NO_SUCH_OBJECT;
1363 strcpy(old_dn, group_base->value);
1364 linklist_free(group_base);
1368 get_group_membership(group_membership, group_ou, &security_flag, av);
1369 sprintf(sam_name, "%s_zZx%c", av[L_NAME], group_membership[0]);
1370 sprintf(new_dn_path, "%s,%s", group_ou, call_args[1]);
1371 sprintf(new_dn, "cn=%s", av[L_NAME]);
1372 if ((rc = ldap_rename_s((LDAP *)call_args[0], old_dn, new_dn, new_dn_path,
1373 TRUE, NULL, NULL)) != LDAP_SUCCESS)
1375 critical_alert("AD incremental - list rename",
1376 "Couldn't rename list from %s to %s : %s",
1377 call_args[2], av[L_NAME], ldap_err2string(rc));
1381 name_v[0] = av[L_NAME];
1382 samAccountName_v[0] = sam_name;
1384 ADD_ATTR("displayName", name_v, LDAP_MOD_REPLACE);
1385 ADD_ATTR("sAMAccountName", samAccountName_v, LDAP_MOD_REPLACE);
1387 sprintf(new_dn, "cn=%s,%s,%s", av[L_NAME], group_ou, call_args[1]);
1388 if ((rc = ldap_modify_s((LDAP *)call_args[0], new_dn, mods)) != LDAP_SUCCESS)
1390 critical_alert("AD incremental - list rename",
1391 "After renaming, couldn't modify list data for %s : %s",
1392 av[L_NAME], ldap_err2string(rc));
1394 for (i = 0; i < n; i++)
1399 int group_create(int ac, char **av, void *ptr)
1404 char new_group_name[256];
1405 char sam_group_name[256];
1406 char cn_group_name[256];
1407 char *cn_v[] = {NULL, NULL};
1408 char *objectClass_v[] = {"top", "group", NULL};
1410 char *samAccountName_v[] = {NULL, NULL};
1411 char *managedBy_v[] = {NULL, NULL};
1412 char *altSecurityIdentities_v[] = {NULL, NULL};
1413 char *name_v[] = {NULL, NULL};
1414 char *desc_v[] = {NULL, NULL};
1415 char *info_v[] = {NULL, NULL};
1416 char *groupTypeControl_v[] = {NULL, NULL};
1417 char groupTypeControlStr[80];
1418 char group_membership[1];
1421 u_int groupTypeControl = ADS_GROUP_TYPE_GLOBAL_GROUP;
1425 char filter_exp[256];
1426 char *attr_array[3];
1431 if (!atoi(av[L_ACTIVE]))
1433 if (!check_string(av[L_NAME]))
1435 critical_alert("AD incremental - list create",
1436 "invalid LDAP list name %s",
1440 memset(group_ou, 0, sizeof(group_ou));
1441 memset(group_membership, 0, sizeof(group_membership));
1443 get_group_membership(group_membership, group_ou, &security_flag, av);
1444 call_args[3] = strdup(group_ou);
1445 call_args[4] = strdup(group_membership);
1446 call_args[5] = strdup(av[L_NAME]);
1449 groupTypeControl |= ADS_GROUP_TYPE_SECURITY_ENABLED;
1450 sprintf(groupTypeControlStr, "%ld", groupTypeControl);
1451 groupTypeControl_v[0] = groupTypeControlStr;
1453 strcpy(new_group_name, av[L_NAME]);
1454 strcpy(sam_group_name, av[L_NAME]);
1455 strcpy(cn_group_name, av[L_NAME]);
1456 sprintf(&sam_group_name[strlen(sam_group_name)],
1457 "_zZx%c", group_membership[0]);
1459 samAccountName_v[0] = sam_group_name;
1460 name_v[0] = new_group_name;
1461 cn_v[0] = new_group_name;
1463 sprintf(new_dn, "cn=%s,%s,%s", new_group_name, group_ou, call_args[1]);
1465 ADD_ATTR("cn", cn_v, LDAP_MOD_ADD);
1466 ADD_ATTR("objectClass", objectClass_v, LDAP_MOD_ADD);
1467 ADD_ATTR("sAMAccountName", samAccountName_v, LDAP_MOD_ADD);
1468 ADD_ATTR("displayName", name_v, LDAP_MOD_ADD);
1469 ADD_ATTR("name", name_v, LDAP_MOD_ADD);
1470 if (strlen(av[L_DESC]) != 0)
1472 desc_v[0] = av[L_DESC];
1473 ADD_ATTR("description", desc_v, LDAP_MOD_ADD);
1475 ADD_ATTR("groupType", groupTypeControl_v, LDAP_MOD_ADD);
1476 if (strlen(av[L_ACE_NAME]) != 0)
1478 sprintf(info, "The Administrator of this list is the LIST: %s", av[L_ACE_NAME]);
1480 ADD_ATTR("info", info_v, LDAP_MOD_ADD);
1484 rc = ldap_add_ext_s((LDAP *)call_args[0], new_dn, mods, NULL, NULL);
1486 for (i = 0; i < n; i++)
1488 if ((rc != LDAP_SUCCESS) && (rc != LDAP_ALREADY_EXISTS))
1490 critical_alert("AD incremental - list rename",
1491 "Unable to create list %s in AD : %s",
1492 av[L_NAME], ldap_err2string(rc));
1495 sprintf(filter_exp, "(sAMAccountName=%s)", sam_group_name);
1496 attr_array[0] = "objectSid";
1497 attr_array[1] = NULL;
1499 if ((rc = linklist_build((LDAP *)call_args[0], call_args[1], filter_exp, attr_array,
1500 sid_ptr, &sid_count)) == LDAP_SUCCESS)
1504 (*sid_ptr)->member = strdup(av[L_NAME]);
1505 (*sid_ptr)->type = (char *)GROUPS;
1506 sid_ptr = &(*sid_ptr)->next;
1512 int group_delete(int ac, char **av, void *ptr)
1514 LK_ENTRY *group_base;
1516 char *attr_array[3];
1517 char filter_exp[1024];
1518 char group_membership[1];
1520 char sam_group_name[256];
1527 if (!check_string(av[L_NAME]))
1529 critical_alert("AD incremental - list delete",
1530 "invalid LDAP list name %s",
1534 memset(group_ou, 0, sizeof(group_ou));
1535 memset(group_membership, 0, sizeof(group_membership));
1537 get_group_membership(group_membership, group_ou, &security_flag, av);
1541 attr_array[0] = "distinguishedName";
1542 attr_array[1] = NULL;
1543 strcpy(sam_group_name, av[L_NAME]);
1544 sprintf(&sam_group_name[strlen(sam_group_name)], "_zZx%c",
1545 group_membership[0]);
1546 sprintf(filter_exp, "(sAMAccountName=%s)", sam_group_name);
1547 if ((rc = linklist_build((LDAP *)call_args[0], call_args[1], filter_exp,
1548 attr_array, &group_base, &group_count)) != 0)
1550 if (group_count == 1)
1552 if ((rc = ldap_delete_s((LDAP *)call_args[0], group_base->value)) != LDAP_SUCCESS)
1554 critical_alert("AD incremental - list delete",
1555 "Couldn't delete group %s : %s",
1556 av[L_NAME], ldap_err2string(rc));
1561 critical_alert("AD incremental - list delete",
1562 "Unable to find list %s in AD.",
1566 linklist_free(group_base);
1570 int group_ad_delete(LDAP *ldap_handle, char *dn_path, char *group_name)
1572 LK_ENTRY *group_base;
1573 char *attr_array[3];
1574 char filter_exp[1024];
1575 char sam_group_name[256];
1580 if (!check_string(group_name))
1582 critical_alert("AD incremental - list AD delete",
1583 "invalid LDAP list name %s",
1590 attr_array[0] = "distinguishedName";
1591 attr_array[1] = NULL;
1592 strcpy(sam_group_name, group_name);
1593 sprintf(temp, "%s,%s", group_ou_root, dn_path);
1594 sprintf(filter_exp, "(sAMAccountName=%s_zZx*)", sam_group_name);
1595 if (linklist_build(ldap_handle, temp, filter_exp, attr_array,
1596 &group_base, &group_count) != 0)
1598 if (group_count == 1)
1600 if ((rc = ldap_delete_s(ldap_handle, group_base->value)) != LDAP_SUCCESS)
1602 critical_alert("AD incremental - list AD delete",
1603 "Unable to delete list %s from AD : %s",
1604 group_name, ldap_err2string(rc));
1610 critical_alert("AD incremental - list AD delete",
1611 "Unable to find list %s in AD.",
1615 linklist_free(group_base);
1619 int group_list_build(int ac, char **av, void *ptr)
1626 if (!atoi(av[L_ACTIVE]))
1628 if (!check_string(av[L_NAME]))
1630 linklist = calloc(1, sizeof(LK_ENTRY));
1633 critical_alert("AD incremental", "Out of memory");
1636 memset(linklist, '\0', sizeof(LK_ENTRY));
1638 linklist->dn = NULL;
1639 linklist->list = calloc(1, strlen(av[L_NAME]) + 1);
1640 strcpy(linklist->list, av[L_NAME]);
1641 linklist->type = calloc(1, strlen("USER") + 1);
1642 strcpy(linklist->type, "USER");
1643 linklist->member = calloc(1, strlen(call_args[0]) + 1);
1644 strcpy(linklist->member, call_args[0]);
1645 linklist->next = member_base;
1646 member_base = linklist;
1650 int member_list_build(int ac, char **av, void *ptr)
1658 strcpy(temp, av[ACE_NAME]);
1659 if (!check_string(temp))
1661 if (!strcmp(av[ACE_TYPE], "STRING"))
1663 if (contact_create((LDAP *)call_args[0], call_args[1], temp, contact_ou))
1666 else if (!strcmp(av[ACE_TYPE], "LIST"))
1668 strcpy(temp, av[ACE_NAME]);
1670 else if (strcmp(av[ACE_TYPE], "USER"))
1672 if (contact_create((LDAP *)call_args[0], call_args[1], temp, kerberos_ou))
1675 linklist = member_base;
1678 if (!strcasecmp(temp, linklist->member))
1680 linklist = linklist->next;
1682 linklist = calloc(1, sizeof(LK_ENTRY));
1684 linklist->dn = NULL;
1685 linklist->list = calloc(1, strlen(call_args[2]) + 1);
1686 strcpy(linklist->list, call_args[2]);
1687 linklist->type = calloc(1, strlen(av[ACE_TYPE]) + 1);
1688 strcpy(linklist->type, av[ACE_TYPE]);
1689 linklist->member = calloc(1, strlen(temp) + 1);
1690 strcpy(linklist->member, temp);
1691 linklist->next = member_base;
1692 member_base = linklist;
1696 int member_remove(LDAP *ldap_handle, char *dn_path, char *group_name,
1697 char *group_ou, char *group_membership, char *group_gid)
1699 char distinguished_name[1024];
1701 char filter_exp[4096];
1702 char *attr_array[3];
1708 LK_ENTRY *group_base;
1711 if (!check_string(group_name))
1713 strcpy(temp, group_name);
1714 sprintf(filter_exp, "(sAMAccountName=%s_zZx%c)", group_gid, group_membership[0]);
1715 attr_array[0] = "distinguishedName";
1716 attr_array[1] = NULL;
1717 if ((rc = linklist_build(ldap_handle, dn_path, filter_exp, attr_array,
1718 &group_base, &group_count)) != 0)
1720 critical_alert("AD incremental - member remove",
1721 "LDAP server unable to get list %s info : %s",
1722 group_name, ldap_err2string(rc));
1725 if (group_count != 1)
1727 critical_alert("AD incremental - member remove",
1728 "LDAP server unable to find list %s in AD.",
1732 strcpy(distinguished_name, group_base->value);
1733 linklist_free(group_base);
1736 attr_array[0] = "member";
1737 attr_array[1] = NULL;
1738 if ((rc = linklist_build(ldap_handle, distinguished_name, filter_exp, attr_array,
1739 &group_base, &group_count)) != 0)
1741 critical_alert("AD incremental - member remove",
1742 "LDAP server unable to get list %s info : %s",
1743 group_name, ldap_err2string(rc));
1748 if (group_count != 0)
1750 if ((rc = construct_newvalues(group_base, group_count, NULL, NULL,
1751 &modvalues, REPLACE)) == 1)
1754 ADD_ATTR("member", modvalues, LDAP_MOD_DELETE);
1756 rc = ldap_modify_s(ldap_handle, distinguished_name, mods);
1757 for (i = 0; i < n; i++)
1759 if (rc != LDAP_SUCCESS)
1761 critical_alert("AD incremental - member remove",
1762 "LDAP server unable to modify list %s members : %s",
1763 group_name, ldap_err2string(rc));
1766 linklist_free(group_base);
1772 free_values(modvalues);
1773 linklist_free(group_base);
1777 #define USER_COUNT 5
1779 int member_list_process(LDAP *ldap_handle, char *dn_path, char *group_name,
1780 char *group_ou, char *group_membership, char *group_gid)
1782 char distinguished_name[1024];
1784 char filter_exp[4096];
1785 char *attr_array[3];
1787 char group_member[256];
1797 LK_ENTRY *group_base;
1814 j = group_count/USER_COUNT;
1817 if (!check_string(group_name))
1819 strcpy(temp, group_name);
1820 sprintf(filter_exp, "(sAMAccountName=%s_zZx%c)", group_gid, group_membership[0]);
1821 attr_array[0] = "distinguishedName";
1822 attr_array[1] = NULL;
1823 if ((rc = linklist_build(ldap_handle, dn_path, filter_exp, attr_array,
1824 &group_base, &group_count)) != 0)
1826 critical_alert("AD incremental - member list process",
1827 "LDAP server unable to get list %s info : %s",
1828 group_name, ldap_err2string(rc));
1831 if (group_count != 1)
1833 critical_alert("AD incremental - member list process",
1834 "LDAP server unable to find list %s in AD.",
1838 strcpy(distinguished_name, group_base->value);
1839 linklist_free(group_base);
1844 for (i = 0; i < j; i++)
1848 memset(filter_exp, 0, sizeof(filter_exp));
1849 strcpy(filter_exp, "(|");
1851 for (k = 0; k < USER_COUNT; k++)
1853 strcpy(group_member, pPtr->member);
1854 if (!check_string(group_member))
1861 if (!strcmp(pPtr->type, "LIST"))
1863 args[0] = pPtr->member;
1864 rc = mr_query("get_list_info", 1, args, get_group_info, NULL);
1865 sprintf(temp, "(sAMAccountName=%s_zZx%c)", group_member, GroupType[0]);
1867 else if (!strcmp(pPtr->type, "USER"))
1869 sprintf(temp, "(distinguishedName=cn=%s,%s,%s)", group_member, user_ou, dn_path);
1871 else if (!strcmp(pPtr->type, "STRING"))
1873 sprintf(temp, "(distinguishedName=cn=%s,%s,%s)", group_member, contact_ou, dn_path);
1877 sprintf(temp, "(distinguishedName=cn=%s,%s,%s)", group_member, kerberos_ou, dn_path);
1879 strcat(filter_exp, temp);
1885 if (filter_count == 0)
1887 strcat(filter_exp, ")");
1888 attr_array[0] = "distinguishedName";
1889 attr_array[1] = NULL;
1892 if ((rc = linklist_build(ldap_handle, dn_path, filter_exp, attr_array,
1893 &new_list, &new_list_count)) != 0)
1895 critical_alert("AD incremental - member list process",
1896 "LDAP server unable to get list %s members from AD : %s",
1897 group_name, ldap_err2string(rc));
1900 group_count += new_list_count;
1901 if (group_base == NULL)
1902 group_base = new_list;
1908 if (sPtr->next != NULL)
1913 sPtr->next = new_list;
1920 if (group_count != 0)
1922 if ((rc = construct_newvalues(group_base, group_count, NULL, NULL,
1923 &modvalues, REPLACE)) == 1)
1926 ADD_ATTR("member", modvalues, LDAP_MOD_ADD);
1928 if ((rc = ldap_modify_s(ldap_handle, distinguished_name, mods))
1931 mods[0]->mod_op = LDAP_MOD_REPLACE;
1932 rc = ldap_modify_s(ldap_handle, distinguished_name, mods);
1934 if (rc == LDAP_ALREADY_EXISTS)
1936 for (i = 0; i < n; i++)
1938 linklist_free(group_base);
1941 if (rc != LDAP_SUCCESS)
1943 critical_alert("AD incremental - member list process",
1944 "LDAP server unable to modify list %s members in AD : %s",
1945 group_name, ldap_err2string(rc));
1951 free_values(modvalues);
1952 linklist_free(group_base);
1956 int contact_create(LDAP *ld, char *bind_path, char *user, char *group_ou)
1960 char cn_user_name[256];
1961 char contact_name[256];
1962 char *cn_v[] = {NULL, NULL};
1963 char *contact_v[] = {NULL, NULL};
1964 char *objectClass_v[] = {"top", "person",
1965 "organizationalPerson",
1967 char *name_v[] = {NULL, NULL};
1968 char *desc_v[] = {NULL, NULL};
1973 if (!check_string(user))
1975 critical_alert("AD incremental - contact create",
1976 "invalid LDAP name %s",
1980 strcpy(contact_name, user);
1981 sprintf(cn_user_name,"CN=%s,%s,%s", contact_name, group_ou, bind_path);
1982 cn_v[0] = cn_user_name;
1983 contact_v[0] = contact_name;
1985 desc_v[0] = "Auto account created by Moira";
1987 strcpy(new_dn, cn_user_name);
1989 ADD_ATTR("cn", contact_v, LDAP_MOD_ADD);
1990 ADD_ATTR("objectClass", objectClass_v, LDAP_MOD_ADD);
1991 ADD_ATTR("name", name_v, LDAP_MOD_ADD);
1992 ADD_ATTR("displayName", name_v, LDAP_MOD_ADD);
1993 ADD_ATTR("description", desc_v, LDAP_MOD_ADD);
1996 rc = ldap_add_ext_s(ld, new_dn, mods, NULL, NULL);
1997 for (i = 0; i < n; i++)
1999 if ((rc != LDAP_SUCCESS) && (rc != LDAP_ALREADY_EXISTS))
2001 critical_alert("AD incremental - contact create",
2002 "could not create contact %s : %s",
2003 user, ldap_err2string(rc));
2009 int user_update(int ac, char **av, void *ptr)
2012 LK_ENTRY *group_base;
2014 char distinguished_name[256];
2015 char user_name[256];
2016 char *uid_v[] = {NULL, NULL};
2017 char *mitid_v[] = {NULL, NULL};
2022 char filter_exp[256];
2023 char *attr_array[3];
2027 if (!check_string(av[U_NAME]))
2029 critical_alert("AD incremental - user update",
2030 "invalid LDAP user name %s",
2035 strcpy(user_name, av[U_NAME]);
2038 sprintf(filter_exp, "(sAMAccountName=%s)", av[U_NAME]);
2039 attr_array[0] = "cn";
2040 attr_array[1] = NULL;
2041 if ((rc = linklist_build((LDAP *)call_args[0], call_args[1], filter_exp, attr_array,
2042 &group_base, &group_count)) != 0)
2044 critical_alert("AD incremental - user update",
2045 "LDAP server couldn't process user %s : %s",
2046 user_name, ldap_err2string(rc));
2050 if (group_count != 1)
2052 critical_alert("AD incremental - user update",
2053 "LDAP server unable to find user %s in AD.",
2055 callback_rc = LDAP_NO_SUCH_OBJECT;
2058 strcpy(distinguished_name, group_base->dn);
2061 if (strlen(av[U_UID]) != 0)
2063 uid_v[0] = av[U_UID];
2064 ADD_ATTR("uid", uid_v, LDAP_MOD_REPLACE);
2065 ADD_ATTR("uidNumber", uid_v, LDAP_MOD_REPLACE);
2067 if (strlen(av[U_MITID]) != 0)
2069 mitid_v[0] = av[U_MITID];
2070 ADD_ATTR("employeeID", mitid_v, LDAP_MOD_REPLACE);
2075 if ((rc = ldap_modify_s((LDAP *)call_args[0], distinguished_name, mods)) != LDAP_SUCCESS)
2077 critical_alert("AD incremental - user update",
2078 "Couldn't modify user data for %s : %s",
2079 user_name, ldap_err2string(rc));
2081 for (i = 0; i < n; i++)
2086 linklist_free(group_base);
2090 int user_rename(int ac, char **av, void *ptr)
2095 char user_name[256];
2098 char *userPrincipalName_v[] = {NULL, NULL};
2099 char *altSecurityIdentities_v[] = {NULL, NULL};
2100 char *name_v[] = {NULL, NULL};
2101 char *samAccountName_v[] = {NULL, NULL};
2102 char *uid_v[] = {NULL, NULL};
2103 char *mitid_v[] = {NULL, NULL};
2111 if ((atoi(av[U_STATE]) != US_REGISTERED) && (atoi(av[U_STATE]) != US_NO_PASSWD) &&
2112 (atoi(av[U_STATE]) != US_ENROLL_NOT_ALLOWED))
2114 if (!strncmp(av[U_NAME], "#", 1))
2116 if (!check_string(call_args[3]))
2118 callback_rc = LDAP_NO_SUCH_OBJECT;
2121 if (!check_string(av[U_NAME]))
2123 critical_alert("AD incremental - user rename",
2124 "invalid LDAP user name %s",
2129 strcpy(user_name, av[U_NAME]);
2130 sprintf(old_dn, "cn=%s,%s,%s", call_args[3], user_ou, call_args[1]);
2131 sprintf(new_dn, "cn=%s", user_name);
2133 if ((rc = ldap_rename_s((LDAP *)call_args[0], old_dn, new_dn, NULL, TRUE,
2134 NULL, NULL)) != LDAP_SUCCESS)
2136 if (rc == LDAP_NO_SUCH_OBJECT)
2138 callback_rc = LDAP_NO_SUCH_OBJECT;
2141 critical_alert("AD incremental - user rename",
2142 "Couldn't rename user from %s to %s : %s",
2143 call_args[3], user_name, ldap_err2string(rc));
2147 name_v[0] = user_name;
2148 sprintf(upn, "%s@%s", user_name, ldap_domain);
2149 userPrincipalName_v[0] = upn;
2150 sprintf(temp, "Kerberos:%s@%s", user_name, PRIMARY_REALM);
2151 altSecurityIdentities_v[0] = temp;
2152 samAccountName_v[0] = user_name;
2155 ADD_ATTR("altSecurityIdentities", altSecurityIdentities_v, LDAP_MOD_REPLACE);
2156 ADD_ATTR("userPrincipalName", userPrincipalName_v, LDAP_MOD_REPLACE);
2157 ADD_ATTR("displayName", name_v, LDAP_MOD_REPLACE);
2158 ADD_ATTR("sAMAccountName", samAccountName_v, LDAP_MOD_REPLACE);
2159 if (strlen(av[U_UID]) != 0)
2161 uid_v[0] = av[U_UID];
2162 ADD_ATTR("uid", uid_v, LDAP_MOD_REPLACE);
2163 ADD_ATTR("uidNumber", uid_v, LDAP_MOD_REPLACE);
2165 if (strlen(av[U_MITID]) != 0)
2167 mitid_v[0] = av[U_MITID];
2168 ADD_ATTR("employeeID", mitid_v, LDAP_MOD_REPLACE);
2171 sprintf(new_dn, "cn=%s,%s,%s", user_name, user_ou, call_args[1]);
2172 if ((rc = ldap_modify_s((LDAP *)call_args[0], new_dn, mods)) != LDAP_SUCCESS)
2174 critical_alert("AD incremental - user rename",
2175 "After renaming, couldn't modify user data for %s : %s",
2176 user_name, ldap_err2string(rc));
2178 for (i = 0; i < n; i++)
2183 int user_create(int ac, char **av, void *ptr)
2187 char user_name[256];
2189 char *cn_v[] = {NULL, NULL};
2190 char *objectClass_v[] = {"top", "person",
2191 "organizationalPerson",
2194 char *samAccountName_v[] = {NULL, NULL};
2195 char *altSecurityIdentities_v[] = {NULL, NULL};
2196 char *name_v[] = {NULL, NULL};
2197 char *desc_v[] = {NULL, NULL};
2199 char *userPrincipalName_v[] = {NULL, NULL};
2200 char *userAccountControl_v[] = {NULL, NULL};
2201 char *uid_v[] = {NULL, NULL};
2202 char *mitid_v[] = {NULL, NULL};
2203 char userAccountControlStr[80];
2205 u_int userAccountControl = UF_NORMAL_ACCOUNT | UF_DONT_EXPIRE_PASSWD | UF_PASSWD_CANT_CHANGE;
2210 char filter_exp[256];
2211 char *attr_array[3];
2216 if ((atoi(av[U_STATE]) != US_REGISTERED) && (atoi(av[U_STATE]) != US_NO_PASSWD) &&
2217 (atoi(av[U_STATE]) != US_ENROLL_NOT_ALLOWED))
2219 if (!strncmp(av[U_NAME], "#", 1))
2221 if (!check_string(av[U_NAME]))
2223 critical_alert("AD incremental - user create",
2224 "invalid LDAP user name %s",
2229 strcpy(user_name, av[U_NAME]);
2230 sprintf(upn, "%s@%s", user_name, ldap_domain);
2231 sprintf(sam_name, "%s", av[U_NAME]);
2232 samAccountName_v[0] = sam_name;
2233 if (atoi(av[U_STATE]) == US_DELETED)
2234 userAccountControl |= UF_ACCOUNTDISABLE;
2235 sprintf(userAccountControlStr, "%ld", userAccountControl);
2236 userAccountControl_v[0] = userAccountControlStr;
2237 userPrincipalName_v[0] = upn;
2239 cn_v[0] = user_name;
2240 name_v[0] = user_name;
2241 desc_v[0] = "Auto account created by Moira";
2242 sprintf(temp, "Kerberos:%s@%s", user_name, PRIMARY_REALM);
2243 altSecurityIdentities_v[0] = temp;
2244 sprintf(new_dn, "cn=%s,%s,%s", user_name, user_ou, call_args[1]);
2247 ADD_ATTR("cn", cn_v, LDAP_MOD_ADD);
2248 ADD_ATTR("objectClass", objectClass_v, LDAP_MOD_ADD);
2249 ADD_ATTR("sAMAccountName", samAccountName_v, LDAP_MOD_ADD);
2250 ADD_ATTR("userPrincipalName", userPrincipalName_v, LDAP_MOD_ADD);
2251 ADD_ATTR("userAccountControl", userAccountControl_v, LDAP_MOD_ADD);
2252 ADD_ATTR("name", name_v, LDAP_MOD_ADD);
2253 ADD_ATTR("displayName", name_v, LDAP_MOD_ADD);
2254 ADD_ATTR("description", desc_v, LDAP_MOD_ADD);
2255 ADD_ATTR("altSecurityIdentities", altSecurityIdentities_v, LDAP_MOD_ADD);
2256 if (strlen(av[U_UID]) != 0)
2258 uid_v[0] = av[U_UID];
2259 ADD_ATTR("uid", uid_v, LDAP_MOD_ADD);
2260 ADD_ATTR("uidNumber", uid_v, LDAP_MOD_ADD);
2262 if (strlen(av[U_MITID]) != 0)
2263 mitid_v[0] = av[U_MITID];
2265 mitid_v[0] = "none";
2266 ADD_ATTR("employeeID", mitid_v, LDAP_MOD_ADD);
2269 rc = ldap_add_ext_s((LDAP *)call_args[0], new_dn, mods, NULL, NULL);
2270 for (i = 0; i < n; i++)
2272 if (rc == LDAP_ALREADY_EXISTS)
2274 rc = user_change_status(ac, av, ptr);
2277 if ((rc != LDAP_SUCCESS) && (rc != LDAP_ALREADY_EXISTS))
2279 critical_alert("AD incremental - user create",
2280 "could not create user %s : %s",
2281 user_name, ldap_err2string(rc));
2284 if (rc == LDAP_SUCCESS)
2286 if ((rc = set_password(sam_name, ldap_domain)) != 0)
2288 if ((rc = set_password(user_name, ldap_domain)) != 0)
2290 critical_alert("AD incremental - user create",
2291 "Couldn't set password for user %s : %ld",
2296 sprintf(filter_exp, "(sAMAccountName=%s)", av[U_NAME]);
2297 attr_array[0] = "objectSid";
2298 attr_array[1] = NULL;
2300 if ((rc = linklist_build((LDAP *)call_args[0], call_args[1], filter_exp, attr_array,
2301 sid_ptr, &sid_count)) == LDAP_SUCCESS)
2305 (*sid_ptr)->member = strdup(av[U_NAME]);
2306 (*sid_ptr)->type = (char *)USERS;
2307 sid_ptr = &(*sid_ptr)->next;
2313 int user_change_status(int ac, char **av, void *ptr)
2315 char filter_exp[1024];
2316 char *attr_array[3];
2318 char distinguished_name[1024];
2319 char user_name[512];
2322 LK_ENTRY *group_base;
2333 if (!check_string(av[U_NAME]))
2335 critical_alert("AD incremental - user change status",
2336 "invalid LDAP user name %s",
2340 strcpy(user_name, av[U_NAME]);
2341 operation = (int)call_args[2];
2344 sprintf(filter_exp, "(sAMAccountName=%s)", av[U_NAME]);
2345 attr_array[0] = "UserAccountControl";
2346 attr_array[1] = NULL;
2347 if ((rc = linklist_build((LDAP *)call_args[0], call_args[1], filter_exp, attr_array,
2348 &group_base, &group_count)) != 0)
2350 critical_alert("AD incremental - user change status",
2351 "LDAP server couldn't process user %s : %s",
2352 user_name, ldap_err2string(rc));
2356 if (group_count != 1)
2358 critical_alert("AD incremental - user change status",
2359 "LDAP server unable to find user %s in AD.",
2364 strcpy(distinguished_name, group_base->dn);
2365 ulongValue = atoi((*group_base).value);
2366 if (operation == MEMBER_DEACTIVATE)
2367 ulongValue |= UF_ACCOUNTDISABLE;
2369 ulongValue &= ~UF_ACCOUNTDISABLE;
2370 sprintf(temp, "%ld", ulongValue);
2371 if ((rc = construct_newvalues(group_base, group_count, (*group_base).value,
2372 temp, &modvalues, REPLACE)) == 1)
2374 linklist_free(group_base);
2378 ADD_ATTR("UserAccountControl", modvalues, LDAP_MOD_REPLACE);
2380 rc = ldap_modify_s((LDAP *)call_args[0], distinguished_name, mods);
2381 for (i = 0; i < n; i++)
2383 free_values(modvalues);
2384 if (rc != LDAP_SUCCESS)
2386 critical_alert("AD incremental - user change status",
2387 "LDAP server could not change status of user %s : %s",
2388 user_name, ldap_err2string(rc));
2391 linklist_free(group_base);
2395 int user_delete(LDAP *ldap_handle, char *dn_path, char *u_name)
2397 char filter_exp[1024];
2398 char *attr_array[3];
2399 char distinguished_name[1024];
2400 char user_name[512];
2401 LK_ENTRY *group_base;
2405 if (!check_string(u_name))
2407 strcpy(user_name, u_name);
2410 sprintf(filter_exp, "(sAMAccountName=%s)", user_name);
2411 attr_array[0] = "name";
2412 attr_array[1] = NULL;
2413 if ((rc = linklist_build(ldap_handle, dn_path, filter_exp, attr_array,
2414 &group_base, &group_count)) != 0)
2416 critical_alert("AD incremental",
2417 "LDAP server couldn't process user %s : %s",
2418 user_name, ldap_err2string(rc));
2422 if (group_count != 1)
2424 critical_alert("AD incremental - user change status",
2425 "LDAP server unable to find user %s in AD.",
2430 strcpy(distinguished_name, group_base->dn);
2431 if (rc = ldap_delete_s(ldap_handle, distinguished_name))
2433 critical_alert("AD incremental",
2434 "LDAP server couldn't process user %s : %s",
2435 user_name, ldap_err2string(rc));
2439 linklist_free(group_base);
2443 void linklist_free(LK_ENTRY *linklist_base)
2445 LK_ENTRY *linklist_previous;
2447 while (linklist_base != NULL)
2449 if (linklist_base->dn != NULL)
2450 free(linklist_base->dn);
2451 if (linklist_base->attribute != NULL)
2452 free(linklist_base->attribute);
2453 if (linklist_base->value != NULL)
2454 free(linklist_base->value);
2455 if (linklist_base->member != NULL)
2456 free(linklist_base->member);
2457 if (linklist_base->type != NULL)
2458 free(linklist_base->type);
2459 if (linklist_base->list != NULL)
2460 free(linklist_base->list);
2461 linklist_previous = linklist_base;
2462 linklist_base = linklist_previous->next;
2463 free(linklist_previous);
2467 void free_values(char **modvalues)
2472 if (modvalues != NULL)
2474 while (modvalues[i] != NULL)
2477 modvalues[i] = NULL;
2484 int sid_update(LDAP *ldap_handle, char *dn_path)
2488 unsigned char temp[126];
2495 memset(temp, 0, sizeof(temp));
2496 convert_b_to_a(temp, ptr->value, ptr->length);
2497 av[0] = ptr->member;
2499 if (ptr->type == (char *)GROUPS)
2502 rc = mr_query("add_list_sid_by_name", 2, av, NULL, NULL);
2504 else if (ptr->type == (char *)USERS)
2507 rc = mr_query("add_user_sid_by_login", 2, av, NULL, NULL);
2514 void convert_b_to_a(char *string, UCHAR *binary, int length)
2521 for (i = 0; i < length; i++)
2528 if (string[j] > '9')
2531 string[j] = tmp & 0x0f;
2533 if (string[j] > '9')
2540 static int illegalchars[] = {
2541 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, /* ^@ - ^O */
2542 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, /* ^P - ^_ */
2543 1, 1, 1, 1, 0, 1, 0, 0, 1, 1, 1, 1, 1, 0, 0, 1, /* SPACE - / */
2544 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 1, 1, 1, 1, 1, /* 0 - ? */
2545 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, /* @ - O */
2546 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, /* P - _ */
2547 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* ` - o */
2548 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 1, 1, 0, 1, /* p - ^? */
2549 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
2550 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
2551 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
2552 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
2553 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
2554 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
2555 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
2556 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
2559 int check_string(char *s)
2566 if (isupper(character))
2567 character = tolower(character);
2568 if (illegalchars[(unsigned) character])
2574 int mr_connect_cl(char *server, char *client, int version, int auth)
2580 status = mr_connect(server);
2583 com_err(whoami, status, "while connecting to Moira");
2587 status = mr_motd(&motd);
2591 com_err(whoami, status, "while checking server status");
2596 sprintf(temp, "The Moira server is currently unavailable: %s", motd);
2597 com_err(whoami, status, temp);
2602 status = mr_version(version);
2605 if (status == MR_UNKNOWN_PROC)
2608 status = MR_VERSION_HIGH;
2610 status = MR_SUCCESS;
2613 if (status == MR_VERSION_HIGH)
2615 com_err(whoami, 0, "Warning: This client is running newer code than the server.");
2616 com_err(whoami, 0, "Some operations may not work.");
2618 else if (status && status != MR_VERSION_LOW)
2620 com_err(whoami, status, "while setting query version number.");
2628 status = mr_auth(client);
2631 com_err(whoami, status, "while authenticating to Moira.");
2633 return MRCL_AUTH_ERROR;
2637 return MRCL_SUCCESS;