NOTE: The patch has been adjusted to match the base code before backporting.
From 8a259e3df16def3f05828f355e98a5089cd6e6d0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Kuzn=C3=ADk?= <ondra@openldap.org>
Date: Thu, 14 Jun 2018 16:14:15 +0100
Subject: [PATCH] ITS#8573 allow all libldap options in tools -o option
---
clients/tools/common.c | 15 ++-
doc/devel/args | 2 +-
doc/man/man1/ldapcompare.1 | 9 +-
doc/man/man1/ldapdelete.1 | 9 +-
doc/man/man1/ldapexop.1 | 9 +-
doc/man/man1/ldapmodify.1 | 9 +-
doc/man/man1/ldapmodrdn.1 | 9 +-
doc/man/man1/ldappasswd.1 | 9 +-
doc/man/man1/ldapsearch.1 | 9 +-
doc/man/man1/ldapwhoami.1 | 13 ++-
doc/man/man8/slapcat.8 | 2 +-
include/ldap_pvt.h | 5 +
libraries/libldap/init.c | 231 ++++++++++++++++++++++---------------
servers/slapd/slapcommon.c | 5 +-
14 files changed, 200 insertions(+), 136 deletions(-)
diff --git a/clients/tools/common.c b/clients/tools/common.c
index 1cd8a2c1b..b1edffdaf 100644
--- a/clients/tools/common.c
+++ b/clients/tools/common.c
@@ -374,9 +374,9 @@ N_(" -I use SASL Interactive mode\n"),
N_(" -n show what would be done but don't actually do it\n"),
N_(" -N do not use reverse DNS to canonicalize SASL host name\n"),
N_(" -O props SASL security properties\n"),
-N_(" -o <opt>[=<optparam>] general options\n"),
+N_(" -o <opt>[=<optparam>] any libldap ldap.conf options, plus\n"),
+N_(" ldif_wrap=<width> (in columns, or \"no\" for no wrapping)\n"),
N_(" nettimeout=<timeout> (in seconds, or \"none\" or \"max\")\n"),
-N_(" ldif-wrap=<width> (in columns, or \"no\" for no wrapping)\n"),
N_(" -p port port on LDAP server\n"),
N_(" -Q use SASL Quiet mode\n"),
N_(" -R realm SASL realm\n"),
@@ -838,6 +838,11 @@ tool_args( int argc, char **argv )
if ( (cvalue = strchr( control, '=' )) != NULL ) {
*cvalue++ = '\0';
}
+ for ( next=control; *next; next++ ) {
+ if ( *next == '-' ) {
+ *next = '_';
+ }
+ }
if ( strcasecmp( control, "nettimeout" ) == 0 ) {
if( nettimeout.tv_sec != -1 ) {
@@ -867,7 +872,7 @@ tool_args( int argc, char **argv )
exit( EXIT_FAILURE );
}
- } else if ( strcasecmp( control, "ldif-wrap" ) == 0 ) {
+ } else if ( strcasecmp( control, "ldif_wrap" ) == 0 ) {
if ( cvalue == 0 ) {
ldif_wrap = LDIF_LINE_WIDTH;
@@ -878,13 +883,13 @@ tool_args( int argc, char **argv )
unsigned int u;
if ( lutil_atou( &u, cvalue ) ) {
fprintf( stderr,
- _("Unable to parse ldif-wrap=\"%s\"\n"), cvalue );
+ _("Unable to parse ldif_wrap=\"%s\"\n"), cvalue );
exit( EXIT_FAILURE );
}
ldif_wrap = (ber_len_t)u;
}
- } else {
+ } else if ( ldap_pvt_conf_option( control, cvalue, 1 ) ) {
fprintf( stderr, "Invalid general option name: %s\n",
control );
usage();
diff --git a/doc/devel/args b/doc/devel/args
index 9796fe528..c5aa02f11 100644
--- a/doc/devel/args
+++ b/doc/devel/args
@@ -28,7 +28,7 @@ ldapwhoami * DE**HI** NO QR UVWXYZ def*h*** *nop* vwxy
-h host
-n no-op
-N no (SASLprep) normalization of simple bind password
- -o general options (currently nettimeout and ldif-wrap only)
+ -o general libldap options (plus ldif_wrap and nettimeout for backwards comp.)
-p port
-v verbose
-V version
diff --git a/doc/man/man1/ldapcompare.1 b/doc/man/man1/ldapcompare.1
index 9e66cd4b2..a0e58d7c3 100644
--- a/doc/man/man1/ldapcompare.1
+++ b/doc/man/man1/ldapcompare.1
@@ -186,13 +186,14 @@ Compare extensions:
.TP
.BI \-o \ opt \fR[= optparam \fR]
-Specify general options.
-
-General options:
+Specify any
+.BR ldap.conf (5)
+option or one of the following:
.nf
nettimeout=<timeout> (in seconds, or "none" or "max")
- ldif-wrap=<width> (in columns, or "no" for no wrapping)
+ ldif_wrap=<width> (in columns, or "no" for no wrapping)
.fi
+
.TP
.BI \-O \ security-properties
Specify SASL security properties.
diff --git a/doc/man/man1/ldapdelete.1 b/doc/man/man1/ldapdelete.1
index 394d35275..85dbf4360 100644
--- a/doc/man/man1/ldapdelete.1
+++ b/doc/man/man1/ldapdelete.1
@@ -192,13 +192,14 @@ Delete extensions:
.TP
.BI \-o \ opt \fR[= optparam \fR]
-Specify general options.
-
-General options:
+Specify any
+.BR ldap.conf (5)
+option or one of the following:
.nf
nettimeout=<timeout> (in seconds, or "none" or "max")
- ldif-wrap=<width> (in columns, or "no" for no wrapping)
+ ldif_wrap=<width> (in columns, or "no" for no wrapping)
.fi
+
.TP
.BI \-O \ security-properties
Specify SASL security properties.
diff --git a/doc/man/man1/ldapexop.1 b/doc/man/man1/ldapexop.1
index 503d681ca..26e1730a8 100644
--- a/doc/man/man1/ldapexop.1
+++ b/doc/man/man1/ldapexop.1
@@ -189,13 +189,14 @@ Specify general extensions. \'!\' indicates criticality.
.TP
.BI \-o \ opt \fR[= optparam \fR]
-Specify general options.
-
-General options:
+Specify any
+.BR ldap.conf (5)
+option or one of the following:
.nf
nettimeout=<timeout> (in seconds, or "none" or "max")
- ldif-wrap=<width> (in columns, or "no" for no wrapping)
+ ldif_wrap=<width> (in columns, or "no" for no wrapping)
.fi
+
.TP
.BI \-O \ security-properties
Specify SASL security properties.
diff --git a/doc/man/man1/ldapmodify.1 b/doc/man/man1/ldapmodify.1
index 2792d460b..6c277d89c 100644
--- a/doc/man/man1/ldapmodify.1
+++ b/doc/man/man1/ldapmodify.1
@@ -255,13 +255,14 @@ Modify extensions:
.TP
.BI \-o \ opt \fR[= optparam \fR]]
-Specify general options.
-
-General options:
+Specify any
+.BR ldap.conf (5)
+option or one of the following:
.nf
nettimeout=<timeout> (in seconds, or "none" or "max")
- ldif-wrap=<width> (in columns, or "no" for no wrapping)
+ ldif_wrap=<width> (in columns, or "no" for no wrapping)
.fi
+
.TP
.BI \-O \ security-properties
Specify SASL security properties.
diff --git a/doc/man/man1/ldapmodrdn.1 b/doc/man/man1/ldapmodrdn.1
index 5d0f3fcd9..b24e500fe 100644
--- a/doc/man/man1/ldapmodrdn.1
+++ b/doc/man/man1/ldapmodrdn.1
@@ -186,13 +186,14 @@ Modrdn extensions:
.TP
.BI \-o \ opt \fR[= optparam \fR]
-Specify general options.
-
-General options:
+Specify any
+.BR ldap.conf (5)
+option or one of the following:
.nf
nettimeout=<timeout> (in seconds, or "none" or "max")
- ldif-wrap=<width> (in columns, or "no" for no wrapping)
+ ldif_wrap=<width> (in columns, or "no" for no wrapping)
.fi
+
.TP
.BI \-O \ security-properties
Specify SASL security properties.
diff --git a/doc/man/man1/ldappasswd.1 b/doc/man/man1/ldappasswd.1
index 36857ab8f..a2805e57b 100644
--- a/doc/man/man1/ldappasswd.1
+++ b/doc/man/man1/ldappasswd.1
@@ -188,13 +188,14 @@ Passwd Modify extensions:
.TP
.BI \-o \ opt \fR[= optparam \fR]]
-Specify general options.
-
-General options:
+Specify any
+.BR ldap.conf (5)
+option or one of the following:
.nf
nettimeout=<timeout> (in seconds, or "none" or "max")
- ldif-wrap=<width> (in columns, or "no" for no wrapping)
+ ldif_wrap=<width> (in columns, or "no" for no wrapping)
.fi
+
.TP
.BI \-O \ security-properties
Specify SASL security properties.
diff --git a/doc/man/man1/ldapsearch.1 b/doc/man/man1/ldapsearch.1
index 036ce6245..1914eafbf 100644
--- a/doc/man/man1/ldapsearch.1
+++ b/doc/man/man1/ldapsearch.1
@@ -332,13 +332,14 @@ Search extensions:
.TP
.BI \-o \ opt \fR[= optparam \fR]
-Specify general options.
-
-General options:
+Specify any
+.BR ldap.conf (5)
+option or one of the following:
.nf
nettimeout=<timeout> (in seconds, or "none" or "max")
- ldif-wrap=<width> (in columns, or "no" for no wrapping)
+ ldif_wrap=<width> (in columns, or "no" for no wrapping)
.fi
+
.TP
.BI \-O \ security-properties
Specify SASL security properties.
diff --git a/doc/man/man1/ldapwhoami.1 b/doc/man/man1/ldapwhoami.1
index 5912af5ba..2c8cfded2 100644
--- a/doc/man/man1/ldapwhoami.1
+++ b/doc/man/man1/ldapwhoami.1
@@ -143,13 +143,18 @@ WhoAmI extensions:
.TP
.BI \-o \ opt \fR[= optparam \fR]
-Specify general options.
-
-General options:
+Specify any
+.BR ldap.conf (5)
+option or one of the following:
.nf
nettimeout=<timeout> (in seconds, or "none" or "max")
- ldif-wrap=<width> (in columns, or "no" for no wrapping)
+ ldif_wrap=<width> (in columns, or "no" for no wrapping)
.fi
+
+.B -o
+option that can be passed here, check
+.BR ldap.conf (5)
+for details.
.TP
.BI \-O \ security-properties
Specify SASL security properties.
diff --git a/doc/man/man8/slapcat.8 b/doc/man/man8/slapcat.8
index 57c41deff..2085e9176 100644
--- a/doc/man/man8/slapcat.8
+++ b/doc/man/man8/slapcat.8
@@ -149,7 +149,7 @@ Possible generic options/values are:
syslog\-level=<level> (see `\-S' in slapd(8))
syslog\-user=<user> (see `\-l' in slapd(8))
- ldif-wrap={no|<n>}
+ ldif_wrap={no|<n>}
.in
\fIn\fP is the number of columns allowed for the LDIF output
diff --git a/include/ldap_pvt.h b/include/ldap_pvt.h
index 31f37277c..e86b032cb 100644
--- a/include/ldap_pvt.h
+++ b/include/ldap_pvt.h
@@ -326,6 +326,11 @@ struct ldifrecord;
LDAP_F ( int ) ldap_pvt_discard LDAP_P((
struct ldap *ld, ber_int_t msgid ));
+/* init.c */
+LDAP_F( int )
+ldap_pvt_conf_option LDAP_P((
+ char *cmd, char *opt, int userconf ));
+
/* messages.c */
LDAP_F( BerElement * )
ldap_get_message_ber LDAP_P((
diff --git a/libraries/libldap/init.c b/libraries/libldap/init.c
index 548d2c1cb..4a7e81bdb 100644
--- a/libraries/libldap/init.c
+++ b/libraries/libldap/init.c
@@ -147,6 +147,141 @@ static const struct ol_attribute {
#define MAX_LDAP_ATTR_LEN sizeof("GSSAPI_ALLOW_REMOTE_PRINCIPAL")
#define MAX_LDAP_ENV_PREFIX_LEN 8
+static int
+ldap_int_conf_option(
+ struct ldapoptions *gopts,
+ char *cmd, char *opt, int userconf )
+{
+ int i;
+
+ for(i=0; attrs[i].type != ATTR_NONE; i++) {
+ void *p;
+
+ if( !userconf && attrs[i].useronly ) {
+ continue;
+ }
+
+ if(strcasecmp(cmd, attrs[i].name) != 0) {
+ continue;
+ }
+
+ switch(attrs[i].type) {
+ case ATTR_BOOL:
+ if((strcasecmp(opt, "on") == 0)
+ || (strcasecmp(opt, "yes") == 0)
+ || (strcasecmp(opt, "true") == 0))
+ {
+ LDAP_BOOL_SET(gopts, attrs[i].offset);
+
+ } else {
+ LDAP_BOOL_CLR(gopts, attrs[i].offset);
+ }
+
+ break;
+
+ case ATTR_INT: {
+ char *next;
+ long l;
+ p = &((char *) gopts)[attrs[i].offset];
+ l = strtol( opt, &next, 10 );
+ if ( next != opt && next[ 0 ] == '\0' ) {
+ * (int*) p = l;
+ }
+ } break;
+
+ case ATTR_KV: {
+ const struct ol_keyvalue *kv;
+
+ for(kv = attrs[i].data;
+ kv->key != NULL;
+ kv++) {
+
+ if(strcasecmp(opt, kv->key) == 0) {
+ p = &((char *) gopts)[attrs[i].offset];
+ * (int*) p = kv->value;
+ break;
+ }
+ }
+ } break;
+
+ case ATTR_STRING:
+ p = &((char *) gopts)[attrs[i].offset];
+ if (* (char**) p != NULL) LDAP_FREE(* (char**) p);
+ * (char**) p = LDAP_STRDUP(opt);
+ break;
+ case ATTR_OPTION:
+ ldap_set_option( NULL, attrs[i].offset, opt );
+ break;
+ case ATTR_SASL:
+#ifdef HAVE_CYRUS_SASL
+ ldap_int_sasl_config( gopts, attrs[i].offset, opt );
+#endif
+ break;
+ case ATTR_GSSAPI:
+#ifdef HAVE_GSSAPI
+ ldap_int_gssapi_config( gopts, attrs[i].offset, opt );
+#endif
+ break;
+ case ATTR_TLS:
+#ifdef HAVE_TLS
+ ldap_int_tls_config( NULL, attrs[i].offset, opt );
+#endif
+ break;
+ case ATTR_OPT_TV: {
+ struct timeval tv;
+ char *next;
+ tv.tv_usec = 0;
+ tv.tv_sec = strtol( opt, &next, 10 );
+ if ( next != opt && next[ 0 ] == '\0' && tv.tv_sec > 0 ) {
+ (void)ldap_set_option( NULL, attrs[i].offset, (const void *)&tv );
+ }
+ } break;
+ case ATTR_OPT_INT: {
+ long l;
+ char *next;
+ l = strtol( opt, &next, 10 );
+ if ( next != opt && next[ 0 ] == '\0' && l > 0 && (long)((int)l) == l ) {
+ int v = (int)l;
+ (void)ldap_set_option( NULL, attrs[i].offset, (const void *)&v );
+ }
+ } break;
+ }
+
+ break;
+ }
+
+ if ( attrs[i].type == ATTR_NONE ) {
+ Debug( LDAP_DEBUG_TRACE, "ldap_int_tls_config: "
+ "unknown option '%s'",
+ cmd, 0, 0 );
+ return 1;
+ }
+
+ return 0;
+}
+
+int
+ldap_pvt_conf_option(
+ char *cmd, char *opt, int userconf )
+{
+ struct ldapoptions *gopts;
+ int rc = LDAP_OPT_ERROR;
+
+ /* Get pointer to global option structure */
+ gopts = LDAP_INT_GLOBAL_OPT();
+ if (NULL == gopts) {
+ return LDAP_NO_MEMORY;
+ }
+
+ if ( gopts->ldo_valid != LDAP_INITIALIZED ) {
+ ldap_int_initialize(gopts, NULL);
+ if ( gopts->ldo_valid != LDAP_INITIALIZED )
+ return LDAP_LOCAL_ERROR;
+ }
+
+ return ldap_int_conf_option( gopts, cmd, opt, userconf );
+}
+
static void openldap_ldap_init_w_conf(
const char *file, int userconf )
{
@@ -212,101 +347,7 @@ static void openldap_ldap_init_w_conf(
while(isspace((unsigned char)*start)) start++;
opt = start;
- for(i=0; attrs[i].type != ATTR_NONE; i++) {
- void *p;
-
- if( !userconf && attrs[i].useronly ) {
- continue;
- }
-
- if(strcasecmp(cmd, attrs[i].name) != 0) {
- continue;
- }
-
- switch(attrs[i].type) {
- case ATTR_BOOL:
- if((strcasecmp(opt, "on") == 0)
- || (strcasecmp(opt, "yes") == 0)
- || (strcasecmp(opt, "true") == 0))
- {
- LDAP_BOOL_SET(gopts, attrs[i].offset);
-
- } else {
- LDAP_BOOL_CLR(gopts, attrs[i].offset);
- }
-
- break;
-
- case ATTR_INT: {
- char *next;
- long l;
- p = &((char *) gopts)[attrs[i].offset];
- l = strtol( opt, &next, 10 );
- if ( next != opt && next[ 0 ] == '\0' ) {
- * (int*) p = l;
- }
- } break;
-
- case ATTR_KV: {
- const struct ol_keyvalue *kv;
-
- for(kv = attrs[i].data;
- kv->key != NULL;
- kv++) {
-
- if(strcasecmp(opt, kv->key) == 0) {
- p = &((char *) gopts)[attrs[i].offset];
- * (int*) p = kv->value;
- break;
- }
- }
- } break;
-
- case ATTR_STRING:
- p = &((char *) gopts)[attrs[i].offset];
- if (* (char**) p != NULL) LDAP_FREE(* (char**) p);
- * (char**) p = LDAP_STRDUP(opt);
- break;
- case ATTR_OPTION:
- ldap_set_option( NULL, attrs[i].offset, opt );
- break;
- case ATTR_SASL:
-#ifdef HAVE_CYRUS_SASL
- ldap_int_sasl_config( gopts, attrs[i].offset, opt );
-#endif
- break;
- case ATTR_GSSAPI:
-#ifdef HAVE_GSSAPI
- ldap_int_gssapi_config( gopts, attrs[i].offset, opt );
-#endif
- break;
- case ATTR_TLS:
-#ifdef HAVE_TLS
- ldap_int_tls_config( NULL, attrs[i].offset, opt );
-#endif
- break;
- case ATTR_OPT_TV: {
- struct timeval tv;
- char *next;
- tv.tv_usec = 0;
- tv.tv_sec = strtol( opt, &next, 10 );
- if ( next != opt && next[ 0 ] == '\0' && tv.tv_sec > 0 ) {
- (void)ldap_set_option( NULL, attrs[i].offset, (const void *)&tv );
- }
- } break;
- case ATTR_OPT_INT: {
- long l;
- char *next;
- l = strtol( opt, &next, 10 );
- if ( next != opt && next[ 0 ] == '\0' && l > 0 && (long)((int)l) == l ) {
- int v = (int)l;
- (void)ldap_set_option( NULL, attrs[i].offset, (const void *)&v );
- }
- } break;
- }
-
- break;
- }
+ ldap_int_conf_option( gopts, cmd, opt, userconf );
}
fclose(fp);
diff --git a/servers/slapd/slapcommon.c b/servers/slapd/slapcommon.c
index 87ea0ea06..39384e5e9 100644
--- a/servers/slapd/slapcommon.c
+++ b/servers/slapd/slapcommon.c
@@ -228,7 +228,8 @@ parse_slapopt( int tool, int *mode )
break;
}
- } else if ( strncasecmp( optarg, "ldif-wrap", len ) == 0 ) {
+ } else if ( ( strncasecmp( optarg, "ldif_wrap", len ) == 0 ) ||
+ ( strncasecmp( optarg, "ldif-wrap", len ) == 0 ) ) {
switch ( tool ) {
case SLAPCAT:
if ( strcasecmp( p, "no" ) == 0 ) {
@@ -237,7 +238,7 @@ parse_slapopt( int tool, int *mode )
} else {
unsigned int u;
if ( lutil_atou( &u, p ) ) {
- Debug( LDAP_DEBUG_ANY, "unable to parse ldif-wrap=\"%s\".\n", p, 0, 0 );
+ Debug( LDAP_DEBUG_ANY, "unable to parse ldif_wrap=\"%s\".\n", p, 0, 0 );
return -1;
}
ldif_wrap = (ber_len_t)u;
--
2.26.2