512af8eae8
PR: ports/115163 Submitted by: Aleksey Ovcharenko <aleksey.ovcharenko at gmail.com> Patch by: sumbitter, mm [1] Approved by: Hugo Meiland <hugo at chem.leidenuniv.nl> (maintainer) [1] fixed patch approved by maintainer timeout (14+ days)
726 lines
18 KiB
Text
726 lines
18 KiB
Text
diff -ruN ../bind-9.3.1.org/bin/named/Makefile.in ./bin/named/Makefile.in
|
|
--- ../bind-9.3.1.org/bin/named/Makefile.in Wed Jun 22 22:34:55 2005
|
|
+++ ./bin/named/Makefile.in Wed Jun 22 22:52:14 2005
|
|
@@ -26,10 +26,10 @@
|
|
#
|
|
# Add database drivers here.
|
|
#
|
|
-DBDRIVER_OBJS =
|
|
-DBDRIVER_SRCS =
|
|
-DBDRIVER_INCLUDES =
|
|
-DBDRIVER_LIBS =
|
|
+DBDRIVER_OBJS = ldapdb.@O@
|
|
+DBDRIVER_SRCS = ldapdb.c
|
|
+DBDRIVER_INCLUDES = -I${LOCALBASE}/include
|
|
+DBDRIVER_LIBS = -L${LOCALBASE}/lib -lldap -llber
|
|
|
|
CINCLUDES = -I${srcdir}/include -I${srcdir}/unix/include \
|
|
${LWRES_INCLUDES} ${DNS_INCLUDES} ${BIND9_INCLUDES} \
|
|
diff -ruN ../bind-9.3.1.org/bin/named/include/ldapdb.h ./bin/named/include/ldapdb.h
|
|
--- ../bind-9.3.1.org/bin/named/include/ldapdb.h Thu Jan 1 01:00:00 1970
|
|
+++ ./bin/named/include/ldapdb.h Wed Jun 22 22:40:56 2005
|
|
@@ -0,0 +1,6 @@
|
|
+#include <isc/types.h>
|
|
+
|
|
+isc_result_t ldapdb_init(void);
|
|
+
|
|
+void ldapdb_clear(void);
|
|
+
|
|
diff -ruN ../bind-9.3.1.org/bin/named/ldapdb.c ./bin/named/ldapdb.c
|
|
--- ../bind-9.3.1.org/bin/named/ldapdb.c Thu Jan 1 01:00:00 1970
|
|
+++ ./bin/named/ldapdb.c Wed Jun 22 22:40:44 2005
|
|
@@ -0,0 +1,667 @@
|
|
+/*
|
|
+ * ldapdb.c version 1.0-beta
|
|
+ *
|
|
+ * Copyright (C) 2002, 2004 Stig Venaas
|
|
+ *
|
|
+ * Permission to use, copy, modify, and distribute this software for any
|
|
+ * purpose with or without fee is hereby granted, provided that the above
|
|
+ * copyright notice and this permission notice appear in all copies.
|
|
+ *
|
|
+ * Contributors: Jeremy C. McDermond
|
|
+ */
|
|
+
|
|
+/*
|
|
+ * If you want to use TLS, uncomment the define below
|
|
+ */
|
|
+/* #define LDAPDB_TLS */
|
|
+
|
|
+/*
|
|
+ * If you are using an old LDAP API uncomment the define below. Only do this
|
|
+ * if you know what you're doing or get compilation errors on ldap_memfree().
|
|
+ * This also forces LDAPv2.
|
|
+ */
|
|
+/* #define LDAPDB_RFC1823API */
|
|
+
|
|
+/* Using LDAPv3 by default, change this if you want v2 */
|
|
+#ifndef LDAPDB_LDAP_VERSION
|
|
+#define LDAPDB_LDAP_VERSION 3
|
|
+#endif
|
|
+
|
|
+#include <config.h>
|
|
+
|
|
+#include <string.h>
|
|
+#include <stdio.h>
|
|
+#include <stdlib.h>
|
|
+#include <ctype.h>
|
|
+
|
|
+#include <isc/mem.h>
|
|
+#include <isc/print.h>
|
|
+#include <isc/result.h>
|
|
+#include <isc/util.h>
|
|
+#include <isc/thread.h>
|
|
+
|
|
+#include <dns/sdb.h>
|
|
+
|
|
+#include <named/globals.h>
|
|
+#include <named/log.h>
|
|
+
|
|
+#include <ldap.h>
|
|
+#include "ldapdb.h"
|
|
+
|
|
+/*
|
|
+ * A simple database driver for LDAP
|
|
+ */
|
|
+
|
|
+/* enough for name with 8 labels of max length */
|
|
+#define MAXNAMELEN 519
|
|
+
|
|
+static dns_sdbimplementation_t *ldapdb = NULL;
|
|
+
|
|
+struct ldapdb_data {
|
|
+ char *hostport;
|
|
+ char *hostname;
|
|
+ int portno;
|
|
+ char *base;
|
|
+ int defaultttl;
|
|
+ char *filterall;
|
|
+ int filteralllen;
|
|
+ char *filterone;
|
|
+ int filteronelen;
|
|
+ char *filtername;
|
|
+ char *bindname;
|
|
+ char *bindpw;
|
|
+#ifdef LDAPDB_TLS
|
|
+ int tls;
|
|
+#endif
|
|
+};
|
|
+
|
|
+/* used by ldapdb_getconn */
|
|
+
|
|
+struct ldapdb_entry {
|
|
+ void *index;
|
|
+ size_t size;
|
|
+ void *data;
|
|
+ struct ldapdb_entry *next;
|
|
+};
|
|
+
|
|
+static struct ldapdb_entry *ldapdb_find(struct ldapdb_entry *stack,
|
|
+ const void *index, size_t size) {
|
|
+ while (stack != NULL) {
|
|
+ if (stack->size == size && !memcmp(stack->index, index, size))
|
|
+ return stack;
|
|
+ stack = stack->next;
|
|
+ }
|
|
+ return NULL;
|
|
+}
|
|
+
|
|
+static void ldapdb_insert(struct ldapdb_entry **stack,
|
|
+ struct ldapdb_entry *item) {
|
|
+ item->next = *stack;
|
|
+ *stack = item;
|
|
+}
|
|
+
|
|
+static void ldapdb_lock(int what) {
|
|
+ static isc_mutex_t lock;
|
|
+
|
|
+ switch (what) {
|
|
+ case 0:
|
|
+ isc_mutex_init(&lock);
|
|
+ break;
|
|
+ case 1:
|
|
+ LOCK(&lock);
|
|
+ break;
|
|
+ case -1:
|
|
+ UNLOCK(&lock);
|
|
+ break;
|
|
+ }
|
|
+}
|
|
+
|
|
+/* data == NULL means cleanup */
|
|
+static LDAP **
|
|
+ldapdb_getconn(struct ldapdb_data *data)
|
|
+{
|
|
+ static struct ldapdb_entry *allthreadsdata = NULL;
|
|
+ struct ldapdb_entry *threaddata, *conndata;
|
|
+ unsigned long threadid;
|
|
+
|
|
+ if (data == NULL) {
|
|
+ /* cleanup */
|
|
+ /* lock out other threads */
|
|
+ ldapdb_lock(1);
|
|
+ while (allthreadsdata != NULL) {
|
|
+ threaddata = allthreadsdata;
|
|
+ free(threaddata->index);
|
|
+ while (threaddata->data != NULL) {
|
|
+ conndata = threaddata->data;
|
|
+ free(conndata->index);
|
|
+ if (conndata->data != NULL)
|
|
+ ldap_unbind((LDAP *)conndata->data);
|
|
+ threaddata->data = conndata->next;
|
|
+ free(conndata);
|
|
+ }
|
|
+ allthreadsdata = threaddata->next;
|
|
+ free(threaddata);
|
|
+ }
|
|
+ ldapdb_lock(-1);
|
|
+ return (NULL);
|
|
+ }
|
|
+
|
|
+ /* look for connection data for current thread */
|
|
+ threadid = isc_thread_self();
|
|
+ threaddata = ldapdb_find(allthreadsdata, &threadid, sizeof(threadid));
|
|
+ if (threaddata == NULL) {
|
|
+ /* no data for this thread, create empty connection list */
|
|
+ threaddata = malloc(sizeof(*threaddata));
|
|
+ if (threaddata == NULL)
|
|
+ return (NULL);
|
|
+ threaddata->index = malloc(sizeof(threadid));
|
|
+ if (threaddata->index == NULL) {
|
|
+ free(threaddata);
|
|
+ return (NULL);
|
|
+ }
|
|
+ *(unsigned long *)threaddata->index = threadid;
|
|
+ threaddata->size = sizeof(threadid);
|
|
+ threaddata->data = NULL;
|
|
+
|
|
+ /* need to lock out other threads here */
|
|
+ ldapdb_lock(1);
|
|
+ ldapdb_insert(&allthreadsdata, threaddata);
|
|
+ ldapdb_lock(-1);
|
|
+ }
|
|
+
|
|
+ /* threaddata points at the connection list for current thread */
|
|
+ /* look for existing connection to our server */
|
|
+ conndata = ldapdb_find((struct ldapdb_entry *)threaddata->data,
|
|
+ data->hostport, strlen(data->hostport));
|
|
+ if (conndata == NULL) {
|
|
+ /* no connection data structure for this server, create one */
|
|
+ conndata = malloc(sizeof(*conndata));
|
|
+ if (conndata == NULL)
|
|
+ return (NULL);
|
|
+ conndata->index = data->hostport;
|
|
+ conndata->size = strlen(data->hostport);
|
|
+ conndata->data = NULL;
|
|
+ ldapdb_insert((struct ldapdb_entry **)&threaddata->data,
|
|
+ conndata);
|
|
+ }
|
|
+
|
|
+ return (LDAP **)&conndata->data;
|
|
+}
|
|
+
|
|
+static void
|
|
+ldapdb_bind(struct ldapdb_data *data, LDAP **ldp)
|
|
+{
|
|
+#ifndef LDAPDB_RFC1823API
|
|
+ const int ver = LDAPDB_LDAP_VERSION;
|
|
+#endif
|
|
+
|
|
+ if (*ldp != NULL)
|
|
+ ldap_unbind(*ldp);
|
|
+ *ldp = ldap_open(data->hostname, data->portno);
|
|
+ if (*ldp == NULL)
|
|
+ return;
|
|
+
|
|
+#ifndef LDAPDB_RFC1823API
|
|
+ ldap_set_option(*ldp, LDAP_OPT_PROTOCOL_VERSION, &ver);
|
|
+#endif
|
|
+
|
|
+#ifdef LDAPDB_TLS
|
|
+ if (data->tls) {
|
|
+ ldap_start_tls_s(*ldp, NULL, NULL);
|
|
+ }
|
|
+#endif
|
|
+
|
|
+ if (ldap_simple_bind_s(*ldp, data->bindname, data->bindpw) != LDAP_SUCCESS) {
|
|
+ ldap_unbind(*ldp);
|
|
+ *ldp = NULL;
|
|
+ }
|
|
+}
|
|
+
|
|
+static isc_result_t
|
|
+ldapdb_search(const char *zone, const char *name, void *dbdata, void *retdata)
|
|
+{
|
|
+ struct ldapdb_data *data = dbdata;
|
|
+ isc_result_t result = ISC_R_NOTFOUND;
|
|
+ LDAP **ldp;
|
|
+ LDAPMessage *res, *e;
|
|
+ char *fltr, *a, **vals = NULL, **names = NULL;
|
|
+ char type[64];
|
|
+#ifdef LDAPDB_RFC1823API
|
|
+ void *ptr;
|
|
+#else
|
|
+ BerElement *ptr;
|
|
+#endif
|
|
+ int i, j, errno, msgid;
|
|
+
|
|
+ ldp = ldapdb_getconn(data);
|
|
+ if (ldp == NULL)
|
|
+ return (ISC_R_FAILURE);
|
|
+ if (*ldp == NULL) {
|
|
+ ldapdb_bind(data, ldp);
|
|
+ if (*ldp == NULL) {
|
|
+ isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER, ISC_LOG_ERROR,
|
|
+ "LDAP sdb zone '%s': bind failed", zone);
|
|
+ return (ISC_R_FAILURE);
|
|
+ }
|
|
+ }
|
|
+
|
|
+ if (name == NULL) {
|
|
+ fltr = data->filterall;
|
|
+ } else {
|
|
+ if (strlen(name) > MAXNAMELEN) {
|
|
+ isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER, ISC_LOG_ERROR,
|
|
+ "LDAP sdb zone '%s': name %s too long", zone, name);
|
|
+ return (ISC_R_FAILURE);
|
|
+ }
|
|
+ sprintf(data->filtername, "%s))", name);
|
|
+ fltr = data->filterone;
|
|
+ }
|
|
+
|
|
+ msgid = ldap_search(*ldp, data->base, LDAP_SCOPE_SUBTREE, fltr, NULL, 0);
|
|
+ if (msgid == -1) {
|
|
+ ldapdb_bind(data, ldp);
|
|
+ if (*ldp != NULL)
|
|
+ msgid = ldap_search(*ldp, data->base, LDAP_SCOPE_SUBTREE, fltr, NULL, 0);
|
|
+ }
|
|
+
|
|
+ if (*ldp == NULL || msgid == -1) {
|
|
+ isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER, ISC_LOG_ERROR,
|
|
+ "LDAP sdb zone '%s': search failed, filter %s", zone, fltr);
|
|
+ return (ISC_R_FAILURE);
|
|
+ }
|
|
+
|
|
+ /* Get the records one by one as they arrive and return them to bind */
|
|
+ while ((errno = ldap_result(*ldp, msgid, 0, NULL, &res)) != LDAP_RES_SEARCH_RESULT ) {
|
|
+ LDAP *ld = *ldp;
|
|
+ int ttl = data->defaultttl;
|
|
+
|
|
+ /* not supporting continuation references at present */
|
|
+ if (errno != LDAP_RES_SEARCH_ENTRY) {
|
|
+ isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER, ISC_LOG_ERROR,
|
|
+ "LDAP sdb zone '%s': ldap_result returned %d", zone, errno);
|
|
+ ldap_msgfree(res);
|
|
+ return (ISC_R_FAILURE);
|
|
+ }
|
|
+
|
|
+ /* only one entry per result message */
|
|
+ e = ldap_first_entry(ld, res);
|
|
+ if (e == NULL) {
|
|
+ ldap_msgfree(res);
|
|
+ isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER, ISC_LOG_ERROR,
|
|
+ "LDAP sdb zone '%s': ldap_first_entry failed", zone);
|
|
+ return (ISC_R_FAILURE);
|
|
+ }
|
|
+
|
|
+ if (name == NULL) {
|
|
+ names = ldap_get_values(ld, e, "relativeDomainName");
|
|
+ if (names == NULL)
|
|
+ continue;
|
|
+ }
|
|
+
|
|
+ vals = ldap_get_values(ld, e, "dNSTTL");
|
|
+ if (vals != NULL) {
|
|
+ ttl = atoi(vals[0]);
|
|
+ ldap_value_free(vals);
|
|
+ }
|
|
+
|
|
+ for (a = ldap_first_attribute(ld, e, &ptr); a != NULL; a = ldap_next_attribute(ld, e, ptr)) {
|
|
+ char *s;
|
|
+
|
|
+ for (s = a; *s; s++)
|
|
+ *s = toupper(*s);
|
|
+ s = strstr(a, "RECORD");
|
|
+ if ((s == NULL) || (s == a) || (s - a >= (signed int)sizeof(type))) {
|
|
+#ifndef LDAPDB_RFC1823API
|
|
+ ldap_memfree(a);
|
|
+#endif
|
|
+ continue;
|
|
+ }
|
|
+
|
|
+ strncpy(type, a, s - a);
|
|
+ type[s - a] = '\0';
|
|
+ vals = ldap_get_values(ld, e, a);
|
|
+ if (vals != NULL) {
|
|
+ for (i = 0; vals[i] != NULL; i++) {
|
|
+ if (name != NULL) {
|
|
+ result = dns_sdb_putrr(retdata, type, ttl, vals[i]);
|
|
+ } else {
|
|
+ for (j = 0; names[j] != NULL; j++) {
|
|
+ result = dns_sdb_putnamedrr(retdata, names[j], type, ttl, vals[i]);
|
|
+ if (result != ISC_R_SUCCESS)
|
|
+ break;
|
|
+ }
|
|
+ }
|
|
+; if (result != ISC_R_SUCCESS) {
|
|
+ isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER, ISC_LOG_ERROR,
|
|
+ "LDAP sdb zone '%s': dns_sdb_put... failed for %s", zone, vals[i]);
|
|
+ ldap_value_free(vals);
|
|
+#ifndef LDAPDB_RFC1823API
|
|
+ ldap_memfree(a);
|
|
+ if (ptr != NULL)
|
|
+ ber_free(ptr, 0);
|
|
+#endif
|
|
+ if (name == NULL)
|
|
+ ldap_value_free(names);
|
|
+ ldap_msgfree(res);
|
|
+ return (ISC_R_FAILURE);
|
|
+ }
|
|
+ }
|
|
+ ldap_value_free(vals);
|
|
+ }
|
|
+#ifndef LDAPDB_RFC1823API
|
|
+ ldap_memfree(a);
|
|
+#endif
|
|
+ }
|
|
+#ifndef LDAPDB_RFC1823API
|
|
+ if (ptr != NULL)
|
|
+ ber_free(ptr, 0);
|
|
+#endif
|
|
+ if (name == NULL)
|
|
+ ldap_value_free(names);
|
|
+
|
|
+ /* free this result */
|
|
+ ldap_msgfree(res);
|
|
+ }
|
|
+
|
|
+ /* free final result */
|
|
+ ldap_msgfree(res);
|
|
+ return (result);
|
|
+}
|
|
+
|
|
+
|
|
+/* callback routines */
|
|
+static isc_result_t
|
|
+ldapdb_lookup(const char *zone, const char *name, void *dbdata,
|
|
+ dns_sdblookup_t *lookup)
|
|
+{
|
|
+ return ldapdb_search(zone, name, dbdata, lookup);
|
|
+}
|
|
+
|
|
+static isc_result_t
|
|
+ldapdb_allnodes(const char *zone, void *dbdata,
|
|
+ dns_sdballnodes_t *allnodes)
|
|
+{
|
|
+ return ldapdb_search(zone, NULL, dbdata, allnodes);
|
|
+}
|
|
+
|
|
+static char *
|
|
+unhex(char *in)
|
|
+{
|
|
+ static const char hexdigits[] = "0123456789abcdef";
|
|
+ char *p, *s = in;
|
|
+ int d1, d2;
|
|
+
|
|
+ while ((s = strchr(s, '%'))) {
|
|
+ if (!(s[1] && s[2]))
|
|
+ return NULL;
|
|
+ if ((p = strchr(hexdigits, tolower(s[1]))) == NULL)
|
|
+ return NULL;
|
|
+ d1 = p - hexdigits;
|
|
+ if ((p = strchr(hexdigits, tolower(s[2]))) == NULL)
|
|
+ return NULL;
|
|
+ d2 = p - hexdigits;
|
|
+ *s++ = d1 << 4 | d2;
|
|
+ memmove(s, s + 2, strlen(s) - 1);
|
|
+ }
|
|
+ return in;
|
|
+}
|
|
+
|
|
+/* returns 0 for ok, -1 for bad syntax, -2 for unknown critical extension */
|
|
+static int
|
|
+parseextensions(char *extensions, struct ldapdb_data *data)
|
|
+{
|
|
+ char *s, *next, *name, *value;
|
|
+ int critical;
|
|
+
|
|
+ while (extensions != NULL) {
|
|
+ s = strchr(extensions, ',');
|
|
+ if (s != NULL) {
|
|
+ *s++ = '\0';
|
|
+ next = s;
|
|
+ } else {
|
|
+ next = NULL;
|
|
+ }
|
|
+
|
|
+ if (*extensions != '\0') {
|
|
+ s = strchr(extensions, '=');
|
|
+ if (s != NULL) {
|
|
+ *s++ = '\0';
|
|
+ value = *s != '\0' ? s : NULL;
|
|
+ } else {
|
|
+ value = NULL;
|
|
+ }
|
|
+ name = extensions;
|
|
+
|
|
+ critical = *name == '!';
|
|
+ if (critical) {
|
|
+ name++;
|
|
+ }
|
|
+ if (*name == '\0') {
|
|
+ return -1;
|
|
+ }
|
|
+
|
|
+ if (!strcasecmp(name, "bindname")) {
|
|
+ data->bindname = value;
|
|
+ } else if (!strcasecmp(name, "x-bindpw")) {
|
|
+ data->bindpw = value;
|
|
+#ifdef LDAPDB_TLS
|
|
+ } else if (!strcasecmp(name, "x-tls")) {
|
|
+ data->tls = value == NULL || !strcasecmp(value, "true");
|
|
+#endif
|
|
+ } else if (critical) {
|
|
+ return -2;
|
|
+ }
|
|
+ }
|
|
+ extensions = next;
|
|
+ }
|
|
+ return 0;
|
|
+}
|
|
+
|
|
+static void
|
|
+free_data(struct ldapdb_data *data)
|
|
+{
|
|
+ if (data->hostport != NULL)
|
|
+ isc_mem_free(ns_g_mctx, data->hostport);
|
|
+ if (data->hostname != NULL)
|
|
+ isc_mem_free(ns_g_mctx, data->hostname);
|
|
+ if (data->filterall != NULL)
|
|
+ isc_mem_put(ns_g_mctx, data->filterall, data->filteralllen);
|
|
+ if (data->filterone != NULL)
|
|
+ isc_mem_put(ns_g_mctx, data->filterone, data->filteronelen);
|
|
+ isc_mem_put(ns_g_mctx, data, sizeof(struct ldapdb_data));
|
|
+}
|
|
+
|
|
+
|
|
+static isc_result_t
|
|
+ldapdb_create(const char *zone, int argc, char **argv,
|
|
+ void *driverdata, void **dbdata)
|
|
+{
|
|
+ struct ldapdb_data *data;
|
|
+ char *s, *filter = NULL, *extensions = NULL;
|
|
+ int defaultttl;
|
|
+
|
|
+ UNUSED(driverdata);
|
|
+
|
|
+ /* we assume that only one thread will call create at a time */
|
|
+ /* want to do this only once for all instances */
|
|
+
|
|
+ if ((argc < 2)
|
|
+ || (argv[0] != strstr( argv[0], "ldap://"))
|
|
+ || ((defaultttl = atoi(argv[1])) < 1))
|
|
+ return (ISC_R_FAILURE);
|
|
+ data = isc_mem_get(ns_g_mctx, sizeof(struct ldapdb_data));
|
|
+ if (data == NULL)
|
|
+ return (ISC_R_NOMEMORY);
|
|
+
|
|
+ memset(data, 0, sizeof(struct ldapdb_data));
|
|
+ data->hostport = isc_mem_strdup(ns_g_mctx, argv[0] + strlen("ldap://"));
|
|
+ if (data->hostport == NULL) {
|
|
+ free_data(data);
|
|
+ return (ISC_R_NOMEMORY);
|
|
+ }
|
|
+
|
|
+ data->defaultttl = defaultttl;
|
|
+
|
|
+ s = strchr(data->hostport, '/');
|
|
+ if (s != NULL) {
|
|
+ *s++ = '\0';
|
|
+ data->base = s;
|
|
+ /* attrs, scope, filter etc? */
|
|
+ s = strchr(s, '?');
|
|
+ if (s != NULL) {
|
|
+ *s++ = '\0';
|
|
+ /* ignore attributes */
|
|
+ s = strchr(s, '?');
|
|
+ if (s != NULL) {
|
|
+ *s++ = '\0';
|
|
+ /* ignore scope */
|
|
+ s = strchr(s, '?');
|
|
+ if (s != NULL) {
|
|
+ *s++ = '\0';
|
|
+ /* filter */
|
|
+ filter = s;
|
|
+ s = strchr(s, '?');
|
|
+ if (s != NULL) {
|
|
+ *s++ = '\0';
|
|
+ /* extensions */
|
|
+ extensions = s;
|
|
+ s = strchr(s, '?');
|
|
+ if (s != NULL) {
|
|
+ *s++ = '\0';
|
|
+ }
|
|
+ if (*extensions == '\0') {
|
|
+ extensions = NULL;
|
|
+ }
|
|
+ }
|
|
+ if (*filter == '\0') {
|
|
+ filter = NULL;
|
|
+ }
|
|
+ }
|
|
+ }
|
|
+ }
|
|
+ if (*data->base == '\0') {
|
|
+ data->base = NULL;
|
|
+ }
|
|
+ }
|
|
+
|
|
+ /* parse extensions */
|
|
+ if (extensions != NULL) {
|
|
+ int err;
|
|
+
|
|
+ err = parseextensions(extensions, data);
|
|
+ if (err < 0) {
|
|
+ /* err should be -1 or -2 */
|
|
+ free_data(data);
|
|
+ if (err == -1) {
|
|
+ isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER, ISC_LOG_ERROR,
|
|
+ "LDAP sdb zone '%s': URL: extension syntax error", zone);
|
|
+ } else if (err == -2) {
|
|
+ isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER, ISC_LOG_ERROR,
|
|
+ "LDAP sdb zone '%s': URL: unknown critical extension", zone);
|
|
+ }
|
|
+ return (ISC_R_FAILURE);
|
|
+ }
|
|
+ }
|
|
+
|
|
+ if ((data->base != NULL && unhex(data->base) == NULL) ||
|
|
+ (filter != NULL && unhex(filter) == NULL) ||
|
|
+ (data->bindname != NULL && unhex(data->bindname) == NULL) ||
|
|
+ (data->bindpw != NULL && unhex(data->bindpw) == NULL)) {
|
|
+ free_data(data);
|
|
+ isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER, ISC_LOG_ERROR,
|
|
+ "LDAP sdb zone '%s': URL: bad hex values", zone);
|
|
+ return (ISC_R_FAILURE);
|
|
+ }
|
|
+
|
|
+ /* compute filterall and filterone once and for all */
|
|
+ if (filter == NULL) {
|
|
+ data->filteralllen = strlen(zone) + strlen("(zoneName=)") + 1;
|
|
+ data->filteronelen = strlen(zone) + strlen("(&(zoneName=)(relativeDomainName=))") + MAXNAMELEN + 1;
|
|
+ } else {
|
|
+ data->filteralllen = strlen(filter) + strlen(zone) + strlen("(&(zoneName=))") + 1;
|
|
+ data->filteronelen = strlen(filter) + strlen(zone) + strlen("(&(zoneName=)(relativeDomainName=))") + MAXNAMELEN + 1;
|
|
+ }
|
|
+
|
|
+ data->filterall = isc_mem_get(ns_g_mctx, data->filteralllen);
|
|
+ if (data->filterall == NULL) {
|
|
+ free_data(data);
|
|
+ return (ISC_R_NOMEMORY);
|
|
+ }
|
|
+ data->filterone = isc_mem_get(ns_g_mctx, data->filteronelen);
|
|
+ if (data->filterone == NULL) {
|
|
+ free_data(data);
|
|
+ return (ISC_R_NOMEMORY);
|
|
+ }
|
|
+
|
|
+ if (filter == NULL) {
|
|
+ sprintf(data->filterall, "(zoneName=%s)", zone);
|
|
+ sprintf(data->filterone, "(&(zoneName=%s)(relativeDomainName=", zone);
|
|
+ } else {
|
|
+ sprintf(data->filterall, "(&%s(zoneName=%s))", filter, zone);
|
|
+ sprintf(data->filterone, "(&%s(zoneName=%s)(relativeDomainName=", filter, zone);
|
|
+ }
|
|
+ data->filtername = data->filterone + strlen(data->filterone);
|
|
+
|
|
+ /* support URLs with literal IPv6 addresses */
|
|
+ data->hostname = isc_mem_strdup(ns_g_mctx, data->hostport + (*data->hostport == '[' ? 1 : 0));
|
|
+ if (data->hostname == NULL) {
|
|
+ free_data(data);
|
|
+ return (ISC_R_NOMEMORY);
|
|
+ }
|
|
+
|
|
+ if (*data->hostport == '[' &&
|
|
+ (s = strchr(data->hostname, ']')) != NULL )
|
|
+ *s++ = '\0';
|
|
+ else
|
|
+ s = data->hostname;
|
|
+ s = strchr(s, ':');
|
|
+ if (s != NULL) {
|
|
+ *s++ = '\0';
|
|
+ data->portno = atoi(s);
|
|
+ } else
|
|
+ data->portno = LDAP_PORT;
|
|
+
|
|
+ *dbdata = data;
|
|
+ return (ISC_R_SUCCESS);
|
|
+}
|
|
+
|
|
+static void
|
|
+ldapdb_destroy(const char *zone, void *driverdata, void **dbdata) {
|
|
+ struct ldapdb_data *data = *dbdata;
|
|
+
|
|
+ UNUSED(zone);
|
|
+ UNUSED(driverdata);
|
|
+
|
|
+ free_data(data);
|
|
+}
|
|
+
|
|
+static dns_sdbmethods_t ldapdb_methods = {
|
|
+ ldapdb_lookup,
|
|
+ NULL, /* authority */
|
|
+ ldapdb_allnodes,
|
|
+ ldapdb_create,
|
|
+ ldapdb_destroy
|
|
+};
|
|
+
|
|
+/* Wrapper around dns_sdb_register() */
|
|
+isc_result_t
|
|
+ldapdb_init(void) {
|
|
+ unsigned int flags =
|
|
+ DNS_SDBFLAG_RELATIVEOWNER |
|
|
+ DNS_SDBFLAG_RELATIVERDATA |
|
|
+ DNS_SDBFLAG_THREADSAFE;
|
|
+
|
|
+ ldapdb_lock(0);
|
|
+ return (dns_sdb_register("ldap", &ldapdb_methods, NULL, flags,
|
|
+ ns_g_mctx, &ldapdb));
|
|
+}
|
|
+
|
|
+/* Wrapper around dns_sdb_unregister() */
|
|
+void
|
|
+ldapdb_clear(void) {
|
|
+ if (ldapdb != NULL) {
|
|
+ /* clean up thread data */
|
|
+ ldapdb_getconn(NULL);
|
|
+ dns_sdb_unregister(&ldapdb);
|
|
+ }
|
|
+}
|
|
diff -ruN ../bind-9.3.1.org/bin/named/main.c ./bin/named/main.c
|
|
--- ../bind-9.3.1.org/bin/named/main.c Wed Jun 22 22:34:55 2005
|
|
+++ ./bin/named/main.c Wed Jun 22 22:47:38 2005
|
|
@@ -72,6 +72,7 @@
|
|
* Include header files for database drivers here.
|
|
*/
|
|
/* #include "xxdb.h" */
|
|
+#include <ldapdb.h>
|
|
|
|
/*
|
|
* Include DLZ drivers if appropriate.
|
|
@@ -681,6 +682,7 @@
|
|
* Add calls to register sdb drivers here.
|
|
*/
|
|
/* xxdb_init(); */
|
|
+ ldapdb_init();
|
|
|
|
#ifdef DLZ
|
|
/*
|
|
@@ -707,6 +709,7 @@
|
|
* Add calls to unregister sdb drivers here.
|
|
*/
|
|
/* xxdb_clear(); */
|
|
+ ldapdb_clear();
|
|
|
|
#ifdef DLZ
|
|
/*
|