1 /* dirmngr.c - LDAP access
2 Copyright (C) 2008 g10 Code GmbH
4 This file is part of DirMngr.
6 DirMngr is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2 of the License, or
9 (at your option) any later version.
11 DirMngr is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program; if not, write to the Free Software
18 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
26 #include "ldapserver.h"
29 /* Release the list of SERVERS. As usual it is okay to call this
30 function with SERVERS passed as NULL. */
32 ldapserver_list_free (ldap_server_t servers)
36 ldap_server_t tmp = servers->next;
37 xfree (servers->host);
38 xfree (servers->user);
40 memset (servers->pass, 0, strlen (servers->pass));
41 xfree (servers->pass);
42 xfree (servers->base);
49 /* Parse a single LDAP server configuration line. Returns the server
50 * or NULL in case of errors. The configuration line is assumed to be
51 * colon separated with these fields:
54 * 2. field: Portnumber
62 * starttls := Use STARTTLS with a default port of 389
63 * ldaptls := Tunnel LDAP trough a TLS tunnel with default port 636
64 * plain := Switch to plain unsecured LDAP.
65 * (The last of these 3 flags is the effective one)
66 * ntds := Use Active Directory authentication
67 * areconly := Use option LDAP_OPT_AREC_EXCLUSIVE
69 * FILENAME and LINENO are used for diagnostic purposes only.
72 ldapserver_parse_one (const char *line,
73 const char *filename, unsigned int lineno)
83 server = xtrycalloc (1, sizeof *server);
90 fields = strtokenize (line, ":");
97 for (fieldno=0; (p = fields[fieldno]); fieldno++)
102 server->host = xtrystrdup (p);
109 server->port = atoi (p);
113 server->user = xtrystrdup (p);
119 if (*p && !server->user)
122 log_error (_("%s:%u: password given without user\n"),
125 log_error ("ldap: password given without user ('%s')\n", line);
130 server->pass = xtrystrdup (p);
139 server->base = xtrystrdup (p);
149 flags = strtokenize (p, ",");
152 log_error ("strtokenize failed: %s\n",
153 gpg_strerror (gpg_error_from_syserror ()));
158 for (i=0; (s = flags[i]); i++)
162 else if (!ascii_strcasecmp (s, "starttls"))
164 server->starttls = 1;
165 server->ldap_over_tls = 0;
167 else if (!ascii_strcasecmp (s, "ldaptls"))
169 server->starttls = 0;
170 server->ldap_over_tls = 1;
172 else if (!ascii_strcasecmp (s, "plain"))
174 server->starttls = 0;
175 server->ldap_over_tls = 0;
177 else if (!ascii_strcasecmp (s, "ntds"))
181 else if (!ascii_strcasecmp (s, "areconly"))
183 server->areconly = 1;
188 log_info (_("%s:%u: ignoring unknown flag '%s'\n"),
189 filename, lineno, s);
191 log_info ("ldap: unknown flag '%s' ignored in (%s)\n",
201 /* (We silently ignore extra fields.) */
210 log_info (_("%s:%u: skipping this line\n"), filename, lineno);
212 log_info ("ldap: error in server spec ('%s')\n", line);
213 ldapserver_list_free (server);