#include <stdio.h>
#include <stdlib.h>
#include <ldap_ssl.h>
#if defined(N_PLAT_NLM) && defined(LIBC)
#include <screen.h>
#endif
static char usage[] =
"\n Usage: starttls <host name> [<port number> [<login dn> <password>]]\n"
" host name = ldap server name or IP address\n"
" port number = port to use - 389 default (clear text)\n"
" login dn = user name to login as\n"
" password = user password\n\n"
"Examples:\n"
" starttls www.openldap.org\n"
" starttls www.openldap.org 389\n"
" starttls Acme.com 389 cn=admin,o=Acme secret\n";
int doSimpleSearch
(
LDAP *ld
);
int main(int argc, char *argv[])
{
int rc = 0;
int version = LDAP_VERSION3;
int ldapPort = 389;
char *ldapHost = NULL;
char *loginDN = NULL;
char *password = NULL;
LDAP *ld = NULL;
struct timeval timeOut = {10,0};
#if defined(N_PLAT_NLM) && defined(LIBC)
setscreenmode(SCR_NO_MODE);
#endif
if (2 != argc && 3 != argc && 5 != argc)
{
printf("%s", usage);
exit(1);
}
ldapHost = argv[1];
if (3 <= argc)
{
ldapPort = atoi(argv[2]);
}
if (5 == argc)
{
loginDN = argv[3];
password = argv[4];
}
ldap_set_option( NULL, LDAP_OPT_PROTOCOL_VERSION, &version);
ldap_set_option( NULL, LDAP_OPT_NETWORK_TIMEOUT, &timeOut);
rc = ldapssl_client_init(NULL,
NULL);
if (LDAP_SUCCESS != rc)
{
printf("ldapssl_client_init error: %d\n", rc);
exit(1);
}
rc = ldapssl_set_verify_mode(LDAPSSL_VERIFY_NONE);
if (LDAP_SUCCESS != rc)
{
printf("ldapssl_set_verify_mode error: %d\n", rc);
ldapssl_client_deinit();
exit(1);
}
ld = ldapssl_init(ldapHost,
ldapPort,
0);
if (NULL == ld)
{
printf("ldapssl_init error\n");
ldapssl_client_deinit();
exit(1);
}
rc = ldap_simple_bind_s(ld, loginDN, password);
if (LDAP_SUCCESS != rc)
{
printf("ldap_simple_bind_s error: %d, %s\n",
rc, ldap_err2string(rc));
ldap_unbind_s(ld);
ldapssl_client_deinit();
exit(1);
}
printf("Bind successful. Do a simple search.\n");
rc = doSimpleSearch(ld);
if (LDAP_SUCCESS != rc)
{
printf("doSimpleSearch error: %d, %s\n",
rc, ldap_err2string(rc));
ldap_unbind_s(ld);
ldapssl_client_deinit();
exit(1);
}
printf("\nNow start TLS.\n");
rc = ldapssl_start_tls(ld);
if (LDAP_SUCCESS != rc)
{
printf("ldapssl_start_tls error: %d, %s\n",
rc, ldap_err2string(rc));
ldap_unbind_s(ld);
ldapssl_client_deinit();
exit(1);
}
printf("Start TLS successful\n");
printf("Performing search\n");
rc = doSimpleSearch(ld);
if (LDAP_SUCCESS != rc)
{
printf("doSimpleSearch error: %d, %s\n", rc, ldap_err2string(rc));
ldap_unbind_s(ld);
ldapssl_client_deinit();
exit(1);
}
rc = ldapssl_stop_tls(ld);
if (LDAP_SUCCESS != rc)
{
printf("ldapssl_stop_tls error: %d, %s\n", rc, ldap_err2string(rc));
ldap_unbind_s(ld);
ldapssl_client_deinit();
exit(1);
}
printf("\nStop TLS successful\n");
printf("Performing search\n");
rc = doSimpleSearch(ld);
if (LDAP_SUCCESS != rc)
{
printf("doSimpleSearch error: %d, %s\n", rc, ldap_err2string(rc));
ldap_unbind_s(ld);
ldapssl_client_deinit();
exit(1);
}
printf("\nUnbind and deinit\n");
ldap_unbind_s(ld);
ldapssl_client_deinit();
return 0;
}
int doSimpleSearch(LDAP *ld)
{
int rc = LDAP_SUCCESS;
LDAPMessage *resultBuf = NULL;
LDAPMessage *entry = NULL;
BerElement *ber = NULL;
char *attribute = NULL;
char **values = NULL;
rc = ldap_search_ext_s(ld, "" , LDAP_SCOPE_BASE, "(objectClass=*)",
NULL, 0,
NULL, NULL, NULL, LDAP_NO_LIMIT, &resultBuf);
if(LDAP_SUCCESS == rc)
{
entry = ldap_first_entry(ld, resultBuf);
if(entry != NULL)
{
for(attribute = ldap_first_attribute(ld, entry, &ber);
attribute != NULL;
attribute = ldap_next_attribute(ld, entry, ber))
{
if((values = ldap_get_values(ld, entry, attribute)) != NULL)
{
printf(" %s: %s\n", attribute, values[0]);
ldap_value_free(values);
ldap_memfree(attribute);
}
}
ber_free(ber, 0);
}
ldap_msgfree(resultBuf);
}
else
{
printf("ldap_search_ext_s error: %d, %s\n", rc, ldap_err2string(rc));
}
return rc;
}