Back to index

lightning-sunbird  0.9+nobinonly
ssearch.c
Go to the documentation of this file.
00001 /* ***** BEGIN LICENSE BLOCK *****
00002  * Version: MPL 1.1/GPL 2.0/LGPL 2.1
00003  *
00004  * The contents of this file are subject to the Mozilla Public License Version
00005  * 1.1 (the "License"); you may not use this file except in compliance with
00006  * the License. You may obtain a copy of the License at
00007  * http://www.mozilla.org/MPL/
00008  *
00009  * Software distributed under the License is distributed on an "AS IS" basis,
00010  * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
00011  * for the specific language governing rights and limitations under the
00012  * License.
00013  *
00014  * The Original Code is Mozilla Communicator client code, released
00015  * March 31, 1998.
00016  *
00017  * The Initial Developer of the Original Code is
00018  * Netscape Communications Corporation.
00019  * Portions created by the Initial Developer are Copyright (C) 1998-1999
00020  * the Initial Developer. All Rights Reserved.
00021  *
00022  * Contributor(s):
00023  *
00024  * Alternatively, the contents of this file may be used under the terms of
00025  * either the GNU General Public License Version 2 or later (the "GPL"), or
00026  * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
00027  * in which case the provisions of the GPL or the LGPL are applicable instead
00028  * of those above. If you wish to allow use of your version of this file only
00029  * under the terms of either the GPL or the LGPL, and not to allow others to
00030  * use your version of this file under the terms of the MPL, indicate your
00031  * decision by deleting the provisions above and replace them with the notice
00032  * and other provisions required by the GPL or the LGPL. If you do not delete
00033  * the provisions above, a recipient may use your version of this file under
00034  * the terms of any one of the MPL, the GPL or the LGPL.
00035  *
00036  * ***** END LICENSE BLOCK ***** */
00037 
00038 /*
00039  * Use an SSL connection to search the directory for all people whose
00040  * surname (last name) is "Jensen".  Since the "sn" attribute is a
00041  * caseignorestring (cis), case is not significant when searching.
00042  *
00043  * Authenticate using a client certificate.
00044  *
00045  */
00046 
00047 #include "examples.h"
00048 #include "ldap_ssl.h"
00049 
00050 #define MY_CERTDB           "/usr/netscape4/alias/client-cert.db"
00051 #define MY_KEYDB            "/usr/netscape4/alias/client-key.db"
00052 #define MY_KEYNICKNAME      "Server-Key"
00053 #define MY_CERTNICKNAME     "Server-Cert"
00054 #define MY_KEYPASSWD "secret"
00055 
00056 int
00057 main( int argc, char **argv )
00058 {
00059        LDAP          *ld;
00060        LDAPMessage   *result, *e;
00061        BerElement    *ber;
00062        char          *a, *dn;
00063        char          **vals;
00064        int           i;
00065 
00066        /* Initialize the client */
00067        if ( ldapssl_clientauth_init( MY_CERTDB, NULL, 1 /* need key db */,
00068            MY_KEYDB, NULL ) < 0 ) {
00069               perror( "ldapssl_clientauth_init" );
00070               return( 1 );
00071        }
00072 
00073        /* get a handle to an LDAP connection */
00074        if ( (ld = ldapssl_init( MY_HOST, MY_SSL_PORT, 1 )) == NULL ) {
00075               perror( "ldapssl_init" );
00076               return( 1 );
00077        }
00078 
00079        /* use LDAPv3 */
00080        i = LDAP_VERSION3;
00081        if ( ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &i ) < 0 ) {
00082               ldap_perror( ld, "ldap_set_option LDAPv3" );
00083               ldap_unbind( ld );
00084               return( 1 );
00085        }
00086 
00087        /* enable certificate-based client authentication. */
00088        if ( ldapssl_enable_clientauth( ld, MY_KEYNICKNAME, MY_KEYPASSWD,
00089                      MY_CERTNICKNAME ) != LDAP_SUCCESS ) {
00090               ldap_perror( ld, "ldapssl_enable_clientauth" );
00091               ldap_unbind( ld );
00092               return( 1 );
00093        }
00094 
00095        if ( ldap_sasl_bind_s( ld, NULL, LDAP_SASL_EXTERNAL, NULL, NULL, NULL,
00096                      NULL ) != LDAP_SUCCESS ) {
00097               ldap_perror( ld, "ldap_sasl_bind_s EXTERNAL" );
00098               ldap_unbind( ld );
00099               return( 1 );
00100        }
00101 
00102        /* search for all entries with surname of Jensen */
00103        if ( ldap_search_s( ld, PEOPLE_BASE, LDAP_SCOPE_SUBTREE,
00104               "(sn=jensen)", NULL, 0, &result ) != LDAP_SUCCESS ) {
00105               ldap_perror( ld, "ldap_search_s" );
00106               if ( result == NULL ) {
00107                      ldap_unbind( ld );
00108                      return( 1 );
00109               }
00110        }
00111        /* for each entry print out name + all attrs and values */
00112        for ( e = ldap_first_entry( ld, result ); e != NULL;
00113            e = ldap_next_entry( ld, e ) ) {
00114               if ( (dn = ldap_get_dn( ld, e )) != NULL ) {
00115                   printf( "dn: %s\n", dn );
00116                   ldap_memfree( dn );
00117               }
00118               for ( a = ldap_first_attribute( ld, e, &ber );
00119                   a != NULL; a = ldap_next_attribute( ld, e, ber ) ) {
00120                      if ((vals = ldap_get_values( ld, e, a)) != NULL ) {
00121                             for ( i = 0; vals[i] != NULL; i++ ) {
00122                                 printf( "%s: %s\n", a, vals[i] );
00123                             }
00124                             ldap_value_free( vals );
00125                      }
00126                      ldap_memfree( a );
00127               }
00128               if ( ber != NULL ) {
00129                      ber_free( ber, 0 );
00130               }
00131               printf( "\n" );
00132        }
00133        ldap_msgfree( result );
00134        ldap_unbind( ld );
00135        return( 0 );
00136 }