当用户找不到时,这里的ldap_result会卡住,设置tm.sec 为1也不行。需要继续定位。同样系统上官方的ldapsearch程序没有这个问题。
#include <stdio.h>
#include <stdint.h>
#include <ldap.h>
#include <sys/time.h>
#define LDAP_SERVER_NUM 10
#define LDAP_SERVER_NAME_LEN 64
#define LDAP_USER_DN_LEN 256
#define LDAP_USER_PSWD_LEN 64
#define LDAP_SEARCH_DN_NUM 10
#define LDAP_SEARCH_DN_LEN 256
#define LDAP_SEARCH_FILTER_LEN 64
typedef struct ldap_server_t {
char server[LDAP_SERVER_NAME_LEN];
uint16_t port;
char user_dn[LDAP_USER_DN_LEN];
char user_pswd[LDAP_USER_PSWD_LEN];
} ldap_server_t;
typedef struct ldap_search_dn_t {
char dn[LDAP_SEARCH_DN_LEN];
int server_index;
} ldap_search_dn_t;
int ldap_server_num = 0;
ldap_server_t g_ldap_server[LDAP_SERVER_NUM] = {0};
int ldap_search_dn_num = 0;
ldap_search_dn_t g_ldap_search_dn[LDAP_SEARCH_DN_NUM] = {0};
int ldap_register_server(char *hostname, int16_t port, char *dn, char *pswd) {
if (ldap_server_num >= LDAP_SERVER_NUM) {
return -1;
}
for (int index = 0; index < LDAP_SERVER_NUM; index++) {
if (strlen(g_ldap_server[ldap_server_num].server) > 0) {
continue;
}
strcpy(g_ldap_server[index].server, hostname);
g_ldap_server[index].port = port;
strcpy(g_ldap_server[index].user_dn, dn);
strcpy(g_ldap_server[index].user_pswd, pswd);
ldap_server_num++;
return 0;
}
return -1;
}
void ldap_unregister_server(char *servername) {
for (int i = 0; i < LDAP_SERVER_NUM; i++) {
if (strcmp(g_ldap_server[i].server, servername) != 0) {
continue;
}
memset(g_ldap_server[i].server, 0, LDAP_USER_DN_LEN);
memset(g_ldap_server[i].user_dn, 0, LDAP_USER_DN_LEN);
memset(g_ldap_server[i].user_pswd, 0, LDAP_USER_PSWD_LEN);
return;
}
}
ldap_server_t * ldap_get_server(int index) {
if (index >= LDAP_SERVER_NUM) {
return NULL;
}
if (strlen(g_ldap_server[index].server) == 0) {
return NULL;
}
return &g_ldap_server[index];
}
int ldap_register_search_dn(char *hostname, char *dn) {
if (ldap_search_dn_num >= LDAP_SEARCH_DN_NUM) {
return -1;
}
int index = 0;
for (int i = 0; i < LDAP_SERVER_NUM; i++) {
if (strcmp(g_ldap_server[i].server, hostname) != 0) {
continue;
}
index = i;
}
for (int i = 0; i < LDAP_SEARCH_DN_NUM; i++) {
if (strlen(g_ldap_search_dn[i].dn) > 0) {
continue;
}
g_ldap_search_dn[i].server_index = i;
strcpy(g_ldap_search_dn[i].dn, dn);
ldap_search_dn_num++;
return 0;
}
return -1;
}
void ldap_unregister_search_dn(char *servername, char *dn) {
int index = 0;
for (int i = 0; i < LDAP_SERVER_NUM; i++) {
if (strcmp(g_ldap_server[i].server, servername) != 0) {
continue;
}
index = i;
}
for (int i = 0; i < LDAP_SEARCH_DN_NUM; i++) {
if (g_ldap_search_dn[i].server_index == index
&& strcmp(g_ldap_search_dn[i].dn, dn) == 0) {
memset(&g_ldap_search_dn[i], 0, sizeof(ldap_search_dn_t));
return;
}
}
}
ldap_search_dn_t * ldap_get_search_dn(int index) {
if (index >= LDAP_SEARCH_DN_NUM) {
return NULL;
}
if (strlen(g_ldap_search_dn[index].dn) == 0) {
return NULL;
}
return &g_ldap_search_dn[index];
}
LDAP *ldap_init_ld(ldap_server_t *server) {
LDAP *ld = ldap_init(server->server, server->port);
if (ld == NULL) {
perror("ldap_init error");
return NULL;
}
int rc = ldap_simple_bind_s(ld, server->user_dn, server->user_pswd);
if (rc != LDAP_SUCCESS) {
printf("ldap_simple_bind_s: rc: %d, %s\n", rc, ldap_err2string(rc));
return NULL;
}
return ld;
}
void ldap_parse_sec_group(char *sec_group, char *str) {
char *c1 = strstr(str, "=");
char *c2 = strstr(str, ",");
if (c1 == NULL || c2 == NULL || c2 - c1 <= 0) {
return;
}
strncpy(sec_group, c1 + 1, c2 - c1 - 1);
}
void ldap_parse_user_group(char *user_group, char *str) {
char *c1 = strstr(str, ",");
if (c1 == NULL) {
return;
}
strcpy(user_group, c1 + 1);
}
int ldap_search_user_group(ldap_search_dn_t *search_dn, char *username, char *user_group, char sec_group[][128], int *sec_group_num) {
ldap_server_t *server = ldap_get_server(search_dn->server_index);
if (server == NULL) {
return -1;
}
LDAP *ld = ldap_init_ld(server);
if (ld == NULL) {
return -1;
}
char filter[LDAP_SEARCH_FILTER_LEN] = {0};
sprintf(filter, "cn=%s", username);
int msg = 0;
int rc = ldap_search_ext(ld, search_dn->dn, LDAP_SCOPE_SUBTREE, filter, NULL, 0, NULL, NULL, NULL, 0, &msg);
printf("1:%d\n", rc);
if (rc != LDAP_SUCCESS) {
printf("2\n");
printf("ldap_search_ext_s: rc: %d, %s\n", rc, ldap_err2string(rc));
ldap_unbind_ext(ld, NULL, NULL);
return -1;
}
printf("3:%d\n", msg);
LDAPMessage *result = NULL;
struct timeval tm2 = {0};
tm2.tv_sec = -1;
tm2.tv_usec = 0;
int r = ldap_result(ld, msg, LDAP_MSG_ONE, &tm2, &result);
if (r <= 0) {
printf("4\n");
ldap_unbind_ext(ld, NULL, NULL);
return -1;
}
printf("5\n");
for (LDAPMessage *e = ldap_first_message(ld, result); e != NULL; e = ldap_next_message(ld, result)) {
BerElement *ber;
for (char *a = ldap_first_attribute(ld, e, &ber); a != NULL; a = ldap_next_attribute(ld, e, ber)) {
char **vals;
if ((vals = ldap_get_values(ld, e, a)) == NULL ) {
continue;
}
for (int i = 0; vals[i] != NULL; i++) {
if (strcmp("memberOf", a) == 0) {
ldap_parse_sec_group(sec_group[*sec_group_num], vals[i]);
(*sec_group_num)++;
} else if (strcmp("distinguishedName", a) == 0) {
printf("dn:%s\n", vals[i]);
ldap_parse_user_group(user_group, vals[i]);
} else {
}
}
}
}
ldap_unbind_ext(ld, NULL, NULL);
return 0;
}
int ldap_get_user_group(char *username, char *user_group, char sec_group[][128], int *sec_group_num) {
for (int i = 0; i < LDAP_SEARCH_DN_NUM; i++) {
ldap_search_dn_t *search_dn = ldap_get_search_dn(i);
if (search_dn == NULL) {
continue;
}
int ret = ldap_search_user_group(search_dn, username, user_group, sec_group, sec_group_num);
if (ret == -1) {
continue;
}
}
return 0;
}
void test_search_user(char *username) {
char user_group[128] = {0};
char sec_group[40][128] = {0};
int sec_group_num = 0;
printf("search user:%s\n", username);
int ret = ldap_get_user_group(username, user_group, sec_group, &sec_group_num);
if (ret != 0) {
printf("search user:%s failed.\n", username);
return;
}
for (int i = 0; i < sec_group_num; i++) {
printf("sec_group:%s\n", sec_group[i]);
}
printf("user_group:%s\n\n", user_group);
}
int main()
{
#define HOSTNAME "10.211.55.11"
#define PORT_NUMBER 389
#define FIND_DN "dc=test,dc=com"
#if 1
int i_version = 3;
ldap_set_option(NULL, LDAP_OPT_PROTOCOL_VERSION, &i_version);
ldap_set_option(NULL, LDAP_OPT_REFERRALS, LDAP_OPT_ON);
#endif
int ret;
ret = ldap_register_server(HOSTNAME, PORT_NUMBER, "cn=administrator,cn=Users,dc=test,dc=com", "Admin@123456");
if (ret != 0) {
printf("ldap_register_server error\n");
return -1;
}
ret = ldap_register_search_dn(HOSTNAME, "dc=test,dc=com");
if (ret != 0) {
printf("ldap_register_search_dn error\n");
return -1;
}
test_search_user("u1");
test_search_user("u12");
test_search_user("u2");
test_search_user("uz1");
test_search_user("uz2");
return 0;
}
本文内容由网友自发贡献,版权归原作者所有,本站不承担相应法律责任。如您发现有涉嫌抄袭侵权的内容,请联系:hwhale#tublm.com(使用前将#替换为@)