From owner-p4-projects@FreeBSD.ORG  Fri Aug  4 17:13:57 2006
Return-Path: <owner-p4-projects@FreeBSD.ORG>
X-Original-To: p4-projects@freebsd.org
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id ABD8916A4E0; Fri,  4 Aug 2006 17:13:57 +0000 (UTC)
X-Original-To: perforce@freebsd.org
Delivered-To: perforce@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 856C816A4DA
	for <perforce@freebsd.org>; Fri,  4 Aug 2006 17:13:57 +0000 (UTC)
	(envelope-from bushman@freebsd.org)
Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 0CA9C43D5E
	for <perforce@freebsd.org>; Fri,  4 Aug 2006 17:13:55 +0000 (GMT)
	(envelope-from bushman@freebsd.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.13.6/8.13.6) with ESMTP id k74HDt2o017869
	for <perforce@freebsd.org>; Fri, 4 Aug 2006 17:13:55 GMT
	(envelope-from bushman@freebsd.org)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.13.6/8.13.4/Submit) id k74HDtTQ017865
	for perforce@freebsd.org; Fri, 4 Aug 2006 17:13:55 GMT
	(envelope-from bushman@freebsd.org)
Date: Fri, 4 Aug 2006 17:13:55 GMT
Message-Id: <200608041713.k74HDtTQ017865@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to
	bushman@freebsd.org using -f
From: Michael Bushkov <bushman@FreeBSD.org>
To: Perforce Change Reviews <perforce@freebsd.org>
Cc: 
Subject: PERFORCE change 103180 for review
X-BeenThere: p4-projects@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: p4 projects tree changes <p4-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/p4-projects>
List-Post: <mailto:p4-projects@freebsd.org>
List-Help: <mailto:p4-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Aug 2006 17:13:57 -0000

http://perforce.freebsd.org/chv.cgi?CH=103180

Change 103180 by bushman@bushman_nss_ldap_cached on 2006/08/04 17:13:37

	Support for SASL authentication added
	+  Most of the configuration options are now supported
	+ A lot of minor enhancements. 

Affected files ...

.. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/Makefile#7 edit
.. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldap_group.c#6 edit
.. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldap_group.h#6 edit
.. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldap_passwd.c#7 edit
.. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldap_passwd.h#7 edit
.. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldap_serv.c#3 edit
.. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldap_serv.h#3 edit
.. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldapconf.c#7 edit
.. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldapconf.h#7 edit
.. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldapconn.c#7 edit
.. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldapconn.h#7 edit
.. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldapschema.c#7 edit
.. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldapschema.h#7 edit
.. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldapsearch.c#6 edit
.. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldapsearch.h#6 edit
.. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldaptls.c#5 edit
.. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldaptls.h#5 edit
.. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldaputil.c#7 edit
.. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldaputil.h#7 edit
.. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/nss_ldap.c#7 edit
.. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/nss_ldap.h#7 edit

Differences ...

==== //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/Makefile#7 (text+ko) ====

@@ -2,11 +2,10 @@
 
 .include <bsd.own.mk>
 
-PROG=		nss_ldap
-#LIB=		nss_ldap
-#SHLIB_MAJOR=	1
-#SHLIB_NAME=	nss_ldap.so.${SHLIB_MAJOR}
-#SHLIBDIR?=	/lib
+LIB=		nss_ldap
+SHLIB_MAJOR=	1
+SHLIB_NAME=	nss_ldap.so.${SHLIB_MAJOR}
+SHLIBDIR?=	/lib
 
 SRCS=	nss_ldap.c ldap_group.c ldap_passwd.c ldap_serv.c ldapconn.c\
 	ldapconf.c ldapschema.c ldapsearch.c ldaptls.c ldaputil.c
@@ -14,11 +13,10 @@
 CFLAGS+=-DINET6
 CFLAGS+=-g
 
-LDADD+= -lnssutil -lldap
+LDADD+= -lnssutil -lldap -lsasl2
 LDFLAGS+= -L${.OBJDIR}/../libnssutil -L/usr/local/lib
 
-INCS=   
+INCS=	
 MAN=	
 
-#.include <bsd.lib.mk>
-.include <bsd.prog.mk>
+.include <bsd.lib.mk>

==== //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldap_group.c#6 (text+ko) ====

@@ -30,6 +30,7 @@
 __FBSDID("$FreeBSD$");
  
 #include <assert.h>
+#include <errno.h>
 #include <nsswitch.h>
 #include <ldap.h>
 #include <grp.h>
@@ -41,7 +42,16 @@
 #include "ldapconf.h"
 #include "nss_ldap.h"
 
-static int 
+static int nss_ldap_parse_group(struct nss_ldap_parse_context *);
+	
+static int ldap_getgrnam_r(const char *, struct group *, char *, size_t,
+	struct group **);
+static int ldap_getgrgid_r(gid_t, struct group *, char *, size_t,
+	struct group **);
+static int ldap_getgrent_r(struct group *, char *, size_t, struct group **);
+static void ldap_setgrent();
+
+static int
 nss_ldap_parse_group(struct nss_ldap_parse_context *pctx)
 {
 	struct nss_ldap_schema *schema;
@@ -99,114 +109,9 @@
 	
 errfin:
 	return (rv);
-/*	
-	
-  if (_nss_ldap_test_config_flag (NSS_LDAP_FLAGS_RFC2307BIS))
-    {
-      groupMembers = groupMembersBuffer;
-      groupMembersCount = 0;
-      groupMembersBufferSize = sizeof (groupMembers);
-      groupMembersBufferIsMalloced = 0;
-      depth = 0;
-
-      stat = do_parse_group_members (e, &groupMembers, &groupMembersCount,
-				     &groupMembersBufferSize,
-				     &groupMembersBufferIsMalloced, &buffer,
-				     &buflen, &depth, &knownGroups);
-      if (stat != NSS_SUCCESS)
-	{
-	  if (groupMembersBufferIsMalloced)
-	    free (groupMembers);
-	  _nss_ldap_namelist_destroy (&knownGroups);
-	  return stat;
-	}
-
-      stat = do_fix_group_members_buffer (groupMembers, groupMembersCount,
-					  &gr->gr_mem, &buffer, &buflen);
-
-      if (groupMembersBufferIsMalloced)
-	free (groupMembers);
-      _nss_ldap_namelist_destroy (&knownGroups);
-    }
-  else
-    {
-      stat =
-	_nss_ldap_assign_attrvals (e, ATM (LM_GROUP, memberUid), NULL,
-				   &gr->gr_mem, &buffer, &buflen, NULL);
-    }
-
-  return stat;*/
-
-/*	sctx = pctx->sctx;
-	pwd = (struct passwd *)pctx->mdata;
-	buf = pctx->buffer;
-	buflen = pctx->bufsize;
-	
-	schema = &sctx->conf->schema;
-	
-	printf("==> %d %s\n", __LINE__, __FILE__);
-	rv = __nss_ldap_assign_attr_str(sctx,
-		_ATM(schema, PASSWD, uid),
-		&pwd->pw_name, &len, buf, buflen);
-	if (rv != 0)
-		goto errfin;
-	buflen -= len;
-	buf += len;
-	
-	printf("==> %d %s\n", __LINE__, __FILE__);	
-	rv = __nss_ldap_assign_attr_uid(sctx,
-		_AT(schema, uidNumber),
-		&pwd->pw_uid);
-	if (rv != 0)
-		goto errfin;
-	
-	printf("==> %d %s\n", __LINE__, __FILE__);
-	rv = __nss_ldap_assign_attr_str(sctx,
-		_AT(schema, gecos),
-		&pwd->pw_gecos, &len, buf, buflen);
-	if (rv != 0) {
-		pwd->pw_gecos = NULL;
-		rv = __nss_ldap_assign_attr_str(sctx,
-			_ATM(schema, PASSWD, cn),
-			&pwd->pw_gecos, &len, buf, buflen);
-	}
-      
-	if (rv != 0)
-		goto errfin;
-	buflen -= len;
-	buf += len;
-	
-	printf("==> %d %s\n", __LINE__, __FILE__);
-	rv = __nss_ldap_assign_attr_str(sctx,
-		_AT(schema, homeDirectory),
-		&pwd->pw_dir, &len, buf, buflen);
-	if (rv != 0)
-		rv = __nss_ldap_assign_str("", &pwd->pw_dir, &len, buf,
-			buflen);
-	if (rv != 0)
-		goto errfin;
-	buflen -= len;
-	buf += len;
-	
-	printf("==> %d %s\n", __LINE__, __FILE__);
-	rv = __nss_ldap_assign_attr_str(sctx,
-		_AT(schema, loginShell),
-		&pwd->pw_shell, &len, buf, buflen);
-	if (rv != 0)
-		rv = __nss_ldap_assign_str("", &pwd->pw_shell, &len, buf,
-			buflen);	
-	if (rv != 0)
-		goto errfin;
-	buflen -= len;
-	buf += len;
-	
-fin:
-	return (0);
-	
-errfin:*/
 }
 
-int 
+static int 
 ldap_getgrnam_r(const char *name, struct group *grp, 
 	char *buffer, size_t bufsize, struct group **result)
 {
@@ -231,7 +136,7 @@
 	return (rv);
 }
 
-int
+static int
 ldap_getgrgid_r(gid_t gid, struct group *grp, 
 	char *buffer, size_t bufsize, struct group **result)
 {
@@ -256,7 +161,7 @@
 	return (rv);
 }
 
-int
+static int
 ldap_getgrent_r(struct group *grp, char *buffer, size_t bufsize, 
 	struct group **result)
 {
@@ -277,22 +182,77 @@
 	return (rv);
 }
 
-void
+static void
 ldap_setgrent()
 {
 
 	__nss_ldap_setent(NSS_LDAP_MAP_GROUP);	
 }
 
-
 int 
-__ldap_setgrpent(void *retval, void *mdata, va_list ap)
+__ldap_setgrent(void *retval, void *mdata, va_list ap)
 {
+	
+	ldap_setgrent();
 	return (NS_UNAVAIL);
 }
 
 int 
 __ldap_group(void *retval, void *mdata, va_list ap)
 {
-	return (NS_UNAVAIL);
+	struct group *grp, *result;
+	char *buffer;
+	size_t bufsize;
+	int *errnop;
+
+	char *name;
+	gid_t gid;
+	
+	int rv;
+	
+	assert(mdata != NULL);
+	
+	switch ((enum nss_lookup_type)mdata) {
+	case nss_lt_name:
+		printf("GGG %s %d\n", __FILE__, __LINE__);
+		name = va_arg(ap, char *);
+		break;
+	case nss_lt_id:
+		printf("GGG %s %d\n", __FILE__, __LINE__);
+		gid = va_arg(ap, gid_t);
+		break;
+	case nss_lt_all:
+		printf("GGG %s %d\n", __FILE__, __LINE__);
+		break;
+	default:
+		/* CONSIDERED UNREACHABLE */
+		return (NS_UNAVAIL);
+	}
+	
+	grp = va_arg(ap, struct group *);
+	buffer = va_arg(ap, char *);
+	bufsize = va_arg(ap, size_t);
+	errnop = va_arg(ap, int *);
+	
+	switch ((enum nss_lookup_type)mdata) {
+	case nss_lt_name:
+		rv = ldap_getgrnam_r(name, grp, buffer, bufsize, &result);
+		break;
+	case nss_lt_id:
+		rv = ldap_getgrgid_r(gid, grp, buffer, bufsize, &result);
+		break;
+	case nss_lt_all:
+		rv = ldap_getgrent_r(grp, buffer, bufsize, &result);
+		break;
+	default:
+		break;
+	}
+	
+	if ((rv == NS_SUCCESS) && (retval != NULL))
+		*(struct group **)retval = result;
+			
+	if ((rv != NS_SUCCESS) && (rv != NS_NOTFOUND))
+		*errnop = errno;
+			
+	return (rv);
 }

==== //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldap_group.h#6 (text+ko) ====

@@ -29,18 +29,6 @@
 #ifndef _LDAP_GROUP_H_
 #define _LDAP_GROUP_H_
 
-int 
-ldap_getgrnam_r(const char *name, struct group *grp, 
-	char *buffer, size_t bufsize, struct group **result);
-int
-ldap_getgrgid_r(gid_t gid, struct group *grp, 
-	char *buffer, size_t bufsize, struct group **result);
-int
-ldap_getgrent_r(struct group *grp, char *buffer, size_t bufsize, 
-	struct group **result);
-void
-ldap_setgrent();
-
 extern int __ldap_setgrent(void *, void *, va_list);
 extern int __ldap_group(void *, void *, va_list);
 

==== //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldap_passwd.c#7 (text+ko) ====

@@ -25,11 +25,11 @@
  *
  */
  
-
 #include <sys/cdefs.h>
 __FBSDID("$FreeBSD$");
  
 #include <assert.h>
+#include <errno.h>
 #include <nsswitch.h>
 #include <ldap.h>
 #include <pwd.h>
@@ -41,8 +41,15 @@
 #include "ldapconf.h"
 #include "nss_ldap.h"
 
-//static int nss_ldap_parse_passwd(struct nss_ldap_parse_context *,
-//	struct nss_ldap_search_context *);
+static int nss_ldap_parse_passwd(struct nss_ldap_parse_context *);
+
+static int ldap_getpwnam_r(const char *, struct passwd *, char *, size_t, 
+	struct passwd **);
+static int ldap_getpwuid_r(uid_t, struct passwd *, char *, size_t, 
+	struct passwd **);
+static int ldap_getpwent_r(struct passwd *, char *, size_t, struct passwd **);
+static void ldap_setpwent();
+
 static int 
 nss_ldap_parse_passwd(struct nss_ldap_parse_context *pctx)
 {
@@ -128,6 +135,18 @@
 	buflen -= len;
 	buf += len;
 	
+	printf("==> %d %s\n", __LINE__, __FILE__);
+	rv = __nss_ldap_assign_attr_str(sctx,
+		_AT(schema, loginClass),
+		&pwd->pw_class, &len, buf, buflen);
+	if (rv != NSS_LDAP_SUCCESS)
+		rv = __nss_ldap_assign_str("", &pwd->pw_class, &len, buf,
+			buflen);
+	if (rv != NSS_LDAP_SUCCESS)
+		goto errfin;
+	buflen -= len;
+	buf += len;	
+	
 	printf("==> %d %s\n", __LINE__, __FILE__);	
 	rv = __nss_ldap_assign_attr_uid(sctx,
 		_AT(schema, uidNumber),
@@ -164,12 +183,12 @@
 	else
 		pwd->pw_expire = 0;
 	
-	rv = NS_SUCCESS;
+	rv = NSS_LDAP_SUCCESS;
 errfin:
 	return (rv);	
 }
 
-int 
+static int
 ldap_getpwnam_r(const char *name, struct passwd *pwd, 
 	char *buffer, size_t bufsize, struct passwd **result)
 {
@@ -194,7 +213,7 @@
 	return (rv);
 }
 
-int
+static int
 ldap_getpwuid_r(uid_t uid, struct passwd *pwd, 
 	char *buffer, size_t bufsize, struct passwd **result)
 {
@@ -219,7 +238,7 @@
 	return (rv);
 }
 
-int
+static int
 ldap_getpwent_r(struct passwd *pwd, char *buffer, size_t bufsize, 
 	struct passwd **result)
 {
@@ -240,7 +259,7 @@
 	return (rv);
 }
 
-void
+static void
 ldap_setpwent()
 {
 
@@ -251,11 +270,64 @@
 int 
 __ldap_setpwent(void *retval, void *mdata, va_list ap)
 {
+	
+	ldap_setpwent();
 	return (NS_UNAVAIL);
 }
 
 int 
 __ldap_passwd(void *retval, void *mdata, va_list ap)
 {
-	return (NS_UNAVAIL);
+	struct passwd *pwd, *result;
+	char *buffer;
+	size_t bufsize;
+	int *errnop;
+
+	char *name;
+	uid_t uid;
+	
+	int rv;
+	
+	assert(mdata != NULL);
+	
+	switch ((enum nss_lookup_type)mdata) {
+	case nss_lt_name:
+		name = va_arg(ap, char *);
+		break;
+	case nss_lt_id:
+		uid = va_arg(ap, uid_t);
+		break;
+	case nss_lt_all:
+		break;
+	default:
+		/* CONSIDERED UNREACHABLE */
+		return (NS_UNAVAIL);
+	}
+	
+	pwd = va_arg(ap, struct passwd *);
+	buffer = va_arg(ap, char *);
+	bufsize = va_arg(ap, size_t);
+	errnop = va_arg(ap, int *);
+	
+	switch ((enum nss_lookup_type)mdata) {
+	case nss_lt_name:
+		rv = ldap_getpwnam_r(name, pwd, buffer, bufsize, &result);
+		break;
+	case nss_lt_id:
+		rv = ldap_getpwuid_r(uid, pwd, buffer, bufsize, &result);
+		break;
+	case nss_lt_all:
+		rv = ldap_getpwent_r(pwd, buffer, bufsize, &result);
+		break;
+	default:
+		break;
+	}
+	
+	if ((rv == NS_SUCCESS) && (retval != NULL))
+		*(struct passwd **)retval = result;
+			
+	if ((rv != NS_SUCCESS) && (rv != NS_NOTFOUND))
+		*errnop = errno;
+			
+	return (rv);
 }

==== //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldap_passwd.h#7 (text+ko) ====

@@ -29,18 +29,6 @@
 #ifndef _LDAP_PASSWD_H_
 #define _LDAP_PASSWD_H_
 
-int 
-ldap_getpwnam_r(const char *name, struct passwd *pwd, 
-	char *buffer, size_t bufsize, struct passwd **result);
-int
-ldap_getpwuid_r(uid_t uid, struct passwd *pwd, 
-	char *buffer, size_t bufsize, struct passwd **result);
-int
-ldap_getpwent_r(struct passwd *pwd, char *buffer, size_t bufsize, 
-	struct passwd **result);
-void
-ldap_setpwent();
-
 extern int __ldap_setpwent(void *, void *, va_list);
 extern int __ldap_passwd(void *, void *, va_list);
 

==== //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldap_serv.c#3 (text+ko) ====

@@ -29,6 +29,7 @@
 __FBSDID("$FreeBSD$");
 
 #include <assert.h>
+#include <errno.h>
 #include <nsswitch.h>
 #include <ldap.h>
 #include <netdb.h>
@@ -56,6 +57,17 @@
 	size_t count;
 };
 
+static int nss_ldap_parse_servent(struct nss_ldap_parse_context *);
+static void nss_ldap_destroy_servent(struct nss_ldap_parse_context *);
+	
+static int ldap_getservbyname_r(const char *, const char *, struct servent *, 
+	char *, size_t, struct servent **);
+static int ldap_getservbyport_r(int, const char *, struct servent *, 
+	char *, size_t, struct servent **);
+static int ldap_getservent_r(struct servent *, char *, size_t, 
+	struct servent **);
+static void ldap_setservent();
+
 static int
 nss_ldap_parse_servent(struct nss_ldap_parse_context *pctx)
 {
@@ -175,11 +187,12 @@
 nss_ldap_destroy_servent(struct nss_ldap_parse_context *pctx)
 {
 	
+	printf("here - %s %d\n", __FILE__, __LINE__);
 	assert(pctx != NULL);
 	free(pctx->mdata_ext);
 }
 
-int 
+static int 
 ldap_getservbyname_r(const char *name, const char *proto, struct servent *serv, 
 	char *buffer, size_t bufsize, struct servent **result)
 {
@@ -215,7 +228,7 @@
 	return (rv);
 }
 
-int
+static int
 ldap_getservbyport_r(int port, const char *proto, struct servent *serv, 
 	char *buffer, size_t bufsize, struct servent **result)
 {
@@ -251,7 +264,7 @@
 	return (rv);
 }
 
-int
+static int
 ldap_getservent_r(struct servent *serv, char *buffer, size_t bufsize, 
 	struct servent **result)
 {
@@ -278,22 +291,77 @@
 	return (rv);
 }
 
-void
+static void
 ldap_setservent()
 {
 
 	__nss_ldap_setent(NSS_LDAP_MAP_SERVICES);	
 }
 
-
 int 
 __ldap_setservent(void *retval, void *mdata, va_list ap)
 {
+	
+	ldap_setservent();
 	return (NS_UNAVAIL);
 }
 
 int 
 __ldap_servent(void *retval, void *mdata, va_list ap)
 {
-	return (NS_UNAVAIL);
+	struct servent *serv, *result;
+	char *buffer;
+	size_t bufsize;
+	int *errnop;
+
+	char *name, *proto;
+	int port;
+	int rv;
+	
+	assert(mdata != NULL);
+	
+	switch ((enum nss_lookup_type)mdata) {
+	case nss_lt_name:
+		name = va_arg(ap, char *);
+		proto = va_arg(ap, char *);
+		break;
+	case nss_lt_id:
+		port = va_arg(ap, int);
+		proto = va_arg(ap, char *);
+		break;
+	case nss_lt_all:
+		break;
+	default:
+		/* CONSIDERED UNREACHABLE */
+		return (NS_UNAVAIL);
+	}
+	
+	serv = va_arg(ap, struct servent *);
+	buffer = va_arg(ap, char *);
+	bufsize = va_arg(ap, size_t);
+	errnop = va_arg(ap, int *);
+	
+	switch ((enum nss_lookup_type)mdata) {
+	case nss_lt_name:
+		rv = ldap_getservbyname_r(name, proto, serv, buffer, bufsize,
+			&result);
+		break;
+	case nss_lt_id:
+		rv = ldap_getservbyport_r(port, proto, serv, buffer, bufsize, 
+			&result);
+		break;
+	case nss_lt_all:
+		rv = ldap_getservent_r(serv, buffer, bufsize, &result);
+		break;
+	default:
+		break;
+	}
+	
+	if ((rv == NS_SUCCESS) && (retval != NULL))
+		*(struct servent **)retval = result;
+			
+	if ((rv != NS_SUCCESS) && (rv != NS_NOTFOUND))
+		*errnop = errno;
+			
+	return (rv);
 }

==== //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldap_serv.h#3 (text+ko) ====

@@ -29,18 +29,6 @@
 #ifndef _LDAP_SERV_H_
 #define _LDAP_SERV_H_
 
-int 
-ldap_getservbyname_r(const char *name, const char *proto, struct servent *serv, 
-	char *buffer, size_t bufsize, struct servent **result);
-int
-ldap_getservbyport_r(int port, const char *proto, struct servent *serv, 
-	char *buffer, size_t bufsize, struct servent **result);
-int
-ldap_getservent_r(struct servent *serv, char *buffer, size_t bufsize, 
-	struct servent **result);
-void
-ldap_setservent();
-
 extern int __ldap_setservent(void *, void *, va_list);
 extern int __ldap_servent(void *, void *, va_list);
 

==== //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldapconf.c#7 (text+ko) ====

@@ -64,27 +64,39 @@
 }
 
 static int
-get_number(const char *str, int low, int max)
+get_number(const char *str, int low, int max, int *res)
 {
-
 	char *end = NULL;
-	int res = 0;
 
 	if (str[0] == '\0')
 		return (-1);
 
-	res = strtol(str, &end, 10);
+	*res = strtol(str, &end, 10);
 	if (*end != '\0')
 		return (NSS_LDAP_PARSE_ERROR);
 	else
-		if (((res >= low) || (low == -1)) &&
-			((res <= max) || (max == -1)))
-			return (res);
+		if (((*res >= low) || (low == -1)) &&
+			((*res <= max) || (max == -1)))
+			return (NSS_LDAP_SUCCESS);
 		else
 			return (NSS_LDAP_PARSE_ERROR);
 }
 
 static int
+get_yesno(const char *str, int *value)
+{
+	if (strcmp(str, "yes") == 0) {
+		*value = NSS_LDAP_OPTION_YES;
+		return (NSS_LDAP_SUCCESS);		
+	} else if (strcmp(str, "no") == 0) {
+		*value = NSS_LDAP_OPTION_NO;
+		return (NSS_LDAP_SUCCESS);
+	}
+	
+	return (NSS_LDAP_PARSE_ERROR);
+}
+
+static int
 set_base_map(struct nss_ldap_configuration *conf,
 	char const *left_arg, char const *right_arg)
 {
@@ -137,23 +149,31 @@
 	assert(conf != NULL);
 	memset(conf, 0, sizeof(struct nss_ldap_configuration));
 	
-	conf->host = strdup("ident2.r61.net ident1.r61.net");
-	assert(conf->host != NULL);
-	
 	conf->port = LDAP_PORT;	
 	conf->proto_version = NSS_LDAP_PROTO_VERSION_3;
 	conf->ssl_mode = NSS_LDAP_SSL_OFF;//NSS_LDAP_SSL_START_TLS;
+	conf->search_limit = 0;
+	conf->bind_timelimit = 30;
+	conf->idle_timelimit = 0;
+	conf->search_timelimit = 0;
+	conf->reconnect_sleeptime = 4;
+	conf->max_reconnect_sleeptime = 64;
+	conf->max_conntries = 5;
+	conf->max_reconnect_conntries = 2;
+	conf->deref = NSS_LDAP_DEREF_NEVER;
+	conf->scope = NSS_LDAP_SCOPE_SUB;
+	conf->bind_policy = NSS_LDAP_BIND_POLICY_HARD_OPEN;
+	conf->connect_policy = NSS_LDAP_CONNECT_POLICY_PERSIST_PERTHREAD;
+	conf->restart = 0;
+	conf->debug = 0;
 	
-	conf->bind_dn = strdup(
-		"uid=nssproxy,ou=Users,ou=LDAPAccess,ou=Domains,dc=r61,dc=net");
+	conf->root_bind_dn = conf->bind_dn = strdup("");
 	assert(conf->bind_dn != NULL);
-	
-	conf->root_bind_dn = strdup(conf->bind_dn);
-	assert(conf->root_bind_dn != NULL);
-	
-	conf->bind_pw = strdup("[passwd]");
+	conf->root_bind_pw = conf->bind_pw = strdup("");
 	assert(conf->bind_pw != NULL);
-	
+	conf->root_sasl_authid = conf->sasl_authid = strdup("");
+	assert(conf->sasl_authid != NULL);
+
 	//__nss_ldap_init_start_tls_simple_auth_method(&conf->connection_method);
 	__nss_ldap_init_simple_auth_method(&conf->connection_method);
 	__nss_ldap_init_default_search_method(&conf->search_method);	
@@ -166,9 +186,9 @@
 {
 	FILE	*fin;
 	char	buffer[1024];
-	char	*fields[16];
+	char	*fields[16], *str;
 	int	field_count, line_num, value;
-	int	i, res;
+	int	i, res, rv;
 
 	assert(conf != NULL);
 	assert(fname != NULL);
@@ -195,18 +215,6 @@
 		case '\0':
 			printf("== %s, %d ==\n", __FILE__, __LINE__);
 			continue;
-		case 'h':
-			printf("== %s, %d ==\n", __FILE__, __LINE__);
-			if (strcmp(fields[0], "host") == 0) {
-			    /* TODO: add support for multiple hosts */
-			    if (field_count >= 2) {
-				free(conf->host);
-				conf->host = strdup(fields[1]);
-				assert(conf->host != NULL);
-				continue;
-			    }
-			}
-			break;
 		case 'b':
 			printf("== %s, %d ==\n", __FILE__, __LINE__);
 			if (strcmp(fields[0], "base") == 0) {
@@ -230,8 +238,100 @@
 				assert(conf->bind_pw != NULL);
 				continue;
 			    }
+			} else if (strcmp(fields[0], "bind_timelimit") == 0) {
+			    if ((field_count == 2)  && 
+				(get_number(fields[1], 0, -1, &value) == 
+			    	    NSS_LDAP_SUCCESS)) {
+				conf->bind_timelimit = value;
+				continue;
+			    }
+			} else if (strcmp(fields[0], "bind_policy") == 0) {
+			    if (field_count == 2) {
+				if (strcmp(fields[1], "hard_open") == 0) {
+				    conf->bind_policy = 
+					NSS_LDAP_BIND_POLICY_HARD_OPEN;
+				    continue;
+				} else if (strcmp(fields[1], "hard_init") == 0) {
+				    conf->bind_policy =
+					NSS_LDAP_BIND_POLICY_HARD_INIT;
+				    continue;
+				} else if (strcmp(fields[1], "soft") == 0) {
+				    conf->bind_policy =
+					NSS_LDAP_BIND_POLICY_SOFT;
+				    continue;
+				}
+			    }
 			}
 			break;
+		case 'd':
+			if (strcmp(fields[0], "deref") == 0) {
+			    if (field_count == 2) {
+				if (strcmp(fields[1], "never") == 0) {
+				    conf->deref = NSS_LDAP_DEREF_NEVER;
+				    continue;
+				} else if (strcmp(fields[1], 
+				    "searching") == 0) {
+				    conf->deref = NSS_LDAP_DEREF_SEARCHING;
+				    continue;
+				} else if (strcmp(fields[1], "finding") == 0) {
+				    conf->deref = NSS_LDAP_DEREF_FINDING;
+				    continue;
+				} else if (strcmp(fields[1], "always") == 0) {
+				    conf->deref = NSS_LDAP_DEREF_ALWAYS;
+				    continue;
+				}
+			    }
+			} else if (strcmp(fields[0], "debug") == 0) {
+			    if ((field_count == 2)  && 
+				(get_number(fields[1], 0, -1, &value) == 
+			    	    NSS_LDAP_SUCCESS)) {
+				conf->debug = value;
+				continue;
+			    }
+			}
+			break;
+		case 'h':
+			printf("== %s, %d ==\n", __FILE__, __LINE__);
+			if (strcmp(fields[0], "host") == 0) {
+			    if (field_count >= 2) {
+				if (conf->hosts != NULL)
+					sl_free(conf->hosts, 1);
+
+				conf->hosts = sl_init();
+				assert(conf->hosts != NULL);
+				
+				for (i = 1; i < field_count; ++i) {
+					str = strdup(fields[i]);
+					assert(str != NULL);
+					rv = sl_add(conf->hosts, str);
+					if (rv != 0) {
+						/* TODO: write to logs */
+					}
+				}
+				continue;
+			    }
+			}
+			break;
+		case 'i':
+			if (strcmp(fields[0], "idle_timelimit") == 0) {
+			    if ((field_count == 2)  && 
+				(get_number(fields[1], 0, -1, &value) == 
+			    	    NSS_LDAP_SUCCESS)) {
+				conf->idle_timelimit = value;
+				continue;
+			    }			    
+			}
+			break;
+		case 'k':
+			if (strcmp(fields[0], "krb5_ccname") == 0) {
+			    if (field_count == 2) {
+				free(conf->krb5_ccname);
+				conf->krb5_ccname = strdup(fields[1]);
+				assert(conf->krb5_ccname != NULL);
+				continue;
+			    }
+			}
+			break;
 		case 'l':
 			printf("== %s, %d ==\n", __FILE__, __LINE__);
 			/* NOTE: we'd probably better use 
@@ -239,11 +339,18 @@
 			 * NSS_LDAP_PROTO_VERSION_3 constants here */
 			if (strcmp(fields[0], "ldap-version") == 0) {
 			    if ((field_count == 2) && 
-				(value = get_number(fields[1], 2, 3) == 
+				(get_number(fields[1], 2, 3, &value) == 
 			    	    NSS_LDAP_SUCCESS)) {
 				conf->proto_version = value;
 			    	continue;
 			    }
+			} else if (strcmp(fields[0], "logdir") == 0) {
+			    if (field_count == 2) {
+				free(conf->logdir);
+				conf->logdir = strdup(fields[1]);
+				assert(conf->logdir);
+				continue;
+			    }
 			}
 			break;
 		case 'n':
@@ -282,13 +389,30 @@
 			    	    fields[1],
 			    	    fields[2]) == NSS_LDAP_SUCCESS))
 			    	continue;				
+			} else if (strcmp(fields[0], "nss_connect_policy") == 0) {
+			    if (field_count == 2) {
+				if ((strcmp(fields[1], "persist") == 0) ||
+				    (strcmp(fields[1], "persist_per_thread") == 0)) {
+				    conf->connect_policy = 
+					NSS_LDAP_CONNECT_POLICY_PERSIST_PERTHREAD;
+				    continue;
+				} else if (strcmp(fields[1], "persist_per_process") == 0) {
+				    conf->connect_policy =
+					NSS_LDAP_CONNECT_POLICY_PERSIST_PERPROCESS;
+				    continue;
+				} else if (strcmp(fields[1], "oneshot") == 0) {
+				    conf->connect_policy = 
+					NSS_LDAP_CONNECT_POLICY_ONESHOT;
+				    continue;
+				}
+			    }
 			}
 			break;
 		case 'p':
 			printf("== %s, %d ==\n", __FILE__, __LINE__);
 			if (strcmp(fields[0], "port") == 0) {
 			    if ((field_count == 2) && 
-				(value = get_number(fields[1], 0, -1) == 
+				(get_number(fields[1], 0, -1, &value) == 
 			    	    NSS_LDAP_SUCCESS)) {
 				conf->port = value;
 			    	continue;
@@ -304,11 +428,53 @@
 			        assert(conf->root_bind_dn != NULL);
 				continue;
 			    }
-		    	}
+		    	} else if (strcmp(fields[0], "rootbindpw") == 0) {
+			    if (field_count == 2) {
+			        free(conf->root_bind_pw);
+			        conf->root_bind_pw = strdup(fields[1]);
+			        assert(conf->root_bind_pw != NULL);
+				continue;
+			    }
+			} else if (strcmp(fields[0], "restart") == 0) {
+			    if ((field_count == 2) && 
+				    (get_yesno(fields[2], &value) == 
+			    	    NSS_LDAP_SUCCESS))
+				conf->restart = value;
+			} else if (strcmp(fields[0], "referrals") == 0) {
+			    if ((field_count == 2) && 
+				    (get_yesno(fields[2], &value) == 
+			    	    NSS_LDAP_SUCCESS))
+				conf->referrals = value;
+			} else if (strcmp(fields[0], "rootuse_sasl") == 0) {
+			    if ((field_count == 2) && 
+				    (get_yesno(fields[2], &value) == 
+			    	    NSS_LDAP_SUCCESS))
+				conf->root_use_sasl = value;
+			} else if (strcmp(fields[0], "rootsasl_auth_id") == 0) {
+			    if (field_count == 2) {
+				free(conf->root_sasl_authid);
+				conf->root_sasl_authid = strdup(fields[1]);
+				assert(conf->root_sasl_authid != NULL);
+				continue;
+			    }
+			}
 			break;
 		case 's':
 			printf("== %s, %d ==\n", __FILE__, __LINE__);
-			if (strcmp(fields[0], "ssl") == 0) {
+			if (strcmp(fields[0], "scope") == 0) {
+			    if (field_count == 2) {
+				if (strcmp(fields[1], "sub") == 0) {
+				    conf->scope = NSS_LDAP_SCOPE_SUB;
+				    continue;

>>> TRUNCATED FOR MAIL (1000 lines) <<<