b44adf4bc11e48559f9dbe0b07e6e4a05de81b6e
[asterisk/asterisk.git] / res / res_config_ldap.c
1 /*
2  * Asterisk -- An open source telephony toolkit.
3  *
4  * Copyright (C) 2005, Oxymium sarl
5  * Manuel Guesdon <mguesdon@oxymium.net> - LDAP RealTime Driver Author/Adaptor
6  *
7  * Copyright (C) 2007, Digium, Inc.
8  * Russell Bryant <russell@digium.com>
9  *
10  * See http://www.asterisk.org for more information about
11  * the Asterisk project. Please do not directly contact
12  * any of the maintainers of this project for assistance;
13  * the project provides a web site, mailing lists and IRC
14  * channels for your use.
15  *
16  * This program is free software, distributed under the terms of
17  * the GNU General Public License Version 2. See the LICENSE file
18  * at the top of the source tree.
19  *
20  */
21
22 /*! \file
23  *
24  * \brief LDAP plugin for portable configuration engine (ARA)
25  *
26  * \author Mark Spencer <markster@digium.com>
27  * \author Manuel Guesdon
28  * \author Carl-Einar Thorner <cthorner@voicerd.com>
29  * \author Russell Bryant <russell@digium.com>
30  *
31  * OpenLDAP http://www.openldap.org
32  */
33
34 /*! \li \ref res_config_ldap.c uses the configuration file \ref res_ldap.conf
35  * \addtogroup configuration_file Configuration Files
36  */
37
38 /*! 
39  * \page res_ldap.conf res_ldap.conf
40  * \verbinclude res_ldap.conf.sample
41  */
42
43 /*** MODULEINFO
44         <depend>ldap</depend>
45         <support_level>extended</support_level>
46  ***/
47
48 #include "asterisk.h"
49
50 #include <stdlib.h>
51 #include <string.h>
52 #include <ctype.h>
53 #include <stdio.h>
54 #include <ldap.h>
55
56 ASTERISK_FILE_VERSION(__FILE__, "$Revision$")
57
58 #include "asterisk/channel.h"
59 #include "asterisk/logger.h"
60 #include "asterisk/config.h"
61 #include "asterisk/module.h"
62 #include "asterisk/lock.h"
63 #include "asterisk/options.h"
64 #include "asterisk/cli.h"
65 #include "asterisk/utils.h"
66 #include "asterisk/strings.h"
67 #include "asterisk/pbx.h"
68 #include "asterisk/linkedlists.h"
69
70 #define RES_CONFIG_LDAP_CONF "res_ldap.conf"
71 #define RES_CONFIG_LDAP_DEFAULT_BASEDN "asterisk"
72
73 AST_MUTEX_DEFINE_STATIC(ldap_lock);
74
75 static LDAP *ldapConn;
76 static char url[512];
77 static char user[512];
78 static char pass[512];
79 static char base_distinguished_name[512];
80 static int version;
81 static time_t connect_time;
82
83 static int parse_config(void);
84 static int ldap_reconnect(void);
85 static char *realtime_ldap_status(struct ast_cli_entry *e, int cmd, struct ast_cli_args *a);
86
87 struct category_and_metric {
88         const char *name;
89         int metric;
90         const char *variable_name;
91         const char *variable_value;
92         int var_metric; /*!< For organizing variables (particularly includes and switch statments) within a context */
93 };
94
95 /*! \brief Table configuration 
96  */
97 struct ldap_table_config {
98         char *table_name;                /*!< table name */
99         char *additional_filter;          /*!< additional filter        */
100         struct ast_variable *attributes;  /*!< attribute names conversion */
101         struct ast_variable *delimiters;  /*!< the current delimiter is semicolon, so we are not using this variable */
102         AST_LIST_ENTRY(ldap_table_config) entry;
103         /* TODO: Make proxies work */
104 };
105
106 /*! \brief Should be locked before using it 
107  */
108 static AST_LIST_HEAD_NOLOCK_STATIC(table_configs, ldap_table_config);
109 static struct ldap_table_config *base_table_config;
110 static struct ldap_table_config *static_table_config;
111
112 static struct ast_cli_entry ldap_cli[] = {
113         AST_CLI_DEFINE(realtime_ldap_status, "Shows connection information for the LDAP RealTime driver"),
114 };
115
116 /*! \brief Create a new table_config
117  */
118 static struct ldap_table_config *table_config_new(const char *table_name)
119 {
120         struct ldap_table_config *p;
121
122         if (!(p = ast_calloc(1, sizeof(*p))))
123                 return NULL;
124
125         if (table_name) {
126                 if (!(p->table_name = ast_strdup(table_name))) {
127                         free(p);
128                         return NULL;
129                 }
130         }
131
132         return p;
133 }
134
135 /*! \brief Find a table_config
136  *
137  * Should be locked before using it 
138  *
139  *  \note This function assumes ldap_lock to be locked.
140  */
141 static struct ldap_table_config *table_config_for_table_name(const char *table_name)
142 {
143         struct ldap_table_config *c = NULL;
144
145         AST_LIST_TRAVERSE(&table_configs, c, entry) {
146                 if (!strcmp(c->table_name, table_name))
147                         break;
148         }
149
150         return c;
151 }
152
153 /*! \brief Find variable by name
154  */
155 static struct ast_variable *variable_named(struct ast_variable *var, const char *name)
156 {
157         for (; var; var = var->next) {
158                 if (!strcasecmp(name, var->name))
159                         break;
160         }
161
162         return var;
163 }
164
165 /*! \brief Count  semicolons in string
166  * \param somestr - pointer to a string
167  *
168  * \return number of occurances of the delimiter(semicolon)
169  */
170 static int semicolon_count_str(const char *somestr)
171 {
172         int count = 0;
173
174         for (; *somestr; somestr++) {
175                 if (*somestr == ';')
176                         count++;
177         }
178
179         return count;
180 }
181
182 /* \brief Count semicolons in variables
183  *  
184  * takes a linked list of \a ast_variable variables, finds the one with the name variable_value
185  * and returns the number of semicolons in the value for that \a ast_variable
186  */
187 static int semicolon_count_var(struct ast_variable *var)
188 {
189         struct ast_variable *var_value = variable_named(var, "variable_value");
190
191         if (!var_value) {
192                 return 0;
193         }
194
195         ast_debug(2, "LINE(%d) semicolon_count_var: %s\n", __LINE__, var_value->value);
196
197         return semicolon_count_str(var_value->value);
198 }
199
200 /*! \brief add attribute to table config
201  *
202  * Should be locked before using it
203  */
204 static void ldap_table_config_add_attribute(struct ldap_table_config *table_config,
205         const char *attribute_name, const char *attribute_value)
206 {
207         struct ast_variable *var;
208
209         if (ast_strlen_zero(attribute_name) || ast_strlen_zero(attribute_value)) {
210                 return;
211         }
212
213         if (!(var = ast_variable_new(attribute_name, attribute_value, table_config->table_name))) {
214                 return;
215         }
216
217         if (table_config->attributes) {
218                 var->next = table_config->attributes;
219         }
220         table_config->attributes = var;
221 }
222
223 /*! \brief Free table_config
224  *
225  * \note assumes ldap_lock to be locked
226  */
227 static void table_configs_free(void)
228 {
229         struct ldap_table_config *c;
230
231         while ((c = AST_LIST_REMOVE_HEAD(&table_configs, entry))) {
232                 if (c->table_name) {
233                         ast_free(c->table_name);
234                 }
235                 if (c->additional_filter) {
236                         ast_free(c->additional_filter);
237                 }
238                 if (c->attributes) {
239                         ast_variables_destroy(c->attributes);
240                 }
241                 free(c);
242         }
243
244         base_table_config = NULL;
245         static_table_config = NULL;
246 }
247
248 /*! \brief Convert variable name to ldap attribute name
249  *
250  * \note Should be locked before using it
251  */
252 static const char *convert_attribute_name_to_ldap(struct ldap_table_config *table_config,
253         const char *attribute_name)
254 {
255         int i = 0;
256         struct ldap_table_config *configs[] = { table_config, base_table_config };
257
258         for (i = 0; i < ARRAY_LEN(configs); i++) {
259                 struct ast_variable *attribute;
260
261                 if (!configs[i]) {
262                         continue;
263                 }
264
265                 attribute = configs[i]->attributes;
266                 for (; attribute; attribute = attribute->next) {
267                         if (!strcasecmp(attribute_name, attribute->name)) {
268                                 return attribute->value;
269                         }
270                 }
271         }
272
273         return attribute_name;
274 }
275
276 /*! \brief Convert ldap attribute name to variable name 
277  *
278  * \note Should be locked before using it
279  */
280 static const char *convert_attribute_name_from_ldap(struct ldap_table_config *table_config,
281                                                     const char *attribute_name)
282 {
283         int i = 0;
284         struct ldap_table_config *configs[] = { table_config, base_table_config };
285
286         for (i = 0; i < ARRAY_LEN(configs); i++) {
287                 struct ast_variable *attribute;
288
289                 if (!configs[i]) {
290                         continue;
291                 }
292
293                 attribute = configs[i]->attributes;
294                 for (; attribute; attribute = attribute->next) {
295                         if (strcasecmp(attribute_name, attribute->value) == 0) {
296                                 return attribute->name;
297                         }
298                 }
299         }
300
301         return attribute_name;
302 }
303
304 /*! \brief Get variables from ldap entry attributes 
305  * \note Should be locked before using it
306  * \return a linked list of ast_variable variables.
307  */
308 static struct ast_variable *realtime_ldap_entry_to_var(struct ldap_table_config *table_config,
309         LDAPMessage *ldap_entry)
310 {
311         BerElement *ber = NULL;
312         struct ast_variable *var = NULL;
313         struct ast_variable *prev = NULL;
314         int is_delimited = 0;
315         int i = 0;
316         char *ldap_attribute_name;
317         struct berval *value;
318         int pos = 0;
319
320         ldap_attribute_name = ldap_first_attribute(ldapConn, ldap_entry, &ber);
321
322         while (ldap_attribute_name) {
323                 struct berval **values = NULL;
324                 const char *attribute_name = convert_attribute_name_from_ldap(table_config, ldap_attribute_name);
325                 int is_realmed_password_attribute = strcasecmp(attribute_name, "md5secret") == 0;
326
327                 values = ldap_get_values_len(ldapConn, ldap_entry, ldap_attribute_name); /* these are freed at the end */
328                 if (values) {
329                         struct berval **v;
330                         char *valptr;
331
332                         for (v = values; *v; v++) {
333                                 value = *v;
334                                 valptr = value->bv_val;
335                                 ast_debug(2, "LINE(%d) attribute_name: %s LDAP value: %s\n", __LINE__, attribute_name, valptr);
336                                 if (is_realmed_password_attribute) {
337                                         if (!strncasecmp(valptr, "{md5}", 5)) {
338                                                 valptr += 5;
339                                         }
340                                         ast_debug(2, "md5: %s\n", valptr);
341                                 }
342                                 if (valptr) {
343                                         /* ok, so looping through all delimited values except the last one (not, last character is not delimited...) */
344                                         if (is_delimited) {
345                                                 i = 0;
346                                                 pos = 0;
347                                                 while (!ast_strlen_zero(valptr + i)) {
348                                                         if (valptr[i] == ';') {
349                                                                 valptr[i] = '\0';
350                                                                 if (prev) {
351                                                                         prev->next = ast_variable_new(attribute_name, &valptr[pos], table_config->table_name);
352                                                                         if (prev->next) {
353                                                                                 prev = prev->next;
354                                                                         }
355                                                                 } else {
356                                                                         prev = var = ast_variable_new(attribute_name, &valptr[pos], table_config->table_name);
357                                                                 }
358                                                                 pos = i + 1;
359                                                         }
360                                                         i++;
361                                                 }
362                                         }
363                                         /* for the last delimited value or if the value is not delimited: */
364                                         if (prev) {
365                                                 prev->next = ast_variable_new(attribute_name, &valptr[pos], table_config->table_name);
366                                                 if (prev->next) {
367                                                         prev = prev->next;
368                                                 }
369                                         } else {
370                                                 prev = var = ast_variable_new(attribute_name, &valptr[pos], table_config->table_name);
371                                         }
372                                 }
373                         }
374                         ldap_value_free_len(values);
375                 }
376                 ldap_memfree(ldap_attribute_name);
377                 ldap_attribute_name = ldap_next_attribute(ldapConn, ldap_entry, ber);
378         }
379         ber_free(ber, 0);
380
381         return var;
382 }
383
384 /*! \brief Get variables from ldap entry attributes - Should be locked before using it
385  *
386  * The results are freed outside this function so is the \a vars array.
387  *      
388  * \return \a vars - an array of ast_variable variables terminated with a null.
389  */
390 static struct ast_variable **realtime_ldap_result_to_vars(struct ldap_table_config *table_config,
391         LDAPMessage *ldap_result_msg, unsigned int *entries_count_ptr)
392 {
393         struct ast_variable **vars;
394         int i = 0;
395         int tot_count = 0;
396         int entry_index = 0;
397         LDAPMessage *ldap_entry = NULL;
398         BerElement *ber = NULL;
399         struct ast_variable *var = NULL;
400         struct ast_variable *prev = NULL;
401         int is_delimited = 0;
402         char *delim_value = NULL;
403         int delim_tot_count = 0;
404         int delim_count = 0;
405
406         /* \breif First find the total count
407          */
408         ldap_entry = ldap_first_entry(ldapConn, ldap_result_msg);
409
410         for (tot_count = 0; ldap_entry; tot_count++) { 
411                 struct ast_variable *tmp = realtime_ldap_entry_to_var(table_config, ldap_entry);
412                 tot_count += semicolon_count_var(tmp);
413                 ldap_entry = ldap_next_entry(ldapConn, ldap_entry);
414                 ast_variables_destroy(tmp);
415         }
416
417         if (entries_count_ptr) {
418                 *entries_count_ptr = tot_count;
419         }
420
421         /*! \note Now that we have the total count we allocate space and create the variables
422          * Remember that each element in vars is a linked list that points to realtime variable.
423          * If the we are dealing with a static realtime variable we create a new element in the \a vars array for each delimited
424          * value in \a variable_value; otherwise, we keep \a vars static and increase the length of the linked list of variables in the array element.
425          * This memory must be freed outside of this function.
426          */
427         vars = ast_calloc(sizeof(struct ast_variable *), tot_count + 1);
428
429         ldap_entry = ldap_first_entry(ldapConn, ldap_result_msg);
430
431         i = 0;
432
433         /* \brief For each static realtime variable we may create several entries in the \a vars array if it's delimited
434          */
435         for (entry_index = 0; ldap_entry; ) {
436                 int pos = 0;
437                 delim_value = NULL;
438                 delim_tot_count = 0;
439                 delim_count = 0;
440
441                 do { /* while delim_count */
442
443                         /* Starting new static var */
444                         char *ldap_attribute_name = ldap_first_attribute(ldapConn, ldap_entry, &ber);
445                         struct berval *value;
446                         while (ldap_attribute_name) {
447                                 const char *attribute_name = convert_attribute_name_from_ldap(table_config, ldap_attribute_name);
448                                 int is_realmed_password_attribute = strcasecmp(attribute_name, "md5secret") == 0;
449                                 struct berval **values = NULL;
450
451                                 values = ldap_get_values_len(ldapConn, ldap_entry, ldap_attribute_name);
452                                 if (values) {
453                                         struct berval **v;
454                                         char *valptr;
455
456                                         for (v = values; *v; v++) {
457                                                 value = *v;
458                                                 valptr = value->bv_val;
459                                                 if (is_realmed_password_attribute) {
460                                                         if (strncasecmp(valptr, "{md5}", 5) == 0) {
461                                                                 valptr += 5;
462                                                         }
463                                                         ast_debug(2, "md5: %s\n", valptr);
464                                                 }
465                                                 if (valptr) {
466                                                         if (delim_value == NULL && !is_realmed_password_attribute
467                                                                 && (static_table_config != table_config || strcmp(attribute_name, "variable_value") == 0)) {
468
469                                                                 delim_value = ast_strdup(valptr);
470
471                                                                 if ((delim_tot_count = semicolon_count_str(delim_value)) > 0) {
472                                                                         ast_debug(4, "LINE(%d) is delimited %d times: %s\n", __LINE__, delim_tot_count, delim_value);
473                                                                         is_delimited = 1;
474                                                                 }
475                                                         }
476
477                                                         if (is_delimited != 0 && !is_realmed_password_attribute
478                                                                 && (static_table_config != table_config || strcmp(attribute_name, "variable_value") == 0) ) {
479                                                                 /* for non-Static RealTime, first */
480
481                                                                 for (i = pos; !ast_strlen_zero(valptr + i); i++) {
482                                                                         ast_debug(4, "LINE(%d) DELIM pos: %d i: %d\n", __LINE__, pos, i);
483                                                                         if (delim_value[i] == ';') {
484                                                                                 delim_value[i] = '\0';
485
486                                                                                 ast_debug(2, "LINE(%d) DELIM - attribute_name: %s value: %s pos: %d\n", __LINE__, attribute_name, &delim_value[pos], pos);
487
488                                                                                 if (prev) {
489                                                                                         prev->next = ast_variable_new(attribute_name, &delim_value[pos], table_config->table_name);
490                                                                                         if (prev->next) {
491                                                                                                 prev = prev->next;
492                                                                                         }
493                                                                                 } else {
494                                                                                         prev = var = ast_variable_new(attribute_name, &delim_value[pos], table_config->table_name);
495                                                                                 }
496                                                                                 pos = i + 1;
497
498                                                                                 if (static_table_config == table_config) {
499                                                                                         break;
500                                                                                 }
501                                                                         }
502                                                                 }
503                                                                 if (ast_strlen_zero(valptr + i)) {
504                                                                         ast_debug(4, "LINE(%d) DELIM pos: %d i: %d delim_count: %d\n", __LINE__, pos, i, delim_count);
505                                                                         /* Last delimited value */
506                                                                         ast_debug(4, "LINE(%d) DELIM - attribute_name: %s value: %s pos: %d\n", __LINE__, attribute_name, &delim_value[pos], pos);
507                                                                         if (prev) {
508                                                                                 prev->next = ast_variable_new(attribute_name, &delim_value[pos], table_config->table_name);
509                                                                                 if (prev->next) {
510                                                                                         prev = prev->next;
511                                                                                 }
512                                                                         } else {
513                                                                                 prev = var = ast_variable_new(attribute_name, &delim_value[pos], table_config->table_name);
514                                                                         }
515                                                                         /* Remembering to free memory */
516                                                                         is_delimited = 0;
517                                                                         pos = 0;
518                                                                 }
519                                                                 free(delim_value);
520                                                                 delim_value = NULL;
521
522                                                                 ast_debug(4, "LINE(%d) DELIM pos: %d i: %d\n", __LINE__, pos, i);
523                                                         } else {
524                                                                 /* not delimited */
525                                                                 if (delim_value) {
526                                                                         free(delim_value);
527                                                                         delim_value = NULL;
528                                                                 }
529                                                                 ast_debug(2, "LINE(%d) attribute_name: %s value: %s\n", __LINE__, attribute_name, valptr);
530
531                                                                 if (prev) {
532                                                                         prev->next = ast_variable_new(attribute_name, valptr, table_config->table_name);
533                                                                         if (prev->next) {
534                                                                                 prev = prev->next;
535                                                                         }
536                                                                 } else {
537                                                                         prev = var = ast_variable_new(attribute_name, valptr, table_config->table_name);
538                                                                 }
539                                                         }
540                                                 }
541                                         } /*!< for (v = values; *v; v++) */
542                                         ldap_value_free_len(values);
543                                 }/*!< if (values) */
544                                 ldap_memfree(ldap_attribute_name);
545                                 ldap_attribute_name = ldap_next_attribute(ldapConn, ldap_entry, ber);
546                         } /*!< while (ldap_attribute_name) */
547                         ber_free(ber, 0);
548                         if (static_table_config == table_config) {
549                                 if (option_debug > 2) {
550                                         const struct ast_variable *tmpdebug = variable_named(var, "variable_name");
551                                         const struct ast_variable *tmpdebug2 = variable_named(var, "variable_value");
552                                         if (tmpdebug && tmpdebug2) {
553                                                 ast_debug(3, "LINE(%d) Added to vars - %s = %s\n", __LINE__, tmpdebug->value, tmpdebug2->value);
554                                         }
555                                 }
556                                 vars[entry_index++] = var;
557                                 prev = NULL;
558                         }
559
560                         delim_count++;
561                 } while (delim_count <= delim_tot_count && static_table_config == table_config);
562
563                 if (static_table_config != table_config) {
564                         ast_debug(3, "LINE(%d) Added to vars - non static\n", __LINE__);
565
566                         vars[entry_index++] = var;
567                         prev = NULL;
568                 }
569                 ldap_entry = ldap_next_entry(ldapConn, ldap_entry);
570         } /*!< end for loop over ldap_entry */
571
572         return vars;
573 }
574
575
576 /*! \brief Check if we have a connection error
577  */
578 static int is_ldap_connect_error(int err)
579 {
580         return (err == LDAP_SERVER_DOWN || err == LDAP_TIMEOUT || err == LDAP_CONNECT_ERROR);
581 }
582
583 /*! \brief Get LDAP entry by dn and return attributes as variables
584  *
585  * Should be locked before using it 
586  *
587  * This is used for setting the default values of an object
588  * i.e., with accountBaseDN
589 */
590 static struct ast_variable *ldap_loadentry(struct ldap_table_config *table_config,
591                                            const char *dn)
592 {
593         if (!table_config) {
594                 ast_log(LOG_ERROR, "No table config\n");
595                 return NULL;
596         } else {
597                 struct ast_variable **vars = NULL;
598                 struct ast_variable *var = NULL;
599                 int result = -1;
600                 LDAPMessage *ldap_result_msg = NULL;
601                 int tries = 0;
602
603                 ast_debug(2, "ldap_loadentry dn=%s\n", dn);
604
605                 do {
606                         result = ldap_search_ext_s(ldapConn, dn, LDAP_SCOPE_BASE,
607                                            "(objectclass=*)", NULL, 0, NULL, NULL, NULL, LDAP_NO_LIMIT, &ldap_result_msg);
608                         if (result != LDAP_SUCCESS && is_ldap_connect_error(result)) {
609                                 ast_log(LOG_WARNING, "Failed to query directory. Try %d/3\n", tries + 1);
610                                 tries++;
611                                 if (tries < 3) {
612                                         usleep(500000L * tries);
613                                         if (ldapConn) {
614                                                 ldap_unbind_ext_s(ldapConn, NULL, NULL);
615                                                 ldapConn = NULL;
616                                         }
617                                         if (!ldap_reconnect()) {
618                                                 break;
619                                         }
620                                 }
621                         }
622                 } while (result != LDAP_SUCCESS && tries < 3 && is_ldap_connect_error(result));
623
624                 if (result != LDAP_SUCCESS) {
625                         ast_log(LOG_WARNING, "Failed to query directory. Error: %s.\n", ldap_err2string(result));
626                         ast_debug(2, "dn=%s\n", dn);
627                         ast_mutex_unlock(&ldap_lock);
628                         return NULL;
629                 } else {
630                         int num_entry = 0;
631                         unsigned int *entries_count_ptr = NULL; /*!< not using this */
632
633                         if ((num_entry = ldap_count_entries(ldapConn, ldap_result_msg)) > 0) {
634                                 ast_debug(3, "num_entry: %d\n", num_entry);
635
636                                 vars = realtime_ldap_result_to_vars(table_config, ldap_result_msg, entries_count_ptr);
637                                 if (num_entry > 1) {
638                                         ast_log(LOG_NOTICE, "More than one entry for dn=%s. Take only 1st one\n", dn);
639                                 }
640                         } else {
641                                 ast_debug(2, "Could not find any entry dn=%s.\n", dn);
642                         }
643                 }
644                 ldap_msgfree(ldap_result_msg);
645
646                 /* Chopping \a vars down to one variable */
647                 if (vars != NULL) {
648                         struct ast_variable **p = vars;
649
650                         /* Only take the first one. */
651                         var = *vars;
652
653                         /* Destroy the rest. */
654                         while (*++p) {
655                                 ast_variables_destroy(*p);
656                         }
657                         ast_free(vars);
658                 }
659
660                 return var;
661         }
662 }
663
664 /*! \note caller should free returned pointer
665  */
666 static char *substituted(struct ast_channel *channel, const char *string)
667 {
668 #define MAXRESULT       2048
669         char *ret_string = NULL;
670
671         if (!ast_strlen_zero(string)) {
672                 ret_string = ast_calloc(1, MAXRESULT);
673                 pbx_substitute_variables_helper(channel, string, ret_string, MAXRESULT - 1);
674         }
675         ast_debug(2, "substituted: string: '%s' => '%s' \n", string, ret_string);
676         return ret_string;
677 }
678
679 /*! \note caller should free returned pointer
680  */
681 static char *cleaned_basedn(struct ast_channel *channel, const char *basedn)
682 {
683         char *cbasedn = NULL;
684         if (basedn) {
685                 char *p = NULL;
686                 cbasedn = substituted(channel, basedn);
687                 if (*cbasedn == '"') {
688                         cbasedn++;
689                         if (!ast_strlen_zero(cbasedn)) {
690                                 int len = strlen(cbasedn);
691                                 if (cbasedn[len - 1] == '"')
692                                         cbasedn[len - 1] = '\0';
693
694                         }
695                 }
696                 p = cbasedn;
697                 while (*p) {
698                         if (*p == '|')
699                                 *p = ',';
700                         p++;
701                 }
702         }
703         ast_debug(2, "basedn: '%s' => '%s' \n", basedn, cbasedn);
704         return cbasedn;
705 }
706
707 /*! \brief Replace \<search\> by \<by\> in string. 
708  * \note No check is done on string allocated size !
709  */
710 static int replace_string_in_string(char *string, const char *search, const char *by)
711 {
712         int search_len = strlen(search);
713         int by_len = strlen(by);
714         int replaced = 0;
715         char *p = strstr(string, search);
716
717         if (p) {
718                 replaced = 1;
719                 while (p) {
720                         if (by_len == search_len) {
721                                 memcpy(p, by, by_len);
722                         } else {
723                                 memmove(p + by_len, p + search_len, strlen(p + search_len) + 1);
724                                 memcpy(p, by, by_len);
725                         }
726                         p = strstr(p + by_len, search);
727                 }
728         }
729         return replaced;
730 }
731
732 /*! \brief Append a name=value filter string. The filter string can grow. 
733  */
734 static void append_var_and_value_to_filter(struct ast_str **filter,
735         struct ldap_table_config *table_config,
736         const char *name, const char *value)
737 {
738         char *new_name = NULL;
739         char *new_value = NULL;
740         char *like_pos = strstr(name, " LIKE");
741
742         ast_debug(2, "name='%s' value='%s'\n", name, value);
743
744         if (like_pos) {
745                 int len = like_pos - name;
746
747                 name = new_name = ast_strdupa(name);
748                 new_name[len] = '\0';
749                 value = new_value = ast_strdupa(value);
750                 replace_string_in_string(new_value, "\\_", "_");
751                 replace_string_in_string(new_value, "%", "*");
752         }
753
754         name = convert_attribute_name_to_ldap(table_config, name);
755
756         ast_str_append(filter, 0, "(%s=%s)", name, value);
757 }
758
759 /*! \brief LDAP base function 
760  * \return a null terminated array of ast_variable (one per entry) or NULL if no entry is found or if an error occured
761  * caller should free the returned array and ast_variables
762  * \param entries_count_ptr is a pointer to found entries count (can be NULL)
763  * \param basedn is the base DN
764  * \param table_name is the table_name (used dor attribute convertion and additional filter)
765  * \param ap contains null terminated list of pairs name/value
766 */
767 static struct ast_variable **realtime_ldap_base_ap(unsigned int *entries_count_ptr,
768         const char *basedn, const char *table_name, va_list ap)
769 {
770         struct ast_variable **vars = NULL;
771         const char *newparam = NULL;
772         const char *newval = NULL;
773         struct ldap_table_config *table_config = NULL;
774         char *clean_basedn = cleaned_basedn(NULL, basedn);
775         struct ast_str *filter = NULL;
776         int tries = 0;
777         int result = 0;
778         LDAPMessage *ldap_result_msg = NULL;
779
780         if (!table_name) {
781                 ast_log(LOG_ERROR, "No table_name specified.\n");
782                 ast_free(clean_basedn);
783                 return NULL;
784         } 
785
786         if (!(filter = ast_str_create(80))) {
787                 ast_log(LOG_ERROR, "Can't initialize data structures.n");
788                 ast_free(clean_basedn);
789                 return NULL;
790         }
791
792         /* Get the first parameter and first value in our list of passed paramater/value pairs  */
793         newparam = va_arg(ap, const char *);
794         newval = va_arg(ap, const char *);
795
796         if (!newparam || !newval) {
797                 ast_log(LOG_ERROR, "Realtime retrieval requires at least 1 parameter"
798                         " and 1 value to search on.\n");
799                 ast_free(filter);
800                 ast_free(clean_basedn);
801                 return NULL;
802         }
803
804         ast_mutex_lock(&ldap_lock);
805
806         /* We now have our complete statement; Lets connect to the server and execute it.  */
807         if (!ldap_reconnect()) {
808                 ast_mutex_unlock(&ldap_lock);
809                 ast_free(filter);
810                 ast_free(clean_basedn);
811                 return NULL;
812         }
813
814         table_config = table_config_for_table_name(table_name);
815         if (!table_config) {
816                 ast_log(LOG_WARNING, "No table named '%s'.\n", table_name);
817                 ast_mutex_unlock(&ldap_lock);
818                 ast_free(filter);
819                 ast_free(clean_basedn);
820                 return NULL;
821         }
822
823         ast_str_append(&filter, 0, "(&");
824
825         if (table_config && table_config->additional_filter) {
826                 ast_str_append(&filter, 0, "%s", table_config->additional_filter);
827         }
828         if (table_config != base_table_config && base_table_config && 
829                 base_table_config->additional_filter) {
830                 ast_str_append(&filter, 0, "%s", base_table_config->additional_filter);
831         }
832
833         /* Create the first part of the query using the first parameter/value pairs we just extracted.
834          * If there is only 1 set, then we have our query. Otherwise, loop thru the list and concat
835          */
836
837         append_var_and_value_to_filter(&filter, table_config, newparam, newval);
838         while ((newparam = va_arg(ap, const char *))) {
839                 newval = va_arg(ap, const char *);
840                 append_var_and_value_to_filter(&filter, table_config, newparam, newval);
841         }
842         ast_str_append(&filter, 0, ")");
843
844         do {
845                 /* freeing ldap_result further down */
846                 result = ldap_search_ext_s(ldapConn, clean_basedn,
847                                   LDAP_SCOPE_SUBTREE, ast_str_buffer(filter), NULL, 0, NULL, NULL, NULL, LDAP_NO_LIMIT,
848                                   &ldap_result_msg);
849                 if (result != LDAP_SUCCESS && is_ldap_connect_error(result)) {
850                         ast_debug(1, "Failed to query directory. Try %d/10\n", tries + 1);
851                         if (++tries < 10) {
852                                 usleep(1);
853                                 if (ldapConn) {
854                                         ldap_unbind_ext_s(ldapConn, NULL, NULL);
855                                         ldapConn = NULL;
856                                 }
857                                 if (!ldap_reconnect()) {
858                                         break;
859                                 }
860                         }
861                 }
862         } while (result != LDAP_SUCCESS && tries < 10 && is_ldap_connect_error(result));
863
864         if (result != LDAP_SUCCESS) {
865                 ast_log(LOG_WARNING, "Failed to query directory. Error: %s.\n", ldap_err2string(result));
866                 ast_log(LOG_WARNING, "Query: %s\n", ast_str_buffer(filter));
867         } else {
868                 /* this is where we create the variables from the search result 
869                  * freeing this \a vars outside this function */
870                 if (ldap_count_entries(ldapConn, ldap_result_msg) > 0) {
871                         /* is this a static var or some other? they are handled different for delimited values */
872                         vars = realtime_ldap_result_to_vars(table_config, ldap_result_msg, entries_count_ptr);
873                 } else {
874                         ast_debug(1, "Could not find any entry matching %s in base dn %s.\n", ast_str_buffer(filter), clean_basedn);
875                 }
876
877                 ldap_msgfree(ldap_result_msg);
878
879                 /*! \TODO get the default variables from the accountBaseDN, not implemented with delimited values
880                  */
881                 if (vars) {
882                         struct ast_variable **p = vars;
883                         while (*p) {
884                                 struct ast_variable *append_var = NULL;
885                                 struct ast_variable *tmp = *p;
886                                 while (tmp) {
887                                         if (strcasecmp(tmp->name, "accountBaseDN") == 0) {
888                                                 /* Get the variable to compare with for the defaults */
889                                                 struct ast_variable *base_var = ldap_loadentry(table_config, tmp->value);
890                                                 
891                                                 while (base_var) {
892                                                         struct ast_variable *next = base_var->next;
893                                                         struct ast_variable *test_var = *p;
894                                                         int base_var_found = 0;
895
896                                                         /* run throught the default values and fill it inn if it is missing */
897                                                         while (test_var) {
898                                                                 if (strcasecmp(test_var->name, base_var->name) == 0) {
899                                                                         base_var_found = 1;
900                                                                         break;
901                                                                 } else {
902                                                                         test_var = test_var->next;
903                                                                 }
904                                                         }
905                                                         if (base_var_found) {
906                                                                 base_var->next = NULL;
907                                                                 ast_variables_destroy(base_var);
908                                                                 base_var = next;
909                                                         } else {
910                                                                 /*!
911                                                                  * \todo XXX The interactions with base_var and append_var may
912                                                                  * cause a memory leak of base_var nodes.  Also the append_var
913                                                                  * list and base_var list may get cross linked.
914                                                                  */
915                                                                 if (append_var) {
916                                                                         base_var->next = append_var;
917                                                                 } else {
918                                                                         base_var->next = NULL;
919                                                                 }
920                                                                 append_var = base_var;
921                                                                 base_var = next;
922                                                         }
923                                                 }
924                                         }
925                                         if (!tmp->next && append_var) {
926                                                 tmp->next = append_var;
927                                                 tmp = NULL;
928                                         } else {
929                                                 tmp = tmp->next;
930                                         }
931                                 }
932                                 p++;
933                         }
934                 }
935         }
936
937         if (filter) {
938                 ast_free(filter);
939         }
940
941         if (clean_basedn) {
942                 ast_free(clean_basedn);
943         }
944
945         ast_mutex_unlock(&ldap_lock);
946
947         return vars;
948 }
949
950 /*! \brief same as realtime_ldap_base_ap but take variable arguments count list
951  */
952 static struct ast_variable **realtime_ldap_base(unsigned int *entries_count_ptr,
953         const char *basedn, const char *table_name, ...)
954 {
955         struct ast_variable **vars = NULL;
956         va_list ap;
957
958         va_start(ap, table_name);
959         vars = realtime_ldap_base_ap(entries_count_ptr, basedn, table_name, ap);
960         va_end(ap);
961
962         return vars;
963 }
964
965 /*! \brief See Asterisk doc
966  *
967  * For Realtime Dynamic(i.e., switch, queues, and directory)
968  */
969 static struct ast_variable *realtime_ldap(const char *basedn,
970                                           const char *table_name, va_list ap)
971 {
972         struct ast_variable **vars = realtime_ldap_base_ap(NULL, basedn, table_name, ap);
973         struct ast_variable *var = NULL;
974
975         if (vars) {
976                 struct ast_variable *last_var = NULL;
977                 struct ast_variable **p = vars;
978
979                 /* Chain the vars array of lists into one list to return. */
980                 while (*p) {
981                         if (last_var) {
982                                 while (last_var->next) {
983                                         last_var = last_var->next;
984                                 }
985                                 last_var->next = *p;
986                         } else {
987                                 var = *p;
988                                 last_var = var;
989                         }
990                         p++;
991                 }
992                 free(vars);
993         }
994         return var;
995 }
996
997 /*! \brief See Asterisk doc
998  *
999  * this function will be called for the switch statment if no match is found with the realtime_ldap function(i.e. it is a failover);
1000  * however, the ast_load_realtime wil match on wildcharacters also depending on what the mode is set to
1001  * this is an area of asterisk that could do with a lot of modification
1002  * I think this function returns Realtime dynamic objects
1003  */
1004 static struct ast_config *realtime_multi_ldap(const char *basedn,
1005       const char *table_name, va_list ap)
1006 {
1007         char *op;
1008         const char *initfield = NULL;
1009         const char *newparam, *newval;
1010         struct ast_variable **vars =
1011                 realtime_ldap_base_ap(NULL, basedn, table_name, ap);
1012         struct ast_config *cfg = NULL;
1013
1014         newparam = va_arg(ap, const char *);
1015         newval = va_arg(ap, const char *);
1016         if (!newparam || !newval) {
1017             ast_log(LOG_WARNING, "realtime retrieval requires at least 1 parameter and 1 value to search on.\n");
1018             return NULL;
1019         }
1020         initfield = ast_strdupa(newparam);
1021         if ((op = strchr(initfield, ' '))) {
1022                 *op = '\0';
1023         }
1024
1025         if (vars) {
1026                 cfg = ast_config_new();
1027                 if (!cfg) {
1028                         ast_log(LOG_ERROR, "Unable to create a config!\n");
1029                 } else {
1030                         struct ast_variable **p = vars;
1031
1032                         while (*p) {
1033                                 struct ast_category *cat = NULL;
1034                                 cat = ast_category_new("", table_name, -1);
1035                                 if (!cat) {
1036                                         ast_log(LOG_ERROR, "Unable to create a new category!\n");
1037                                         break;
1038                                 } else {
1039                                         struct ast_variable *var = *p;
1040                                         while (var) {
1041                                                 struct ast_variable *next = var->next;
1042                                                 if (initfield && !strcmp(initfield, var->name)) {
1043                                                         ast_category_rename(cat, var->value);
1044                                                 }
1045                                                 var->next = NULL;
1046                                                 ast_variable_append(cat, var);
1047                                                 var = next;
1048                                         }
1049                                 }
1050                                 ast_category_append(cfg, cat);
1051                                 p++;
1052                         }
1053                 }
1054                 free(vars);
1055         }
1056         return cfg;
1057
1058 }
1059
1060 /*! \brief Sorting alogrithm for qsort to find the order of the variables \a a and \a b
1061  * \param a pointer to category_and_metric struct
1062  * \param b pointer to category_and_metric struct
1063  *
1064  * \retval -1 for if b is greater
1065  * \retval 0 zero for equal
1066  * \retval 1 if a is greater
1067  */
1068 static int compare_categories(const void *a, const void *b)
1069 {
1070         const struct category_and_metric *as = a;
1071         const struct category_and_metric *bs = b;
1072
1073         if (as->metric < bs->metric) {
1074                 return -1;
1075         } else if (as->metric > bs->metric) {
1076                 return 1;
1077         } else if (as->metric == bs->metric && strcmp(as->name, bs->name) != 0) {
1078                 return strcmp(as->name, bs->name);
1079         } 
1080         /* if the metric and the category name is the same, we check the variable metric */
1081         if (as->var_metric < bs->var_metric) {
1082                 return -1;
1083         } else if (as->var_metric > bs->var_metric) {
1084                 return 1;
1085         }
1086
1087         return 0;
1088 }
1089
1090 /*! \brief See Asterisk Realtime Documentation
1091  *
1092  * This is for Static Realtime
1093  *      
1094  * load the configuration stuff for the .conf files
1095  * called on a reload
1096  */
1097 static struct ast_config *config_ldap(const char *basedn, const char *table_name,
1098         const char *file, struct ast_config *cfg, struct ast_flags config_flags, const char *sugg_incl, const char *who_asked)
1099 {
1100         unsigned int vars_count = 0;
1101         struct ast_variable **vars;
1102         int i = 0;
1103         struct ast_variable *new_v = NULL;
1104         struct ast_category *cur_cat = NULL;
1105         const char *last_category = NULL;
1106         int last_category_metric = 0;
1107         struct category_and_metric *categories;
1108         struct ast_variable **p;
1109
1110         if (ast_strlen_zero(file) || !strcasecmp(file, RES_CONFIG_LDAP_CONF)) {
1111                 ast_log(LOG_ERROR, "Missing configuration file: %s. Can't configure myself.\n", RES_CONFIG_LDAP_CONF);
1112                 return NULL;
1113         }
1114
1115         vars = realtime_ldap_base(&vars_count, basedn, table_name, "filename", file, "commented", "FALSE", NULL);
1116
1117         if (!vars) {
1118                 ast_log(LOG_WARNING, "Could not find config '%s' in directory.\n", file);
1119                 return NULL;
1120         }
1121
1122         /*! \note Since the items come back in random order, they need to be sorted
1123          * first, and since the data could easily exceed stack size, this is
1124          * allocated from the heap.
1125          */
1126         if (!(categories = ast_calloc(sizeof(*categories), vars_count))) {
1127                 return NULL;
1128         }
1129
1130         for (vars_count = 0, p = vars; *p; p++) {
1131                 struct ast_variable *category = variable_named(*p, "category");
1132                 struct ast_variable *cat_metric = variable_named(*p, "cat_metric");
1133                 struct ast_variable *var_name = variable_named(*p, "variable_name");
1134                 struct ast_variable *var_val = variable_named(*p, "variable_value");
1135                 struct ast_variable *var_metric = variable_named(*p, "var_metric");
1136                 struct ast_variable *dn = variable_named(*p, "dn");
1137
1138                 if (!category) {
1139                         ast_log(LOG_ERROR, "No category name in entry '%s'  for file '%s'.\n",
1140                                         (dn ? dn->value : "?"), file);
1141                 } else if (!cat_metric) {
1142                         ast_log(LOG_ERROR, "No category metric in entry '%s'(category: %s) for file '%s'.\n",
1143                                         (dn ? dn->value : "?"), category->value, file);
1144                 } else if (!var_metric) {
1145                         ast_log(LOG_ERROR, "No variable metric in entry '%s'(category: %s) for file '%s'.\n",
1146                                         (dn ? dn->value : "?"), category->value, file);
1147                 } else if (!var_name) {
1148                         ast_log(LOG_ERROR, "No variable name in entry '%s' (category: %s metric: %s) for file '%s'.\n",
1149                                         (dn ? dn->value : "?"), category->value,
1150                                         cat_metric->value, file);
1151                 } else if (!var_val) {
1152                         ast_log(LOG_ERROR, "No variable value in entry '%s' (category: %s metric: %s variable: %s) for file '%s'.\n",
1153                                         (dn ? dn->value : "?"), category->value,
1154                                         cat_metric->value, var_name->value, file);
1155                 } else {
1156                         categories[vars_count].name = category->value;
1157                         categories[vars_count].metric = atoi(cat_metric->value);
1158                         categories[vars_count].variable_name = var_name->value;
1159                         categories[vars_count].variable_value = var_val->value;
1160                         categories[vars_count].var_metric = atoi(var_metric->value);
1161                         vars_count++;
1162                 }
1163
1164                 ast_debug(3, "category: %s\n", category->value);
1165                 ast_debug(3, "var_name: %s\n", var_name->value);
1166                 ast_debug(3, "var_val: %s\n", var_val->value);
1167                 ast_debug(3, "cat_metric: %s\n", cat_metric->value);
1168
1169         }
1170
1171         qsort(categories, vars_count, sizeof(*categories), compare_categories);
1172
1173         for (i = 0; i < vars_count; i++) {
1174                 if (!strcmp(categories[i].variable_name, "#include")) {
1175                         struct ast_flags flags = { 0 };
1176                         if (!ast_config_internal_load(categories[i].variable_value, cfg, flags, "", who_asked)) {
1177                                 break;
1178                         }
1179                         continue;
1180                 }
1181
1182                 if (!last_category || strcmp(last_category, categories[i].name) ||
1183                         last_category_metric != categories[i].metric) {
1184
1185                         cur_cat = ast_category_new(categories[i].name, table_name, -1);
1186                         if (!cur_cat) {
1187                                 break;
1188                         }
1189                         last_category = categories[i].name;
1190                         last_category_metric = categories[i].metric;
1191                         ast_category_append(cfg, cur_cat);
1192                 }
1193
1194                 if (!(new_v = ast_variable_new(categories[i].variable_name, categories[i].variable_value, table_name))) {
1195                         break;
1196                 }
1197
1198                 ast_variable_append(cur_cat, new_v);
1199         }
1200
1201         ast_free(vars);
1202         ast_free(categories);
1203
1204         return cfg;
1205 }
1206
1207 /* \brief Function to update a set of values in ldap static mode
1208  */
1209 static int update_ldap(const char *basedn, const char *table_name, const char *attribute,
1210         const char *lookup, va_list ap)
1211 {
1212         int error = 0;
1213         LDAPMessage *ldap_entry = NULL;
1214         LDAPMod **ldap_mods;
1215         const char *newparam = NULL;
1216         const char *newval = NULL;
1217         char *dn;
1218         int num_entries = 0;
1219         int i = 0;
1220         int mods_size = 0;
1221         int mod_exists = 0;
1222         struct ldap_table_config *table_config = NULL;
1223         char *clean_basedn = NULL;
1224         struct ast_str *filter = NULL;
1225         int tries = 0;
1226         int result = 0;
1227         LDAPMessage *ldap_result_msg = NULL;
1228
1229         if (!table_name) {
1230                 ast_log(LOG_ERROR, "No table_name specified.\n");
1231                 return -1;
1232         } 
1233
1234         if (!(filter = ast_str_create(80))) {
1235                 return -1;
1236         }
1237
1238         if (!attribute || !lookup) {
1239                 ast_log(LOG_WARNING, "LINE(%d): search parameters are empty.\n", __LINE__);
1240                 return -1;
1241         }
1242         ast_mutex_lock(&ldap_lock);
1243
1244         /* We now have our complete statement; Lets connect to the server and execute it.  */
1245         if (!ldap_reconnect()) {
1246                 ast_mutex_unlock(&ldap_lock);
1247                 return -1;
1248         }
1249
1250         table_config = table_config_for_table_name(table_name);
1251         if (!table_config) {
1252                 ast_log(LOG_ERROR, "No table named '%s'.\n", table_name);
1253                 ast_mutex_unlock(&ldap_lock);
1254                 return -1;
1255         }
1256
1257         clean_basedn = cleaned_basedn(NULL, basedn);
1258
1259         /* Create the filter with the table additional filter and the parameter/value pairs we were given */
1260         ast_str_append(&filter, 0, "(&");
1261         if (table_config && table_config->additional_filter) {
1262                 ast_str_append(&filter, 0, "%s", table_config->additional_filter);
1263         }
1264         if (table_config != base_table_config && base_table_config && base_table_config->additional_filter) {
1265                 ast_str_append(&filter, 0, "%s", base_table_config->additional_filter);
1266         }
1267         append_var_and_value_to_filter(&filter, table_config, attribute, lookup);
1268         ast_str_append(&filter, 0, ")");
1269
1270         /* Create the modification array with the parameter/value pairs we were given, 
1271          * if there are several parameters with the same name, we collect them into 
1272          * one parameter/value pair and delimit them with a semicolon */
1273         newparam = va_arg(ap, const char *);
1274         newparam = convert_attribute_name_to_ldap(table_config, newparam);
1275         newval = va_arg(ap, const char *);
1276         if (!newparam || !newval) {
1277                 ast_log(LOG_WARNING, "LINE(%d): need at least one parameter to modify.\n", __LINE__);
1278                 return -1;
1279         }
1280
1281         mods_size = 2; /* one for the first param/value pair and one for the the terminating NULL */
1282         ldap_mods = ldap_memcalloc(sizeof(LDAPMod *), mods_size);
1283         ldap_mods[0] = ldap_memcalloc(1, sizeof(LDAPMod));
1284
1285         ldap_mods[0]->mod_op = LDAP_MOD_REPLACE;
1286         ldap_mods[0]->mod_type = ldap_strdup(newparam);
1287
1288         ldap_mods[0]->mod_values = ast_calloc(sizeof(char *), 2);
1289         ldap_mods[0]->mod_values[0] = ldap_strdup(newval);
1290
1291         while ((newparam = va_arg(ap, const char *))) {
1292                 newparam = convert_attribute_name_to_ldap(table_config, newparam);
1293                 newval = va_arg(ap, const char *);
1294                 mod_exists = 0;
1295
1296                 for (i = 0; i < mods_size - 1; i++) {
1297                         if (ldap_mods[i]&& !strcmp(ldap_mods[i]->mod_type, newparam)) {
1298                                 /* We have the parameter allready, adding the value as a semicolon delimited value */
1299                                 ldap_mods[i]->mod_values[0] = ldap_memrealloc(ldap_mods[i]->mod_values[0], sizeof(char) * (strlen(ldap_mods[i]->mod_values[0]) + strlen(newval) + 2));
1300                                 strcat(ldap_mods[i]->mod_values[0], ";");
1301                                 strcat(ldap_mods[i]->mod_values[0], newval);
1302                                 mod_exists = 1; 
1303                                 break;
1304                         }
1305                 }
1306
1307                 /* create new mod */
1308                 if (!mod_exists) {
1309                         mods_size++;
1310                         ldap_mods = ldap_memrealloc(ldap_mods, sizeof(LDAPMod *) * mods_size);
1311                         ldap_mods[mods_size - 1] = NULL;
1312                         
1313                         ldap_mods[mods_size - 2] = ldap_memcalloc(1, sizeof(LDAPMod));
1314
1315                         ldap_mods[mods_size - 2]->mod_type = ldap_memcalloc(sizeof(char), strlen(newparam) + 1);
1316                         strcpy(ldap_mods[mods_size - 2]->mod_type, newparam);
1317
1318                         if (strlen(newval) == 0) {
1319                                 ldap_mods[mods_size - 2]->mod_op = LDAP_MOD_DELETE;
1320                         } else {
1321                                 ldap_mods[mods_size - 2]->mod_op = LDAP_MOD_REPLACE;
1322
1323                                 ldap_mods[mods_size - 2]->mod_values = ldap_memcalloc(sizeof(char *), 2);
1324                                 ldap_mods[mods_size - 2]->mod_values[0] = ldap_memcalloc(sizeof(char), strlen(newval) + 1);
1325                                 strcpy(ldap_mods[mods_size - 2]->mod_values[0], newval);
1326                         }
1327                 }
1328         }
1329         /* freeing ldap_mods further down */
1330
1331         do {
1332                 /* freeing ldap_result further down */
1333                 result = ldap_search_ext_s(ldapConn, clean_basedn,
1334                                   LDAP_SCOPE_SUBTREE, ast_str_buffer(filter), NULL, 0, NULL, NULL, NULL, LDAP_NO_LIMIT,
1335                                   &ldap_result_msg);
1336                 if (result != LDAP_SUCCESS && is_ldap_connect_error(result)) {
1337                         ast_log(LOG_WARNING, "Failed to query directory. Try %d/3\n", tries + 1);
1338                         tries++;
1339                         if (tries < 3) {
1340                                 usleep(500000L * tries);
1341                                 if (ldapConn) {
1342                                         ldap_unbind_ext_s(ldapConn, NULL, NULL);
1343                                         ldapConn = NULL;
1344                                 }
1345                                 if (!ldap_reconnect())
1346                                         break;
1347                         }
1348                 }
1349         } while (result != LDAP_SUCCESS && tries < 3 && is_ldap_connect_error(result));
1350
1351         if (result != LDAP_SUCCESS) {
1352                 ast_log(LOG_WARNING, "Failed to query directory. Error: %s.\n", ldap_err2string(result));
1353                 ast_log(LOG_WARNING, "Query: %s\n", ast_str_buffer(filter));
1354
1355                 ast_mutex_unlock(&ldap_lock);
1356                 free(filter);
1357                 free(clean_basedn);
1358                 ldap_msgfree(ldap_result_msg);
1359                 ldap_mods_free(ldap_mods, 0);
1360                 return -1;
1361         }
1362         /* Ready to update */
1363         if ((num_entries = ldap_count_entries(ldapConn, ldap_result_msg)) > 0) {
1364                 ast_debug(3, "LINE(%d) Modifying %s=%s hits: %d\n", __LINE__, attribute, lookup, num_entries);
1365                 for (i = 0; option_debug > 2 && i < mods_size - 1; i++) {
1366                         if (ldap_mods[i]->mod_op != LDAP_MOD_DELETE) {
1367                                 ast_debug(3, "LINE(%d) %s=%s \n", __LINE__, ldap_mods[i]->mod_type, ldap_mods[i]->mod_values[0]);
1368                         } else {
1369                                 ast_debug(3, "LINE(%d) deleting %s \n", __LINE__, ldap_mods[i]->mod_type);
1370                         }
1371                 }
1372                 ldap_entry = ldap_first_entry(ldapConn, ldap_result_msg);
1373
1374                 for (i = 0; ldap_entry; i++) { 
1375                         dn = ldap_get_dn(ldapConn, ldap_entry);
1376                         if ((error = ldap_modify_ext_s(ldapConn, dn, ldap_mods, NULL, NULL)) != LDAP_SUCCESS)  {
1377                                 ast_log(LOG_ERROR, "Couldn't modify '%s'='%s', dn:%s because %s\n",
1378                                                 attribute, lookup, dn, ldap_err2string(error));
1379                         }
1380                         ldap_memfree(dn);
1381                         ldap_entry = ldap_next_entry(ldapConn, ldap_entry);
1382                 }
1383         }
1384
1385         ast_mutex_unlock(&ldap_lock);
1386         ast_free(filter);
1387         ast_free(clean_basedn);
1388         ldap_msgfree(ldap_result_msg);
1389         ldap_mods_free(ldap_mods, 0);
1390         return num_entries;
1391 }
1392
1393 static int update2_ldap(const char *basedn, const char *table_name, va_list ap)
1394 {
1395         int error = 0;
1396         LDAPMessage *ldap_entry = NULL;
1397         LDAPMod **ldap_mods;
1398         const char *newparam = NULL;
1399         const char *newval = NULL;
1400         char *dn;
1401         int num_entries = 0;
1402         int i = 0;
1403         int mods_size = 0;
1404         int mod_exists = 0;
1405         struct ldap_table_config *table_config = NULL;
1406         char *clean_basedn = NULL;
1407         struct ast_str *filter = NULL;
1408         int tries = 0;
1409         int result = 0;
1410         LDAPMessage *ldap_result_msg = NULL;
1411
1412         if (!table_name) {
1413                 ast_log(LOG_ERROR, "No table_name specified.\n");
1414                 return -1;
1415         } 
1416
1417         if (!(filter = ast_str_create(80))) {
1418                 return -1;
1419         }
1420
1421         ast_mutex_lock(&ldap_lock);
1422
1423         /* We now have our complete statement; Lets connect to the server and execute it.  */
1424         if (!ldap_reconnect()) {
1425                 ast_mutex_unlock(&ldap_lock);
1426                 ast_free(filter);
1427                 return -1;
1428         }
1429
1430         table_config = table_config_for_table_name(table_name);
1431         if (!table_config) {
1432                 ast_log(LOG_ERROR, "No table named '%s'.\n", table_name);
1433                 ast_mutex_unlock(&ldap_lock);
1434                 ast_free(filter);
1435                 return -1;
1436         }
1437
1438         clean_basedn = cleaned_basedn(NULL, basedn);
1439
1440         /* Create the filter with the table additional filter and the parameter/value pairs we were given */
1441         ast_str_append(&filter, 0, "(&");
1442         if (table_config && table_config->additional_filter) {
1443                 ast_str_append(&filter, 0, "%s", table_config->additional_filter);
1444         }
1445         if (table_config != base_table_config && base_table_config
1446                 && base_table_config->additional_filter) {
1447                 ast_str_append(&filter, 0, "%s", base_table_config->additional_filter);
1448         }
1449
1450         /* Get multiple lookup keyfields and values */
1451         while ((newparam = va_arg(ap, const char *))) {
1452                 newval = va_arg(ap, const char *);
1453                 append_var_and_value_to_filter(&filter, table_config, newparam, newval);
1454         }
1455         ast_str_append(&filter, 0, ")");
1456
1457         /* Create the modification array with the parameter/value pairs we were given, 
1458          * if there are several parameters with the same name, we collect them into 
1459          * one parameter/value pair and delimit them with a semicolon */
1460         newparam = va_arg(ap, const char *);
1461         newparam = convert_attribute_name_to_ldap(table_config, newparam);
1462         newval = va_arg(ap, const char *);
1463         if (!newparam || !newval) {
1464                 ast_log(LOG_WARNING, "LINE(%d): need at least one parameter to modify.\n", __LINE__);
1465                 ast_free(filter);
1466                 ast_free(clean_basedn);
1467                 return -1;
1468         }
1469
1470         mods_size = 2; /* one for the first param/value pair and one for the the terminating NULL */
1471         ldap_mods = ast_calloc(sizeof(LDAPMod *), mods_size);
1472         ldap_mods[0] = ast_calloc(1, sizeof(LDAPMod));
1473
1474         ldap_mods[0]->mod_op = LDAP_MOD_REPLACE;
1475         ldap_mods[0]->mod_type = ast_calloc(sizeof(char), strlen(newparam) + 1);
1476         strcpy(ldap_mods[0]->mod_type, newparam);
1477
1478         ldap_mods[0]->mod_values = ast_calloc(sizeof(char), 2);
1479         ldap_mods[0]->mod_values[0] = ast_calloc(sizeof(char), strlen(newval) + 1);
1480         strcpy(ldap_mods[0]->mod_values[0], newval);
1481
1482         while ((newparam = va_arg(ap, const char *))) {
1483                 newparam = convert_attribute_name_to_ldap(table_config, newparam);
1484                 newval = va_arg(ap, const char *);
1485                 mod_exists = 0;
1486
1487                 for (i = 0; i < mods_size - 1; i++) {
1488                         if (ldap_mods[i]&& !strcmp(ldap_mods[i]->mod_type, newparam)) {
1489                                 /* We have the parameter allready, adding the value as a semicolon delimited value */
1490                                 ldap_mods[i]->mod_values[0] = ast_realloc(ldap_mods[i]->mod_values[0], sizeof(char) * (strlen(ldap_mods[i]->mod_values[0]) + strlen(newval) + 2));
1491                                 strcat(ldap_mods[i]->mod_values[0], ";");
1492                                 strcat(ldap_mods[i]->mod_values[0], newval);
1493                                 mod_exists = 1; 
1494                                 break;
1495                         }
1496                 }
1497
1498                 /* create new mod */
1499                 if (!mod_exists) {
1500                         mods_size++;
1501                         ldap_mods = ast_realloc(ldap_mods, sizeof(LDAPMod *) * mods_size);
1502                         ldap_mods[mods_size - 1] = NULL;
1503                         ldap_mods[mods_size - 2] = ast_calloc(1, sizeof(LDAPMod));
1504
1505                         ldap_mods[mods_size - 2]->mod_op = LDAP_MOD_REPLACE;
1506
1507                         ldap_mods[mods_size - 2]->mod_type = ast_calloc(sizeof(char), strlen(newparam) + 1);
1508                         strcpy(ldap_mods[mods_size - 2]->mod_type, newparam);
1509
1510                         ldap_mods[mods_size - 2]->mod_values = ast_calloc(sizeof(char *), 2);
1511                         ldap_mods[mods_size - 2]->mod_values[0] = ast_calloc(sizeof(char), strlen(newval) + 1);
1512                         strcpy(ldap_mods[mods_size - 2]->mod_values[0], newval);
1513                 }
1514         }
1515         /* freeing ldap_mods further down */
1516
1517         do {
1518                 /* freeing ldap_result further down */
1519                 result = ldap_search_ext_s(ldapConn, clean_basedn,
1520                                   LDAP_SCOPE_SUBTREE, ast_str_buffer(filter), NULL, 0, NULL, NULL, NULL, LDAP_NO_LIMIT,
1521                                   &ldap_result_msg);
1522                 if (result != LDAP_SUCCESS && is_ldap_connect_error(result)) {
1523                         ast_log(LOG_WARNING, "Failed to query directory. Try %d/3\n", tries + 1);
1524                         tries++;
1525                         if (tries < 3) {
1526                                 usleep(500000L * tries);
1527                                 if (ldapConn) {
1528                                         ldap_unbind_ext_s(ldapConn, NULL, NULL);
1529                                         ldapConn = NULL;
1530                                 }
1531                                 if (!ldap_reconnect()) {
1532                                         break;
1533                                 }
1534                         }
1535                 }
1536         } while (result != LDAP_SUCCESS && tries < 3 && is_ldap_connect_error(result));
1537
1538         if (result != LDAP_SUCCESS) {
1539                 ast_log(LOG_WARNING, "Failed to query directory. Error: %s.\n", ldap_err2string(result));
1540                 ast_log(LOG_WARNING, "Query: %s\n", ast_str_buffer(filter));
1541
1542                 ast_mutex_unlock(&ldap_lock);
1543                 ast_free(filter);
1544                 ast_free(clean_basedn);
1545                 ldap_msgfree(ldap_result_msg);
1546                 ldap_mods_free(ldap_mods, 0);
1547                 return -1;
1548         }
1549         /* Ready to update */
1550         if ((num_entries = ldap_count_entries(ldapConn, ldap_result_msg)) > 0) {
1551                 for (i = 0; option_debug > 2 && i < mods_size - 1; i++) {
1552                         ast_debug(3, "LINE(%d) %s=%s \n", __LINE__, ldap_mods[i]->mod_type, ldap_mods[i]->mod_values[0]);
1553                 }
1554
1555                 ldap_entry = ldap_first_entry(ldapConn, ldap_result_msg);
1556
1557                 for (i = 0; ldap_entry; i++) {
1558                         dn = ldap_get_dn(ldapConn, ldap_entry);
1559                         if ((error = ldap_modify_ext_s(ldapConn, dn, ldap_mods, NULL, NULL)) != LDAP_SUCCESS)  {
1560                                 ast_log(LOG_ERROR, "Couldn't modify dn:%s because %s", dn, ldap_err2string(error));
1561                         }
1562                         ldap_memfree(dn);
1563                         ldap_entry = ldap_next_entry(ldapConn, ldap_entry);
1564                 }
1565         }
1566
1567         ast_mutex_unlock(&ldap_lock);
1568         if (filter) {
1569                 ast_free(filter);
1570         }
1571         if (clean_basedn) {
1572                 ast_free(clean_basedn);
1573         }
1574         ldap_msgfree(ldap_result_msg);
1575         ldap_mods_free(ldap_mods, 0);
1576         return num_entries;
1577 }
1578
1579 static struct ast_config_engine ldap_engine = {
1580         .name = "ldap",
1581         .load_func = config_ldap,
1582         .realtime_func = realtime_ldap,
1583         .realtime_multi_func = realtime_multi_ldap,
1584         .update_func = update_ldap,
1585         .update2_func = update2_ldap,
1586 };
1587
1588 /*!
1589  * \brief Load the module
1590  *
1591  * Module loading including tests for configuration or dependencies.
1592  * This function can return AST_MODULE_LOAD_FAILURE, AST_MODULE_LOAD_DECLINE,
1593  * or AST_MODULE_LOAD_SUCCESS. If a dependency or environment variable fails
1594  * tests return AST_MODULE_LOAD_FAILURE. If the module can not load the 
1595  * configuration file or other non-critical problem return 
1596  * AST_MODULE_LOAD_DECLINE. On success return AST_MODULE_LOAD_SUCCESS.
1597  *
1598  * \todo Don't error or warn on a default install. If the config is
1599  * default we should not attempt to connect to a server. -lathama
1600  */
1601 static int load_module(void)
1602 {
1603         if (parse_config() < 0) {
1604                 ast_log(LOG_ERROR, "Cannot load LDAP RealTime driver.\n");
1605                 return 0;
1606         }
1607
1608         ast_mutex_lock(&ldap_lock);
1609
1610         if (!ldap_reconnect())  {
1611                 ast_log(LOG_WARNING, "Couldn't establish connection to LDAP directory. Check debug.\n");
1612         }
1613
1614         ast_config_engine_register(&ldap_engine);
1615         ast_verb(1, "LDAP RealTime driver loaded.\n");
1616         ast_cli_register_multiple(ldap_cli, ARRAY_LEN(ldap_cli));
1617
1618         ast_mutex_unlock(&ldap_lock);
1619
1620         return 0;
1621 }
1622
1623 /*! \brief Unload Module
1624  *
1625  */
1626 static int unload_module(void)
1627 {
1628         /* Aquire control before doing anything to the module itself. */
1629         ast_mutex_lock(&ldap_lock);
1630
1631         table_configs_free();
1632
1633         if (ldapConn) {
1634                 ldap_unbind_ext_s(ldapConn, NULL, NULL);
1635                 ldapConn = NULL;
1636         }
1637         ast_cli_unregister_multiple(ldap_cli, ARRAY_LEN(ldap_cli));
1638         ast_config_engine_deregister(&ldap_engine);
1639         ast_verb(1, "LDAP RealTime driver unloaded.\n");
1640
1641         /* Unlock so something else can destroy the lock. */
1642         ast_mutex_unlock(&ldap_lock);
1643
1644         return 0;
1645 }
1646
1647 /*! \breif Relod Module
1648  */
1649 static int reload(void)
1650 {
1651         /* Aquire control before doing anything to the module itself. */
1652         ast_mutex_lock(&ldap_lock);
1653
1654         if (ldapConn) {
1655                 ldap_unbind_ext_s(ldapConn, NULL, NULL);
1656                 ldapConn = NULL;
1657         }
1658
1659         if (parse_config() < 0) {
1660                 ast_log(LOG_NOTICE, "Cannot reload LDAP RealTime driver.\n");
1661                 ast_mutex_unlock(&ldap_lock);
1662                 return 0;
1663         }               
1664
1665         if (!ldap_reconnect())  {
1666                 ast_log(LOG_WARNING, "Couldn't establish connection to your directory server. Check debug.\n");
1667         }
1668
1669         ast_verb(2, "LDAP RealTime driver reloaded.\n");
1670
1671         /* Done reloading. Release lock so others can now use driver. */
1672         ast_mutex_unlock(&ldap_lock);
1673
1674         return 0;
1675 }
1676
1677 /*! \brief parse the configuration file
1678  */
1679 static int parse_config(void)
1680 {
1681         struct ast_config *config;
1682         struct ast_flags config_flags = {0};
1683         const char *s, *host;
1684         int port;
1685         char *category_name = NULL;
1686
1687         /* Make sure that global variables are reset */
1688         url[0] = '\0';
1689         user[0] = '\0';
1690         pass[0] = '\0';
1691         base_distinguished_name[0] = '\0';
1692         version = 3;
1693
1694         config = ast_config_load(RES_CONFIG_LDAP_CONF, config_flags);
1695         if (config == CONFIG_STATUS_FILEMISSING || config == CONFIG_STATUS_FILEINVALID) {
1696                 ast_log(LOG_ERROR, "Cannot load configuration file: %s\n", RES_CONFIG_LDAP_CONF);
1697                 return -1;
1698         }
1699
1700         if (!(s = ast_variable_retrieve(config, "_general", "user"))) {
1701                 ast_log(LOG_NOTICE, "No directory user found, anonymous binding as default.\n");
1702                 user[0] = '\0';
1703         } else {
1704                 ast_copy_string(user, s, sizeof(user));
1705         }
1706
1707         if (!ast_strlen_zero(user)) {
1708                 if (!(s = ast_variable_retrieve(config, "_general", "pass"))) {
1709                         ast_log(LOG_WARNING, "No directory password found, using 'asterisk' as default.\n");
1710                         ast_copy_string(pass, "asterisk", sizeof(pass));
1711                 } else {
1712                         ast_copy_string(pass, s, sizeof(pass));
1713                 }
1714         }
1715
1716         /* URL is preferred, use host and port if not found */
1717         if ((s = ast_variable_retrieve(config, "_general", "url"))) {
1718                 ast_copy_string(url, s, sizeof(url));
1719         } else if ((host = ast_variable_retrieve(config, "_general", "host"))) {
1720                 if (!(s = ast_variable_retrieve(config, "_general", "port")) || sscanf(s, "%5d", &port) != 1 || port > 65535) {
1721                         ast_log(LOG_NOTICE, "No directory port found, using 389 as default.\n");
1722                         port = 389;
1723                 }
1724
1725                 snprintf(url, sizeof(url), "ldap://%s:%d", host, port);
1726         } else {
1727                 ast_log(LOG_ERROR, "No directory URL or host found.\n");
1728                 ast_config_destroy(config);
1729                 return -1;
1730         }
1731
1732         if (!(s = ast_variable_retrieve(config, "_general", "basedn"))) {
1733                 ast_log(LOG_ERROR, "No LDAP base dn found, using '%s' as default.\n", RES_CONFIG_LDAP_DEFAULT_BASEDN);
1734                 ast_copy_string(base_distinguished_name, RES_CONFIG_LDAP_DEFAULT_BASEDN, sizeof(base_distinguished_name));
1735         } else 
1736                 ast_copy_string(base_distinguished_name, s, sizeof(base_distinguished_name));
1737
1738         if (!(s = ast_variable_retrieve(config, "_general", "version")) && !(s = ast_variable_retrieve(config, "_general", "protocol"))) {
1739                 ast_log(LOG_NOTICE, "No explicit LDAP version found, using 3 as default.\n");
1740         } else if (sscanf(s, "%30d", &version) != 1 || version < 1 || version > 6) {
1741                 ast_log(LOG_WARNING, "Invalid LDAP version '%s', using 3 as default.\n", s);
1742                 version = 3;
1743         }
1744
1745         table_configs_free();
1746
1747         while ((category_name = ast_category_browse(config, category_name))) {
1748                 int is_general = (strcasecmp(category_name, "_general") == 0);
1749                 int is_config = (strcasecmp(category_name, "config") == 0); /*!< using the [config] context for Static RealTime */
1750                 struct ast_variable *var = ast_variable_browse(config, category_name);
1751                 
1752                 if (var) {
1753                         struct ldap_table_config *table_config =
1754                                 table_config_for_table_name(category_name);
1755                         if (!table_config) {
1756                                 table_config = table_config_new(category_name);
1757                                 AST_LIST_INSERT_HEAD(&table_configs, table_config, entry);
1758                                 if (is_general)
1759                                         base_table_config = table_config;
1760                                 if (is_config)
1761                                         static_table_config = table_config;
1762                         }
1763                         for (; var; var = var->next) {
1764                                 if (!strcasecmp(var->name, "additionalFilter")) {
1765                                         table_config->additional_filter = ast_strdup(var->value);
1766                                 } else {
1767                                         ldap_table_config_add_attribute(table_config, var->name, var->value);
1768                                 }
1769                         }
1770                 }
1771         }
1772
1773         ast_config_destroy(config);
1774
1775         return 1;
1776 }
1777
1778 /*! \note ldap_lock should have been locked before calling this function. */
1779 static int ldap_reconnect(void)
1780 {
1781         int bind_result = 0;
1782         struct berval cred;
1783
1784         if (ldapConn) {
1785                 ast_debug(2, "Everything seems fine.\n");
1786                 return 1;
1787         }
1788
1789         if (ast_strlen_zero(url)) {
1790                 ast_log(LOG_ERROR, "Not enough parameters to connect to ldap directory\n");
1791                 return 0;
1792         }
1793
1794         if (LDAP_SUCCESS != ldap_initialize(&ldapConn, url)) {
1795                 ast_log(LOG_ERROR, "Failed to init ldap connection to '%s'. Check debug for more info.\n", url);
1796                 return 0;
1797         }
1798
1799         if (LDAP_OPT_SUCCESS != ldap_set_option(ldapConn, LDAP_OPT_PROTOCOL_VERSION, &version)) {
1800                 ast_log(LOG_WARNING, "Unable to set LDAP protocol version to %d, falling back to default.\n", version);
1801         }
1802
1803         if (!ast_strlen_zero(user)) {
1804                 ast_debug(2, "bind to '%s' as user '%s'\n", url, user);
1805                 cred.bv_val = (char *) pass;
1806                 cred.bv_len = strlen(pass);
1807                 bind_result = ldap_sasl_bind_s(ldapConn, user, LDAP_SASL_SIMPLE, &cred, NULL, NULL, NULL);
1808         } else {
1809                 ast_debug(2, "bind %s anonymously\n", url);
1810                 cred.bv_val = NULL;
1811                 cred.bv_len = 0;
1812                 bind_result = ldap_sasl_bind_s(ldapConn, NULL, LDAP_SASL_SIMPLE, &cred, NULL, NULL, NULL);
1813         }
1814         if (bind_result == LDAP_SUCCESS) {
1815                 ast_debug(2, "Successfully connected to directory.\n");
1816                 connect_time = time(NULL);
1817                 return 1;
1818         } else {
1819                 ast_log(LOG_WARNING, "bind failed: %s\n", ldap_err2string(bind_result));
1820                 ldap_unbind_ext_s(ldapConn, NULL, NULL);
1821                 ldapConn = NULL;
1822                 return 0;
1823         }
1824 }
1825
1826 /*! \brief Realtime Status
1827  *
1828  */
1829 static char *realtime_ldap_status(struct ast_cli_entry *e, int cmd, struct ast_cli_args *a)
1830 {
1831         char status[256], credentials[100] = "";
1832         int ctimesec = time(NULL) - connect_time;
1833
1834         switch (cmd) {
1835         case CLI_INIT:
1836                 e->command = "realtime show ldap status";
1837                 e->usage =
1838                         "Usage: realtime show ldap status\n"
1839                         "              Shows connection information for the LDAP RealTime driver\n";
1840                 return NULL;
1841         case CLI_GENERATE:
1842                 return NULL;
1843         }
1844
1845         if (!ldapConn)
1846                 return CLI_FAILURE;
1847
1848         if (!ast_strlen_zero(url)) 
1849                 snprintf(status, sizeof(status), "Connected to '%s', baseDN %s", url, base_distinguished_name);
1850
1851         if (!ast_strlen_zero(user))
1852                 snprintf(credentials, sizeof(credentials), " with username %s", user);
1853
1854         if (ctimesec > 31536000) {
1855                 ast_cli(a->fd, "%s%s for %d years, %d days, %d hours, %d minutes, %d seconds.\n",
1856                                 status, credentials, ctimesec / 31536000,
1857                                 (ctimesec % 31536000) / 86400, (ctimesec % 86400) / 3600,
1858                                 (ctimesec % 3600) / 60, ctimesec % 60);
1859         } else if (ctimesec > 86400) {
1860                 ast_cli(a->fd, "%s%s for %d days, %d hours, %d minutes, %d seconds.\n",
1861                                 status, credentials, ctimesec / 86400, (ctimesec % 86400) / 3600,
1862                                 (ctimesec % 3600) / 60, ctimesec % 60);
1863         } else if (ctimesec > 3600) {
1864                 ast_cli(a->fd, "%s%s for %d hours, %d minutes, %d seconds.\n",
1865                                 status, credentials, ctimesec / 3600, (ctimesec % 3600) / 60,
1866                                 ctimesec % 60);
1867         } else if (ctimesec > 60) {
1868                 ast_cli(a->fd, "%s%s for %d minutes, %d seconds.\n", status, credentials,
1869                                         ctimesec / 60, ctimesec % 60);
1870         } else {
1871                 ast_cli(a->fd, "%s%s for %d seconds.\n", status, credentials, ctimesec);
1872         }
1873
1874         return CLI_SUCCESS;
1875 }
1876
1877 /*! \brief Module Information
1878  *
1879  */
1880 AST_MODULE_INFO(ASTERISK_GPL_KEY, AST_MODFLAG_LOAD_ORDER, "LDAP realtime interface",
1881         .load = load_module,
1882         .unload = unload_module,
1883         .reload = reload,
1884         .load_pri = AST_MODPRI_REALTIME_DRIVER,
1885 );