b5690b7b4da75d4a8d710d708d86e5ae8317fc8b
[asterisk/asterisk.git] / res / res_config_ldap.c
1 /*
2  * Asterisk -- A telephony toolkit for Linux.
3  *
4  * Copyright (C) 2005, Oxymium sarl
5  * Manuel Guesdon <mguesdon@oxymium.net> - LDAP RealTime Driver Author/Adaptor
6  *
7  * Copyright (C) 2007, Digium, Inc.
8  * Russell Bryant <russell@digium.com>
9  *
10  * See http://www.asterisk.org for more information about
11  * the Asterisk project. Please do not directly contact
12  * any of the maintainers of this project for assistance;
13  * the project provides a web site, mailing lists and IRC
14  * channels for your use.
15  *
16  * This program is free software, distributed under the terms of
17  * the GNU General Public License Version 2. See the LICENSE file
18  * at the top of the source tree.
19  *
20  */
21
22 /*! \file
23  *
24  * \brief ldap plugin for portable configuration engine (ARA)
25  *
26  * \author Mark Spencer <markster@digium.com>
27  * \author Manuel Guesdon
28  * \author Carl-Einar Thorner <cthorner@voicerd.com>
29  * \author Russell Bryant <russell@digium.com>
30  *
31  * \arg http://www.openldap.org
32  */
33
34 /*** MODULEINFO
35         <depend>ldap</depend>
36  ***/
37
38 #include "asterisk.h"
39
40 #include <stdlib.h>
41 #include <string.h>
42 #include <ctype.h>
43 #include <stdio.h>
44 #include <ldap.h>
45
46 ASTERISK_FILE_VERSION(__FILE__, "$Revision$")
47
48 #include "asterisk/channel.h"
49 #include "asterisk/logger.h"
50 #include "asterisk/config.h"
51 #include "asterisk/module.h"
52 #include "asterisk/lock.h"
53 #include "asterisk/options.h"
54 #include "asterisk/cli.h"
55 #include "asterisk/utils.h"
56 #include "asterisk/strings.h"
57 #include "asterisk/pbx.h"
58 #include "asterisk/linkedlists.h"
59
60 #define RES_CONFIG_LDAP_CONF "res_ldap.conf"
61 #define RES_CONFIG_LDAP_DEFAULT_BASEDN "asterisk"
62
63 AST_MUTEX_DEFINE_STATIC(ldap_lock);
64
65 static LDAP *ldapConn;
66 static char url[512];
67 static char user[512];
68 static char pass[50];
69 static char base_distinguished_name[512];
70 static int version = 3;
71 static time_t connect_time;
72
73 static int parse_config(void);
74 static int ldap_reconnect(void);
75 static char *realtime_ldap_status(struct ast_cli_entry *e, int cmd, struct ast_cli_args *a);
76
77 struct category_and_metric {
78         const char *name;
79         int metric;
80         const char *variable_name;
81         const char *variable_value;
82         int var_metric; /*!< For organizing variables (particularly includes and switch statments) within a context */
83 };
84
85 /*! \brief Table configuration */
86 struct ldap_table_config {
87         char *table_name;                 /*!< table name */
88         char *additional_filter;          /*!< additional filter        */
89         struct ast_variable *attributes;  /*!< attribute names conversion */
90         struct ast_variable *delimiters;  /*!< the current delimiter is semicolon, so we are not using this variable */
91         AST_LIST_ENTRY(ldap_table_config) entry;
92         /* TODO: Make proxies work */
93 };
94
95 /*! \brief Should be locked before using it */
96 static AST_LIST_HEAD_NOLOCK_STATIC(table_configs, ldap_table_config);
97 static struct ldap_table_config *base_table_config;
98 static struct ldap_table_config *static_table_config;
99
100 static struct ast_cli_entry ldap_cli[] = {
101         AST_CLI_DEFINE(realtime_ldap_status, "Shows connection information for the LDAP RealTime driver"),
102 };
103
104 /*! \brief Create a new table_config */
105 static struct ldap_table_config *table_config_new(const char *table_name)
106 {
107         struct ldap_table_config *p;
108
109         if (!(p = ast_calloc(1, sizeof(*p))))
110                 return NULL;
111
112         if (table_name) {
113                 if (!(p->table_name = ast_strdup(table_name))) {
114                         free(p);
115                         return NULL;
116                 }
117         }
118
119         return p;
120 }
121
122 /*! \brief Find a table_config - Should be locked before using it 
123  *  \note This function assumes ldap_lock to be locked. */
124 static struct ldap_table_config *table_config_for_table_name(const char *table_name)
125 {
126         struct ldap_table_config *c = NULL;
127
128         AST_LIST_TRAVERSE(&table_configs, c, entry) {
129                 if (!strcmp(c->table_name, table_name))
130                         break;
131         }
132
133         return c;
134 }
135
136 /*! \brief Find variable by name */
137 static struct ast_variable *variable_named(struct ast_variable *var, const char *name)
138 {
139         for (; var; var = var->next) {
140                 if (!strcasecmp(name, var->name))
141                         break;
142         }
143
144         return var;
145 }
146
147 /*! \brief for the semicolon delimiter
148         \param somestr - pointer to a string
149
150         \return number of occurances of the delimiter(semicolon)
151  */
152 static int semicolon_count_str(const char *somestr)
153 {
154         int count = 0;
155
156         for (; *somestr; somestr++) {
157                 if (*somestr == ';')
158                         count++;
159         }
160
161         return count;
162
163
164 /* takes a linked list of \a ast_variable variables, finds the one with the name variable_value
165  * and returns the number of semicolons in the value for that \a ast_variable
166  */
167 static int semicolon_count_var(struct ast_variable *var)
168 {
169         struct ast_variable *var_value = variable_named(var, "variable_value");
170
171         if (!var_value)
172                 return 0;
173
174         ast_debug(1, "LINE(%d) semicolon_count_var: %s\n", __LINE__, var_value->value);
175
176         return semicolon_count_str(var_value->value);
177 }
178
179 /*! \brief add attribute to table config - Should be locked before using it */
180 static void ldap_table_config_add_attribute(struct ldap_table_config *table_config,
181         const char *attribute_name, const char *attribute_value)
182 {
183         struct ast_variable *var;
184
185         if (ast_strlen_zero(attribute_name) || ast_strlen_zero(attribute_value))
186                 return;
187
188         if (!(var = ast_variable_new(attribute_name, attribute_value, table_config->table_name)))
189                 return;
190
191         if (table_config->attributes)
192                 var->next = table_config->attributes;
193         table_config->attributes = var;
194 }
195
196 /*! \brief Free table_config 
197  *  \note assumes ldap_lock to be locked */
198 static void table_configs_free(void)
199 {
200         struct ldap_table_config *c;
201
202         while ((c = AST_LIST_REMOVE_HEAD(&table_configs, entry))) {
203                 if (c->table_name)
204                         free(c->table_name);
205                 if (c->additional_filter)
206                         free(c->additional_filter);
207                 if (c->attributes)
208                         ast_variables_destroy(c->attributes);
209                 free(c);
210         }
211
212         base_table_config = NULL;
213         static_table_config = NULL;
214 }
215
216 /*! \brief Convert variable name to ldap attribute name - Should be locked before using it */
217 static const char *convert_attribute_name_to_ldap(struct ldap_table_config *table_config,
218         const char *attribute_name)
219 {
220         int i = 0;
221         struct ldap_table_config *configs[] = { table_config, base_table_config };
222
223         for (i = 0; i < ARRAY_LEN(configs); i++) {
224                 struct ast_variable *attribute;
225
226                 if (!configs[i])
227                         continue;
228
229                 attribute = configs[i]->attributes;
230                 for (; attribute; attribute = attribute->next) {
231                         if (!strcasecmp(attribute_name, attribute->name))
232                                 return attribute->value;
233                 }
234         }
235
236         return attribute_name;
237 }
238
239 /*! \brief Convert ldap attribute name to variable name - Should be locked before using it */
240 static const char *convert_attribute_name_from_ldap(struct ldap_table_config *table_config,
241                                                     const char *attribute_name)
242 {
243         int i = 0;
244         struct ldap_table_config *configs[] = { table_config, base_table_config };
245
246         for (i = 0; i < ARRAY_LEN(configs); i++) {
247                 struct ast_variable *attribute;
248
249                 if (!configs[i])
250                         continue;
251
252                 attribute = configs[i]->attributes;
253                 for (; attribute; attribute = attribute->next) {
254                         if (strcasecmp(attribute_name, attribute->value) == 0)
255                                 return attribute->name;
256                 }
257         }
258
259         return attribute_name;
260 }
261
262 /*! \brief Get variables from ldap entry attributes - Should be locked before using it
263  * \return a linked list of ast_variable variables.
264  **/
265 static struct ast_variable *realtime_ldap_entry_to_var(struct ldap_table_config *table_config,
266         LDAPMessage *ldap_entry)
267 {
268         BerElement *ber = NULL;
269         struct ast_variable *var = NULL;
270         struct ast_variable *prev = NULL;
271         int is_delimited = 0;
272         int i = 0;
273         char *ldap_attribute_name;
274         struct berval *value;
275         int pos = 0;
276
277         ldap_attribute_name = ldap_first_attribute(ldapConn, ldap_entry, &ber);
278
279         while (ldap_attribute_name) {
280                 struct berval **values = NULL;
281                 const char *attribute_name = convert_attribute_name_from_ldap(table_config, ldap_attribute_name);
282                 int is_realmed_password_attribute = strcasecmp(attribute_name, "md5secret") == 0;
283
284                 values = ldap_get_values_len(ldapConn, ldap_entry, ldap_attribute_name); /* these are freed at the end */
285                 if (values) {
286                         struct berval **v;
287                         char *valptr;
288
289                         for (v = values; *v; v++) {
290                                 value = *v;
291                                 valptr = value->bv_val;
292                                 ast_debug(2, "LINE(%d) attribute_name: %s LDAP value: %s\n", __LINE__, attribute_name, valptr);
293                                 if (is_realmed_password_attribute) {
294                                         if (!strncasecmp(valptr, "{md5}", 5)) {
295                                                 valptr += 5;
296                                         } else {
297                                                 valptr = NULL;
298                                         }
299                                         ast_debug(2, "md5: %s\n", valptr);
300                                 }
301                                 if (valptr) {
302                                         /* ok, so looping through all delimited values except the last one (not, last character is not delimited...) */
303                                         if (is_delimited) {
304                                                 i = 0;
305                                                 pos = 0;
306                                                 while (!ast_strlen_zero(valptr + i)) {
307                                                         if (valptr[i] == ';'){
308                                                                 valptr[i] = '\0';
309                                                                 if (prev) {
310                                                                         prev->next = ast_variable_new(attribute_name, &valptr[pos], table_config->table_name);
311                                                                         if (prev->next) {
312                                                                                 prev = prev->next;
313                                                                         }
314                                                                 } else {
315                                                                         prev = var = ast_variable_new(attribute_name, &valptr[pos], table_config->table_name);
316                                                                 }
317                                                                 pos = i + 1;
318                                                         }
319                                                         i++;
320                                                 }
321                                         }
322                                         /* for the last delimited value or if the value is not delimited: */
323                                         if (prev) {
324                                                 prev->next = ast_variable_new(attribute_name, &valptr[pos], table_config->table_name);
325                                                 if (prev->next) {
326                                                         prev = prev->next;
327                                                 }
328                                         } else {
329                                                 prev = var = ast_variable_new(attribute_name, &valptr[pos], table_config->table_name);
330                                         }
331                                 }
332                         }
333                         ldap_value_free_len(values);
334                 }
335                 ldap_attribute_name = ldap_next_attribute(ldapConn, ldap_entry, ber);
336         }
337         ber_free(ber, 0);
338
339         return var;
340 }
341
342 /*! \brief Get variables from ldap entry attributes - Should be locked before using it
343  *
344  * The results are freed outside this function so is the \a vars array.
345  *      
346  * \return \a vars - an array of ast_variable variables terminated with a null.
347  **/
348 static struct ast_variable **realtime_ldap_result_to_vars(struct ldap_table_config *table_config,
349         LDAPMessage *ldap_result_msg, unsigned int *entries_count_ptr)
350 {
351         struct ast_variable **vars;
352         int i = 0;
353         int tot_count = 0;
354         int entry_index = 0;
355         LDAPMessage *ldap_entry = NULL;
356         BerElement *ber = NULL;
357         struct ast_variable *var = NULL;
358         struct ast_variable *prev = NULL;
359         int is_delimited = 0;
360         char *delim_value = NULL;
361         int delim_tot_count = 0;
362         int delim_count = 0;
363
364         /* First find the total count */
365         ldap_entry = ldap_first_entry(ldapConn, ldap_result_msg);
366
367         for (tot_count = 0; ldap_entry; tot_count++){ 
368                 tot_count += semicolon_count_var(realtime_ldap_entry_to_var(table_config, ldap_entry));
369                 ldap_entry = ldap_next_entry(ldapConn, ldap_entry);
370         }
371
372         if (entries_count_ptr)
373                 *entries_count_ptr = tot_count;
374         /* Now that we have the total count we allocate space and create the variables
375          * Remember that each element in vars is a linked list that points to realtime variable.
376          * If the we are dealing with a static realtime variable we create a new element in the \a vars array for each delimited
377          * value in \a variable_value; otherwise, we keep \a vars static and increase the length of the linked list of variables in the array element.
378          * This memory must be freed outside of this function. */
379         vars = ast_calloc(sizeof(struct ast_variable *), tot_count + 1);
380
381         ldap_entry = ldap_first_entry(ldapConn, ldap_result_msg);
382
383         i = 0;
384
385         /* For each static realtime variable we may create several entries in the \a vars array if it's delimited */
386         for (entry_index = 0; ldap_entry; ) { 
387                 int pos = 0;
388                 delim_value = NULL;
389                 delim_tot_count = 0;
390                 delim_count = 0;
391                 
392                 do { /* while delim_count */
393
394                         /* Starting new static var */
395                         char *ldap_attribute_name = ldap_first_attribute(ldapConn, ldap_entry, &ber);
396                         struct berval *value;
397                         while (ldap_attribute_name) {
398                         
399                                 const char *attribute_name =
400                                         convert_attribute_name_from_ldap(table_config, ldap_attribute_name);
401                                 int is_realmed_password_attribute = strcasecmp(attribute_name, "md5secret") == 0;
402                                 struct berval **values = NULL;
403
404                                 values = ldap_get_values_len(ldapConn, ldap_entry, ldap_attribute_name);
405                                 if (values) {
406                                         struct berval **v;
407                                         char *valptr;
408
409                                         for (v = values; *v; v++) {
410                                                 value = *v;
411                                                 valptr = value->bv_val;
412                                                 if (is_realmed_password_attribute) {
413                                                         if (strncasecmp(valptr, "{md5}", 5) == 0) {
414                                                                 valptr += 5;
415                                                         } else {
416                                                                 valptr = NULL;
417                                                         }
418                                                         ast_debug(2, "md5: %s\n", valptr);
419                                                 }
420                                                 if (valptr) {
421                                                         if (delim_value == NULL 
422                                                                 && !is_realmed_password_attribute 
423                                                                 && (static_table_config != table_config || strcmp(attribute_name, "variable_value") == 0)) {
424
425                                                                 delim_value = ast_strdup(valptr);
426
427                                                                 if ((delim_tot_count = semicolon_count_str(delim_value)) > 0) {
428                                                                         ast_debug(4, "LINE(%d) is delimited %d times: %s\n", __LINE__, delim_tot_count, delim_value);
429                                                                         is_delimited = 1;
430                                                                 }
431                                                         }
432
433                                                         if (is_delimited != 0 
434                                                                 && !is_realmed_password_attribute 
435                                                                 && (static_table_config != table_config || strcmp(attribute_name, "variable_value") == 0) ) {
436                                                                 /* for non-Static RealTime, first */
437
438                                                                 for (i = pos; !ast_strlen_zero(valptr + i); i++) {
439                                                                         ast_debug(4, "LINE(%d) DELIM pos: %d i: %d\n", __LINE__, pos, i);
440                                                                         if (delim_value[i] == ';') {
441                                                                                 delim_value[i] = '\0';
442
443                                                                                 ast_debug(2, "LINE(%d) DELIM - attribute_name: %s value: %s pos: %d\n", __LINE__, attribute_name, &delim_value[pos], pos);
444                                                         
445                                                                                 if (prev) {
446                                                                                         prev->next = ast_variable_new(attribute_name, &delim_value[pos], table_config->table_name);
447                                                                                         if (prev->next) {
448                                                                                                 prev = prev->next;
449                                                                                         }
450                                                                                 } else {
451                                                                                         prev = var = ast_variable_new(attribute_name, &delim_value[pos], table_config->table_name);
452                                                                                 }
453                                                                                 pos = i + 1;
454
455                                                                                 if (static_table_config == table_config) {
456                                                                                         break;
457                                                                                 }
458                                                                         }
459                                                                 }
460                                                                 if (ast_strlen_zero(valptr + i)) {
461                                                                         ast_debug(4, "LINE(%d) DELIM pos: %d i: %d delim_count: %d\n", __LINE__, pos, i, delim_count);
462                                                                         /* Last delimited value */
463                                                                         ast_debug(4, "LINE(%d) DELIM - attribute_name: %s value: %s pos: %d\n", __LINE__, attribute_name, &delim_value[pos], pos);
464                                                                         if (prev) {
465                                                                                 prev->next = ast_variable_new(attribute_name, &delim_value[pos], table_config->table_name);
466                                                                                 if (prev->next) {
467                                                                                         prev = prev->next;
468                                                                                 }
469                                                                         } else {
470                                                                                 prev = var = ast_variable_new(attribute_name, &delim_value[pos], table_config->table_name);
471                                                                         }
472                                                                         /* Remembering to free memory */
473                                                                         is_delimited = 0;
474                                                                         pos = 0;
475                                                                 }
476                                                                 free(delim_value);
477                                                                 delim_value = NULL;
478                                                                 
479                                                                 ast_debug(4, "LINE(%d) DELIM pos: %d i: %d\n", __LINE__, pos, i);
480                                                         } else {
481                                                                 /* not delimited */
482                                                                 if (delim_value) {
483                                                                         free(delim_value);
484                                                                         delim_value = NULL;
485                                                                 }
486                                                                 ast_debug(2, "LINE(%d) attribute_name: %s value: %s\n", __LINE__, attribute_name, valptr);
487
488                                                                 if (prev) {
489                                                                         prev->next = ast_variable_new(attribute_name, valptr, table_config->table_name);
490                                                                         if (prev->next) {
491                                                                                 prev = prev->next;
492                                                                         }
493                                                                 } else {
494                                                                         prev = var = ast_variable_new(attribute_name, valptr, table_config->table_name);
495                                                                 }
496                                                         }
497                                                 }
498                                         } /*!< for (v = values; *v; v++) */
499                                         ldap_value_free_len(values);
500                                 }/*!< if (values) */
501                                 ldap_attribute_name = ldap_next_attribute(ldapConn, ldap_entry, ber);
502                         } /*!< while (ldap_attribute_name) */
503                         ber_free(ber, 0);
504                         if (static_table_config == table_config) {
505                                 if (option_debug > 2) {
506                                         const struct ast_variable *tmpdebug = variable_named(var, "variable_name");
507                                         const struct ast_variable *tmpdebug2 = variable_named(var, "variable_value");
508                                         if (tmpdebug && tmpdebug2) {
509                                                 ast_debug(3, "LINE(%d) Added to vars - %s = %s\n", __LINE__, tmpdebug->value, tmpdebug2->value);
510                                         }
511                                 }
512                                 vars[entry_index++] = var;
513                                 prev = NULL;
514                         }
515
516                         delim_count++;
517                 } while (delim_count <= delim_tot_count && static_table_config == table_config);
518
519                 if (static_table_config != table_config) {
520                         ast_debug(3, "LINE(%d) Added to vars - non static\n", __LINE__);
521                                 
522                         vars[entry_index++] = var;
523                         prev = NULL;
524                 }
525                 ldap_entry = ldap_next_entry(ldapConn, ldap_entry);
526         } /*!< end for loop over ldap_entry */
527
528         return vars;
529 }
530
531
532 static int is_ldap_connect_error(int err)
533 {
534         return (err == LDAP_SERVER_DOWN
535                         || err == LDAP_TIMEOUT || err == LDAP_CONNECT_ERROR);
536 }
537
538 /*! \brief Get LDAP entry by dn and return attributes as variables  - Should be locked before using it 
539         This is used for setting the default values of an object(i.e., with accountBaseDN)
540 */
541 static struct ast_variable *ldap_loadentry(struct ldap_table_config *table_config,
542                                            const char *dn)
543 {
544         if (!table_config) {
545                 ast_log(LOG_ERROR, "No table config\n");
546                 return NULL;
547         } else {
548                 struct ast_variable **vars = NULL;
549                 struct ast_variable *var = NULL;
550                 int result = -1;
551                 LDAPMessage *ldap_result_msg = NULL;
552                 int tries = 0;
553
554                 ast_debug(2, "ldap_loadentry dn=%s\n", dn);
555
556                 do {
557                         result = ldap_search_ext_s(ldapConn, dn, LDAP_SCOPE_BASE,
558                                            "(objectclass=*)", NULL, 0, NULL, NULL, NULL, LDAP_NO_LIMIT, &ldap_result_msg);
559                         if (result != LDAP_SUCCESS && is_ldap_connect_error(result)) {
560                                 ast_log(LOG_WARNING,
561                                         "Failed to query database. Try %d/3\n",
562                                         tries + 1);
563                                 tries++;
564                                 if (tries < 3) {
565                                         usleep(500000L * tries);
566                                         if (ldapConn) {
567                                                 ldap_unbind_ext_s(ldapConn, NULL, NULL);
568                                                 ldapConn = NULL;
569                                         }
570                                         if (!ldap_reconnect())
571                                                 break;
572                                 }
573                         }
574                 } while (result != LDAP_SUCCESS && tries < 3 && is_ldap_connect_error(result));
575
576                 if (result != LDAP_SUCCESS) {
577                         ast_log(LOG_WARNING,
578                                         "Failed to query database. Check debug for more info.\n");
579                         ast_debug(2, "dn=%s\n", dn);
580                         ast_debug(2, "Query Failed because: %s\n",
581                                 ldap_err2string(result));
582                         ast_mutex_unlock(&ldap_lock);
583                         return NULL;
584                 } else {
585                         int num_entry = 0;
586                         unsigned int *entries_count_ptr = NULL; /*!< not using this */
587                         if ((num_entry = ldap_count_entries(ldapConn, ldap_result_msg)) > 0) {
588                                 ast_debug(3, "num_entry: %d\n", num_entry);
589
590                                 vars = realtime_ldap_result_to_vars(table_config, ldap_result_msg, entries_count_ptr);
591                                 if (num_entry > 1)
592                                         ast_log(LOG_NOTICE, "More than one entry for dn=%s. Take only 1st one\n", dn);
593                         } else {
594                                 ast_debug(2, "Could not find any entry dn=%s.\n", dn);
595                         }
596                 }
597                 ldap_msgfree(ldap_result_msg);
598
599                 /* Chopping \a vars down to one variable */
600                 if (vars != NULL) {
601                         struct ast_variable **p = vars;
602                         p++;
603                         var = *p;
604                         while (var) {
605                                 ast_variables_destroy(var);
606                                 p++;
607                         }
608                         vars = ast_realloc(vars, sizeof(struct ast_variable *));
609                 }
610
611                 var = *vars;
612
613                 return var;
614         }
615 }
616
617 /*! \brief caller should free returned pointer */
618 static char *substituted(struct ast_channel *channel, const char *string)
619 {
620 #define MAXRESULT       2048
621         char *ret_string = NULL;
622
623         if (!ast_strlen_zero(string)) {
624                 ret_string = ast_calloc(1, MAXRESULT);
625                 pbx_substitute_variables_helper(channel, string, ret_string, MAXRESULT - 1);
626         }
627         ast_debug(2, "substituted: string: '%s' => '%s' \n",
628                 string, ret_string);
629         return ret_string;
630 }
631
632 /*! \brief caller should free returned pointer */
633 static char *cleaned_basedn(struct ast_channel *channel, const char *basedn)
634 {
635         char *cbasedn = NULL;
636         if (basedn) {
637                 char *p = NULL;
638                 cbasedn = substituted(channel, basedn);
639                 if (*cbasedn == '"') {
640                         cbasedn++;
641                         if (!ast_strlen_zero(cbasedn)) {
642                                 int len = strlen(cbasedn);
643                                 if (cbasedn[len - 1] == '"')
644                                         cbasedn[len - 1] = '\0';
645
646                         }
647                 }
648                 p = cbasedn;
649                 while (*p) {
650                         if (*p == '|')
651                                 *p = ',';
652                         p++;
653                 }
654         }
655         ast_debug(2, "basedn: '%s' => '%s' \n", basedn, cbasedn);
656         return cbasedn;
657 }
658
659 /*! \brief Replace \<search\> by \<by\> in string. No check is done on string allocated size ! */
660 static int replace_string_in_string(char *string, const char *search, const char *by)
661 {
662         int search_len = strlen(search);
663         int by_len = strlen(by);
664         int replaced = 0;
665         char *p = strstr(string, search);
666         if (p) {
667                 replaced = 1;
668                 while (p) {
669                         if (by_len == search_len)
670                                 memcpy(p, by, by_len);
671                         else {
672                                 memmove(p + by_len, p + search_len,
673                                                 strlen(p + search_len) + 1);
674                                 memcpy(p, by, by_len);
675                         }
676                         p = strstr(p + by_len, search);
677                 }
678         }
679         return replaced;
680 }
681
682 /*! \brief Append a name=value filter string. The filter string can grow. */
683 static void append_var_and_value_to_filter(struct ast_str **filter,
684         struct ldap_table_config *table_config,
685         const char *name, const char *value)
686 {
687         char *new_name = NULL;
688         char *new_value = NULL;
689         char *like_pos = strstr(name, " LIKE");
690
691         ast_debug(2, "name='%s' value='%s'\n", name, value);
692
693         if (like_pos) {
694                 int len = like_pos - name;
695                 name = new_name = ast_strdupa(name);
696                 new_name[len] = '\0';
697                 value = new_value = ast_strdupa(value);
698                 replace_string_in_string(new_value, "\\_", "_");
699                 replace_string_in_string(new_value, "%", "*");
700         }
701
702         name = convert_attribute_name_to_ldap(table_config, name);
703
704         ast_str_append(filter, 0, "(%s=%s)", name, value);
705 }
706
707 /*! \brief LDAP base function 
708  * \return a null terminated array of ast_variable (one per entry) or NULL if no entry is found or if an error occured
709  * caller should free the returned array and ast_variables
710  * \param entries_count_ptr is a pointer to found entries count (can be NULL)
711  * \param basedn is the base DN
712  * \param table_name is the table_name (used dor attribute convertion and additional filter)
713  * \param ap contains null terminated list of pairs name/value
714 */
715 static struct ast_variable **realtime_ldap_base_ap(unsigned int *entries_count_ptr,
716         const char *basedn, const char *table_name, va_list ap)
717 {
718         struct ast_variable **vars = NULL;
719         const char *newparam = NULL;
720         const char *newval = NULL;
721         struct ldap_table_config *table_config = NULL;
722         char *clean_basedn = cleaned_basedn(NULL, basedn);
723         struct ast_str *filter = NULL;
724         int tries = 0;
725         int result = 0;
726         LDAPMessage *ldap_result_msg = NULL;
727
728         if (!table_name) {
729                 ast_log(LOG_WARNING, "No table_name specified.\n");
730                 ast_free(clean_basedn);
731                 return NULL;
732         } 
733
734         if (!(filter = ast_str_create(80))) {
735                 ast_free(clean_basedn);
736                 return NULL;
737         }
738
739         /* Get the first parameter and first value in our list of passed paramater/value pairs  */
740         newparam = va_arg(ap, const char *);
741         newval = va_arg(ap, const char *);
742
743         if (!newparam || !newval) {
744                 ast_log(LOG_WARNING, "Realtime retrieval requires at least 1 parameter"
745                         " and 1 value to search on.\n");
746                 ast_free(filter);
747                 ast_free(clean_basedn);
748                 return NULL;
749         }
750
751         ast_mutex_lock(&ldap_lock);
752
753         /* We now have our complete statement; Lets connect to the server and execute it.  */
754         if (!ldap_reconnect()) {
755                 ast_mutex_unlock(&ldap_lock);
756                 ast_free(filter);
757                 ast_free(clean_basedn);
758                 return NULL;
759         }
760
761         table_config = table_config_for_table_name(table_name);
762         if (!table_config) {
763                 ast_log(LOG_WARNING, "No table named '%s'.\n", table_name);
764                 ast_mutex_unlock(&ldap_lock);
765                 ast_free(filter);
766                 ast_free(clean_basedn);
767                 return NULL;
768         }
769
770         ast_str_append(&filter, 0, "(&");
771
772         if (table_config && table_config->additional_filter)
773                 ast_str_append(&filter, 0, "%s", table_config->additional_filter);
774         if (table_config != base_table_config && base_table_config && 
775                 base_table_config->additional_filter) {
776                 ast_str_append(&filter, 0, "%s", base_table_config->additional_filter);
777         }
778
779         /* Create the first part of the query using the first parameter/value pairs we just extracted */
780         /*   If there is only 1 set, then we have our query. Otherwise, loop thru the list and concat */
781
782         append_var_and_value_to_filter(&filter, table_config, newparam, newval);
783         while ((newparam = va_arg(ap, const char *))) {
784                 newval = va_arg(ap, const char *);
785                 append_var_and_value_to_filter(&filter, table_config, newparam, newval);
786         }
787         ast_str_append(&filter, 0, ")");
788
789         do {
790                 /* freeing ldap_result further down */
791                 result = ldap_search_ext_s(ldapConn, clean_basedn,
792                                   LDAP_SCOPE_SUBTREE, filter->str, NULL, 0, NULL, NULL, NULL, LDAP_NO_LIMIT,
793                                   &ldap_result_msg);
794                 if (result != LDAP_SUCCESS && is_ldap_connect_error(result)) {
795                         ast_log(LOG_DEBUG, "Failed to query database. Try %d/10\n",
796                                 tries + 1);
797                         if (++tries < 10) {
798                                 usleep(1);
799                                 if (ldapConn) {
800                                         ldap_unbind_ext_s(ldapConn, NULL, NULL);
801                                         ldapConn = NULL;
802                                 }
803                                 if (!ldap_reconnect())
804                                         break;
805                         }
806                 }
807         } while (result != LDAP_SUCCESS && tries < 10 && is_ldap_connect_error(result));
808
809         if (result != LDAP_SUCCESS) {
810                 ast_log(LOG_WARNING, "Failed to query database. Check debug for more info.\n");
811                 ast_log(LOG_WARNING, "Query: %s\n", filter->str);
812                 ast_log(LOG_WARNING, "Query Failed because: %s\n", ldap_err2string(result));
813         } else {
814                 /* this is where we create the variables from the search result 
815                  * freeing this \a vars outside this function */
816                 if (ldap_count_entries(ldapConn, ldap_result_msg) > 0) {
817                         /* is this a static var or some other? they are handled different for delimited values */
818                         vars = realtime_ldap_result_to_vars(table_config, ldap_result_msg, entries_count_ptr);
819                 } else {
820                         ast_debug(1, "Could not find any entry matching %s in base dn %s.\n",
821                                 filter->str, clean_basedn);
822                 }
823
824                 ldap_msgfree(ldap_result_msg);
825
826                 /* TODO: get the default variables from the accountBaseDN, not implemented with delimited values */
827                 if (vars) {
828                         struct ast_variable **p = vars;
829                         while (*p) {
830                                 struct ast_variable *append_var = NULL;
831                                 struct ast_variable *tmp = *p;
832                                 while (tmp) {
833                                         if (strcasecmp(tmp->name, "accountBaseDN") == 0) {
834                                                 /* Get the variable to compare with for the defaults */
835                                                 struct ast_variable *base_var = ldap_loadentry(table_config, tmp->value);
836                                                 
837                                                 while (base_var) {
838                                                         struct ast_variable *next = base_var->next;
839                                                         struct ast_variable *test_var = *p;
840                                                         int base_var_found = 0;
841
842                                                         /* run throught the default values and fill it inn if it is missing */
843                                                         while (test_var) {
844                                                                 if (strcasecmp(test_var->name, base_var->name) == 0) {
845                                                                         base_var_found = 1;
846                                                                         break;
847                                                                 } else
848                                                                         test_var = test_var->next;
849                                                         }
850                                                         if (base_var_found) {
851                                                                 base_var->next = NULL;
852                                                                 ast_variables_destroy(base_var);
853                                                                 base_var = next;
854                                                         } else {
855                                                                 if (append_var)
856                                                                         base_var->next = append_var;
857                                                                 else
858                                                                         base_var->next = NULL;
859                                                                 append_var = base_var;
860                                                                 base_var = next;
861                                                         }
862                                                 }
863                                         }
864                                         if (!tmp->next && append_var) {
865                                                 tmp->next = append_var;
866                                                 tmp = NULL;
867                                         } else
868                                                 tmp = tmp->next;
869                                 }
870                                 p++;
871                         }
872                 }
873         }
874
875         if (filter)
876                 ast_free(filter);
877
878         if (clean_basedn)
879                 ast_free(clean_basedn);
880
881         ast_mutex_unlock(&ldap_lock);
882
883         return vars;
884 }
885
886 /*! \brief same as realtime_ldap_base_ap but take variable arguments count list */
887 static struct ast_variable **realtime_ldap_base(unsigned int *entries_count_ptr,
888         const char *basedn, const char *table_name, ...)
889 {
890         struct ast_variable **vars = NULL;
891         va_list ap;
892
893         va_start(ap, table_name);
894         vars = realtime_ldap_base_ap(entries_count_ptr, basedn, table_name, ap);
895         va_end(ap);
896
897         return vars;
898 }
899
900 /*! \brief See Asterisk doc
901 *
902 * For Realtime Dynamic(i.e., switch, queues, and directory) -- I think
903 */
904 static struct ast_variable *realtime_ldap(const char *basedn,
905                                           const char *table_name, va_list ap)
906 {
907         struct ast_variable **vars = realtime_ldap_base_ap(NULL, basedn, table_name, ap);
908         struct ast_variable *var = NULL;
909
910         if (vars) {
911                 struct ast_variable *last_var = NULL;
912                 struct ast_variable **p = vars;
913                 while (*p) {
914                         if (last_var) {
915                                 while (last_var->next)
916                                         last_var = last_var->next;
917                                 last_var->next = *p;
918                         } else {
919                                 var = *p;
920                                 last_var = var;
921                         }
922                         p++;
923                 }
924                 free(vars);
925         }
926         return var;
927 }
928
929 /*! \brief See Asterisk doc
930 *
931 * this function will be called for the switch statment if no match is found with the realtime_ldap function(i.e. it is a failover);
932 * however, the ast_load_realtime wil match on wildcharacters also depending on what the mode is set to
933 * this is an area of asterisk that could do with a lot of modification
934 * I think this function returns Realtime dynamic objects
935 */
936 static struct ast_config *realtime_multi_ldap(const char *basedn,
937       const char *table_name, va_list ap)
938 {
939         struct ast_variable **vars =
940                 realtime_ldap_base_ap(NULL, basedn, table_name, ap);
941         struct ast_config *cfg = NULL;
942
943         if (vars) {
944                 cfg = ast_config_new();
945                 if (!cfg) {
946                         ast_log(LOG_ERROR, "Unable to create a config!\n");
947                 } else {
948                         struct ast_variable **p = vars;
949
950                         while (*p) {
951                                 struct ast_category *cat = NULL;
952                                 cat = ast_category_new("", table_name, -1);
953                                 if (!cat) {
954                                         ast_log(LOG_ERROR, "Unable to create a new category!\n");
955                                         break;
956                                 } else {
957                                         struct ast_variable *var = *p;
958                                         while (var) {
959                                                 struct ast_variable *next = var->next;
960                                                 var->next = NULL;
961                                                 ast_variable_append(cat, var);
962                                                 var = next;
963                                         }
964                                 }
965                                 ast_category_append(cfg, cat);
966                                 p++;
967                         }
968                 }
969                 free(vars);
970         }
971         return cfg;
972
973 }
974
975 /*! 
976  * \brief Sorting alogrithm for qsort to find the order of the variables \a a and \a b
977  * \param a pointer to category_and_metric struct
978  * \param b pointer to category_and_metric struct
979  *
980  * \retval -1 for if b is greater
981  * \retval 0 zero for equal
982  * \retval 1 if a is greater
983  */
984 static int compare_categories(const void *a, const void *b)
985 {
986         const struct category_and_metric *as = a;
987         const struct category_and_metric *bs = b;
988
989         if (as->metric < bs->metric)
990                 return -1;
991         else if (as->metric > bs->metric)
992                 return 1;
993         else if (as->metric == bs->metric && strcmp(as->name, bs->name) != 0)
994                 return strcmp(as->name, bs->name);
995
996         /* if the metric and the category name is the same, we check the variable metric */
997         if (as->var_metric < bs->var_metric)
998                 return -1;
999         else if (as->var_metric > bs->var_metric)
1000                 return 1;
1001
1002         return 0;
1003 }
1004
1005 /*! \brief See Asterisk doc
1006  *
1007 *       This is for Static Realtime (again: I think...)
1008 *       
1009 *       load the configuration stuff for the .conf files
1010 *       called on a reload
1011 */
1012 static struct ast_config *config_ldap(const char *basedn, const char *table_name,
1013         const char *file, struct ast_config *cfg, struct ast_flags config_flags, const char *sugg_incl, const char *who_asked)
1014 {
1015         unsigned int vars_count = 0;
1016         struct ast_variable **vars;
1017         int i = 0;
1018         struct ast_variable *new_v = NULL;
1019         struct ast_category *cur_cat = NULL;
1020         const char *last_category = NULL;
1021         int last_category_metric = 0;
1022         struct category_and_metric *categories;
1023         struct ast_variable **p;
1024
1025         if (ast_strlen_zero(file) || !strcasecmp(file, RES_CONFIG_LDAP_CONF)) {
1026                 ast_log(LOG_ERROR, "Cannot configure myself.\n");
1027                 return NULL;
1028         }
1029
1030         vars = realtime_ldap_base(&vars_count, basedn, table_name, "filename",
1031                                 file, "commented", "FALSE", NULL);
1032
1033         if (!vars) {
1034                 ast_log(LOG_WARNING, "Could not find config '%s' in database.\n", file);
1035                 return NULL;
1036         }
1037
1038         /*!\note Since the items come back in random order, they need to be sorted
1039          * first, and since the data could easily exceed stack size, this is
1040          * allocated from the heap.
1041          */
1042         if (!(categories = ast_calloc(sizeof(*categories), vars_count)))
1043                 return NULL;
1044
1045         for (vars_count = 0, p = vars; *p; p++) {
1046                 struct ast_variable *category = variable_named(*p, "category");
1047                 struct ast_variable *cat_metric = variable_named(*p, "cat_metric");
1048                 struct ast_variable *var_name = variable_named(*p, "variable_name");
1049                 struct ast_variable *var_val = variable_named(*p, "variable_value");
1050                 struct ast_variable *var_metric = variable_named(*p, "var_metric");
1051                 struct ast_variable *dn = variable_named(*p, "dn");
1052                         
1053                 ast_debug(1, "category: %s\n", category->value);
1054                 ast_debug(1, "var_name: %s\n", var_name->value);
1055                 ast_debug(1, "var_val: %s\n", var_val->value);
1056                 ast_debug(1, "cat_metric: %s\n", cat_metric->value);
1057
1058                 if (!category) {
1059                         ast_log(LOG_ERROR,
1060                                         "No category name in entry '%s'  for file '%s'.\n",
1061                                         (dn ? dn->value : "?"), file);
1062                 } else if (!cat_metric) {
1063                         ast_log(LOG_ERROR,
1064                                         "No category metric in entry '%s'(category: %s) for file '%s'.\n",
1065                                         (dn ? dn->value : "?"), category->value, file);
1066                 } else if (!var_metric) {
1067                         ast_log(LOG_ERROR,
1068                                         "No variable metric in entry '%s'(category: %s) for file '%s'.\n",
1069                                         (dn ? dn->value : "?"), category->value, file);
1070                 } else if (!var_name) {
1071                         ast_log(LOG_ERROR,
1072                                         "No variable name in entry '%s' (category: %s metric: %s) for file '%s'.\n",
1073                                         (dn ? dn->value : "?"), category->value,
1074                                         cat_metric->value, file);
1075                 } else if (!var_val) {
1076                         ast_log(LOG_ERROR,
1077                                         "No variable value in entry '%s' (category: %s metric: %s variable: %s) for file '%s'.\n",
1078                                         (dn ? dn->value : "?"), category->value,
1079                                         cat_metric->value, var_name->value, file);
1080                 } else {
1081                         categories[vars_count].name = category->value;
1082                         categories[vars_count].metric = atoi(cat_metric->value);
1083                         categories[vars_count].variable_name = var_name->value;
1084                         categories[vars_count].variable_value = var_val->value;
1085                         categories[vars_count].var_metric = atoi(var_metric->value);
1086                         vars_count++;
1087                 }
1088         }
1089
1090         qsort(categories, vars_count, sizeof(*categories), compare_categories);
1091
1092         for (i = 0; i < vars_count; i++) {
1093                 if (!strcmp(categories[i].variable_name, "#include")) {
1094                         struct ast_flags flags = { 0 };
1095                         if (!ast_config_internal_load(categories[i].variable_value, cfg, flags, "", who_asked))
1096                                 break;
1097                         continue;
1098                 }
1099
1100                 if (!last_category || strcmp(last_category, categories[i].name) ||
1101                         last_category_metric != categories[i].metric) {
1102                         cur_cat = ast_category_new(categories[i].name, table_name, -1);
1103                         if (!cur_cat)
1104                                 break;
1105                         last_category = categories[i].name;
1106                         last_category_metric = categories[i].metric;
1107                         ast_category_append(cfg, cur_cat);
1108                 }
1109
1110                 if (!(new_v = ast_variable_new(categories[i].variable_name, categories[i].variable_value, table_name)))
1111                         break;
1112
1113                 ast_variable_append(cur_cat, new_v);
1114         }
1115
1116         free(vars);
1117         free(categories);
1118
1119         return cfg;
1120 }
1121
1122 /* \brief Function to update a set of values in ldap
1123 static
1124 */
1125 static int update_ldap(const char *basedn, const char *table_name, const char *attribute,
1126         const char *lookup, va_list ap)
1127 {
1128         int error = 0;
1129         LDAPMessage *ldap_entry = NULL;
1130         LDAPMod **ldap_mods;
1131         const char *newparam = NULL;
1132         const char *newval = NULL;
1133         char *dn;
1134         int num_entries = 0;
1135         int i = 0;
1136         int mods_size = 0;
1137         int mod_exists = 0;
1138         struct ldap_table_config *table_config = NULL;
1139         char *clean_basedn = NULL;
1140         struct ast_str *filter = NULL;
1141         int tries = 0;
1142         int result = 0;
1143         LDAPMessage *ldap_result_msg = NULL;
1144
1145         if (!table_name) {
1146                 ast_log(LOG_WARNING, "No table_name specified.\n");
1147                 return -1;
1148         } 
1149
1150         if (!(filter = ast_str_create(80)))
1151                 return -1;
1152
1153         if (!attribute || !lookup) {
1154                 ast_log(LOG_WARNING,
1155                                 "LINE(%d): search parameters are empty.\n", __LINE__);
1156                 return -1;
1157         }
1158         ast_mutex_lock(&ldap_lock);
1159
1160         /* We now have our complete statement; Lets connect to the server and execute it.  */
1161         if (!ldap_reconnect()) {
1162                 ast_mutex_unlock(&ldap_lock);
1163                 return -1;
1164         }
1165
1166         table_config = table_config_for_table_name(table_name);
1167         if (!table_config) {
1168                 ast_log(LOG_WARNING, "No table named '%s'.\n", table_name);
1169                 ast_mutex_unlock(&ldap_lock);
1170                 return -1;
1171         }
1172
1173         clean_basedn = cleaned_basedn(NULL, basedn);
1174
1175         /* Create the filter with the table additional filter and the parameter/value pairs we were given */
1176         ast_str_append(&filter, 0, "(&");
1177         if (table_config && table_config->additional_filter) {
1178                 ast_str_append(&filter, 0, "%s", table_config->additional_filter);
1179         }
1180         if (table_config != base_table_config && base_table_config
1181                 && base_table_config->additional_filter) {
1182                 ast_str_append(&filter, 0, "%s", base_table_config->additional_filter);
1183         }
1184         append_var_and_value_to_filter(&filter, table_config, attribute, lookup);
1185         ast_str_append(&filter, 0, ")");
1186
1187         /* Create the modification array with the parameter/value pairs we were given, 
1188          * if there are several parameters with the same name, we collect them into 
1189          * one parameter/value pair and delimit them with a semicolon */
1190         newparam = va_arg(ap, const char *);
1191         newparam = convert_attribute_name_to_ldap(table_config, newparam);
1192         newval = va_arg(ap, const char *);
1193         if (!newparam || !newval) {
1194                 ast_log(LOG_WARNING,
1195                                 "LINE(%d): need at least one parameter to modify.\n", __LINE__);
1196                 return -1;
1197         }
1198
1199         mods_size = 2; /* one for the first param/value pair and one for the the terminating NULL */
1200         ldap_mods = ast_calloc(sizeof(LDAPMod *), mods_size);
1201         ldap_mods[0] = ast_calloc(1, sizeof(LDAPMod));
1202
1203         ldap_mods[0]->mod_op = LDAP_MOD_REPLACE;
1204         ldap_mods[0]->mod_type = ast_calloc(sizeof(char), strlen(newparam) + 1);
1205         strcpy(ldap_mods[0]->mod_type, newparam);
1206
1207         ldap_mods[0]->mod_values = ast_calloc(sizeof(char), 2);
1208         ldap_mods[0]->mod_values[0] = ast_calloc(sizeof(char), strlen(newval) + 1);
1209         strcpy(ldap_mods[0]->mod_values[0], newval);
1210
1211         while ((newparam = va_arg(ap, const char *))) {
1212                 newparam = convert_attribute_name_to_ldap(table_config, newparam);
1213                 newval = va_arg(ap, const char *);
1214                 mod_exists = 0;
1215
1216                 for (i = 0; i < mods_size - 1; i++) {
1217                         if (ldap_mods[i]&& !strcmp(ldap_mods[i]->mod_type, newparam)) {
1218                                 /* We have the parameter allready, adding the value as a semicolon delimited value */
1219                                 ldap_mods[i]->mod_values[0] = ast_realloc(ldap_mods[i]->mod_values[0], sizeof(char) * (strlen(ldap_mods[i]->mod_values[0]) + strlen(newval) + 2));
1220                                 strcat(ldap_mods[i]->mod_values[0], ";");
1221                                 strcat(ldap_mods[i]->mod_values[0], newval);
1222                                 mod_exists = 1; 
1223                                 break;
1224                         }
1225                 }
1226
1227                 /* create new mod */
1228                 if (!mod_exists) {
1229                         mods_size++;
1230                         ldap_mods = ast_realloc(ldap_mods, sizeof(LDAPMod *) * mods_size);
1231                         ldap_mods[mods_size - 1] = NULL;
1232                         ldap_mods[mods_size - 2] = ast_calloc(1, sizeof(LDAPMod));
1233
1234                         ldap_mods[mods_size - 2]->mod_op = LDAP_MOD_REPLACE;
1235
1236                         ldap_mods[mods_size - 2]->mod_type = ast_calloc(sizeof(char), strlen(newparam) + 1);
1237                         strcpy(ldap_mods[mods_size - 2]->mod_type, newparam);
1238
1239                         ldap_mods[mods_size - 2]->mod_values = ast_calloc(sizeof(char *), 2);
1240                         ldap_mods[mods_size - 2]->mod_values[0] = ast_calloc(sizeof(char), strlen(newval) + 1);
1241                         strcpy(ldap_mods[mods_size - 2]->mod_values[0], newval);
1242                 }
1243         }
1244         /* freeing ldap_mods further down */
1245
1246         do {
1247                 /* freeing ldap_result further down */
1248                 result = ldap_search_ext_s(ldapConn, clean_basedn,
1249                                   LDAP_SCOPE_SUBTREE, filter->str, NULL, 0, NULL, NULL, NULL, LDAP_NO_LIMIT,
1250                                   &ldap_result_msg);
1251                 if (result != LDAP_SUCCESS && is_ldap_connect_error(result)) {
1252                         ast_log(LOG_WARNING, "Failed to query database. Try %d/3\n",
1253                                 tries + 1);
1254                         tries++;
1255                         if (tries < 3) {
1256                                 usleep(500000L * tries);
1257                                 if (ldapConn) {
1258                                         ldap_unbind_ext_s(ldapConn, NULL, NULL);
1259                                         ldapConn = NULL;
1260                                 }
1261                                 if (!ldap_reconnect())
1262                                         break;
1263                         }
1264                 }
1265         } while (result != LDAP_SUCCESS && tries < 3 && is_ldap_connect_error(result));
1266
1267         if (result != LDAP_SUCCESS) {
1268                 ast_log(LOG_WARNING, "Failed to query directory. Check debug for more info.\n");
1269                 ast_log(LOG_WARNING, "Query: %s\n", filter->str);
1270                 ast_log(LOG_WARNING, "Query Failed because: %s\n",
1271                         ldap_err2string(result));
1272
1273                 ast_mutex_unlock(&ldap_lock);
1274                 if (filter)
1275                         free(filter);
1276                 if (clean_basedn)
1277                         free(clean_basedn);
1278                 ldap_msgfree(ldap_result_msg);
1279                 ldap_mods_free(ldap_mods, 0);
1280                 return -1;
1281         }
1282         /* Ready to update */
1283         if ((num_entries = ldap_count_entries(ldapConn, ldap_result_msg)) > 0) {
1284                 ast_debug(3, "LINE(%d) Modifying %s=%s hits: %d\n", __LINE__, attribute, lookup, num_entries);
1285                 for (i = 0; option_debug > 2 && i < mods_size - 1; i++)
1286                         ast_debug(3, "LINE(%d) %s=%s \n", __LINE__, ldap_mods[i]->mod_type, ldap_mods[i]->mod_values[0]);
1287
1288                 ldap_entry = ldap_first_entry(ldapConn, ldap_result_msg);
1289
1290                 for (i = 0; ldap_entry; i++) { 
1291                         dn = ldap_get_dn(ldapConn, ldap_entry);
1292                         if ((error = ldap_modify_ext_s(ldapConn, dn, ldap_mods, NULL, NULL)) != LDAP_SUCCESS) 
1293                                 ast_log(LOG_ERROR, "Couldn't modify dn:%s because %s", dn, ldap_err2string(error));
1294
1295                         ldap_entry = ldap_next_entry(ldapConn, ldap_entry);
1296                 }
1297         }
1298
1299         ast_mutex_unlock(&ldap_lock);
1300         if (filter)
1301                 free(filter);
1302         if (clean_basedn)
1303                 free(clean_basedn);
1304         ldap_msgfree(ldap_result_msg);
1305         ldap_mods_free(ldap_mods, 0);
1306         return num_entries;
1307 }
1308
1309 static int update2_ldap(const char *basedn, const char *table_name, va_list ap)
1310 {
1311         int error = 0;
1312         LDAPMessage *ldap_entry = NULL;
1313         LDAPMod **ldap_mods;
1314         const char *newparam = NULL;
1315         const char *newval = NULL;
1316         char *dn;
1317         int num_entries = 0;
1318         int i = 0;
1319         int mods_size = 0;
1320         int mod_exists = 0;
1321         struct ldap_table_config *table_config = NULL;
1322         char *clean_basedn = NULL;
1323         struct ast_str *filter = NULL;
1324         int tries = 0;
1325         int result = 0;
1326         LDAPMessage *ldap_result_msg = NULL;
1327
1328         if (!table_name) {
1329                 ast_log(LOG_WARNING, "No table_name specified.\n");
1330                 return -1;
1331         } 
1332
1333         if (!(filter = ast_str_create(80)))
1334                 return -1;
1335
1336         ast_mutex_lock(&ldap_lock);
1337
1338         /* We now have our complete statement; Lets connect to the server and execute it.  */
1339         if (!ldap_reconnect()) {
1340                 ast_mutex_unlock(&ldap_lock);
1341                 ast_free(filter);
1342                 return -1;
1343         }
1344
1345         table_config = table_config_for_table_name(table_name);
1346         if (!table_config) {
1347                 ast_log(LOG_WARNING, "No table named '%s'.\n", table_name);
1348                 ast_mutex_unlock(&ldap_lock);
1349                 ast_free(filter);
1350                 return -1;
1351         }
1352
1353         clean_basedn = cleaned_basedn(NULL, basedn);
1354
1355         /* Create the filter with the table additional filter and the parameter/value pairs we were given */
1356         ast_str_append(&filter, 0, "(&");
1357         if (table_config && table_config->additional_filter) {
1358                 ast_str_append(&filter, 0, "%s", table_config->additional_filter);
1359         }
1360         if (table_config != base_table_config && base_table_config
1361                 && base_table_config->additional_filter) {
1362                 ast_str_append(&filter, 0, "%s", base_table_config->additional_filter);
1363         }
1364
1365         /* Get multiple lookup keyfields and values */
1366         while ((newparam = va_arg(ap, const char *))) {
1367                 newval = va_arg(ap, const char *);
1368                 append_var_and_value_to_filter(&filter, table_config, newparam, newval);
1369         }
1370         ast_str_append(&filter, 0, ")");
1371
1372         /* Create the modification array with the parameter/value pairs we were given, 
1373          * if there are several parameters with the same name, we collect them into 
1374          * one parameter/value pair and delimit them with a semicolon */
1375         newparam = va_arg(ap, const char *);
1376         newparam = convert_attribute_name_to_ldap(table_config, newparam);
1377         newval = va_arg(ap, const char *);
1378         if (!newparam || !newval) {
1379                 ast_log(LOG_WARNING,
1380                                 "LINE(%d): need at least one parameter to modify.\n", __LINE__);
1381                 ast_free(filter);
1382                 ast_free(clean_basedn);
1383                 return -1;
1384         }
1385
1386         mods_size = 2; /* one for the first param/value pair and one for the the terminating NULL */
1387         ldap_mods = ast_calloc(sizeof(LDAPMod *), mods_size);
1388         ldap_mods[0] = ast_calloc(1, sizeof(LDAPMod));
1389
1390         ldap_mods[0]->mod_op = LDAP_MOD_REPLACE;
1391         ldap_mods[0]->mod_type = ast_calloc(sizeof(char), strlen(newparam) + 1);
1392         strcpy(ldap_mods[0]->mod_type, newparam);
1393
1394         ldap_mods[0]->mod_values = ast_calloc(sizeof(char), 2);
1395         ldap_mods[0]->mod_values[0] = ast_calloc(sizeof(char), strlen(newval) + 1);
1396         strcpy(ldap_mods[0]->mod_values[0], newval);
1397
1398         while ((newparam = va_arg(ap, const char *))) {
1399                 newparam = convert_attribute_name_to_ldap(table_config, newparam);
1400                 newval = va_arg(ap, const char *);
1401                 mod_exists = 0;
1402
1403                 for (i = 0; i < mods_size - 1; i++) {
1404                         if (ldap_mods[i]&& !strcmp(ldap_mods[i]->mod_type, newparam)) {
1405                                 /* We have the parameter allready, adding the value as a semicolon delimited value */
1406                                 ldap_mods[i]->mod_values[0] = ast_realloc(ldap_mods[i]->mod_values[0], sizeof(char) * (strlen(ldap_mods[i]->mod_values[0]) + strlen(newval) + 2));
1407                                 strcat(ldap_mods[i]->mod_values[0], ";");
1408                                 strcat(ldap_mods[i]->mod_values[0], newval);
1409                                 mod_exists = 1; 
1410                                 break;
1411                         }
1412                 }
1413
1414                 /* create new mod */
1415                 if (!mod_exists) {
1416                         mods_size++;
1417                         ldap_mods = ast_realloc(ldap_mods, sizeof(LDAPMod *) * mods_size);
1418                         ldap_mods[mods_size - 1] = NULL;
1419                         ldap_mods[mods_size - 2] = ast_calloc(1, sizeof(LDAPMod));
1420
1421                         ldap_mods[mods_size - 2]->mod_op = LDAP_MOD_REPLACE;
1422
1423                         ldap_mods[mods_size - 2]->mod_type = ast_calloc(sizeof(char), strlen(newparam) + 1);
1424                         strcpy(ldap_mods[mods_size - 2]->mod_type, newparam);
1425
1426                         ldap_mods[mods_size - 2]->mod_values = ast_calloc(sizeof(char *), 2);
1427                         ldap_mods[mods_size - 2]->mod_values[0] = ast_calloc(sizeof(char), strlen(newval) + 1);
1428                         strcpy(ldap_mods[mods_size - 2]->mod_values[0], newval);
1429                 }
1430         }
1431         /* freeing ldap_mods further down */
1432
1433         do {
1434                 /* freeing ldap_result further down */
1435                 result = ldap_search_ext_s(ldapConn, clean_basedn,
1436                                   LDAP_SCOPE_SUBTREE, filter->str, NULL, 0, NULL, NULL, NULL, LDAP_NO_LIMIT,
1437                                   &ldap_result_msg);
1438                 if (result != LDAP_SUCCESS && is_ldap_connect_error(result)) {
1439                         ast_log(LOG_WARNING, "Failed to query database. Try %d/3\n",
1440                                 tries + 1);
1441                         tries++;
1442                         if (tries < 3) {
1443                                 usleep(500000L * tries);
1444                                 if (ldapConn) {
1445                                         ldap_unbind_ext_s(ldapConn, NULL, NULL);
1446                                         ldapConn = NULL;
1447                                 }
1448                                 if (!ldap_reconnect())
1449                                         break;
1450                         }
1451                 }
1452         } while (result != LDAP_SUCCESS && tries < 3 && is_ldap_connect_error(result));
1453
1454         if (result != LDAP_SUCCESS) {
1455                 ast_log(LOG_WARNING, "Failed to query directory. Check debug for more info.\n");
1456                 ast_log(LOG_WARNING, "Query: %s\n", filter->str);
1457                 ast_log(LOG_WARNING, "Query Failed because: %s\n",
1458                         ldap_err2string(result));
1459
1460                 ast_mutex_unlock(&ldap_lock);
1461                 if (filter)
1462                         free(filter);
1463                 if (clean_basedn)
1464                         free(clean_basedn);
1465                 ldap_msgfree(ldap_result_msg);
1466                 ldap_mods_free(ldap_mods, 0);
1467                 return -1;
1468         }
1469         /* Ready to update */
1470         if ((num_entries = ldap_count_entries(ldapConn, ldap_result_msg)) > 0) {
1471                 for (i = 0; option_debug > 2 && i < mods_size - 1; i++)
1472                         ast_debug(3, "LINE(%d) %s=%s \n", __LINE__, ldap_mods[i]->mod_type, ldap_mods[i]->mod_values[0]);
1473
1474                 ldap_entry = ldap_first_entry(ldapConn, ldap_result_msg);
1475
1476                 for (i = 0; ldap_entry; i++) { 
1477                         dn = ldap_get_dn(ldapConn, ldap_entry);
1478                         if ((error = ldap_modify_ext_s(ldapConn, dn, ldap_mods, NULL, NULL)) != LDAP_SUCCESS) 
1479                                 ast_log(LOG_ERROR, "Couldn't modify dn:%s because %s", dn, ldap_err2string(error));
1480
1481                         ldap_entry = ldap_next_entry(ldapConn, ldap_entry);
1482                 }
1483         }
1484
1485         ast_mutex_unlock(&ldap_lock);
1486         if (filter)
1487                 free(filter);
1488         if (clean_basedn)
1489                 free(clean_basedn);
1490         ldap_msgfree(ldap_result_msg);
1491         ldap_mods_free(ldap_mods, 0);
1492         return num_entries;
1493 }
1494
1495 static struct ast_config_engine ldap_engine = {
1496         .name = "ldap",
1497         .load_func = config_ldap,
1498         .realtime_func = realtime_ldap,
1499         .realtime_multi_func = realtime_multi_ldap,
1500         .update_func = update_ldap,
1501         .update2_func = update2_ldap,
1502 };
1503
1504 static int load_module(void)
1505 {
1506         if (parse_config() < 0) {
1507                 ast_log(LOG_NOTICE, "Cannot load LDAP RealTime driver.\n");
1508                 return 0;
1509         }
1510
1511         ast_mutex_lock(&ldap_lock);
1512
1513         if (!ldap_reconnect()) 
1514                 ast_log(LOG_WARNING, "Couldn't establish connection. Check debug.\n");
1515
1516         ast_config_engine_register(&ldap_engine);
1517         ast_verb(1, "LDAP RealTime driver loaded.\n");
1518         ast_cli_register_multiple(ldap_cli, sizeof(ldap_cli) / sizeof(struct ast_cli_entry));
1519
1520         ast_mutex_unlock(&ldap_lock);
1521
1522         return 0;
1523 }
1524
1525 static int unload_module(void)
1526 {
1527         /* Aquire control before doing anything to the module itself. */
1528         ast_mutex_lock(&ldap_lock);
1529
1530         table_configs_free();
1531
1532         if (ldapConn) {
1533                 ldap_unbind_ext_s(ldapConn, NULL, NULL);
1534                 ldapConn = NULL;
1535         }
1536         ast_cli_unregister_multiple(ldap_cli, sizeof(ldap_cli) / sizeof(struct ast_cli_entry));
1537         ast_config_engine_deregister(&ldap_engine);
1538         ast_verb(1, "LDAP RealTime unloaded.\n");
1539
1540         /* Unlock so something else can destroy the lock. */
1541         ast_mutex_unlock(&ldap_lock);
1542
1543         return 0;
1544 }
1545
1546 static int reload(void)
1547 {
1548         /* Aquire control before doing anything to the module itself. */
1549         ast_mutex_lock(&ldap_lock);
1550
1551         if (ldapConn) {
1552                 ldap_unbind_ext_s(ldapConn, NULL, NULL);
1553                 ldapConn = NULL;
1554         }
1555
1556         if (parse_config() < 0) {
1557                 ast_log(LOG_NOTICE, "Cannot reload LDAP RealTime driver.\n");
1558                 ast_mutex_unlock(&ldap_lock);
1559                 return 0;
1560         }               
1561
1562         if (!ldap_reconnect()) 
1563                 ast_log(LOG_WARNING, "Couldn't establish connection. Check debug.\n");
1564
1565         ast_verb(2, "LDAP RealTime reloaded.\n");
1566
1567         /* Done reloading. Release lock so others can now use driver. */
1568         ast_mutex_unlock(&ldap_lock);
1569
1570         return 0;
1571 }
1572
1573 int parse_config(void)
1574 {
1575         struct ast_config *config;
1576         struct ast_flags config_flags = {0};
1577         const char *s, *host;
1578         int port;
1579         char *category_name = NULL;
1580
1581         config = ast_config_load(RES_CONFIG_LDAP_CONF, config_flags);
1582         if (config == CONFIG_STATUS_FILEMISSING || config == CONFIG_STATUS_FILEINVALID) {
1583                 ast_log(LOG_WARNING, "Cannot load configuration %s\n", RES_CONFIG_LDAP_CONF);
1584                 return -1;
1585         }
1586
1587         if (!(s = ast_variable_retrieve(config, "_general", "user"))) {
1588                 ast_log(LOG_WARNING, "No directory user found, anonymous binding as default.\n");
1589                 user[0] = '\0';
1590         } else 
1591                 ast_copy_string(user, s, sizeof(user));
1592
1593         if (!ast_strlen_zero(user)) {
1594                 if (!(s = ast_variable_retrieve(config, "_general", "pass"))) {
1595                         ast_log(LOG_WARNING, "No directory password found, using 'asterisk' as default.\n");
1596                         ast_copy_string(pass, "asterisk", sizeof(pass));
1597                 } else {
1598                         ast_copy_string(pass, s, sizeof(pass));
1599                 }
1600         }
1601
1602         /* URL is preferred, use host and port if not found */
1603         if ((s = ast_variable_retrieve(config, "_general", "url"))) {
1604                 ast_copy_string(url, s, sizeof(url));
1605         } else if ((host = ast_variable_retrieve(config, "_general", "host"))) {
1606                 if (!(s = ast_variable_retrieve(config, "_general", "port")) || sscanf(s, "%d", &port) != 1) {
1607                         ast_log(LOG_NOTICE, "No directory port found, using 389 as default.\n");
1608                         port = 389;
1609                 }
1610
1611                 snprintf(url, sizeof(url), "ldap://%s:%d", host, port);
1612         } else {
1613                 ast_log(LOG_ERROR, "No directory URL or host found.\n");
1614                 ast_config_destroy(config);
1615                 return -1;
1616         }
1617
1618         if (!(s = ast_variable_retrieve(config, "_general", "basedn"))) {
1619                 ast_log(LOG_ERROR, "No LDAP base dn found, using '%s' as default.\n", RES_CONFIG_LDAP_DEFAULT_BASEDN);
1620                 ast_copy_string(base_distinguished_name, RES_CONFIG_LDAP_DEFAULT_BASEDN, sizeof(base_distinguished_name));
1621         } else 
1622                 ast_copy_string(base_distinguished_name, s, sizeof(base_distinguished_name));
1623
1624         if (!(s = ast_variable_retrieve(config, "_general", "version")) && !(s = ast_variable_retrieve(config, "_general", "protocol"))) {
1625                 ast_log(LOG_NOTICE, "No explicit LDAP version found, using 3 as default.\n");
1626                 version = 3;
1627         } else if (sscanf(s, "%d", &version) != 1 || version < 1 || version > 6) {
1628                 ast_log(LOG_WARNING, "Invalid LDAP version '%s', using 3 as default.\n", s);
1629                 version = 3;
1630         }
1631
1632         table_configs_free();
1633
1634         while ((category_name = ast_category_browse(config, category_name))) {
1635                 int is_general = (strcasecmp(category_name, "_general") == 0);
1636                 int is_config = (strcasecmp(category_name, "config") == 0); /*!< using the [config] context for Static RealTime */
1637                 struct ast_variable *var = ast_variable_browse(config, category_name);
1638                 
1639                 if (var) {
1640                         struct ldap_table_config *table_config =
1641                                 table_config_for_table_name(category_name);
1642                         if (!table_config) {
1643                                 table_config = table_config_new(category_name);
1644                                 AST_LIST_INSERT_HEAD(&table_configs, table_config, entry);
1645                                 if (is_general)
1646                                         base_table_config = table_config;
1647                                 if (is_config)
1648                                         static_table_config = table_config;
1649                         }
1650                         for (; var; var = var->next) {
1651                                 if (!strcasecmp(var->name, "additionalFilter")) {
1652                                         table_config->additional_filter = ast_strdup(var->value);
1653                                 } else {
1654                                         ldap_table_config_add_attribute(table_config, var->name, var->value);
1655                                 }
1656                         }
1657                 }
1658         }
1659
1660         ast_config_destroy(config);
1661
1662         return 1;
1663 }
1664
1665 /*! \note ldap_lock should have been locked before calling this function. */
1666 static int ldap_reconnect(void)
1667 {
1668         int bind_result = 0;
1669         struct berval cred;
1670
1671         if (ldapConn) {
1672                 ast_debug(2, "Everything seems fine.\n");
1673                 return 1;
1674         }
1675
1676         if (ast_strlen_zero(url)) {
1677                 ast_log(LOG_ERROR, "Not enough parameters to connect to ldap database\n");
1678                 return 0;
1679         }
1680
1681         if (LDAP_SUCCESS != ldap_initialize(&ldapConn, url)) {
1682                 ast_log(LOG_ERROR, "Failed to init ldap connection to '%s'. Check debug for more info.\n", url);
1683                 return 0;
1684         }
1685
1686         if (LDAP_OPT_SUCCESS != ldap_set_option(ldapConn, LDAP_OPT_PROTOCOL_VERSION, &version)) {
1687                 ast_log(LOG_WARNING, "Unable to set LDAP protocol version to %d, falling back to default.\n", version);
1688         }
1689
1690         if (!ast_strlen_zero(user)) {
1691                 ast_debug(2, "bind to '%s' as user '%s'\n", url, user);
1692                 cred.bv_val = (char *) pass;
1693                 cred.bv_len = strlen(pass);
1694                 bind_result = ldap_sasl_bind_s(ldapConn, user, LDAP_SASL_SIMPLE, &cred, NULL, NULL, NULL);
1695         } else {
1696                 ast_debug(2, "bind %s anonymously\n", url);
1697                 cred.bv_val = NULL;
1698                 cred.bv_len = 0;
1699                 bind_result = ldap_sasl_bind_s(ldapConn, NULL, LDAP_SASL_SIMPLE, &cred, NULL, NULL, NULL);
1700         }
1701         if (bind_result == LDAP_SUCCESS) {
1702                 ast_debug(2, "Successfully connected to database.\n");
1703                 connect_time = time(NULL);
1704                 return 1;
1705         } else {
1706                 ast_log(LOG_WARNING, "bind failed: %s\n", ldap_err2string(bind_result));
1707                 ldap_unbind_ext_s(ldapConn, NULL, NULL);
1708                 ldapConn = NULL;
1709                 return 0;
1710         }
1711 }
1712
1713 static char *realtime_ldap_status(struct ast_cli_entry *e, int cmd, struct ast_cli_args *a)
1714 {
1715         char status[256], credentials[100] = "";
1716         int ctimesec = time(NULL) - connect_time;
1717
1718         switch (cmd) {
1719         case CLI_INIT:
1720                 e->command = "realtime show ldap status";
1721                 e->usage =
1722                         "Usage: realtime show ldap status\n"
1723                         "               Shows connection information for the LDAP RealTime driver\n";
1724                 return NULL;
1725         case CLI_GENERATE:
1726                 return NULL;
1727         }
1728
1729         if (!ldapConn)
1730                 return CLI_FAILURE;
1731
1732         if (!ast_strlen_zero(url)) 
1733                 snprintf(status, sizeof(status), "Connected to '%s', baseDN %s", url, base_distinguished_name);
1734
1735         if (!ast_strlen_zero(user))
1736                 snprintf(credentials, sizeof(credentials), " with username %s", user);
1737
1738         if (ctimesec > 31536000) {
1739                 ast_cli(a->fd, "%s%s for %d years, %d days, %d hours, %d minutes, %d seconds.\n",
1740                                 status, credentials, ctimesec / 31536000,
1741                                 (ctimesec % 31536000) / 86400, (ctimesec % 86400) / 3600,
1742                                 (ctimesec % 3600) / 60, ctimesec % 60);
1743         } else if (ctimesec > 86400) {
1744                 ast_cli(a->fd, "%s%s for %d days, %d hours, %d minutes, %d seconds.\n",
1745                                 status, credentials, ctimesec / 86400, (ctimesec % 86400) / 3600,
1746                                 (ctimesec % 3600) / 60, ctimesec % 60);
1747         } else if (ctimesec > 3600) {
1748                 ast_cli(a->fd, "%s%s for %d hours, %d minutes, %d seconds.\n",
1749                                 status, credentials, ctimesec / 3600, (ctimesec % 3600) / 60,
1750                                 ctimesec % 60);
1751         } else if (ctimesec > 60) {
1752                 ast_cli(a->fd, "%s%s for %d minutes, %d seconds.\n", status, credentials,
1753                                         ctimesec / 60, ctimesec % 60);
1754         } else {
1755                 ast_cli(a->fd, "%s%s for %d seconds.\n", status, credentials, ctimesec);
1756         }
1757
1758         return CLI_SUCCESS;
1759 }
1760
1761 AST_MODULE_INFO(ASTERISK_GPL_KEY, AST_MODFLAG_GLOBAL_SYMBOLS, "LDAP realtime interface",
1762         .load = load_module,
1763         .unload = unload_module,
1764         .reload = reload,
1765 );