All of the res/ stuff (other than res_jabber) from the RSW branch.
[asterisk/asterisk.git] / res / res_config_ldap.c
1 /*
2  * Asterisk -- A telephony toolkit for Linux.
3  *
4  * Copyright (C) 2005, Oxymium sarl
5  * Manuel Guesdon <mguesdon@oxymium.net> - LDAP RealTime Driver Author/Adaptor
6  *
7  * Copyright (C) 2007, Digium, Inc.
8  * Russell Bryant <russell@digium.com>
9  *
10  * See http://www.asterisk.org for more information about
11  * the Asterisk project. Please do not directly contact
12  * any of the maintainers of this project for assistance;
13  * the project provides a web site, mailing lists and IRC
14  * channels for your use.
15  *
16  * This program is free software, distributed under the terms of
17  * the GNU General Public License Version 2. See the LICENSE file
18  * at the top of the source tree.
19  *
20  */
21
22 /*! \file
23  *
24  * \brief ldap plugin for portable configuration engine (ARA)
25  *
26  * \author Mark Spencer <markster@digium.com>
27  * \author Manuel Guesdon
28  * \author Carl-Einar Thorner <cthorner@voicerd.com>
29  * \author Russell Bryant <russell@digium.com>
30  *
31  * \arg http://www.openldap.org
32  */
33
34 /*** MODULEINFO
35         <depend>ldap</depend>
36  ***/
37
38 #include "asterisk.h"
39
40 #include <stdlib.h>
41 #include <string.h>
42 #include <ctype.h>
43 #include <stdio.h>
44 #include <ldap.h>
45
46 ASTERISK_FILE_VERSION(__FILE__, "$Revision$")
47
48 #include "asterisk/channel.h"
49 #include "asterisk/logger.h"
50 #include "asterisk/config.h"
51 #include "asterisk/module.h"
52 #include "asterisk/lock.h"
53 #include "asterisk/options.h"
54 #include "asterisk/cli.h"
55 #include "asterisk/utils.h"
56 #include "asterisk/strings.h"
57 #include "asterisk/pbx.h"
58 #include "asterisk/linkedlists.h"
59
60 #define RES_CONFIG_LDAP_CONF "res_ldap.conf"
61 #define RES_CONFIG_LDAP_DEFAULT_BASEDN "asterisk"
62
63 AST_MUTEX_DEFINE_STATIC(ldap_lock);
64
65 static LDAP *ldapConn;
66 static char url[512];
67 static char user[512];
68 static char pass[50];
69 static char base_distinguished_name[512];
70 static int version = 3;
71 static time_t connect_time;
72
73 static int parse_config(void);
74 static int ldap_reconnect(void);
75 static char *realtime_ldap_status(struct ast_cli_entry *e, int cmd, struct ast_cli_args *a);
76
77 struct category_and_metric {
78         const char *name;
79         int metric;
80         const char *variable_name;
81         const char *variable_value;
82         int var_metric; /*!< For organizing variables (particularly includes and switch statments) within a context */
83 };
84
85 /*! \brief Table configuration */
86 struct ldap_table_config {
87         char *table_name;                 /*!< table name */
88         char *additional_filter;          /*!< additional filter        */
89         struct ast_variable *attributes;  /*!< attribute names conversion */
90         struct ast_variable *delimiters;  /*!< the current delimiter is semicolon, so we are not using this variable */
91         AST_LIST_ENTRY(ldap_table_config) entry;
92 };
93
94 /*! \brief Should be locked before using it */
95 static AST_LIST_HEAD_NOLOCK_STATIC(table_configs, ldap_table_config);
96 static struct ldap_table_config *base_table_config;
97 static struct ldap_table_config *static_table_config;
98
99 static struct ast_cli_entry ldap_cli[] = {
100         AST_CLI_DEFINE(realtime_ldap_status, "Shows connection information for the LDAP RealTime driver"),
101 };
102
103 /*! \brief Create a new table_config */
104 static struct ldap_table_config *table_config_new(const char *table_name)
105 {
106         struct ldap_table_config *p;
107
108         if (!(p = ast_calloc(1, sizeof(*p))))
109                 return NULL;
110
111         if (table_name) {
112                 if (!(p->table_name = ast_strdup(table_name))) {
113                         free(p);
114                         return NULL;
115                 }
116         }
117
118         return p;
119 }
120
121 /*! \brief Find a table_config - Should be locked before using it 
122  *  \note This function assumes ldap_lock to be locked. */
123 static struct ldap_table_config *table_config_for_table_name(const char *table_name)
124 {
125         struct ldap_table_config *c = NULL;
126
127         AST_LIST_TRAVERSE(&table_configs, c, entry) {
128                 if (!strcmp(c->table_name, table_name))
129                         break;
130         }
131
132         return c;
133 }
134
135 /*! \brief Find variable by name */
136 static struct ast_variable *variable_named(struct ast_variable *var, const char *name)
137 {
138         for (; var; var = var->next) {
139                 if (!strcasecmp(name, var->name))
140                         break;
141         }
142
143         return var;
144 }
145
146 /*! \brief for the semicolon delimiter
147         \param somestr - pointer to a string
148
149         \return number of occurances of the delimiter(semicolon)
150  */
151 static int semicolon_count_str(const char *somestr)
152 {
153         int count = 0;
154
155         for (; *somestr; somestr++) {
156                 if (*somestr == ';')
157                         count++;
158         }
159
160         return count;
161
162
163 /* takes a linked list of \a ast_variable variables, finds the one with the name variable_value
164  * and returns the number of semicolons in the value for that \a ast_variable
165  */
166 static int semicolon_count_var(struct ast_variable *var)
167 {
168         struct ast_variable *var_value = variable_named(var, "variable_value");
169
170         if (!var_value)
171                 return 0;
172
173         ast_debug(1, "LINE(%d) semicolon_count_var: %s\n", __LINE__, var_value->value);
174
175         return semicolon_count_str(var_value->value);
176 }
177
178 /*! \brief add attribute to table config - Should be locked before using it */
179 static void ldap_table_config_add_attribute(struct ldap_table_config *table_config,
180         const char *attribute_name, const char *attribute_value)
181 {
182         struct ast_variable *var;
183
184         if (ast_strlen_zero(attribute_name) || ast_strlen_zero(attribute_value))
185                 return;
186
187         if (!(var = ast_variable_new(attribute_name, attribute_value, table_config->table_name)))
188                 return;
189
190         if (table_config->attributes)
191                 var->next = table_config->attributes;
192         table_config->attributes = var;
193 }
194
195 /*! \brief Free table_config 
196  *  \note assumes ldap_lock to be locked */
197 static void table_configs_free(void)
198 {
199         struct ldap_table_config *c;
200
201         while ((c = AST_LIST_REMOVE_HEAD(&table_configs, entry))) {
202                 if (c->table_name)
203                         free(c->table_name);
204                 if (c->additional_filter)
205                         free(c->additional_filter);
206                 if (c->attributes)
207                         ast_variables_destroy(c->attributes);
208                 free(c);
209         }
210
211         base_table_config = NULL;
212         static_table_config = NULL;
213 }
214
215 /*! \brief Convert variable name to ldap attribute name - Should be locked before using it */
216 static const char *convert_attribute_name_to_ldap(struct ldap_table_config *table_config,
217         const char *attribute_name)
218 {
219         int i = 0;
220         struct ldap_table_config *configs[] = { table_config, base_table_config };
221
222         for (i = 0; i < ARRAY_LEN(configs); i++) {
223                 struct ast_variable *attribute;
224
225                 if (!configs[i])
226                         continue;
227
228                 attribute = configs[i]->attributes;
229                 for (; attribute; attribute = attribute->next) {
230                         if (!strcasecmp(attribute_name, attribute->name))
231                                 return attribute->value;
232                 }
233         }
234
235         return attribute_name;
236 }
237
238 /*! \brief Convert ldap attribute name to variable name - Should be locked before using it */
239 static const char *convert_attribute_name_from_ldap(struct ldap_table_config *table_config,
240                                                     const char *attribute_name)
241 {
242         int i = 0;
243         struct ldap_table_config *configs[] = { table_config, base_table_config };
244
245         for (i = 0; i < ARRAY_LEN(configs); i++) {
246                 struct ast_variable *attribute;
247
248                 if (!configs[i])
249                         continue;
250
251                 attribute = configs[i]->attributes;
252                 for (; attribute; attribute = attribute->next) {
253                         if (strcasecmp(attribute_name, attribute->value) == 0)
254                                 return attribute->name;
255                 }
256         }
257
258         return attribute_name;
259 }
260
261 /*! \brief Get variables from ldap entry attributes - Should be locked before using it
262  * \return a linked list of ast_variable variables.
263  **/
264 static struct ast_variable *realtime_ldap_entry_to_var(struct ldap_table_config *table_config,
265         LDAPMessage *ldap_entry)
266 {
267         BerElement *ber = NULL;
268         struct ast_variable *var = NULL;
269         struct ast_variable *prev = NULL;
270         int is_delimited = 0;
271         int i = 0;
272         char *ldap_attribute_name;
273         struct berval *value;
274         int pos = 0;
275
276         ldap_attribute_name = ldap_first_attribute(ldapConn, ldap_entry, &ber);
277
278         while (ldap_attribute_name) {
279                 struct berval **values = NULL;
280                 const char *attribute_name = convert_attribute_name_from_ldap(table_config, ldap_attribute_name);
281                 int is_realmed_password_attribute = strcasecmp(attribute_name, "md5secret") == 0;
282
283                 values = ldap_get_values_len(ldapConn, ldap_entry, ldap_attribute_name); /* these are freed at the end */
284                 if (values) {
285                         struct berval **v;
286                         char *valptr;
287
288                         for (v = values; *v; v++) {
289                                 value = *v;
290                                 valptr = value->bv_val;
291                                 ast_debug(2, "LINE(%d) attribute_name: %s LDAP value: %s\n", __LINE__, attribute_name, valptr);
292                                 if (is_realmed_password_attribute) {
293                                         if (!strncasecmp(valptr, "{md5}", 5)) {
294                                                 valptr += 5;
295                                         } else {
296                                                 valptr = NULL;
297                                         }
298                                         ast_debug(2, "md5: %s\n", valptr);
299                                 }
300                                 if (valptr) {
301                                         /* ok, so looping through all delimited values except the last one (not, last character is not delimited...) */
302                                         if (is_delimited) {
303                                                 i = 0;
304                                                 pos = 0;
305                                                 while (!ast_strlen_zero(valptr + i)) {
306                                                         if (valptr[i] == ';'){
307                                                                 valptr[i] = '\0';
308                                                                 if (prev) {
309                                                                         prev->next = ast_variable_new(attribute_name, &valptr[pos], table_config->table_name);
310                                                                         if (prev->next) {
311                                                                                 prev = prev->next;
312                                                                         }
313                                                                 } else {
314                                                                         prev = var = ast_variable_new(attribute_name, &valptr[pos], table_config->table_name);
315                                                                 }
316                                                                 pos = i + 1;
317                                                         }
318                                                         i++;
319                                                 }
320                                         }
321                                         /* for the last delimited value or if the value is not delimited: */
322                                         if (prev) {
323                                                 prev->next = ast_variable_new(attribute_name, &valptr[pos], table_config->table_name);
324                                                 if (prev->next) {
325                                                         prev = prev->next;
326                                                 }
327                                         } else {
328                                                 prev = var = ast_variable_new(attribute_name, &valptr[pos], table_config->table_name);
329                                         }
330                                 }
331                         }
332                         ldap_value_free_len(values);
333                 }
334                 ldap_attribute_name = ldap_next_attribute(ldapConn, ldap_entry, ber);
335         }
336         ber_free(ber, 0);
337
338         return var;
339 }
340
341 /*! \brief Get variables from ldap entry attributes - Should be locked before using it
342  *
343  * The results are freed outside this function so is the \a vars array.
344  *      
345  * \return \a vars - an array of ast_variable variables terminated with a null.
346  **/
347 static struct ast_variable **realtime_ldap_result_to_vars(struct ldap_table_config *table_config,
348         LDAPMessage *ldap_result_msg, unsigned int *entries_count_ptr)
349 {
350         struct ast_variable **vars;
351         int i = 0;
352         int tot_count = 0;
353         int entry_index = 0;
354         LDAPMessage *ldap_entry = NULL;
355         BerElement *ber = NULL;
356         struct ast_variable *var = NULL;
357         struct ast_variable *prev = NULL;
358         int is_delimited = 0;
359         char *delim_value = NULL;
360         int delim_tot_count = 0;
361         int delim_count = 0;
362
363         /* First find the total count */
364         ldap_entry = ldap_first_entry(ldapConn, ldap_result_msg);
365
366         for (tot_count = 0; ldap_entry; tot_count++){ 
367                 tot_count += semicolon_count_var(realtime_ldap_entry_to_var(table_config, ldap_entry));
368                 ldap_entry = ldap_next_entry(ldapConn, ldap_entry);
369         }
370
371         if (entries_count_ptr)
372                 *entries_count_ptr = tot_count;
373         /* Now that we have the total count we allocate space and create the variables
374          * Remember that each element in vars is a linked list that points to realtime variable.
375          * If the we are dealing with a static realtime variable we create a new element in the \a vars array for each delimited
376          * value in \a variable_value; otherwise, we keep \a vars static and increase the length of the linked list of variables in the array element.
377          * This memory must be freed outside of this function. */
378         vars = ast_calloc(sizeof(struct ast_variable *), tot_count + 1);
379
380         ldap_entry = ldap_first_entry(ldapConn, ldap_result_msg);
381
382         i = 0;
383
384         /* For each static realtime variable we may create several entries in the \a vars array if it's delimited */
385         for (entry_index = 0; ldap_entry; ) { 
386                 int pos = 0;
387                 delim_value = NULL;
388                 delim_tot_count = 0;
389                 delim_count = 0;
390                 
391                 do { /* while delim_count */
392
393                         /* Starting new static var */
394                         char *ldap_attribute_name = ldap_first_attribute(ldapConn, ldap_entry, &ber);
395                         struct berval *value;
396                         while (ldap_attribute_name) {
397                         
398                                 const char *attribute_name =
399                                         convert_attribute_name_from_ldap(table_config, ldap_attribute_name);
400                                 int is_realmed_password_attribute = strcasecmp(attribute_name, "md5secret") == 0;
401                                 struct berval **values = NULL;
402
403                                 values = ldap_get_values_len(ldapConn, ldap_entry, ldap_attribute_name);
404                                 if (values) {
405                                         struct berval **v;
406                                         char *valptr;
407
408                                         for (v = values; *v; v++) {
409                                                 value = *v;
410                                                 valptr = value->bv_val;
411                                                 if (is_realmed_password_attribute) {
412                                                         if (strncasecmp(valptr, "{md5}", 5) == 0) {
413                                                                 valptr += 5;
414                                                         } else {
415                                                                 valptr = NULL;
416                                                         }
417                                                         ast_debug(2, "md5: %s\n", valptr);
418                                                 }
419                                                 if (valptr) {
420                                                         if (delim_value == NULL 
421                                                                 && !is_realmed_password_attribute 
422                                                                 && (static_table_config != table_config || strcmp(attribute_name, "variable_value") == 0)) {
423
424                                                                 delim_value = ast_strdup(valptr);
425
426                                                                 if ((delim_tot_count = semicolon_count_str(delim_value)) > 0) {
427                                                                         ast_debug(4, "LINE(%d) is delimited %d times: %s\n", __LINE__, delim_tot_count, delim_value);
428                                                                         is_delimited = 1;
429                                                                 }
430                                                         }
431
432                                                         if (is_delimited != 0 
433                                                                 && !is_realmed_password_attribute 
434                                                                 && (static_table_config != table_config || strcmp(attribute_name, "variable_value") == 0) ) {
435                                                                 /* for non-Static RealTime, first */
436
437                                                                 for (i = pos; !ast_strlen_zero(valptr + i); i++) {
438                                                                         ast_debug(4, "LINE(%d) DELIM pos: %d i: %d\n", __LINE__, pos, i);
439                                                                         if (delim_value[i] == ';') {
440                                                                                 delim_value[i] = '\0';
441
442                                                                                 ast_debug(2, "LINE(%d) DELIM - attribute_name: %s value: %s pos: %d\n", __LINE__, attribute_name, &delim_value[pos], pos);
443                                                         
444                                                                                 if (prev) {
445                                                                                         prev->next = ast_variable_new(attribute_name, &delim_value[pos], table_config->table_name);
446                                                                                         if (prev->next) {
447                                                                                                 prev = prev->next;
448                                                                                         }
449                                                                                 } else {
450                                                                                         prev = var = ast_variable_new(attribute_name, &delim_value[pos], table_config->table_name);
451                                                                                 }
452                                                                                 pos = i + 1;
453
454                                                                                 if (static_table_config == table_config) {
455                                                                                         break;
456                                                                                 }
457                                                                         }
458                                                                 }
459                                                                 if (ast_strlen_zero(valptr + i)) {
460                                                                         ast_debug(4, "LINE(%d) DELIM pos: %d i: %d delim_count: %d\n", __LINE__, pos, i, delim_count);
461                                                                         /* Last delimited value */
462                                                                         ast_debug(4, "LINE(%d) DELIM - attribute_name: %s value: %s pos: %d\n", __LINE__, attribute_name, &delim_value[pos], pos);
463                                                                         if (prev) {
464                                                                                 prev->next = ast_variable_new(attribute_name, &delim_value[pos], table_config->table_name);
465                                                                                 if (prev->next) {
466                                                                                         prev = prev->next;
467                                                                                 }
468                                                                         } else {
469                                                                                 prev = var = ast_variable_new(attribute_name, &delim_value[pos], table_config->table_name);
470                                                                         }
471                                                                         /* Remembering to free memory */
472                                                                         is_delimited = 0;
473                                                                         pos = 0;
474                                                                 }
475                                                                 free(delim_value);
476                                                                 delim_value = NULL;
477                                                                 
478                                                                 ast_debug(4, "LINE(%d) DELIM pos: %d i: %d\n", __LINE__, pos, i);
479                                                         } else {
480                                                                 /* not delimited */
481                                                                 if (delim_value) {
482                                                                         free(delim_value);
483                                                                         delim_value = NULL;
484                                                                 }
485                                                                 ast_debug(2, "LINE(%d) attribute_name: %s value: %s\n", __LINE__, attribute_name, valptr);
486
487                                                                 if (prev) {
488                                                                         prev->next = ast_variable_new(attribute_name, valptr, table_config->table_name);
489                                                                         if (prev->next) {
490                                                                                 prev = prev->next;
491                                                                         }
492                                                                 } else {
493                                                                         prev = var = ast_variable_new(attribute_name, valptr, table_config->table_name);
494                                                                 }
495                                                         }
496                                                 }
497                                         } /*!< for (v = values; *v; v++) */
498                                         ldap_value_free_len(values);
499                                 }/*!< if (values) */
500                                 ldap_attribute_name = ldap_next_attribute(ldapConn, ldap_entry, ber);
501                         } /*!< while (ldap_attribute_name) */
502                         ber_free(ber, 0);
503                         if (static_table_config == table_config) {
504                                 if (option_debug > 2) {
505                                         const struct ast_variable *tmpdebug = variable_named(var, "variable_name");
506                                         const struct ast_variable *tmpdebug2 = variable_named(var, "variable_value");
507                                         if (tmpdebug && tmpdebug2) {
508                                                 ast_debug(3, "LINE(%d) Added to vars - %s = %s\n", __LINE__, tmpdebug->value, tmpdebug2->value);
509                                         }
510                                 }
511                                 vars[entry_index++] = var;
512                                 prev = NULL;
513                         }
514
515                         delim_count++;
516                 } while (delim_count <= delim_tot_count && static_table_config == table_config);
517
518                 if (static_table_config != table_config) {
519                         ast_debug(3, "LINE(%d) Added to vars - non static\n", __LINE__);
520                                 
521                         vars[entry_index++] = var;
522                         prev = NULL;
523                 }
524                 ldap_entry = ldap_next_entry(ldapConn, ldap_entry);
525         } /*!< end for loop over ldap_entry */
526
527         return vars;
528 }
529
530
531 static int is_ldap_connect_error(int err)
532 {
533         return (err == LDAP_SERVER_DOWN
534                         || err == LDAP_TIMEOUT || err == LDAP_CONNECT_ERROR);
535 }
536
537 /*! \brief Get LDAP entry by dn and return attributes as variables  - Should be locked before using it 
538         This is used for setting the default values of an object(i.e., with accountBaseDN)
539 */
540 static struct ast_variable *ldap_loadentry(struct ldap_table_config *table_config,
541                                            const char *dn)
542 {
543         if (!table_config) {
544                 ast_log(LOG_ERROR, "No table config\n");
545                 return NULL;
546         } else {
547                 struct ast_variable **vars = NULL;
548                 struct ast_variable *var = NULL;
549                 int result = -1;
550                 LDAPMessage *ldap_result_msg = NULL;
551                 int tries = 0;
552
553                 ast_debug(2, "ldap_loadentry dn=%s\n", dn);
554
555                 do {
556                         result = ldap_search_ext_s(ldapConn, dn, LDAP_SCOPE_BASE,
557                                            "(objectclass=*)", NULL, 0, NULL, NULL, NULL, LDAP_NO_LIMIT, &ldap_result_msg);
558                         if (result != LDAP_SUCCESS && is_ldap_connect_error(result)) {
559                                 ast_log(LOG_WARNING,
560                                         "Failed to query database. Try %d/3\n",
561                                         tries + 1);
562                                 tries++;
563                                 if (tries < 3) {
564                                         usleep(500000L * tries);
565                                         if (ldapConn) {
566                                                 ldap_unbind_ext_s(ldapConn, NULL, NULL);
567                                                 ldapConn = NULL;
568                                         }
569                                         if (!ldap_reconnect())
570                                                 break;
571                                 }
572                         }
573                 } while (result != LDAP_SUCCESS && tries < 3 && is_ldap_connect_error(result));
574
575                 if (result != LDAP_SUCCESS) {
576                         ast_log(LOG_WARNING,
577                                         "Failed to query database. Check debug for more info.\n");
578                         ast_debug(2, "dn=%s\n", dn);
579                         ast_debug(2, "Query Failed because: %s\n",
580                                 ldap_err2string(result));
581                         ast_mutex_unlock(&ldap_lock);
582                         return NULL;
583                 } else {
584                         int num_entry = 0;
585                         unsigned int *entries_count_ptr = NULL; /*!< not using this */
586                         if ((num_entry = ldap_count_entries(ldapConn, ldap_result_msg)) > 0) {
587                                 ast_debug(3, "num_entry: %d\n", num_entry);
588
589                                 vars = realtime_ldap_result_to_vars(table_config, ldap_result_msg, entries_count_ptr);
590                                 if (num_entry > 1)
591                                         ast_log(LOG_NOTICE, "More than one entry for dn=%s. Take only 1st one\n", dn);
592                         } else {
593                                 ast_debug(2, "Could not find any entry dn=%s.\n", dn);
594                         }
595                 }
596                 ldap_msgfree(ldap_result_msg);
597
598                 /* Chopping \a vars down to one variable */
599                 if (vars != NULL) {
600                         struct ast_variable **p = vars;
601                         p++;
602                         var = *p;
603                         while (var) {
604                                 ast_variables_destroy(var);
605                                 p++;
606                         }
607                         vars = ast_realloc(vars, sizeof(struct ast_variable *));
608                 }
609
610                 var = *vars;
611
612                 return var;
613         }
614 }
615
616 /*! \brief caller should free returned pointer */
617 static char *substituted(struct ast_channel *channel, const char *string)
618 {
619 #define MAXRESULT       2048
620         char *ret_string = NULL;
621
622         if (!ast_strlen_zero(string)) {
623                 ret_string = ast_calloc(1, MAXRESULT);
624                 pbx_substitute_variables_helper(channel, string, ret_string, MAXRESULT - 1);
625         }
626         ast_debug(2, "substituted: string: '%s' => '%s' \n",
627                 string, ret_string);
628         return ret_string;
629 }
630
631 /*! \brief caller should free returned pointer */
632 static char *cleaned_basedn(struct ast_channel *channel, const char *basedn)
633 {
634         char *cbasedn = NULL;
635         if (basedn) {
636                 char *p = NULL;
637                 cbasedn = substituted(channel, basedn);
638                 if (*cbasedn == '"') {
639                         cbasedn++;
640                         if (!ast_strlen_zero(cbasedn)) {
641                                 int len = strlen(cbasedn);
642                                 if (cbasedn[len - 1] == '"')
643                                         cbasedn[len - 1] = '\0';
644
645                         }
646                 }
647                 p = cbasedn;
648                 while (*p) {
649                         if (*p == '|')
650                                 *p = ',';
651                         p++;
652                 }
653         }
654         ast_debug(2, "basedn: '%s' => '%s' \n", basedn, cbasedn);
655         return cbasedn;
656 }
657
658 /*! \brief Replace \<search\> by \<by\> in string. No check is done on string allocated size ! */
659 static int replace_string_in_string(char *string, const char *search, const char *by)
660 {
661         int search_len = strlen(search);
662         int by_len = strlen(by);
663         int replaced = 0;
664         char *p = strstr(string, search);
665         if (p) {
666                 replaced = 1;
667                 while (p) {
668                         if (by_len == search_len)
669                                 memcpy(p, by, by_len);
670                         else {
671                                 memmove(p + by_len, p + search_len,
672                                                 strlen(p + search_len) + 1);
673                                 memcpy(p, by, by_len);
674                         }
675                         p = strstr(p + by_len, search);
676                 }
677         }
678         return replaced;
679 }
680
681 /*! \brief Append a name=value filter string. The filter string can grow. */
682 static void append_var_and_value_to_filter(struct ast_str **filter,
683         struct ldap_table_config *table_config,
684         const char *name, const char *value)
685 {
686         char *new_name = NULL;
687         char *new_value = NULL;
688         char *like_pos = strstr(name, " LIKE");
689
690         ast_debug(2, "name='%s' value='%s'\n", name, value);
691
692         if (like_pos) {
693                 int len = like_pos - name;
694                 name = new_name = ast_strdupa(name);
695                 new_name[len] = '\0';
696                 value = new_value = ast_strdupa(value);
697                 replace_string_in_string(new_value, "\\_", "_");
698                 replace_string_in_string(new_value, "%", "*");
699         }
700
701         name = convert_attribute_name_to_ldap(table_config, name);
702
703         ast_str_append(filter, 0, "(%s=%s)", name, value);
704 }
705
706 /*! \brief LDAP base function 
707  * \return a null terminated array of ast_variable (one per entry) or NULL if no entry is found or if an error occured
708  * caller should free the returned array and ast_variables
709  * \param entries_count_ptr is a pointer to found entries count (can be NULL)
710  * \param basedn is the base DN
711  * \param table_name is the table_name (used dor attribute convertion and additional filter)
712  * \param ap contains null terminated list of pairs name/value
713 */
714 static struct ast_variable **realtime_ldap_base_ap(unsigned int *entries_count_ptr,
715         const char *basedn, const char *table_name, va_list ap)
716 {
717         struct ast_variable **vars = NULL;
718         const char *newparam = NULL;
719         const char *newval = NULL;
720         struct ldap_table_config *table_config = NULL;
721         char *clean_basedn = cleaned_basedn(NULL, basedn);
722         struct ast_str *filter = NULL;
723         int tries = 0;
724         int result = 0;
725         LDAPMessage *ldap_result_msg = NULL;
726
727         if (!table_name) {
728                 ast_log(LOG_WARNING, "No table_name specified.\n");
729                 ast_free(clean_basedn);
730                 return NULL;
731         } 
732
733         if (!(filter = ast_str_create(80))) {
734                 ast_free(clean_basedn);
735                 return NULL;
736         }
737
738         /* Get the first parameter and first value in our list of passed paramater/value pairs  */
739         newparam = va_arg(ap, const char *);
740         newval = va_arg(ap, const char *);
741
742         if (!newparam || !newval) {
743                 ast_log(LOG_WARNING, "Realtime retrieval requires at least 1 parameter"
744                         " and 1 value to search on.\n");
745                 ast_free(filter);
746                 ast_free(clean_basedn);
747                 return NULL;
748         }
749
750         ast_mutex_lock(&ldap_lock);
751
752         /* We now have our complete statement; Lets connect to the server and execute it.  */
753         if (!ldap_reconnect()) {
754                 ast_mutex_unlock(&ldap_lock);
755                 ast_free(filter);
756                 ast_free(clean_basedn);
757                 return NULL;
758         }
759
760         table_config = table_config_for_table_name(table_name);
761         if (!table_config) {
762                 ast_log(LOG_WARNING, "No table named '%s'.\n", table_name);
763                 ast_mutex_unlock(&ldap_lock);
764                 ast_free(filter);
765                 ast_free(clean_basedn);
766                 return NULL;
767         }
768
769         ast_str_append(&filter, 0, "(&");
770
771         if (table_config && table_config->additional_filter)
772                 ast_str_append(&filter, 0, "%s", table_config->additional_filter);
773         if (table_config != base_table_config && base_table_config && 
774                 base_table_config->additional_filter) {
775                 ast_str_append(&filter, 0, "%s", base_table_config->additional_filter);
776         }
777
778         /* Create the first part of the query using the first parameter/value pairs we just extracted */
779         /*   If there is only 1 set, then we have our query. Otherwise, loop thru the list and concat */
780
781         append_var_and_value_to_filter(&filter, table_config, newparam, newval);
782         while ((newparam = va_arg(ap, const char *))) {
783                 newval = va_arg(ap, const char *);
784                 append_var_and_value_to_filter(&filter, table_config, newparam, newval);
785         }
786         ast_str_append(&filter, 0, ")");
787
788         do {
789                 /* freeing ldap_result further down */
790                 result = ldap_search_ext_s(ldapConn, clean_basedn,
791                                   LDAP_SCOPE_SUBTREE, filter->str, NULL, 0, NULL, NULL, NULL, LDAP_NO_LIMIT,
792                                   &ldap_result_msg);
793                 if (result != LDAP_SUCCESS && is_ldap_connect_error(result)) {
794                         ast_log(LOG_DEBUG, "Failed to query database. Try %d/10\n",
795                                 tries + 1);
796                         if (++tries < 10) {
797                                 usleep(1);
798                                 if (ldapConn) {
799                                         ldap_unbind_ext_s(ldapConn, NULL, NULL);
800                                         ldapConn = NULL;
801                                 }
802                                 if (!ldap_reconnect())
803                                         break;
804                         }
805                 }
806         } while (result != LDAP_SUCCESS && tries < 10 && is_ldap_connect_error(result));
807
808         if (result != LDAP_SUCCESS) {
809                 ast_log(LOG_WARNING, "Failed to query database. Check debug for more info.\n");
810                 ast_log(LOG_WARNING, "Query: %s\n", filter->str);
811                 ast_log(LOG_WARNING, "Query Failed because: %s\n", ldap_err2string(result));
812         } else {
813                 /* this is where we create the variables from the search result 
814                  * freeing this \a vars outside this function */
815                 if (ldap_count_entries(ldapConn, ldap_result_msg) > 0) {
816                         /* is this a static var or some other? they are handled different for delimited values */
817                         vars = realtime_ldap_result_to_vars(table_config, ldap_result_msg, entries_count_ptr);
818                 } else {
819                         ast_debug(1, "Could not find any entry matching %s in base dn %s.\n",
820                                 filter->str, clean_basedn);
821                 }
822
823                 ldap_msgfree(ldap_result_msg);
824
825                 /* TODO: get the default variables from the accountBaseDN, not implemented with delimited values */
826                 if (vars) {
827                         struct ast_variable **p = vars;
828                         while (*p) {
829                                 struct ast_variable *append_var = NULL;
830                                 struct ast_variable *tmp = *p;
831                                 while (tmp) {
832                                         if (strcasecmp(tmp->name, "accountBaseDN") == 0) {
833                                                 /* Get the variable to compare with for the defaults */
834                                                 struct ast_variable *base_var = ldap_loadentry(table_config, tmp->value);
835                                                 
836                                                 while (base_var) {
837                                                         struct ast_variable *next = base_var->next;
838                                                         struct ast_variable *test_var = *p;
839                                                         int base_var_found = 0;
840
841                                                         /* run throught the default values and fill it inn if it is missing */
842                                                         while (test_var) {
843                                                                 if (strcasecmp(test_var->name, base_var->name) == 0) {
844                                                                         base_var_found = 1;
845                                                                         break;
846                                                                 } else
847                                                                         test_var = test_var->next;
848                                                         }
849                                                         if (base_var_found) {
850                                                                 base_var->next = NULL;
851                                                                 ast_variables_destroy(base_var);
852                                                                 base_var = next;
853                                                         } else {
854                                                                 if (append_var)
855                                                                         base_var->next = append_var;
856                                                                 else
857                                                                         base_var->next = NULL;
858                                                                 append_var = base_var;
859                                                                 base_var = next;
860                                                         }
861                                                 }
862                                         }
863                                         if (!tmp->next && append_var) {
864                                                 tmp->next = append_var;
865                                                 tmp = NULL;
866                                         } else
867                                                 tmp = tmp->next;
868                                 }
869                                 p++;
870                         }
871                 }
872         }
873
874         if (filter)
875                 ast_free(filter);
876
877         if (clean_basedn)
878                 ast_free(clean_basedn);
879
880         ast_mutex_unlock(&ldap_lock);
881
882         return vars;
883 }
884
885 /*! \brief same as realtime_ldap_base_ap but take variable arguments count list */
886 static struct ast_variable **realtime_ldap_base(unsigned int *entries_count_ptr,
887         const char *basedn, const char *table_name, ...)
888 {
889         struct ast_variable **vars = NULL;
890         va_list ap;
891
892         va_start(ap, table_name);
893         vars = realtime_ldap_base_ap(entries_count_ptr, basedn, table_name, ap);
894         va_end(ap);
895
896         return vars;
897 }
898
899 /*! \brief See Asterisk doc
900 *
901 * For Realtime Dynamic(i.e., switch, queues, and directory) -- I think
902 */
903 static struct ast_variable *realtime_ldap(const char *basedn,
904                                           const char *table_name, va_list ap)
905 {
906         struct ast_variable **vars = realtime_ldap_base_ap(NULL, basedn, table_name, ap);
907         struct ast_variable *var = NULL;
908
909         if (vars) {
910                 struct ast_variable *last_var = NULL;
911                 struct ast_variable **p = vars;
912                 while (*p) {
913                         if (last_var) {
914                                 while (last_var->next)
915                                         last_var = last_var->next;
916                                 last_var->next = *p;
917                         } else {
918                                 var = *p;
919                                 last_var = var;
920                         }
921                         p++;
922                 }
923                 free(vars);
924         }
925         return var;
926 }
927
928 /*! \brief See Asterisk doc
929 *
930 * this function will be called for the switch statment if no match is found with the realtime_ldap function(i.e. it is a failover);
931 * however, the ast_load_realtime wil match on wildcharacters also depending on what the mode is set to
932 * this is an area of asterisk that could do with a lot of modification
933 * I think this function returns Realtime dynamic objects
934 */
935 static struct ast_config *realtime_multi_ldap(const char *basedn,
936       const char *table_name, va_list ap)
937 {
938         struct ast_variable **vars =
939                 realtime_ldap_base_ap(NULL, basedn, table_name, ap);
940         struct ast_config *cfg = NULL;
941
942         if (vars) {
943                 cfg = ast_config_new();
944                 if (!cfg) {
945                         ast_log(LOG_ERROR, "Unable to create a config!\n");
946                 } else {
947                         struct ast_variable **p = vars;
948
949                         while (*p) {
950                                 struct ast_category *cat = NULL;
951                                 cat = ast_category_new("", table_name, -1);
952                                 if (!cat) {
953                                         ast_log(LOG_ERROR, "Unable to create a new category!\n");
954                                         break;
955                                 } else {
956                                         struct ast_variable *var = *p;
957                                         while (var) {
958                                                 struct ast_variable *next = var->next;
959                                                 var->next = NULL;
960                                                 ast_variable_append(cat, var);
961                                                 var = next;
962                                         }
963                                 }
964                                 ast_category_append(cfg, cat);
965                                 p++;
966                         }
967                 }
968                 free(vars);
969         }
970         return cfg;
971
972 }
973
974 /*! 
975  * \brief Sorting alogrithm for qsort to find the order of the variables \a a and \a b
976  * \param a pointer to category_and_metric struct
977  * \param b pointer to category_and_metric struct
978  *
979  * \retval -1 for if b is greater
980  * \retval 0 zero for equal
981  * \retval 1 if a is greater
982  */
983 static int compare_categories(const void *a, const void *b)
984 {
985         const struct category_and_metric *as = a;
986         const struct category_and_metric *bs = b;
987
988         if (as->metric < bs->metric)
989                 return -1;
990         else if (as->metric > bs->metric)
991                 return 1;
992         else if (as->metric == bs->metric && strcmp(as->name, bs->name) != 0)
993                 return strcmp(as->name, bs->name);
994
995         /* if the metric and the category name is the same, we check the variable metric */
996         if (as->var_metric < bs->var_metric)
997                 return -1;
998         else if (as->var_metric > bs->var_metric)
999                 return 1;
1000
1001         return 0;
1002 }
1003
1004 /*! \brief See Asterisk doc
1005  *
1006 *       This is for Static Realtime (again: I think...)
1007 *       
1008 *       load the configuration stuff for the .conf files
1009 *       called on a reload
1010 */
1011 static struct ast_config *config_ldap(const char *basedn, const char *table_name,
1012         const char *file, struct ast_config *cfg, struct ast_flags config_flags, const char *sugg_incl, const char *who_asked)
1013 {
1014         unsigned int vars_count = 0;
1015         struct ast_variable **vars;
1016         int i = 0;
1017         struct ast_variable *new_v = NULL;
1018         struct ast_category *cur_cat = NULL;
1019         const char *last_category = NULL;
1020         int last_category_metric = 0;
1021         struct category_and_metric *categories;
1022         struct ast_variable **p;
1023
1024         if (ast_strlen_zero(file) || !strcasecmp(file, RES_CONFIG_LDAP_CONF)) {
1025                 ast_log(LOG_ERROR, "Cannot configure myself.\n");
1026                 return NULL;
1027         }
1028
1029         vars = realtime_ldap_base(&vars_count, basedn, table_name, "filename",
1030                                 file, "commented", "FALSE", NULL);
1031
1032         if (!vars) {
1033                 ast_log(LOG_WARNING, "Could not find config '%s' in database.\n", file);
1034                 return NULL;
1035         }
1036
1037         /*!\note Since the items come back in random order, they need to be sorted
1038          * first, and since the data could easily exceed stack size, this is
1039          * allocated from the heap.
1040          */
1041         if (!(categories = ast_calloc(sizeof(*categories), vars_count)))
1042                 return NULL;
1043
1044         for (vars_count = 0, p = vars; *p; p++) {
1045                 struct ast_variable *category = variable_named(*p, "category");
1046                 struct ast_variable *cat_metric = variable_named(*p, "cat_metric");
1047                 struct ast_variable *var_name = variable_named(*p, "variable_name");
1048                 struct ast_variable *var_val = variable_named(*p, "variable_value");
1049                 struct ast_variable *var_metric = variable_named(*p, "var_metric");
1050                 struct ast_variable *dn = variable_named(*p, "dn");
1051                         
1052                 ast_debug(1, "category: %s\n", category->value);
1053                 ast_debug(1, "var_name: %s\n", var_name->value);
1054                 ast_debug(1, "var_val: %s\n", var_val->value);
1055                 ast_debug(1, "cat_metric: %s\n", cat_metric->value);
1056
1057                 if (!category) {
1058                         ast_log(LOG_ERROR,
1059                                         "No category name in entry '%s'  for file '%s'.\n",
1060                                         (dn ? dn->value : "?"), file);
1061                 } else if (!cat_metric) {
1062                         ast_log(LOG_ERROR,
1063                                         "No category metric in entry '%s'(category: %s) for file '%s'.\n",
1064                                         (dn ? dn->value : "?"), category->value, file);
1065                 } else if (!var_metric) {
1066                         ast_log(LOG_ERROR,
1067                                         "No variable metric in entry '%s'(category: %s) for file '%s'.\n",
1068                                         (dn ? dn->value : "?"), category->value, file);
1069                 } else if (!var_name) {
1070                         ast_log(LOG_ERROR,
1071                                         "No variable name in entry '%s' (category: %s metric: %s) for file '%s'.\n",
1072                                         (dn ? dn->value : "?"), category->value,
1073                                         cat_metric->value, file);
1074                 } else if (!var_val) {
1075                         ast_log(LOG_ERROR,
1076                                         "No variable value in entry '%s' (category: %s metric: %s variable: %s) for file '%s'.\n",
1077                                         (dn ? dn->value : "?"), category->value,
1078                                         cat_metric->value, var_name->value, file);
1079                 } else {
1080                         categories[vars_count].name = category->value;
1081                         categories[vars_count].metric = atoi(cat_metric->value);
1082                         categories[vars_count].variable_name = var_name->value;
1083                         categories[vars_count].variable_value = var_val->value;
1084                         categories[vars_count].var_metric = atoi(var_metric->value);
1085                         vars_count++;
1086                 }
1087         }
1088
1089         qsort(categories, vars_count, sizeof(*categories), compare_categories);
1090
1091         for (i = 0; i < vars_count; i++) {
1092                 if (!strcmp(categories[i].variable_name, "#include")) {
1093                         struct ast_flags flags = { 0 };
1094                         if (!ast_config_internal_load(categories[i].variable_value, cfg, flags, "", who_asked))
1095                                 break;
1096                         continue;
1097                 }
1098
1099                 if (!last_category || strcmp(last_category, categories[i].name) ||
1100                         last_category_metric != categories[i].metric) {
1101                         cur_cat = ast_category_new(categories[i].name, table_name, -1);
1102                         if (!cur_cat)
1103                                 break;
1104                         last_category = categories[i].name;
1105                         last_category_metric = categories[i].metric;
1106                         ast_category_append(cfg, cur_cat);
1107                 }
1108
1109                 if (!(new_v = ast_variable_new(categories[i].variable_name, categories[i].variable_value, table_name)))
1110                         break;
1111
1112                 ast_variable_append(cur_cat, new_v);
1113         }
1114
1115         free(vars);
1116         free(categories);
1117
1118         return cfg;
1119 }
1120
1121 /* \brief Function to update a set of values in ldap
1122 static
1123 */
1124 static int update_ldap(const char *basedn, const char *table_name, const char *attribute,
1125         const char *lookup, va_list ap)
1126 {
1127         int error = 0;
1128         LDAPMessage *ldap_entry = NULL;
1129         LDAPMod **ldap_mods;
1130         const char *newparam = NULL;
1131         const char *newval = NULL;
1132         char *dn;
1133         int num_entries = 0;
1134         int i = 0;
1135         int mods_size = 0;
1136         int mod_exists = 0;
1137         struct ldap_table_config *table_config = NULL;
1138         char *clean_basedn = NULL;
1139         struct ast_str *filter = NULL;
1140         int tries = 0;
1141         int result = 0;
1142         LDAPMessage *ldap_result_msg = NULL;
1143
1144         if (!table_name) {
1145                 ast_log(LOG_WARNING, "No table_name specified.\n");
1146                 return -1;
1147         } 
1148
1149         if (!(filter = ast_str_create(80)))
1150                 return -1;
1151
1152         if (!attribute || !lookup) {
1153                 ast_log(LOG_WARNING,
1154                                 "LINE(%d): search parameters are empty.\n", __LINE__);
1155                 return -1;
1156         }
1157         ast_mutex_lock(&ldap_lock);
1158
1159         /* We now have our complete statement; Lets connect to the server and execute it.  */
1160         if (!ldap_reconnect()) {
1161                 ast_mutex_unlock(&ldap_lock);
1162                 return -1;
1163         }
1164
1165         table_config = table_config_for_table_name(table_name);
1166         if (!table_config) {
1167                 ast_log(LOG_WARNING, "No table named '%s'.\n", table_name);
1168                 ast_mutex_unlock(&ldap_lock);
1169                 return -1;
1170         }
1171
1172         clean_basedn = cleaned_basedn(NULL, basedn);
1173
1174         /* Create the filter with the table additional filter and the parameter/value pairs we were given */
1175         ast_str_append(&filter, 0, "(&");
1176         if (table_config && table_config->additional_filter) {
1177                 ast_str_append(&filter, 0, "%s", table_config->additional_filter);
1178         }
1179         if (table_config != base_table_config && base_table_config
1180                 && base_table_config->additional_filter) {
1181                 ast_str_append(&filter, 0, "%s", base_table_config->additional_filter);
1182         }
1183         append_var_and_value_to_filter(&filter, table_config, attribute, lookup);
1184         ast_str_append(&filter, 0, ")");
1185
1186         /* Create the modification array with the parameter/value pairs we were given, 
1187          * if there are several parameters with the same name, we collect them into 
1188          * one parameter/value pair and delimit them with a semicolon */
1189         newparam = va_arg(ap, const char *);
1190         newparam = convert_attribute_name_to_ldap(table_config, newparam);
1191         newval = va_arg(ap, const char *);
1192         if (!newparam || !newval) {
1193                 ast_log(LOG_WARNING,
1194                                 "LINE(%d): need at least one parameter to modify.\n", __LINE__);
1195                 return -1;
1196         }
1197
1198         mods_size = 2; /* one for the first param/value pair and one for the the terminating NULL */
1199         ldap_mods = ast_calloc(sizeof(LDAPMod *), mods_size);
1200         ldap_mods[0] = ast_calloc(1, sizeof(LDAPMod));
1201
1202         ldap_mods[0]->mod_op = LDAP_MOD_REPLACE;
1203         ldap_mods[0]->mod_type = ast_calloc(sizeof(char), strlen(newparam) + 1);
1204         strcpy(ldap_mods[0]->mod_type, newparam);
1205
1206         ldap_mods[0]->mod_values = ast_calloc(sizeof(char), 2);
1207         ldap_mods[0]->mod_values[0] = ast_calloc(sizeof(char), strlen(newval) + 1);
1208         strcpy(ldap_mods[0]->mod_values[0], newval);
1209
1210         while ((newparam = va_arg(ap, const char *))) {
1211                 newparam = convert_attribute_name_to_ldap(table_config, newparam);
1212                 newval = va_arg(ap, const char *);
1213                 mod_exists = 0;
1214
1215                 for (i = 0; i < mods_size - 1; i++) {
1216                         if (ldap_mods[i]&& !strcmp(ldap_mods[i]->mod_type, newparam)) {
1217                                 /* We have the parameter allready, adding the value as a semicolon delimited value */
1218                                 ldap_mods[i]->mod_values[0] = ast_realloc(ldap_mods[i]->mod_values[0], sizeof(char) * (strlen(ldap_mods[i]->mod_values[0]) + strlen(newval) + 2));
1219                                 strcat(ldap_mods[i]->mod_values[0], ";");
1220                                 strcat(ldap_mods[i]->mod_values[0], newval);
1221                                 mod_exists = 1; 
1222                                 break;
1223                         }
1224                 }
1225
1226                 /* create new mod */
1227                 if (!mod_exists) {
1228                         mods_size++;
1229                         ldap_mods = ast_realloc(ldap_mods, sizeof(LDAPMod *) * mods_size);
1230                         ldap_mods[mods_size - 1] = NULL;
1231                         ldap_mods[mods_size - 2] = ast_calloc(1, sizeof(LDAPMod));
1232
1233                         ldap_mods[mods_size - 2]->mod_op = LDAP_MOD_REPLACE;
1234
1235                         ldap_mods[mods_size - 2]->mod_type = ast_calloc(sizeof(char), strlen(newparam) + 1);
1236                         strcpy(ldap_mods[mods_size - 2]->mod_type, newparam);
1237
1238                         ldap_mods[mods_size - 2]->mod_values = ast_calloc(sizeof(char *), 2);
1239                         ldap_mods[mods_size - 2]->mod_values[0] = ast_calloc(sizeof(char), strlen(newval) + 1);
1240                         strcpy(ldap_mods[mods_size - 2]->mod_values[0], newval);
1241                 }
1242         }
1243         /* freeing ldap_mods further down */
1244
1245         do {
1246                 /* freeing ldap_result further down */
1247                 result = ldap_search_ext_s(ldapConn, clean_basedn,
1248                                   LDAP_SCOPE_SUBTREE, filter->str, NULL, 0, NULL, NULL, NULL, LDAP_NO_LIMIT,
1249                                   &ldap_result_msg);
1250                 if (result != LDAP_SUCCESS && is_ldap_connect_error(result)) {
1251                         ast_log(LOG_WARNING, "Failed to query database. Try %d/3\n",
1252                                 tries + 1);
1253                         tries++;
1254                         if (tries < 3) {
1255                                 usleep(500000L * tries);
1256                                 if (ldapConn) {
1257                                         ldap_unbind_ext_s(ldapConn, NULL, NULL);
1258                                         ldapConn = NULL;
1259                                 }
1260                                 if (!ldap_reconnect())
1261                                         break;
1262                         }
1263                 }
1264         } while (result != LDAP_SUCCESS && tries < 3 && is_ldap_connect_error(result));
1265
1266         if (result != LDAP_SUCCESS) {
1267                 ast_log(LOG_WARNING, "Failed to query directory. Check debug for more info.\n");
1268                 ast_log(LOG_WARNING, "Query: %s\n", filter->str);
1269                 ast_log(LOG_WARNING, "Query Failed because: %s\n",
1270                         ldap_err2string(result));
1271
1272                 ast_mutex_unlock(&ldap_lock);
1273                 if (filter)
1274                         free(filter);
1275                 if (clean_basedn)
1276                         free(clean_basedn);
1277                 ldap_msgfree(ldap_result_msg);
1278                 ldap_mods_free(ldap_mods, 0);
1279                 return -1;
1280         }
1281         /* Ready to update */
1282         if ((num_entries = ldap_count_entries(ldapConn, ldap_result_msg)) > 0) {
1283                 ast_debug(3, "LINE(%d) Modifying %s=%s hits: %d\n", __LINE__, attribute, lookup, num_entries);
1284                 for (i = 0; option_debug > 2 && i < mods_size - 1; i++)
1285                         ast_debug(3, "LINE(%d) %s=%s \n", __LINE__, ldap_mods[i]->mod_type, ldap_mods[i]->mod_values[0]);
1286
1287                 ldap_entry = ldap_first_entry(ldapConn, ldap_result_msg);
1288
1289                 for (i = 0; ldap_entry; i++) { 
1290                         dn = ldap_get_dn(ldapConn, ldap_entry);
1291                         if ((error = ldap_modify_ext_s(ldapConn, dn, ldap_mods, NULL, NULL)) != LDAP_SUCCESS) 
1292                                 ast_log(LOG_ERROR, "Couldn't modify dn:%s because %s", dn, ldap_err2string(error));
1293
1294                         ldap_entry = ldap_next_entry(ldapConn, ldap_entry);
1295                 }
1296         }
1297
1298         ast_mutex_unlock(&ldap_lock);
1299         if (filter)
1300                 free(filter);
1301         if (clean_basedn)
1302                 free(clean_basedn);
1303         ldap_msgfree(ldap_result_msg);
1304         ldap_mods_free(ldap_mods, 0);
1305         return num_entries;
1306 }
1307
1308 static struct ast_config_engine ldap_engine = {
1309         .name = "ldap",
1310         .load_func = config_ldap,
1311         .realtime_func = realtime_ldap,
1312         .realtime_multi_func = realtime_multi_ldap,
1313         .update_func = update_ldap
1314 };
1315
1316 static int load_module(void)
1317 {
1318         if (parse_config() < 0) {
1319                 ast_log(LOG_NOTICE, "Cannot load LDAP RealTime driver.\n");
1320                 return 0;
1321         }
1322
1323         ast_mutex_lock(&ldap_lock);
1324
1325         if (!ldap_reconnect()) 
1326                 ast_log(LOG_WARNING, "Couldn't establish connection. Check debug.\n");
1327
1328         ast_config_engine_register(&ldap_engine);
1329         ast_verb(1, "LDAP RealTime driver loaded.\n");
1330         ast_cli_register_multiple(ldap_cli, sizeof(ldap_cli) / sizeof(struct ast_cli_entry));
1331
1332         ast_mutex_unlock(&ldap_lock);
1333
1334         return 0;
1335 }
1336
1337 static int unload_module(void)
1338 {
1339         /* Aquire control before doing anything to the module itself. */
1340         ast_mutex_lock(&ldap_lock);
1341
1342         table_configs_free();
1343
1344         if (ldapConn) {
1345                 ldap_unbind_ext_s(ldapConn, NULL, NULL);
1346                 ldapConn = NULL;
1347         }
1348         ast_cli_unregister_multiple(ldap_cli, sizeof(ldap_cli) / sizeof(struct ast_cli_entry));
1349         ast_config_engine_deregister(&ldap_engine);
1350         ast_verb(1, "LDAP RealTime unloaded.\n");
1351
1352         /* Unlock so something else can destroy the lock. */
1353         ast_mutex_unlock(&ldap_lock);
1354
1355         return 0;
1356 }
1357
1358 static int reload(void)
1359 {
1360         /* Aquire control before doing anything to the module itself. */
1361         ast_mutex_lock(&ldap_lock);
1362
1363         if (ldapConn) {
1364                 ldap_unbind_ext_s(ldapConn, NULL, NULL);
1365                 ldapConn = NULL;
1366         }
1367
1368         if (parse_config() < 0) {
1369                 ast_log(LOG_NOTICE, "Cannot reload LDAP RealTime driver.\n");
1370                 ast_mutex_unlock(&ldap_lock);
1371                 return 0;
1372         }               
1373
1374         if (!ldap_reconnect()) 
1375                 ast_log(LOG_WARNING, "Couldn't establish connection. Check debug.\n");
1376
1377         ast_verb(2, "LDAP RealTime reloaded.\n");
1378
1379         /* Done reloading. Release lock so others can now use driver. */
1380         ast_mutex_unlock(&ldap_lock);
1381
1382         return 0;
1383 }
1384
1385 int parse_config(void)
1386 {
1387         struct ast_config *config;
1388         struct ast_flags config_flags = {0};
1389         const char *s, *host;
1390         int port;
1391         char *category_name = NULL;
1392
1393         config = ast_config_load(RES_CONFIG_LDAP_CONF, config_flags);
1394
1395         if (!config) {
1396                 ast_log(LOG_WARNING, "Cannot load configuration %s\n", RES_CONFIG_LDAP_CONF);
1397                 return -1;
1398         }
1399
1400         if (!(s = ast_variable_retrieve(config, "_general", "user"))) {
1401                 ast_log(LOG_WARNING, "No directory user found, anonymous binding as default.\n");
1402                 user[0] = '\0';
1403         } else 
1404                 ast_copy_string(user, s, sizeof(user));
1405
1406         if (!ast_strlen_zero(user)) {
1407                 if (!(s = ast_variable_retrieve(config, "_general", "pass"))) {
1408                         ast_log(LOG_WARNING, "No directory password found, using 'asterisk' as default.\n");
1409                         ast_copy_string(pass, "asterisk", sizeof(pass));
1410                 } else {
1411                         ast_copy_string(pass, s, sizeof(pass));
1412                 }
1413         }
1414
1415         /* URL is preferred, use host and port if not found */
1416         if ((s = ast_variable_retrieve(config, "_general", "url"))) {
1417                 ast_copy_string(url, s, sizeof(url));
1418         } else if ((host = ast_variable_retrieve(config, "_general", "host"))) {
1419                 if (!(s = ast_variable_retrieve(config, "_general", "port")) || sscanf(s, "%d", &port) != 1) {
1420                         ast_log(LOG_NOTICE, "No directory port found, using 389 as default.\n");
1421                         port = 389;
1422                 }
1423
1424                 snprintf(url, sizeof(url), "ldap://%s:%d", host, port);
1425         } else {
1426                 ast_log(LOG_ERROR, "No directory URL or host found.\n");
1427                 ast_config_destroy(config);
1428                 return -1;
1429         }
1430
1431         if (!(s = ast_variable_retrieve(config, "_general", "basedn"))) {
1432                 ast_log(LOG_ERROR, "No LDAP base dn found, using '%s' as default.\n", RES_CONFIG_LDAP_DEFAULT_BASEDN);
1433                 ast_copy_string(base_distinguished_name, RES_CONFIG_LDAP_DEFAULT_BASEDN, sizeof(base_distinguished_name));
1434         } else 
1435                 ast_copy_string(base_distinguished_name, s, sizeof(base_distinguished_name));
1436
1437         if (!(s = ast_variable_retrieve(config, "_general", "version")) && !(s = ast_variable_retrieve(config, "_general", "protocol"))) {
1438                 ast_log(LOG_NOTICE, "No explicit LDAP version found, using 3 as default.\n");
1439                 version = 3;
1440         } else if (sscanf(s, "%d", &version) != 1 || version < 1 || version > 6) {
1441                 ast_log(LOG_WARNING, "Invalid LDAP version '%s', using 3 as default.\n", s);
1442                 version = 3;
1443         }
1444
1445         table_configs_free();
1446
1447         while ((category_name = ast_category_browse(config, category_name))) {
1448                 int is_general = (strcasecmp(category_name, "_general") == 0);
1449                 int is_config = (strcasecmp(category_name, "config") == 0); /*!< using the [config] context for Static RealTime */
1450                 struct ast_variable *var = ast_variable_browse(config, category_name);
1451                 
1452                 if (var) {
1453                         struct ldap_table_config *table_config =
1454                                 table_config_for_table_name(category_name);
1455                         if (!table_config) {
1456                                 table_config = table_config_new(category_name);
1457                                 AST_LIST_INSERT_HEAD(&table_configs, table_config, entry);
1458                                 if (is_general)
1459                                         base_table_config = table_config;
1460                                 if (is_config)
1461                                         static_table_config = table_config;
1462                         }
1463                         for (; var; var = var->next) {
1464                                 if (!strcasecmp(var->name, "additionalFilter")) {
1465                                         table_config->additional_filter = ast_strdup(var->value);
1466                                 } else {
1467                                         ldap_table_config_add_attribute(table_config, var->name, var->value);
1468                                 }
1469                         }
1470                 }
1471         }
1472
1473         ast_config_destroy(config);
1474
1475         return 1;
1476 }
1477
1478 /*! \note ldap_lock should have been locked before calling this function. */
1479 static int ldap_reconnect(void)
1480 {
1481         int bind_result = 0;
1482         struct berval cred;
1483
1484         if (ldapConn) {
1485                 ast_debug(2, "Everything seems fine.\n");
1486                 return 1;
1487         }
1488
1489         if (ast_strlen_zero(url)) {
1490                 ast_log(LOG_ERROR, "Not enough parameters to connect to ldap database\n");
1491                 return 0;
1492         }
1493
1494         if (LDAP_SUCCESS != ldap_initialize(&ldapConn, url)) {
1495                 ast_log(LOG_ERROR, "Failed to init ldap connection to '%s'. Check debug for more info.\n", url);
1496                 return 0;
1497         }
1498
1499         if (LDAP_OPT_SUCCESS != ldap_set_option(ldapConn, LDAP_OPT_PROTOCOL_VERSION, &version)) {
1500                 ast_log(LOG_WARNING, "Unable to set LDAP protocol version to %d, falling back to default.\n", version);
1501         }
1502
1503         if (!ast_strlen_zero(user)) {
1504                 ast_debug(2, "bind to '%s' as user '%s'\n", url, user);
1505                 cred.bv_val = (char *) pass;
1506                 cred.bv_len = strlen(pass);
1507                 bind_result = ldap_sasl_bind_s(ldapConn, user, LDAP_SASL_SIMPLE, &cred, NULL, NULL, NULL);
1508         } else {
1509                 ast_debug(2, "bind %s anonymously\n", url);
1510                 cred.bv_val = NULL;
1511                 cred.bv_len = 0;
1512                 bind_result = ldap_sasl_bind_s(ldapConn, NULL, LDAP_SASL_SIMPLE, &cred, NULL, NULL, NULL);
1513         }
1514         if (bind_result == LDAP_SUCCESS) {
1515                 ast_debug(2, "Successfully connected to database.\n");
1516                 connect_time = time(NULL);
1517                 return 1;
1518         } else {
1519                 ast_log(LOG_WARNING, "bind failed: %s\n", ldap_err2string(bind_result));
1520                 ldap_unbind_ext_s(ldapConn, NULL, NULL);
1521                 ldapConn = NULL;
1522                 return 0;
1523         }
1524 }
1525
1526 static char *realtime_ldap_status(struct ast_cli_entry *e, int cmd, struct ast_cli_args *a)
1527 {
1528         char status[256], credentials[100] = "";
1529         int ctimesec = time(NULL) - connect_time;
1530
1531         switch (cmd) {
1532         case CLI_INIT:
1533                 e->command = "realtime ldap status";
1534                 e->usage =
1535                         "Usage: realtime ldap status\n"
1536                         "               Shows connection information for the LDAP RealTime driver\n";
1537                 return NULL;
1538         case CLI_GENERATE:
1539                 return NULL;
1540         }
1541
1542         if (!ldapConn)
1543                 return CLI_FAILURE;
1544
1545         if (!ast_strlen_zero(url)) 
1546                 snprintf(status, sizeof(status), "Connected to '%s', baseDN %s", url, base_distinguished_name);
1547
1548         if (!ast_strlen_zero(user))
1549                 snprintf(credentials, sizeof(credentials), " with username %s", user);
1550
1551         if (ctimesec > 31536000) {
1552                 ast_cli(a->fd, "%s%s for %d years, %d days, %d hours, %d minutes, %d seconds.\n",
1553                                 status, credentials, ctimesec / 31536000,
1554                                 (ctimesec % 31536000) / 86400, (ctimesec % 86400) / 3600,
1555                                 (ctimesec % 3600) / 60, ctimesec % 60);
1556         } else if (ctimesec > 86400) {
1557                 ast_cli(a->fd, "%s%s for %d days, %d hours, %d minutes, %d seconds.\n",
1558                                 status, credentials, ctimesec / 86400, (ctimesec % 86400) / 3600,
1559                                 (ctimesec % 3600) / 60, ctimesec % 60);
1560         } else if (ctimesec > 3600) {
1561                 ast_cli(a->fd, "%s%s for %d hours, %d minutes, %d seconds.\n",
1562                                 status, credentials, ctimesec / 3600, (ctimesec % 3600) / 60,
1563                                 ctimesec % 60);
1564         } else if (ctimesec > 60) {
1565                 ast_cli(a->fd, "%s%s for %d minutes, %d seconds.\n", status, credentials,
1566                                         ctimesec / 60, ctimesec % 60);
1567         } else {
1568                 ast_cli(a->fd, "%s%s for %d seconds.\n", status, credentials, ctimesec);
1569         }
1570
1571         return CLI_SUCCESS;
1572 }
1573
1574 AST_MODULE_INFO(ASTERISK_GPL_KEY, AST_MODFLAG_GLOBAL_SYMBOLS, "LDAP realtime interface",
1575         .load = load_module,
1576         .unload = unload_module,
1577         .reload = reload,
1578 );