Merge "realtime: Centralize some common realtime backend code"
[asterisk/asterisk.git] / res / res_config_ldap.c
1 /*
2  * Asterisk -- An open source telephony toolkit.
3  *
4  * Copyright (C) 2005, Oxymium sarl
5  * Manuel Guesdon <mguesdon@oxymium.net> - LDAP RealTime Driver Author/Adaptor
6  *
7  * Copyright (C) 2007, Digium, Inc.
8  * Russell Bryant <russell@digium.com>
9  *
10  * See http://www.asterisk.org for more information about
11  * the Asterisk project. Please do not directly contact
12  * any of the maintainers of this project for assistance;
13  * the project provides a web site, mailing lists and IRC
14  * channels for your use.
15  *
16  * This program is free software, distributed under the terms of
17  * the GNU General Public License Version 2. See the LICENSE file
18  * at the top of the source tree.
19  *
20  */
21
22 /*! \file
23  *
24  * \brief LDAP plugin for portable configuration engine (ARA)
25  *
26  * \author Mark Spencer <markster@digium.com>
27  * \author Manuel Guesdon
28  * \author Carl-Einar Thorner <cthorner@voicerd.com>
29  * \author Russell Bryant <russell@digium.com>
30  *
31  * OpenLDAP http://www.openldap.org
32  */
33
34 /*! \li \ref res_config_ldap.c uses the configuration file \ref res_ldap.conf
35  * \addtogroup configuration_file Configuration Files
36  */
37
38 /*! 
39  * \page res_ldap.conf res_ldap.conf
40  * \verbinclude res_ldap.conf.sample
41  */
42
43 /*** MODULEINFO
44         <depend>ldap</depend>
45         <support_level>extended</support_level>
46  ***/
47
48 #include "asterisk.h"
49
50 #include <stdlib.h>
51 #include <string.h>
52 #include <ctype.h>
53 #include <stdio.h>
54 #include <ldap.h>
55
56 #include "asterisk/channel.h"
57 #include "asterisk/logger.h"
58 #include "asterisk/config.h"
59 #include "asterisk/module.h"
60 #include "asterisk/lock.h"
61 #include "asterisk/options.h"
62 #include "asterisk/cli.h"
63 #include "asterisk/utils.h"
64 #include "asterisk/strings.h"
65 #include "asterisk/pbx.h"
66 #include "asterisk/linkedlists.h"
67
68 #define RES_CONFIG_LDAP_CONF "res_ldap.conf"
69 #define RES_CONFIG_LDAP_DEFAULT_BASEDN "asterisk"
70
71 AST_MUTEX_DEFINE_STATIC(ldap_lock);
72
73 static LDAP *ldapConn;
74 static char url[512];
75 static char user[512];
76 static char pass[512];
77 static char base_distinguished_name[512];
78 static int version;
79 static time_t connect_time;
80
81 static int parse_config(void);
82 static int ldap_reconnect(void);
83 static char *realtime_ldap_status(struct ast_cli_entry *e, int cmd, struct ast_cli_args *a);
84
85 struct category_and_metric {
86         const char *name;
87         int metric;
88         const char *variable_name;
89         const char *variable_value;
90         int var_metric; /*!< For organizing variables (particularly includes and switch statments) within a context */
91 };
92
93 /*! \brief Table configuration 
94  */
95 struct ldap_table_config {
96         char *table_name;                /*!< table name */
97         char *additional_filter;          /*!< additional filter        */
98         struct ast_variable *attributes;  /*!< attribute names conversion */
99         struct ast_variable *delimiters;  /*!< the current delimiter is semicolon, so we are not using this variable */
100         AST_LIST_ENTRY(ldap_table_config) entry;
101         /* TODO: Make proxies work */
102 };
103
104 /*! \brief Should be locked before using it 
105  */
106 static AST_LIST_HEAD_NOLOCK_STATIC(table_configs, ldap_table_config);
107 static struct ldap_table_config *base_table_config;
108 static struct ldap_table_config *static_table_config;
109
110 static struct ast_cli_entry ldap_cli[] = {
111         AST_CLI_DEFINE(realtime_ldap_status, "Shows connection information for the LDAP RealTime driver"),
112 };
113
114 /*! \brief Create a new table_config
115  */
116 static struct ldap_table_config *table_config_new(const char *table_name)
117 {
118         struct ldap_table_config *p;
119
120         if (!(p = ast_calloc(1, sizeof(*p))))
121                 return NULL;
122
123         if (table_name) {
124                 if (!(p->table_name = ast_strdup(table_name))) {
125                         ast_free(p);
126                         return NULL;
127                 }
128         }
129
130         return p;
131 }
132
133 /*! \brief Find a table_config
134  *
135  * Should be locked before using it 
136  *
137  *  \note This function assumes ldap_lock to be locked.
138  */
139 static struct ldap_table_config *table_config_for_table_name(const char *table_name)
140 {
141         struct ldap_table_config *c = NULL;
142
143         AST_LIST_TRAVERSE(&table_configs, c, entry) {
144                 if (!strcmp(c->table_name, table_name))
145                         break;
146         }
147
148         return c;
149 }
150
151 /*! \brief Find variable by name
152  */
153 static struct ast_variable *variable_named(struct ast_variable *var, const char *name)
154 {
155         for (; var; var = var->next) {
156                 if (!strcasecmp(name, var->name))
157                         break;
158         }
159
160         return var;
161 }
162
163 /*! \brief Count  semicolons in string
164  * \param somestr - pointer to a string
165  *
166  * \return number of occurances of the delimiter(semicolon)
167  */
168 static int semicolon_count_str(const char *somestr)
169 {
170         int count = 0;
171
172         for (; *somestr; somestr++) {
173                 if (*somestr == ';')
174                         count++;
175         }
176
177         return count;
178 }
179
180 /* \brief Count semicolons in variables
181  *  
182  * takes a linked list of \a ast_variable variables, finds the one with the name variable_value
183  * and returns the number of semicolons in the value for that \a ast_variable
184  */
185 static int semicolon_count_var(struct ast_variable *var)
186 {
187         struct ast_variable *var_value = variable_named(var, "variable_value");
188
189         if (!var_value) {
190                 return 0;
191         }
192
193         ast_debug(2, "semicolon_count_var: %s\n", var_value->value);
194
195         return semicolon_count_str(var_value->value);
196 }
197
198 /*! \brief add attribute to table config
199  *
200  * Should be locked before using it
201  */
202 static void ldap_table_config_add_attribute(struct ldap_table_config *table_config,
203         const char *attribute_name, const char *attribute_value)
204 {
205         struct ast_variable *var;
206
207         if (ast_strlen_zero(attribute_name) || ast_strlen_zero(attribute_value)) {
208                 return;
209         }
210
211         if (!(var = ast_variable_new(attribute_name, attribute_value, table_config->table_name))) {
212                 return;
213         }
214
215         if (table_config->attributes) {
216                 var->next = table_config->attributes;
217         }
218         table_config->attributes = var;
219 }
220
221 /*! \brief Free table_config
222  *
223  * \note assumes ldap_lock to be locked
224  */
225 static void table_configs_free(void)
226 {
227         struct ldap_table_config *c;
228
229         while ((c = AST_LIST_REMOVE_HEAD(&table_configs, entry))) {
230                 if (c->table_name) {
231                         ast_free(c->table_name);
232                 }
233                 if (c->additional_filter) {
234                         ast_free(c->additional_filter);
235                 }
236                 if (c->attributes) {
237                         ast_variables_destroy(c->attributes);
238                 }
239                 ast_free(c);
240         }
241
242         base_table_config = NULL;
243         static_table_config = NULL;
244 }
245
246 /*! \brief Convert variable name to ldap attribute name
247  *
248  * \note Should be locked before using it
249  */
250 static const char *convert_attribute_name_to_ldap(struct ldap_table_config *table_config,
251         const char *attribute_name)
252 {
253         int i = 0;
254         struct ldap_table_config *configs[] = { table_config, base_table_config };
255
256         for (i = 0; i < ARRAY_LEN(configs); i++) {
257                 struct ast_variable *attribute;
258
259                 if (!configs[i]) {
260                         continue;
261                 }
262
263                 attribute = configs[i]->attributes;
264                 for (; attribute; attribute = attribute->next) {
265                         if (!strcasecmp(attribute_name, attribute->name)) {
266                                 return attribute->value;
267                         }
268                 }
269         }
270
271         return attribute_name;
272 }
273
274 /*! \brief Convert ldap attribute name to variable name 
275  *
276  * \note Should be locked before using it
277  */
278 static const char *convert_attribute_name_from_ldap(struct ldap_table_config *table_config,
279                                                     const char *attribute_name)
280 {
281         int i = 0;
282         struct ldap_table_config *configs[] = { table_config, base_table_config };
283
284         for (i = 0; i < ARRAY_LEN(configs); i++) {
285                 struct ast_variable *attribute;
286
287                 if (!configs[i]) {
288                         continue;
289                 }
290
291                 attribute = configs[i]->attributes;
292                 for (; attribute; attribute = attribute->next) {
293                         if (strcasecmp(attribute_name, attribute->value) == 0) {
294                                 return attribute->name;
295                         }
296                 }
297         }
298
299         return attribute_name;
300 }
301
302 /*! \brief Get variables from ldap entry attributes 
303  * \note Should be locked before using it
304  * \return a linked list of ast_variable variables.
305  */
306 static struct ast_variable *realtime_ldap_entry_to_var(struct ldap_table_config *table_config,
307         LDAPMessage *ldap_entry)
308 {
309         BerElement *ber = NULL;
310         struct ast_variable *var = NULL;
311         struct ast_variable *prev = NULL;
312         int is_delimited = 0;
313         int i = 0;
314         char *ldap_attribute_name;
315         struct berval *value;
316         int pos = 0;
317
318         ldap_attribute_name = ldap_first_attribute(ldapConn, ldap_entry, &ber);
319
320         while (ldap_attribute_name) {
321                 struct berval **values = NULL;
322                 const char *attribute_name = convert_attribute_name_from_ldap(table_config, ldap_attribute_name);
323                 int is_realmed_password_attribute = strcasecmp(attribute_name, "md5secret") == 0;
324
325                 values = ldap_get_values_len(ldapConn, ldap_entry, ldap_attribute_name); /* these are freed at the end */
326                 if (values) {
327                         struct berval **v;
328                         char *valptr;
329
330                         for (v = values; *v; v++) {
331                                 value = *v;
332                                 valptr = value->bv_val;
333                                 ast_debug(2, "attribute_name: %s LDAP value: %s\n", attribute_name, valptr);
334                                 if (is_realmed_password_attribute) {
335                                         if (!strncasecmp(valptr, "{md5}", 5)) {
336                                                 valptr += 5;
337                                         }
338                                         ast_debug(2, "md5: %s\n", valptr);
339                                 }
340                                 if (valptr) {
341                                         /* ok, so looping through all delimited values except the last one (not, last character is not delimited...) */
342                                         if (is_delimited) {
343                                                 i = 0;
344                                                 pos = 0;
345                                                 while (!ast_strlen_zero(valptr + i)) {
346                                                         if (valptr[i] == ';') {
347                                                                 valptr[i] = '\0';
348                                                                 if (prev) {
349                                                                         prev->next = ast_variable_new(attribute_name, &valptr[pos], table_config->table_name);
350                                                                         if (prev->next) {
351                                                                                 prev = prev->next;
352                                                                         }
353                                                                 } else {
354                                                                         prev = var = ast_variable_new(attribute_name, &valptr[pos], table_config->table_name);
355                                                                 }
356                                                                 pos = i + 1;
357                                                         }
358                                                         i++;
359                                                 }
360                                         }
361                                         /* for the last delimited value or if the value is not delimited: */
362                                         if (prev) {
363                                                 prev->next = ast_variable_new(attribute_name, &valptr[pos], table_config->table_name);
364                                                 if (prev->next) {
365                                                         prev = prev->next;
366                                                 }
367                                         } else {
368                                                 prev = var = ast_variable_new(attribute_name, &valptr[pos], table_config->table_name);
369                                         }
370                                 }
371                         }
372                         ldap_value_free_len(values);
373                 }
374                 ldap_memfree(ldap_attribute_name);
375                 ldap_attribute_name = ldap_next_attribute(ldapConn, ldap_entry, ber);
376         }
377         ber_free(ber, 0);
378
379         return var;
380 }
381
382 /*! \brief Get variables from ldap entry attributes - Should be locked before using it
383  *
384  * The results are freed outside this function so is the \a vars array.
385  *      
386  * \return \a vars - an array of ast_variable variables terminated with a null.
387  */
388 static struct ast_variable **realtime_ldap_result_to_vars(struct ldap_table_config *table_config,
389         LDAPMessage *ldap_result_msg, unsigned int *entries_count_ptr)
390 {
391         struct ast_variable **vars;
392         int i = 0;
393         int tot_count = 0;
394         int entry_index = 0;
395         LDAPMessage *ldap_entry = NULL;
396         BerElement *ber = NULL;
397         struct ast_variable *var = NULL;
398         struct ast_variable *prev = NULL;
399         int is_delimited = 0;
400         char *delim_value = NULL;
401         int delim_tot_count = 0;
402         int delim_count = 0;
403
404         /* \breif First find the total count
405          */
406         ldap_entry = ldap_first_entry(ldapConn, ldap_result_msg);
407
408         for (tot_count = 0; ldap_entry; tot_count++) { 
409                 struct ast_variable *tmp = realtime_ldap_entry_to_var(table_config, ldap_entry);
410                 tot_count += semicolon_count_var(tmp);
411                 ldap_entry = ldap_next_entry(ldapConn, ldap_entry);
412                 ast_variables_destroy(tmp);
413         }
414
415         if (entries_count_ptr) {
416                 *entries_count_ptr = tot_count;
417         }
418
419         /*! \note Now that we have the total count we allocate space and create the variables
420          * Remember that each element in vars is a linked list that points to realtime variable.
421          * If the we are dealing with a static realtime variable we create a new element in the \a vars array for each delimited
422          * value in \a variable_value; otherwise, we keep \a vars static and increase the length of the linked list of variables in the array element.
423          * This memory must be freed outside of this function.
424          */
425         vars = ast_calloc(tot_count + 1, sizeof(struct ast_variable *));
426
427         ldap_entry = ldap_first_entry(ldapConn, ldap_result_msg);
428
429         i = 0;
430
431         /* \brief For each static realtime variable we may create several entries in the \a vars array if it's delimited
432          */
433         for (entry_index = 0; ldap_entry; ) {
434                 int pos = 0;
435                 delim_value = NULL;
436                 delim_tot_count = 0;
437                 delim_count = 0;
438
439                 do { /* while delim_count */
440
441                         /* Starting new static var */
442                         char *ldap_attribute_name = ldap_first_attribute(ldapConn, ldap_entry, &ber);
443                         struct berval *value;
444                         while (ldap_attribute_name) {
445                                 const char *attribute_name = convert_attribute_name_from_ldap(table_config, ldap_attribute_name);
446                                 int is_realmed_password_attribute = strcasecmp(attribute_name, "md5secret") == 0;
447                                 struct berval **values = NULL;
448
449                                 values = ldap_get_values_len(ldapConn, ldap_entry, ldap_attribute_name);
450                                 if (values) {
451                                         struct berval **v;
452                                         char *valptr;
453
454                                         for (v = values; *v; v++) {
455                                                 value = *v;
456                                                 valptr = value->bv_val;
457                                                 if (is_realmed_password_attribute) {
458                                                         if (strncasecmp(valptr, "{md5}", 5) == 0) {
459                                                                 valptr += 5;
460                                                         }
461                                                         ast_debug(2, "md5: %s\n", valptr);
462                                                 }
463                                                 if (valptr) {
464                                                         if (delim_value == NULL && !is_realmed_password_attribute
465                                                                 && (static_table_config != table_config || strcmp(attribute_name, "variable_value") == 0)) {
466
467                                                                 delim_value = ast_strdup(valptr);
468
469                                                                 if ((delim_tot_count = semicolon_count_str(delim_value)) > 0) {
470                                                                         ast_debug(4, "is delimited %d times: %s\n", delim_tot_count, delim_value);
471                                                                         is_delimited = 1;
472                                                                 }
473                                                         }
474
475                                                         if (is_delimited != 0 && !is_realmed_password_attribute
476                                                                 && (static_table_config != table_config || strcmp(attribute_name, "variable_value") == 0) ) {
477                                                                 /* for non-Static RealTime, first */
478
479                                                                 for (i = pos; !ast_strlen_zero(valptr + i); i++) {
480                                                                         ast_debug(4, "DELIM pos: %d i: %d\n", pos, i);
481                                                                         if (delim_value[i] == ';') {
482                                                                                 delim_value[i] = '\0';
483
484                                                                                 ast_debug(2, "DELIM - attribute_name: %s value: %s pos: %d\n", attribute_name, &delim_value[pos], pos);
485
486                                                                                 if (prev) {
487                                                                                         prev->next = ast_variable_new(attribute_name, &delim_value[pos], table_config->table_name);
488                                                                                         if (prev->next) {
489                                                                                                 prev = prev->next;
490                                                                                         }
491                                                                                 } else {
492                                                                                         prev = var = ast_variable_new(attribute_name, &delim_value[pos], table_config->table_name);
493                                                                                 }
494                                                                                 pos = i + 1;
495
496                                                                                 if (static_table_config == table_config) {
497                                                                                         break;
498                                                                                 }
499                                                                         }
500                                                                 }
501                                                                 if (ast_strlen_zero(valptr + i)) {
502                                                                         ast_debug(4, "DELIM pos: %d i: %d delim_count: %d\n", pos, i, delim_count);
503                                                                         /* Last delimited value */
504                                                                         ast_debug(4, "DELIM - attribute_name: %s value: %s pos: %d\n", attribute_name, &delim_value[pos], pos);
505                                                                         if (prev) {
506                                                                                 prev->next = ast_variable_new(attribute_name, &delim_value[pos], table_config->table_name);
507                                                                                 if (prev->next) {
508                                                                                         prev = prev->next;
509                                                                                 }
510                                                                         } else {
511                                                                                 prev = var = ast_variable_new(attribute_name, &delim_value[pos], table_config->table_name);
512                                                                         }
513                                                                         /* Remembering to free memory */
514                                                                         is_delimited = 0;
515                                                                         pos = 0;
516                                                                 }
517                                                                 ast_free(delim_value);
518                                                                 delim_value = NULL;
519
520                                                                 ast_debug(4, "DELIM pos: %d i: %d\n", pos, i);
521                                                         } else {
522                                                                 /* not delimited */
523                                                                 if (delim_value) {
524                                                                         ast_free(delim_value);
525                                                                         delim_value = NULL;
526                                                                 }
527                                                                 ast_debug(2, "attribute_name: %s value: %s\n", attribute_name, valptr);
528
529                                                                 if (prev) {
530                                                                         prev->next = ast_variable_new(attribute_name, valptr, table_config->table_name);
531                                                                         if (prev->next) {
532                                                                                 prev = prev->next;
533                                                                         }
534                                                                 } else {
535                                                                         prev = var = ast_variable_new(attribute_name, valptr, table_config->table_name);
536                                                                 }
537                                                         }
538                                                 }
539                                         } /*!< for (v = values; *v; v++) */
540                                         ldap_value_free_len(values);
541                                 }/*!< if (values) */
542                                 ldap_memfree(ldap_attribute_name);
543                                 ldap_attribute_name = ldap_next_attribute(ldapConn, ldap_entry, ber);
544                         } /*!< while (ldap_attribute_name) */
545                         ber_free(ber, 0);
546                         if (static_table_config == table_config) {
547                                 if (option_debug > 2) {
548                                         const struct ast_variable *tmpdebug = variable_named(var, "variable_name");
549                                         const struct ast_variable *tmpdebug2 = variable_named(var, "variable_value");
550                                         if (tmpdebug && tmpdebug2) {
551                                                 ast_debug(3, "Added to vars - %s = %s\n", tmpdebug->value, tmpdebug2->value);
552                                         }
553                                 }
554                                 vars[entry_index++] = var;
555                                 prev = NULL;
556                         }
557
558                         delim_count++;
559                 } while (delim_count <= delim_tot_count && static_table_config == table_config);
560
561                 if (static_table_config != table_config) {
562                         ast_debug(3, "Added to vars - non static\n");
563
564                         vars[entry_index++] = var;
565                         prev = NULL;
566                 }
567                 ldap_entry = ldap_next_entry(ldapConn, ldap_entry);
568         } /*!< end for loop over ldap_entry */
569
570         return vars;
571 }
572
573
574 /*! \brief Check if we have a connection error
575  */
576 static int is_ldap_connect_error(int err)
577 {
578         return (err == LDAP_SERVER_DOWN || err == LDAP_TIMEOUT || err == LDAP_CONNECT_ERROR);
579 }
580
581 /*! \brief Get LDAP entry by dn and return attributes as variables
582  *
583  * Should be locked before using it 
584  *
585  * This is used for setting the default values of an object
586  * i.e., with accountBaseDN
587 */
588 static struct ast_variable *ldap_loadentry(struct ldap_table_config *table_config,
589                                            const char *dn)
590 {
591         if (!table_config) {
592                 ast_log(LOG_ERROR, "No table config\n");
593                 return NULL;
594         } else {
595                 struct ast_variable **vars = NULL;
596                 struct ast_variable *var = NULL;
597                 int result = -1;
598                 LDAPMessage *ldap_result_msg = NULL;
599                 int tries = 0;
600
601                 ast_debug(2, "ldap_loadentry dn=%s\n", dn);
602
603                 do {
604                         result = ldap_search_ext_s(ldapConn, dn, LDAP_SCOPE_BASE,
605                                            "(objectclass=*)", NULL, 0, NULL, NULL, NULL, LDAP_NO_LIMIT, &ldap_result_msg);
606                         if (result != LDAP_SUCCESS && is_ldap_connect_error(result)) {
607                                 ast_log(LOG_WARNING, "Failed to query directory. Try %d/3\n", tries + 1);
608                                 tries++;
609                                 if (tries < 3) {
610                                         usleep(500000L * tries);
611                                         if (ldapConn) {
612                                                 ldap_unbind_ext_s(ldapConn, NULL, NULL);
613                                                 ldapConn = NULL;
614                                         }
615                                         if (!ldap_reconnect()) {
616                                                 break;
617                                         }
618                                 }
619                         }
620                 } while (result != LDAP_SUCCESS && tries < 3 && is_ldap_connect_error(result));
621
622                 if (result != LDAP_SUCCESS) {
623                         ast_log(LOG_WARNING, "Failed to query directory. Error: %s.\n", ldap_err2string(result));
624                         ast_debug(2, "dn=%s\n", dn);
625                         ast_mutex_unlock(&ldap_lock);
626                         return NULL;
627                 } else {
628                         int num_entry = 0;
629                         unsigned int *entries_count_ptr = NULL; /*!< not using this */
630
631                         if ((num_entry = ldap_count_entries(ldapConn, ldap_result_msg)) > 0) {
632                                 ast_debug(3, "num_entry: %d\n", num_entry);
633
634                                 vars = realtime_ldap_result_to_vars(table_config, ldap_result_msg, entries_count_ptr);
635                                 if (num_entry > 1) {
636                                         ast_log(LOG_NOTICE, "More than one entry for dn=%s. Take only 1st one\n", dn);
637                                 }
638                         } else {
639                                 ast_debug(2, "Could not find any entry dn=%s.\n", dn);
640                         }
641                 }
642                 ldap_msgfree(ldap_result_msg);
643
644                 /* Chopping \a vars down to one variable */
645                 if (vars != NULL) {
646                         struct ast_variable **p = vars;
647
648                         /* Only take the first one. */
649                         var = *vars;
650
651                         /* Destroy the rest. */
652                         while (*++p) {
653                                 ast_variables_destroy(*p);
654                         }
655                         ast_free(vars);
656                 }
657
658                 return var;
659         }
660 }
661
662 /*! \note caller should free returned pointer
663  */
664 static char *substituted(struct ast_channel *channel, const char *string)
665 {
666 #define MAXRESULT       2048
667         char *ret_string = NULL;
668
669         if (!ast_strlen_zero(string)) {
670                 ret_string = ast_calloc(1, MAXRESULT);
671                 pbx_substitute_variables_helper(channel, string, ret_string, MAXRESULT - 1);
672         }
673         ast_debug(2, "substituted: string: '%s' => '%s' \n", string, ret_string);
674         return ret_string;
675 }
676
677 /*! \note caller should free returned pointer
678  */
679 static char *cleaned_basedn(struct ast_channel *channel, const char *basedn)
680 {
681         char *cbasedn = NULL;
682         if (basedn) {
683                 char *p = NULL;
684                 cbasedn = substituted(channel, basedn);
685                 if (*cbasedn == '"') {
686                         cbasedn++;
687                         if (!ast_strlen_zero(cbasedn)) {
688                                 int len = strlen(cbasedn);
689                                 if (cbasedn[len - 1] == '"')
690                                         cbasedn[len - 1] = '\0';
691
692                         }
693                 }
694                 p = cbasedn;
695                 while (*p) {
696                         if (*p == '|')
697                                 *p = ',';
698                         p++;
699                 }
700         }
701         ast_debug(2, "basedn: '%s' => '%s' \n", basedn, cbasedn);
702         return cbasedn;
703 }
704
705 /*! \brief Replace \<search\> by \<by\> in string. 
706  * \note No check is done on string allocated size !
707  */
708 static int replace_string_in_string(char *string, const char *search, const char *by)
709 {
710         int search_len = strlen(search);
711         int by_len = strlen(by);
712         int replaced = 0;
713         char *p = strstr(string, search);
714
715         if (p) {
716                 replaced = 1;
717                 while (p) {
718                         if (by_len == search_len) {
719                                 memcpy(p, by, by_len);
720                         } else {
721                                 memmove(p + by_len, p + search_len, strlen(p + search_len) + 1);
722                                 memcpy(p, by, by_len);
723                         }
724                         p = strstr(p + by_len, search);
725                 }
726         }
727         return replaced;
728 }
729
730 /*! \brief Append a name=value filter string. The filter string can grow. 
731  */
732 static void append_var_and_value_to_filter(struct ast_str **filter,
733         struct ldap_table_config *table_config,
734         const char *name, const char *value)
735 {
736         char *new_name = NULL;
737         char *new_value = NULL;
738         char *like_pos = strstr(name, " LIKE");
739
740         ast_debug(2, "name='%s' value='%s'\n", name, value);
741
742         if (like_pos) {
743                 int len = like_pos - name;
744
745                 name = new_name = ast_strdupa(name);
746                 new_name[len] = '\0';
747                 value = new_value = ast_strdupa(value);
748                 replace_string_in_string(new_value, "\\_", "_");
749                 replace_string_in_string(new_value, "%", "*");
750         }
751
752         name = convert_attribute_name_to_ldap(table_config, name);
753
754         ast_str_append(filter, 0, "(%s=%s)", name, value);
755 }
756
757 /*! \brief LDAP base function 
758  * \return a null terminated array of ast_variable (one per entry) or NULL if no entry is found or if an error occured
759  * caller should free the returned array and ast_variables
760  * \param entries_count_ptr is a pointer to found entries count (can be NULL)
761  * \param basedn is the base DN
762  * \param table_name is the table_name (used dor attribute convertion and additional filter)
763  * \param fields contains list of pairs name/value
764 */
765 static struct ast_variable **realtime_ldap_base_ap(unsigned int *entries_count_ptr,
766         const char *basedn, const char *table_name, const struct ast_variable *fields)
767 {
768         struct ast_variable **vars = NULL;
769         const struct ast_variable *field = fields;
770         struct ldap_table_config *table_config = NULL;
771         char *clean_basedn = cleaned_basedn(NULL, basedn);
772         struct ast_str *filter = NULL;
773         int tries = 0;
774         int result = 0;
775         LDAPMessage *ldap_result_msg = NULL;
776
777         if (!table_name) {
778                 ast_log(LOG_ERROR, "No table_name specified.\n");
779                 ast_free(clean_basedn);
780                 return NULL;
781         } 
782
783         if (!(filter = ast_str_create(80))) {
784                 ast_log(LOG_ERROR, "Can't initialize data structures.n");
785                 ast_free(clean_basedn);
786                 return NULL;
787         }
788
789         if (!field) {
790                 ast_log(LOG_ERROR, "Realtime retrieval requires at least 1 parameter"
791                         " and 1 value to search on.\n");
792                 ast_free(filter);
793                 ast_free(clean_basedn);
794                 return NULL;
795         }
796
797         ast_mutex_lock(&ldap_lock);
798
799         /* We now have our complete statement; Lets connect to the server and execute it.  */
800         if (!ldap_reconnect()) {
801                 ast_mutex_unlock(&ldap_lock);
802                 ast_free(filter);
803                 ast_free(clean_basedn);
804                 return NULL;
805         }
806
807         table_config = table_config_for_table_name(table_name);
808         if (!table_config) {
809                 ast_log(LOG_WARNING, "No table named '%s'.\n", table_name);
810                 ast_mutex_unlock(&ldap_lock);
811                 ast_free(filter);
812                 ast_free(clean_basedn);
813                 return NULL;
814         }
815
816         ast_str_append(&filter, 0, "(&");
817
818         if (table_config && table_config->additional_filter) {
819                 ast_str_append(&filter, 0, "%s", table_config->additional_filter);
820         }
821         if (table_config != base_table_config && base_table_config && 
822                 base_table_config->additional_filter) {
823                 ast_str_append(&filter, 0, "%s", base_table_config->additional_filter);
824         }
825
826         /* Create the first part of the query using the first parameter/value pairs we just extracted.
827          * If there is only 1 set, then we have our query. Otherwise, loop thru the list and concat
828          */
829
830         append_var_and_value_to_filter(&filter, table_config, field->name, field->value);
831         while ((field = field->next)) {
832                 append_var_and_value_to_filter(&filter, table_config, field->name, field->value);
833         }
834         ast_str_append(&filter, 0, ")");
835
836         do {
837                 /* freeing ldap_result further down */
838                 result = ldap_search_ext_s(ldapConn, clean_basedn,
839                                   LDAP_SCOPE_SUBTREE, ast_str_buffer(filter), NULL, 0, NULL, NULL, NULL, LDAP_NO_LIMIT,
840                                   &ldap_result_msg);
841                 if (result != LDAP_SUCCESS && is_ldap_connect_error(result)) {
842                         ast_debug(1, "Failed to query directory. Try %d/10\n", tries + 1);
843                         if (++tries < 10) {
844                                 usleep(1);
845                                 if (ldapConn) {
846                                         ldap_unbind_ext_s(ldapConn, NULL, NULL);
847                                         ldapConn = NULL;
848                                 }
849                                 if (!ldap_reconnect()) {
850                                         break;
851                                 }
852                         }
853                 }
854         } while (result != LDAP_SUCCESS && tries < 10 && is_ldap_connect_error(result));
855
856         if (result != LDAP_SUCCESS) {
857                 ast_log(LOG_WARNING, "Failed to query directory. Error: %s.\n", ldap_err2string(result));
858                 ast_log(LOG_WARNING, "Query: %s\n", ast_str_buffer(filter));
859         } else {
860                 /* this is where we create the variables from the search result 
861                  * freeing this \a vars outside this function */
862                 if (ldap_count_entries(ldapConn, ldap_result_msg) > 0) {
863                         /* is this a static var or some other? they are handled different for delimited values */
864                         vars = realtime_ldap_result_to_vars(table_config, ldap_result_msg, entries_count_ptr);
865                 } else {
866                         ast_debug(1, "Could not find any entry matching %s in base dn %s.\n", ast_str_buffer(filter), clean_basedn);
867                 }
868
869                 ldap_msgfree(ldap_result_msg);
870
871                 /*! \TODO get the default variables from the accountBaseDN, not implemented with delimited values
872                  */
873                 if (vars) {
874                         struct ast_variable **p = vars;
875                         while (*p) {
876                                 struct ast_variable *append_var = NULL;
877                                 struct ast_variable *tmp = *p;
878                                 while (tmp) {
879                                         if (strcasecmp(tmp->name, "accountBaseDN") == 0) {
880                                                 /* Get the variable to compare with for the defaults */
881                                                 struct ast_variable *base_var = ldap_loadentry(table_config, tmp->value);
882                                                 
883                                                 while (base_var) {
884                                                         struct ast_variable *next = base_var->next;
885                                                         struct ast_variable *test_var = *p;
886                                                         int base_var_found = 0;
887
888                                                         /* run throught the default values and fill it inn if it is missing */
889                                                         while (test_var) {
890                                                                 if (strcasecmp(test_var->name, base_var->name) == 0) {
891                                                                         base_var_found = 1;
892                                                                         break;
893                                                                 } else {
894                                                                         test_var = test_var->next;
895                                                                 }
896                                                         }
897                                                         if (base_var_found) {
898                                                                 base_var->next = NULL;
899                                                                 ast_variables_destroy(base_var);
900                                                                 base_var = next;
901                                                         } else {
902                                                                 /*!
903                                                                  * \todo XXX The interactions with base_var and append_var may
904                                                                  * cause a memory leak of base_var nodes.  Also the append_var
905                                                                  * list and base_var list may get cross linked.
906                                                                  */
907                                                                 if (append_var) {
908                                                                         base_var->next = append_var;
909                                                                 } else {
910                                                                         base_var->next = NULL;
911                                                                 }
912                                                                 append_var = base_var;
913                                                                 base_var = next;
914                                                         }
915                                                 }
916                                         }
917                                         if (!tmp->next && append_var) {
918                                                 tmp->next = append_var;
919                                                 tmp = NULL;
920                                         } else {
921                                                 tmp = tmp->next;
922                                         }
923                                 }
924                                 p++;
925                         }
926                 }
927         }
928
929         ast_free(filter);
930         ast_free(clean_basedn);
931
932         ast_mutex_unlock(&ldap_lock);
933
934         return vars;
935 }
936
937 static struct ast_variable *realtime_arguments_to_fields(va_list ap)
938 {
939         struct ast_variable *fields = NULL;
940         const char *newparam, *newval;
941
942         while ((newparam = va_arg(ap, const char *))) {
943                 struct ast_variable *field;
944
945                 newval = va_arg(ap, const char *);
946                 if (!(field = ast_variable_new(newparam, newval, ""))) {
947                         ast_variables_destroy(fields);
948                         return NULL;
949                 }
950
951                 field->next = fields;
952                 fields = field;
953         }
954
955         return fields;
956 }
957
958 /*! \brief same as realtime_ldap_base_ap but take variable arguments count list
959  */
960 static struct ast_variable **realtime_ldap_base(unsigned int *entries_count_ptr,
961         const char *basedn, const char *table_name, ...)
962 {
963         RAII_VAR(struct ast_variable *, fields, NULL, ast_variables_destroy);
964         struct ast_variable **vars = NULL;
965         va_list ap;
966
967         va_start(ap, table_name);
968         fields = realtime_arguments_to_fields(ap);
969         va_end(ap);
970
971         vars = realtime_ldap_base_ap(entries_count_ptr, basedn, table_name, fields);
972
973         return vars;
974 }
975
976 /*! \brief See Asterisk doc
977  *
978  * For Realtime Dynamic(i.e., switch, queues, and directory)
979  */
980 static struct ast_variable *realtime_ldap(const char *basedn,
981                                           const char *table_name, const struct ast_variable *fields)
982 {
983         struct ast_variable **vars = realtime_ldap_base_ap(NULL, basedn, table_name, fields);
984         struct ast_variable *var = NULL;
985
986         if (vars) {
987                 struct ast_variable *last_var = NULL;
988                 struct ast_variable **p = vars;
989
990                 /* Chain the vars array of lists into one list to return. */
991                 while (*p) {
992                         if (last_var) {
993                                 while (last_var->next) {
994                                         last_var = last_var->next;
995                                 }
996                                 last_var->next = *p;
997                         } else {
998                                 var = *p;
999                                 last_var = var;
1000                         }
1001                         p++;
1002                 }
1003                 ast_free(vars);
1004         }
1005         return var;
1006 }
1007
1008 /*! \brief See Asterisk doc
1009  *
1010  * this function will be called for the switch statment if no match is found with the realtime_ldap function(i.e. it is a failover);
1011  * however, the ast_load_realtime wil match on wildcharacters also depending on what the mode is set to
1012  * this is an area of asterisk that could do with a lot of modification
1013  * I think this function returns Realtime dynamic objects
1014  */
1015 static struct ast_config *realtime_multi_ldap(const char *basedn,
1016       const char *table_name, const struct ast_variable *fields)
1017 {
1018         char *op;
1019         const char *initfield = NULL;
1020         struct ast_variable **vars =
1021                 realtime_ldap_base_ap(NULL, basedn, table_name, fields);
1022         struct ast_config *cfg = NULL;
1023
1024         if (!fields) {
1025             ast_log(LOG_WARNING, "realtime retrieval requires at least 1 parameter and 1 value to search on.\n");
1026             return NULL;
1027         }
1028         initfield = ast_strdupa(fields->name);
1029         if ((op = strchr(initfield, ' '))) {
1030                 *op = '\0';
1031         }
1032
1033         if (vars) {
1034                 cfg = ast_config_new();
1035                 if (!cfg) {
1036                         ast_log(LOG_ERROR, "Unable to create a config!\n");
1037                 } else {
1038                         struct ast_variable **p = vars;
1039
1040                         while (*p) {
1041                                 struct ast_category *cat = ast_category_new_anonymous();
1042                                 if (!cat) {
1043                                         break;
1044                                 } else {
1045                                         struct ast_variable *var = *p;
1046                                         while (var) {
1047                                                 struct ast_variable *next = var->next;
1048                                                 if (initfield && !strcmp(initfield, var->name)) {
1049                                                         ast_category_rename(cat, var->value);
1050                                                 }
1051                                                 var->next = NULL;
1052                                                 ast_variable_append(cat, var);
1053                                                 var = next;
1054                                         }
1055                                 }
1056                                 ast_category_append(cfg, cat);
1057                                 p++;
1058                         }
1059                 }
1060                 ast_free(vars);
1061         }
1062         return cfg;
1063
1064 }
1065
1066 /*! \brief Sorting alogrithm for qsort to find the order of the variables \a a and \a b
1067  * \param a pointer to category_and_metric struct
1068  * \param b pointer to category_and_metric struct
1069  *
1070  * \retval -1 for if b is greater
1071  * \retval 0 zero for equal
1072  * \retval 1 if a is greater
1073  */
1074 static int compare_categories(const void *a, const void *b)
1075 {
1076         const struct category_and_metric *as = a;
1077         const struct category_and_metric *bs = b;
1078
1079         if (as->metric < bs->metric) {
1080                 return -1;
1081         } else if (as->metric > bs->metric) {
1082                 return 1;
1083         } else if (as->metric == bs->metric && strcmp(as->name, bs->name) != 0) {
1084                 return strcmp(as->name, bs->name);
1085         } 
1086         /* if the metric and the category name is the same, we check the variable metric */
1087         if (as->var_metric < bs->var_metric) {
1088                 return -1;
1089         } else if (as->var_metric > bs->var_metric) {
1090                 return 1;
1091         }
1092
1093         return 0;
1094 }
1095
1096 /*! \brief See Asterisk Realtime Documentation
1097  *
1098  * This is for Static Realtime
1099  *      
1100  * load the configuration stuff for the .conf files
1101  * called on a reload
1102  */
1103 static struct ast_config *config_ldap(const char *basedn, const char *table_name,
1104         const char *file, struct ast_config *cfg, struct ast_flags config_flags, const char *sugg_incl, const char *who_asked)
1105 {
1106         unsigned int vars_count = 0;
1107         struct ast_variable **vars;
1108         int i = 0;
1109         struct ast_variable *new_v = NULL;
1110         struct ast_category *cur_cat = NULL;
1111         const char *last_category = NULL;
1112         int last_category_metric = 0;
1113         struct category_and_metric *categories;
1114         struct ast_variable **p;
1115
1116         if (ast_strlen_zero(file) || !strcasecmp(file, RES_CONFIG_LDAP_CONF)) {
1117                 ast_log(LOG_ERROR, "Missing configuration file: %s. Can't configure myself.\n", RES_CONFIG_LDAP_CONF);
1118                 return NULL;
1119         }
1120
1121         vars = realtime_ldap_base(&vars_count, basedn, table_name, "filename", file, "commented", "FALSE", NULL);
1122
1123         if (!vars) {
1124                 ast_log(LOG_WARNING, "Could not find config '%s' in directory.\n", file);
1125                 return NULL;
1126         }
1127
1128         /*! \note Since the items come back in random order, they need to be sorted
1129          * first, and since the data could easily exceed stack size, this is
1130          * allocated from the heap.
1131          */
1132         if (!(categories = ast_calloc(vars_count, sizeof(*categories)))) {
1133                 return NULL;
1134         }
1135
1136         for (vars_count = 0, p = vars; *p; p++) {
1137                 struct ast_variable *category = variable_named(*p, "category");
1138                 struct ast_variable *cat_metric = variable_named(*p, "cat_metric");
1139                 struct ast_variable *var_name = variable_named(*p, "variable_name");
1140                 struct ast_variable *var_val = variable_named(*p, "variable_value");
1141                 struct ast_variable *var_metric = variable_named(*p, "var_metric");
1142                 struct ast_variable *dn = variable_named(*p, "dn");
1143
1144                 if (!category) {
1145                         ast_log(LOG_ERROR, "No category name in entry '%s'  for file '%s'.\n",
1146                                         (dn ? dn->value : "?"), file);
1147                 } else if (!cat_metric) {
1148                         ast_log(LOG_ERROR, "No category metric in entry '%s'(category: %s) for file '%s'.\n",
1149                                         (dn ? dn->value : "?"), category->value, file);
1150                 } else if (!var_metric) {
1151                         ast_log(LOG_ERROR, "No variable metric in entry '%s'(category: %s) for file '%s'.\n",
1152                                         (dn ? dn->value : "?"), category->value, file);
1153                 } else if (!var_name) {
1154                         ast_log(LOG_ERROR, "No variable name in entry '%s' (category: %s metric: %s) for file '%s'.\n",
1155                                         (dn ? dn->value : "?"), category->value,
1156                                         cat_metric->value, file);
1157                 } else if (!var_val) {
1158                         ast_log(LOG_ERROR, "No variable value in entry '%s' (category: %s metric: %s variable: %s) for file '%s'.\n",
1159                                         (dn ? dn->value : "?"), category->value,
1160                                         cat_metric->value, var_name->value, file);
1161                 } else {
1162                         categories[vars_count].name = category->value;
1163                         categories[vars_count].metric = atoi(cat_metric->value);
1164                         categories[vars_count].variable_name = var_name->value;
1165                         categories[vars_count].variable_value = var_val->value;
1166                         categories[vars_count].var_metric = atoi(var_metric->value);
1167                         vars_count++;
1168                 }
1169
1170                 ast_debug(3, "category: %s\n", category->value);
1171                 ast_debug(3, "var_name: %s\n", var_name->value);
1172                 ast_debug(3, "var_val: %s\n", var_val->value);
1173                 ast_debug(3, "cat_metric: %s\n", cat_metric->value);
1174
1175         }
1176
1177         qsort(categories, vars_count, sizeof(*categories), compare_categories);
1178
1179         for (i = 0; i < vars_count; i++) {
1180                 if (!strcmp(categories[i].variable_name, "#include")) {
1181                         struct ast_flags flags = { 0 };
1182                         if (!ast_config_internal_load(categories[i].variable_value, cfg, flags, "", who_asked)) {
1183                                 break;
1184                         }
1185                         continue;
1186                 }
1187
1188                 if (!last_category || strcmp(last_category, categories[i].name) ||
1189                         last_category_metric != categories[i].metric) {
1190
1191                         cur_cat = ast_category_new_dynamic(categories[i].name);
1192                         if (!cur_cat) {
1193                                 break;
1194                         }
1195                         last_category = categories[i].name;
1196                         last_category_metric = categories[i].metric;
1197                         ast_category_append(cfg, cur_cat);
1198                 }
1199
1200                 if (!(new_v = ast_variable_new(categories[i].variable_name, categories[i].variable_value, table_name))) {
1201                         break;
1202                 }
1203
1204                 ast_variable_append(cur_cat, new_v);
1205         }
1206
1207         ast_free(vars);
1208         ast_free(categories);
1209
1210         return cfg;
1211 }
1212
1213 /*!
1214  * \internal
1215  * \brief Remove LDAP_MOD_DELETE modifications that will not succeed
1216  *
1217  * \details
1218  * A LDAP_MOD_DELETE operation will fail if the LDAP entry does not already have
1219  * the corresponding attribute. Because we may be updating multiple LDAP entries
1220  * in a single call to update_ldap(), we may need our own copy of the
1221  * modifications array for each one.
1222  *
1223  * \note
1224  * This function dynamically allocates memory. If it returns a non-NULL pointer,
1225  * it is up to the caller to free it with ldap_mods_free()
1226  *
1227  * \returns an LDAPMod * if modifications needed to be removed, NULL otherwise.
1228  */
1229 static LDAPMod **massage_mods_for_entry(LDAPMessage *entry, LDAPMod **mods, size_t count)
1230 {
1231         size_t i;
1232         int remove[count];
1233         size_t remove_count = 0;
1234
1235         for (i = 0; i < count; i++) {
1236                 BerElement *ber = NULL;
1237                 char *attribute;
1238                 int exists = 0;
1239
1240                 if (mods[i]->mod_op != LDAP_MOD_DELETE) {
1241                         continue;
1242                 }
1243
1244                 /* If we are deleting something, it has to exist */
1245                 attribute = ldap_first_attribute(ldapConn, entry, &ber);
1246                 while (attribute) {
1247                         if (!strcasecmp(attribute, mods[i]->mod_type)) {
1248                                 /* OK, we have the attribute */
1249                                 exists = 1;
1250                                 ldap_memfree(attribute);
1251                                 break;
1252                         }
1253
1254                         ldap_memfree(attribute);
1255                         attribute = ldap_next_attribute(ldapConn, entry, ber);
1256                 }
1257
1258                 if (!exists) {
1259                         remove[remove_count++] = i;
1260                 }
1261         }
1262
1263         if (remove_count) {
1264                 size_t k, remove_index;
1265                 LDAPMod **x = ldap_memcalloc(count - remove_count + 1, sizeof(LDAPMod *));
1266                 for (i = 0, k = 0; i < count; i++) {
1267                         int skip = 0;
1268                         /* Is this one we have to remove? */
1269                         for (remove_index = 0; !skip && remove_index < remove_count; remove_index++) {
1270                                 skip = (remove[remove_index] == i);
1271                         }
1272
1273                         if (skip) {
1274                                 ast_debug(3, "Skipping %s deletion because it doesn't exist\n",
1275                                                 mods[i]->mod_type);
1276                                 continue;
1277                         }
1278
1279                         x[k] = ldap_memcalloc(1, sizeof(LDAPMod));
1280                         x[k]->mod_op = mods[i]->mod_op;
1281                         x[k]->mod_type = ldap_strdup(mods[i]->mod_type);
1282                         if (mods[i]->mod_values) {
1283                                 x[k]->mod_values = ldap_memcalloc(2, sizeof(char *));
1284                                 x[k]->mod_values[0] = ldap_strdup(mods[i]->mod_values[0]);
1285                         }
1286                         k++;
1287                 }
1288                 /* NULL terminate */
1289                 x[k] = NULL;
1290                 return x;
1291         }
1292
1293         return NULL;
1294 }
1295
1296
1297 /* \brief Function to update a set of values in ldap static mode
1298  */
1299 static int update_ldap(const char *basedn, const char *table_name, const char *attribute,
1300         const char *lookup, const struct ast_variable *fields)
1301 {
1302         int error = 0;
1303         LDAPMessage *ldap_entry = NULL;
1304         LDAPMod **ldap_mods;
1305         const char *newparam;
1306         const struct ast_variable *field = fields;
1307         char *dn;
1308         int num_entries = 0;
1309         int i = 0;
1310         int mods_size = 0;
1311         int mod_exists = 0;
1312         struct ldap_table_config *table_config = NULL;
1313         char *clean_basedn = NULL;
1314         struct ast_str *filter = NULL;
1315         int tries = 0;
1316         int result = 0;
1317         LDAPMessage *ldap_result_msg = NULL;
1318
1319         if (!table_name) {
1320                 ast_log(LOG_ERROR, "No table_name specified.\n");
1321                 return -1;
1322         } 
1323
1324         if (!(filter = ast_str_create(80))) {
1325                 return -1;
1326         }
1327
1328         if (!attribute || !lookup) {
1329                 ast_log(LOG_WARNING, "Search parameters are empty.\n");
1330                 return -1;
1331         }
1332         ast_mutex_lock(&ldap_lock);
1333
1334         /* We now have our complete statement; Lets connect to the server and execute it.  */
1335         if (!ldap_reconnect()) {
1336                 ast_mutex_unlock(&ldap_lock);
1337                 return -1;
1338         }
1339
1340         table_config = table_config_for_table_name(table_name);
1341         if (!table_config) {
1342                 ast_log(LOG_ERROR, "No table named '%s'.\n", table_name);
1343                 ast_mutex_unlock(&ldap_lock);
1344                 return -1;
1345         }
1346
1347         clean_basedn = cleaned_basedn(NULL, basedn);
1348
1349         /* Create the filter with the table additional filter and the parameter/value pairs we were given */
1350         ast_str_append(&filter, 0, "(&");
1351         if (table_config && table_config->additional_filter) {
1352                 ast_str_append(&filter, 0, "%s", table_config->additional_filter);
1353         }
1354         if (table_config != base_table_config && base_table_config && base_table_config->additional_filter) {
1355                 ast_str_append(&filter, 0, "%s", base_table_config->additional_filter);
1356         }
1357         append_var_and_value_to_filter(&filter, table_config, attribute, lookup);
1358         ast_str_append(&filter, 0, ")");
1359
1360         /* Create the modification array with the parameter/value pairs we were given, 
1361          * if there are several parameters with the same name, we collect them into 
1362          * one parameter/value pair and delimit them with a semicolon */
1363         newparam = convert_attribute_name_to_ldap(table_config, field->name);
1364         if (!newparam) {
1365                 ast_log(LOG_WARNING, "Need at least one parameter to modify.\n");
1366                 return -1;
1367         }
1368
1369         mods_size = 2; /* one for the first param/value pair and one for the the terminating NULL */
1370         ldap_mods = ldap_memcalloc(mods_size, sizeof(LDAPMod *));
1371         ldap_mods[0] = ldap_memcalloc(1, sizeof(LDAPMod));
1372         ldap_mods[0]->mod_type = ldap_strdup(newparam);
1373
1374         if (strlen(field->value) == 0) {
1375                 ldap_mods[0]->mod_op = LDAP_MOD_DELETE;
1376         } else {
1377                 ldap_mods[0]->mod_op = LDAP_MOD_REPLACE;
1378                 ldap_mods[0]->mod_values = ldap_memcalloc(2, sizeof(char *));
1379                 ldap_mods[0]->mod_values[0] = ldap_strdup(field->value);
1380         }
1381
1382         while ((field = field->next)) {
1383                 newparam = convert_attribute_name_to_ldap(table_config, field->name);
1384                 mod_exists = 0;
1385
1386                 for (i = 0; i < mods_size - 1; i++) {
1387                         if (ldap_mods[i]&& !strcmp(ldap_mods[i]->mod_type, newparam)) {
1388                                 /* We have the parameter allready, adding the value as a semicolon delimited value */
1389                                 ldap_mods[i]->mod_values[0] = ldap_memrealloc(ldap_mods[i]->mod_values[0], sizeof(char) * (strlen(ldap_mods[i]->mod_values[0]) + strlen(field->value) + 2));
1390                                 strcat(ldap_mods[i]->mod_values[0], ";");
1391                                 strcat(ldap_mods[i]->mod_values[0], field->value);
1392                                 mod_exists = 1;
1393                                 break;
1394                         }
1395                 }
1396
1397                 /* create new mod */
1398                 if (!mod_exists) {
1399                         mods_size++;
1400                         ldap_mods = ldap_memrealloc(ldap_mods, sizeof(LDAPMod *) * mods_size);
1401                         ldap_mods[mods_size - 2] = ldap_memcalloc(1, sizeof(LDAPMod));
1402                         ldap_mods[mods_size - 2]->mod_type = ldap_strdup(newparam);
1403
1404                         if (strlen(field->value) == 0) {
1405                                 ldap_mods[mods_size - 2]->mod_op = LDAP_MOD_DELETE;
1406                         } else {
1407                                 ldap_mods[mods_size - 2]->mod_op = LDAP_MOD_REPLACE;
1408                                 ldap_mods[mods_size - 2]->mod_values = ldap_memcalloc(2, sizeof(char *));
1409                                 ldap_mods[mods_size - 2]->mod_values[0] = ldap_strdup(field->value);
1410                         }
1411
1412                         /* NULL terminate */
1413                         ldap_mods[mods_size - 1] = NULL;
1414                 }
1415         }
1416         /* freeing ldap_mods further down */
1417
1418         do {
1419                 /* freeing ldap_result further down */
1420                 result = ldap_search_ext_s(ldapConn, clean_basedn,
1421                                   LDAP_SCOPE_SUBTREE, ast_str_buffer(filter), NULL, 0, NULL, NULL, NULL, LDAP_NO_LIMIT,
1422                                   &ldap_result_msg);
1423                 if (result != LDAP_SUCCESS && is_ldap_connect_error(result)) {
1424                         ast_log(LOG_WARNING, "Failed to query directory. Try %d/3\n", tries + 1);
1425                         tries++;
1426                         if (tries < 3) {
1427                                 usleep(500000L * tries);
1428                                 if (ldapConn) {
1429                                         ldap_unbind_ext_s(ldapConn, NULL, NULL);
1430                                         ldapConn = NULL;
1431                                 }
1432                                 if (!ldap_reconnect())
1433                                         break;
1434                         }
1435                 }
1436         } while (result != LDAP_SUCCESS && tries < 3 && is_ldap_connect_error(result));
1437
1438         if (result != LDAP_SUCCESS) {
1439                 ast_log(LOG_WARNING, "Failed to query directory. Error: %s.\n", ldap_err2string(result));
1440                 ast_log(LOG_WARNING, "Query: %s\n", ast_str_buffer(filter));
1441
1442                 ast_mutex_unlock(&ldap_lock);
1443                 ast_free(filter);
1444                 ast_free(clean_basedn);
1445                 ldap_msgfree(ldap_result_msg);
1446                 ldap_mods_free(ldap_mods, 1);
1447                 return -1;
1448         }
1449         /* Ready to update */
1450         if ((num_entries = ldap_count_entries(ldapConn, ldap_result_msg)) > 0) {
1451                 ast_debug(3, "Modifying %s=%s hits: %d\n", attribute, lookup, num_entries);
1452                 for (i = 0; option_debug > 2 && i < mods_size - 1; i++) {
1453                         if (ldap_mods[i]->mod_op != LDAP_MOD_DELETE) {
1454                                 ast_debug(3, "%s=%s\n", ldap_mods[i]->mod_type, ldap_mods[i]->mod_values[0]);
1455                         } else {
1456                                 ast_debug(3, "deleting %s\n", ldap_mods[i]->mod_type);
1457                         }
1458                 }
1459                 ldap_entry = ldap_first_entry(ldapConn, ldap_result_msg);
1460
1461                 for (i = 0; ldap_entry; i++) {
1462                         LDAPMod **working = ldap_mods;
1463                         LDAPMod **massaged = massage_mods_for_entry(ldap_entry, ldap_mods, mods_size - 1);
1464
1465                         if (massaged) {
1466                                 /* Did we massage everything out of the list? */
1467                                 if (massaged[0] == NULL) {
1468                                         ast_debug(3, "Nothing left to modify - skipping\n");
1469                                         ldap_mods_free(massaged, 1);
1470                                         continue;
1471                                 }
1472                                 working = massaged;
1473                         }
1474
1475                         dn = ldap_get_dn(ldapConn, ldap_entry);
1476                         if ((error = ldap_modify_ext_s(ldapConn, dn, working, NULL, NULL)) != LDAP_SUCCESS)  {
1477                                 ast_log(LOG_ERROR, "Couldn't modify '%s'='%s', dn:%s because %s\n",
1478                                                 attribute, lookup, dn, ldap_err2string(error));
1479                         }
1480
1481                         if (massaged) {
1482                                 ldap_mods_free(massaged, 1);
1483                         }
1484
1485                         ldap_memfree(dn);
1486                         ldap_entry = ldap_next_entry(ldapConn, ldap_entry);
1487                 }
1488         }
1489
1490         ast_mutex_unlock(&ldap_lock);
1491         ast_free(filter);
1492         ast_free(clean_basedn);
1493         ldap_msgfree(ldap_result_msg);
1494         ldap_mods_free(ldap_mods, 1);
1495         return num_entries;
1496 }
1497
1498 static int update2_ldap(const char *basedn, const char *table_name, const struct ast_variable *lookup_fields, const struct ast_variable *update_fields)
1499 {
1500         int error = 0;
1501         LDAPMessage *ldap_entry = NULL;
1502         LDAPMod **ldap_mods;
1503         const char *newparam;
1504         const struct ast_variable *field;
1505         char *dn;
1506         int num_entries = 0;
1507         int i = 0;
1508         int mods_size = 0;
1509         int mod_exists = 0;
1510         struct ldap_table_config *table_config = NULL;
1511         char *clean_basedn = NULL;
1512         struct ast_str *filter = NULL;
1513         int tries = 0;
1514         int result = 0;
1515         LDAPMessage *ldap_result_msg = NULL;
1516
1517         if (!table_name) {
1518                 ast_log(LOG_ERROR, "No table_name specified.\n");
1519                 return -1;
1520         } 
1521
1522         if (!(filter = ast_str_create(80))) {
1523                 return -1;
1524         }
1525
1526         ast_mutex_lock(&ldap_lock);
1527
1528         /* We now have our complete statement; Lets connect to the server and execute it.  */
1529         if (!ldap_reconnect()) {
1530                 ast_mutex_unlock(&ldap_lock);
1531                 ast_free(filter);
1532                 return -1;
1533         }
1534
1535         table_config = table_config_for_table_name(table_name);
1536         if (!table_config) {
1537                 ast_log(LOG_ERROR, "No table named '%s'.\n", table_name);
1538                 ast_mutex_unlock(&ldap_lock);
1539                 ast_free(filter);
1540                 return -1;
1541         }
1542
1543         clean_basedn = cleaned_basedn(NULL, basedn);
1544
1545         /* Create the filter with the table additional filter and the parameter/value pairs we were given */
1546         ast_str_append(&filter, 0, "(&");
1547         if (table_config && table_config->additional_filter) {
1548                 ast_str_append(&filter, 0, "%s", table_config->additional_filter);
1549         }
1550         if (table_config != base_table_config && base_table_config
1551                 && base_table_config->additional_filter) {
1552                 ast_str_append(&filter, 0, "%s", base_table_config->additional_filter);
1553         }
1554
1555         /* Get multiple lookup keyfields and values */
1556         for (field = lookup_fields; field; field = field->next) {
1557                 append_var_and_value_to_filter(&filter, table_config, field->name, field->value);
1558         }
1559         ast_str_append(&filter, 0, ")");
1560
1561         /* Create the modification array with the parameter/value pairs we were given, 
1562          * if there are several parameters with the same name, we collect them into 
1563          * one parameter/value pair and delimit them with a semicolon */
1564         field = update_fields;
1565         newparam = convert_attribute_name_to_ldap(table_config, field->name);
1566         if (!newparam) {
1567                 ast_log(LOG_WARNING, "Need at least one parameter to modify.\n");
1568                 ast_free(filter);
1569                 ast_free(clean_basedn);
1570                 return -1;
1571         }
1572
1573         mods_size = 2; /* one for the first param/value pair and one for the the terminating NULL */
1574         ldap_mods = ldap_memcalloc(mods_size, sizeof(LDAPMod *));
1575         ldap_mods[0] = ldap_memcalloc(1, sizeof(LDAPMod));
1576         ldap_mods[0]->mod_op = LDAP_MOD_REPLACE;
1577         ldap_mods[0]->mod_type = ldap_strdup(newparam);
1578         ldap_mods[0]->mod_values = ldap_memcalloc(2, sizeof(char *));
1579         ldap_mods[0]->mod_values[0] = ldap_strdup(field->value);
1580
1581         while ((field = field->next)) {
1582                 newparam = convert_attribute_name_to_ldap(table_config, field->name);
1583                 mod_exists = 0;
1584
1585                 for (i = 0; i < mods_size - 1; i++) {
1586                         if (ldap_mods[i]&& !strcmp(ldap_mods[i]->mod_type, newparam)) {
1587                                 /* We have the parameter allready, adding the value as a semicolon delimited value */
1588                                 ldap_mods[i]->mod_values[0] = ast_realloc(ldap_mods[i]->mod_values[0], sizeof(char) * (strlen(ldap_mods[i]->mod_values[0]) + strlen(field->value) + 2));
1589                                 strcat(ldap_mods[i]->mod_values[0], ";");
1590                                 strcat(ldap_mods[i]->mod_values[0], field->value);
1591                                 mod_exists = 1; 
1592                                 break;
1593                         }
1594                 }
1595
1596                 /* create new mod */
1597                 if (!mod_exists) {
1598                         mods_size++;
1599                         ldap_mods = ldap_memrealloc(ldap_mods, sizeof(LDAPMod *) * mods_size);
1600                         ldap_mods[mods_size - 2] = ldap_memcalloc(1, sizeof(LDAPMod));
1601                         ldap_mods[mods_size - 2]->mod_op = LDAP_MOD_REPLACE;
1602                         ldap_mods[mods_size - 2]->mod_type = ldap_strdup(newparam);
1603                         ldap_mods[mods_size - 2]->mod_values = ldap_memcalloc(2, sizeof(char *));
1604                         ldap_mods[mods_size - 2]->mod_values[0] = ldap_strdup(field->value);
1605
1606                         /* NULL terminate */
1607                         ldap_mods[mods_size - 1] = NULL;
1608                 }
1609         }
1610         /* freeing ldap_mods further down */
1611
1612         do {
1613                 /* freeing ldap_result further down */
1614                 result = ldap_search_ext_s(ldapConn, clean_basedn,
1615                                   LDAP_SCOPE_SUBTREE, ast_str_buffer(filter), NULL, 0, NULL, NULL, NULL, LDAP_NO_LIMIT,
1616                                   &ldap_result_msg);
1617                 if (result != LDAP_SUCCESS && is_ldap_connect_error(result)) {
1618                         ast_log(LOG_WARNING, "Failed to query directory. Try %d/3\n", tries + 1);
1619                         tries++;
1620                         if (tries < 3) {
1621                                 usleep(500000L * tries);
1622                                 if (ldapConn) {
1623                                         ldap_unbind_ext_s(ldapConn, NULL, NULL);
1624                                         ldapConn = NULL;
1625                                 }
1626                                 if (!ldap_reconnect()) {
1627                                         break;
1628                                 }
1629                         }
1630                 }
1631         } while (result != LDAP_SUCCESS && tries < 3 && is_ldap_connect_error(result));
1632
1633         if (result != LDAP_SUCCESS) {
1634                 ast_log(LOG_WARNING, "Failed to query directory. Error: %s.\n", ldap_err2string(result));
1635                 ast_log(LOG_WARNING, "Query: %s\n", ast_str_buffer(filter));
1636
1637                 ast_mutex_unlock(&ldap_lock);
1638                 ast_free(filter);
1639                 ast_free(clean_basedn);
1640                 ldap_msgfree(ldap_result_msg);
1641                 ldap_mods_free(ldap_mods, 1);
1642                 return -1;
1643         }
1644         /* Ready to update */
1645         if ((num_entries = ldap_count_entries(ldapConn, ldap_result_msg)) > 0) {
1646                 for (i = 0; option_debug > 2 && i < mods_size - 1; i++) {
1647                         ast_debug(3, "%s=%s\n", ldap_mods[i]->mod_type, ldap_mods[i]->mod_values[0]);
1648                 }
1649
1650                 ldap_entry = ldap_first_entry(ldapConn, ldap_result_msg);
1651
1652                 for (i = 0; ldap_entry; i++) {
1653                         dn = ldap_get_dn(ldapConn, ldap_entry);
1654                         if ((error = ldap_modify_ext_s(ldapConn, dn, ldap_mods, NULL, NULL)) != LDAP_SUCCESS)  {
1655                                 ast_log(LOG_ERROR, "Couldn't modify dn:%s because %s", dn, ldap_err2string(error));
1656                         }
1657                         ldap_memfree(dn);
1658                         ldap_entry = ldap_next_entry(ldapConn, ldap_entry);
1659                 }
1660         }
1661
1662         ast_mutex_unlock(&ldap_lock);
1663         ast_free(filter);
1664         ast_free(clean_basedn);
1665         ldap_msgfree(ldap_result_msg);
1666         ldap_mods_free(ldap_mods, 1);
1667         return num_entries;
1668 }
1669
1670 static struct ast_config_engine ldap_engine = {
1671         .name = "ldap",
1672         .load_func = config_ldap,
1673         .realtime_func = realtime_ldap,
1674         .realtime_multi_func = realtime_multi_ldap,
1675         .update_func = update_ldap,
1676         .update2_func = update2_ldap,
1677 };
1678
1679 /*!
1680  * \brief Load the module
1681  *
1682  * Module loading including tests for configuration or dependencies.
1683  * This function can return AST_MODULE_LOAD_FAILURE, AST_MODULE_LOAD_DECLINE,
1684  * or AST_MODULE_LOAD_SUCCESS. If a dependency or environment variable fails
1685  * tests return AST_MODULE_LOAD_FAILURE. If the module can not load the 
1686  * configuration file or other non-critical problem return 
1687  * AST_MODULE_LOAD_DECLINE. On success return AST_MODULE_LOAD_SUCCESS.
1688  *
1689  * \todo Don't error or warn on a default install. If the config is
1690  * default we should not attempt to connect to a server. -lathama
1691  */
1692 static int load_module(void)
1693 {
1694         if (parse_config() < 0) {
1695                 ast_log(LOG_ERROR, "Cannot load LDAP RealTime driver.\n");
1696                 return 0;
1697         }
1698
1699         ast_mutex_lock(&ldap_lock);
1700
1701         if (!ldap_reconnect())  {
1702                 ast_log(LOG_WARNING, "Couldn't establish connection to LDAP directory. Check debug.\n");
1703         }
1704
1705         ast_config_engine_register(&ldap_engine);
1706         ast_verb(1, "LDAP RealTime driver loaded.\n");
1707         ast_cli_register_multiple(ldap_cli, ARRAY_LEN(ldap_cli));
1708
1709         ast_mutex_unlock(&ldap_lock);
1710
1711         return 0;
1712 }
1713
1714 /*! \brief Unload Module
1715  *
1716  */
1717 static int unload_module(void)
1718 {
1719         /* Aquire control before doing anything to the module itself. */
1720         ast_mutex_lock(&ldap_lock);
1721
1722         table_configs_free();
1723
1724         if (ldapConn) {
1725                 ldap_unbind_ext_s(ldapConn, NULL, NULL);
1726                 ldapConn = NULL;
1727         }
1728         ast_cli_unregister_multiple(ldap_cli, ARRAY_LEN(ldap_cli));
1729         ast_config_engine_deregister(&ldap_engine);
1730         ast_verb(1, "LDAP RealTime driver unloaded.\n");
1731
1732         /* Unlock so something else can destroy the lock. */
1733         ast_mutex_unlock(&ldap_lock);
1734
1735         return 0;
1736 }
1737
1738 /*! \breif Relod Module
1739  */
1740 static int reload(void)
1741 {
1742         /* Aquire control before doing anything to the module itself. */
1743         ast_mutex_lock(&ldap_lock);
1744
1745         if (ldapConn) {
1746                 ldap_unbind_ext_s(ldapConn, NULL, NULL);
1747                 ldapConn = NULL;
1748         }
1749
1750         if (parse_config() < 0) {
1751                 ast_log(LOG_NOTICE, "Cannot reload LDAP RealTime driver.\n");
1752                 ast_mutex_unlock(&ldap_lock);
1753                 return 0;
1754         }               
1755
1756         if (!ldap_reconnect())  {
1757                 ast_log(LOG_WARNING, "Couldn't establish connection to your directory server. Check debug.\n");
1758         }
1759
1760         ast_verb(2, "LDAP RealTime driver reloaded.\n");
1761
1762         /* Done reloading. Release lock so others can now use driver. */
1763         ast_mutex_unlock(&ldap_lock);
1764
1765         return 0;
1766 }
1767
1768 static int config_can_be_inherited(const char *key)
1769 {
1770         int i;
1771         static const char * const config[] = {
1772                 "basedn", "host", "pass", "port", "protocol", "url", "user", "version", NULL
1773         };
1774
1775         for (i = 0; config[i]; i++) {
1776                 if (!strcasecmp(key, config[i])) {
1777                         return 0;
1778                 }
1779         }
1780         return 1;
1781 }
1782
1783 /*! \brief parse the configuration file
1784  */
1785 static int parse_config(void)
1786 {
1787         struct ast_config *config;
1788         struct ast_flags config_flags = {0};
1789         const char *s, *host;
1790         int port;
1791         char *category_name = NULL;
1792
1793         /* Make sure that global variables are reset */
1794         url[0] = '\0';
1795         user[0] = '\0';
1796         pass[0] = '\0';
1797         base_distinguished_name[0] = '\0';
1798         version = 3;
1799
1800         config = ast_config_load(RES_CONFIG_LDAP_CONF, config_flags);
1801         if (config == CONFIG_STATUS_FILEMISSING || config == CONFIG_STATUS_FILEINVALID) {
1802                 ast_log(LOG_ERROR, "Cannot load configuration file: %s\n", RES_CONFIG_LDAP_CONF);
1803                 return -1;
1804         }
1805
1806         if (!(s = ast_variable_retrieve(config, "_general", "user"))) {
1807                 ast_log(LOG_NOTICE, "No directory user found, anonymous binding as default.\n");
1808                 user[0] = '\0';
1809         } else {
1810                 ast_copy_string(user, s, sizeof(user));
1811         }
1812
1813         if (!ast_strlen_zero(user)) {
1814                 if (!(s = ast_variable_retrieve(config, "_general", "pass"))) {
1815                         ast_log(LOG_WARNING, "No directory password found, using 'asterisk' as default.\n");
1816                         ast_copy_string(pass, "asterisk", sizeof(pass));
1817                 } else {
1818                         ast_copy_string(pass, s, sizeof(pass));
1819                 }
1820         }
1821
1822         /* URL is preferred, use host and port if not found */
1823         if ((s = ast_variable_retrieve(config, "_general", "url"))) {
1824                 ast_copy_string(url, s, sizeof(url));
1825         } else if ((host = ast_variable_retrieve(config, "_general", "host"))) {
1826                 if (!(s = ast_variable_retrieve(config, "_general", "port")) || sscanf(s, "%5d", &port) != 1 || port > 65535) {
1827                         ast_log(LOG_NOTICE, "No directory port found, using 389 as default.\n");
1828                         port = 389;
1829                 }
1830
1831                 snprintf(url, sizeof(url), "ldap://%s:%d", host, port);
1832         } else {
1833                 ast_log(LOG_ERROR, "No directory URL or host found.\n");
1834                 ast_config_destroy(config);
1835                 return -1;
1836         }
1837
1838         if (!(s = ast_variable_retrieve(config, "_general", "basedn"))) {
1839                 ast_log(LOG_ERROR, "No LDAP base dn found, using '%s' as default.\n", RES_CONFIG_LDAP_DEFAULT_BASEDN);
1840                 ast_copy_string(base_distinguished_name, RES_CONFIG_LDAP_DEFAULT_BASEDN, sizeof(base_distinguished_name));
1841         } else 
1842                 ast_copy_string(base_distinguished_name, s, sizeof(base_distinguished_name));
1843
1844         if (!(s = ast_variable_retrieve(config, "_general", "version")) && !(s = ast_variable_retrieve(config, "_general", "protocol"))) {
1845                 ast_log(LOG_NOTICE, "No explicit LDAP version found, using 3 as default.\n");
1846         } else if (sscanf(s, "%30d", &version) != 1 || version < 1 || version > 6) {
1847                 ast_log(LOG_WARNING, "Invalid LDAP version '%s', using 3 as default.\n", s);
1848                 version = 3;
1849         }
1850
1851         table_configs_free();
1852
1853         while ((category_name = ast_category_browse(config, category_name))) {
1854                 int is_general = (strcasecmp(category_name, "_general") == 0);
1855                 int is_config = (strcasecmp(category_name, "config") == 0); /*!< using the [config] context for Static RealTime */
1856                 struct ast_variable *var = ast_variable_browse(config, category_name);
1857                 
1858                 if (var) {
1859                         struct ldap_table_config *table_config =
1860                                 table_config_for_table_name(category_name);
1861                         if (!table_config) {
1862                                 table_config = table_config_new(category_name);
1863                                 AST_LIST_INSERT_HEAD(&table_configs, table_config, entry);
1864                                 if (is_general)
1865                                         base_table_config = table_config;
1866                                 if (is_config)
1867                                         static_table_config = table_config;
1868                         }
1869                         for (; var; var = var->next) {
1870                                 if (!strcasecmp(var->name, "additionalFilter")) {
1871                                         table_config->additional_filter = ast_strdup(var->value);
1872                                 } else {
1873                                         if (!is_general || config_can_be_inherited(var->name)) {
1874                                                 ldap_table_config_add_attribute(table_config, var->name, var->value);
1875                                         }
1876                                 }
1877                         }
1878                 }
1879         }
1880
1881         ast_config_destroy(config);
1882
1883         return 1;
1884 }
1885
1886 /*! \note ldap_lock should have been locked before calling this function. */
1887 static int ldap_reconnect(void)
1888 {
1889         int bind_result = 0;
1890         struct berval cred;
1891
1892         if (ldapConn) {
1893                 ast_debug(2, "Everything seems fine.\n");
1894                 return 1;
1895         }
1896
1897         if (ast_strlen_zero(url)) {
1898                 ast_log(LOG_ERROR, "Not enough parameters to connect to ldap directory\n");
1899                 return 0;
1900         }
1901
1902         if (LDAP_SUCCESS != ldap_initialize(&ldapConn, url)) {
1903                 ast_log(LOG_ERROR, "Failed to init ldap connection to '%s'. Check debug for more info.\n", url);
1904                 return 0;
1905         }
1906
1907         if (LDAP_OPT_SUCCESS != ldap_set_option(ldapConn, LDAP_OPT_PROTOCOL_VERSION, &version)) {
1908                 ast_log(LOG_WARNING, "Unable to set LDAP protocol version to %d, falling back to default.\n", version);
1909         }
1910
1911         if (!ast_strlen_zero(user)) {
1912                 ast_debug(2, "bind to '%s' as user '%s'\n", url, user);
1913                 cred.bv_val = (char *) pass;
1914                 cred.bv_len = strlen(pass);
1915                 bind_result = ldap_sasl_bind_s(ldapConn, user, LDAP_SASL_SIMPLE, &cred, NULL, NULL, NULL);
1916         } else {
1917                 ast_debug(2, "bind %s anonymously\n", url);
1918                 cred.bv_val = NULL;
1919                 cred.bv_len = 0;
1920                 bind_result = ldap_sasl_bind_s(ldapConn, NULL, LDAP_SASL_SIMPLE, &cred, NULL, NULL, NULL);
1921         }
1922         if (bind_result == LDAP_SUCCESS) {
1923                 ast_debug(2, "Successfully connected to directory.\n");
1924                 connect_time = time(NULL);
1925                 return 1;
1926         } else {
1927                 ast_log(LOG_WARNING, "bind failed: %s\n", ldap_err2string(bind_result));
1928                 ldap_unbind_ext_s(ldapConn, NULL, NULL);
1929                 ldapConn = NULL;
1930                 return 0;
1931         }
1932 }
1933
1934 /*! \brief Realtime Status
1935  *
1936  */
1937 static char *realtime_ldap_status(struct ast_cli_entry *e, int cmd, struct ast_cli_args *a)
1938 {
1939         char status[256];
1940         char credentials[100] = "";
1941         char buf[362]; /* 256+100+" for "+NULL */
1942         int ctimesec = time(NULL) - connect_time;
1943
1944         switch (cmd) {
1945         case CLI_INIT:
1946                 e->command = "realtime show ldap status";
1947                 e->usage =
1948                         "Usage: realtime show ldap status\n"
1949                         "              Shows connection information for the LDAP RealTime driver\n";
1950                 return NULL;
1951         case CLI_GENERATE:
1952                 return NULL;
1953         }
1954
1955         if (!ldapConn)
1956                 return CLI_FAILURE;
1957
1958         if (!ast_strlen_zero(url)) 
1959                 snprintf(status, sizeof(status), "Connected to '%s', baseDN %s", url, base_distinguished_name);
1960
1961         if (!ast_strlen_zero(user))
1962                 snprintf(credentials, sizeof(credentials), " with username %s", user);
1963
1964         snprintf(buf, sizeof(buf), "%s%s for ", status, credentials);
1965         ast_cli_print_timestr_fromseconds(a->fd, ctimesec, buf);
1966
1967         return CLI_SUCCESS;
1968 }
1969
1970 /*! \brief Module Information
1971  *
1972  */
1973 AST_MODULE_INFO(ASTERISK_GPL_KEY, AST_MODFLAG_LOAD_ORDER, "LDAP realtime interface",
1974         .support_level = AST_MODULE_SUPPORT_EXTENDED,
1975         .load = load_module,
1976         .unload = unload_module,
1977         .reload = reload,
1978         .load_pri = AST_MODPRI_REALTIME_DRIVER,
1979 );