HCoop / bpt / emacs.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
don't require grep in vc-git
[bpt/emacs.git] / lisp / net / ldap.el
CommitLineData
3afbc435 1;;; ldap.el --- client interface to LDAP for Emacs
7970b229 2
ba318903 3;; Copyright (C) 1998-2014 Free Software Foundation, Inc.
7970b229 4
ca151ad6 5;; Author: Oscar Figueiredo <oscar@cpe.fr>
34dc21db 6;; Maintainer: emacs-devel@gnu.org
7970b229
GM		 7;; Created: April 1998
8;; Keywords: comm
9
10;; This file is part of GNU Emacs.
11
874a927a 12;; GNU Emacs is free software: you can redistribute it and/or modify
7970b229 13;; it under the terms of the GNU General Public License as published by
874a927a
GM		 14;; the Free Software Foundation, either version 3 of the License, or
15;; (at your option) any later version.
7970b229
GM		 16
17;; GNU Emacs is distributed in the hope that it will be useful,
18;; but WITHOUT ANY WARRANTY; without even the implied warranty of
19;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20;; GNU General Public License for more details.
21
22;; You should have received a copy of the GNU General Public License
874a927a 23;; along with GNU Emacs. If not, see <http://www.gnu.org/licenses/>.
7970b229
GM		 24
25;;; Commentary:
26
27;; This package provides basic functionality to perform searches on LDAP
c69b943f
PJ		 28;; servers. It requires a command line utility generally named
29;; `ldapsearch' to actually perform the searches. That program can be
7970b229
GM		 30;; found in all LDAP developer kits such as:
31;; - UM-LDAP 3.3 (http://www.umich.edu/~dirsvcs/ldap/)
32;; - OpenLDAP (http://www.openldap.org/)
33
34;;; Code:
35
36(require 'custom)
37
eebc475d
TZ		 38(autoload 'auth-source-search "auth-source")
39
7970b229
GM		 40(defgroup ldap nil
41 "Lightweight Directory Access Protocol."
e162f054 42 :version "21.1"
7970b229
GM		 43 :group 'comm)
44
45(defcustom ldap-default-host nil
1fc7dabf 46 "Default LDAP server.
c69b943f 47A TCP port number can be appended to that name using a colon as
7970b229
GM		 48a separator."
49 :type '(choice (string :tag "Host name")
50 (const :tag "Use library default" nil))
51 :group 'ldap)
52
53(defcustom ldap-default-port nil
1fc7dabf 54 "Default TCP port for LDAP connections.
7970b229
GM		 55Initialized from the LDAP library at build time. Default value is 389."
56 :type '(choice (const :tag "Use library default" nil)
57 (integer :tag "Port number"))
58 :group 'ldap)
59
60(defcustom ldap-default-base nil
1fc7dabf 61 "Default base for LDAP searches.
7970b229
GM		 62This is a string using the syntax of RFC 1779.
63For instance, \"o=ACME, c=US\" limits the search to the
64Acme organization in the United States."
65 :type '(choice (const :tag "Use library default" nil)
66 (string :tag "Search base"))
67 :group 'ldap)
68
69
70(defcustom ldap-host-parameters-alist nil
1fc7dabf 71 "Alist of host-specific options for LDAP transactions.
7970b229 72The format of each list element is (HOST PROP1 VAL1 PROP2 VAL2 ...).
01f91eb8 73HOST is the hostname of an LDAP server (with an optional TCP port number
c69b943f 74appended to it using a colon as a separator).
7970b229 75PROPn and VALn are property/value pairs describing parameters for the server.
c69b943f
PJ		 76Valid properties include:
77 `binddn' is the distinguished name of the user to bind as
7970b229
GM		 78 (in RFC 1779 syntax).
79 `passwd' is the password to use for simple authentication.
c69b943f 80 `auth' is the authentication method to use.
7970b229
GM		 81 Possible values are: `simple', `krbv41' and `krbv42'.
82 `base' is the base for the search as described in RFC 1779.
83 `scope' is one of the three symbols `subtree', `base' or `onelevel'.
84 `deref' is one of the symbols `never', `always', `search' or `find'.
85 `timelimit' is the timeout limit for the connection in seconds.
86 `sizelimit' is the maximum number of matches to return."
87 :type '(repeat :menu-tag "Host parameters"
88 :tag "Host parameters"
89 (list :menu-tag "Host parameters"
90 :tag "Host parameters"
91 :value nil
92 (string :tag "Host name")
93 (checklist :inline t
94 :greedy t
95 (list
c69b943f 96 :tag "Search Base"
7970b229
GM		 97 :inline t
98 (const :tag "Search Base" base)
99 string)
100 (list
101 :tag "Binding DN"
102 :inline t
103 (const :tag "Binding DN" binddn)
104 string)
105 (list
106 :tag "Password"
107 :inline t
108 (const :tag "Password" passwd)
109 string)
110 (list
111 :tag "Authentication Method"
112 :inline t
113 (const :tag "Authentication Method" auth)
114 (choice
115 (const :menu-tag "None" :tag "None" nil)
116 (const :menu-tag "Simple" :tag "Simple" simple)
117 (const :menu-tag "Kerberos 4.1" :tag "Kerberos 4.1" krbv41)
118 (const :menu-tag "Kerberos 4.2" :tag "Kerberos 4.2" krbv42)))
119 (list
c69b943f 120 :tag "Search Scope"
7970b229
GM		 121 :inline t
122 (const :tag "Search Scope" scope)
123 (choice
124 (const :menu-tag "Default" :tag "Default" nil)
125 (const :menu-tag "Subtree" :tag "Subtree" subtree)
126 (const :menu-tag "Base" :tag "Base" base)
127 (const :menu-tag "One Level" :tag "One Level" onelevel)))
128 (list
129 :tag "Dereferencing"
130 :inline t
131 (const :tag "Dereferencing" deref)
132 (choice
133 (const :menu-tag "Default" :tag "Default" nil)
134 (const :menu-tag "Never" :tag "Never" never)
135 (const :menu-tag "Always" :tag "Always" always)
136 (const :menu-tag "When searching" :tag "When searching" search)
137 (const :menu-tag "When locating base" :tag "When locating base" find)))
138 (list
139 :tag "Time Limit"
140 :inline t
141 (const :tag "Time Limit" timelimit)
142 (integer :tag "(in seconds)"))
143 (list
144 :tag "Size Limit"
145 :inline t
146 (const :tag "Size Limit" sizelimit)
147 (integer :tag "(number of records)")))))
148 :group 'ldap)
149
150(defcustom ldap-ldapsearch-prog "ldapsearch"
1fc7dabf 151 "The name of the ldapsearch command line program."
7970b229
GM		 152 :type '(string :tag "`ldapsearch' Program")
153 :group 'ldap)
154
90557512 155(defcustom ldap-ldapsearch-args '("-LL" "-tt")
1fc7dabf 156 "A list of additional arguments to pass to `ldapsearch'."
7970b229
GM		 157 :type '(repeat :tag "`ldapsearch' Arguments"
158 (string :tag "Argument"))
159 :group 'ldap)
160
c69b943f 161(defcustom ldap-ignore-attribute-codings nil
1fc7dabf 162 "If non-nil, do not encode/decode LDAP attribute values."
7970b229
GM		 163 :type 'boolean
164 :group 'ldap)
165
166(defcustom ldap-default-attribute-decoder nil
1fc7dabf 167 "Decoder function to use for attributes whose syntax is unknown."
7970b229
GM		 168 :type 'symbol
169 :group 'ldap)
170
c69b943f 171(defcustom ldap-coding-system 'utf-8
1fc7dabf 172 "Coding system of LDAP string values.
c69b943f 173LDAP v3 specifies the coding system of strings to be UTF-8."
7970b229
GM		 174 :type 'symbol
175 :group 'ldap)
176
177(defvar ldap-attribute-syntax-encoders
c69b943f
PJ		 178 [nil ; 1 ACI Item N
179 nil ; 2 Access Point Y
180 nil ; 3 Attribute Type Description Y
181 nil ; 4 Audio N
182 nil ; 5 Binary N
183 nil ; 6 Bit String Y
184 ldap-encode-boolean ; 7 Boolean Y
185 nil ; 8 Certificate N
186 nil ; 9 Certificate List N
187 nil ; 10 Certificate Pair N
188 ldap-encode-country-string ; 11 Country String Y
189 ldap-encode-string ; 12 DN Y
190 nil ; 13 Data Quality Syntax Y
191 nil ; 14 Delivery Method Y
192 ldap-encode-string ; 15 Directory String Y
193 nil ; 16 DIT Content Rule Description Y
194 nil ; 17 DIT Structure Rule Description Y
195 nil ; 18 DL Submit Permission Y
196 nil ; 19 DSA Quality Syntax Y
197 nil ; 20 DSE Type Y
198 nil ; 21 Enhanced Guide Y
199 nil ; 22 Facsimile Telephone Number Y
200 nil ; 23 Fax N
201 nil ; 24 Generalized Time Y
202 nil ; 25 Guide Y
203 nil ; 26 IA5 String Y
204 number-to-string ; 27 INTEGER Y
205 nil ; 28 JPEG N
206 nil ; 29 Master And Shadow Access Points Y
207 nil ; 30 Matching Rule Description Y
208 nil ; 31 Matching Rule Use Description Y
209 nil ; 32 Mail Preference Y
210 nil ; 33 MHS OR Address Y
211 nil ; 34 Name And Optional UID Y
212 nil ; 35 Name Form Description Y
213 nil ; 36 Numeric String Y
214 nil ; 37 Object Class Description Y
215 nil ; 38 OID Y
216 nil ; 39 Other Mailbox Y
217 nil ; 40 Octet String Y
218 ldap-encode-address ; 41 Postal Address Y
219 nil ; 42 Protocol Information Y
220 nil ; 43 Presentation Address Y
221 ldap-encode-string ; 44 Printable String Y
222 nil ; 45 Subtree Specification Y
223 nil ; 46 Supplier Information Y
224 nil ; 47 Supplier Or Consumer Y
225 nil ; 48 Supplier And Consumer Y
226 nil ; 49 Supported Algorithm N
227 nil ; 50 Telephone Number Y
228 nil ; 51 Teletex Terminal Identifier Y
229 nil ; 52 Telex Number Y
230 nil ; 53 UTC Time Y
231 nil ; 54 LDAP Syntax Description Y
232 nil ; 55 Modify Rights Y
233 nil ; 56 LDAP Schema Definition Y
234 nil ; 57 LDAP Schema Description Y
235 nil ; 58 Substring Assertion Y
236 ]
7970b229
GM		 237 "A vector of functions used to encode LDAP attribute values.
238The sequence of functions corresponds to the sequence of LDAP attribute syntax
c69b943f 239object identifiers of the form 1.3.6.1.4.1.1466.1115.121.1.* as defined in
7970b229
GM		 240RFC2252 section 4.3.2")
241
242(defvar ldap-attribute-syntax-decoders
c69b943f
PJ		 243 [nil ; 1 ACI Item N
244 nil ; 2 Access Point Y
245 nil ; 3 Attribute Type Description Y
246 nil ; 4 Audio N
247 nil ; 5 Binary N
248 nil ; 6 Bit String Y
249 ldap-decode-boolean ; 7 Boolean Y
250 nil ; 8 Certificate N
251 nil ; 9 Certificate List N
252 nil ; 10 Certificate Pair N
253 ldap-decode-string ; 11 Country String Y
254 ldap-decode-string ; 12 DN Y
255 nil ; 13 Data Quality Syntax Y
256 nil ; 14 Delivery Method Y
257 ldap-decode-string ; 15 Directory String Y
258 nil ; 16 DIT Content Rule Description Y
259 nil ; 17 DIT Structure Rule Description Y
260 nil ; 18 DL Submit Permission Y
261 nil ; 19 DSA Quality Syntax Y
262 nil ; 20 DSE Type Y
263 nil ; 21 Enhanced Guide Y
264 nil ; 22 Facsimile Telephone Number Y
265 nil ; 23 Fax N
266 nil ; 24 Generalized Time Y
267 nil ; 25 Guide Y
268 nil ; 26 IA5 String Y
269 string-to-number ; 27 INTEGER Y
270 nil ; 28 JPEG N
271 nil ; 29 Master And Shadow Access Points Y
272 nil ; 30 Matching Rule Description Y
273 nil ; 31 Matching Rule Use Description Y
274 nil ; 32 Mail Preference Y
275 nil ; 33 MHS OR Address Y
276 nil ; 34 Name And Optional UID Y
277 nil ; 35 Name Form Description Y
278 nil ; 36 Numeric String Y
279 nil ; 37 Object Class Description Y
280 nil ; 38 OID Y
281 nil ; 39 Other Mailbox Y
282 nil ; 40 Octet String Y
283 ldap-decode-address ; 41 Postal Address Y
284 nil ; 42 Protocol Information Y
285 nil ; 43 Presentation Address Y
286 ldap-decode-string ; 44 Printable String Y
287 nil ; 45 Subtree Specification Y
288 nil ; 46 Supplier Information Y
289 nil ; 47 Supplier Or Consumer Y
290 nil ; 48 Supplier And Consumer Y
291 nil ; 49 Supported Algorithm N
292 nil ; 50 Telephone Number Y
293 nil ; 51 Teletex Terminal Identifier Y
294 nil ; 52 Telex Number Y
295 nil ; 53 UTC Time Y
296 nil ; 54 LDAP Syntax Description Y
297 nil ; 55 Modify Rights Y
298 nil ; 56 LDAP Schema Definition Y
299 nil ; 57 LDAP Schema Description Y
300 nil ; 58 Substring Assertion Y
301 ]
7970b229
GM		 302 "A vector of functions used to decode LDAP attribute values.
303The sequence of functions corresponds to the sequence of LDAP attribute syntax
c69b943f 304object identifiers of the form 1.3.6.1.4.1.1466.1115.121.1.* as defined in
7970b229
GM		 305RFC2252 section 4.3.2")
306
307
308(defvar ldap-attribute-syntaxes-alist
309 '((createtimestamp . 24)
310 (modifytimestamp . 24)
311 (creatorsname . 12)
312 (modifiersname . 12)
313 (subschemasubentry . 12)
314 (attributetypes . 3)
315 (objectclasses . 37)
316 (matchingrules . 30)
317 (matchingruleuse . 31)
318 (namingcontexts . 12)
319 (altserver . 26)
320 (supportedextension . 38)
321 (supportedcontrol . 38)
322 (supportedsaslmechanisms . 15)
323 (supportedldapversion . 27)
324 (ldapsyntaxes . 16)
325 (ditstructurerules . 17)
326 (nameforms . 35)
327 (ditcontentrules . 16)
328 (objectclass . 38)
329 (aliasedobjectname . 12)
330 (cn . 15)
331 (sn . 15)
332 (serialnumber . 44)
333 (c . 15)
334 (l . 15)
335 (st . 15)
336 (street . 15)
337 (o . 15)
338 (ou . 15)
339 (title . 15)
340 (description . 15)
341 (searchguide . 25)
342 (businesscategory . 15)
343 (postaladdress . 41)
344 (postalcode . 15)
345 (postofficebox . 15)
346 (physicaldeliveryofficename . 15)
347 (telephonenumber . 50)
348 (telexnumber . 52)
349 (telexterminalidentifier . 51)
350 (facsimiletelephonenumber . 22)
351 (x121address . 36)
352 (internationalisdnnumber . 36)
353 (registeredaddress . 41)
354 (destinationindicator . 44)
355 (preferreddeliverymethod . 14)
356 (presentationaddress . 43)
357 (supportedapplicationcontext . 38)
358 (member . 12)
359 (owner . 12)
360 (roleoccupant . 12)
361 (seealso . 12)
362 (userpassword . 40)
363 (usercertificate . 8)
364 (cacertificate . 8)
365 (authorityrevocationlist . 9)
366 (certificaterevocationlist . 9)
367 (crosscertificatepair . 10)
368 (name . 15)
369 (givenname . 15)
370 (initials . 15)
371 (generationqualifier . 15)
372 (x500uniqueidentifier . 6)
373 (dnqualifier . 44)
374 (enhancedsearchguide . 21)
375 (protocolinformation . 42)
376 (distinguishedname . 12)
377 (uniquemember . 34)
378 (houseidentifier . 15)
379 (supportedalgorithms . 49)
380 (deltarevocationlist . 9)
381 (dmdname . 15))
382 "A map of LDAP attribute names to their type object id minor number.
383This table is built from RFC2252 Section 5 and RFC2256 Section 5")
384
385
386;; Coding/decoding functions
387
388(defun ldap-encode-boolean (bool)
389 (if bool
390 "TRUE"
391 "FALSE"))
392
393(defun ldap-decode-boolean (str)
394 (cond
395 ((string-equal str "TRUE")
396 t)
397 ((string-equal str "FALSE")
398 nil)
399 (t
400 (error "Wrong LDAP boolean string: %s" str))))
c69b943f 401
7970b229
GM		 402(defun ldap-encode-country-string (str)
403 ;; We should do something useful here...
404 (if (not (= 2 (length str)))
405 (error "Invalid country string: %s" str)))
406
407(defun ldap-decode-string (str)
408 (decode-coding-string str ldap-coding-system))
409
410(defun ldap-encode-string (str)
411 (encode-coding-string str ldap-coding-system))
412
413(defun ldap-decode-address (str)
414 (mapconcat 'ldap-decode-string
415 (split-string str "\\$")
416 "\n"))
417
418(defun ldap-encode-address (str)
419 (mapconcat 'ldap-encode-string
420 (split-string str "\n")
421 "$"))
422
423
424;; LDAP protocol functions
c69b943f 425
7970b229
GM		 426(defun ldap-get-host-parameter (host parameter)
427 "Get the value of PARAMETER for HOST in `ldap-host-parameters-alist'."
428 (plist-get (cdr (assoc host ldap-host-parameters-alist))
429 parameter))
c69b943f 430
7970b229
GM		 431(defun ldap-decode-attribute (attr)
432 "Decode the attribute/value pair ATTR according to LDAP rules.
c69b943f
PJ		 433The attribute name is looked up in `ldap-attribute-syntaxes-alist'
434and the corresponding decoder is then retrieved from
7970b229
GM		 435`ldap-attribute-syntax-decoders' and applied on the value(s)."
436 (let* ((name (car attr))
437 (values (cdr attr))
438 (syntax-id (cdr (assq (intern (downcase name))
439 ldap-attribute-syntaxes-alist)))
440 decoder)
441 (if syntax-id
442 (setq decoder (aref ldap-attribute-syntax-decoders
443 (1- syntax-id)))
444 (setq decoder ldap-default-attribute-decoder))
445 (if decoder
446 (cons name (mapcar decoder values))
447 attr)))
7970b229
GM		 448
449(defun ldap-search (filter &optional host attributes attrsonly withdn)
450 "Perform an LDAP search.
451FILTER is the search filter in RFC1558 syntax.
452HOST is the LDAP host on which to perform the search.
c69b943f 453ATTRIBUTES are the specific attributes to retrieve, nil means
7970b229 454retrieve all.
c69b943f 455ATTRSONLY, if non-nil, retrieves the attributes only, without
7970b229
GM		 456the associated values.
457If WITHDN is non-nil, each entry in the result will be prepended with
458its distinguished name WITHDN.
c69b943f 459Additional search parameters can be specified through
7970b229
GM		 460`ldap-host-parameters-alist', which see."
461 (interactive "sFilter:")
462 (or host
463 (setq host ldap-default-host)
464 (error "No LDAP host specified"))
465 (let ((host-plist (cdr (assoc host ldap-host-parameters-alist)))
466 result)
a464a6c7
SM		 467 (setq result (ldap-search-internal `(host ,host
468 filter ,filter
469 attributes ,attributes
470 attrsonly ,attrsonly
471 withdn ,withdn
472 ,@host-plist)))
7970b229
GM		 473 (if ldap-ignore-attribute-codings
474 result
4a8da016
SM		 475 (mapcar (lambda (record)
476 (mapcar 'ldap-decode-attribute record))
7970b229
GM		 477 result))))
478
479
480(defun ldap-search-internal (search-plist)
481 "Perform a search on a LDAP server.
482SEARCH-PLIST is a property list describing the search request.
483Valid keys in that list are:
eebc475d
TZ		 484
485 `auth-source', if non-nil, will use `auth-source-search' and
486will grab the :host, :secret, :base, and (:user or :binddn)
487tokens into the `host', `passwd', `base', and `binddn' parameters
488respectively if they are not provided in SEARCH-PLIST. So for
489instance *each* of these netrc lines has the same effect if you
490ask for the host \"ldapserver:2400\":
491
492 machine ldapserver:2400 login myDN secret myPassword base myBase
493 machine ldapserver:2400 binddn myDN secret myPassword port ldap
494 login myDN secret myPassword base myBase
495
496but if you have more than one in your netrc file, only the first
497matching one will be used. Note the \"port ldap\" part is NOT
498required.
499
9b053e76 500 `host' is a string naming one or more (blank-separated) LDAP servers
7970b229
GM		 501to try to connect to. Each host name may optionally be of the form HOST:PORT.
502 `filter' is a filter string for the search as described in RFC 1558.
503 `attributes' is a list of strings indicating which attributes to retrieve
504for each matching entry. If nil, return all available attributes.
505 `attrsonly', if non-nil, indicates that only attributes are retrieved,
506not their associated values.
32553711 507 `auth' is one of the symbols `simple', `krbv41' or `krbv42'.
7970b229
GM		 508 `base' is the base for the search as described in RFC 1779.
509 `scope' is one of the three symbols `sub', `base' or `one'.
510 `binddn' is the distinguished name of the user to bind as (in RFC 1779 syntax).
4fda7cef 511 `auth' is one of the symbols `simple', `krbv41' or `krbv42'
7970b229
GM		 512 `passwd' is the password to use for simple authentication.
513 `deref' is one of the symbols `never', `always', `search' or `find'.
514 `timelimit' is the timeout limit for the connection in seconds.
515 `sizelimit' is the maximum number of matches to return.
516 `withdn' if non-nil each entry in the result will be prepended with
517its distinguished name DN.
518The function returns a list of matching entries. Each entry is itself
519an alist of attribute/value pairs."
eebc475d 520 (let* ((buf (get-buffer-create " *ldap-search*"))
7970b229
GM		 521 (bufval (get-buffer-create " *ldap-value*"))
522 (host (or (plist-get search-plist 'host)
523 ldap-default-host))
eebc475d
TZ		 524 ;; find entries with port "ldap" that match the requested host if any
525 (asfound (when (plist-get search-plist 'auth-source)
526 (nth 0 (auth-source-search :host (or host t)
527 :create t))))
528 ;; if no host was requested, get it from the auth-source entry
529 (host (or host (plist-get asfound :host)))
530 ;; get the password from the auth-source
531 (passwd (or (plist-get search-plist 'passwd)
532 (plist-get asfound :secret)))
533 ;; convert the password from a function call if needed
534 (passwd (if (functionp passwd) (funcall passwd) passwd))
535 ;; get the binddn from the search-list or from the
536 ;; auth-source user or binddn tokens
537 (binddn (or (plist-get search-plist 'binddn)
538 (plist-get asfound :user)
539 (plist-get asfound :binddn)))
540 (base (or (plist-get search-plist 'base)
541 (plist-get asfound :base)
542 ldap-default-base))
7970b229
GM		 543 (filter (plist-get search-plist 'filter))
544 (attributes (plist-get search-plist 'attributes))
545 (attrsonly (plist-get search-plist 'attrsonly))
7970b229 546 (scope (plist-get search-plist 'scope))
32553711 547 (auth (plist-get search-plist 'auth))
7970b229
GM		 548 (deref (plist-get search-plist 'deref))
549 (timelimit (plist-get search-plist 'timelimit))
550 (sizelimit (plist-get search-plist 'sizelimit))
551 (withdn (plist-get search-plist 'withdn))
552 (numres 0)
553 arglist dn name value record result)
554 (if (or (null filter)
555 (equal "" filter))
556 (error "No search filter"))
557 (setq filter (cons filter attributes))
80629cfc 558 (with-current-buffer buf
7970b229
GM		 559 (erase-buffer)
560 (if (and host
561 (not (equal "" host)))
562 (setq arglist (nconc arglist (list (format "-h%s" host)))))
563 (if (and attrsonly
564 (not (equal "" attrsonly)))
565 (setq arglist (nconc arglist (list "-A"))))
566 (if (and base
567 (not (equal "" base)))
568 (setq arglist (nconc arglist (list (format "-b%s" base)))))
569 (if (and scope
570 (not (equal "" scope)))
571 (setq arglist (nconc arglist (list (format "-s%s" scope)))))
572 (if (and binddn
573 (not (equal "" binddn)))
574 (setq arglist (nconc arglist (list (format "-D%s" binddn)))))
32553711
CY		 575 (if (and auth
576 (equal 'simple auth))
577 (setq arglist (nconc arglist (list "-x"))))
7970b229
GM		 578 (if (and passwd
579 (not (equal "" passwd)))
580 (setq arglist (nconc arglist (list (format "-w%s" passwd)))))
581 (if (and deref
582 (not (equal "" deref)))
583 (setq arglist (nconc arglist (list (format "-a%s" deref)))))
584 (if (and timelimit
585 (not (equal "" timelimit)))
586 (setq arglist (nconc arglist (list (format "-l%s" timelimit)))))
587 (if (and sizelimit
588 (not (equal "" sizelimit)))
589 (setq arglist (nconc arglist (list (format "-z%s" sizelimit)))))
c8043a22 590 (apply #'call-process ldap-ldapsearch-prog
362b9d48
GM		 591 ;; Ignore stderr, which can corrupt results
592 nil (list buf nil) nil
c8043a22 593 (append arglist ldap-ldapsearch-args filter))
7970b229
GM		 594 (insert "\n")
595 (goto-char (point-min))
c69b943f 596
74d40d47
PJ		 597 (while (re-search-forward "[\t\n\f]+ " nil t)
598 (replace-match "" nil nil))
599 (goto-char (point-min))
600
7970b229
GM		 601 (if (looking-at "usage")
602 (error "Incorrect ldapsearch invocation")
603 (message "Parsing results... ")
b4ac0cdb
PJ		 604 ;; Skip error message when retrieving attribute list
605 (if (looking-at "Size limit exceeded")
606 (forward-line 1))
fb5b9475 607 (if (looking-at "version:") (forward-line 1)) ;bug#12724.
c69b943f 608 (while (progn
7970b229
GM		 609 (skip-chars-forward " \t\n")
610 (not (eobp)))
9b026d9f 611 (setq dn (buffer-substring (point) (point-at-eol)))
7970b229 612 (forward-line 1)
6430562b
CY		 613 (while (looking-at "^\\([A-Za-z][-A-Za-z0-9]*\
614\\|[0-9]+\\(?:\\.[0-9]+\\)*\\)\\(;[-A-Za-z0-9]+\\)*[=:\t ]+\
615\\(<[\t ]*file://\\)\\(.*\\)$")
7970b229 616 (setq name (match-string 1)
7ce59e83 617 value (match-string 4))
f6a20b2c
JR		 618 ;; Need to handle file:///D:/... as generated by OpenLDAP
619 ;; on DOS/Windows as local files.
620 (if (and (memq system-type '(windows-nt ms-dos))
621 (eq (string-match "/\\(.:.*\\)$" value) 0))
622 (setq value (match-string 1 value)))
b4ac0cdb
PJ		 623 ;; Do not try to open non-existent files
624 (if (equal value "")
625 (setq value " ")
80629cfc 626 (with-current-buffer bufval
b4ac0cdb
PJ		 627 (erase-buffer)
628 (set-buffer-multibyte nil)
629 (insert-file-contents-literally value)
630 (delete-file value)
631 (setq value (buffer-string))))
7970b229
GM		 632 (setq record (cons (list name value)
633 record))
634 (forward-line 1))
8c0f49f0
CY		 635 (cond (withdn
636 (push (cons dn (nreverse record)) result))
637 (record
638 (push (nreverse record) result)))
7970b229 639 (setq record nil)
c69b943f 640 (skip-chars-forward " \t\n")
7970b229
GM		 641 (message "Parsing results... %d" numres)
642 (1+ numres))
643 (message "Parsing results... done")
644 (nreverse result)))))
645
7970b229
GM		 646(provide 'ldap)
647
648;;; ldap.el ends here
Unnamed repository; edit this file 'description' to name the repository.