#include <string.h>
#include <unistd.h>
#include <time.h>
#include <misc.h>
#include <stdlib.h>
#include "ldapconf.m"
#include "ldapconf.h"
#include "ldapconf_defs.h"

extern "C" int mkntpwd (const char *p, char lanman[33], char nt[33]);

/*
 * i64c - convert an integer to a radix 64 character
 */
static int i64c(int i)
{
	if (i < 0)
		return ('.');
	else if (i > 63)
		return ('z');
	if (i == 0)
		return ('.');
	if (i == 1)
		return ('/');
	if (i >= 2 && i <= 11)
		return ('0' - 2 + i);
	if (i >= 12 && i <= 37)
		return ('A' - 12 + i);
	if (i >= 38 && i <= 63)
		return ('a' - 38 + i);
	return ('\0');
}


static int unix_crypt (const char *password, char hash[100])
{
	FILE *fin = fopen ("/dev/urandom","r");
	char salt[3+8+1];
	strcpy (salt,"$1$");	// Prefix for MD5 password
	if (fin == NULL){
		// Odd, use time as the salt
		snprintf (salt+3,8,"%08ld",time(NULL) % 100000000);
		salt[11] = '\0';
	}else{
		int i;
		unsigned char tmp[8];
		char *cp;
		fread(tmp,1,sizeof(tmp),fin);
		cp = salt+3;
		for (i=0; i<8; i++) *cp++ = i64c(tmp[i] & 077);
		*cp = '\0';
	}
	strcpy (hash,crypt(password,salt));
	return 0;
}


int batch_addrecord(
	int argc,
	char *argv[])
{
	int ret = -1;
	const char *profile = NULL;
	LDAPOBJECT *ldapo = NULL;
	bool some_error = false;
	SSTRING passwd;
	int uidnumber = -1;
	for (int i=0; i<argc; i++){
		const char *opt = argv[i];
		const char *arg = i+1 < argc ? argv[i+1] : "";
		if (strcmp(opt,"--profile")==0){
			ldapo = new LDAPOBJECT (arg);
			profile = arg;
			i++;
		}else if (strcmp(opt,"--attr")==0){
			const char *pt = strchr(arg,'=');
			if (pt == NULL){
				xconf_error (MSG_U(E_IVLDPAIR,"Invalid attribute/value pair (= expected): %s"),arg);
				some_error = true;
			}else if (ldapo==NULL){
				xconf_error (MSG_U(E_PROFILEFIRST,"Option --profile is needed first"));
				some_error = true;
			}else{
				SSTRING attr;
				attr.setfrom (arg,(int)(pt-arg));
				const char *val = pt+1;
				char tmp[100];
				if (attr.icmp("userpassword")==0){
					passwd = val;
					unix_crypt (val,tmp);
					char *enc = base64_encode (tmp,strlen(tmp));
					strcpy (tmp,enc);
					free (enc);
					val = tmp;
				}
				ldapo->at_set (attr.get(),val);
			}
			i++;
		}else if (strcmp(opt,"--dn")==0){
			if (ldapo==NULL){
				xconf_error (MSG_R(E_PROFILEFIRST));
				some_error = true;
			}else{
				ldapo->dn.setfromf("dn: %s",arg);
			}
			i++;
		}else if (strcmp(opt,"--allocuid")==0){
			if (ldapo==NULL){
				xconf_error (MSG_R(E_PROFILEFIRST));
				some_error = true;
			}else{
				uidnumber = ldap_get_free_uidnumber(profile);
				ldapo->at_set("uidNumber",uidnumber);
			}
		}else if (strcmp(opt,"--setrid")==0){
			if (uidnumber == -1){
				xconf_error (MSG_U(E_SETRID,"Option --setrid must be use after --allocuid"));
				some_error = true;
			}else{
				ldapo->at_set("rid",uidnumber*2+1000);
			}
		}else if (strcmp(opt,"--mkntpwd")==0){
			if (passwd.is_empty()){
				xconf_error (MSG_U(E_OPTPASSBEFORE
					,"You must set the userpassword attribute before using --mkntpwd"));
			}else{
				char lanman[33],ntpwd[33];
				if (mkntpwd(passwd.get(),lanman,ntpwd)==0){
					ldapo->at_set ("lmPassword",lanman);
					ldapo->at_set ("ntPassword",ntpwd);
				}
			}
		}else{
			xconf_error (MSG_U(E_IVLDOPT,"Invalid option: %s"),opt);
			some_error = true;
		}
	}
	if (!some_error){
		ldapo->addclasses();
		const char *tmpfile = ldapo->gettmpfile();
		ldapo->export_ldif (tmpfile,false);
		if (file_exist(tmpfile)){
			ldapo->command_line.setfromf("-f %s",tmpfile);
			SSTRINGS resmsg;
			ret = ldapo->command ("ldapadd",resmsg); 
	   		/* Remove tmp entry file */
			unlink(tmpfile);
		}
	}
	return ret;
}