/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- * * The contents of this file are subject to the Netscape Public * License Version 1.1 (the "License"); you may not use this file * except in compliance with the License. You may obtain a copy of * the License at http://www.mozilla.org/NPL/ * * Software distributed under the License is distributed on an "AS * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or * implied. See the License for the specific language governing * rights and limitations under the License. * * The Original Code is mozilla.org code. * * The Initial Developer of the Original Code is Netscape * Communications Corporation. Portions created by Netscape are * Copyright (C) 1998 Netscape Communications Corporation. All * Rights Reserved. * * Contributor(s): */ /* * Copyright (c) 1993 Regents of the University of Michigan. * All rights reserved. */ /* * sbind.c */ #if 0 #ifndef lint static char copyright[] = "@(#) Copyright (c) 1993 Regents of the University of Michigan.\nAll rights reserved.\n"; #endif #endif #include "ldap-int.h" static int simple_bind_nolock( LDAP *ld, const char *dn, const char *passwd, int unlock_permitted ); static int simple_bindifnot_s( LDAP *ld, const char *dn, const char *passwd ); /* * ldap_simple_bind - bind to the ldap server (and X.500). The dn and * password of the entry to which to bind are supplied. The message id * of the request initiated is returned. * * Example: * ldap_simple_bind( ld, "cn=manager, o=university of michigan, c=us", * "secret" ) */ int LDAP_CALL ldap_simple_bind( LDAP *ld, const char *dn, const char *passwd ) { int rc; LDAPDebug( LDAP_DEBUG_TRACE, "ldap_simple_bind\n", 0, 0, 0 ); if ( !NSLDAPI_VALID_LDAP_POINTER( ld )) { return( -1 ); } rc = simple_bind_nolock( ld, dn, passwd, 1 ); return( rc ); } static int simple_bind_nolock( LDAP *ld, const char *dn, const char *passwd, int unlock_permitted ) { BerElement *ber; int rc, msgid; /* * The bind request looks like this: * BindRequest ::= SEQUENCE { * version INTEGER, * name DistinguishedName, -- who * authentication CHOICE { * simple [0] OCTET STRING -- passwd * } * } * all wrapped up in an LDAPMessage sequence. */ LDAP_MUTEX_LOCK( ld, LDAP_MSGID_LOCK ); msgid = ++ld->ld_msgid; LDAP_MUTEX_UNLOCK( ld, LDAP_MSGID_LOCK ); if ( dn == NULL ) dn = ""; if ( passwd == NULL ) passwd = ""; if ( ld->ld_cache_on && ld->ld_cache_bind != NULL ) { struct berval bv; bv.bv_val = (char *)passwd; bv.bv_len = strlen( passwd ); /* if ( unlock_permitted ) LDAP_MUTEX_UNLOCK( ld ); */ LDAP_MUTEX_LOCK( ld, LDAP_CACHE_LOCK ); rc = (ld->ld_cache_bind)( ld, msgid, LDAP_REQ_BIND, dn, &bv, LDAP_AUTH_SIMPLE ); LDAP_MUTEX_UNLOCK( ld, LDAP_CACHE_LOCK ); /* if ( unlock_permitted ) LDAP_MUTEX_LOCK( ld ); */ if ( rc != 0 ) { return( rc ); } } /* create a message to send */ if (( rc = nsldapi_alloc_ber_with_options( ld, &ber )) != LDAP_SUCCESS ) { return( -1 ); } /* fill it in */ if ( ber_printf( ber, "{it{ists}", msgid, LDAP_REQ_BIND, NSLDAPI_LDAP_VERSION( ld ), dn, LDAP_AUTH_SIMPLE, passwd ) == -1 ) { LDAP_SET_LDERRNO( ld, LDAP_ENCODING_ERROR, NULL, NULL ); ber_free( ber, 1 ); return( -1 ); } if ( nsldapi_put_controls( ld, NULL, 1, ber ) != LDAP_SUCCESS ) { ber_free( ber, 1 ); return( -1 ); } /* send the message */ return( nsldapi_send_initial_request( ld, msgid, LDAP_REQ_BIND, (char *)dn, ber )); } /* * ldap_simple_bind - bind to the ldap server (and X.500) using simple * authentication. The dn and password of the entry to which to bind are * supplied. LDAP_SUCCESS is returned upon success, the ldap error code * otherwise. * * Example: * ldap_simple_bind_s( ld, "cn=manager, o=university of michigan, c=us", * "secret" ) */ int LDAP_CALL ldap_simple_bind_s( LDAP *ld, const char *dn, const char *passwd ) { int msgid; LDAPMessage *result; LDAPDebug( LDAP_DEBUG_TRACE, "ldap_simple_bind_s\n", 0, 0, 0 ); if ( NSLDAPI_VALID_LDAP_POINTER( ld ) && ( ld->ld_options & LDAP_BITOPT_RECONNECT ) != 0 ) { return( simple_bindifnot_s( ld, dn, passwd )); } if ( (msgid = ldap_simple_bind( ld, dn, passwd )) == -1 ) return( LDAP_GET_LDERRNO( ld, NULL, NULL ) ); if ( ldap_result( ld, msgid, 1, (struct timeval *) 0, &result ) == -1 ) return( LDAP_GET_LDERRNO( ld, NULL, NULL ) ); return( ldap_result2error( ld, result, 1 ) ); } /* * simple_bindifnot_s() is like ldap_simple_bind_s() except that it only does * a bind if the default connection is not currently bound. * If a successful bind using the same DN has already taken place we just * return LDAP_SUCCESS without conversing with the server at all. */ static int simple_bindifnot_s( LDAP *ld, const char *dn, const char *passwd ) { int msgid, rc; LDAPMessage *result; char *binddn; LDAPDebug( LDAP_DEBUG_TRACE, "simple_bindifnot_s\n", 0, 0, 0 ); if ( !NSLDAPI_VALID_LDAP_POINTER( ld )) { return( LDAP_PARAM_ERROR ); } if ( dn == NULL ) { dn = ""; /* to make comparisons simpler */ } /* * if we are already bound using the same DN, just return LDAP_SUCCESS. */ if ( NULL != ( binddn = nsldapi_get_binddn( ld )) && 0 == strcmp( dn, binddn )) { rc = LDAP_SUCCESS; LDAP_SET_LDERRNO( ld, rc, NULL, NULL ); goto unlock_and_return; } /* * if the default connection has been lost and is now marked dead, * dispose of the default connection so it will get re-established. */ LDAP_MUTEX_LOCK( ld, LDAP_CONN_LOCK ); if ( NULL != ld->ld_defconn && LDAP_CONNST_DEAD == ld->ld_defconn->lconn_status ) { nsldapi_free_connection( ld, ld->ld_defconn, 1, 0 ); ld->ld_defconn = NULL; } LDAP_MUTEX_UNLOCK( ld, LDAP_CONN_LOCK ); /* * finally, bind (this will open a new connection if necessary) */ if ( (msgid = simple_bind_nolock( ld, dn, passwd, 0 )) == -1 ) { rc = LDAP_GET_LDERRNO( ld, NULL, NULL ); goto unlock_and_return; } if ( nsldapi_result_nolock( ld, msgid, 1, 0, (struct timeval *) 0, &result ) == -1 ) { rc = LDAP_GET_LDERRNO( ld, NULL, NULL ); goto unlock_and_return; } rc = ldap_result2error( ld, result, 1 ); unlock_and_return: return( rc ); }