search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Patrick Welche <prlw1@cam.ac.uk>
[netbsd-mini2440.git] / external / bsd / openldap / dist / servers / slapd / slapauth.c
blob8934df3b29faad7016f84f37db954fd4aec7bd8b
1 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
2 *
3 * Copyright 2004-2008 The OpenLDAP Foundation.
4 * Portions Copyright 2004 Pierangelo Masarati.
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted only as authorized by the OpenLDAP
9 * Public License.
10 *
11 * A copy of this license is available in file LICENSE in the
12 * top-level directory of the distribution or, alternatively, at
13 * <http://www.OpenLDAP.org/license.html>.
14 */
15 /* ACKNOWLEDGEMENTS:
16 * This work was initially developed by Pierangelo Masarati for inclusion
17 * in OpenLDAP Software.
18 */
19
20 #include "portable.h"
21
22 #include <stdio.h>
23
24 #include <ac/stdlib.h>
25
26 #include <ac/ctype.h>
27 #include <ac/string.h>
28 #include <ac/socket.h>
29 #include <ac/unistd.h>
30
31 #include <lber.h>
32 #include <ldif.h>
33 #include <lutil.h>
34
35 #include "slapcommon.h"
36
37 static int
38 do_check( Connection *c, Operation *op, struct berval *id )
39 {
40 struct berval authcdn;
41 int rc;
42
43 rc = slap_sasl_getdn( c, op, id, realm, &authcdn, SLAP_GETDN_AUTHCID );
44 if ( rc != LDAP_SUCCESS ) {
45 fprintf( stderr, "ID: <%s> check failed %d (%s)\n",
46 id->bv_val, rc,
47 ldap_err2string( rc ) );
48 rc = 1;
49
50 } else {
51 if ( !BER_BVISNULL( &authzID ) ) {
52 rc = slap_sasl_authorized( op, &authcdn, &authzID );
53
54 fprintf( stderr,
55 "ID: <%s>\n"
56 "authcDN: <%s>\n"
57 "authzDN: <%s>\n"
58 "authorization %s\n",
59 id->bv_val,
60 authcdn.bv_val,
61 authzID.bv_val,
62 rc == LDAP_SUCCESS ? "OK" : "failed" );
63
64 } else {
65 fprintf( stderr, "ID: <%s> check succeeded\n"
66 "authcID: <%s>\n",
67 id->bv_val,
68 authcdn.bv_val );
69 op->o_tmpfree( authcdn.bv_val, op->o_tmpmemctx );
70 }
71 rc = 0;
72 }
73
74 return rc;
75 }
76
77 int
78 slapauth( int argc, char **argv )
79 {
80 int rc = EXIT_SUCCESS;
81 const char *progname = "slapauth";
82 Connection conn = {0};
83 OperationBuffer opbuf;
84 Operation *op;
85
86 slap_tool_init( progname, SLAPAUTH, argc, argv );
87
88 argv = &argv[ optind ];
89 argc -= optind;
90
91 connection_fake_init( &conn, &opbuf, &conn );
92 op = &opbuf.ob_op;
93
94 conn.c_sasl_bind_mech = mech;
95
96 if ( !BER_BVISNULL( &authzID ) ) {
97 struct berval authzdn;
98
99 rc = slap_sasl_getdn( &conn, op, &authzID, NULL, &authzdn,
100 SLAP_GETDN_AUTHZID );
101 if ( rc != LDAP_SUCCESS ) {
102 fprintf( stderr, "authzID: <%s> check failed %d (%s)\n",
103 authzID.bv_val, rc,
104 ldap_err2string( rc ) );
105 rc = 1;
106 BER_BVZERO( &authzID );
107 goto destroy;
108 }
109
110 authzID = authzdn;
111 }
112
113
114 if ( !BER_BVISNULL( &authcID ) ) {
115 if ( !BER_BVISNULL( &authzID ) || argc == 0 ) {
116 rc = do_check( &conn, op, &authcID );
117 goto destroy;
118 }
119
120 for ( ; argc--; argv++ ) {
121 struct berval authzdn;
122
123 ber_str2bv( argv[ 0 ], 0, 0, &authzID );
124
125 rc = slap_sasl_getdn( &conn, op, &authzID, NULL, &authzdn,
126 SLAP_GETDN_AUTHZID );
127 if ( rc != LDAP_SUCCESS ) {
128 fprintf( stderr, "authzID: <%s> check failed %d (%s)\n",
129 authzID.bv_val, rc,
130 ldap_err2string( rc ) );
131 rc = -1;
132 BER_BVZERO( &authzID );
133 if ( !continuemode ) {
134 goto destroy;
135 }
136 }
137
138 authzID = authzdn;
139
140 rc = do_check( &conn, op, &authcID );
141
142 op->o_tmpfree( authzID.bv_val, op->o_tmpmemctx );
143 BER_BVZERO( &authzID );
144
145 if ( rc && !continuemode ) {
146 goto destroy;
147 }
148 }
149
150 goto destroy;
151 }
152
153 for ( ; argc--; argv++ ) {
154 struct berval id;
155
156 ber_str2bv( argv[ 0 ], 0, 0, &id );
157
158 rc = do_check( &conn, op, &id );
159
160 if ( rc && !continuemode ) {
161 goto destroy;
162 }
163 }
164
165 destroy:;
166 if ( !BER_BVISNULL( &authzID ) ) {
167 op->o_tmpfree( authzID.bv_val, op->o_tmpmemctx );
168 }
169 slap_tool_destroy();
170
171 return rc;
172 }
173
NetBSD on the FriendlyARM MINI2440