usr/src/lib/libldap5/sources/ldap/common/bind.c

   1 #pragma ident   "%Z%%M% %I%     %E% SMI"
   2
   3 /*
   4  * The contents of this file are subject to the Netscape Public
   5  * License Version 1.1 (the "License"); you may not use this file
   6  * except in compliance with the License. You may obtain a copy of
   7  * the License at http://www.mozilla.org/NPL/
   8  *
   9  * Software distributed under the License is distributed on an "AS
  10  * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
  11  * implied. See the License for the specific language governing
  12  * rights and limitations under the License.
  13  *
  14  * The Original Code is Mozilla Communicator client code, released
  15  * March 31, 1998.
  16  *
  17  * The Initial Developer of the Original Code is Netscape
  18  * Communications Corporation. Portions created by Netscape are
  19  * Copyright (C) 1998-1999 Netscape Communications Corporation. All
  20  * Rights Reserved.
  21  *
  22  * Contributor(s):
  23  */
  24 /*
  25  *  bind.c
  26  */
  27
  28 #if 0
  29 #ifndef lint
  30 static char copyright[] = "@(#) Copyright (c) 1990 Regents of the University of Michigan.\nAll rights reserved.\n";
  31 #endif
  32 #endif
  33
  34 #include "ldap-int.h"
  35
  36 /*
  37  * ldap_bind - bind to the ldap server. The dn and password
  38  * of the entry to which to bind are supplied, along with the authentication
  39  * method to use.  The msgid of the bind request is returned on success,
  40  * -1 if there's trouble.  Note, the kerberos support assumes the user already
  41  * has a valid tgt for now.  ldap_result() should be called to find out the
  42  * outcome of the bind request.
  43  *
  44  * Example:
  45  *      ldap_bind( ld, "cn=manager, o=university of michigan, c=us", "secret",
  46  *          LDAP_AUTH_SIMPLE )
  47  */
  48
  49 int
  50 LDAP_CALL
  51 ldap_bind( LDAP *ld, const char *dn, const char *passwd, int authmethod )
  52 {
  53         /*
  54          * The bind request looks like this:
  55          *      BindRequest ::= SEQUENCE {
  56          *              version         INTEGER,
  57          *              name            DistinguishedName,       -- who
  58          *              authentication  CHOICE {
  59          *                      simple          [0] OCTET STRING -- passwd
  60          *              }
  61          *      }
  62          * all wrapped up in an LDAPMessage sequence.
  63          */
  64
  65         LDAPDebug( LDAP_DEBUG_TRACE, "ldap_bind\n", 0, 0, 0 );
  66
  67         if ( !NSLDAPI_VALID_LDAP_POINTER( ld )) {
  68                 return( -1 );
  69         }
  70
  71         switch ( authmethod ) {
  72         case LDAP_AUTH_SIMPLE:
  73                 return( ldap_simple_bind( ld, dn, passwd ) );
  74
  75         default:
  76                 LDAP_SET_LDERRNO( ld, LDAP_AUTH_UNKNOWN, NULL, NULL );
  77                 return( -1 );
  78         }
  79 }
  80
  81 /*
  82  * ldap_bind_s - bind to the ldap server.  The dn and password
  83  * of the entry to which to bind are supplied, along with the authentication
  84  * method to use.  This routine just calls whichever bind routine is
  85  * appropriate and returns the result of the bind (e.g. LDAP_SUCCESS or
  86  * some other error indication).  Note, the kerberos support assumes the
  87  * user already has a valid tgt for now.
  88  *
  89  * Examples:
  90  *      ldap_bind_s( ld, "cn=manager, o=university of michigan, c=us",
  91  *          "secret", LDAP_AUTH_SIMPLE )
  92  *      ldap_bind_s( ld, "cn=manager, o=university of michigan, c=us",
  93  *          NULL, LDAP_AUTH_KRBV4 )
  94  */
  95 int
  96 LDAP_CALL
  97 ldap_bind_s( LDAP *ld, const char *dn, const char *passwd, int authmethod )
  98 {
  99         int     err;
 100
 101         LDAPDebug( LDAP_DEBUG_TRACE, "ldap_bind_s\n", 0, 0, 0 );
 102
 103         switch ( authmethod ) {
 104         case LDAP_AUTH_SIMPLE:
 105                 return( ldap_simple_bind_s( ld, dn, passwd ) );
 106
 107         default:
 108                 err = LDAP_AUTH_UNKNOWN;
 109                 LDAP_SET_LDERRNO( ld, err, NULL, NULL );
 110                 return( err );
 111         }
 112 }
 113
 114
 115 void
 116 LDAP_CALL
 117 ldap_set_rebind_proc( LDAP *ld, LDAP_REBINDPROC_CALLBACK *rebindproc,
 118     void *arg )
 119 {
 120         if ( ld == NULL ) {
 121                 if ( !nsldapi_initialized ) {
 122                         nsldapi_initialize_defaults();
 123                 }
 124                 ld = &nsldapi_ld_defaults;
 125         }
 126
 127         if ( NSLDAPI_VALID_LDAP_POINTER( ld )) {
 128                 LDAP_MUTEX_LOCK( ld, LDAP_OPTION_LOCK );
 129                 ld->ld_rebind_fn = rebindproc;
 130                 ld->ld_rebind_arg = arg;
 131                 LDAP_MUTEX_UNLOCK( ld, LDAP_OPTION_LOCK );
 132         }
 133 }
 134
 135
 136 /*
 137  * return a pointer to the bind DN for the default connection (a copy is
 138  * not made).  If there is no bind DN available, NULL is returned.
 139  */
 140 char *
 141 nsldapi_get_binddn( LDAP *ld )
 142 {
 143         char    *binddn;
 144
 145         binddn = NULL;  /* default -- assume they are not bound */
 146
 147         LDAP_MUTEX_LOCK( ld, LDAP_CONN_LOCK );
 148         if ( NULL != ld->ld_defconn && LDAP_CONNST_CONNECTED ==
 149             ld->ld_defconn->lconn_status && ld->ld_defconn->lconn_bound ) {
 150                 if (( binddn = ld->ld_defconn->lconn_binddn ) == NULL ) {
 151                         binddn = "";
 152                 }
 153         }
 154         LDAP_MUTEX_UNLOCK( ld, LDAP_CONN_LOCK );
 155
 156         return( binddn );
 157 }