| blob | 1d4430d9ea3716fd070ee32329c3be81a385ca03 |
1 /*
2 * Copyright 2002-2003 Sun Microsystems, Inc. All rights reserved.
3 * Use is subject to license terms.
4 */
8 /* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
9 *
10 * The contents of this file are subject to the Netscape Public License
11 * Version 1.0 (the "NPL"); you may not use this file except in
12 * compliance with the NPL. You may obtain a copy of the NPL at
13 * http://www.mozilla.org/NPL/
14 *
15 * Software distributed under the NPL is distributed on an "AS IS" basis,
16 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
17 * for the specific language governing rights and limitations under the
18 * NPL.
19 *
20 * The Initial Developer of the Original Code is Netscape
21 * Communications Corporation. Portions created by Netscape are
22 * Copyright (C) 1998-1999 Netscape Communications Corporation. All
23 * Rights Reserved.
24 *
25 * Contributor(s):
26 */
29 /*
30 * ldap_sasl_bind - authenticate to the ldap server. The dn, mechanism,
31 * and credentials of the entry to which to bind are supplied. An LDAP
32 * error code is returned and if LDAP_SUCCESS is returned *msgidp is set
33 * to the id of the request initiated.
34 *
35 * Example:
36 * struct berval creds;
37 * LDAPControl **ctrls;
38 * int err, msgid;
39 * ... fill in creds with credentials ...
40 * ... fill in ctrls with server controls ...
41 * err = ldap_sasl_bind( ld, "cn=manager, o=university of michigan, c=us",
42 * "mechanismname", &creds, ctrls, NULL, &msgid );
43 */
44 int
45 LDAP_CALL
54 )
55 {
59 /*
60 * The ldapv3 bind request looks like this:
61 * BindRequest ::= SEQUENCE {
62 * version INTEGER,
63 * name DistinguishedName, -- who
64 * authentication CHOICE {
65 * simple [0] OCTET STRING, -- passwd
66 * sasl [3] SaslCredentials -- v3 only
67 * }
68 * }
69 * SaslCredentials ::= SEQUENCE {
70 * mechanism LDAPString,
71 * credentials OCTET STRING
72 * }
73 * all wrapped up in an LDAPMessage sequence.
74 */
81 }
86 /* only ldapv3 or higher can do sasl binds */
90 }
106 }
108 }
110 /* create a message to send */
114 }
116 /* fill it in */
124 }
133 mechanism );
139 }
140 }
146 }
152 }
154 /* send the message */
159 }
161 /*
162 * ldap_sasl_bind_s - bind to the ldap server using sasl authentication
163 * The dn, mechanism, and credentials of the entry to which to bind are
164 * supplied. LDAP_SUCCESS is returned upon success, the ldap error code
165 * otherwise.
166 *
167 * Example:
168 * struct berval creds;
169 * ... fill in creds with credentials ...
170 * ldap_sasl_bind_s( ld, "cn=manager, o=university of michigan, c=us",
171 * "mechanismname", &creds )
172 */
173 int
174 LDAP_CALL
183 )
184 {
193 }
206 }
209 }
212 /* returns an LDAP error code that indicates if parse succeeded or not */
213 int
214 LDAP_CALL
219 int freeit
220 )
221 {
222 BerElement ber;
224 ber_int_t along;
225 ber_len_t len;
230 /*
231 * the ldapv3 SASL bind response looks like this:
232 *
233 * BindResponse ::= [APPLICATION 1] SEQUENCE {
234 * COMPONENTS OF LDAPResult,
235 * serverSaslCreds [7] OCTET STRING OPTIONAL
236 * }
237 *
238 * all wrapped up in an LDAPMessage sequence.
239 */
244 }
246 /* only ldapv3 or higher can do sasl binds */
250 }
254 }
258 /* skip past message id, matched dn, error message ... */
264 }
268 }
274 }
277 /* this is a little kludge for the 3.0 Barracuda/hammerhead relese */
278 /* the docs state that the return is either LDAP_DECODING_ERROR */
279 /* or LDAP_SUCCESS. Here we match the docs... it's cleaner in 3.1 */
285 }
286 }