1 /* $NetBSD: bind.c,v 1.3 2021/08/14 16:14:55 christos Exp $ */
2
3 /* bind.c */
4 /* $OpenLDAP$ */
5 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
6 *
7 * Copyright 1998-2021 The OpenLDAP Foundation.
8 * All rights reserved.
9 *
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted only as authorized by the OpenLDAP
12 * Public License.
13 *
14 * A copy of this license is available in the file LICENSE in the
15 * top-level directory of the distribution or, alternatively, at
16 * <http://www.OpenLDAP.org/license.html>.
17 */
18 /* Portions Copyright (c) 1990 Regents of the University of Michigan.
19 * All rights reserved.
20 */
21
22 #include <sys/cdefs.h>
23 __RCSID("$NetBSD: bind.c,v 1.3 2021/08/14 16:14:55 christos Exp $");
24
25 #include "portable.h"
26
27 #include <stdio.h>
28
29 #include <ac/stdlib.h>
30
31 #include <ac/socket.h>
32 #include <ac/string.h>
33 #include <ac/time.h>
34
35 #include "ldap-int.h"
36 #include "ldap_log.h"
37
38 /*
39 * BindRequest ::= SEQUENCE {
40 * version INTEGER,
41 * name DistinguishedName, -- who
42 * authentication CHOICE {
43 * simple [0] OCTET STRING -- passwd
44 * krbv42ldap [1] OCTET STRING -- OBSOLETE
45 * krbv42dsa [2] OCTET STRING -- OBSOLETE
46 * sasl [3] SaslCredentials -- LDAPv3
47 * }
48 * }
49 *
50 * BindResponse ::= SEQUENCE {
51 * COMPONENTS OF LDAPResult,
52 * serverSaslCreds OCTET STRING OPTIONAL -- LDAPv3
53 * }
54 *
55 * (Source: RFC 2251)
56 */
57
58 /*
59 * ldap_bind - bind to the ldap server (and X.500). The dn and password
60 * of the entry to which to bind are supplied, along with the authentication
61 * method to use. The msgid of the bind request is returned on success,
62 * -1 if there's trouble. ldap_result() should be called to find out the
63 * outcome of the bind request.
64 *
65 * Example:
66 * ldap_bind( ld, "cn=manager, o=university of michigan, c=us", "secret",
67 * LDAP_AUTH_SIMPLE )
68 */
69
70 int
ldap_bind(LDAP * ld,LDAP_CONST char * dn,LDAP_CONST char * passwd,int authmethod)71 ldap_bind( LDAP *ld, LDAP_CONST char *dn, LDAP_CONST char *passwd, int authmethod )
72 {
73 Debug0( LDAP_DEBUG_TRACE, "ldap_bind\n" );
74
75 switch ( authmethod ) {
76 case LDAP_AUTH_SIMPLE:
77 return( ldap_simple_bind( ld, dn, passwd ) );
78
79 #ifdef HAVE_GSSAPI
80 case LDAP_AUTH_NEGOTIATE:
81 return( ldap_gssapi_bind_s( ld, dn, passwd) );
82 #endif
83
84 case LDAP_AUTH_SASL:
85 /* user must use ldap_sasl_bind */
86 /* FALL-THRU */
87
88 default:
89 ld->ld_errno = LDAP_AUTH_UNKNOWN;
90 return( -1 );
91 }
92 }
93
94 /*
95 * ldap_bind_s - bind to the ldap server (and X.500). The dn and password
96 * of the entry to which to bind are supplied, along with the authentication
97 * method to use. This routine just calls whichever bind routine is
98 * appropriate and returns the result of the bind (e.g. LDAP_SUCCESS or
99 * some other error indication).
100 *
101 * Examples:
102 * ldap_bind_s( ld, "cn=manager, o=university of michigan, c=us",
103 * "secret", LDAP_AUTH_SIMPLE )
104 * ldap_bind_s( ld, "cn=manager, o=university of michigan, c=us",
105 * NULL, LDAP_AUTH_KRBV4 )
106 */
107 int
ldap_bind_s(LDAP * ld,LDAP_CONST char * dn,LDAP_CONST char * passwd,int authmethod)108 ldap_bind_s(
109 LDAP *ld,
110 LDAP_CONST char *dn,
111 LDAP_CONST char *passwd,
112 int authmethod )
113 {
114 Debug0( LDAP_DEBUG_TRACE, "ldap_bind_s\n" );
115
116 switch ( authmethod ) {
117 case LDAP_AUTH_SIMPLE:
118 return( ldap_simple_bind_s( ld, dn, passwd ) );
119
120 #ifdef HAVE_GSSAPI
121 case LDAP_AUTH_NEGOTIATE:
122 return( ldap_gssapi_bind_s( ld, dn, passwd) );
123 #endif
124
125 case LDAP_AUTH_SASL:
126 /* user must use ldap_sasl_bind */
127 /* FALL-THRU */
128
129 default:
130 return( ld->ld_errno = LDAP_AUTH_UNKNOWN );
131 }
132 }
133