1*0Sstevel@tonic-gate #pragma ident "%Z%%M% %I% %E% SMI"
2*0Sstevel@tonic-gate
3*0Sstevel@tonic-gate /*
4*0Sstevel@tonic-gate * The contents of this file are subject to the Netscape Public
5*0Sstevel@tonic-gate * License Version 1.1 (the "License"); you may not use this file
6*0Sstevel@tonic-gate * except in compliance with the License. You may obtain a copy of
7*0Sstevel@tonic-gate * the License at http://www.mozilla.org/NPL/
8*0Sstevel@tonic-gate *
9*0Sstevel@tonic-gate * Software distributed under the License is distributed on an "AS
10*0Sstevel@tonic-gate * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
11*0Sstevel@tonic-gate * implied. See the License for the specific language governing
12*0Sstevel@tonic-gate * rights and limitations under the License.
13*0Sstevel@tonic-gate *
14*0Sstevel@tonic-gate * The Original Code is Mozilla Communicator client code, released
15*0Sstevel@tonic-gate * March 31, 1998.
16*0Sstevel@tonic-gate *
17*0Sstevel@tonic-gate * The Initial Developer of the Original Code is Netscape
18*0Sstevel@tonic-gate * Communications Corporation. Portions created by Netscape are
19*0Sstevel@tonic-gate * Copyright (C) 1998-1999 Netscape Communications Corporation. All
20*0Sstevel@tonic-gate * Rights Reserved.
21*0Sstevel@tonic-gate *
22*0Sstevel@tonic-gate * Contributor(s):
23*0Sstevel@tonic-gate */
24*0Sstevel@tonic-gate /*
25*0Sstevel@tonic-gate * bind.c
26*0Sstevel@tonic-gate */
27*0Sstevel@tonic-gate
28*0Sstevel@tonic-gate #if 0
29*0Sstevel@tonic-gate #ifndef lint
30*0Sstevel@tonic-gate static char copyright[] = "@(#) Copyright (c) 1990 Regents of the University of Michigan.\nAll rights reserved.\n";
31*0Sstevel@tonic-gate #endif
32*0Sstevel@tonic-gate #endif
33*0Sstevel@tonic-gate
34*0Sstevel@tonic-gate #include "ldap-int.h"
35*0Sstevel@tonic-gate
36*0Sstevel@tonic-gate /*
37*0Sstevel@tonic-gate * ldap_bind - bind to the ldap server. The dn and password
38*0Sstevel@tonic-gate * of the entry to which to bind are supplied, along with the authentication
39*0Sstevel@tonic-gate * method to use. The msgid of the bind request is returned on success,
40*0Sstevel@tonic-gate * -1 if there's trouble. Note, the kerberos support assumes the user already
41*0Sstevel@tonic-gate * has a valid tgt for now. ldap_result() should be called to find out the
42*0Sstevel@tonic-gate * outcome of the bind request.
43*0Sstevel@tonic-gate *
44*0Sstevel@tonic-gate * Example:
45*0Sstevel@tonic-gate * ldap_bind( ld, "cn=manager, o=university of michigan, c=us", "secret",
46*0Sstevel@tonic-gate * LDAP_AUTH_SIMPLE )
47*0Sstevel@tonic-gate */
48*0Sstevel@tonic-gate
49*0Sstevel@tonic-gate int
50*0Sstevel@tonic-gate LDAP_CALL
ldap_bind(LDAP * ld,const char * dn,const char * passwd,int authmethod)51*0Sstevel@tonic-gate ldap_bind( LDAP *ld, const char *dn, const char *passwd, int authmethod )
52*0Sstevel@tonic-gate {
53*0Sstevel@tonic-gate /*
54*0Sstevel@tonic-gate * The bind request looks like this:
55*0Sstevel@tonic-gate * BindRequest ::= SEQUENCE {
56*0Sstevel@tonic-gate * version INTEGER,
57*0Sstevel@tonic-gate * name DistinguishedName, -- who
58*0Sstevel@tonic-gate * authentication CHOICE {
59*0Sstevel@tonic-gate * simple [0] OCTET STRING -- passwd
60*0Sstevel@tonic-gate * }
61*0Sstevel@tonic-gate * }
62*0Sstevel@tonic-gate * all wrapped up in an LDAPMessage sequence.
63*0Sstevel@tonic-gate */
64*0Sstevel@tonic-gate
65*0Sstevel@tonic-gate LDAPDebug( LDAP_DEBUG_TRACE, "ldap_bind\n", 0, 0, 0 );
66*0Sstevel@tonic-gate
67*0Sstevel@tonic-gate if ( !NSLDAPI_VALID_LDAP_POINTER( ld )) {
68*0Sstevel@tonic-gate return( -1 );
69*0Sstevel@tonic-gate }
70*0Sstevel@tonic-gate
71*0Sstevel@tonic-gate switch ( authmethod ) {
72*0Sstevel@tonic-gate case LDAP_AUTH_SIMPLE:
73*0Sstevel@tonic-gate return( ldap_simple_bind( ld, dn, passwd ) );
74*0Sstevel@tonic-gate
75*0Sstevel@tonic-gate default:
76*0Sstevel@tonic-gate LDAP_SET_LDERRNO( ld, LDAP_AUTH_UNKNOWN, NULL, NULL );
77*0Sstevel@tonic-gate return( -1 );
78*0Sstevel@tonic-gate }
79*0Sstevel@tonic-gate }
80*0Sstevel@tonic-gate
81*0Sstevel@tonic-gate /*
82*0Sstevel@tonic-gate * ldap_bind_s - bind to the ldap server. The dn and password
83*0Sstevel@tonic-gate * of the entry to which to bind are supplied, along with the authentication
84*0Sstevel@tonic-gate * method to use. This routine just calls whichever bind routine is
85*0Sstevel@tonic-gate * appropriate and returns the result of the bind (e.g. LDAP_SUCCESS or
86*0Sstevel@tonic-gate * some other error indication). Note, the kerberos support assumes the
87*0Sstevel@tonic-gate * user already has a valid tgt for now.
88*0Sstevel@tonic-gate *
89*0Sstevel@tonic-gate * Examples:
90*0Sstevel@tonic-gate * ldap_bind_s( ld, "cn=manager, o=university of michigan, c=us",
91*0Sstevel@tonic-gate * "secret", LDAP_AUTH_SIMPLE )
92*0Sstevel@tonic-gate * ldap_bind_s( ld, "cn=manager, o=university of michigan, c=us",
93*0Sstevel@tonic-gate * NULL, LDAP_AUTH_KRBV4 )
94*0Sstevel@tonic-gate */
95*0Sstevel@tonic-gate int
96*0Sstevel@tonic-gate LDAP_CALL
ldap_bind_s(LDAP * ld,const char * dn,const char * passwd,int authmethod)97*0Sstevel@tonic-gate ldap_bind_s( LDAP *ld, const char *dn, const char *passwd, int authmethod )
98*0Sstevel@tonic-gate {
99*0Sstevel@tonic-gate int err;
100*0Sstevel@tonic-gate
101*0Sstevel@tonic-gate LDAPDebug( LDAP_DEBUG_TRACE, "ldap_bind_s\n", 0, 0, 0 );
102*0Sstevel@tonic-gate
103*0Sstevel@tonic-gate switch ( authmethod ) {
104*0Sstevel@tonic-gate case LDAP_AUTH_SIMPLE:
105*0Sstevel@tonic-gate return( ldap_simple_bind_s( ld, dn, passwd ) );
106*0Sstevel@tonic-gate
107*0Sstevel@tonic-gate default:
108*0Sstevel@tonic-gate err = LDAP_AUTH_UNKNOWN;
109*0Sstevel@tonic-gate LDAP_SET_LDERRNO( ld, err, NULL, NULL );
110*0Sstevel@tonic-gate return( err );
111*0Sstevel@tonic-gate }
112*0Sstevel@tonic-gate }
113*0Sstevel@tonic-gate
114*0Sstevel@tonic-gate
115*0Sstevel@tonic-gate void
116*0Sstevel@tonic-gate LDAP_CALL
ldap_set_rebind_proc(LDAP * ld,LDAP_REBINDPROC_CALLBACK * rebindproc,void * arg)117*0Sstevel@tonic-gate ldap_set_rebind_proc( LDAP *ld, LDAP_REBINDPROC_CALLBACK *rebindproc,
118*0Sstevel@tonic-gate void *arg )
119*0Sstevel@tonic-gate {
120*0Sstevel@tonic-gate if ( ld == NULL ) {
121*0Sstevel@tonic-gate if ( !nsldapi_initialized ) {
122*0Sstevel@tonic-gate nsldapi_initialize_defaults();
123*0Sstevel@tonic-gate }
124*0Sstevel@tonic-gate ld = &nsldapi_ld_defaults;
125*0Sstevel@tonic-gate }
126*0Sstevel@tonic-gate
127*0Sstevel@tonic-gate if ( NSLDAPI_VALID_LDAP_POINTER( ld )) {
128*0Sstevel@tonic-gate LDAP_MUTEX_LOCK( ld, LDAP_OPTION_LOCK );
129*0Sstevel@tonic-gate ld->ld_rebind_fn = rebindproc;
130*0Sstevel@tonic-gate ld->ld_rebind_arg = arg;
131*0Sstevel@tonic-gate LDAP_MUTEX_UNLOCK( ld, LDAP_OPTION_LOCK );
132*0Sstevel@tonic-gate }
133*0Sstevel@tonic-gate }
134*0Sstevel@tonic-gate
135*0Sstevel@tonic-gate
136*0Sstevel@tonic-gate /*
137*0Sstevel@tonic-gate * return a pointer to the bind DN for the default connection (a copy is
138*0Sstevel@tonic-gate * not made). If there is no bind DN available, NULL is returned.
139*0Sstevel@tonic-gate */
140*0Sstevel@tonic-gate char *
nsldapi_get_binddn(LDAP * ld)141*0Sstevel@tonic-gate nsldapi_get_binddn( LDAP *ld )
142*0Sstevel@tonic-gate {
143*0Sstevel@tonic-gate char *binddn;
144*0Sstevel@tonic-gate
145*0Sstevel@tonic-gate binddn = NULL; /* default -- assume they are not bound */
146*0Sstevel@tonic-gate
147*0Sstevel@tonic-gate LDAP_MUTEX_LOCK( ld, LDAP_CONN_LOCK );
148*0Sstevel@tonic-gate if ( NULL != ld->ld_defconn && LDAP_CONNST_CONNECTED ==
149*0Sstevel@tonic-gate ld->ld_defconn->lconn_status && ld->ld_defconn->lconn_bound ) {
150*0Sstevel@tonic-gate if (( binddn = ld->ld_defconn->lconn_binddn ) == NULL ) {
151*0Sstevel@tonic-gate binddn = "";
152*0Sstevel@tonic-gate }
153*0Sstevel@tonic-gate }
154*0Sstevel@tonic-gate LDAP_MUTEX_UNLOCK( ld, LDAP_CONN_LOCK );
155*0Sstevel@tonic-gate
156*0Sstevel@tonic-gate return( binddn );
157*0Sstevel@tonic-gate }
158