xref: /netbsd-src/external/bsd/openldap/dist/libraries/libldap/bind.c (revision 6cf6fe02a981b55727c49c3d37b0d8191a98c0ee) 
1 /*	$NetBSD: bind.c,v 1.1.1.4 2014/05/28 09:58:41 tron Exp $	*/
2 
3 /* bind.c */
4 /* $OpenLDAP$ */
5 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
6  *
7  * Copyright 1998-2014 The OpenLDAP Foundation.
8  * All rights reserved.
9  *
10  * Redistribution and use in source and binary forms, with or without
11  * modification, are permitted only as authorized by the OpenLDAP
12  * Public License.
13  *
14  * A copy of this license is available in the file LICENSE in the
15  * top-level directory of the distribution or, alternatively, at
16  * <http://www.OpenLDAP.org/license.html>.
17  */
18 /* Portions Copyright (c) 1990 Regents of the University of Michigan.
19  * All rights reserved.
20  */
21 
22 #include "portable.h"
23 
24 #include <stdio.h>
25 
26 #include <ac/stdlib.h>
27 
28 #include <ac/socket.h>
29 #include <ac/string.h>
30 #include <ac/time.h>
31 
32 #include "ldap-int.h"
33 #include "ldap_log.h"
34 
35 /*
36  *	BindRequest ::= SEQUENCE {
37  *		version		INTEGER,
38  *		name		DistinguishedName,	 -- who
39  *		authentication	CHOICE {
40  *			simple		[0] OCTET STRING -- passwd
41  *			krbv42ldap	[1] OCTET STRING -- OBSOLETE
42  *			krbv42dsa	[2] OCTET STRING -- OBSOLETE
43  *			sasl		[3] SaslCredentials	-- LDAPv3
44  *		}
45  *	}
46  *
47  *	BindResponse ::= SEQUENCE {
48  *		COMPONENTS OF LDAPResult,
49  *		serverSaslCreds		OCTET STRING OPTIONAL -- LDAPv3
50  *	}
51  *
52  * (Source: RFC 2251)
53  */
54 
55 /*
56  * ldap_bind - bind to the ldap server (and X.500).  The dn and password
57  * of the entry to which to bind are supplied, along with the authentication
58  * method to use.  The msgid of the bind request is returned on success,
59  * -1 if there's trouble.  ldap_result() should be called to find out the
60  * outcome of the bind request.
61  *
62  * Example:
63  *	ldap_bind( ld, "cn=manager, o=university of michigan, c=us", "secret",
64  *	    LDAP_AUTH_SIMPLE )
65  */
66 
67 int
68 ldap_bind( LDAP *ld, LDAP_CONST char *dn, LDAP_CONST char *passwd, int authmethod )
69 {
70 	Debug( LDAP_DEBUG_TRACE, "ldap_bind\n", 0, 0, 0 );
71 
72 	switch ( authmethod ) {
73 	case LDAP_AUTH_SIMPLE:
74 		return( ldap_simple_bind( ld, dn, passwd ) );
75 
76 #ifdef HAVE_GSSAPI
77 	case LDAP_AUTH_NEGOTIATE:
78 		return( ldap_gssapi_bind_s( ld, dn, passwd) );
79 #endif
80 
81 	case LDAP_AUTH_SASL:
82 		/* user must use ldap_sasl_bind */
83 		/* FALL-THRU */
84 
85 	default:
86 		ld->ld_errno = LDAP_AUTH_UNKNOWN;
87 		return( -1 );
88 	}
89 }
90 
91 /*
92  * ldap_bind_s - bind to the ldap server (and X.500).  The dn and password
93  * of the entry to which to bind are supplied, along with the authentication
94  * method to use.  This routine just calls whichever bind routine is
95  * appropriate and returns the result of the bind (e.g. LDAP_SUCCESS or
96  * some other error indication).
97  *
98  * Examples:
99  *	ldap_bind_s( ld, "cn=manager, o=university of michigan, c=us",
100  *	    "secret", LDAP_AUTH_SIMPLE )
101  *	ldap_bind_s( ld, "cn=manager, o=university of michigan, c=us",
102  *	    NULL, LDAP_AUTH_KRBV4 )
103  */
104 int
105 ldap_bind_s(
106 	LDAP *ld,
107 	LDAP_CONST char *dn,
108 	LDAP_CONST char *passwd,
109 	int authmethod )
110 {
111 	Debug( LDAP_DEBUG_TRACE, "ldap_bind_s\n", 0, 0, 0 );
112 
113 	switch ( authmethod ) {
114 	case LDAP_AUTH_SIMPLE:
115 		return( ldap_simple_bind_s( ld, dn, passwd ) );
116 
117 #ifdef HAVE_GSSAPI
118 	case LDAP_AUTH_NEGOTIATE:
119 		return( ldap_gssapi_bind_s( ld, dn, passwd) );
120 #endif
121 
122 	case LDAP_AUTH_SASL:
123 		/* user must use ldap_sasl_bind */
124 		/* FALL-THRU */
125 
126 	default:
127 		return( ld->ld_errno = LDAP_AUTH_UNKNOWN );
128 	}
129 }
130