/* * ldap_compare - perform an ldap (and X.500) compare operation. The dn * of the entry to compare to and the attribute and value to compare (in * attr and value) are supplied. The msgid of the response is returned. * * Example: * ldap_compare( ld, "c=us@cn=bob", "userPassword", "secret" ) */ int ldap_compare( LDAP *ld, char *dn, char *attr, char *value ) { BerElement *ber; struct berval bv; int rv; /* The compare request looks like this: * CompareRequest ::= SEQUENCE { * entry DistinguishedName, * ava SEQUENCE { * type AttributeType, * value AttributeValue * } * } * and must be wrapped in an LDAPMessage. */ #ifdef _REENTRANT LOCK_LDAP(ld); #endif Debug( LDAP_DEBUG_TRACE, catgets(slapdcat, 1, 128, "ldap_compare\n"), 0, 0, 0 ); bv.bv_val = value; bv.bv_len = strlen(value); if ((ber = ldap_build_compare_req(ld, dn, attr, &bv, NULL)) == NULLBER) { #ifdef _REENTRANT UNLOCK_LDAP(ld); #endif return (-1); } #ifndef NO_CACHE if ( ld->ld_cache != NULL ) { if ( check_cache( ld, LDAP_REQ_COMPARE, ber ) == 0 ) { ber_free( ber, 1 ); ld->ld_errno = LDAP_SUCCESS; #ifdef _REENTRANT UNLOCK_LDAP(ld); #endif return( ld->ld_msgid ); } add_request_to_cache( ld, LDAP_REQ_COMPARE, ber ); } #endif /* NO_CACHE */ /* send the message */ rv = send_initial_request( ld, LDAP_REQ_COMPARE, dn, ber ); #ifdef _REENTRANT UNLOCK_LDAP(ld); #endif return (rv); }
int ldap_entry2text( LDAP *ld, char *buf, /* NULL for "use internal" */ LDAPMessage *entry, struct ldap_disptmpl *tmpl, char **defattrs, char ***defvals, writeptype writeproc, void *writeparm, char *eol, int rdncount, unsigned int opts ) { #if defined( SUN ) && defined( _REENTRANT ) int rv; LOCK_LDAP(ld); #endif Debug( LDAP_DEBUG_TRACE, catgets(slapdcat, 1, 253, "ldap_entry2text\n"), 0, 0, 0 ); #if defined( SUN ) && defined( _REENTRANT ) rv = do_entry2text( ld, buf, NULL, entry, tmpl, defattrs, defvals, writeproc, writeparm, eol, rdncount, opts, NULL ); UNLOCK_LDAP(ld); return( rv ); #else return( do_entry2text( ld, buf, NULL, entry, tmpl, defattrs, defvals, writeproc, writeparm, eol, rdncount, opts, NULL )); #endif }
int ldap_vals2text( LDAP *ld, char *buf, /* NULL for "use internal" */ char **vals, char *label, int labelwidth, /* 0 means use default */ unsigned int syntaxid, writeptype writeproc, void *writeparm, char *eol, int rdncount ) { #if defined( SUN ) && defined( _REENTRANT ) int rv; LOCK_LDAP(ld); #endif Debug( LDAP_DEBUG_TRACE, catgets(slapdcat, 1, 257, "ldap_vals2text\n"), 0, 0, 0 ); #if defined( SUN ) && defined( _REENTRANT ) rv = do_vals2text( ld, buf, vals, label, labelwidth, syntaxid, writeproc, writeparm, eol, rdncount, NULL ); UNLOCK_LDAP(ld); return( rv ); #else return( do_vals2text( ld, buf, vals, label, labelwidth, syntaxid, writeproc, writeparm, eol, rdncount, NULL )); #endif }
int ldap_entry2html_search( LDAP *ld, char *dn, /* if NULL, use entry */ char *base, /* if NULL, no search actions */ LDAPMessage *entry, /* if NULL, use dn */ struct ldap_disptmpl* tmpllist, /* if NULL, load default file */ char **defattrs, char ***defvals, writeptype writeproc, void *writeparm, char *eol, int rdncount, /* if 0, display full DN */ unsigned int opts, char *urlprefix ) { #if defined( SUN ) && defined( _REENTRANT ) int rv; LOCK_LDAP(ld); #endif Debug( LDAP_DEBUG_TRACE, catgets(slapdcat, 1, 256, "ldap_entry2html_search\n"), 0, 0, 0 ); #if defined( SUN ) && defined( _REENTRANT ) rv = do_entry2text_search( ld, dn, base, entry, tmpllist, defattrs, defvals, writeproc, writeparm, eol, rdncount, opts, urlprefix ); UNLOCK_LDAP(ld); return( rv ); #else return( do_entry2text_search( ld, dn, base, entry, tmpllist, defattrs, defvals, writeproc, writeparm, eol, rdncount, opts, urlprefix )); #endif }
/* * ldap_modrdn - initiate an ldap (and X.500) modifyRDN operation. Parameters: * * ld LDAP descriptor * dn DN of the object to modify * newrdn RDN to give the object * deleteoldrdn nonzero means to delete old rdn values from the entry * * Example: * msgid = ldap_modrdn( ld, dn, newrdn ); */ int ldap_modrdn( LDAP *ld, char *dn, char *newrdn, int deleteoldrdn ) { BerElement *ber; int rv; /* * A modify rdn request looks like this: * ModifyRDNRequest ::= SEQUENCE { * entry DistinguishedName, * newrdn RelativeDistinguishedName, * deleteoldrdn BOOLEAN * } */ #ifdef _REENTRANT LOCK_LDAP(ld); #endif Debug( LDAP_DEBUG_TRACE, catgets(slapdcat, 1, 193, "ldap_modrdn\n"), 0, 0, 0 ); /* create a message to send */ if ( (ber = alloc_ber_with_options( ld )) == NULLBER ) { #ifdef _REENTRANT UNLOCK_LDAP(ld); #endif return( -1 ); } if ( ber_printf( ber, "{it{ssb}}", ++ld->ld_msgid, LDAP_REQ_MODRDN, dn, newrdn, deleteoldrdn ) == -1 ) { ld->ld_errno = LDAP_ENCODING_ERROR; ber_free( ber, 1 ); #ifdef _REENTRANT UNLOCK_LDAP(ld); #endif return( -1 ); } /* send the message */ rv = send_initial_request( ld, LDAP_REQ_MODRDN, dn, ber ); #ifdef _REENTRANT UNLOCK_LDAP(ld); #endif return ( rv ); }
int ldap_add_ext(LDAP *ld, char *dn, LDAPMod **attrs, LDAPControl ** serverctrls, LDAPControl **clientctrls, int *msgidp) { BerElement *ber; int i, rc; int rv; #ifdef _REENTRANT LOCK_LDAP(ld); #endif Debug( LDAP_DEBUG_TRACE, catgets(slapdcat, 1, 87, "ldap_add\n"), 0, 0, 0 ); if ((ber = ldap_build_add_req(ld, dn, attrs, serverctrls)) == NULLBER){ rv = ld->ld_errno; if (rv == LDAP_SUCCESS) rv = LDAP_OTHER; #ifdef _REENTRANT UNLOCK_LDAP(ld); #endif return (rv); } /* send the message */ rv = send_initial_request( ld, LDAP_REQ_ADD, dn, ber ); if (rv == -1) { rv = ld->ld_errno; if (rv == LDAP_SUCCESS){ rv = LDAP_OTHER; } #ifdef _REENTRANT UNLOCK_LDAP(ld); #endif return (rv); } *msgidp = rv; #ifdef _REENTRANT UNLOCK_LDAP(ld); #endif return (LDAP_SUCCESS); }
void cldap_setretryinfo( LDAP *ld, int tries, time_t timeout ) { #if defined( SUN ) && defined( _REENTRANT ) LOCK_LDAP(ld); #endif ld->ld_cldaptries = ( tries <= 0 ) ? DEF_CLDAP_TRIES : tries; ld->ld_cldaptimeout = ( timeout <= 0 ) ? DEF_CLDAP_TIMEOUT : timeout; #if defined( SUN ) && defined( _REENTRANT ) UNLOCK_LDAP(ld); #endif }
LDAP * ldap_open(char *host, int port) { LDAP *ld; int err; if ((ld = ldap_init(host, port)) == NULL) { return (NULL); } Debug(LDAP_DEBUG_TRACE, catgets(slapdcat, 1, 113, "ldap_open (after ldap_init)\n"), 0, 0, 0); #ifdef _REENTRANT LOCK_LDAP(ld); #endif if ((err = open_default_ldap_connection(ld)) != LDAP_SUCCESS) { #ifdef _REENTRANT UNLOCK_LDAP(ld); #endif ldap_ld_free(ld, 0); Debug(LDAP_DEBUG_ANY, catgets(slapdcat, 1, 1275, "ldap_open failed, %s\n"), ldap_err2string(err), 0, 0); return (NULL); } Debug(LDAP_DEBUG_TRACE, catgets(slapdcat, 1, 194, "ldap_open successful, ld_host is %s\n"), (ld->ld_host == NULL) ? "(null)" : ld->ld_host, 0, 0); #ifdef _REENTRANT UNLOCK_LDAP(ld); #endif return (ld); }
/* * ldap_add - initiate an ldap (and X.500) add operation. Parameters: * * ld LDAP descriptor * dn DN of the entry to add * mods List of attributes for the entry. This is a null- * terminated array of pointers to LDAPMod structures. * only the type and values in the structures need be * filled in. * * Example: * LDAPMod *attrs[] = { * { 0, "cn", { "babs jensen", "babs", 0 } }, * { 0, "sn", { "jensen", 0 } }, * { 0, "objectClass", { "person", 0 } }, * 0 * } * msgid = ldap_add( ld, dn, attrs ); */ int ldap_add( LDAP *ld, char *dn, LDAPMod **attrs ) { BerElement *ber; int rv; #ifdef _REENTRANT LOCK_LDAP(ld); #endif Debug( LDAP_DEBUG_TRACE, catgets(slapdcat, 1, 87, "ldap_add\n"), 0, 0, 0 ); if ((ber = ldap_build_add_req(ld, dn, attrs, NULL)) == NULLBER){ #ifdef _REENTRANT UNLOCK_LDAP(ld); #endif return (-1); } /* send the message */ rv = send_initial_request( ld, LDAP_REQ_ADD, dn, ber ); #ifdef _REENTRANT UNLOCK_LDAP(ld); #endif return (rv); }
int ldap_entry2html( LDAP *ld, char *buf, /* NULL for "use internal" */ LDAPMessage *entry, struct ldap_disptmpl *tmpl, char **defattrs, char ***defvals, writeptype writeproc, void *writeparm, char *eol, int rdncount, unsigned int opts, char *base, char *urlprefix ) { #if defined( SUN ) && defined( _REENTRANT ) int rv; LOCK_LDAP(ld); #endif Debug( LDAP_DEBUG_TRACE, catgets(slapdcat, 1, 254, "ldap_entry2html\n"), 0, 0, 0 ); if ( urlprefix == NULL ) { urlprefix = DEF_LDAP_URL_PREFIX; } #if defined( SUN ) && defined( _REENTRANT ) rv = do_entry2text( ld, buf, base, entry, tmpl, defattrs, defvals, writeproc, writeparm, eol, rdncount, opts, urlprefix ); UNLOCK_LDAP(ld); return( rv ); #else return( do_entry2text( ld, buf, base, entry, tmpl, defattrs, defvals, writeproc, writeparm, eol, rdncount, opts, urlprefix )); #endif }
int ldap_compare_ext_s(LDAP *ld, char *dn, char *attr, struct berval *bvalue, LDAPControl ** serverctrls, LDAPControl **clientctrls) { int msgid, retcode = LDAP_SUCCESS; LDAPMessage *res; if ( (retcode = ldap_compare_ext( ld, dn, attr, bvalue, serverctrls, clientctrls, &msgid )) != LDAP_SUCCESS ) return( retcode ); if ( ldap_result( ld, msgid, 1, (struct timeval *) NULL, &res ) == -1 ) return( ld->ld_errno ); #ifdef _REENTRANT LOCK_LDAP(ld); #endif retcode = ldap_parse_result( ld, res, &ld->ld_errno, &ld->ld_matched, &ld->ld_error, &ld->ld_referrals, &ld->ld_ret_ctrls, 1); if (retcode == LDAP_SUCCESS) retcode = ld->ld_errno; #ifdef _REENTRANT UNLOCK_LDAP(ld); #endif return (retcode); }
static int cldap_result( LDAP *ld, int msgid, LDAPMessage **res, struct cldap_retinfo *crip, char *base ) { Sockbuf *sb; BerElement ber; char *logdn; int ret, id, fromaddr, i; struct timeval tv; #if defined( SUN ) && defined( _REENTRANT ) LOCK_LDAP(ld); #endif sb = &ld->ld_sb; fromaddr = -1; if ( crip->cri_try == 0 ) { crip->cri_maxtries = ld->ld_cldaptries * sb->sb_naddr; crip->cri_timeout = ld->ld_cldaptimeout; crip->cri_useaddr = 0; Debug( LDAP_DEBUG_TRACE, catgets(slapdcat, 1, 117, "cldap_result tries %1$d timeout %2$d\n"), ld->ld_cldaptries, ld->ld_cldaptimeout, 0 ); } if ((tv.tv_sec = crip->cri_timeout / sb->sb_naddr) < 1 ) { tv.tv_sec = 1; } tv.tv_usec = 0; Debug( LDAP_DEBUG_TRACE, catgets(slapdcat, 1, 118, "cldap_result waiting up to %d seconds for a response\n"), tv.tv_sec, 0, 0 ); ber_zero_init( &ber, 0 ); set_ber_options( ld, &ber ); if ( cldap_getmsg( ld, &tv, &ber ) == -1 ) { ret = ld->ld_errno; Debug( LDAP_DEBUG_TRACE, catgets(slapdcat, 1, 119, "cldap_getmsg returned -1 (%d)\n"), ret, 0, 0 ); } else if ( ld->ld_errno == LDAP_TIMEOUT ) { Debug( LDAP_DEBUG_TRACE, catgets(slapdcat, 1, 120, "cldap_result timed out\n"), 0, 0, 0 ); /* * It timed out; is it time to give up? */ if ( ++crip->cri_try >= crip->cri_maxtries ) { ret = LDAP_TIMEOUT; --crip->cri_try; } else { if ( ++crip->cri_useaddr >= sb->sb_naddr ) { /* * new round: reset address to first one and * double the timeout */ crip->cri_useaddr = 0; crip->cri_timeout <<= 1; } ret = -1; } } else { /* * Got a response. It should look like: * { msgid, logdn, { searchresponse...}} */ logdn = NULL; if ( ber_scanf( &ber, "ia", &id, &logdn ) == LBER_ERROR ) { free( ber.ber_buf ); /* gack! */ ret = LDAP_DECODING_ERROR; Debug( LDAP_DEBUG_TRACE, catgets(slapdcat, 1, 121, "cldap_result: ber_scanf returned LBER_ERROR (%d)\n"), ret, 0, 0 ); } else if ( id != msgid ) { free( ber.ber_buf ); /* gack! */ Debug( LDAP_DEBUG_TRACE, catgets(slapdcat, 1, 122, "cldap_result: looking for msgid %1$d; got %2$d\n"), msgid, id, 0 ); ret = -1; /* ignore and keep looking */ } else { /* * got a result: determine which server it came from * decode into ldap message chain */ for ( fromaddr = 0; fromaddr < sb->sb_naddr; ++fromaddr ) { if ( memcmp( &((struct sockaddr_in *) sb->sb_addrs[ fromaddr ])->sin_addr, &((struct sockaddr_in *)sb->sb_fromaddr)->sin_addr, sizeof( struct in_addr )) == 0 ) { break; } } ret = cldap_parsemsg( ld, msgid, &ber, res, base ); free( ber.ber_buf ); /* gack! */ Debug( LDAP_DEBUG_TRACE, catgets(slapdcat, 1, 123, "cldap_result got result (%d)\n"), ret, 0, 0 ); } if ( logdn != NULL ) { free( logdn ); } } /* * If we are giving up (successfully or otherwise) then * abandon any outstanding requests. */ if ( ret != -1 ) { i = crip->cri_try; if ( i >= sb->sb_naddr ) { i = sb->sb_naddr - 1; } for ( ; i >= 0; --i ) { if ( i == fromaddr ) { continue; } sb->sb_useaddr = sb->sb_addrs[ i ]; Debug( LDAP_DEBUG_TRACE, catgets(slapdcat, 1, 124, "cldap_result abandoning id %1$d (to %2$s)\n"), msgid, inet_ntoa( ((struct sockaddr_in *) sb->sb_useaddr)->sin_addr ), 0 ); (void) ldap_abandon( ld, msgid ); } } #if defined( SUN ) && defined( _REENTRANT ) UNLOCK_LDAP(ld); #endif return( ld->ld_errno = ret ); }
int cldap_search_s( LDAP *ld, char *base, int scope, char *filter, char **attrs, int attrsonly, LDAPMessage **res, char *logdn ) { int ret, msgid; struct cldap_retinfo cri; *res = NULLMSG; (void) memset( &cri, 0, sizeof( cri )); #if defined( SUN ) && defined( _REENTRANT ) LOCK_LDAP(ld); #endif if ( logdn != NULL ) { ld->ld_cldapdn = logdn; } else if ( ld->ld_cldapdn == NULL ) { ld->ld_cldapdn = ""; } do { if ( cri.cri_try != 0 ) { --ld->ld_msgid; /* use same id as before */ } ld->ld_sb.sb_useaddr = ld->ld_sb.sb_addrs[ cri.cri_useaddr ]; Debug( LDAP_DEBUG_TRACE, catgets(slapdcat, 1, 115, "cldap_search_s try %1$d (to %2$s)\n"), cri.cri_try, inet_ntoa( ((struct sockaddr_in *) ld->ld_sb.sb_useaddr)->sin_addr ), 0 ); if ( (msgid = ldap_search( ld, base, scope, filter, attrs, attrsonly )) == -1 ) { #if defined( SUN ) && defined( _REENTRANT ) UNLOCK_LDAP(ld); #endif return( ld->ld_errno ); } #ifndef NO_CACHE #if defined( SUN ) && defined( _REENTRANT ) LOCK_RESPONSE(ld); #endif if ( ld->ld_cache != NULL && ld->ld_responses != NULL ) { Debug( LDAP_DEBUG_TRACE, catgets(slapdcat, 1, 116, "cldap_search_s res from cache\n"), 0, 0, 0 ); *res = ld->ld_responses; ld->ld_responses = ld->ld_responses->lm_next; #if defined( SUN ) && defined( _REENTRANT ) UNLOCK_LDAP(ld); ret = ldap_result2error( ld, *res, 0 ); UNLOCK_RESPONSE(ld); return( ret ); #else return( ldap_result2error( ld, *res, 0 )); #endif } #endif /* NO_CACHE */ ret = cldap_result( ld, msgid, res, &cri, base ); #if defined( SUN ) && defined( _REENTRANT ) UNLOCK_RESPONSE(ld); #endif } while (ret == -1); return( ret ); }
/* LDAPv3 API extensions */ int ldap_compare_ext(LDAP *ld, char *dn, char *attr, struct berval *bvalue, LDAPControl ** serverctrls, LDAPControl **clientctrls, int *msgidp) { BerElement *ber; struct berval bv; int rv; /* The compare request looks like this: * CompareRequest ::= SEQUENCE { * entry DistinguishedName, * ava SEQUENCE { * type AttributeType, * value AttributeValue * } * } * and must be wrapped in an LDAPMessage. */ #ifdef _REENTRANT LOCK_LDAP(ld); #endif Debug( LDAP_DEBUG_TRACE, catgets(slapdcat, 1, 128, "ldap_compare\n"), 0, 0, 0 ); if ((ber = ldap_build_compare_req(ld, dn, attr, bvalue, NULL)) == NULLBER) { rv = ld->ld_errno; if (rv == LDAP_SUCCESS) rv = LDAP_OTHER; #ifdef _REENTRANT UNLOCK_LDAP(ld); #endif return (rv); } #ifndef NO_CACHE if ( ld->ld_cache != NULL ) { if ( check_cache( ld, LDAP_REQ_COMPARE, ber ) == 0 ) { ber_free( ber, 1 ); ld->ld_errno = LDAP_SUCCESS; *msgidp = ld->ld_msgid; #ifdef _REENTRANT UNLOCK_LDAP(ld); #endif return( LDAP_SUCCESS ); } add_request_to_cache( ld, LDAP_REQ_COMPARE, ber ); } #endif /* NO_CACHE */ /* send the message */ rv = send_initial_request( ld, LDAP_REQ_COMPARE, dn, ber ); if (rv == -1) { rv = ld->ld_errno; if (rv == LDAP_SUCCESS){ rv = LDAP_OTHER; } #ifdef _REENTRANT UNLOCK_LDAP(ld); #endif return (rv); } *msgidp = rv; #ifdef _REENTRANT UNLOCK_LDAP(ld); #endif return (LDAP_SUCCESS); }
/* * ldap_kerberos_bind1 - initiate a bind to the ldap server using * kerberos authentication. The dn is supplied. It is assumed the user * already has a valid ticket granting ticket. The msgid of the * request is returned on success (suitable for passing to ldap_result()), * -1 is returned if there's trouble. * * Example: * ldap_kerberos_bind1( ld, "cn=manager, o=university of michigan, c=us" ) */ int ldap_kerberos_bind1( LDAP *ld, char *dn ) { BerElement *ber; char *cred; int rc, credlen; char *get_kerberosv4_credentials(); #ifdef STR_TRANSLATION int str_translation_on; #endif /* STR_TRANSLATION */ /* * The bind request looks like this: * BindRequest ::= SEQUENCE { * version INTEGER, * name DistinguishedName, * authentication CHOICE { * krbv42ldap [1] OCTET STRING * krbv42dsa [2] OCTET STRING * } * } * all wrapped up in an LDAPMessage sequence. */ #if defined( SUN ) && defined( _REENTRANT ) int rv; LOCK_LDAP(ld); #endif Debug( LDAP_DEBUG_TRACE, catgets(slapdcat, 1, 186, "ldap_kerberos_bind1\n"), 0, 0, 0 ); if ( dn == NULL ) dn = ""; if ( (cred = get_kerberosv4_credentials( ld, dn, "ldapserver", &credlen )) == NULL ) { #if defined( SUN ) && defined( _REENTRANT ) UNLOCK_LDAP(ld); #endif return( -1 ); /* ld_errno should already be set */ } /* create a message to send */ if ( (ber = alloc_ber_with_options( ld )) == NULLBER ) { free( cred ); #if defined( SUN ) && defined( _REENTRANT ) UNLOCK_LDAP(ld); #endif return( -1 ); } #ifdef STR_TRANSLATION if (( str_translation_on = (( ber->ber_options & LBER_TRANSLATE_STRINGS ) != 0 ))) { /* turn translation off */ ber->ber_options &= ~LBER_TRANSLATE_STRINGS; } #endif /* STR_TRANSLATION */ /* fill it in */ rc = ber_printf( ber, "{it{isto}}", ++ld->ld_msgid, LDAP_REQ_BIND, ld->ld_version, dn, LDAP_AUTH_KRBV41, cred, credlen ); #ifdef STR_TRANSLATION if ( str_translation_on ) { /* restore translation */ ber->ber_options |= LBER_TRANSLATE_STRINGS; } #endif /* STR_TRANSLATION */ if ( rc == -1 ) { free( cred ); ber_free( ber, 1 ); ld->ld_errno = LDAP_ENCODING_ERROR; #if defined( SUN ) && defined( _REENTRANT ) UNLOCK_LDAP(ld); #endif return( -1 ); } free( cred ); #ifndef NO_CACHE if ( ld->ld_cache != NULL ) { ldap_flush_cache( ld ); } #endif /* !NO_CACHE */ /* send the message */ #if defined( SUN ) && defined( _REENTRANT ) rv = send_initial_request( ld, LDAP_REQ_BIND, dn, ber ); UNLOCK_LDAP(ld); return ( rv ); #else return ( send_initial_request( ld, LDAP_REQ_BIND, dn, ber )); #endif }
/* * ldap_kerberos_bind2 - initiate a bind to the X.500 server using * kerberos authentication. The dn is supplied. It is assumed the user * already has a valid ticket granting ticket. The msgid of the * request is returned on success (suitable for passing to ldap_result()), * -1 is returned if there's trouble. * * Example: * ldap_kerberos_bind2( ld, "cn=manager, o=university of michigan, c=us" ) */ int ldap_kerberos_bind2( LDAP *ld, char *dn ) { BerElement *ber; char *cred; int rc, credlen; char *get_kerberosv4_credentials(); #ifdef STR_TRANSLATION int str_translation_on; #endif /* STR_TRANSLATION */ #if defined( SUN ) && defined( _REENTRANT ) int rv; LOCK_LDAP(ld); #endif Debug( LDAP_DEBUG_TRACE, catgets(slapdcat, 1, 188, "ldap_kerberos_bind2\n"), 0, 0, 0 ); if ( dn == NULL ) dn = ""; if ( (cred = get_kerberosv4_credentials( ld, dn, "x500dsa", &credlen )) == NULL ) { #if defined( SUN ) && defined( _REENTRANT ) UNLOCK_LDAP(ld); #endif return( -1 ); /* ld_errno should already be set */ } /* create a message to send */ if ( (ber = alloc_ber_with_options( ld )) == NULLBER ) { free( cred ); #if defined( SUN ) && defined( _REENTRANT ) UNLOCK_LDAP(ld); #endif return( -1 ); } #ifdef STR_TRANSLATION if (( str_translation_on = (( ber->ber_options & LBER_TRANSLATE_STRINGS ) != 0 ))) { /* turn translation off */ ber->ber_options &= ~LBER_TRANSLATE_STRINGS; } #endif /* STR_TRANSLATION */ /* fill it in */ rc = ber_printf( ber, "{it{isto}}", ++ld->ld_msgid, LDAP_REQ_BIND, ld->ld_version, dn, LDAP_AUTH_KRBV42, cred, credlen ); #ifdef STR_TRANSLATION if ( str_translation_on ) { /* restore translation */ ber->ber_options |= LBER_TRANSLATE_STRINGS; } #endif /* STR_TRANSLATION */ free( cred ); if ( rc == -1 ) { ber_free( ber, 1 ); ld->ld_errno = LDAP_ENCODING_ERROR; #if defined( SUN ) && defined( _REENTRANT ) UNLOCK_LDAP(ld); #endif return( -1 ); } /* send the message */ #if defined( SUN ) && defined( _REENTRANT ) rv = send_initial_request( ld, LDAP_REQ_BIND, dn, ber ); UNLOCK_LDAP(ld); return ( rv ); #endif return ( send_initial_request( ld, LDAP_REQ_BIND, dn, ber )); }