Beispiel #1
0
int ldap_x_sasl_digest_md5_bind(
	LDAP *ld,
	char *user_name,
	struct berval *cred,
	LDAPControl **serverctrls,
	LDAPControl **clientctrls,
	struct timeval *timeout,
	LDAPMessage **result)
{
	LDAPMessage	*res = NULL;
	int		msgid;
	int		rc;

	if (ld == NULL || user_name == NULL || cred == NULL ||
		result == NULL)
		return (LDAP_PARAM_ERROR);

	if (ld->ld_version < LDAP_VERSION3)
		return (LDAP_PARAM_ERROR);

	*result = NULL;

	rc = sasl_digest_md5_bind_1(ld, user_name,
		serverctrls, clientctrls, &msgid);
	if (rc != LDAP_SUCCESS)
		return (rc);

	rc = ldap_result(ld, msgid, 1, timeout, &res);
	if (rc == -1) {
		if (res != NULL)
			ldap_msgfree(res);
		return (ldap_get_lderrno(ld, NULL, NULL));
	}
	rc = ldap_result2error(ld, res, 0);
	if (rc != LDAP_SASL_BIND_IN_PROGRESS) {
		*result = res;
		return (rc);
	}

	rc = sasl_digest_md5_bind_2(ld, user_name, cred,
		serverctrls, clientctrls, res, &msgid);
	ldap_msgfree(res);
	res = NULL;

	if (rc != LDAP_SUCCESS)
		return (rc);

	rc = ldap_result(ld, msgid, 1, timeout, &res);
	if (rc == -1) {
		if (res != NULL)
			ldap_msgfree(res);
		return (ldap_get_lderrno(ld, NULL, NULL));
	}
	*result = res;
	rc = ldap_result2error(ld, res, 0);
	return (rc);
}
int
ldap_passwd_s(
	LDAP *ld,
	struct berval	*user,
	struct berval	*oldpw,
	struct berval	*newpw,
	struct berval *newpasswd,
	LDAPControl **sctrls,
	LDAPControl **cctrls )
{
	int		rc;
	int		msgid;
	LDAPMessage	*res;

	rc = ldap_passwd( ld, user, oldpw, newpw, sctrls, cctrls, &msgid );
	if ( rc != LDAP_SUCCESS ) {
		return rc;
	}

	if ( ldap_result( ld, msgid, LDAP_MSG_ALL, (struct timeval *) NULL, &res ) == -1 || !res ) {
		return ld->ld_errno;
	}

	rc = ldap_parse_passwd( ld, res, newpasswd );
	if( rc != LDAP_SUCCESS ) {
		ldap_msgfree( res );
		return rc;
	}

	return( ldap_result2error( ld, res, 1 ) );
}
Beispiel #3
0
/*
 * ldap_extended_operation_s - perform an arbitrary ldapv3 extended operation.
 * the oid and data of the extended operation are supplied. LDAP_SUCCESS
 * is returned upon success, the ldap error code otherwise.
 *
 * Example:
 *	struct berval	exdata, exretval;
 *	char		*exoid;
 *	int		rc;
 *	... fill in oid and data ...
 *	rc = ldap_extended_operation_s( ld, exoid, &exdata, &exretval );
 */
int
LDAP_CALL
ldap_extended_operation_s(
    LDAP		*ld,
    const char		*requestoid,
    const struct berval	*requestdata,
    LDAPControl		**serverctrls,
    LDAPControl		**clientctrls,
    char		**retoidp,
    struct berval	**retdatap
)
{
	int		err, msgid;
	LDAPMessage	*result;

	if (( err = ldap_extended_operation( ld, requestoid, requestdata,
	    serverctrls, clientctrls, &msgid )) != LDAP_SUCCESS ) {
		return( err );
	}

	if ( ldap_result( ld, msgid, 1, (struct timeval *) 0, &result )
	    == -1 ) {
		return( LDAP_GET_LDERRNO( ld, NULL, NULL ) );
	}

	if (( err = ldap_parse_extended_result( ld, result, retoidp, retdatap,
		0 )) != LDAP_SUCCESS ) {
	    ldap_msgfree( result );
	    return( err );
	}

	return( ldap_result2error( ld, result, 1 ) );
}
Beispiel #4
0
int
ldap_verify_credentials_s(
	LDAP *ld,
	struct berval	*cookie,
	LDAP_CONST char *dn,
	LDAP_CONST char *mechanism,
	struct berval	*cred,
    LDAPControl		**vcictrls,
	LDAPControl		**sctrls,
	LDAPControl		**cctrls,
	int				*rcode,
	char 			**diagmsg,
	struct berval	**scookie,
	struct berval	**scred,
    LDAPControl		***vcoctrls)
{
	int				rc;
	int				msgid;
	LDAPMessage		*res;

	rc = ldap_verify_credentials(ld, cookie, dn, mechanism, cred, vcictrls, sctrls, cctrls, &msgid);
	if (rc != LDAP_SUCCESS) return rc;

	if (ldap_result(ld, msgid, LDAP_MSG_ALL, (struct timeval *) NULL, &res) == -1 || !res) {
		return ld->ld_errno;
	}

	rc = ldap_parse_verify_credentials(ld, res, rcode, diagmsg, scookie, scred, vcoctrls);
	if (rc != LDAP_SUCCESS) {
		ldap_msgfree(res);
		return rc;
	}

	return( ldap_result2error(ld, res, 1));
}
Beispiel #5
0
int
ldap_rename_s(
	LDAP *ld,
	LDAP_CONST char *dn,
	LDAP_CONST char *newrdn,
	LDAP_CONST char *newSuperior,
	int deleteoldrdn,
	LDAPControl **sctrls,
	LDAPControl **cctrls )
{
	int rc;
	int msgid;
	LDAPMessage *res;

	rc = ldap_rename( ld, dn, newrdn, newSuperior,
		deleteoldrdn, sctrls, cctrls, &msgid );

	if( rc != LDAP_SUCCESS ) {
		return rc;
	}

	rc = ldap_result( ld, msgid, LDAP_MSG_ALL, NULL, &res );

	if( rc == -1 || !res ) {
		return ld->ld_errno;
	}

	return ldap_result2error( ld, res, 1 );
}
Beispiel #6
0
/*
 * ldap_sasl_bind_s - bind to the ldap server using sasl authentication
 * The dn, mechanism, and credentials of the entry to which to bind are
 * supplied.  LDAP_SUCCESS is returned upon success, the ldap error code
 * otherwise.
 *
 * Example:
 *	struct berval	creds;
 *	... fill in creds with credentials ...
 *	ldap_sasl_bind_s( ld, "cn=manager, o=university of michigan, c=us",
 *	    "mechanismname", &creds )
 */
int
LDAP_CALL
ldap_sasl_bind_s(
    LDAP		*ld,
    const char		*dn,
    const char		*mechanism,
    const struct berval	*cred,
    LDAPControl		**serverctrls,
    LDAPControl		**clientctrls,
    struct berval	**servercredp
)
{
	int		err, msgid;
	LDAPMessage	*result;

	LDAPDebug( LDAP_DEBUG_TRACE, "ldap_sasl_bind_s\n", 0, 0, 0 );

	if ( ( err = ldap_sasl_bind( ld, dn, mechanism, cred, serverctrls,
	    clientctrls, &msgid )) != LDAP_SUCCESS )
		return( err );

	if ( ldap_result( ld, msgid, 1, (struct timeval *) 0, &result ) == -1 )
		return( LDAP_GET_LDERRNO( ld, NULL, NULL ) );

	if (( err = ldap_parse_sasl_bind_result( ld, result, servercredp, 0 ))
	    != LDAP_SUCCESS ) {
		ldap_msgfree( result );
		return( err );
	}

	return( ldap_result2error( ld, result, 1 ) );
}
Beispiel #7
0
int
ldap_whoami_s(
	LDAP *ld,
	struct berval **authzid,
	LDAPControl **sctrls,
	LDAPControl **cctrls )
{
	int		rc;
	int		msgid;
	LDAPMessage	*res;

	rc = ldap_whoami( ld, sctrls, cctrls, &msgid );
	if ( rc != LDAP_SUCCESS ) return rc;

	if ( ldap_result( ld, msgid, 1, (struct timeval *) NULL, &res ) == -1 ) {
		return ld->ld_errno;
	}

	rc = ldap_parse_whoami( ld, res, authzid );
	if( rc != LDAP_SUCCESS ) {
		ldap_msgfree( res );
		return rc;
	}

	return( ldap_result2error( ld, res, 1 ) );
}
Beispiel #8
0
int
ldap_refresh_s(
	LDAP		*ld,
	struct berval	*dn,
	ber_int_t		ttl,
	ber_int_t		*newttl,
	LDAPControl	**sctrls,
	LDAPControl	**cctrls )
{
	int		rc;
	int		msgid;
	LDAPMessage	*res;

	rc = ldap_refresh( ld, dn, ttl, sctrls, cctrls, &msgid );
	if ( rc != LDAP_SUCCESS ) return rc;

	rc = ldap_result( ld, msgid, LDAP_MSG_ALL, (struct timeval *)NULL, &res );
	if( rc == -1 || !res ) return ld->ld_errno;

	rc = ldap_parse_refresh( ld, res, newttl );
	if( rc != LDAP_SUCCESS ) {
		ldap_msgfree( res );
		return rc;
	}

	return ldap_result2error( ld, res, 1 );
}
Beispiel #9
0
static int 
nsldapi_search_s(
    LDAP		*ld, 
    const char 		*base, 
    int 		scope, 
    const char 		*filter, 
    char 		**attrs,
    int			attrsonly, 
    LDAPControl		**serverctrls,
    LDAPControl		**clientctrls,
    struct timeval	*localtimeoutp,
    int			timelimit,	/* -1 means use ld->ld_timelimit */
    int			sizelimit,	/* -1 means use ld->ld_sizelimit */
    LDAPMessage		**res
)
{
	int	err, msgid;

	/*
	 * It is an error to pass in a zero'd timeval.
	 */
	if ( localtimeoutp != NULL && localtimeoutp->tv_sec == 0 &&
	    localtimeoutp->tv_usec == 0 ) {
		if ( ld != NULL ) {
			LDAP_SET_LDERRNO( ld, LDAP_PARAM_ERROR, NULL, NULL );
		}
		if ( res != NULL ) {
			*res = NULL;
		}
                return( LDAP_PARAM_ERROR );
        }

	if (( err = nsldapi_search( ld, base, scope, filter, attrs, attrsonly,
	    serverctrls, clientctrls, timelimit, sizelimit, &msgid ))
	    != LDAP_SUCCESS ) {
		if ( res != NULL ) {
			*res = NULL;
		}
		return( err );
	}

	if ( ldap_result( ld, msgid, 1, localtimeoutp, res ) == -1 ) {
		/*
		 * Error.  ldap_result() sets *res to NULL for us.
		 */
		return( LDAP_GET_LDERRNO( ld, NULL, NULL ) );
	}

	if ( LDAP_GET_LDERRNO( ld, NULL, NULL ) == LDAP_TIMEOUT ) {
		(void) ldap_abandon( ld, msgid );
		err = LDAP_TIMEOUT;
		LDAP_SET_LDERRNO( ld, err, NULL, NULL );
		if ( res != NULL ) {
			*res = NULL;
		}
		return( err );
	}

	return( ldap_result2error( ld, *res, 0 ) );
}
Beispiel #10
0
static void on_bind_readable(verto_ctx *vctx, verto_ev *ev)
{
    const char *errstr = "error";
    LDAPMessage *results;
    struct otpd_queue_item *item = NULL;
    int i, rslt;
    (void)vctx;

    rslt = ldap_result(verto_get_private(ev), LDAP_RES_ANY, 0, NULL, &results);
    if (rslt != LDAP_RES_BIND) {
        if (rslt <= 0)
            results = NULL;
        ldap_msgfree(results);
        otpd_log_err(EIO, "IO error received on bind socket");
        verto_break(ctx.vctx);
        ctx.exitstatus = 1;
        return;
    }

    item = otpd_queue_pop_msgid(&ctx.bind.responses, ldap_msgid(results));
    if (item == NULL) {
        ldap_msgfree(results);
        return;
    }
    item->msgid = -1;

    rslt = ldap_parse_result(verto_get_private(ev), results, &i,
                             NULL, NULL, NULL, NULL, 0);
    if (rslt != LDAP_SUCCESS) {
        errstr = ldap_err2string(rslt);
        goto error;
    }

    rslt = i;
    if (rslt != LDAP_SUCCESS) {
        errstr = ldap_err2string(rslt);
        goto error;
    }

    item->sent = 0;
    i = krad_packet_new_response(ctx.kctx, SECRET,
                                 krad_code_name2num("Access-Accept"),
                                 NULL, item->req, &item->rsp);
    if (i != 0) {
        errstr = krb5_get_error_message(ctx.kctx, i);
        goto error;
    }

error:
    if (item != NULL)
        otpd_log_req(item->req, "bind end: %s",
                item->rsp != NULL ? "success" : errstr);

    ldap_msgfree(results);
    otpd_queue_push(&ctx.stdio.responses, item);
    verto_set_flags(ctx.stdio.writer, VERTO_EV_FLAG_PERSIST |
                                      VERTO_EV_FLAG_IO_ERROR |
                                      VERTO_EV_FLAG_IO_READ |
                                      VERTO_EV_FLAG_IO_WRITE);
}
Beispiel #11
0
int
ldap_search_st(
	LDAP *ld, LDAP_CONST char *base, int scope,
	LDAP_CONST char *filter, char **attrs,
	int attrsonly, struct timeval *timeout, LDAPMessage **res )
{
	int	msgid;

    *res = NULL;

	if ( (msgid = ldap_search( ld, base, scope, filter, attrs, attrsonly ))
	    == -1 )
		return( ld->ld_errno );

	if ( ldap_result( ld, msgid, LDAP_MSG_ALL, timeout, res ) == -1 || !*res )
		return( ld->ld_errno );

	if ( ld->ld_errno == LDAP_TIMEOUT ) {
		(void) ldap_abandon( ld, msgid );
		ld->ld_errno = LDAP_TIMEOUT;
		return( ld->ld_errno );
	}

	return( ldap_result2error( ld, *res, 0 ) );
}
Beispiel #12
0
/* ARGSUSED */
int _ns_ldap_result(char *service, int flags,
	int msgid, int all,
	struct timeval *timeout, LDAPMessage **result)
{
	LDAP *ld = __s_api_getLDAPconn(flags);

	return (ldap_result(ld, msgid, all, timeout, result));
}
Beispiel #13
0
static int result_message(lua_State *L)
{
  struct timeval *timeout = NULL; /* ??? function parameter ??? */
  LDAPMessage *res;
  int rc;
  lua_apr_ldap_object *object = check_ldap_connection(L, lua_upvalueindex(1));
  int msgid = (int)lua_tonumber(L, lua_upvalueindex(2));
  /*int res_code = (int)lua_tonumber(L, lua_upvalueindex(3));*/

  luaL_argcheck(L, object->ldap, 1, "LDAP connection is closed");
  rc = ldap_result(object->ldap, msgid, LDAP_MSG_ONE, timeout, &res);

  if (rc == 0) {
    return push_error_message(L, "result timeout expired");
  } else if (rc < 0) {
    ldap_msgfree(res);
    return push_error_message(L, "result error");
  } else {
    int err, ret = 1;
    char *mdn, *msg1, *msg2;
    rc = ldap_parse_result(object->ldap, res, &err, &mdn, &msg1, NULL, NULL, 1);
    if (rc != LDAP_SUCCESS)
      return push_error_message(L, ldap_err2string(rc));
    switch (err) {
      case LDAP_SUCCESS:
      case LDAP_COMPARE_TRUE:
        lua_pushboolean(L, 1);
        break;
      case LDAP_COMPARE_FALSE:
        lua_pushboolean(L, 0);
        break;
      default:
        lua_pushnil(L);
        /* Either error message string may be NULL. */
        msg2 = ldap_err2string(err);
        if (msg1 == NULL && msg2 == NULL) {
          ret = 1;
        } else if (msg1 != NULL && msg2 == NULL) {
          lua_pushstring(L, msg1);
          ret = 2;
        } else if (msg1 == NULL && msg2 != NULL) {
          lua_pushstring(L, msg2);
          ret = 2;
        } else {
          lua_pushstring(L, msg1);
          lua_pushliteral(L, " (");
          lua_pushstring(L, msg2);
          lua_pushliteral(L, ")");
          lua_concat(L, 4);
          ret = 2;
        }
    }
    ldap_memfree(mdn);
    ldap_memfree(msg1);
    return ret;
  }
}
Beispiel #14
0
// Fetch all attributes of an entry, and display them in a dialog
void LdapView::showProperties( LDAP *ld, char *dn )
{
	PropDlg dlg;
	if ( ldap_search( ld, dn, LDAP_SCOPE_BASE, "objectclass=*",
				NULL, FALSE ) == -1 )
	{
		AfxMessageBox( "Failed to start asynchronous search" );
		return;
	}

	LDAPMessage *res;
	int rc;
	// Process results as they come in
	while ( (rc = ldap_result( ld, LDAP_RES_ANY, 0, NULL, &res ))
		== LDAP_RES_SEARCH_ENTRY )
	{
		LDAPMessage *e = ldap_first_entry( ld, res );
		BerElement		*ber;
		// Loop over attributes in this entry
		for ( char *a = ldap_first_attribute( ld, e, &ber ); a != NULL;
				a = ldap_next_attribute( ld, e, ber ) )
		{
			struct berval **bvals;
			if ( (bvals = ldap_get_values_len( ld, e, a )) != NULL )
			{
				dlg.AddLine( a );
				// Loop over values for this attribute
				for ( int i = 0; bvals[i] != NULL; i++ )
				{
					CString val;
					val.Format( "    %s", bvals[ i ]->bv_val );
					dlg.AddLine( val );
				}
				ber_bvecfree( bvals );
			}
		}
		if ( ber != NULL )
			ber_free( ber, 0 );
		ldap_msgfree( res );
	}
	if ( rc == -1 )
	{
		AfxMessageBox( "Error on ldap_result" );
		return;
	}
	else if (( rc = ldap_result2error( ld, res, 0 )) != LDAP_SUCCESS )
	{
		char *errString = ldap_err2string( rc );
		AfxMessageBox( errString );
	}
	ldap_msgfree( res );
	// Set the title of the dialog to the distinguished name, and display it
	dlg.SetTitle( dn );
	dlg.DoModal();
}
Beispiel #15
0
/*
** Retrieve next message...
** @return #1 entry's distinguished name.
** @return #2 table with entry's attributes and values.
*/
static int next_message (lua_State *L) {
	search_data *search = getsearch (L);
	conn_data *conn;
	struct timeval *timeout = NULL; /* ??? function parameter ??? */
	LDAPMessage *res;
	int rc;
	int ret;

	lua_rawgeti (L, LUA_REGISTRYINDEX, search->conn);
	conn = (conn_data *)lua_touserdata (L, -1); /* get connection */

	rc = ldap_result (conn->ld, search->msgid, LDAP_MSG_ONE, timeout, &res);
	if (rc == 0)
		return faildirect (L, LUALDAP_PREFIX"result timeout expired");
	else if (rc == -1)
		return faildirect (L, LUALDAP_PREFIX"result error");
	else if (rc == LDAP_RES_SEARCH_RESULT) { /* last message => nil */
		/* close search object to avoid reuse */
		search_close (L, search);
		ret = 0;
	} else {
		LDAPMessage *msg = ldap_first_message (conn->ld, res);
		switch (ldap_msgtype (msg)) {
			case LDAP_RES_SEARCH_ENTRY: {
				LDAPMessage *entry = ldap_first_entry (conn->ld, msg);
				push_dn (L, conn->ld, entry);
				lua_newtable (L);
				set_attribs (L, conn->ld, entry, lua_gettop (L));
				ret = 2; /* two return values */
				break;
			}
/*No reference to LDAP_RES_SEARCH_REFERENCE on MSDN. Maybe there is a replacement to it?*/
#ifdef LDAP_RES_SEARCH_REFERENCE
			case LDAP_RES_SEARCH_REFERENCE: {
				LDAPMessage *ref = ldap_first_reference (conn->ld, msg);
				push_dn (L, conn->ld, ref); /* is this supposed to work? */
				lua_pushnil (L);
				ret = 2; /* two return values */
				break;
			}
#endif
			case LDAP_RES_SEARCH_RESULT:
				/* close search object to avoid reuse */
				search_close (L, search);
				ret = 0;
				break;
			default:
				ldap_msgfree (res);
				return luaL_error (L, LUALDAP_PREFIX"error on search result chain");
		}
	}
	ldap_msgfree (res);
	return ret;
}
Beispiel #16
0
static int search_iterator(lua_State *L)
{
  LDAPMessage *result, *message, *entry;
  lua_apr_ldap_object *object;
  struct timeval *timeout;
  int status, msgid;

  object = lua_touserdata(L, lua_upvalueindex(1));
  msgid = lua_tointeger(L, lua_upvalueindex(2));
  timeout = lua_touserdata(L, lua_upvalueindex(3));
  status = ldap_result(object->ldap, msgid, LDAP_MSG_ONE, timeout, &result);

  if (status == 0)
    raise_error_status(L, APR_TIMEUP);
  else if (status == -1)
    /* TODO Can we get a more specific error (message) here? ld_errno? */
    raise_error_message(L, "Unspecified error");
  else if (status == LDAP_RES_SEARCH_RESULT) {
    /* end of search results */
    return 0;
  } else {
    message = ldap_first_message(object->ldap, result);
    switch (ldap_msgtype(message)) {
      case LDAP_RES_SEARCH_ENTRY:
        entry = ldap_first_entry(object->ldap, message);
        push_distinguished_name(L, object->ldap, entry);
        lua_newtable(L);
        set_attributes(L, object->ldap, entry, lua_gettop(L));
        ldap_msgfree(result);
        return 2;
      /* No reference to LDAP_RES_SEARCH_REFERENCE on MSDN. Maybe is has a replacement? */
#     ifdef LDAP_RES_SEARCH_REFERENCE
      case LDAP_RES_SEARCH_REFERENCE: {
        LDAPMessage *reference = ldap_first_reference(object->ldap, message);
        push_distinguished_name(L, object->ldap, reference); /* is this supposed to work? */
        ldap_msgfree(result);
        return 1;
      }
#     endif
      case LDAP_RES_SEARCH_RESULT:
        /* end of search results */
        ldap_msgfree(result);
        return 0;
      default:
        ldap_msgfree(result);
        raise_error_message(L, "unhandled message type in search results");
    }
  }

  /* shouldn't be reached. */
  ldap_msgfree(result);
  return 0;
}
Beispiel #17
0
static int ipa_ldap_extended_op(LDAP *ld, const char *reqoid,
                                struct berval *control,
                                LDAPControl ***srvctrl)
{
    struct berval *retdata = NULL;
    LDAPMessage *res = NULL;
    char *retoid = NULL;
    struct timeval tv;
    char *err = NULL;
    int msgid;
    int ret, rc;

    ret = ldap_extended_operation(ld, reqoid, control,
                                  NULL, NULL, &msgid);
    if (ret != LDAP_SUCCESS) {
        fprintf(stderr, _("Operation failed: %s\n"), ldap_err2string(ret));
        return ret;
    }

    /* wait max 100 secs for the answer */
    tv.tv_sec = 100;
    tv.tv_usec = 0;
    ret = ldap_result(ld, msgid, 1, &tv, &res);
    if (ret == -1) {
        fprintf(stderr, _("Failed to get result: %s\n"), ldap_err2string(ret));
        goto done;
    }
    else if (res == NULL) {
        fprintf(stderr, _("Timeout exceeded."));
        goto done;
    }

    ret = ldap_parse_extended_result(ld, res, &retoid, &retdata, 0);
    if (ret != LDAP_SUCCESS) {
        fprintf(stderr, _("Failed to parse extended result: %s\n"),
                        ldap_err2string(ret));
        goto done;
    }

    ret = ldap_parse_result(ld, res, &rc, NULL, &err, NULL, srvctrl, 0);
    if (ret != LDAP_SUCCESS || rc != LDAP_SUCCESS) {
        fprintf(stderr, _("Failed to parse result: %s\n"),
                        err ? err : ldap_err2string(ret));
        if (ret == LDAP_SUCCESS) ret = rc;
        goto done;
    }

done:
    if (err) ldap_memfree(err);
    if (res) ldap_msgfree(res);
    return ret;
}
Beispiel #18
0
int
ldap_add_s( LDAP *ld, char *dn, LDAPMod **attrs )
{
	int		msgid;
	LDAPMessage	*res;

	if ( (msgid = ldap_add( ld, dn, attrs )) == -1 )
		return( ld->ld_errno );

	if ( ldap_result( ld, msgid, 1, (struct timeval *) NULL, &res ) == -1 )
		return( ld->ld_errno );

	return( ldap_result2error( ld, res, 1 ) );
}
Beispiel #19
0
int
ldap_modrdn_s( LDAP *ld, char *dn, char *newrdn, int deleteoldrdn )
{
	int		msgid;
	LDAPMessage	*res;

	if ( (msgid = ldap_modrdn( ld, dn, newrdn, deleteoldrdn )) == -1 )
		return( ld->ld_errno );

	if ( ldap_result( ld, msgid, 1, (struct timeval *) NULL, &res ) == -1 )
		return( ld->ld_errno );

	return( ldap_result2error( ld, res, 1 ) );
}
Beispiel #20
0
/***********************************************************************
 *      ldap_result     (WLDAP32.@)
 *
 * Get the result of an asynchronous operation.
 *
 * PARAMS
 *  ld      [I] Pointer to an LDAP context.
 *  msgid   [I] Message ID of the operation.
 *  all     [I] How many results should be returned?
 *  timeout [I] How long to wait for the results?
 *  res     [O] Result message for the operation.
 *
 * RETURNS
 *  Success: One of the following values:
 *
 *   LDAP_RES_ADD
 *   LDAP_RES_BIND
 *   LDAP_RES_COMPARE
 *   LDAP_RES_DELETE
 *   LDAP_RES_EXTENDED
 *   LDAP_RES_MODIFY
 *   LDAP_RES_MODRDN
 *   LDAP_RES_REFERRAL
 *   LDAP_RES_SEARCH_ENTRY
 *   LDAP_RES_SEARCH_RESULT
 *
 *  Failure: ~0u
 *
 *  This function returns 0 when the timeout has expired.
 *
 * NOTES
 *  A NULL timeout pointer causes the function to block waiting
 *  for results to arrive. A timeout value of 0 causes the function
 *  to immediately return any available results. Free returned results
 *  with ldap_msgfree.
 */
ULONG CDECL WLDAP32_ldap_result( WLDAP32_LDAP *ld, ULONG msgid, ULONG all,
                                 struct l_timeval *timeout, WLDAP32_LDAPMessage **res )
{
    ULONG ret = WLDAP32_LDAP_NOT_SUPPORTED;
#ifdef HAVE_LDAP

    TRACE( "(%p, 0x%08x, 0x%08x, %p, %p)\n", ld, msgid, all, timeout, res );

    if (!ld || !res || msgid == ~0u) return ~0u;
    ret = ldap_result( ld, msgid, all, (struct timeval *)timeout, res );

#endif
    return ret;
}
Beispiel #21
0
int
ldap_compare_s( LDAP *ld, char *dn, char *attr, char *value )
{
	int		msgid;
	LDAPMessage	*res;

	if ( (msgid = ldap_compare( ld, dn, attr, value )) == -1 )
		return( ld->ld_errno );

	if ( ldap_result( ld, msgid, 1, (struct timeval *) NULL, &res ) == -1 )
		return( ld->ld_errno );

	return( ldap_result2error( ld, res, 1 ) );
}
Beispiel #22
0
int l_search_ping(struct ldapsearch *s)
{
	char *attrs[2];
	struct timeval tv;
	LDAPMessage *result;
	int rc;
	int msgid;

	if (s->handle == NULL)
	{
		errno=ETIMEDOUT;  /* Timeout previously */
		return -1;
	}

	attrs[0]="objectClass";
	attrs[1]=NULL;

	tv.tv_sec=60*60;
	tv.tv_usec=0;

	if (ldap_search_ext(s->handle, s->base, LDAP_SCOPE_BASE,
			    "objectClass=*", attrs, 0, NULL, NULL, &tv,
			    1000000, &msgid) < 0)
		return -1;

	do
	{
		const char *timeout=getenv("LDAP_SEARCH_TIMEOUT");

		tv.tv_sec=atoi(timeout ? timeout:"30");
		tv.tv_usec=0;

		rc=ldap_result(s->handle, msgid, 0, &tv, &result);

		if (rc <= 0)
		{
			if (rc == 0)
				errno=ETIMEDOUT;

			ldap_unbind_ext(s->handle, NULL, NULL);
			s->handle=NULL;

			return -1;
		}

		ldap_msgfree(result);
	} while (rc != LDAP_RES_SEARCH_RESULT);
	return 0;
}
Beispiel #23
0
/*
 * Returns an LDAP error code.
 */
static int
cmp2( LDAP *ld1, LDAP *ld2, LDAPMessage *e1, int findonly)
{
    LDAPMessage		*e2, *res;
    char		*dn, *attrcmp;
    int			found=0, rc;
    ATTR		*a1, *a2;

    dn = ldap_get_dn( ld1, e1 );

    if ( ldaptool_verbose ) {
	if ( findonly ) {
	    printf( "Checking that %s exists on both servers\n", dn );
	} else {
	    printf("Comparing entry %s on both servers\n", dn );
	}
    }

    if ( ldap_search( ld2, dn, LDAP_SCOPE_BASE, "objectClass=*", NULL, 0 ) == -1 ) {
        return( ldaptool_print_lderror( ld2, "ldap_search",
		LDAPTOOL_CHECK4SSL_IF_APPROP ));
    }
/* XXXmcs: this code should be modified to display referrals and references */
    while ( (rc = ldap_result( ld2, LDAP_RES_ANY, 0, NULL, &res )) == 
        LDAP_RES_SEARCH_ENTRY ) {
        e2 = ldap_first_entry( ld1, res );
	found = 1;
	if ( !findonly ) {
	    a1 = get_attrs( ld1, e1 );
	    a2 = get_attrs( ld2, e2 );
	    attrcmp = cmp_attrs( a1, a2 );
	    if ( strcmp( attrcmp, "") != 0 ) {
	        printf("\n%s%s\n", dn, attrcmp);
	    }
	}
        ldap_msgfree( res );
    }
    if ( !found ) {
	notfound( dn, findonly );
	differ = 1;
    }
    if ( rc == -1 ) {
        return( ldaptool_print_lderror( ld2, "ldap_result",
		LDAPTOOL_CHECK4SSL_IF_APPROP ));
    }
    ldap_msgfree( res );
    ldap_memfree( dn );
    return(rc);
}
Beispiel #24
0
int
ldap_search_s( LDAP *ld, char *base, int scope, char *filter, char **attrs,
	int attrsonly, LDAPMessage **res )
{
	int	msgid;

	if ( (msgid = ldap_search( ld, base, scope, filter, attrs, attrsonly ))
	    == -1 )
		return( ld->ld_errno );

	if ( ldap_result( ld, msgid, 1, (struct timeval *) NULL, res ) == -1 )
		return( ld->ld_errno );

	return( ldap_result2error( ld, *res, 0 ) );
}
Beispiel #25
0
int
ldap_extended_operation_s(
	LDAP			*ld,
	LDAP_CONST char	*reqoid,
	struct berval	*reqdata,
	LDAPControl		**sctrls,
	LDAPControl		**cctrls,
	char			**retoidp,
	struct berval	**retdatap )
{
    int     rc;
    int     msgid;
    LDAPMessage *res;

#ifdef NEW_LOGGING
	LDAP_LOG ( OPERATION, ENTRY, "ldap_extended_operation_s\n", 0,0,0 );
#else
	Debug( LDAP_DEBUG_TRACE, "ldap_extended_operation_s\n", 0, 0, 0 );
#endif

	assert( ld != NULL );
	assert( LDAP_VALID( ld ) );
	assert( reqoid != NULL || *reqoid == '\0' );
	assert( retoidp != NULL || retdatap != NULL );

    rc = ldap_extended_operation( ld, reqoid, reqdata,
		sctrls, cctrls, &msgid );
        
    if ( rc != LDAP_SUCCESS ) {
        return( rc );
	}
 
    if ( ldap_result( ld, msgid, 1, (struct timeval *) NULL, &res ) == -1 ) {
        return( ld->ld_errno );
	}

	if ( retoidp != NULL ) *retoidp = NULL;
	if ( retdatap != NULL ) *retdatap = NULL;

	rc = ldap_parse_extended_result( ld, res, retoidp, retdatap, 0 );

	if( rc != LDAP_SUCCESS ) {
		ldap_msgfree( res );
		return rc;
	}

    return( ldap_result2error( ld, res, 1 ) );
}
Beispiel #26
0
static int
nsldapi_sasl_bind_s(
    LDAP                *ld,
    const char          *dn,
    const char          *mechanism,
    const struct berval *cred,
    LDAPControl         **serverctrls,
    LDAPControl         **clientctrls,
    struct berval       **servercredp,
    LDAPControl         ***responsectrls
)
{
        int             err, msgid;
        LDAPMessage     *result;

        LDAPDebug( LDAP_DEBUG_TRACE, "nsldapi_sasl_bind_s\n", 0, 0, 0 );

        if ( !NSLDAPI_VALID_LDAP_POINTER( ld )) {
                return( LDAP_PARAM_ERROR );
        }

        if ( NSLDAPI_LDAP_VERSION( ld ) < LDAP_VERSION3 ) {
                LDAP_SET_LDERRNO( ld, LDAP_NOT_SUPPORTED, NULL, NULL );
                return( LDAP_NOT_SUPPORTED );
        }

        if ( ( err = ldap_sasl_bind( ld, dn, mechanism, cred, serverctrls,
            clientctrls, &msgid )) != LDAP_SUCCESS )
                return( err );

        if ( ldap_result( ld, msgid, 1, (struct timeval *) 0, &result ) == -1 )
                return( LDAP_GET_LDERRNO( ld, NULL, NULL ) );

        /* Get the controls sent by the server if requested */
        if ( responsectrls ) {
                if ( ( err = ldap_parse_result( ld, result, &err, NULL, NULL,
                       NULL, responsectrls, 0 )) != LDAP_SUCCESS )
                    return( err );
        }

        err = ldap_parse_sasl_bind_result( ld, result, servercredp, 0 );
        if (err != LDAP_SUCCESS  && err != LDAP_SASL_BIND_IN_PROGRESS) {
                ldap_msgfree( result );
                return( err );
        }

        return( ldap_result2error( ld, result, 1 ) );
}
Beispiel #27
0
int
LDAP_CALL
ldap_url_search_s( LDAP *ld, const char *url, int attrsonly, LDAPMessage **res )
{
	int	msgid;

	if (( msgid = ldap_url_search( ld, url, attrsonly )) == -1 ) {
		return( LDAP_GET_LDERRNO( ld, NULL, NULL ) );
	}

	if ( ldap_result( ld, msgid, 1, (struct timeval *)NULL, res ) == -1 ) {
		return( LDAP_GET_LDERRNO( ld, NULL, NULL ) );
	}

	return( ldap_result2error( ld, *res, 0 ));
}
Beispiel #28
0
int
ldap_pvt_search_s(
	LDAP *ld,
	LDAP_CONST char *base,
	int scope,
	LDAP_CONST char *filter,
	char **attrs,
	int attrsonly,
	LDAPControl **sctrls,
	LDAPControl **cctrls,
	struct timeval *timeout,
	int sizelimit,
	int deref,
	LDAPMessage **res )
{
	int rc;
	int	msgid;

    *res = NULL;

	rc = ldap_pvt_search( ld, base, scope, filter, attrs, attrsonly,
		sctrls, cctrls, timeout, sizelimit, deref, &msgid );

	if ( rc != LDAP_SUCCESS ) {
		return( rc );
	}

	rc = ldap_result( ld, msgid, LDAP_MSG_ALL, timeout, res );

	if( rc <= 0 ) {
		/* error(-1) or timeout(0) */
		if ( ld->ld_errno == LDAP_TIMEOUT ) {
			/* cleanup request */
			(void) ldap_abandon( ld, msgid );
			ld->ld_errno = LDAP_TIMEOUT;
		}
		return( ld->ld_errno );
	}

	if( rc == LDAP_RES_SEARCH_REFERENCE || rc == LDAP_RES_INTERMEDIATE ) {
		return( ld->ld_errno );
	}

	return( ldap_result2error( ld, *res, 0 ) );
}
Beispiel #29
0
int
ldap_modify_ext_s( LDAP *ld, LDAP_CONST char *dn,
	LDAPMod **mods, LDAPControl **sctrl, LDAPControl **cctrl )
{
	int		rc;
	int		msgid;
	LDAPMessage	*res;

	rc = ldap_modify_ext( ld, dn, mods, sctrl, cctrl, &msgid );

	if ( rc != LDAP_SUCCESS )
		return( rc );

	if ( ldap_result( ld, msgid, LDAP_MSG_ALL, (struct timeval *) NULL, &res ) == -1 || !res )
		return( ld->ld_errno );

	return( ldap_result2error( ld, res, 1 ) );
}
Beispiel #30
0
int LdapInit()
{
    int ret,msgid;
    LDAP *handle = NULL;
    LDAPMessage *result = NULL, *msg;
    LDAPControl     **sctrlsp = NULL;
    struct berval *cred, *rcred;
    int protocol = LDAP_VERSION3;
    struct timeval tv = {3,0};

    ret = ldap_initialize(&handle, my_uri);
    if (ret != LDAP_SUCCESS) {
	cout <<"ldap not initialized\n";
	goto err;
    }

    ret = ldap_set_option(handle, LDAP_OPT_PROTOCOL_VERSION, &protocol);
    if (ret != LDAP_SUCCESS) {
	debugs(1, "ldap set option - %s\n", ldap_err2string(ret));
	goto err;
    }

    cred = (struct berval *)calloc(1, sizeof(*cred));
    rcred = NULL;
    cred->bv_val = (char*)my_pwd;
    cred->bv_len = strlen(my_pwd);

    ret = ldap_sasl_bind(handle,NULL,LDAP_SASL_SIMPLE,cred,sctrlsp,NULL, &msgid);
    if (ret != LDAP_SUCCESS) {
	debugs(1, "ldap bind failed - %s\n", ldap_err2string(ret));
	goto err;
    }

    ret = ldap_result(handle, msgid, 1, NULL, &result);
    if (ret < 0) {
	debugs(1, "ldap bind failed - %s\n", ldap_err2string(ret));
	goto err;
    }
    debugs(3, "ldap bind result %d protocol %d\n", ret, protocol);

    ret = 0;
err:
    return ret;
}