openldap/servers/slapd/back-dnssrv/bind.c

/* bind.c - DNS SRV backend bind function */
/* $OpenLDAP$ */
/*
 * Copyright 2000-2003 The OpenLDAP Foundation, All Rights Reserved.
 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
 */


#include "portable.h"

#include <stdio.h>

#include <ac/socket.h>
#include <ac/string.h>

#include "slap.h"
#include "external.h"

int
dnssrv_back_bind(
    Operation		*op,
    SlapReply		*rs )
{
	Debug( LDAP_DEBUG_TRACE, "DNSSRV: bind %s (%d)\n",
		op->o_req_dn.bv_val == NULL ? "" : op->o_req_dn.bv_val, 
		op->oq_bind.rb_method, NULL );
		
	if( op->oq_bind.rb_method == LDAP_AUTH_SIMPLE && op->oq_bind.rb_cred.bv_val != NULL && op->oq_bind.rb_cred.bv_len ) {
		Statslog( LDAP_DEBUG_STATS,
		   	"conn=%lu op=%lu DNSSRV BIND dn=\"%s\" provided passwd\n",
	   		 op->o_connid, op->o_opid,
			op->o_req_dn.bv_val == NULL ? "" : op->o_req_dn.bv_val , 0, 0 );

		Debug( LDAP_DEBUG_TRACE,
			"DNSSRV: BIND dn=\"%s\" provided cleartext password\n",
			op->o_req_dn.bv_val == NULL ? "" : op->o_req_dn.bv_val, 0, 0 );

		send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
			"you shouldn\'t send strangers your password" );

	} else {
		Debug( LDAP_DEBUG_TRACE, "DNSSRV: BIND dn=\"%s\"\n",
			op->o_req_dn.bv_val == NULL ? "" : op->o_req_dn.bv_val, 0, 0 );

		send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
			"anonymous bind expected" );
	}

	return 1;
}
Add bind handler which returns unwillingToPerform with nasty message if password was provided. 2000-05-11 07:54:57 +08:00			`/* bind.c - DNS SRV backend bind function */`
			`/* $OpenLDAP$ */`
			`/*`
Happy new year 2003-01-04 04:20:47 +08:00			`* Copyright 2000-2003 The OpenLDAP Foundation, All Rights Reserved.`
Add bind handler which returns unwillingToPerform with nasty message if password was provided. 2000-05-11 07:54:57 +08:00			`* COPYING RESTRICTIONS APPLY, see COPYRIGHT file`
			`*/`


			`#include "portable.h"`

			`#include <stdio.h>`

			`#include <ac/socket.h>`
			`#include <ac/string.h>`

			`#include "slap.h"`
Rework referral entry point with DNS SRV implementation (needs testing). 2000-06-16 11:50:02 +08:00			`#include "external.h"`
Add bind handler which returns unwillingToPerform with nasty message if password was provided. 2000-05-11 07:54:57 +08:00
			`int`
			`dnssrv_back_bind(`
			`Operation *op,`
Major API change - (SLAP_OP_BLOCKS) All request parameters are consolidated into the Operation structure. All reply parameters are consolidated into the new SlapReply structure. Most operations now have identical call signatures... Changes are not #ifdef'd, revert to -r NO_SLAP_OP_BLOCKS if necessary to back out. 2003-03-30 17:03:54 +08:00			`SlapReply *rs )`
Add bind handler which returns unwillingToPerform with nasty message if password was provided. 2000-05-11 07:54:57 +08:00			`{`
Const'ification SASL mech removed from backend bind callback (as SASL is managed by frontend) Changes to some backends are untested (as I don't have all dependent software install) 2000-05-22 11:46:57 +08:00			`Debug( LDAP_DEBUG_TRACE, "DNSSRV: bind %s (%d)\n",`
Major API change - (SLAP_OP_BLOCKS) All request parameters are consolidated into the Operation structure. All reply parameters are consolidated into the new SlapReply structure. Most operations now have identical call signatures... Changes are not #ifdef'd, revert to -r NO_SLAP_OP_BLOCKS if necessary to back out. 2003-03-30 17:03:54 +08:00			`op->o_req_dn.bv_val == NULL ? "" : op->o_req_dn.bv_val,`
			`op->oq_bind.rb_method, NULL );`
Add bind handler which returns unwillingToPerform with nasty message if password was provided. 2000-05-11 07:54:57 +08:00
Major API change - (SLAP_OP_BLOCKS) All request parameters are consolidated into the Operation structure. All reply parameters are consolidated into the new SlapReply structure. Most operations now have identical call signatures... Changes are not #ifdef'd, revert to -r NO_SLAP_OP_BLOCKS if necessary to back out. 2003-03-30 17:03:54 +08:00			`if( op->oq_bind.rb_method == LDAP_AUTH_SIMPLE && op->oq_bind.rb_cred.bv_val != NULL && op->oq_bind.rb_cred.bv_len ) {`
Add bind handler which returns unwillingToPerform with nasty message if password was provided. 2000-05-11 07:54:57 +08:00			`Statslog( LDAP_DEBUG_STATS,`
Mostly based on patches provided by Hallvard B. Furuseth ITS#1677 - cast away const warnings ITS#1678 - unsigned char args to ctype funcs ITS#1682 - don't redefine ldap_debug ITS#1683 - uninitialized vars ITS#1703 - ldo_debug initialization ITS#1705 - unsigned testing ITS#1706 - socklen_t args ITS#1719 - back-tcl update (other cleanups/fixes/improvements; yet untested) ITS#1724 - integerNormalize/integerFilter/integerIndexer bugs ITS#1725 - libdes not required Implement back-null (/dev/null style backend) Cleanup some misc warnings ("%lu" format, unused/uninitialized vars, ambiguous operator precedence) Kurt, please regenerate configure 2002-04-08 17:43:22 +08:00			`"conn=%lu op=%lu DNSSRV BIND dn=\"%s\" provided passwd\n",`
Add bind handler which returns unwillingToPerform with nasty message if password was provided. 2000-05-11 07:54:57 +08:00			`op->o_connid, op->o_opid,`
Major API change - (SLAP_OP_BLOCKS) All request parameters are consolidated into the Operation structure. All reply parameters are consolidated into the new SlapReply structure. Most operations now have identical call signatures... Changes are not #ifdef'd, revert to -r NO_SLAP_OP_BLOCKS if necessary to back out. 2003-03-30 17:03:54 +08:00			`op->o_req_dn.bv_val == NULL ? "" : op->o_req_dn.bv_val , 0, 0 );`
Add bind handler which returns unwillingToPerform with nasty message if password was provided. 2000-05-11 07:54:57 +08:00
			`Debug( LDAP_DEBUG_TRACE,`
			`"DNSSRV: BIND dn=\"%s\" provided cleartext password\n",`
Major API change - (SLAP_OP_BLOCKS) All request parameters are consolidated into the Operation structure. All reply parameters are consolidated into the new SlapReply structure. Most operations now have identical call signatures... Changes are not #ifdef'd, revert to -r NO_SLAP_OP_BLOCKS if necessary to back out. 2003-03-30 17:03:54 +08:00			`op->o_req_dn.bv_val == NULL ? "" : op->o_req_dn.bv_val, 0, 0 );`
Add bind handler which returns unwillingToPerform with nasty message if password was provided. 2000-05-11 07:54:57 +08:00
Major API change - (SLAP_OP_BLOCKS) All request parameters are consolidated into the Operation structure. All reply parameters are consolidated into the new SlapReply structure. Most operations now have identical call signatures... Changes are not #ifdef'd, revert to -r NO_SLAP_OP_BLOCKS if necessary to back out. 2003-03-30 17:03:54 +08:00			`send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,`
			`"you shouldn\'t send strangers your password" );`
Add bind handler which returns unwillingToPerform with nasty message if password was provided. 2000-05-11 07:54:57 +08:00
			`} else {`
			`Debug( LDAP_DEBUG_TRACE, "DNSSRV: BIND dn=\"%s\"\n",`
Major API change - (SLAP_OP_BLOCKS) All request parameters are consolidated into the Operation structure. All reply parameters are consolidated into the new SlapReply structure. Most operations now have identical call signatures... Changes are not #ifdef'd, revert to -r NO_SLAP_OP_BLOCKS if necessary to back out. 2003-03-30 17:03:54 +08:00			`op->o_req_dn.bv_val == NULL ? "" : op->o_req_dn.bv_val, 0, 0 );`
Add bind handler which returns unwillingToPerform with nasty message if password was provided. 2000-05-11 07:54:57 +08:00
Major API change - (SLAP_OP_BLOCKS) All request parameters are consolidated into the Operation structure. All reply parameters are consolidated into the new SlapReply structure. Most operations now have identical call signatures... Changes are not #ifdef'd, revert to -r NO_SLAP_OP_BLOCKS if necessary to back out. 2003-03-30 17:03:54 +08:00			`send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,`
			`"anonymous bind expected" );`
Add bind handler which returns unwillingToPerform with nasty message if password was provided. 2000-05-11 07:54:57 +08:00			`}`

			`return 1;`
			`}`