1998-08-09 08:43:13 +08:00
|
|
|
/* bind.c - shell backend bind function */
|
1999-09-09 03:06:24 +08:00
|
|
|
/* $OpenLDAP$ */
|
2003-11-27 14:35:49 +08:00
|
|
|
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
|
|
|
|
|
*
|
2009-01-22 08:40:04 +08:00
|
|
|
* Copyright 1998-2009 The OpenLDAP Foundation.
|
2003-11-27 14:35:49 +08:00
|
|
|
* All rights reserved.
|
|
|
|
|
*
|
|
|
|
|
* Redistribution and use in source and binary forms, with or without
|
|
|
|
|
* modification, are permitted only as authorized by the OpenLDAP
|
|
|
|
|
* Public License.
|
|
|
|
|
*
|
|
|
|
|
* A copy of this license is available in the file LICENSE in the
|
|
|
|
|
* top-level directory of the distribution or, alternatively, at
|
|
|
|
|
* <http://www.OpenLDAP.org/license.html>.
|
|
|
|
|
*/
|
|
|
|
|
/* Portions Copyright (c) 1995 Regents of the University of Michigan.
|
|
|
|
|
* All rights reserved.
|
|
|
|
|
*
|
|
|
|
|
* Redistribution and use in source and binary forms are permitted
|
|
|
|
|
* provided that this notice is preserved and that due credit is given
|
|
|
|
|
* to the University of Michigan at Ann Arbor. The name of the University
|
|
|
|
|
* may not be used to endorse or promote products derived from this
|
|
|
|
|
* software without specific prior written permission. This software
|
|
|
|
|
* is provided ``as is'' without express or implied warranty.
|
|
|
|
|
*/
|
|
|
|
|
/* ACKNOWLEDGEMENTS:
|
|
|
|
|
* This work was originally developed by the University of Michigan
|
|
|
|
|
* (as part of U-MICH LDAP).
|
2000-05-16 00:35:48 +08:00
|
|
|
*/
|
1998-08-09 08:43:13 +08:00
|
|
|
|
1998-10-25 09:41:42 +08:00
|
|
|
#include "portable.h"
|
|
|
|
|
|
1998-08-09 08:43:13 +08:00
|
|
|
#include <stdio.h>
|
1998-10-25 09:41:42 +08:00
|
|
|
|
|
|
|
|
#include <ac/socket.h>
|
|
|
|
|
#include <ac/string.h>
|
|
|
|
|
|
1998-08-09 08:43:13 +08:00
|
|
|
#include "slap.h"
|
|
|
|
|
#include "shell.h"
|
|
|
|
|
|
|
|
|
|
int
|
|
|
|
|
shell_back_bind(
|
|
|
|
|
Operation *op,
|
2003-03-30 17:03:54 +08:00
|
|
|
SlapReply *rs )
|
1998-08-09 08:43:13 +08:00
|
|
|
{
|
2003-03-30 17:03:54 +08:00
|
|
|
struct shellinfo *si = (struct shellinfo *) op->o_bd->be_private;
|
2002-10-08 05:56:43 +08:00
|
|
|
AttributeDescription *entry = slap_schema.si_ad_entry;
|
|
|
|
|
Entry e;
|
1998-08-09 08:43:13 +08:00
|
|
|
FILE *rfp, *wfp;
|
|
|
|
|
int rc;
|
|
|
|
|
|
2007-08-16 17:38:15 +08:00
|
|
|
/* allow rootdn as a means to auth without the need to actually
|
|
|
|
|
* contact the proxied DSA */
|
|
|
|
|
switch ( be_rootdn_bind( op, rs ) ) {
|
|
|
|
|
case SLAP_CB_CONTINUE:
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
default:
|
|
|
|
|
return rs->sr_err;
|
|
|
|
|
}
|
|
|
|
|
|
2002-10-11 04:28:36 +08:00
|
|
|
if ( si->si_bind == NULL ) {
|
2003-03-30 17:03:54 +08:00
|
|
|
send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
|
|
|
|
|
"bind not implemented" );
|
Protoized, moved extern definitions to .h files, fixed related bugs.
Most function and variable definitions are now preceded by its extern
definition, for error checking. Retyped a number of functions, usually
to return void. Fixed a number of printf format errors.
API changes (in ldap/include):
Added avl_dup_ok, avl_prefixapply, removed ber_fatten (probably typo
for ber_flatten), retyped ldap_sort_strcasecmp, grew lutil.h.
A number of `extern' declarations are left (some added by protoize), to
be cleaned away later. Mostly strdup(), strcasecmp(), mktemp(), optind,
optarg, errno.
1998-11-16 06:40:11 +08:00
|
|
|
return( -1 );
|
1998-08-09 08:43:13 +08:00
|
|
|
}
|
|
|
|
|
|
2002-10-08 05:56:43 +08:00
|
|
|
e.e_id = NOID;
|
2003-03-30 17:03:54 +08:00
|
|
|
e.e_name = op->o_req_dn;
|
|
|
|
|
e.e_nname = op->o_req_ndn;
|
2002-10-08 05:56:43 +08:00
|
|
|
e.e_attrs = NULL;
|
|
|
|
|
e.e_ocflags = 0;
|
|
|
|
|
e.e_bv.bv_len = 0;
|
|
|
|
|
e.e_bv.bv_val = NULL;
|
|
|
|
|
e.e_private = NULL;
|
|
|
|
|
|
2003-03-30 17:03:54 +08:00
|
|
|
if ( ! access_allowed( op, &e,
|
2002-10-08 05:56:43 +08:00
|
|
|
entry, NULL, ACL_AUTH, NULL ) )
|
|
|
|
|
{
|
2003-03-30 17:03:54 +08:00
|
|
|
send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, NULL );
|
2002-10-08 05:56:43 +08:00
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
2003-06-04 01:31:25 +08:00
|
|
|
if ( forkandexec( si->si_bind, &rfp, &wfp ) == (pid_t)-1 ) {
|
2003-03-30 17:03:54 +08:00
|
|
|
send_ldap_error( op, rs, LDAP_OTHER,
|
|
|
|
|
"could not fork/exec" );
|
Protoized, moved extern definitions to .h files, fixed related bugs.
Most function and variable definitions are now preceded by its extern
definition, for error checking. Retyped a number of functions, usually
to return void. Fixed a number of printf format errors.
API changes (in ldap/include):
Added avl_dup_ok, avl_prefixapply, removed ber_fatten (probably typo
for ber_flatten), retyped ldap_sort_strcasecmp, grew lutil.h.
A number of `extern' declarations are left (some added by protoize), to
be cleaned away later. Mostly strdup(), strcasecmp(), mktemp(), optind,
optarg, errno.
1998-11-16 06:40:11 +08:00
|
|
|
return( -1 );
|
1998-08-09 08:43:13 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* write out the request to the bind process */
|
|
|
|
|
fprintf( wfp, "BIND\n" );
|
1999-09-02 16:05:17 +08:00
|
|
|
fprintf( wfp, "msgid: %ld\n", (long) op->o_msgid );
|
2003-03-30 17:03:54 +08:00
|
|
|
print_suffixes( wfp, op->o_bd );
|
|
|
|
|
fprintf( wfp, "dn: %s\n", op->o_req_dn.bv_val );
|
|
|
|
|
fprintf( wfp, "method: %d\n", op->oq_bind.rb_method );
|
|
|
|
|
fprintf( wfp, "credlen: %lu\n", op->oq_bind.rb_cred.bv_len );
|
|
|
|
|
fprintf( wfp, "cred: %s\n", op->oq_bind.rb_cred.bv_val ); /* XXX */
|
1998-08-09 08:43:13 +08:00
|
|
|
fclose( wfp );
|
|
|
|
|
|
|
|
|
|
/* read in the results and send them along */
|
2003-03-30 17:03:54 +08:00
|
|
|
rc = read_and_send_results( op, rs, rfp );
|
1998-08-09 08:43:13 +08:00
|
|
|
fclose( rfp );
|
|
|
|
|
|
|
|
|
|
return( rc );
|
|
|
|
|
}
|
