openldap/servers/slapd/back-shell/bind.c

/* bind.c - shell backend bind function */
/* $OpenLDAP$ */
/*
 * Copyright 1998-2003 The OpenLDAP Foundation, All Rights Reserved.
 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
 */

#include "portable.h"

#include <stdio.h>

#include <ac/socket.h>
#include <ac/string.h>

#include "slap.h"
#include "shell.h"

int
shell_back_bind(
    Operation		*op,
    SlapReply		*rs )
{
	struct shellinfo	*si = (struct shellinfo *) op->o_bd->be_private;
	AttributeDescription *entry = slap_schema.si_ad_entry;
	Entry e;
	FILE			*rfp, *wfp;
	int			rc;

	if ( si->si_bind == NULL ) {
		send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
		    "bind not implemented" );
		return( -1 );
	}

	e.e_id = NOID;
	e.e_name = op->o_req_dn;
	e.e_nname = op->o_req_ndn;
	e.e_attrs = NULL;
	e.e_ocflags = 0;
	e.e_bv.bv_len = 0;
	e.e_bv.bv_val = NULL;
	e.e_private = NULL;

	if ( ! access_allowed( op, &e,
		entry, NULL, ACL_AUTH, NULL ) )
	{
		send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, NULL );
		return -1;
	}

	if ( (op->o_private = (void *) forkandexec( si->si_bind, &rfp, &wfp ))
	    == (void *) -1 ) {
		send_ldap_error( op, rs, LDAP_OTHER,
		    "could not fork/exec" );
		return( -1 );
	}

	/* write out the request to the bind process */
	fprintf( wfp, "BIND\n" );
	fprintf( wfp, "msgid: %ld\n", (long) op->o_msgid );
	print_suffixes( wfp, op->o_bd );
	fprintf( wfp, "dn: %s\n", op->o_req_dn.bv_val );
	fprintf( wfp, "method: %d\n", op->oq_bind.rb_method );
	fprintf( wfp, "credlen: %lu\n", op->oq_bind.rb_cred.bv_len );
	fprintf( wfp, "cred: %s\n", op->oq_bind.rb_cred.bv_val ); /* XXX */
	fclose( wfp );

	/* read in the results and send them along */
	rc = read_and_send_results( op, rs, rfp );
	fclose( rfp );

	return( rc );
}
Initial revision 1998-08-09 08:43:13 +08:00			`/* bind.c - shell backend bind function */`
Add OpenLDAP RCSid to *.[ch] in clients, libraries, and servers. Replace old Id as needed (back-tcl). Leave updating of contribWare to contributors (for now). 1999-09-09 03:06:24 +08:00			`/* $OpenLDAP$ */`
Add copyright notices 2000-05-16 00:35:48 +08:00			`/*`
Happy new year 2003-01-04 04:20:47 +08:00			`* Copyright 1998-2003 The OpenLDAP Foundation, All Rights Reserved.`
Add copyright notices 2000-05-16 00:35:48 +08:00			`* COPYING RESTRICTIONS APPLY, see COPYRIGHT file`
			`*/`
Initial revision 1998-08-09 08:43:13 +08:00
merged with autoconf branch 1998-10-25 09:41:42 +08:00			`#include "portable.h"`

Initial revision 1998-08-09 08:43:13 +08:00			`#include <stdio.h>`
merged with autoconf branch 1998-10-25 09:41:42 +08:00
			`#include <ac/socket.h>`
			`#include <ac/string.h>`

Initial revision 1998-08-09 08:43:13 +08:00			`#include "slap.h"`
			`#include "shell.h"`

			`int`
			`shell_back_bind(`
			`Operation *op,`
Major API change - (SLAP_OP_BLOCKS) All request parameters are consolidated into the Operation structure. All reply parameters are consolidated into the new SlapReply structure. Most operations now have identical call signatures... Changes are not #ifdef'd, revert to -r NO_SLAP_OP_BLOCKS if necessary to back out. 2003-03-30 17:03:54 +08:00			`SlapReply *rs )`
Initial revision 1998-08-09 08:43:13 +08:00			`{`
Major API change - (SLAP_OP_BLOCKS) All request parameters are consolidated into the Operation structure. All reply parameters are consolidated into the new SlapReply structure. Most operations now have identical call signatures... Changes are not #ifdef'd, revert to -r NO_SLAP_OP_BLOCKS if necessary to back out. 2003-03-30 17:03:54 +08:00			`struct shellinfo si = (struct shellinfo ) op->o_bd->be_private;`
More entry level access control for back-shell (should be applied to back-perl and other programmable backends) 2002-10-08 05:56:43 +08:00			`AttributeDescription *entry = slap_schema.si_ad_entry;`
			`Entry e;`
Initial revision 1998-08-09 08:43:13 +08:00			`FILE rfp, wfp;`
			`int rc;`

Patch: Delete the buggy surrogate parent code (ITS#1815) Written by Hallvard B. Furuseth and placed into the public domain. This software is not subject to any license of the University of Oslo. 2002-10-11 04:28:36 +08:00			`if ( si->si_bind == NULL ) {`
Major API change - (SLAP_OP_BLOCKS) All request parameters are consolidated into the Operation structure. All reply parameters are consolidated into the new SlapReply structure. Most operations now have identical call signatures... Changes are not #ifdef'd, revert to -r NO_SLAP_OP_BLOCKS if necessary to back out. 2003-03-30 17:03:54 +08:00			`send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,`
			`"bind not implemented" );`
Protoized, moved extern definitions to .h files, fixed related bugs. Most function and variable definitions are now preceded by its extern definition, for error checking. Retyped a number of functions, usually to return void. Fixed a number of printf format errors. API changes (in ldap/include): Added avl_dup_ok, avl_prefixapply, removed ber_fatten (probably typo for ber_flatten), retyped ldap_sort_strcasecmp, grew lutil.h. A number of `extern' declarations are left (some added by protoize), to be cleaned away later. Mostly strdup(), strcasecmp(), mktemp(), optind, optarg, errno. 1998-11-16 06:40:11 +08:00			`return( -1 );`
Initial revision 1998-08-09 08:43:13 +08:00			`}`

More entry level access control for back-shell (should be applied to back-perl and other programmable backends) 2002-10-08 05:56:43 +08:00			`e.e_id = NOID;`
Major API change - (SLAP_OP_BLOCKS) All request parameters are consolidated into the Operation structure. All reply parameters are consolidated into the new SlapReply structure. Most operations now have identical call signatures... Changes are not #ifdef'd, revert to -r NO_SLAP_OP_BLOCKS if necessary to back out. 2003-03-30 17:03:54 +08:00			`e.e_name = op->o_req_dn;`
			`e.e_nname = op->o_req_ndn;`
More entry level access control for back-shell (should be applied to back-perl and other programmable backends) 2002-10-08 05:56:43 +08:00			`e.e_attrs = NULL;`
			`e.e_ocflags = 0;`
			`e.e_bv.bv_len = 0;`
			`e.e_bv.bv_val = NULL;`
			`e.e_private = NULL;`

Major API change - (SLAP_OP_BLOCKS) All request parameters are consolidated into the Operation structure. All reply parameters are consolidated into the new SlapReply structure. Most operations now have identical call signatures... Changes are not #ifdef'd, revert to -r NO_SLAP_OP_BLOCKS if necessary to back out. 2003-03-30 17:03:54 +08:00			`if ( ! access_allowed( op, &e,`
More entry level access control for back-shell (should be applied to back-perl and other programmable backends) 2002-10-08 05:56:43 +08:00			`entry, NULL, ACL_AUTH, NULL ) )`
			`{`
Major API change - (SLAP_OP_BLOCKS) All request parameters are consolidated into the Operation structure. All reply parameters are consolidated into the new SlapReply structure. Most operations now have identical call signatures... Changes are not #ifdef'd, revert to -r NO_SLAP_OP_BLOCKS if necessary to back out. 2003-03-30 17:03:54 +08:00			`send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, NULL );`
More entry level access control for back-shell (should be applied to back-perl and other programmable backends) 2002-10-08 05:56:43 +08:00			`return -1;`
			`}`

Change o_private from int to void*. Use it to hold a pid_t (and hope it fits). Have forkandexec() return pid_t instead of int. 1999-01-26 12:32:26 +08:00			`if ( (op->o_private = (void *) forkandexec( si->si_bind, &rfp, &wfp ))`
			`== (void *) -1 ) {`
Major API change - (SLAP_OP_BLOCKS) All request parameters are consolidated into the Operation structure. All reply parameters are consolidated into the new SlapReply structure. Most operations now have identical call signatures... Changes are not #ifdef'd, revert to -r NO_SLAP_OP_BLOCKS if necessary to back out. 2003-03-30 17:03:54 +08:00			`send_ldap_error( op, rs, LDAP_OTHER,`
			`"could not fork/exec" );`
Protoized, moved extern definitions to .h files, fixed related bugs. Most function and variable definitions are now preceded by its extern definition, for error checking. Retyped a number of functions, usually to return void. Fixed a number of printf format errors. API changes (in ldap/include): Added avl_dup_ok, avl_prefixapply, removed ber_fatten (probably typo for ber_flatten), retyped ldap_sort_strcasecmp, grew lutil.h. A number of `extern' declarations are left (some added by protoize), to be cleaned away later. Mostly strdup(), strcasecmp(), mktemp(), optind, optarg, errno. 1998-11-16 06:40:11 +08:00			`return( -1 );`
Initial revision 1998-08-09 08:43:13 +08:00			`}`

			`/* write out the request to the bind process */`
			`fprintf( wfp, "BIND\n" );`
Cleanup: Fix printf formats, remove unused variables, add missing prototypes in slapd, add static/const, add some return types or change to void return type. 1999-09-02 16:05:17 +08:00			`fprintf( wfp, "msgid: %ld\n", (long) op->o_msgid );`
Major API change - (SLAP_OP_BLOCKS) All request parameters are consolidated into the Operation structure. All reply parameters are consolidated into the new SlapReply structure. Most operations now have identical call signatures... Changes are not #ifdef'd, revert to -r NO_SLAP_OP_BLOCKS if necessary to back out. 2003-03-30 17:03:54 +08:00			`print_suffixes( wfp, op->o_bd );`
			`fprintf( wfp, "dn: %s\n", op->o_req_dn.bv_val );`
			`fprintf( wfp, "method: %d\n", op->oq_bind.rb_method );`
			`fprintf( wfp, "credlen: %lu\n", op->oq_bind.rb_cred.bv_len );`
			`fprintf( wfp, "cred: %s\n", op->oq_bind.rb_cred.bv_val ); /* XXX */`
Initial revision 1998-08-09 08:43:13 +08:00			`fclose( wfp );`

			`/* read in the results and send them along */`
Major API change - (SLAP_OP_BLOCKS) All request parameters are consolidated into the Operation structure. All reply parameters are consolidated into the new SlapReply structure. Most operations now have identical call signatures... Changes are not #ifdef'd, revert to -r NO_SLAP_OP_BLOCKS if necessary to back out. 2003-03-30 17:03:54 +08:00			`rc = read_and_send_results( op, rs, rfp );`
Initial revision 1998-08-09 08:43:13 +08:00			`fclose( rfp );`

			`return( rc );`
			`}`