1999-09-09 03:06:24 +08:00
|
|
|
/* $OpenLDAP$ */
|
1999-08-07 07:07:46 +08:00
|
|
|
/*
|
|
|
|
* Copyright 1998-1999 The OpenLDAP Foundation, All Rights Reserved.
|
|
|
|
* COPYING RESTRICTIONS APPLY, see COPYRIGHT file
|
|
|
|
*/
|
|
|
|
|
1999-08-03 10:37:42 +08:00
|
|
|
#include "portable.h"
|
|
|
|
|
1999-08-04 02:14:24 +08:00
|
|
|
#include <ac/stdlib.h>
|
1999-08-03 10:37:42 +08:00
|
|
|
#include <stdio.h>
|
|
|
|
|
|
|
|
#include "slap.h"
|
|
|
|
#include "proto-slap.h"
|
|
|
|
|
|
|
|
#include <lber.h>
|
|
|
|
#include <ldap_log.h>
|
|
|
|
|
1999-08-04 07:23:05 +08:00
|
|
|
char **supportedSASLMechanisms = NULL;
|
1999-08-03 10:37:42 +08:00
|
|
|
|
1999-08-04 07:23:05 +08:00
|
|
|
#ifdef HAVE_CYRUS_SASL
|
1999-08-04 08:11:22 +08:00
|
|
|
static sasl_callback_t callbacks[] = {
|
|
|
|
{ SASL_CB_LIST_END, NULL, NULL }
|
|
|
|
};
|
1999-08-03 10:37:42 +08:00
|
|
|
|
|
|
|
int sasl_init( void )
|
|
|
|
{
|
|
|
|
int rc;
|
1999-08-04 08:11:22 +08:00
|
|
|
char *mechs;
|
1999-08-04 07:23:05 +08:00
|
|
|
sasl_conn_t *server = NULL;
|
1999-08-03 10:37:42 +08:00
|
|
|
|
1999-08-04 08:11:22 +08:00
|
|
|
rc = sasl_server_init( callbacks, "slapd" );
|
1999-08-03 10:37:42 +08:00
|
|
|
|
|
|
|
if( rc != SASL_OK ) {
|
|
|
|
Debug( LDAP_DEBUG_ANY, "sasl_server_init failed\n",
|
|
|
|
0, 0, 0 );
|
1999-08-04 07:23:05 +08:00
|
|
|
return -1;
|
1999-08-03 10:37:42 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
rc = sasl_server_new( "ldap", NULL, NULL, NULL,
|
|
|
|
SASL_SECURITY_LAYER,
|
|
|
|
&server );
|
|
|
|
|
|
|
|
if( rc != SASL_OK ) {
|
|
|
|
Debug( LDAP_DEBUG_ANY, "sasl_server_new failed\n",
|
|
|
|
0, 0, 0 );
|
1999-08-04 07:23:05 +08:00
|
|
|
return -1;
|
1999-08-03 10:37:42 +08:00
|
|
|
}
|
|
|
|
|
1999-08-04 07:23:05 +08:00
|
|
|
#ifdef RESTRICT_SASL
|
|
|
|
{
|
|
|
|
sasl_security_properties_t secprops;
|
|
|
|
memset(&secprops, 0, sizeof(secprops));
|
|
|
|
secprops.security_flags = SASL_SEC_NOPLAINTEXT | SASL_SEC_NOANONYMOUS;
|
|
|
|
secprops.property_names = NULL;
|
|
|
|
secprops.property_values = NULL;
|
1999-08-03 10:37:42 +08:00
|
|
|
|
1999-08-04 07:23:05 +08:00
|
|
|
rc = sasl_setprop( server, SASL_SEC_PROPS, &secprops );
|
1999-08-03 10:37:42 +08:00
|
|
|
|
1999-08-04 07:23:05 +08:00
|
|
|
if( rc != SASL_OK ) {
|
|
|
|
Debug( LDAP_DEBUG_ANY, "sasl_setprop failed\n",
|
|
|
|
0, 0, 0 );
|
|
|
|
return -1;
|
|
|
|
}
|
1999-08-03 10:37:42 +08:00
|
|
|
}
|
1999-08-04 07:23:05 +08:00
|
|
|
#endif
|
1999-08-03 10:37:42 +08:00
|
|
|
|
|
|
|
rc = sasl_listmech( server, NULL, NULL, ",", NULL,
|
1999-08-04 08:11:22 +08:00
|
|
|
&mechs, NULL, NULL);
|
1999-08-03 10:37:42 +08:00
|
|
|
|
|
|
|
if( rc != SASL_OK ) {
|
|
|
|
Debug( LDAP_DEBUG_ANY, "sasl_listmech failed: %d\n",
|
|
|
|
rc, 0, 0 );
|
1999-08-04 07:23:05 +08:00
|
|
|
return -1;
|
1999-08-03 10:37:42 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
Debug( LDAP_DEBUG_TRACE, "SASL mechanisms: %s\n",
|
1999-08-04 08:11:22 +08:00
|
|
|
mechs, 0, 0 );
|
1999-08-03 10:37:42 +08:00
|
|
|
|
1999-08-04 08:11:22 +08:00
|
|
|
supportedSASLMechanisms = str2charray( mechs, "," );
|
1999-08-04 07:23:05 +08:00
|
|
|
sasl_dispose( &server );
|
1999-08-03 10:37:42 +08:00
|
|
|
|
1999-08-04 07:23:05 +08:00
|
|
|
return 0;
|
1999-08-03 10:37:42 +08:00
|
|
|
}
|
|
|
|
|
1999-08-04 07:23:05 +08:00
|
|
|
int sasl_destroy( void )
|
1999-08-03 10:37:42 +08:00
|
|
|
{
|
1999-08-04 07:23:05 +08:00
|
|
|
charray_free( supportedSASLMechanisms );
|
|
|
|
return 0;
|
1999-08-03 10:37:42 +08:00
|
|
|
}
|
1999-08-04 07:23:05 +08:00
|
|
|
|
|
|
|
#else
|
|
|
|
/* no SASL support */
|
|
|
|
int sasl_init( void ) { return 0; }
|
|
|
|
int sasl_destroy( void ) { return 0; }
|
1999-08-03 10:37:42 +08:00
|
|
|
#endif
|