openldap/libraries/libldap/passwd.c

171 lines
3.3 KiB
C
Raw Normal View History

/* $OpenLDAP$ */
2003-11-26 15:16:36 +08:00
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
2021-01-12 03:25:53 +08:00
* Copyright 1998-2021 The OpenLDAP Foundation.
2003-11-26 15:16:36 +08:00
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted only as authorized by the OpenLDAP
* Public License.
*
* A copy of this license is available in the file LICENSE in the
* top-level directory of the distribution or, alternatively, at
* <http://www.OpenLDAP.org/license.html>.
*/
/* ACKNOWLEDGEMENTS:
ITS#8605 - spelling fixes * javascript * kernel * ldap * length * macros * maintained * manager * matching * maximum * mechanism * memory * method * mimic * minimum * modifiable * modifiers * modifying * multiple * necessary * normalized * objectclass * occurrence * occurring * offered * operation * original * overridden * parameter * permanent * preemptively * printable * protocol * provider * really * redistribution * referenced * refresh * regardless * registered * request * reserved * resource * response * sanity * separated * setconcurrency * should * specially * specifies * structure * structures * subordinates * substitution * succeed * successful * successfully * sudoers * sufficient * superiors * supported * synchronization * terminated * they're * through * traffic * transparent * unsigned * unsupported * version * absence * achieves * adamson * additional * address * against * appropriate * architecture * associated * async * attribute * authentication * authorized * auxiliary * available * begin * beginning * buffered * canonical * certificate * charray * check * class * compatibility * compilation * component * configurable * configuration * configure * conjunction * constraints * constructor * contained * containing * continued * control * convenience * correspond * credentials * cyrillic * database * definitions * deloldrdn * dereferencing * destroy * distinguish * documentation * emmanuel * enabled * entry * enumerated * everything * exhaustive * existence * existing * explicitly * extract * fallthru * fashion * february * finally * function * generically * groupname * happened * implementation * including * initialization * initializes * insensitive * instantiated * instantiation * integral * internal * iterate
2017-02-26 15:49:31 +08:00
* This program was originally developed by Kurt D. Zeilenga for inclusion in
* OpenLDAP Software.
*/
#include "portable.h"
#include <stdio.h>
#include <ac/stdlib.h>
#include <ac/string.h>
#include <ac/time.h>
#include "ldap-int.h"
/*
* LDAP Password Modify (Extended) Operation (RFC 3062)
*/
int ldap_parse_passwd(
LDAP *ld,
LDAPMessage *res,
struct berval *newpasswd )
{
int rc;
2006-01-02 21:27:29 +08:00
struct berval *retdata = NULL;
assert( ld != NULL );
assert( LDAP_VALID( ld ) );
assert( res != NULL );
assert( newpasswd != NULL );
newpasswd->bv_val = NULL;
newpasswd->bv_len = 0;
2006-01-02 21:27:29 +08:00
rc = ldap_parse_extended_result( ld, res, NULL, &retdata, 0 );
if ( rc != LDAP_SUCCESS ) {
return rc;
}
2006-01-02 21:27:29 +08:00
if ( retdata != NULL ) {
ber_tag_t tag;
BerElement *ber = ber_init( retdata );
2006-01-02 21:27:29 +08:00
if ( ber == NULL ) {
rc = ld->ld_errno = LDAP_NO_MEMORY;
goto done;
}
/* we should check the tag */
tag = ber_scanf( ber, "{o}", newpasswd );
ber_free( ber, 1 );
2006-01-02 21:27:29 +08:00
if ( tag == LBER_ERROR ) {
rc = ld->ld_errno = LDAP_DECODING_ERROR;
}
}
2006-01-02 21:27:29 +08:00
done:;
ber_bvfree( retdata );
return rc;
}
int
ldap_passwd( LDAP *ld,
struct berval *user,
struct berval *oldpw,
struct berval *newpw,
LDAPControl **sctrls,
LDAPControl **cctrls,
int *msgidp )
{
int rc;
2004-04-07 09:11:32 +08:00
struct berval bv = BER_BVNULL;
BerElement *ber = NULL;
assert( ld != NULL );
assert( LDAP_VALID( ld ) );
assert( msgidp != NULL );
if( user != NULL || oldpw != NULL || newpw != NULL ) {
/* build change password control */
ber = ber_alloc_t( LBER_USE_DER );
if( ber == NULL ) {
ld->ld_errno = LDAP_NO_MEMORY;
return ld->ld_errno;
}
ber_printf( ber, "{" /*}*/ );
if( user != NULL ) {
2003-02-16 16:37:19 +08:00
ber_printf( ber, "tO",
LDAP_TAG_EXOP_MODIFY_PASSWD_ID, user );
}
if( oldpw != NULL ) {
2003-02-16 16:37:19 +08:00
ber_printf( ber, "tO",
LDAP_TAG_EXOP_MODIFY_PASSWD_OLD, oldpw );
}
if( newpw != NULL ) {
2003-02-16 16:37:19 +08:00
ber_printf( ber, "tO",
LDAP_TAG_EXOP_MODIFY_PASSWD_NEW, newpw );
}
ber_printf( ber, /*{*/ "N}" );
rc = ber_flatten2( ber, &bv, 0 );
if( rc < 0 ) {
ld->ld_errno = LDAP_ENCODING_ERROR;
return ld->ld_errno;
}
}
rc = ldap_extended_operation( ld, LDAP_EXOP_MODIFY_PASSWD,
bv.bv_val ? &bv : NULL, sctrls, cctrls, msgidp );
ber_free( ber, 1 );
return rc;
}
int
ldap_passwd_s(
LDAP *ld,
struct berval *user,
struct berval *oldpw,
struct berval *newpw,
struct berval *newpasswd,
LDAPControl **sctrls,
LDAPControl **cctrls )
{
int rc;
int msgid;
LDAPMessage *res;
rc = ldap_passwd( ld, user, oldpw, newpw, sctrls, cctrls, &msgid );
if ( rc != LDAP_SUCCESS ) {
return rc;
}
2007-02-05 20:30:40 +08:00
if ( ldap_result( ld, msgid, LDAP_MSG_ALL, (struct timeval *) NULL, &res ) == -1 || !res ) {
return ld->ld_errno;
}
rc = ldap_parse_passwd( ld, res, newpasswd );
2002-11-28 12:36:22 +08:00
if( rc != LDAP_SUCCESS ) {
ldap_msgfree( res );
return rc;
}
return( ldap_result2error( ld, res, 1 ) );
}