Sync with HEAD

This commit is contained in:
Kurt Zeilenga 2004-02-23 22:46:35 +00:00
parent 4be82ff0f2
commit 0cfd2619c8
14 changed files with 354 additions and 33 deletions

View File

@ -90,7 +90,7 @@ const LDAPAttribute* LDAPAttributeList::getAttributeByName(
DEBUG(LDAP_DEBUG_TRACE,"LDAPAttribute::getAttributeByName()" << endl);
DEBUG(LDAP_DEBUG_TRACE | LDAP_DEBUG_PARAMETER,
" name:" << name << endl);
AttrList::const_iterator i;
LDAPAttributeList::const_iterator i;
for( i = m_attrs.begin(); i != m_attrs.end(); i++){
const std::string& tmpType = i->getName();
if(name.size() == tmpType.size()){
@ -112,7 +112,7 @@ void LDAPAttributeList::addAttribute(const LDAPAttribute& attr){
const std::string::size_type attrLen = attrType.size();
std::string::size_type tmpAttrLen = 0;
bool done=false;
AttrList::iterator i;
LDAPAttributeList::iterator i;
for( i=m_attrs.begin(); i != m_attrs.end(); i++ ){
const std::string tmpAttrType = i->getName();
tmpAttrLen = tmpAttrType.size();
@ -141,7 +141,7 @@ void LDAPAttributeList::addAttribute(const LDAPAttribute& attr){
LDAPMod** LDAPAttributeList::toLDAPModArray() const{
DEBUG(LDAP_DEBUG_TRACE,"LDAPAttribute::toLDAPModArray()" << endl);
LDAPMod **ret = (LDAPMod**) malloc((m_attrs.size()+1) * sizeof(LDAPMod*));
AttrList::const_iterator i;
LDAPAttributeList::const_iterator i;
int j=0;
for (i=m_attrs.begin(); i!= m_attrs.end(); i++, j++){
ret[j]=i->toLDAPMod();
@ -151,7 +151,7 @@ LDAPMod** LDAPAttributeList::toLDAPModArray() const{
}
ostream& operator << (ostream& s, const LDAPAttributeList& al){
AttrList::const_iterator i;
LDAPAttributeList::const_iterator i;
for(i=al.m_attrs.begin(); i!=al.m_attrs.end(); i++){
s << *i << "; ";
}

View File

@ -15,18 +15,18 @@ class LDAPAttribute;
class LDAPAsynConnection;
class LDAPMsg;
typedef std::list<LDAPAttribute> AttrList;
/**
* This container class is used to store multiple LDAPAttribute-objects.
*/
class LDAPAttributeList{
typedef std::list<LDAPAttribute> ListType;
private :
AttrList m_attrs;
ListType m_attrs;
public :
typedef AttrList::const_iterator const_iterator;
typedef AttrList::iterator iterator;
typedef ListType::const_iterator const_iterator;
typedef ListType::iterator iterator;
/**

View File

@ -10,8 +10,6 @@
class LDAPEntry;
typedef std::list<LDAPEntry> EntryList;
/**
* For internal use only.
*
@ -19,8 +17,10 @@ typedef std::list<LDAPEntry> EntryList;
* LDAPEntry-Objects
*/
class LDAPEntryList{
typedef std::list<LDAPEntry> ListType;
public:
typedef EntryList::const_iterator const_iterator;
typedef ListType::const_iterator const_iterator;
/**
* Copy-Constructor
@ -63,6 +63,6 @@ class LDAPEntryList{
void addEntry(const LDAPEntry& e);
private:
EntryList m_entries;
ListType m_entries;
};
#endif // LDAP_ENTRY_LIST_H

View File

@ -28,7 +28,7 @@ LDAPMod** LDAPModList::toLDAPModArray(){
LDAPMod **ret = (LDAPMod**) malloc(
(m_modList.size()+1) * sizeof(LDAPMod*));
ret[m_modList.size()]=0;
ModList::const_iterator i;
LDAPModList::ListType::const_iterator i;
int j=0;
for (i=m_modList.begin(); i != m_modList.end(); i++ , j++){
ret[j]=i->toLDAPMod();

View File

@ -11,18 +11,17 @@
#include <list>
#include <LDAPModification.h>
typedef std::list<LDAPModification> ModList;
/**
* This container class is used to store multiple LDAPModification-objects.
*/
class LDAPModList{
typedef std::list<LDAPModification> ListType;
public :
/**
* Constructs an empty list.
*/
LDAPModList();
LDAPModList();
/**
* Copy-constructor
@ -33,7 +32,7 @@ class LDAPModList{
* Adds one element to the end of the list.
* @param mod The LDAPModification to add to the std::list.
*/
void addModification(const LDAPModification &mod);
void addModification(const LDAPModification &mod);
/**
* Translates the list to a 0-terminated array of
@ -42,7 +41,7 @@ class LDAPModList{
LDAPMod** toLDAPModArray();
private :
ModList m_modList;
ListType m_modList;
};
#endif //LDAP_MOD_LIST_H

View File

@ -10,16 +10,16 @@
class LDAPSearchReference;
typedef std::list<LDAPSearchReference> RefList;
/**
* Container class for storing a list of Search References
*
* Used internally only by LDAPSearchResults
*/
class LDAPReferenceList{
typedef std::list<LDAPSearchReference> ListType;
public:
typedef RefList::const_iterator const_iterator;
typedef ListType::const_iterator const_iterator;
/**
* Constructs an empty list.
@ -66,7 +66,7 @@ class LDAPReferenceList{
void addReference(const LDAPSearchReference& e);
private:
RefList m_refs;
ListType m_refs;
};
#endif // LDAP_REFERENCE_LIST_H

View File

@ -11,7 +11,7 @@ using namespace std;
LDAPUrlList::LDAPUrlList(){
DEBUG(LDAP_DEBUG_CONSTRUCT," LDAPUrlList::LDAPUrlList()" << endl);
m_urls=UrlList();
m_urls=LDAPUrlList::ListType();
}
LDAPUrlList::LDAPUrlList(const LDAPUrlList& urls){

View File

@ -9,14 +9,14 @@
#include <list>
#include <LDAPUrl.h>
typedef std::list<LDAPUrl> UrlList;
/**
* This container class is used to store multiple LDAPUrl-objects.
*/
class LDAPUrlList{
typedef std::list<LDAPUrl> ListType;
public:
typedef UrlList::const_iterator const_iterator;
typedef ListType::const_iterator const_iterator;
/**
* Constructs an empty list.
@ -72,6 +72,6 @@ class LDAPUrlList{
void add(const LDAPUrl& url);
private :
UrlList m_urls;
ListType m_urls;
};
#endif //LDAP_URL_LIST_H

View File

@ -85,5 +85,5 @@ noinst_HEADERS = LDAPAddRequest.h \
LDAPSearchRequest.h
libldapcpp_la_LIBADD = -lldap -llber
libldapcpp_la_LDFLAGS = -version-info 0:1:0
libldapcpp_la_LDFLAGS = -version-info 0:2:0

View File

@ -12,12 +12,12 @@ StringList::StringList(){
}
StringList::StringList(const StringList& sl){
m_data= ListType(sl.m_data);
m_data= StringList::ListType(sl.m_data);
}
StringList::StringList(char** values){
if(values == 0){
m_data=ListType();
m_data=StringList::ListType();
}else{
char** i;
for(i=values; *i != 0; i++){

View File

@ -8,12 +8,12 @@
#include <string>
#include <list>
typedef std::list<std::string> ListType;
/**
* Container class to store multiple string-objects
*/
class StringList{
typedef std::list<std::string> ListType;
private:
ListType m_data;

View File

@ -0,0 +1,34 @@
Copyright 2004 The OpenLDAP Foundation. All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted only as authorized by the OpenLDAP
Public License.
This directory contains native slapd plugins for password mechanisms that
are not actively supported by the project. Currently this includes the
Kerberos and Netscape MTA-MD5 password mechanisms.
To use the Kerberos plugin, add:
moduleload pw-kerberos.so
to your slapd configuration file.
To use the Netscape plugin, add:
moduleload pw-netscape.so
to your slapd configuration file.
No Makefile is provided. Use a command line similar to:
gcc -shared -I../../../include -Wall -g -DHAVE_KRB5 -o pw-kerberos.so kerberos.c
to compile the Kerberos plugin. Replace HAVE_KRB5 with HAVE_KRB4 if you want
to use Kerberos IV. If your Kerberos header files are not in the C compiler's
default path, you will need to add a "-I" directive for that as well.
The corresponding command for the Netscape plugin would be:
gcc -shared -I../../../include -Wall -g -o pw-netscape.so netscape.c

View File

@ -0,0 +1,208 @@
/* $OpenLDAP$ */
/*
* Copyright 1998-2004 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted only as authorized by the OpenLDAP
* Public License.
*
* A copy of this license is available in the file LICENSE in the
* top-level directory of the distribution or, alternatively, at
* <http://www.OpenLDAP.org/license.html>.
*/
#include <string.h>
#include <unistd.h>
#include <lber.h>
#include <lber_pvt.h> /* BER_BVC definition */
#include "lutil.h"
#ifdef HAVE_KRB5
#include <krb5.h>
#elif defined(HAVE_KRB4)
#include <krb.h>
#endif
/* From <ldap_pvt.h> */
LDAP_F( char *) ldap_pvt_get_fqdn LDAP_P(( char * ));
static LUTIL_PASSWD_CHK_FUNC chk_kerberos;
static const struct berval scheme = BER_BVC("{KERBEROS}");
static int chk_kerberos(
const struct berval *sc,
const struct berval * passwd,
const struct berval * cred,
const char **text )
{
unsigned int i;
int rtn;
for( i=0; i<cred->bv_len; i++) {
if(cred->bv_val[i] == '\0') {
return 1; /* NUL character in password */
}
}
if( cred->bv_val[i] != '\0' ) {
return 1; /* cred must behave like a string */
}
for( i=0; i<passwd->bv_len; i++) {
if(passwd->bv_val[i] == '\0') {
return 1; /* NUL character in password */
}
}
if( passwd->bv_val[i] != '\0' ) {
return 1; /* passwd must behave like a string */
}
rtn = 1;
#ifdef HAVE_KRB5 /* HAVE_HEIMDAL_KRB5 */
{
/* Portions:
* Copyright (c) 1997, 1998, 1999 Kungliga Tekniska H\xf6gskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
krb5_context context;
krb5_error_code ret;
krb5_creds creds;
krb5_get_init_creds_opt get_options;
krb5_verify_init_creds_opt verify_options;
krb5_principal client, server;
#ifdef notdef
krb5_preauthtype pre_auth_types[] = {KRB5_PADATA_ENC_TIMESTAMP};
#endif
ret = krb5_init_context( &context );
if (ret) {
return 1;
}
#ifdef notdef
krb5_get_init_creds_opt_set_preauth_list(&get_options,
pre_auth_types, 1);
#endif
krb5_get_init_creds_opt_init( &get_options );
krb5_verify_init_creds_opt_init( &verify_options );
ret = krb5_parse_name( context, passwd->bv_val, &client );
if (ret) {
krb5_free_context( context );
return 1;
}
ret = krb5_get_init_creds_password( context,
&creds, client, cred->bv_val, NULL,
NULL, 0, NULL, &get_options );
if (ret) {
krb5_free_principal( context, client );
krb5_free_context( context );
return 1;
}
{
char *host = ldap_pvt_get_fqdn( NULL );
if( host == NULL ) {
krb5_free_principal( context, client );
krb5_free_context( context );
return 1;
}
ret = krb5_sname_to_principal( context,
host, "ldap", KRB5_NT_SRV_HST, &server );
ber_memfree( host );
}
if (ret) {
krb5_free_principal( context, client );
krb5_free_context( context );
return 1;
}
ret = krb5_verify_init_creds( context,
&creds, server, NULL, NULL, &verify_options );
krb5_free_principal( context, client );
krb5_free_principal( context, server );
krb5_free_cred_contents( context, &creds );
krb5_free_context( context );
rtn = !!ret;
}
#elif defined(HAVE_KRB4)
{
/* Borrowed from Heimdal kpopper */
/* Portions:
* Copyright (c) 1989 Regents of the University of California.
* All rights reserved. The Berkeley software License Agreement
* specifies the terms and conditions for redistribution.
*/
int status;
char lrealm[REALM_SZ];
char tkt[MAXHOSTNAMELEN];
status = krb_get_lrealm(lrealm,1);
if (status == KFAILURE) {
return 1;
}
snprintf(tkt, sizeof(tkt), "%s_slapd.%u",
TKT_ROOT, (unsigned)getpid());
krb_set_tkt_string (tkt);
status = krb_verify_user( passwd->bv_val, "", lrealm,
cred->bv_val, 1, "ldap");
dest_tkt(); /* no point in keeping the tickets */
return status == KFAILURE;
}
#endif
return rtn;
}
int init_module(int argc, char *argv[]) {
return lutil_passwd_add( (struct berval *)&scheme, chk_kerberos, NULL );
}

View File

@ -0,0 +1,80 @@
/* $OpenLDAP$ */
/*
* Copyright 1998-2004 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted only as authorized by the OpenLDAP
* Public License.
*
* A copy of this license is available in the file LICENSE in the
* top-level directory of the distribution or, alternatively, at
* <http://www.OpenLDAP.org/license.html>.
*/
#include <string.h>
#include <unistd.h>
#include <lber.h>
#include <lber_pvt.h>
#include "lutil.h"
#include "lutil_md5.h"
static LUTIL_PASSWD_CHK_FUNC chk_ns_mta_md5;
static const struct berval scheme = BER_BVC("{NS-MTA-MD5}");
#define NS_MTA_MD5_PASSLEN 64
static int chk_ns_mta_md5(
const struct berval *scheme,
const struct berval *passwd,
const struct berval *cred,
const char **text )
{
lutil_MD5_CTX MD5context;
unsigned char MD5digest[LUTIL_MD5_BYTES], c;
char buffer[LUTIL_MD5_BYTES*2];
int i;
if( passwd->bv_len != NS_MTA_MD5_PASSLEN ) {
return 1;
}
/* hash credentials with salt */
lutil_MD5Init(&MD5context);
lutil_MD5Update(&MD5context,
(const unsigned char *) &passwd->bv_val[32],
32 );
c = 0x59;
lutil_MD5Update(&MD5context,
(const unsigned char *) &c,
1 );
lutil_MD5Update(&MD5context,
(const unsigned char *) cred->bv_val,
cred->bv_len );
c = 0xF7;
lutil_MD5Update(&MD5context,
(const unsigned char *) &c,
1 );
lutil_MD5Update(&MD5context,
(const unsigned char *) &passwd->bv_val[32],
32 );
lutil_MD5Final(MD5digest, &MD5context);
for( i=0; i < sizeof( MD5digest ); i++ ) {
buffer[i+i] = "0123456789abcdef"[(MD5digest[i]>>4) & 0x0F];
buffer[i+i+1] = "0123456789abcdef"[ MD5digest[i] & 0x0F];
}
/* compare */
return memcmp((char *)passwd->bv_val,
(char *)buffer, sizeof(buffer)) ? 1 : 0;
}
int init_module(int argc, char *argv[]) {
return lutil_passwd_add( (struct berval *)&scheme, chk_ns_mta_md5, NULL );
}