mirror of
https://git.openldap.org/openldap/openldap.git
synced 2025-03-07 14:18:15 +08:00
Add auxprop_store support for Cyrus SASL 2.1.16+
This commit is contained in:
Howard Chu
parent
1fc24a3a82
commit
ddd056158e
@ -319,7 +319,7 @@ typedef struct lookup_info {
|
||||
sasl_server_params_t *sparams;
|
||||
} lookup_info;
|
||||
|
||||
static slap_response sasl_ap_lookup, sasl_cb_checkpass;
|
||||
static slap_response sasl_ap_lookup, sasl_ap_store, sasl_cb_checkpass;
|
||||
|
||||
static int
|
||||
sasl_ap_lookup( Operation *op, SlapReply *rs )
|
||||
@ -454,9 +454,6 @@ slap_auxprop_lookup(
|
||||
op.o_threadctx = conn->c_sasl_bindop->o_threadctx;
|
||||
op.o_tmpmemctx = conn->c_sasl_bindop->o_tmpmemctx;
|
||||
op.o_tmpmfuncs = conn->c_sasl_bindop->o_tmpmfuncs;
|
||||
#ifdef LDAP_SLAPI
|
||||
op.o_pb = conn->c_sasl_bindop->o_pb;
|
||||
#endif
|
||||
op.o_conn = conn;
|
||||
op.o_connid = conn->c_connid;
|
||||
op.o_req_dn = op.o_req_ndn;
|
||||
@ -471,6 +468,112 @@ slap_auxprop_lookup(
|
||||
}
|
||||
}
|
||||
|
||||
static int
|
||||
sasl_ap_store( Operation *op, SlapReply *rs )
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int
|
||||
slap_auxprop_store(
|
||||
void *glob_context,
|
||||
sasl_server_params_t *sparams,
|
||||
struct propctx *prctx,
|
||||
const char *user,
|
||||
unsigned ulen)
|
||||
{
|
||||
Operation op = {0};
|
||||
SlapReply rs = {REP_RESULT};
|
||||
int rc, i, j;
|
||||
Connection *conn = NULL;
|
||||
const struct propval *pr;
|
||||
Modifications *modlist = NULL, **modtail = &modlist, *mod;
|
||||
slap_callback cb = { sasl_ap_store, NULL };
|
||||
char textbuf[SLAP_TEXT_BUFLEN];
|
||||
const char *text;
|
||||
size_t textlen = sizeof(textbuf);
|
||||
|
||||
/* just checking if we are enabled */
|
||||
if (!prctx) return SASL_OK;
|
||||
|
||||
if (!sparams || !user) return SASL_BADPARAM;
|
||||
|
||||
pr = sparams->utils->prop_get( sparams->propctx );
|
||||
|
||||
/* Find our DN and conn first */
|
||||
for( i = 0; pr[i].name; i++ ) {
|
||||
if ( pr[i].name[0] == '*' ) {
|
||||
if ( !strcmp( pr[i].name, slap_propnames[PROP_CONN] ) ) {
|
||||
if ( pr[i].values && pr[i].values[0] )
|
||||
AC_MEMCPY( &conn, pr[i].values[0], sizeof( conn ) );
|
||||
continue;
|
||||
}
|
||||
if ( !strcmp( pr[i].name, slap_propnames[PROP_AUTHC] ) ) {
|
||||
if ( pr[i].values && pr[i].values[0] ) {
|
||||
AC_MEMCPY( &op.o_req_ndn, pr[i].values[0], sizeof( struct berval ) );
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
if (!conn || !op.o_req_ndn.bv_val) return SASL_BADPARAM;
|
||||
|
||||
op.o_bd = select_backend( &op.o_req_ndn, 0, 1 );
|
||||
|
||||
if ( !op.o_bd || !op.o_bd->be_modify ) return SASL_FAIL;
|
||||
|
||||
pr = sparams->utils->prop_get( prctx );
|
||||
if (!pr) return SASL_BADPARAM;
|
||||
|
||||
for (i=0; pr[i].name; i++);
|
||||
if (!i) return SASL_BADPARAM;
|
||||
|
||||
for (i=0; pr[i].name; i++) {
|
||||
mod = (Modifications *)ch_malloc( sizeof(Modifications) );
|
||||
mod->sml_op = LDAP_MOD_REPLACE;
|
||||
ber_str2bv( pr[i].name, 0, 0, &mod->sml_type );
|
||||
mod->sml_values = (struct berval *)ch_malloc( (pr[i].nvalues + 1) *
|
||||
sizeof(struct berval));
|
||||
for (j=0; j<pr[i].nvalues; j++) {
|
||||
ber_str2bv( pr[i].values[j], 0, 1, &mod->sml_values[j]);
|
||||
}
|
||||
mod->sml_values[j].bv_val = NULL;
|
||||
mod->sml_values[j].bv_len = 0;
|
||||
mod->sml_nvalues = NULL;
|
||||
mod->sml_desc = NULL;
|
||||
*modtail = mod;
|
||||
modtail = &mod->sml_next;
|
||||
}
|
||||
*modtail = NULL;
|
||||
|
||||
rc = slap_mods_check( modlist, 0, &text, textbuf, textlen, NULL );
|
||||
|
||||
if ( rc == LDAP_SUCCESS ) {
|
||||
rc = slap_mods_opattrs( &op, modlist, modtail, &text, textbuf,
|
||||
textlen );
|
||||
}
|
||||
|
||||
if ( rc == LDAP_SUCCESS ) {
|
||||
op.o_tag = LDAP_REQ_MODIFY;
|
||||
op.o_protocol = LDAP_VERSION3;
|
||||
op.o_ndn = op.o_req_ndn;
|
||||
op.o_callback = &cb;
|
||||
op.o_time = slap_get_time();
|
||||
op.o_do_not_cache = 1;
|
||||
op.o_is_auth_check = 1;
|
||||
op.o_threadctx = conn->c_sasl_bindop->o_threadctx;
|
||||
op.o_tmpmemctx = conn->c_sasl_bindop->o_tmpmemctx;
|
||||
op.o_tmpmfuncs = conn->c_sasl_bindop->o_tmpmfuncs;
|
||||
op.o_conn = conn;
|
||||
op.o_connid = conn->c_connid;
|
||||
op.o_req_dn = op.o_req_ndn;
|
||||
op.orm_modlist = modlist;
|
||||
|
||||
rc = op.o_bd->be_modify( &op, &rs );
|
||||
}
|
||||
slap_mods_free( modlist );
|
||||
return rc ? SASL_FAIL : SASL_OK;
|
||||
}
|
||||
|
||||
static sasl_auxprop_plug_t slap_auxprop_plugin = {
|
||||
0, /* Features */
|
||||
0, /* spare */
|
||||
@ -478,7 +581,7 @@ static sasl_auxprop_plug_t slap_auxprop_plugin = {
|
||||
NULL, /* auxprop_free */
|
||||
slap_auxprop_lookup,
|
||||
"slapd", /* name */
|
||||
NULL /* spare */
|
||||
slap_auxprop_store
|
||||
};
|
||||
|
||||
static int
|
||||
@ -584,9 +687,6 @@ slap_sasl_checkpass(
|
||||
op.o_threadctx = conn->c_sasl_bindop->o_threadctx;
|
||||
op.o_tmpmemctx = conn->c_sasl_bindop->o_tmpmemctx;
|
||||
op.o_tmpmfuncs = conn->c_sasl_bindop->o_tmpmfuncs;
|
||||
#ifdef LDAP_SLAPI
|
||||
op.o_pb = conn->c_sasl_bindop->o_pb;
|
||||
#endif
|
||||
op.o_conn = conn;
|
||||
op.o_connid = conn->c_connid;
|
||||
op.o_req_dn = op.o_req_ndn;
|
||||
|
||||
Loading…
Reference in New Issue
Block a user