xref: /illumos-gate/usr/src/lib/libldap5/sources/ldap/common/bind.c (revision 598f4ceed9327d2d6c2325dd67cae3aa06f7fea6)
1 #pragma ident	"%Z%%M%	%I%	%E% SMI"
2 
3 /*
4  * The contents of this file are subject to the Netscape Public
5  * License Version 1.1 (the "License"); you may not use this file
6  * except in compliance with the License. You may obtain a copy of
7  * the License at http://www.mozilla.org/NPL/
8  *
9  * Software distributed under the License is distributed on an "AS
10  * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
11  * implied. See the License for the specific language governing
12  * rights and limitations under the License.
13  *
14  * The Original Code is Mozilla Communicator client code, released
15  * March 31, 1998.
16  *
17  * The Initial Developer of the Original Code is Netscape
18  * Communications Corporation. Portions created by Netscape are
19  * Copyright (C) 1998-1999 Netscape Communications Corporation. All
20  * Rights Reserved.
21  *
22  * Contributor(s):
23  */
24 /*
25  *  bind.c
26  */
27 
28 #if 0
29 #ifndef lint
30 static char copyright[] = "@(#) Copyright (c) 1990 Regents of the University of Michigan.\nAll rights reserved.\n";
31 #endif
32 #endif
33 
34 #include "ldap-int.h"
35 
36 /*
37  * ldap_bind - bind to the ldap server. The dn and password
38  * of the entry to which to bind are supplied, along with the authentication
39  * method to use.  The msgid of the bind request is returned on success,
40  * -1 if there's trouble.  Note, the kerberos support assumes the user already
41  * has a valid tgt for now.  ldap_result() should be called to find out the
42  * outcome of the bind request.
43  *
44  * Example:
45  *	ldap_bind( ld, "cn=manager, o=university of michigan, c=us", "secret",
46  *	    LDAP_AUTH_SIMPLE )
47  */
48 
49 int
50 LDAP_CALL
51 ldap_bind( LDAP *ld, const char *dn, const char *passwd, int authmethod )
52 {
53 	/*
54 	 * The bind request looks like this:
55 	 *	BindRequest ::= SEQUENCE {
56 	 *		version		INTEGER,
57 	 *		name		DistinguishedName,	 -- who
58 	 *		authentication	CHOICE {
59 	 *			simple		[0] OCTET STRING -- passwd
60 	 *		}
61 	 *	}
62 	 * all wrapped up in an LDAPMessage sequence.
63 	 */
64 
65 	LDAPDebug( LDAP_DEBUG_TRACE, "ldap_bind\n", 0, 0, 0 );
66 
67 	if ( !NSLDAPI_VALID_LDAP_POINTER( ld )) {
68 		return( -1 );
69 	}
70 
71 	switch ( authmethod ) {
72 	case LDAP_AUTH_SIMPLE:
73 		return( ldap_simple_bind( ld, dn, passwd ) );
74 
75 	default:
76 		LDAP_SET_LDERRNO( ld, LDAP_AUTH_UNKNOWN, NULL, NULL );
77 		return( -1 );
78 	}
79 }
80 
81 /*
82  * ldap_bind_s - bind to the ldap server.  The dn and password
83  * of the entry to which to bind are supplied, along with the authentication
84  * method to use.  This routine just calls whichever bind routine is
85  * appropriate and returns the result of the bind (e.g. LDAP_SUCCESS or
86  * some other error indication).  Note, the kerberos support assumes the
87  * user already has a valid tgt for now.
88  *
89  * Examples:
90  *	ldap_bind_s( ld, "cn=manager, o=university of michigan, c=us",
91  *	    "secret", LDAP_AUTH_SIMPLE )
92  *	ldap_bind_s( ld, "cn=manager, o=university of michigan, c=us",
93  *	    NULL, LDAP_AUTH_KRBV4 )
94  */
95 int
96 LDAP_CALL
97 ldap_bind_s( LDAP *ld, const char *dn, const char *passwd, int authmethod )
98 {
99 	int	err;
100 
101 	LDAPDebug( LDAP_DEBUG_TRACE, "ldap_bind_s\n", 0, 0, 0 );
102 
103 	switch ( authmethod ) {
104 	case LDAP_AUTH_SIMPLE:
105 		return( ldap_simple_bind_s( ld, dn, passwd ) );
106 
107 	default:
108 		err = LDAP_AUTH_UNKNOWN;
109 		LDAP_SET_LDERRNO( ld, err, NULL, NULL );
110 		return( err );
111 	}
112 }
113 
114 
115 void
116 LDAP_CALL
117 ldap_set_rebind_proc( LDAP *ld, LDAP_REBINDPROC_CALLBACK *rebindproc,
118     void *arg )
119 {
120 	if ( ld == NULL ) {
121 		if ( !nsldapi_initialized ) {
122 			nsldapi_initialize_defaults();
123 		}
124 		ld = &nsldapi_ld_defaults;
125 	}
126 
127 	if ( NSLDAPI_VALID_LDAP_POINTER( ld )) {
128 		LDAP_MUTEX_LOCK( ld, LDAP_OPTION_LOCK );
129 		ld->ld_rebind_fn = rebindproc;
130 		ld->ld_rebind_arg = arg;
131 		LDAP_MUTEX_UNLOCK( ld, LDAP_OPTION_LOCK );
132 	}
133 }
134 
135 
136 /*
137  * return a pointer to the bind DN for the default connection (a copy is
138  * not made).  If there is no bind DN available, NULL is returned.
139  */
140 char *
141 nsldapi_get_binddn( LDAP *ld )
142 {
143 	char	*binddn;
144 
145 	binddn = NULL;	/* default -- assume they are not bound */
146 
147 	LDAP_MUTEX_LOCK( ld, LDAP_CONN_LOCK );
148 	if ( NULL != ld->ld_defconn && LDAP_CONNST_CONNECTED ==
149 	    ld->ld_defconn->lconn_status && ld->ld_defconn->lconn_bound ) {
150 		if (( binddn = ld->ld_defconn->lconn_binddn ) == NULL ) {
151 			binddn = "";
152 		}
153 	}
154 	LDAP_MUTEX_UNLOCK( ld, LDAP_CONN_LOCK );
155 
156 	return( binddn );
157 }
158