xref: /illumos-gate/usr/src/lib/libldap5/sources/ldap/common/bind.c (revision a30583cb7f21a4667897c305d2bb4bacd936d85f)
1 /*
2  * The contents of this file are subject to the Netscape Public
3  * License Version 1.1 (the "License"); you may not use this file
4  * except in compliance with the License. You may obtain a copy of
5  * the License at http://www.mozilla.org/NPL/
6  *
7  * Software distributed under the License is distributed on an "AS
8  * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
9  * implied. See the License for the specific language governing
10  * rights and limitations under the License.
11  *
12  * The Original Code is Mozilla Communicator client code, released
13  * March 31, 1998.
14  *
15  * The Initial Developer of the Original Code is Netscape
16  * Communications Corporation. Portions created by Netscape are
17  * Copyright (C) 1998-1999 Netscape Communications Corporation. All
18  * Rights Reserved.
19  *
20  * Contributor(s):
21  */
22 /*
23  *  bind.c
24  */
25 
26 #if 0
27 #ifndef lint
28 static char copyright[] = "@(#) Copyright (c) 1990 Regents of the University of Michigan.\nAll rights reserved.\n";
29 #endif
30 #endif
31 
32 #include "ldap-int.h"
33 
34 /*
35  * ldap_bind - bind to the ldap server. The dn and password
36  * of the entry to which to bind are supplied, along with the authentication
37  * method to use.  The msgid of the bind request is returned on success,
38  * -1 if there's trouble.  Note, the kerberos support assumes the user already
39  * has a valid tgt for now.  ldap_result() should be called to find out the
40  * outcome of the bind request.
41  *
42  * Example:
43  *	ldap_bind( ld, "cn=manager, o=university of michigan, c=us", "secret",
44  *	    LDAP_AUTH_SIMPLE )
45  */
46 
47 int
48 LDAP_CALL
49 ldap_bind( LDAP *ld, const char *dn, const char *passwd, int authmethod )
50 {
51 	/*
52 	 * The bind request looks like this:
53 	 *	BindRequest ::= SEQUENCE {
54 	 *		version		INTEGER,
55 	 *		name		DistinguishedName,	 -- who
56 	 *		authentication	CHOICE {
57 	 *			simple		[0] OCTET STRING -- passwd
58 	 *		}
59 	 *	}
60 	 * all wrapped up in an LDAPMessage sequence.
61 	 */
62 
63 	LDAPDebug( LDAP_DEBUG_TRACE, "ldap_bind\n", 0, 0, 0 );
64 
65 	if ( !NSLDAPI_VALID_LDAP_POINTER( ld )) {
66 		return( -1 );
67 	}
68 
69 	switch ( authmethod ) {
70 	case LDAP_AUTH_SIMPLE:
71 		return( ldap_simple_bind( ld, dn, passwd ) );
72 
73 	default:
74 		LDAP_SET_LDERRNO( ld, LDAP_AUTH_UNKNOWN, NULL, NULL );
75 		return( -1 );
76 	}
77 }
78 
79 /*
80  * ldap_bind_s - bind to the ldap server.  The dn and password
81  * of the entry to which to bind are supplied, along with the authentication
82  * method to use.  This routine just calls whichever bind routine is
83  * appropriate and returns the result of the bind (e.g. LDAP_SUCCESS or
84  * some other error indication).  Note, the kerberos support assumes the
85  * user already has a valid tgt for now.
86  *
87  * Examples:
88  *	ldap_bind_s( ld, "cn=manager, o=university of michigan, c=us",
89  *	    "secret", LDAP_AUTH_SIMPLE )
90  *	ldap_bind_s( ld, "cn=manager, o=university of michigan, c=us",
91  *	    NULL, LDAP_AUTH_KRBV4 )
92  */
93 int
94 LDAP_CALL
95 ldap_bind_s( LDAP *ld, const char *dn, const char *passwd, int authmethod )
96 {
97 	int	err;
98 
99 	LDAPDebug( LDAP_DEBUG_TRACE, "ldap_bind_s\n", 0, 0, 0 );
100 
101 	switch ( authmethod ) {
102 	case LDAP_AUTH_SIMPLE:
103 		return( ldap_simple_bind_s( ld, dn, passwd ) );
104 
105 	default:
106 		err = LDAP_AUTH_UNKNOWN;
107 		LDAP_SET_LDERRNO( ld, err, NULL, NULL );
108 		return( err );
109 	}
110 }
111 
112 
113 void
114 LDAP_CALL
115 ldap_set_rebind_proc( LDAP *ld, LDAP_REBINDPROC_CALLBACK *rebindproc,
116     void *arg )
117 {
118 	if ( ld == NULL ) {
119 		if ( !nsldapi_initialized ) {
120 			nsldapi_initialize_defaults();
121 		}
122 		ld = &nsldapi_ld_defaults;
123 	}
124 
125 	if ( NSLDAPI_VALID_LDAP_POINTER( ld )) {
126 		LDAP_MUTEX_LOCK( ld, LDAP_OPTION_LOCK );
127 		ld->ld_rebind_fn = rebindproc;
128 		ld->ld_rebind_arg = arg;
129 		LDAP_MUTEX_UNLOCK( ld, LDAP_OPTION_LOCK );
130 	}
131 }
132 
133 
134 /*
135  * return a pointer to the bind DN for the default connection (a copy is
136  * not made).  If there is no bind DN available, NULL is returned.
137  */
138 char *
139 nsldapi_get_binddn( LDAP *ld )
140 {
141 	char	*binddn;
142 
143 	binddn = NULL;	/* default -- assume they are not bound */
144 
145 	LDAP_MUTEX_LOCK( ld, LDAP_CONN_LOCK );
146 	if ( NULL != ld->ld_defconn && LDAP_CONNST_CONNECTED ==
147 	    ld->ld_defconn->lconn_status && ld->ld_defconn->lconn_bound ) {
148 		if (( binddn = ld->ld_defconn->lconn_binddn ) == NULL ) {
149 			binddn = "";
150 		}
151 	}
152 	LDAP_MUTEX_UNLOCK( ld, LDAP_CONN_LOCK );
153 
154 	return( binddn );
155 }
156