xref: /illumos-gate/usr/src/lib/libldap5/sources/ldap/common/proxyauthctrl.c (revision 20a7641f9918de8574b8b3b47dbe35c4bfc78df1)
1 /*
2  * The contents of this file are subject to the Netscape Public
3  * License Version 1.1 (the "License"); you may not use this file
4  * except in compliance with the License. You may obtain a copy of
5  * the License at http://www.mozilla.org/NPL/
6  *
7  * Software distributed under the License is distributed on an "AS
8  * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
9  * implied. See the License for the specific language governing
10  * rights and limitations under the License.
11  *
12  * The Original Code is Mozilla Communicator client code, released
13  * March 31, 1998.
14  *
15  * The Initial Developer of the Original Code is Netscape
16  * Communications Corporation. Portions created by Netscape are
17  * Copyright (C) 1998-1999 Netscape Communications Corporation. All
18  * Rights Reserved.
19  *
20  * Contributor(s):
21  */
22 #include "ldap-int.h"
23 
24 /* ldap_create_proxyauth_control
25 
26    Create a "version 1" proxied authorization control.
27 
28    Parameters are
29 
30    ld              LDAP pointer to the desired connection
31 
32    dn		   The dn used in the proxy auth
33 
34    ctl_iscritical  Indicates whether the control is critical of not. If
35                    this field is non-zero, the operation will only be car-
36                    ried out if the control is recognized by the server
37                    and/or client
38 
39    ctrlp           the address of a place to put the constructed control
40 */
41 
42 int
43 LDAP_CALL
44 ldap_create_proxyauth_control (
45      LDAP *ld,
46      const char *dn,
47      const char ctl_iscritical,
48      LDAPControl **ctrlp
49 )
50 {
51 	BerElement		*ber;
52 	int				rc;
53 
54 	if ( !NSLDAPI_VALID_LDAP_POINTER( ld )) {
55 		return( LDAP_PARAM_ERROR );
56 	}
57 
58 	if (  ctrlp == NULL ) {
59 		LDAP_SET_LDERRNO( ld, LDAP_PARAM_ERROR, NULL, NULL );
60 		return ( LDAP_PARAM_ERROR );
61 	}
62 	if (NULL == dn)
63 	{
64 	    dn = "";
65 	}
66 
67 	/* create a ber package to hold the controlValue */
68 	if ( ( nsldapi_alloc_ber_with_options( ld, &ber ) ) != LDAP_SUCCESS ) {
69 		LDAP_SET_LDERRNO( ld, LDAP_NO_MEMORY, NULL, NULL );
70 		return( LDAP_NO_MEMORY );
71 	}
72 
73 
74 
75         if ( LBER_ERROR == ber_printf( ber,
76                                        "{s}",
77                                        dn ) )
78         {
79             LDAP_SET_LDERRNO( ld, LDAP_ENCODING_ERROR, NULL, NULL );
80             ber_free( ber, 1 );
81             return( LDAP_ENCODING_ERROR );
82         }
83 
84 	rc = nsldapi_build_control( LDAP_CONTROL_PROXYAUTH, ber, 1,
85 	    ctl_iscritical, ctrlp );
86 
87 	LDAP_SET_LDERRNO( ld, rc, NULL, NULL );
88 	return( rc );
89 
90 }
91 
92 
93 /* ldap_create_proxiedauth_control
94 
95    Create a "version 2" proxied authorization control.
96 
97    Parameters are
98 
99    ld              LDAP pointer to the desired connection
100 
101    authzid		   The authorization identity used in the proxy auth,
102                    e.g., dn:uid=bjensen,dc=example,dc=com
103 
104    ctrlp           the address of a place to put the constructed control
105 */
106 
107 int
108 LDAP_CALL
109 ldap_create_proxiedauth_control (
110      LDAP *ld,
111      const char *authzid,
112      LDAPControl **ctrlp
113 )
114 {
115 	BerElement		*ber;
116 	int				rc;
117 
118 	if ( !NSLDAPI_VALID_LDAP_POINTER( ld )) {
119 		return( LDAP_PARAM_ERROR );
120 	}
121 
122 	if (  ctrlp == NULL || authzid == NULL ) {
123 		LDAP_SET_LDERRNO( ld, LDAP_PARAM_ERROR, NULL, NULL );
124 		return ( LDAP_PARAM_ERROR );
125 	}
126 
127 	/* create a ber package to hold the controlValue */
128 	if ( ( nsldapi_alloc_ber_with_options( ld, &ber ) ) != LDAP_SUCCESS ) {
129 		LDAP_SET_LDERRNO( ld, LDAP_NO_MEMORY, NULL, NULL );
130 		return( LDAP_NO_MEMORY );
131 	}
132 
133 
134 
135         if ( LBER_ERROR == ber_printf( ber,
136                                        "s",
137                                        authzid ) )
138         {
139             LDAP_SET_LDERRNO( ld, LDAP_ENCODING_ERROR, NULL, NULL );
140             ber_free( ber, 1 );
141             return( LDAP_ENCODING_ERROR );
142         }
143 
144 	rc = nsldapi_build_control( LDAP_CONTROL_PROXIEDAUTH, ber, 1, 1, ctrlp );
145 
146 	LDAP_SET_LDERRNO( ld, rc, NULL, NULL );
147 	return( rc );
148 
149 }
150