1 /* bind.c - ldap backend bind function */
4 * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved.
5 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
7 /* This is an altered version */
9 * Copyright 1999, Howard Chu, All rights reserved. <hyc@highlandsun.com>
11 * Permission is granted to anyone to use this software for any purpose
12 * on any computer system, and to alter it and redistribute it, subject
13 * to the following restrictions:
15 * 1. The author is not responsible for the consequences of use of this
16 * software, no matter how awful, even if they arise from flaws in it.
18 * 2. The origin of this software must not be misrepresented, either by
19 * explicit claim or by omission. Since few users ever read sources,
20 * credits should appear in the documentation.
22 * 3. Altered versions must be plainly marked as such, and must not be
23 * misrepresented as being the original software. Since few users
24 * ever read sources, credits should appear in the documentation.
26 * 4. This notice may not be removed or altered.
33 #include <ac/socket.h>
34 #include <ac/string.h>
37 #include "back-ldap.h"
51 struct ldapinfo *li = (struct ldapinfo *) be->be_private;
56 lc = ldap_back_getconn(li, conn, op);
60 if (ldap_bind_s(lc->ld, dn, cred->bv_val, method) != LDAP_SUCCESS)
61 return( ldap_back_op_result(lc, op) );
68 ldap_back_getconn(struct ldapinfo *li, Connection *conn, Operation *op)
73 ldap_pvt_thread_mutex_lock( &li->conn_mutex );
74 for (lc = li->lcs; lc; lc=lc->next)
77 ldap_pvt_thread_mutex_unlock( &li->conn_mutex );
79 /* Looks like we didn't get a bind. Open a new session... */
81 int vers = conn->c_protocol;
82 int err = ldap_initialize(&ld, li->url);
83 if (err != LDAP_SUCCESS) {
84 err = ldap_back_map_result(err);
85 send_ldap_result( conn, op, err,
86 NULL, "ldap_init failed", NULL, NULL );
89 /* Set LDAP version. This will always succeed: If the client
90 * bound with a particular version, then so can we.
92 ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &vers);
94 lc = (struct ldapconn *)ch_malloc(sizeof(struct ldapconn));
98 ldap_pvt_thread_mutex_lock( &li->conn_mutex );
101 ldap_pvt_thread_mutex_unlock( &li->conn_mutex );
107 ldap_back_dobind(struct ldapconn *lc, Operation *op)
112 if (ldap_bind_s(lc->ld, lc->conn->c_cdn, NULL, LDAP_AUTH_SIMPLE) !=
114 ldap_back_op_result(lc, op);
119 /* Map API errors to protocol errors... */
122 ldap_back_map_result(int err)
126 case LDAP_SERVER_DOWN:
127 return LDAP_UNAVAILABLE;
128 case LDAP_LOCAL_ERROR:
129 return LDAP_OPERATIONS_ERROR;
130 case LDAP_ENCODING_ERROR:
131 case LDAP_DECODING_ERROR:
132 return LDAP_PROTOCOL_ERROR;
134 return LDAP_UNAVAILABLE;
135 case LDAP_AUTH_UNKNOWN:
136 return LDAP_AUTH_METHOD_NOT_SUPPORTED;
137 case LDAP_FILTER_ERROR:
138 return LDAP_OPERATIONS_ERROR;
139 case LDAP_USER_CANCELLED:
140 return LDAP_OPERATIONS_ERROR;
141 case LDAP_PARAM_ERROR:
142 return LDAP_PROTOCOL_ERROR;
144 return LDAP_OPERATIONS_ERROR;
145 case LDAP_CONNECT_ERROR:
146 return LDAP_UNAVAILABLE;
147 case LDAP_NOT_SUPPORTED:
148 return LDAP_UNWILLING_TO_PERFORM;
149 case LDAP_CONTROL_NOT_FOUND:
150 return LDAP_PROTOCOL_ERROR;
151 case LDAP_NO_RESULTS_RETURNED:
152 return LDAP_NO_SUCH_OBJECT;
153 case LDAP_MORE_RESULTS_TO_RETURN:
155 case LDAP_CLIENT_LOOP:
156 case LDAP_REFERRAL_LIMIT_EXCEEDED:
157 return LDAP_LOOP_DETECT;
159 if LDAP_API_ERROR(err)
167 ldap_back_op_result(struct ldapconn *lc, Operation *op)
173 ldap_get_option(lc->ld, LDAP_OPT_ERROR_NUMBER, &err);
174 ldap_get_option(lc->ld, LDAP_OPT_ERROR_STRING, &msg);
175 ldap_get_option(lc->ld, LDAP_OPT_MATCHED_DN, &match);
176 err = ldap_back_map_result(err);
177 send_ldap_result( lc->conn, op, err, match, msg, NULL, NULL );
180 return( (err==LDAP_SUCCESS) ? 0 : -1 );