git.sur5r.net Git - openldap/blob - servers/slapd/back-ldap/extended.c

   1 /* extended.c - ldap backend extended routines */
   2 /* $OpenLDAP$ */
   3 /*
   4  * Copyright 1998-2003 The OpenLDAP Foundation, All Rights Reserved.
   5  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
   6  */
   7
   8 #include "portable.h"
   9
  10 #include <stdio.h>
  11 #include <ac/string.h>
  12
  13 #include "slap.h"
  14 #include "back-ldap.h"
  15 #include "lber_pvt.h"
  16
  17 BI_op_extended ldap_back_exop_passwd;
  18
  19 static struct exop {
  20         struct berval *oid;
  21         BI_op_extended  *extended;
  22 } exop_table[] = {
  23         { (struct berval *)&slap_EXOP_MODIFY_PASSWD, ldap_back_exop_passwd },
  24         { NULL, NULL }
  25 };
  26
  27 int
  28 ldap_back_extended(
  29         Backend         *be,
  30         Connection              *conn,
  31         Operation               *op,
  32         struct berval           *reqoid,
  33         struct berval   *reqdata,
  34         char            **rspoid,
  35         struct berval   **rspdata,
  36         LDAPControl *** rspctrls,
  37         const char**    text,
  38         BerVarray       *refs
  39 )
  40 {
  41         int i;
  42
  43         for( i=0; exop_table[i].extended != NULL; i++ ) {
  44                 if( ber_bvcmp( exop_table[i].oid, reqoid ) == 0 ) {
  45                         return (exop_table[i].extended)(
  46                                 be, conn, op,
  47                                 reqoid, reqdata,
  48                                 rspoid, rspdata, rspctrls,
  49                                 text, refs );
  50                 }
  51         }
  52
  53         *text = "not supported within naming context";
  54         return LDAP_UNWILLING_TO_PERFORM;
  55 }
  56
  57 int
  58 ldap_back_exop_passwd(
  59         Backend         *be,
  60         Connection              *conn,
  61         Operation               *op,
  62         struct berval           *reqoid,
  63         struct berval   *reqdata,
  64         char                    **rspoid,
  65         struct berval   **rspdata,
  66         LDAPControl             *** rspctrls,
  67         const char              **text,
  68         BerVarray *refs )
  69 {
  70         struct ldapinfo *li = (struct ldapinfo *) be->be_private;
  71         struct ldapconn *lc;
  72         struct berval id = { 0, NULL };
  73         struct berval old = { 0, NULL };
  74         struct berval new = { 0, NULL };
  75         struct berval dn, mdn = { 0, NULL }, newpw;
  76         LDAPMessage *res;
  77         ber_int_t msgid;
  78         char *msg = NULL, *match = NULL;
  79         int rc;
  80
  81         lc = ldap_back_getconn(li, conn, op);
  82         if (!lc || !ldap_back_dobind(li, lc, conn, op) ) {
  83                 return -1;
  84         }
  85
  86         rc = slap_passwd_parse( reqdata, &id, &old, &new, text );
  87         if (rc != LDAP_SUCCESS)
  88                 return rc;
  89
  90         if (id.bv_len) {
  91                 dn = id;
  92         } else {
  93                 dn = op->o_dn;
  94         }
  95
  96 #ifdef NEW_LOGGING
  97         LDAP_LOG ( ACL, DETAIL1, "ldap_back_exop_passwd: \"%s\"%s\"\n",
  98                 dn.bv_val, id.bv_len ? " (proxy)" : "", 0 );
  99 #else
 100         Debug( LDAP_DEBUG_TRACE, "ldap_back_exop_passwd: \"%s\"%s\n",
 101                 dn.bv_val, id.bv_len ? " (proxy)" : "", 0 );
 102 #endif
 103
 104         if (dn.bv_len == 0) {
 105                 *text = "No password is associated with the Root DSE";
 106                 return LDAP_UNWILLING_TO_PERFORM;
 107         }
 108         if (id.bv_len) {
 109 #ifdef ENABLE_REWRITE
 110                 switch ( rewrite_session( li->rwinfo, "modifyPwd", dn.bv_val, conn, &mdn.bv_val ) ) {
 111                 case REWRITE_REGEXEC_OK:
 112                         if ( mdn.bv_val == NULL ) {
 113                                 mdn.bv_val = dn.bv_val;
 114                         }
 115                         mdn.bv_len = strlen(mdn.bv_val);
 116 #ifdef NEW_LOGGING
 117                         LDAP_LOG( BACK_LDAP, DETAIL1,
 118                                 "[rw] modifyPwd: \"%s\" -> \"%s\"\n", dn.bv_val, mdn.bv_val, 0 );
 119 #else /* !NEW_LOGGING */
 120                         Debug( LDAP_DEBUG_ARGS, "rw> modifyPwd: \"%s\" -> \"%s\"\n%s",
 121                                         dn.bv_val, mdn.bv_val, "" );
 122 #endif /* !NEW_LOGGING */
 123                         break;
 124
 125                 case REWRITE_REGEXEC_UNWILLING:
 126                         send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM,
 127                                         NULL, "Operation not allowed", NULL, NULL );
 128                         return( -1 );
 129
 130                 case REWRITE_REGEXEC_ERR:
 131                         send_ldap_result( conn, op, LDAP_OTHER,
 132                                         NULL, "Rewrite error", NULL, NULL );
 133                         return( -1 );
 134                 }
 135 #else /* !ENABLE_REWRITE */
 136                 ldap_back_dn_massage( li, &dn, &mdn, 0, 1 );
 137 #endif /* !ENABLE_REWRITE */
 138         }
 139
 140         rc = ldap_passwd(lc->ld, id.bv_len ? &mdn : NULL, old.bv_len ? &old : NULL,
 141                 new.bv_len ? &new : NULL, op->o_ctrls, NULL, &msgid);
 142 #ifdef ENABLE_REWRITE
 143         if (mdn.bv_val != dn.bv_val)
 144 #endif
 145                 free(mdn.bv_val);
 146         if (rc == LDAP_SUCCESS) {
 147                 if (ldap_result(lc->ld, msgid, 1, NULL, &res) == -1) {
 148                         ldap_get_option(lc->ld, LDAP_OPT_ERROR_NUMBER, &rc);
 149                 } else {
 150                         /* sigh. parse twice, because parse_passwd doesn't give
 151                          * us the err / match / msg info.
 152                          */
 153                         int err;
 154                         rc = ldap_parse_result(lc->ld, res, &err, &match, &msg,
 155                                 NULL, NULL, 0);
 156                         if (rc == LDAP_SUCCESS) {
 157                                 if (err == LDAP_SUCCESS) {
 158                                         rc = ldap_parse_passwd(lc->ld, res, &newpw);
 159                                         if (rc == LDAP_SUCCESS && newpw.bv_val) {
 160                                                 *rspdata = slap_passwd_return(&newpw);
 161                                                 free(newpw.bv_val);
 162                                         }
 163                                 } else {
 164                                         rc = err;
 165                                 }
 166                         }
 167                         ldap_msgfree(res);
 168                 }
 169         }
 170         if (rc != LDAP_SUCCESS) {
 171                 rc = ldap_back_map_result(rc);
 172                 send_ldap_result(conn, op, rc, match, msg, NULL, NULL);
 173                 if (match) free(match);
 174                 if (msg) free(msg);
 175                 rc = -1;
 176         }
 177         return rc;
 178 }