ITS#6684

[openldap] / libraries / libldap / cyrus.c

diff --git a/libraries/libldap/cyrus.c b/libraries/libldap/cyrus.c
index 57d0304313c6da5b1f41ba10a476713e628e7108..9bd5938dc400d23c4fc716dbb44eeda648b40bcf 100644 (file)
--- a/libraries/libldap/cyrus.c
+++ b/libraries/libldap/cyrus.c
@@ -1,7 +1,7 @@
 /* $OpenLDAP$ */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 1998-2009 The OpenLDAP Foundation.
+ * Copyright 1998-2010 The OpenLDAP Foundation.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -410,9 +410,7 @@ ldap_int_sasl_bind(
        }
 
        rc = 0;
-#ifdef LDAP_R_COMPILE
-       ldap_pvt_thread_mutex_lock( &ld->ld_req_mutex );
-#endif
+       LDAP_MUTEX_LOCK( &ld->ld_req_mutex );
        ber_sockbuf_ctrl( ld->ld_sb, LBER_SB_OPT_GET_FD, &sd );
 
        if ( sd == AC_SOCKET_INVALID ) {
@@ -430,9 +428,7 @@ ldap_int_sasl_bind(
                        }
                }
        }   
-#ifdef LDAP_R_COMPILE
-       ldap_pvt_thread_mutex_unlock( &ld->ld_req_mutex );
-#endif
+       LDAP_MUTEX_UNLOCK( &ld->ld_req_mutex );
        if( rc != 0 ) return ld->ld_errno;
 
        oldctx = ld->ld_defconn->lconn_sasl_authctx;
@@ -1013,10 +1009,54 @@ ldap_int_sasl_get_option( LDAP *ld, int option, void *arg )
                        *(int *)arg = (int) LDAP_BOOL_GET(&ld->ld_options, LDAP_BOOL_SASL_NOCANON );
                        break;
 
+               case LDAP_OPT_X_SASL_USERNAME: {
+                       int sc;
+                       char *username;
+                       sasl_conn_t *ctx;
+
+                       if( ld->ld_defconn == NULL ) {
+                               return -1;
+                       }
+
+                       ctx = ld->ld_defconn->lconn_sasl_authctx;
+
+                       if ( ctx == NULL ) {
+                               return -1;
+                       }
+
+                       sc = sasl_getprop( ctx, SASL_USERNAME,
+                               (SASL_CONST void **)(char **) &username );
+
+                       if ( sc != SASL_OK ) {
+                               return -1;
+                       }
+
+                       *(char **)arg = username ? LDAP_STRDUP( username ) : NULL;
+               } break;
+
                case LDAP_OPT_X_SASL_SECPROPS:
                        /* this option is write only */
                        return -1;
 
+#ifdef SASL_GSS_CREDS
+               case LDAP_OPT_X_SASL_GSS_CREDS: {
+                       sasl_conn_t *ctx;
+                       int sc;
+
+                       if ( ld->ld_defconn == NULL )
+                               return -1;
+
+                       ctx = ld->ld_defconn->lconn_sasl_authctx;
+                       if ( ctx == NULL )
+                               return -1;
+
+                       sc = sasl_getprop( ctx, SASL_GSS_CREDS, arg );
+                       if ( sc != SASL_OK )
+                               return -1;
+                       }
+                       break;
+#endif
+
                default:
                        return -1;
        }
@@ -1034,6 +1074,7 @@ ldap_int_sasl_set_option( LDAP *ld, int option, void *arg )
 
        switch ( option ) {
        case LDAP_OPT_X_SASL_SSF:
+       case LDAP_OPT_X_SASL_USERNAME:
                /* This option is read-only */
                return -1;
 
@@ -1098,6 +1139,25 @@ ldap_int_sasl_set_option( LDAP *ld, int option, void *arg )
                return sc == LDAP_SUCCESS ? 0 : -1;
                }
 
+#ifdef SASL_GSS_CREDS
+       case LDAP_OPT_X_SASL_GSS_CREDS: {
+               sasl_conn_t *ctx;
+               int sc;
+
+               if ( ld->ld_defconn == NULL )
+                       return -1;
+
+               ctx = ld->ld_defconn->lconn_sasl_authctx;
+               if ( ctx == NULL )
+                       return -1;
+
+               sc = sasl_setprop( ctx, SASL_GSS_CREDS, arg );
+               if ( sc != SASL_OK )
+                       return -1;
+               }
+               break;
+#endif
+
        default:
                return -1;
        }