ITS#6684

[openldap] / libraries / libldap / cyrus.c

diff --git a/libraries/libldap/cyrus.c b/libraries/libldap/cyrus.c
index fe12efae82b3fd625d273cde0f82c0bda44d63dd..9bd5938dc400d23c4fc716dbb44eeda648b40bcf 100644 (file)
--- a/libraries/libldap/cyrus.c
+++ b/libraries/libldap/cyrus.c
@@ -1,7 +1,7 @@
 /* $OpenLDAP$ */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 1998-2009 The OpenLDAP Foundation.
+ * Copyright 1998-2010 The OpenLDAP Foundation.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -410,9 +410,7 @@ ldap_int_sasl_bind(
        }
 
        rc = 0;
-#ifdef LDAP_R_COMPILE
-       ldap_pvt_thread_mutex_lock( &ld->ld_req_mutex );
-#endif
+       LDAP_MUTEX_LOCK( &ld->ld_req_mutex );
        ber_sockbuf_ctrl( ld->ld_sb, LBER_SB_OPT_GET_FD, &sd );
 
        if ( sd == AC_SOCKET_INVALID ) {
@@ -430,9 +428,7 @@ ldap_int_sasl_bind(
                        }
                }
        }   
-#ifdef LDAP_R_COMPILE
-       ldap_pvt_thread_mutex_unlock( &ld->ld_req_mutex );
-#endif
+       LDAP_MUTEX_UNLOCK( &ld->ld_req_mutex );
        if( rc != 0 ) return ld->ld_errno;
 
        oldctx = ld->ld_defconn->lconn_sasl_authctx;
@@ -467,6 +463,7 @@ ldap_int_sasl_bind(
 
        ctx = ld->ld_defconn->lconn_sasl_authctx;
 
+#ifdef HAVE_TLS
        /* Check for TLS */
        ssl = ldap_pvt_tls_sb_ctx( ld->ld_defconn->lconn_sb );
        if ( ssl ) {
@@ -480,6 +477,7 @@ ldap_int_sasl_bind(
                (void) ldap_int_sasl_external( ld, ld->ld_defconn, authid.bv_val, fac );
                LDAP_FREE( authid.bv_val );
        }
+#endif
 
 #if !defined(_WIN32)
        /* Check for local */
@@ -1011,10 +1009,54 @@ ldap_int_sasl_get_option( LDAP *ld, int option, void *arg )
                        *(int *)arg = (int) LDAP_BOOL_GET(&ld->ld_options, LDAP_BOOL_SASL_NOCANON );
                        break;
 
+               case LDAP_OPT_X_SASL_USERNAME: {
+                       int sc;
+                       char *username;
+                       sasl_conn_t *ctx;
+
+                       if( ld->ld_defconn == NULL ) {
+                               return -1;
+                       }
+
+                       ctx = ld->ld_defconn->lconn_sasl_authctx;
+
+                       if ( ctx == NULL ) {
+                               return -1;
+                       }
+
+                       sc = sasl_getprop( ctx, SASL_USERNAME,
+                               (SASL_CONST void **)(char **) &username );
+
+                       if ( sc != SASL_OK ) {
+                               return -1;
+                       }
+
+                       *(char **)arg = username ? LDAP_STRDUP( username ) : NULL;
+               } break;
+
                case LDAP_OPT_X_SASL_SECPROPS:
                        /* this option is write only */
                        return -1;
 
+#ifdef SASL_GSS_CREDS
+               case LDAP_OPT_X_SASL_GSS_CREDS: {
+                       sasl_conn_t *ctx;
+                       int sc;
+
+                       if ( ld->ld_defconn == NULL )
+                               return -1;
+
+                       ctx = ld->ld_defconn->lconn_sasl_authctx;
+                       if ( ctx == NULL )
+                               return -1;
+
+                       sc = sasl_getprop( ctx, SASL_GSS_CREDS, arg );
+                       if ( sc != SASL_OK )
+                               return -1;
+                       }
+                       break;
+#endif
+
                default:
                        return -1;
        }
@@ -1032,6 +1074,7 @@ ldap_int_sasl_set_option( LDAP *ld, int option, void *arg )
 
        switch ( option ) {
        case LDAP_OPT_X_SASL_SSF:
+       case LDAP_OPT_X_SASL_USERNAME:
                /* This option is read-only */
                return -1;
 
@@ -1096,6 +1139,25 @@ ldap_int_sasl_set_option( LDAP *ld, int option, void *arg )
                return sc == LDAP_SUCCESS ? 0 : -1;
                }
 
+#ifdef SASL_GSS_CREDS
+       case LDAP_OPT_X_SASL_GSS_CREDS: {
+               sasl_conn_t *ctx;
+               int sc;
+
+               if ( ld->ld_defconn == NULL )
+                       return -1;
+
+               ctx = ld->ld_defconn->lconn_sasl_authctx;
+               if ( ctx == NULL )
+                       return -1;
+
+               sc = sasl_setprop( ctx, SASL_GSS_CREDS, arg );
+               if ( sc != SASL_OK )
+                       return -1;
+               }
+               break;
+#endif
+
        default:
                return -1;
        }