#ifdef HAVE_CYRUS_SASL
#include <limits.h>
-#ifdef HAVE_CYRUS_SASL2
+
+#ifdef HAVE_SASL_SASL_H
#include <sasl/sasl.h>
+#else
+#include <sasl.h>
+#endif
+
+#if SASL_VERSION_MAJOR >= 2
#include <lutil.h>
#define SASL_CONST const
#else
-#include <sasl.h>
#define SASL_CONST
#endif
}
switch (priority) {
-#ifdef HAVE_CYRUS_SASL2
+#if SASL_VERSION_MAJOR >= 2
case SASL_LOG_NONE:
level = LDAP_DEBUG_NONE;
label = "None";
static struct berval ext_bv = { sizeof("EXTERNAL")-1, "EXTERNAL" };
-int slap_sasl_getdn( Connection *conn, char *id, char *user_realm, struct berval *dn, int flags )
+int slap_sasl_getdn( Connection *conn, char *id,
+ char *user_realm, struct berval *dn, int flags )
{
char *c1;
int rc, len, is_dn = 0;
return( LDAP_SUCCESS );
}
-#ifdef HAVE_CYRUS_SASL2
+#if SASL_VERSION_MAJOR >= 2
static int
slap_sasl_checkpass(
sasl_conn_t *sconn,
}
if ( dn.bv_len == 0 ) {
- sasl_seterror( sconn, 0, "No password is associated with the Root DSE" );
+ sasl_seterror( sconn, 0,
+ "No password is associated with the Root DSE" );
if ( dn.bv_val != NULL ) {
ch_free( dn.bv_val );
}
#endif
/* Figure out how much data we have for the dn */
- rc = sasl_getprop( ctx, SASL_REALM, (void **)&realm );
+ rc = sasl_getprop( conn->c_sasl_context, SASL_REALM, (void **)&realm );
if( rc != SASL_OK && rc != SASL_NOTDONE ) {
#ifdef NEW_LOGGING
LDAP_LOG(( "sasl", LDAP_LEVEL_ERR,
*errstr = NULL;
return SASL_OK;
}
-#endif /* HAVE_CYRUS_SASL2 */
+#endif /* SASL_VERSION_MAJOR >= 2 */
static int
slap_sasl_err2ldap( int saslerr )
int slap_sasl_open( Connection *conn )
{
- int sc = LDAP_SUCCESS;
-#ifdef HAVE_CYRUS_SASL2
+ int cb, sc = LDAP_SUCCESS;
+#if SASL_VERSION_MAJOR >= 2
char *ipremoteport = NULL, *iplocalport = NULL;
#endif
conn->c_sasl_layers = 0;
session_callbacks =
-#ifdef HAVE_CYRUS_SASL2
+#if SASL_VERSION_MAJOR >= 2
ch_calloc( 5, sizeof(sasl_callback_t));
#else
ch_calloc( 3, sizeof(sasl_callback_t));
#endif
conn->c_sasl_extra = session_callbacks;
- session_callbacks[0].id = SASL_CB_LOG;
- session_callbacks[0].proc = &slap_sasl_log;
- session_callbacks[0].context = conn;
-
- session_callbacks[1].id = SASL_CB_PROXY_POLICY;
- session_callbacks[1].proc = &slap_sasl_authorize;
- session_callbacks[1].context = conn;
+ session_callbacks[cb=0].id = SASL_CB_LOG;
+ session_callbacks[cb].proc = &slap_sasl_log;
+ session_callbacks[cb++].context = conn;
-#ifdef HAVE_CYRUS_SASL2
- session_callbacks[2].id = SASL_CB_CANON_USER;
- session_callbacks[2].proc = &slap_sasl_canonicalize;
- session_callbacks[2].context = conn;
+ session_callbacks[cb].id = SASL_CB_PROXY_POLICY;
+ session_callbacks[cb].proc = &slap_sasl_authorize;
+ session_callbacks[cb++].context = conn;
- session_callbacks[3].id = SASL_CB_SERVER_USERDB_CHECKPASS;
- session_callbacks[3].proc = &slap_sasl_checkpass;
- session_callbacks[3].context = conn;
+#if SASL_VERSION_MAJOR >= 2
+ session_callbacks[cb].id = SASL_CB_CANON_USER;
+ session_callbacks[cb].proc = &slap_sasl_canonicalize;
+ session_callbacks[cb++].context = conn;
- session_callbacks[4].id = SASL_CB_LIST_END;
- session_callbacks[4].proc = NULL;
- session_callbacks[4].context = NULL;
-#else
- session_callbacks[2].id = SASL_CB_LIST_END;
- session_callbacks[2].proc = NULL;
- session_callbacks[2].context = NULL;
+ /* XXXX: this should be conditional */
+ session_callbacks[cb].id = SASL_CB_SERVER_USERDB_CHECKPASS;
+ session_callbacks[cb].proc = &slap_sasl_checkpass;
+ session_callbacks[cb++].context = conn;
#endif
+ session_callbacks[cb].id = SASL_CB_LIST_END;
+ session_callbacks[cb].proc = NULL;
+ session_callbacks[cb++].context = NULL;
+
if( global_host == NULL ) {
global_host = ldap_pvt_get_fqdn( NULL );
}
/* create new SASL context */
-#ifdef HAVE_CYRUS_SASL2
+#if SASL_VERSION_MAJOR >= 2
if ( conn->c_sock_name.bv_len != 0 &&
strncmp( conn->c_sock_name.bv_val, "IP=", 3 ) == 0) {
char *p;
slap_ssf_t ssf,
const char *auth_id )
{
-#if defined(HAVE_CYRUS_SASL2)
+#if SASL_VERSION_MAJOR >= 2
int sc;
sasl_conn_t *ctx = conn->c_sasl_context;
if ( sc != SASL_OK ) {
return LDAP_OTHER;
}
+
#elif defined(HAVE_CYRUS_SASL)
int sc;
sasl_conn_t *ctx = conn->c_sasl_context;
mechs = str2charray( mechstr, "," );
-#ifndef HAVE_CYRUS_SASL2
+#if SASL_VERSION_MAJOR < 2
ch_free( mechstr );
#endif
}
return rc;
}
-#ifdef HAVE_CYRUS_SASL2
+#if SASL_VERSION_MAJOR >= 2
#define START( ctx, mech, cred, clen, resp, rlen, err ) \
sasl_server_start( ctx, mech, cred, clen, resp, rlen )
#define STEP( ctx, cred, clen, resp, rlen, err ) \
char *username = NULL;
char *realm = NULL;
-#ifdef HAVE_CYRUS_SASL2
+#if SASL_VERSION_MAJOR >= 2
sc = sasl_getprop( ctx, SASL_DEFUSERREALM, (const void **)&realm );
#else
sc = sasl_getprop( ctx, SASL_REALM, (void **)&realm );
NULL, errstr, NULL, NULL );
}
-#ifndef HAVE_CYRUS_SASL2
+#if SASL_VERSION_MAJOR < 2
if( response.bv_len ) {
ch_free( response.bv_val );
}