+/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
- * Copyright 2004 The OpenLDAP Foundation.
+ * Copyright 2004-2009 The OpenLDAP Foundation.
* Portions Copyright 2004 Pierangelo Masarati.
* All rights reserved.
*
static int
do_check( Connection *c, Operation *op, struct berval *id )
{
- struct berval authcDN;
+ struct berval authcdn;
int rc;
- rc = slap_sasl_getdn( c, op, id, NULL, &authcDN, SLAP_GETDN_AUTHCID );
+ rc = slap_sasl_getdn( c, op, id, realm, &authcdn, SLAP_GETDN_AUTHCID );
if ( rc != LDAP_SUCCESS ) {
fprintf( stderr, "ID: <%s> check failed %d (%s)\n",
id->bv_val, rc,
} else {
if ( !BER_BVISNULL( &authzID ) ) {
- rc = slap_sasl_authorized( op, &authcDN, &authzID );
+ rc = slap_sasl_authorized( op, &authcdn, &authzID );
fprintf( stderr,
"ID: <%s>\n"
"authzDN: <%s>\n"
"authorization %s\n",
id->bv_val,
- authcDN.bv_val,
+ authcdn.bv_val,
authzID.bv_val,
rc == LDAP_SUCCESS ? "OK" : "failed" );
fprintf( stderr, "ID: <%s> check succeeded\n"
"authcID: <%s>\n",
id->bv_val,
- authcDN.bv_val );
- op->o_tmpfree( authcDN.bv_val, op->o_tmpmemctx );
+ authcdn.bv_val );
+ op->o_tmpfree( authcdn.bv_val, op->o_tmpmemctx );
}
rc = 0;
}
{
int rc = EXIT_SUCCESS;
const char *progname = "slapauth";
- Connection conn;
- Operation op;
+ Connection conn = {0};
+ OperationBuffer opbuf;
+ Operation *op;
-#ifdef NEW_LOGGING
- lutil_log_initialize( argc, argv );
-#endif
slap_tool_init( progname, SLAPAUTH, argc, argv );
argv = &argv[ optind ];
argc -= optind;
- memset( &conn, 0, sizeof( Connection ) );
- memset( &op, 0, sizeof( Operation ) );
+ connection_fake_init( &conn, &opbuf, &conn );
+ op = &opbuf.ob_op;
- connection_fake_init( &conn, &op, &conn );
+ conn.c_sasl_bind_mech = mech;
if ( !BER_BVISNULL( &authzID ) ) {
- struct berval authzDN;
+ struct berval authzdn;
- rc = slap_sasl_getdn( &conn, &op, &authzID, NULL, &authzDN,
+ rc = slap_sasl_getdn( &conn, op, &authzID, NULL, &authzdn,
SLAP_GETDN_AUTHZID );
if ( rc != LDAP_SUCCESS ) {
fprintf( stderr, "authzID: <%s> check failed %d (%s)\n",
goto destroy;
}
- authzID = authzDN;
+ authzID = authzdn;
}
if ( !BER_BVISNULL( &authcID ) ) {
if ( !BER_BVISNULL( &authzID ) || argc == 0 ) {
- rc = do_check( &conn, &op, &authcID );
+ rc = do_check( &conn, op, &authcID );
goto destroy;
}
for ( ; argc--; argv++ ) {
- struct berval authzDN;
+ struct berval authzdn;
ber_str2bv( argv[ 0 ], 0, 0, &authzID );
- rc = slap_sasl_getdn( &conn, &op, &authzID, NULL, &authzDN,
+ rc = slap_sasl_getdn( &conn, op, &authzID, NULL, &authzdn,
SLAP_GETDN_AUTHZID );
if ( rc != LDAP_SUCCESS ) {
fprintf( stderr, "authzID: <%s> check failed %d (%s)\n",
authzID.bv_val, rc,
ldap_err2string( rc ) );
- rc = 1;
+ rc = -1;
BER_BVZERO( &authzID );
- goto destroy;
+ if ( !continuemode ) {
+ goto destroy;
+ }
}
- authzID = authzDN;
+ authzID = authzdn;
- rc = do_check( &conn, &op, &authcID );
+ rc = do_check( &conn, op, &authcID );
- op.o_tmpfree( authzID.bv_val, op.o_tmpmemctx );
+ op->o_tmpfree( authzID.bv_val, op->o_tmpmemctx );
BER_BVZERO( &authzID );
- if ( rc ) {
+ if ( rc && !continuemode ) {
goto destroy;
}
}
ber_str2bv( argv[ 0 ], 0, 0, &id );
- rc = do_check( &conn, &op, &id );
+ rc = do_check( &conn, op, &id );
- if ( rc ) {
+ if ( rc && !continuemode ) {
goto destroy;
}
}
destroy:;
if ( !BER_BVISNULL( &authzID ) ) {
- op.o_tmpfree( authzID.bv_val, op.o_tmpmemctx );
+ op->o_tmpfree( authzID.bv_val, op->o_tmpmemctx );
}
- slap_tool_destroy();
+ if ( slap_tool_destroy())
+ rc = EXIT_FAILURE;
return rc;
}