X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=libraries%2Flibldap%2Finit.c;h=613bd93c57152bf35df9241e1ee82a5a69d63a3d;hb=0ea43c9d7d2fbf08b2078931bebfcaf443230878;hp=d507e8cb4d82fdb3caa384f9c425019a488b5277;hpb=fe23628faac08e0723c5932f01881bae27ae042a;p=openldap

diff --git a/libraries/libldap/init.c b/libraries/libldap/init.c
index d507e8cb4d..613bd93c57 100644
--- a/libraries/libldap/init.c
+++ b/libraries/libldap/init.c
@@ -1,8 +1,18 @@
 /* $OpenLDAP$ */
-/*
- * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved.
- * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
+ *
+ * Copyright 1998-2005 The OpenLDAP Foundation.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted only as authorized by the OpenLDAP
+ * Public License.
+ *
+ * A copy of this license is available in the file LICENSE in the
+ * top-level directory of the distribution or, alternatively, at
+ * <http://www.OpenLDAP.org/license.html>.
  */
+
 #include "portable.h"
 
 #include <stdio.h>
@@ -13,7 +23,9 @@
 #include <ac/ctype.h>
 #include <ac/time.h>
 
+#ifdef HAVE_LIMITS_H
 #include <limits.h>
+#endif
 
 #include "ldap-int.h"
 #include "ldap_defaults.h"
@@ -26,8 +38,10 @@ struct ldapoptions ldap_int_global_options =
 #define ATTR_INT	2
 #define ATTR_KV		3
 #define ATTR_STRING	4
-#define ATTR_TLS	5
-#define ATTR_URIS	6
+#define ATTR_OPTION	5
+
+#define ATTR_SASL	6
+#define ATTR_TLS	7
 
 struct ol_keyvalue {
 	const char *		key;
@@ -61,32 +75,42 @@ static const struct ol_attribute {
 		offsetof(struct ldapoptions, ldo_defbase)},
 	{0, ATTR_INT,		"PORT",			NULL,		/* deprecated */
 		offsetof(struct ldapoptions, ldo_defport)},
-	{0, ATTR_URIS,		"HOST",			NULL,	1},	/* deprecated */
-	{0, ATTR_URIS,		"URI",			NULL,	0}, /* replaces HOST/URI */
+	{0, ATTR_OPTION,	"HOST",			NULL,	LDAP_OPT_HOST_NAME}, /* deprecated */
+	{0, ATTR_OPTION,	"URI",			NULL,	LDAP_OPT_URI}, /* replaces HOST/PORT */
 	{0, ATTR_BOOL,		"REFERRALS",	NULL,	LDAP_BOOL_REFERRALS},
 	{0, ATTR_BOOL,		"RESTART",		NULL,	LDAP_BOOL_RESTART},
 
-#ifdef HAVE_TLS
-  	{0, ATTR_TLS,		"TLS",			NULL,	LDAP_OPT_X_TLS},
-	{0, ATTR_TLS,		"TLS_CERT",		NULL,	LDAP_OPT_X_TLS_CERTFILE},
-	{0, ATTR_TLS,		"TLS_KEY",		NULL,	LDAP_OPT_X_TLS_KEYFILE},
-  	{0, ATTR_TLS,		"TLS_CACERT",	NULL,	LDAP_OPT_X_TLS_CACERTFILE},
-  	{0, ATTR_TLS,		"TLS_CACERTDIR",NULL,	LDAP_OPT_X_TLS_CACERTDIR},
-  	{0, ATTR_TLS,		"TLS_REQCERT",	NULL,	LDAP_OPT_X_TLS_REQUIRE_CERT},
-	{0, ATTR_TLS,		"TLS_RANDFILE",	NULL,	LDAP_OPT_X_TLS_RANDOM_FILE},
+#ifdef HAVE_CYRUS_SASL
+	{1, ATTR_STRING,	"SASL_MECH",		NULL,
+		offsetof(struct ldapoptions, ldo_def_sasl_mech)},
+	{1, ATTR_STRING,	"SASL_REALM",		NULL,
+		offsetof(struct ldapoptions, ldo_def_sasl_realm)},
+	{1, ATTR_STRING,	"SASL_AUTHCID",		NULL,
+		offsetof(struct ldapoptions, ldo_def_sasl_authcid)},
+	{1, ATTR_STRING,	"SASL_AUTHZID",		NULL,
+		offsetof(struct ldapoptions, ldo_def_sasl_authzid)},
+	{0, ATTR_SASL,		"SASL_SECPROPS",	NULL,	LDAP_OPT_X_SASL_SECPROPS},
 #endif
 
-#ifdef HAVE_CYRUS_SASL
-	{0, ATTR_INT,		"SASL_MINSSF",	NULL,
-		offsetof(struct ldapoptions, ldo_sasl_minssf)},
-	{0, ATTR_INT,		"SASL_MAXSSF",	NULL,
-		offsetof(struct ldapoptions, ldo_sasl_maxssf)},
+#ifdef HAVE_TLS
+	{1, ATTR_TLS,	"TLS_CERT",			NULL,	LDAP_OPT_X_TLS_CERTFILE},
+	{1, ATTR_TLS,	"TLS_KEY",			NULL,	LDAP_OPT_X_TLS_KEYFILE},
+  	{0, ATTR_TLS,	"TLS_CACERT",		NULL,	LDAP_OPT_X_TLS_CACERTFILE},
+  	{0, ATTR_TLS,	"TLS_CACERTDIR",	NULL,	LDAP_OPT_X_TLS_CACERTDIR},
+  	{0, ATTR_TLS,	"TLS_REQCERT",		NULL,	LDAP_OPT_X_TLS_REQUIRE_CERT},
+	{0, ATTR_TLS,	"TLS_RANDFILE",		NULL,	LDAP_OPT_X_TLS_RANDOM_FILE},
+	{0, ATTR_TLS,	"TLS_CIPHER_SUITE",	NULL,	LDAP_OPT_X_TLS_CIPHER_SUITE},
+
+#ifdef HAVE_OPENSSL_CRL
+	{0, ATTR_TLS,	"TLS_CRLCHECK",		NULL,	LDAP_OPT_X_TLS_CRLCHECK},
+#endif
+        
 #endif
 
 	{0, ATTR_NONE,		NULL,		NULL,	0}
 };
 
-#define MAX_LDAP_ATTR_LEN  sizeof("TLS_CACERTDIR")
+#define MAX_LDAP_ATTR_LEN  sizeof("TLS_CIPHER_SUITE")
 #define MAX_LDAP_ENV_PREFIX_LEN 8
 
 static void openldap_ldap_init_w_conf(
@@ -204,19 +228,21 @@ static void openldap_ldap_init_w_conf(
 				if (* (char**) p != NULL) LDAP_FREE(* (char**) p);
 				* (char**) p = LDAP_STRDUP(opt);
 				break;
+			case ATTR_OPTION:
+				ldap_set_option( NULL, attrs[i].offset, opt );
+				break;
+			case ATTR_SASL:
+#ifdef HAVE_CYRUS_SASL
+			   	ldap_int_sasl_config( gopts, attrs[i].offset, opt );
+#endif
+				break;
 			case ATTR_TLS:
 #ifdef HAVE_TLS
-			   	ldap_pvt_tls_config( gopts, attrs[i].offset, opt );
+			   	ldap_int_tls_config( NULL, attrs[i].offset, opt );
 #endif
 				break;
-			case ATTR_URIS:
-				if (attrs[i].offset == 0) {
-					ldap_set_option( NULL, LDAP_OPT_URI, opt );
-				} else {
-					ldap_set_option( NULL, LDAP_OPT_HOST_NAME, opt );
-				}
-				break;
 			}
+
 			break;
 		}
 	}
@@ -244,7 +270,7 @@ static void openldap_ldap_init_w_userconf(const char *file)
 	if (home != NULL) {
 		Debug(LDAP_DEBUG_TRACE, "ldap_init: HOME env is %s\n",
 		      home, 0, 0);
-		path = LDAP_MALLOC(strlen(home) + strlen(file) + 3);
+		path = LDAP_MALLOC(strlen(home) + strlen(file) + sizeof( LDAP_DIRSEP "."));
 	} else {
 		Debug(LDAP_DEBUG_TRACE, "ldap_init: HOME env is NULL\n",
 		      0, 0, 0);
@@ -254,11 +280,11 @@ static void openldap_ldap_init_w_userconf(const char *file)
 		/* we assume UNIX path syntax is used... */
 
 		/* try ~/file */
-		sprintf(path, "%s/%s", home, file);
+		sprintf(path, "%s" LDAP_DIRSEP "%s", home, file);
 		openldap_ldap_init_w_conf(path, 1);
 
 		/* try ~/.file */
-		sprintf(path, "%s/.%s", home, file);
+		sprintf(path, "%s" LDAP_DIRSEP ".%s", home, file);
 		openldap_ldap_init_w_conf(path, 1);
 	}
 
@@ -338,22 +364,53 @@ static void openldap_ldap_init_w_env(
 				* (char**) p = LDAP_STRDUP(value);
 			}
 			break;
+		case ATTR_OPTION:
+			ldap_set_option( NULL, attrs[i].offset, value );
+			break;
+		case ATTR_SASL:
+#ifdef HAVE_CYRUS_SASL
+		   	ldap_int_sasl_config( gopts, attrs[i].offset, value );
+#endif			 	
+		   	break;
 		case ATTR_TLS:
 #ifdef HAVE_TLS
-		   	ldap_pvt_tls_config( gopts, attrs[i].offset, value );
+		   	ldap_int_tls_config( NULL, attrs[i].offset, value );
 #endif			 	
 		   	break;
-		case ATTR_URIS:
-			if (attrs[i].offset == 0) {
-				ldap_set_option( NULL, LDAP_OPT_URI, value );
-			} else {
-				ldap_set_option( NULL, LDAP_OPT_HOST_NAME, value );
-			}
-			break;
 		}
 	}
 }
 
+#if defined(__GNUC__)
+/* Declare this function as a destructor so that it will automatically be
+ * invoked either at program exit (if libldap is a static library) or
+ * at unload time (if libldap is a dynamic library).
+ *
+ * Sorry, don't know how to handle this for non-GCC environments.
+ */
+static void ldap_int_destroy_global_options(void)
+	__attribute__ ((destructor));
+#endif
+
+static void
+ldap_int_destroy_global_options(void)
+{
+	struct ldapoptions *gopts = LDAP_INT_GLOBAL_OPT();
+
+	if ( gopts == NULL )
+		return;
+
+	gopts->ldo_valid = LDAP_UNINITIALIZED;
+
+	if ( gopts->ldo_defludp ) {
+		ldap_free_urllist( gopts->ldo_defludp );
+		gopts->ldo_defludp = NULL;
+	}
+#if defined(HAVE_WINSOCK) || defined(HAVE_WINSOCK2)
+	WSACleanup( );
+#endif
+}
+
 /* 
  * Initialize the global options structure with default values.
  */
@@ -372,50 +429,112 @@ void ldap_int_initialize_global_options( struct ldapoptions *gopts, int *dbglvl
 	gopts->ldo_tm_api = (struct timeval *)NULL;
 	gopts->ldo_tm_net = (struct timeval *)NULL;
 
-	/* ldo_defludp is leaked, we should have an at_exit() handler
-	 * to free this and whatever else needs to cleaned up. 
+	/* ldo_defludp will be freed by the termination handler
 	 */
 	ldap_url_parselist(&gopts->ldo_defludp, "ldap://localhost/");
 	gopts->ldo_defport = LDAP_PORT;
+#if !defined(__GNUC__) && !defined(PIC)
+	/* Do this only for a static library, and only if we can't
+	 * arrange for it to be executed as a library destructor
+	 */
+	atexit(ldap_int_destroy_global_options);
+#endif
 
 	gopts->ldo_refhoplimit = LDAP_DEFAULT_REFHOPLIMIT;
-	gopts->ldo_rebindproc = NULL;
+	gopts->ldo_rebind_proc = NULL;
+	gopts->ldo_rebind_params = NULL;
 
 	LDAP_BOOL_ZERO(gopts);
 
 	LDAP_BOOL_SET(gopts, LDAP_BOOL_REFERRALS);
 
-#ifdef HAVE_TLS
-   	gopts->ldo_tls_ctx = NULL;
+#ifdef LDAP_CONNECTIONLESS
+	gopts->ldo_peer = NULL;
+	gopts->ldo_cldapdn = NULL;
+	gopts->ldo_is_udp = 0;
 #endif
+
 #ifdef HAVE_CYRUS_SASL
-	gopts->ldo_sasl_minssf = 0;
-	gopts->ldo_sasl_maxssf = INT_MAX;
+	gopts->ldo_def_sasl_mech = NULL;
+	gopts->ldo_def_sasl_realm = NULL;
+	gopts->ldo_def_sasl_authcid = NULL;
+	gopts->ldo_def_sasl_authzid = NULL;
+
+	memset( &gopts->ldo_sasl_secprops,
+		'\0', sizeof(gopts->ldo_sasl_secprops) );
+
+	gopts->ldo_sasl_secprops.max_ssf = INT_MAX;
+	gopts->ldo_sasl_secprops.maxbufsize = SASL_MAX_BUFF_SIZE;
+	gopts->ldo_sasl_secprops.security_flags =
+		SASL_SEC_NOPLAINTEXT | SASL_SEC_NOANONYMOUS;
 #endif
 
-	gopts->ldo_valid = LDAP_INITIALIZED;
+#ifdef HAVE_TLS
+	gopts->ldo_tls_connect_cb = NULL;
+	gopts->ldo_tls_connect_arg = NULL;
+#endif
 
+	gopts->ldo_valid = LDAP_INITIALIZED;
    	return;
 }
 
+#if defined(LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND) \
+	|| defined(HAVE_TLS) || defined(HAVE_CYRUS_SASL)
+char * ldap_int_hostname = NULL;
+#endif
+
 void ldap_int_initialize( struct ldapoptions *gopts, int *dbglvl )
 {
 	if ( gopts->ldo_valid == LDAP_INITIALIZED ) {
 		return;
 	}
 
+	ldap_int_error_init();
+
 	ldap_int_utils_init();
 
-#ifdef HAVE_TLS
-   	ldap_pvt_tls_init();
+#ifdef HAVE_WINSOCK2
+{	WORD wVersionRequested;
+	WSADATA wsaData;
+ 
+	wVersionRequested = MAKEWORD( 2, 0 );
+	if ( WSAStartup( wVersionRequested, &wsaData ) != 0 ) {
+		/* Tell the user that we couldn't find a usable */
+		/* WinSock DLL.                                  */
+		return;
+	}
+ 
+	/* Confirm that the WinSock DLL supports 2.0.*/
+	/* Note that if the DLL supports versions greater    */
+	/* than 2.0 in addition to 2.0, it will still return */
+	/* 2.0 in wVersion since that is the version we      */
+	/* requested.                                        */
+ 
+	if ( LOBYTE( wsaData.wVersion ) != 2 ||
+		HIBYTE( wsaData.wVersion ) != 0 )
+	{
+	    /* Tell the user that we couldn't find a usable */
+	    /* WinSock DLL.                                  */
+	    WSACleanup( );
+	    return; 
+	}
+}	/* The WinSock DLL is acceptable. Proceed. */
+#elif HAVE_WINSOCK
+{	WSADATA wsaData;
+	if ( WSAStartup( 0x0101, &wsaData ) != 0 ) {
+	    return;
+	}
+}
 #endif
 
-#ifdef HAVE_CYRUS_SASL
-	ldap_pvt_sasl_init();
+#if defined(LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND) \
+	|| defined(HAVE_TLS) || defined(HAVE_CYRUS_SASL)
+	ldap_int_hostname = ldap_pvt_get_fqdn( ldap_int_hostname );
 #endif
 
-	if ( ldap_int_tblsize == 0 )
-		ldap_int_ip_init();
+#ifndef HAVE_POLL
+	if ( ldap_int_tblsize == 0 ) ldap_int_ip_init();
+#endif
 
 	ldap_int_initialize_global_options(gopts, NULL);
 
@@ -423,6 +542,20 @@ void ldap_int_initialize( struct ldapoptions *gopts, int *dbglvl )
 		return;
 	}
 
+#ifdef HAVE_CYRUS_SASL
+	{
+		/* set authentication identity to current user name */
+		char *user = getenv("USER");
+
+		if( user == NULL ) user = getenv("USERNAME");
+		if( user == NULL ) user = getenv("LOGNAME");
+
+		if( user != NULL ) {
+			gopts->ldo_def_sasl_authcid = user;
+		}
+    }
+#endif
+
 	openldap_ldap_init_w_sysconf(LDAP_CONF_FILE);
 	openldap_ldap_init_w_userconf(LDAP_USERRC_FILE);