X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=libraries%2Flibldap%2Fkbind.c;h=731a8b5fc6c25c5b43df0c5efc47a78bf71e3f10;hb=403f4479bc9f9a864122d4aeecf7284408918302;hp=9a0f4a1e008cd0b27c28871eeae65d496ae98223;hpb=4d2761a6a64eaa1c4d5f7949277ecfe25b42ca83;p=openldap diff --git a/libraries/libldap/kbind.c b/libraries/libldap/kbind.c index 9a0f4a1e00..731a8b5fc6 100644 --- a/libraries/libldap/kbind.c +++ b/libraries/libldap/kbind.c @@ -1,3 +1,4 @@ +/* $OpenLDAP$ */ /* * Copyright 1998-1999 The OpenLDAP Foundation, All Rights Reserved. * COPYING RESTRICTIONS APPLY, see COPYRIGHT file @@ -9,12 +10,33 @@ * kbind.c */ +/* + * BindRequest ::= SEQUENCE { + * version INTEGER, + * name DistinguishedName, -- who + * authentication CHOICE { + * simple [0] OCTET STRING -- passwd +#ifdef HAVE_KERBEROS + * krbv42ldap [1] OCTET STRING + * krbv42dsa [2] OCTET STRING +#endif + * sasl [3] SaslCredentials -- LDAPv3 + * } + * } + * + * BindResponse ::= SEQUENCE { + * COMPONENTS OF LDAPResult, + * serverSaslCreds OCTET STRING OPTIONAL -- LDAPv3 + * } + * + */ + #include "portable.h" #ifdef HAVE_KERBEROS #include -#include +#include #include #include @@ -35,28 +57,16 @@ * ldap_kerberos_bind1( ld, "cn=manager, o=university of michigan, c=us" ) */ int -ldap_kerberos_bind1( LDAP *ld, char *dn ) +ldap_kerberos_bind1( LDAP *ld, LDAP_CONST char *dn ) { BerElement *ber; char *cred; - int rc, credlen; + int rc; + ber_len_t credlen; #ifdef STR_TRANSLATION int str_translation_on; #endif /* STR_TRANSLATION */ - /* - * The bind request looks like this: - * BindRequest ::= SEQUENCE { - * version INTEGER, - * name DistinguishedName, - * authentication CHOICE { - * krbv42ldap [1] OCTET STRING - * krbv42dsa [2] OCTET STRING - * } - * } - * all wrapped up in an LDAPMessage sequence. - */ - Debug( LDAP_DEBUG_TRACE, "ldap_kerberos_bind1\n", 0, 0, 0 ); if ( dn == NULL ) @@ -68,8 +78,8 @@ ldap_kerberos_bind1( LDAP *ld, char *dn ) } /* create a message to send */ - if ( (ber = ldap_alloc_ber_with_options( ld )) == NULLBER ) { - free( cred ); + if ( (ber = ldap_alloc_ber_with_options( ld )) == NULL ) { + LDAP_FREE( cred ); return( -1 ); } @@ -91,13 +101,13 @@ ldap_kerberos_bind1( LDAP *ld, char *dn ) #endif /* STR_TRANSLATION */ if ( rc == -1 ) { - free( cred ); + LDAP_FREE( cred ); ber_free( ber, 1 ); ld->ld_errno = LDAP_ENCODING_ERROR; return( -1 ); } - free( cred ); + LDAP_FREE( cred ); #ifndef LDAP_NOCACHE if ( ld->ld_cache != NULL ) { @@ -110,7 +120,7 @@ ldap_kerberos_bind1( LDAP *ld, char *dn ) } int -ldap_kerberos_bind1_s( LDAP *ld, char *dn ) +ldap_kerberos_bind1_s( LDAP *ld, LDAP_CONST char *dn ) { int msgid; LDAPMessage *res; @@ -141,11 +151,12 @@ ldap_kerberos_bind1_s( LDAP *ld, char *dn ) * ldap_kerberos_bind2( ld, "cn=manager, o=university of michigan, c=us" ) */ int -ldap_kerberos_bind2( LDAP *ld, char *dn ) +ldap_kerberos_bind2( LDAP *ld, LDAP_CONST char *dn ) { BerElement *ber; char *cred; - int rc, credlen; + int rc; + ber_len_t credlen; #ifdef STR_TRANSLATION int str_translation_on; #endif /* STR_TRANSLATION */ @@ -161,8 +172,8 @@ ldap_kerberos_bind2( LDAP *ld, char *dn ) } /* create a message to send */ - if ( (ber = ldap_alloc_ber_with_options( ld )) == NULLBER ) { - free( cred ); + if ( (ber = ldap_alloc_ber_with_options( ld )) == NULL ) { + LDAP_FREE( cred ); return( -1 ); } @@ -184,7 +195,7 @@ ldap_kerberos_bind2( LDAP *ld, char *dn ) } #endif /* STR_TRANSLATION */ - free( cred ); + LDAP_FREE( cred ); if ( rc == -1 ) { ber_free( ber, 1 ); @@ -198,7 +209,7 @@ ldap_kerberos_bind2( LDAP *ld, char *dn ) /* synchronous bind to DSA using kerberos */ int -ldap_kerberos_bind2_s( LDAP *ld, char *dn ) +ldap_kerberos_bind2_s( LDAP *ld, LDAP_CONST char *dn ) { int msgid; LDAPMessage *res; @@ -220,7 +231,7 @@ ldap_kerberos_bind2_s( LDAP *ld, char *dn ) /* synchronous bind to ldap and DSA using kerberos */ int -ldap_kerberos_bind_s( LDAP *ld, char *dn ) +ldap_kerberos_bind_s( LDAP *ld, LDAP_CONST char *dn ) { int err; @@ -241,7 +252,11 @@ ldap_kerberos_bind_s( LDAP *ld, char *dn ) */ char * -ldap_get_kerberosv4_credentials( LDAP *ld, char *who, char *service, int *len ) +ldap_get_kerberosv4_credentials( + LDAP *ld, + LDAP_CONST char *who, + LDAP_CONST char *service, + ber_len_t *len ) { KTEXT_ST ktxt; int err; @@ -258,11 +273,7 @@ ldap_get_kerberosv4_credentials( LDAP *ld, char *who, char *service, int *len ) return( NULL ); } -#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_REFERRALS krbinstance = ld->ld_defconn->lconn_krbinstance; -#else /* LDAP_API_FEATURE_X_OPENLDAP_V2_REFERRALS */ - krbinstance = ld->ld_host; -#endif /* LDAP_API_FEATURE_X_OPENLDAP_V2_REFERRALS */ if ( (err = krb_mk_req( &ktxt, service, krbinstance, realm, 0 )) != KSUCCESS ) { @@ -273,7 +284,7 @@ ldap_get_kerberosv4_credentials( LDAP *ld, char *who, char *service, int *len ) return( NULL ); } - if ( ( cred = malloc( ktxt.length )) == NULL ) { + if ( ( cred = LDAP_MALLOC( ktxt.length )) == NULL ) { ld->ld_errno = LDAP_NO_MEMORY; return( NULL ); }