DEBUG(LDAP_DEBUG_TRACE,"LDAPAttribute::getAttributeByName()" << endl);
DEBUG(LDAP_DEBUG_TRACE | LDAP_DEBUG_PARAMETER,
" name:" << name << endl);
- AttrList::const_iterator i;
+ LDAPAttributeList::const_iterator i;
for( i = m_attrs.begin(); i != m_attrs.end(); i++){
const std::string& tmpType = i->getName();
if(name.size() == tmpType.size()){
const std::string::size_type attrLen = attrType.size();
std::string::size_type tmpAttrLen = 0;
bool done=false;
- AttrList::iterator i;
+ LDAPAttributeList::iterator i;
for( i=m_attrs.begin(); i != m_attrs.end(); i++ ){
const std::string tmpAttrType = i->getName();
tmpAttrLen = tmpAttrType.size();
LDAPMod** LDAPAttributeList::toLDAPModArray() const{
DEBUG(LDAP_DEBUG_TRACE,"LDAPAttribute::toLDAPModArray()" << endl);
LDAPMod **ret = (LDAPMod**) malloc((m_attrs.size()+1) * sizeof(LDAPMod*));
- AttrList::const_iterator i;
+ LDAPAttributeList::const_iterator i;
int j=0;
for (i=m_attrs.begin(); i!= m_attrs.end(); i++, j++){
ret[j]=i->toLDAPMod();
}
ostream& operator << (ostream& s, const LDAPAttributeList& al){
- AttrList::const_iterator i;
+ LDAPAttributeList::const_iterator i;
for(i=al.m_attrs.begin(); i!=al.m_attrs.end(); i++){
s << *i << "; ";
}
class LDAPAsynConnection;
class LDAPMsg;
-typedef std::list<LDAPAttribute> AttrList;
-
/**
* This container class is used to store multiple LDAPAttribute-objects.
*/
class LDAPAttributeList{
+ typedef std::list<LDAPAttribute> ListType;
+
private :
- AttrList m_attrs;
+ ListType m_attrs;
public :
- typedef AttrList::const_iterator const_iterator;
- typedef AttrList::iterator iterator;
+ typedef ListType::const_iterator const_iterator;
+ typedef ListType::iterator iterator;
/**
class LDAPEntry;
-typedef std::list<LDAPEntry> EntryList;
-
/**
* For internal use only.
*
* LDAPEntry-Objects
*/
class LDAPEntryList{
+ typedef std::list<LDAPEntry> ListType;
+
public:
- typedef EntryList::const_iterator const_iterator;
+ typedef ListType::const_iterator const_iterator;
/**
* Copy-Constructor
void addEntry(const LDAPEntry& e);
private:
- EntryList m_entries;
+ ListType m_entries;
};
#endif // LDAP_ENTRY_LIST_H
LDAPMod **ret = (LDAPMod**) malloc(
(m_modList.size()+1) * sizeof(LDAPMod*));
ret[m_modList.size()]=0;
- ModList::const_iterator i;
+ LDAPModList::ListType::const_iterator i;
int j=0;
for (i=m_modList.begin(); i != m_modList.end(); i++ , j++){
ret[j]=i->toLDAPMod();
#include <list>
#include <LDAPModification.h>
-typedef std::list<LDAPModification> ModList;
-
/**
* This container class is used to store multiple LDAPModification-objects.
*/
class LDAPModList{
+ typedef std::list<LDAPModification> ListType;
public :
/**
* Constructs an empty list.
*/
- LDAPModList();
+ LDAPModList();
/**
* Copy-constructor
* Adds one element to the end of the list.
* @param mod The LDAPModification to add to the std::list.
*/
- void addModification(const LDAPModification &mod);
+ void addModification(const LDAPModification &mod);
/**
* Translates the list to a 0-terminated array of
LDAPMod** toLDAPModArray();
private :
- ModList m_modList;
+ ListType m_modList;
};
#endif //LDAP_MOD_LIST_H
class LDAPSearchReference;
-typedef std::list<LDAPSearchReference> RefList;
-
/**
* Container class for storing a list of Search References
*
* Used internally only by LDAPSearchResults
*/
class LDAPReferenceList{
+ typedef std::list<LDAPSearchReference> ListType;
+
public:
- typedef RefList::const_iterator const_iterator;
+ typedef ListType::const_iterator const_iterator;
/**
* Constructs an empty list.
void addReference(const LDAPSearchReference& e);
private:
- RefList m_refs;
+ ListType m_refs;
};
#endif // LDAP_REFERENCE_LIST_H
LDAPUrlList::LDAPUrlList(){
DEBUG(LDAP_DEBUG_CONSTRUCT," LDAPUrlList::LDAPUrlList()" << endl);
- m_urls=UrlList();
+ m_urls=LDAPUrlList::ListType();
}
LDAPUrlList::LDAPUrlList(const LDAPUrlList& urls){
#include <list>
#include <LDAPUrl.h>
-typedef std::list<LDAPUrl> UrlList;
-
/**
* This container class is used to store multiple LDAPUrl-objects.
*/
class LDAPUrlList{
+ typedef std::list<LDAPUrl> ListType;
+
public:
- typedef UrlList::const_iterator const_iterator;
+ typedef ListType::const_iterator const_iterator;
/**
* Constructs an empty list.
void add(const LDAPUrl& url);
private :
- UrlList m_urls;
+ ListType m_urls;
};
#endif //LDAP_URL_LIST_H
LDAPSearchRequest.h
libldapcpp_la_LIBADD = -lldap -llber
-libldapcpp_la_LDFLAGS = -version-info 0:1:0
+libldapcpp_la_LDFLAGS = -version-info 0:2:0
}
StringList::StringList(const StringList& sl){
- m_data= ListType(sl.m_data);
+ m_data= StringList::ListType(sl.m_data);
}
StringList::StringList(char** values){
if(values == 0){
- m_data=ListType();
+ m_data=StringList::ListType();
}else{
char** i;
for(i=values; *i != 0; i++){
#include <string>
#include <list>
-typedef std::list<std::string> ListType;
-
/**
* Container class to store multiple string-objects
*/
class StringList{
+ typedef std::list<std::string> ListType;
+
private:
ListType m_data;
--- /dev/null
+Copyright 2004 The OpenLDAP Foundation. All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted only as authorized by the OpenLDAP
+Public License.
+
+This directory contains native slapd plugins for password mechanisms that
+are not actively supported by the project. Currently this includes the
+Kerberos and Netscape MTA-MD5 password mechanisms.
+
+To use the Kerberos plugin, add:
+
+moduleload pw-kerberos.so
+
+to your slapd configuration file.
+
+To use the Netscape plugin, add:
+
+moduleload pw-netscape.so
+
+to your slapd configuration file.
+
+No Makefile is provided. Use a command line similar to:
+
+gcc -shared -I../../../include -Wall -g -DHAVE_KRB5 -o pw-kerberos.so kerberos.c
+
+to compile the Kerberos plugin. Replace HAVE_KRB5 with HAVE_KRB4 if you want
+to use Kerberos IV. If your Kerberos header files are not in the C compiler's
+default path, you will need to add a "-I" directive for that as well.
+
+The corresponding command for the Netscape plugin would be:
+
+gcc -shared -I../../../include -Wall -g -o pw-netscape.so netscape.c
+
--- /dev/null
+/* $OpenLDAP$ */
+/*
+ * Copyright 1998-2004 The OpenLDAP Foundation.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted only as authorized by the OpenLDAP
+ * Public License.
+ *
+ * A copy of this license is available in the file LICENSE in the
+ * top-level directory of the distribution or, alternatively, at
+ * <http://www.OpenLDAP.org/license.html>.
+ */
+
+#include <string.h>
+#include <unistd.h>
+
+#include <lber.h>
+#include <lber_pvt.h> /* BER_BVC definition */
+#include "lutil.h"
+
+#ifdef HAVE_KRB5
+#include <krb5.h>
+#elif defined(HAVE_KRB4)
+#include <krb.h>
+#endif
+
+/* From <ldap_pvt.h> */
+LDAP_F( char *) ldap_pvt_get_fqdn LDAP_P(( char * ));
+
+static LUTIL_PASSWD_CHK_FUNC chk_kerberos;
+static const struct berval scheme = BER_BVC("{KERBEROS}");
+
+static int chk_kerberos(
+ const struct berval *sc,
+ const struct berval * passwd,
+ const struct berval * cred,
+ const char **text )
+{
+ unsigned int i;
+ int rtn;
+
+ for( i=0; i<cred->bv_len; i++) {
+ if(cred->bv_val[i] == '\0') {
+ return 1; /* NUL character in password */
+ }
+ }
+
+ if( cred->bv_val[i] != '\0' ) {
+ return 1; /* cred must behave like a string */
+ }
+
+ for( i=0; i<passwd->bv_len; i++) {
+ if(passwd->bv_val[i] == '\0') {
+ return 1; /* NUL character in password */
+ }
+ }
+
+ if( passwd->bv_val[i] != '\0' ) {
+ return 1; /* passwd must behave like a string */
+ }
+
+ rtn = 1;
+
+#ifdef HAVE_KRB5 /* HAVE_HEIMDAL_KRB5 */
+ {
+/* Portions:
+ * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska H\xf6gskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+ krb5_context context;
+ krb5_error_code ret;
+ krb5_creds creds;
+ krb5_get_init_creds_opt get_options;
+ krb5_verify_init_creds_opt verify_options;
+ krb5_principal client, server;
+#ifdef notdef
+ krb5_preauthtype pre_auth_types[] = {KRB5_PADATA_ENC_TIMESTAMP};
+#endif
+
+ ret = krb5_init_context( &context );
+ if (ret) {
+ return 1;
+ }
+
+#ifdef notdef
+ krb5_get_init_creds_opt_set_preauth_list(&get_options,
+ pre_auth_types, 1);
+#endif
+
+ krb5_get_init_creds_opt_init( &get_options );
+
+ krb5_verify_init_creds_opt_init( &verify_options );
+
+ ret = krb5_parse_name( context, passwd->bv_val, &client );
+
+ if (ret) {
+ krb5_free_context( context );
+ return 1;
+ }
+
+ ret = krb5_get_init_creds_password( context,
+ &creds, client, cred->bv_val, NULL,
+ NULL, 0, NULL, &get_options );
+
+ if (ret) {
+ krb5_free_principal( context, client );
+ krb5_free_context( context );
+ return 1;
+ }
+
+ {
+ char *host = ldap_pvt_get_fqdn( NULL );
+
+ if( host == NULL ) {
+ krb5_free_principal( context, client );
+ krb5_free_context( context );
+ return 1;
+ }
+
+ ret = krb5_sname_to_principal( context,
+ host, "ldap", KRB5_NT_SRV_HST, &server );
+
+ ber_memfree( host );
+ }
+
+ if (ret) {
+ krb5_free_principal( context, client );
+ krb5_free_context( context );
+ return 1;
+ }
+
+ ret = krb5_verify_init_creds( context,
+ &creds, server, NULL, NULL, &verify_options );
+
+ krb5_free_principal( context, client );
+ krb5_free_principal( context, server );
+ krb5_free_cred_contents( context, &creds );
+ krb5_free_context( context );
+
+ rtn = !!ret;
+ }
+#elif defined(HAVE_KRB4)
+ {
+ /* Borrowed from Heimdal kpopper */
+/* Portions:
+ * Copyright (c) 1989 Regents of the University of California.
+ * All rights reserved. The Berkeley software License Agreement
+ * specifies the terms and conditions for redistribution.
+ */
+
+ int status;
+ char lrealm[REALM_SZ];
+ char tkt[MAXHOSTNAMELEN];
+
+ status = krb_get_lrealm(lrealm,1);
+ if (status == KFAILURE) {
+ return 1;
+ }
+
+ snprintf(tkt, sizeof(tkt), "%s_slapd.%u",
+ TKT_ROOT, (unsigned)getpid());
+ krb_set_tkt_string (tkt);
+
+ status = krb_verify_user( passwd->bv_val, "", lrealm,
+ cred->bv_val, 1, "ldap");
+
+ dest_tkt(); /* no point in keeping the tickets */
+
+ return status == KFAILURE;
+ }
+#endif
+
+ return rtn;
+}
+
+int init_module(int argc, char *argv[]) {
+ return lutil_passwd_add( (struct berval *)&scheme, chk_kerberos, NULL );
+}
--- /dev/null
+/* $OpenLDAP$ */
+/*
+ * Copyright 1998-2004 The OpenLDAP Foundation.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted only as authorized by the OpenLDAP
+ * Public License.
+ *
+ * A copy of this license is available in the file LICENSE in the
+ * top-level directory of the distribution or, alternatively, at
+ * <http://www.OpenLDAP.org/license.html>.
+ */
+
+#include <string.h>
+#include <unistd.h>
+
+#include <lber.h>
+#include <lber_pvt.h>
+#include "lutil.h"
+#include "lutil_md5.h"
+
+static LUTIL_PASSWD_CHK_FUNC chk_ns_mta_md5;
+static const struct berval scheme = BER_BVC("{NS-MTA-MD5}");
+
+#define NS_MTA_MD5_PASSLEN 64
+static int chk_ns_mta_md5(
+ const struct berval *scheme,
+ const struct berval *passwd,
+ const struct berval *cred,
+ const char **text )
+{
+ lutil_MD5_CTX MD5context;
+ unsigned char MD5digest[LUTIL_MD5_BYTES], c;
+ char buffer[LUTIL_MD5_BYTES*2];
+ int i;
+
+ if( passwd->bv_len != NS_MTA_MD5_PASSLEN ) {
+ return 1;
+ }
+
+ /* hash credentials with salt */
+ lutil_MD5Init(&MD5context);
+ lutil_MD5Update(&MD5context,
+ (const unsigned char *) &passwd->bv_val[32],
+ 32 );
+
+ c = 0x59;
+ lutil_MD5Update(&MD5context,
+ (const unsigned char *) &c,
+ 1 );
+
+ lutil_MD5Update(&MD5context,
+ (const unsigned char *) cred->bv_val,
+ cred->bv_len );
+
+ c = 0xF7;
+ lutil_MD5Update(&MD5context,
+ (const unsigned char *) &c,
+ 1 );
+
+ lutil_MD5Update(&MD5context,
+ (const unsigned char *) &passwd->bv_val[32],
+ 32 );
+
+ lutil_MD5Final(MD5digest, &MD5context);
+
+ for( i=0; i < sizeof( MD5digest ); i++ ) {
+ buffer[i+i] = "0123456789abcdef"[(MD5digest[i]>>4) & 0x0F];
+ buffer[i+i+1] = "0123456789abcdef"[ MD5digest[i] & 0x0F];
+ }
+
+ /* compare */
+ return memcmp((char *)passwd->bv_val,
+ (char *)buffer, sizeof(buffer)) ? 1 : 0;
+}
+
+int init_module(int argc, char *argv[]) {
+ return lutil_passwd_add( (struct berval *)&scheme, chk_ns_mta_md5, NULL );
+}
projects / openldap / commitdiff