goto return_results;
}
- if ( slap_passwd_check( a, cred ) != 0 ) {
+ if ( slap_passwd_check( conn, a, cred ) != 0 ) {
send_ldap_result( conn, op, LDAP_INVALID_CREDENTIALS,
NULL, NULL, NULL, NULL );
/* stop front end from sending result */
return 0;
}
-#ifdef SLAPD_CRYPT
- ldap_pvt_thread_mutex_lock( &crypt_mutex );
+#if defined( SLAPD_CRYPT ) || defined( SLAPD_PASSWD )
+ ldap_pvt_thread_mutex_lock( &passwd_mutex );
+#ifdef SLAPD_SPASSWD
+ lutil_passwd_sasl_conn = conn->c_sasl_context;
+#endif
#endif
result = lutil_passwd( &be->be_root_pw, cred, NULL );
-#ifdef SLAPD_CRYPT
- ldap_pvt_thread_mutex_unlock( &crypt_mutex );
+#if defined( SLAPD_CRYPT ) || defined( SLAPD_PASSWD )
+ ldap_pvt_thread_mutex_unlock( &passwd_mutex );
#endif
return result == 0;
*/
ldap_pvt_thread_pool_t connection_pool;
ldap_pvt_thread_mutex_t gmtime_mutex;
-#ifdef SLAPD_CRYPT
-ldap_pvt_thread_mutex_t crypt_mutex;
+#if defined( SLAPD_CRYPT ) || defined( SLAPD_PASSWD )
+ldap_pvt_thread_mutex_t passwd_mutex;
#endif
int num_conns;
ldap_pvt_thread_mutex_init( &num_sent_mutex );
ldap_pvt_thread_mutex_init( &gmtime_mutex );
-#ifdef SLAPD_CRYPT
- ldap_pvt_thread_mutex_init( &crypt_mutex );
+#if defined( SLAPD_CRYPT ) || defined( SLAPD_PASSWD )
+ ldap_pvt_thread_mutex_init( &passwd_mutex );
#endif
rc = slap_sasl_init();
int
slap_passwd_check(
+ Connection *conn,
Attribute *a,
struct berval *cred )
{
int i;
- for ( i = 0; a->a_vals[i] != NULL; i++ ) {
- int result;
+ int result = 1;
-#ifdef SLAPD_CRYPT
- ldap_pvt_thread_mutex_lock( &crypt_mutex );
+#if defined( SLAPD_CRYPT ) || defined( SLAPD_PASSWD )
+ ldap_pvt_thread_mutex_lock( &crypt_mutex );
+#ifdef SLAPD_SPASSWD
+ lutil_passwd_sasl_conn = conn->c_sasl_context;
#endif
-
- result = lutil_passwd( a->a_vals[i], cred, NULL );
-
-#ifdef SLAPD_CRYPT
- ldap_pvt_thread_mutex_unlock( &crypt_mutex );
#endif
- if( !result )
- return result;
+ for ( i = 0; a->a_vals[i] != NULL; i++ ) {
+ if( !lutil_passwd( a->a_vals[i], cred, NULL ) ) {
+ result = 0;
+ break;
+ }
}
- return( 1 );
+#if defined( SLAPD_CRYPT ) || defined( SLAPD_PASSWD )
+ ldap_pvt_thread_mutex_unlock( &passwd_mutex );
+#endif
+
+ return result;
}
struct berval * slap_passwd_generate( void )
struct berval *new;
-#ifdef SLAPD_CRYPT
- ldap_pvt_thread_mutex_lock( &crypt_mutex );
+#if defined( SLAPD_CRYPT ) || defined( SLAPD_PASSWD )
+ ldap_pvt_thread_mutex_lock( &passwd_mutex );
#endif
new = lutil_passwd_hash( cred , hash );
-#ifdef SLAPD_CRYPT
- ldap_pvt_thread_mutex_unlock( &crypt_mutex );
+#if defined( SLAPD_CRYPT ) || defined( SLAPD_PASSWD )
+ ldap_pvt_thread_mutex_unlock( &passwd_mutex );
#endif
return new;
struct berval *** refs ));
LDAP_SLAPD_F (int) slap_passwd_check(
+ Connection *conn,
Attribute *attr,
struct berval *cred );
LDAP_SLAPD_F (ldap_pvt_thread_mutex_t) entry2str_mutex;
LDAP_SLAPD_F (ldap_pvt_thread_mutex_t) replog_mutex;
-#ifdef SLAPD_CRYPT
-LDAP_SLAPD_F (ldap_pvt_thread_mutex_t) crypt_mutex;
+#if defined( SLAPD_CRYPT ) || defined( SLAPD_SPASSWD )
+LDAP_SLAPD_F (ldap_pvt_thread_mutex_t) passwd_mutex;
#endif
LDAP_SLAPD_F (ldap_pvt_thread_mutex_t) gmtime_mutex;
sasl_secprops.maxbufsize = 65536;
sasl_secprops.security_flags = SASL_SEC_NOPLAINTEXT|SASL_SEC_NOANONYMOUS;
-#ifdef SLAPD_SPASSWD
- lutil_passwd_sasl_conn = server;
-#else
sasl_dispose( &server );
-#endif
#endif
return 0;
int slap_sasl_destroy( void )
{
#ifdef HAVE_CYRUS_SASL
-#ifdef SLAPD_SPASSWD
- sasl_dispose( &lutil_passwd_sasl_conn );
-#endif
sasl_done();
#endif
return 0;
projects / openldap / commitdiff