static int
vc_create_response(
void *conn,
+ int resultCode,
+ const char *diagnosticMessage,
struct berval *servercred,
struct berval *authzid,
+ LDAPControl **ctrls,
struct berval **val )
{
BerElementBuffer berbuf;
assert( val != NULL );
+ BER_BVZERO( *val );
+
ber_init2( ber, NULL, LBER_USE_DER );
- ber_printf( ber, "{" /*}*/ );
+#ifdef TODO
+ (void)ber_printf( ber, "{is" /*}*/ , resultCode, diagnosticMessage ? diagnosticMessage : "" );
+#else
+ (void)ber_printf( ber, "{" /*}*/ );
+#endif
if ( conn ) {
struct berval cookie;
cookie.bv_len = sizeof( conn );
cookie.bv_val = (char *)&conn;
- ber_printf( ber, "tO", 0, LDAP_TAG_EXOP_VERIFY_CREDENTIALS_COOKIE, &cookie );
+ (void)ber_printf( ber, "tO", 0, LDAP_TAG_EXOP_VERIFY_CREDENTIALS_COOKIE, &cookie );
}
if ( servercred ) {
ber_printf( ber, "tO", LDAP_TAG_EXOP_VERIFY_CREDENTIALS_AUTHZID, authzid );
}
+#ifdef TODO
+ if ( ctrls ) {
+ int c;
+
+ rc = ber_printf( ber, "t{"/*}*/, LDAP_TAG_EXOP_VERIFY_CREDENTIALS_CONTROLS );
+ if ( rc == -1 ) goto done;
+
+ for ( c = 0; ctrls[c] != NULL; c++ ) {
+ rc = ber_printf( ber, "{s" /*}*/, ctrls[c]->ldctl_oid );
+
+ if ( ctrls[c]->ldctl_iscritical ) {
+ rc = ber_printf( ber, "b", (ber_int_t)ctrls[c]->ldctl_iscritical ) ;
+ if ( rc == -1 ) goto done;
+ }
+
+ if ( ctrls[c]->ldctl_value.bv_val != NULL ) {
+ rc = ber_printf( ber, "O", &ctrls[c]->ldctl_value );
+ if( rc == -1 ) goto done;
+ }
+
+ rc = ber_printf( ber, /*{*/"N}" );
+ if ( rc == -1 ) goto done;
+ }
+
+ rc = ber_printf( ber, /*{*/"N}" );
+ if ( rc == -1 ) goto done;
+ }
+#endif
+
ber_printf( ber, /*{*/ "}" );
rc = ber_flatten2( ber, &bv, 0 );
*val = ber_bvdup( &bv );
+done:;
ber_free_buf( ber );
return rc;
break;
case LDAP_AUTH_SASL:
- tag = ber_scanf( ber, "{s", &mechanism );
+ tag = ber_scanf( ber, "{s" /*}*/ , &mechanism );
if ( tag == LBER_ERROR ||
BER_BVISNULL( &mechanism ) || BER_BVISEMPTY( &mechanism ) )
{
if ( tag == LBER_OCTETSTRING ) {
ber_scanf( ber, "m", &cred );
}
+
+ tag = ber_scanf( ber, /*{*/ "}" );
break;
default:
goto done;
}
- tag = ber_skip_tag( ber, &len );
- if ( len || tag != LBER_DEFAULT ) {
- rs->sr_err = LDAP_PROTOCOL_ERROR;
- goto done;
- }
-
if ( !BER_BVISNULL( &cookie ) ) {
vc_conn_t tmp = { 0 };
ldap_pvt_mutex_lock( &vc_mutex );
conn = (vc_conn_t *)avl_find( vc_tree, (caddr_t)&tmp, vc_conn_cmp );
if ( conn == NULL || ( conn != NULL && conn->refcnt != 0 ) ) {
+ conn = NULL;
ldap_pvt_mutex_unlock( &vc_mutex );
rs->sr_err = LDAP_PROTOCOL_ERROR;
goto done;
"%s VERIFYCREDENTIALS", op->o_log_prefix );
}
+#ifdef TODO
+ /* TODO: controls */
+ tag = ber_peek_tag( ber, &len );
+ if ( tag == LDAP_TAG_EXOP_VERIFY_CREDENTIALS_CONTROLS ) {
+ conn->op->o_ber = ber;
+ rc = get_ctrls( conn->op, &rs2, 0 );
+ (void)ber_free( conn->op->o_ber, 1 );
+ if ( rc != LDAP_SUCCESS ) {
+ rs->sr_err = LDAP_PROTOCOL_ERROR;
+ goto done;
+ }
+ }
+#endif
+
+ tag = ber_skip_tag( ber, &len );
+ if ( len || tag != LBER_DEFAULT ) {
+ rs->sr_err = LDAP_PROTOCOL_ERROR;
+ goto done;
+ }
+
conn->op->o_tag = LDAP_REQ_BIND;
memset( &conn->op->oq_bind, 0, sizeof( conn->op->oq_bind ) );
conn->op->o_req_dn = ndn;
rs->sr_err = frontendDB->be_bind( conn->op, &rs2 );
if ( conn->op->o_conn->c_sasl_bind_in_progress ) {
- rc = vc_create_response( conn,
+ rc = vc_create_response( conn, rs2.sr_err, rs2.sr_text,
!BER_BVISEMPTY( &sasldata ) ? &sasldata : NULL,
- NULL, &rs->sr_rspdata );
+ NULL,
+ rs2.sr_ctrls, &rs->sr_rspdata );
} else {
- rc = vc_create_response( NULL, NULL,
- &conn->op->o_conn->c_dn, &rs->sr_rspdata );
+ rc = vc_create_response( NULL, rs2.sr_err, rs2.sr_text,
+ NULL,
+ &conn->op->o_conn->c_dn,
+ rs2.sr_ctrls, &rs->sr_rspdata );
}
if ( rc != 0 ) {
if ( !BER_BVISNULL( &conn->op->o_conn->c_ndn ) )
ber_memfree( conn->op->o_conn->c_ndn.bv_val );
- if ( conn->op->o_conn->c_sasl_bind_in_progress ) {
- if ( conn->conn == NULL ) {
- conn->conn = conn;
- conn->refcnt--;
- ldap_pvt_mutex_lock( &vc_mutex );
- rc = avl_insert( &vc_tree, (caddr_t)conn,
- vc_conn_cmp, vc_conn_dup );
- ldap_pvt_mutex_unlock( &vc_mutex );
- assert( rc == 0 );
+done:;
+ if ( conn ) {
+ if ( conn->op->o_conn->c_sasl_bind_in_progress ) {
+ if ( conn->conn == NULL ) {
+ conn->conn = conn;
+ conn->refcnt--;
+ ldap_pvt_mutex_lock( &vc_mutex );
+ rc = avl_insert( &vc_tree, (caddr_t)conn,
+ vc_conn_cmp, vc_conn_dup );
+ ldap_pvt_mutex_unlock( &vc_mutex );
+ assert( rc == 0 );
+
+ } else {
+ ldap_pvt_mutex_lock( &vc_mutex );
+ conn->refcnt--;
+ ldap_pvt_mutex_unlock( &vc_mutex );
+ }
} else {
- ldap_pvt_mutex_lock( &vc_mutex );
- conn->refcnt--;
- ldap_pvt_mutex_unlock( &vc_mutex );
- }
-
- } else {
- if ( conn->conn != NULL ) {
- vc_conn_t *tmp;
-
- ldap_pvt_mutex_lock( &vc_mutex );
- tmp = avl_delete( &vc_tree, (caddr_t)conn, vc_conn_cmp );
- ldap_pvt_mutex_unlock( &vc_mutex );
+ if ( conn->conn != NULL ) {
+ vc_conn_t *tmp;
+
+ ldap_pvt_mutex_lock( &vc_mutex );
+ tmp = avl_delete( &vc_tree, (caddr_t)conn, vc_conn_cmp );
+ ldap_pvt_mutex_unlock( &vc_mutex );
+ }
+ SLAP_FREE( conn );
}
- SLAP_FREE( conn );
}
-done:;
if ( !BER_BVISNULL( &ndn ) ) {
op->o_tmpfree( ndn.bv_val, op->o_tmpmemctx );
}
projects / openldap / commitdiff