#define PRINT_CONNTREE 0
+static LDAP_REBIND_PROC ldap_back_rebind;
+
int
ldap_back_bind(
Backend *be,
lc->bound = 1;
}
+ if ( li->savecred ) {
+ if ( lc->cred.bv_val )
+ ch_free( lc->cred.bv_val );
+ ber_dupbv( &lc->cred, cred );
+ ldap_set_rebind_proc( lc->ld, ldap_back_rebind, lc );
+ }
+
+ if ( lc->bound_dn.bv_val )
+ ch_free( lc->bound_dn.bv_val );
if ( mdn.bv_val != dn->bv_val ) {
- free( mdn.bv_val );
+ lc->bound_dn = mdn;
+ } else {
+ ber_dupbv( &lc->bound_dn, dn );
}
return( rc );
lc->conn = conn;
lc->ld = ld;
+ lc->cred.bv_len = 0;
+ lc->cred.bv_val = NULL;
+
#ifdef ENABLE_REWRITE
/*
* Sets a cookie for the rewrite session
return( lc->bound );
}
- if (ldap_bind_s(lc->ld, lc->bound_dn.bv_val, NULL, LDAP_AUTH_SIMPLE) !=
+ if (ldap_bind_s(lc->ld, lc->bound_dn.bv_val, lc->cred.bv_val, LDAP_AUTH_SIMPLE) !=
LDAP_SUCCESS) {
ldap_back_op_result(lc, op);
return( 0 );
return( lc->bound = 1 );
}
+/*
+ * ldap_back_rebind
+ *
+ * This is a callback used for chasing referrals using the same
+ * credentials as the original user on this session.
+ */
+static int
+ldap_back_rebind( LDAP *ld, LDAP_CONST char *url, ber_tag_t request,
+ ber_int_t msgid, void *params )
+{
+ struct ldapconn *lc = params;
+
+ return ldap_bind_s( ld, lc->bound_dn.bv_val, lc->cred.bv_val, LDAP_AUTH_SIMPLE );
+}
+
/* Map API errors to protocol errors... */
int
}
li->bindpw = ch_strdup(argv[1]);
+ /* save bind creds for referral rebinds? */
+ } else if ( strcasecmp( argv[0], "rebind-as-user" ) == 0 ) {
+ if (argc != 1) {
+ fprintf( stderr,
+ "%s: line %d: rebind-as-user takes no arguments\n",
+ fname, lineno );
+ return( 1 );
+ }
+ li->savecred = 1;
+
/* dn massaging */
} else if ( strcasecmp( argv[0], "suffixmassage" ) == 0 ) {
#ifndef ENABLE_REWRITE
projects / openldap / commitdiff