The branch, master has been updated via 9c3a982... s4-ldb: added support for simple binds on ldb_ldap backend via 7f9153f... s4-ldb: added ldb_options_find() from 85504ae... s4:libcli: Modify S4 client library to check for proper CN alignment
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 9c3a9824a9165e9d7cf362d4b8c6add8ad0cc983 Author: Andrew Tridgell <tri...@samba.org> Date: Tue Jul 6 15:36:21 2010 +1000 s4-ldb: added support for simple binds on ldb_ldap backend this uses the options[] array to pass in bindMech, bindID and bindSecret. Currently only "simple" is supported. commit 7f9153f7e8a3a39d23b6b9c1336031f769dce923 Author: Andrew Tridgell <tri...@samba.org> Date: Tue Jul 6 15:35:16 2010 +1000 s4-ldb: added ldb_options_find() ldb_options_find() allows backends to find options in the options[] array passed to the connect operation. This will be used by the ldb_ldap bind code ----------------------------------------------------------------------- Summary of changes: source4/lib/ldb/common/ldb_modules.c | 8 ++-- source4/lib/ldb/common/ldb_options.c | 72 +++++++++++++++++++++++++++++++++ source4/lib/ldb/config.mk | 2 +- source4/lib/ldb/include/ldb_private.h | 6 +++ source4/lib/ldb/ldb.mk | 2 +- source4/lib/ldb/ldb_ldap/ldb_ldap.c | 50 +++++++++++++++++++++++ source4/lib/ldb/wscript | 2 +- 7 files changed, 135 insertions(+), 7 deletions(-) create mode 100644 source4/lib/ldb/common/ldb_options.c Changeset truncated at 500 lines: diff --git a/source4/lib/ldb/common/ldb_modules.c b/source4/lib/ldb/common/ldb_modules.c index 6e92fc5..e4e2c15 100644 --- a/source4/lib/ldb/common/ldb_modules.c +++ b/source4/lib/ldb/common/ldb_modules.c @@ -397,6 +397,7 @@ int ldb_init_module_chain(struct ldb_context *ldb, struct ldb_module *module) int ldb_load_modules(struct ldb_context *ldb, const char *options[]) { + const char *modules_string; const char **modules = NULL; unsigned int i; int ret; @@ -409,10 +410,9 @@ int ldb_load_modules(struct ldb_context *ldb, const char *options[]) /* check if we have a custom module list passd as ldb option */ if (options) { - for (i = 0; options[i] != NULL; i++) { - if (strncmp(options[i], LDB_MODULE_PREFIX, LDB_MODULE_PREFIX_LEN) == 0) { - modules = ldb_modules_list_from_string(ldb, mem_ctx, &options[i][LDB_MODULE_PREFIX_LEN]); - } + modules_string = ldb_options_find(ldb, options, "modules"); + if (modules_string) { + modules = ldb_modules_list_from_string(ldb, mem_ctx, modules_string); } } diff --git a/source4/lib/ldb/common/ldb_options.c b/source4/lib/ldb/common/ldb_options.c new file mode 100644 index 0000000..f806057 --- /dev/null +++ b/source4/lib/ldb/common/ldb_options.c @@ -0,0 +1,72 @@ +/* + ldb database library + + Copyright (C) Andrew Tridgell 2010 + + ** NOTE! The following LGPL license applies to the ldb + ** library. This does NOT imply that all of Samba is released + ** under the LGPL + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 3 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, see <http://www.gnu.org/licenses/>. +*/ + +/* + * Name: ldb + * + * Component: ldb options[] handling + * + * Author: Andrew Tridgell + */ + +#include "ldb_private.h" + +/* + find an option within an options array + + accepts the following forms: + + NAME + NAME:value + NAME=value + + returns a pointer into an element of the options[] array, or NULL is + not found. + + For the NAME form, returns a pointer to an empty string (thus + allowing for boolean options). + */ +_PRIVATE_ const char *ldb_options_find(struct ldb_context *ldb, const char *options[], + const char *option_name) +{ + size_t len = strlen(option_name); + int i; + + if (options == NULL) { + return NULL; + } + + for (i=0; options[i]; i++) { + if (strncmp(option_name, options[i], len) != 0) { + continue; + } + if (options[i][len] == ':' || options[i][len] == '=') { + return &options[i][len+1]; + } + if (options[i][len] == 0) { + return &options[i][len]; + } + } + + return NULL; +} diff --git a/source4/lib/ldb/config.mk b/source4/lib/ldb/config.mk index 54e1416..dd20e64 100644 --- a/source4/lib/ldb/config.mk +++ b/source4/lib/ldb/config.mk @@ -130,7 +130,7 @@ PC_FILES += $(ldbsrcdir)/ldb.pc LIBLDB_VERSION = 0.0.1 LIBLDB_SOVERSION = 0 -LIBLDB_OBJ_FILES = $(addprefix $(ldbsrcdir)/common/, ldb.o ldb_ldif.o ldb_parse.o ldb_msg.o ldb_utf8.o ldb_debug.o ldb_modules.o ldb_match.o ldb_attributes.o attrib_handlers.o ldb_dn.o ldb_controls.o qsort.o) $(ldb_map_OBJ_FILES) +LIBLDB_OBJ_FILES = $(addprefix $(ldbsrcdir)/common/, ldb.o ldb_ldif.o ldb_parse.o ldb_msg.o ldb_utf8.o ldb_debug.o ldb_modules.o ldb_options.o ldb_match.o ldb_attributes.o attrib_handlers.o ldb_dn.o ldb_controls.o qsort.o) $(ldb_map_OBJ_FILES) $(LIBLDB_OBJ_FILES): CFLAGS+=-I$(ldbsrcdir)/include diff --git a/source4/lib/ldb/include/ldb_private.h b/source4/lib/ldb/include/ldb_private.h index 0e0a1a2..aac21c7 100644 --- a/source4/lib/ldb/include/ldb_private.h +++ b/source4/lib/ldb/include/ldb_private.h @@ -171,4 +171,10 @@ int ldb_init_module_chain(struct ldb_context *ldb, struct ldb_module *module); struct ldb_val ldb_binary_decode(void *mem_ctx, const char *str); + +/* The following definitions come from lib/ldb/common/ldb_options.c */ + +const char *ldb_options_find(struct ldb_context *ldb, const char *options[], + const char *option_name); + #endif diff --git a/source4/lib/ldb/ldb.mk b/source4/lib/ldb/ldb.mk index 0c9b115..ac1a48b 100644 --- a/source4/lib/ldb/ldb.mk +++ b/source4/lib/ldb/ldb.mk @@ -15,7 +15,7 @@ LDB_MAP_OBJ=$(LDB_MAP_DIR)/ldb_map.o $(LDB_MAP_DIR)/ldb_map_inbound.o \ COMDIR=common COMMON_OBJ=$(COMDIR)/ldb.o $(COMDIR)/ldb_ldif.o \ $(COMDIR)/ldb_parse.o $(COMDIR)/ldb_msg.o $(COMDIR)/ldb_utf8.o \ - $(COMDIR)/ldb_debug.o $(COMDIR)/ldb_modules.o \ + $(COMDIR)/ldb_debug.o $(COMDIR)/ldb_modules.o $(COMDIR)/ldb_options.o \ $(COMDIR)/ldb_dn.o $(COMDIR)/ldb_match.o $(COMDIR)/ldb_attributes.o \ $(COMDIR)/attrib_handlers.o $(COMDIR)/ldb_controls.o $(COMDIR)/qsort.o diff --git a/source4/lib/ldb/ldb_ldap/ldb_ldap.c b/source4/lib/ldb/ldb_ldap/ldb_ldap.c index 292da7a..8383627 100644 --- a/source4/lib/ldb/ldb_ldap/ldb_ldap.c +++ b/source4/lib/ldb/ldb_ldap/ldb_ldap.c @@ -40,6 +40,7 @@ #include "ldb_includes.h" #include "ldb_module.h" +#include "ldb_private.h" #define LDAP_DEPRECATED 1 #include <ldap.h> @@ -856,6 +857,48 @@ static int lldb_destructor(struct lldb_private *lldb) return 0; } + +/* + optionally perform a bind + */ +static int lldb_bind(struct ldb_module *module, + const char *options[]) +{ + const char *bind_mechanism; + struct lldb_private *lldb; + struct ldb_context *ldb = ldb_module_get_ctx(module); + int ret; + + bind_mechanism = ldb_options_find(ldb, options, "bindMech"); + if (bind_mechanism == NULL) { + /* no bind wanted */ + return LDB_SUCCESS; + } + + lldb = talloc_get_type(ldb_module_get_private(module), struct lldb_private); + + if (strcmp(bind_mechanism, "simple") == 0) { + const char *bind_id, *bind_secret; + + bind_id = ldb_options_find(ldb, options, "bindID"); + bind_secret = ldb_options_find(ldb, options, "bindSecret"); + if (bind_id == NULL || bind_secret == NULL) { + ldb_asprintf_errstring(ldb, "simple bind requires bindID and bindSecret"); + return LDB_ERR_OPERATIONS_ERROR; + } + + ret = ldap_simple_bind_s(lldb->ldap, bind_id, bind_secret); + if (ret != LDAP_SUCCESS) { + ldb_asprintf_errstring(ldb, "bind failed: %s", ldap_err2string(ret)); + return ret; + } + return LDB_SUCCESS; + } + + ldb_asprintf_errstring(ldb, "bind failed: unknown mechanism %s", bind_mechanism); + return LDB_ERR_INAPPROPRIATE_AUTHENTICATION; +} + /* connect to the database */ @@ -897,6 +940,13 @@ static int lldb_connect(struct ldb_context *ldb, } *_module = module; + + ret = lldb_bind(module, options); + if (ret != LDB_SUCCESS) { + goto failed; + } + + return LDB_SUCCESS; failed: diff --git a/source4/lib/ldb/wscript b/source4/lib/ldb/wscript index 9de9a5b..773925e 100644 --- a/source4/lib/ldb/wscript +++ b/source4/lib/ldb/wscript @@ -70,7 +70,7 @@ def build(bld): COMMON_SRC = bld.SUBDIR('common', '''ldb.c ldb_ldif.c ldb_parse.c ldb_msg.c ldb_utf8.c - ldb_debug.c ldb_dn.c ldb_match.c ldb_modules.c + ldb_debug.c ldb_dn.c ldb_match.c ldb_modules.c ldb_options.c ldb_attributes.c attrib_handlers.c ldb_controls.c qsort.c''') if s4_build: -- Samba Shared Repository