From c4dd6bd8c6748f43c1bd91f3498b937833b95acf Mon Sep 17 00:00:00 2001
From: Arthur de Jong <arthur@arthurdejong.org>
Date: Wed, 3 Jun 2009 10:23:50 +0000
Subject: implement myldap_set_credentials() and myldap_cpy_dn() which will be
 used in the PAM lookups (from nss-pam-ldapd branch)

git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@921 ef36b2f9-881f-0410-afb5-c4e39611909c
---
 nslcd/myldap.c | 42 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 42 insertions(+)

(limited to 'nslcd/myldap.c')

diff --git a/nslcd/myldap.c b/nslcd/myldap.c
index f4f4980..74dc822 100644
--- a/nslcd/myldap.c
+++ b/nslcd/myldap.c
@@ -96,6 +96,10 @@ struct ldap_session
 {
   /* the connection */
   LDAP *ld;
+  /* the username to bind with */
+  char binddn[256];
+  /* the password to bind with if any */
+  char bindpw[64];
   /* timestamp of last activity */
   time_t lastactivity;
   /* index into ldc_uris: currently connected LDAP uri */
@@ -277,6 +281,8 @@ static MYLDAP_SESSION *myldap_session_new(void)
   }
   /* initialize the session */
   session->ld=NULL;
+  session->binddn[0]='\0';
+  session->bindpw[0]='\0';
   session->lastactivity=0;
   session->current_uri=0;
   for (i=0;i<MAX_SEARCHES_IN_SESSION;i++)
@@ -371,6 +377,7 @@ static int do_bind(MYLDAP_SESSION *session,const char *uri)
 #ifndef HAVE_SASL_INTERACT_T
   struct berval cred;
 #endif /* not HAVE_SASL_INTERACT_T */
+#endif /* HAVE_LDAP_SASL_INTERACTIVE_BIND_S */
 #ifdef LDAP_OPT_X_TLS
   /* check if StartTLS is requested */
   if (nslcd_cfg->ldc_ssl_on==SSL_START_TLS)
@@ -386,6 +393,15 @@ static int do_bind(MYLDAP_SESSION *session,const char *uri)
     }
   }
 #endif /* LDAP_OPT_X_TLS */
+  /* check if the binddn and bindpw are overwritten in the session */
+  if (session->binddn[0]!='\0')
+  {
+    /* do a simple bind */
+    log_log(LOG_DEBUG,"ldap_simple_bind_s(\"%s\",%s) (uri=\"%s\")",session->binddn,
+                      (session->bindpw[0]!='\0')?"\"*****\"":"empty",uri);
+    return ldap_simple_bind_s(session->ld,session->binddn,session->bindpw);
+  }
+#ifdef HAVE_LDAP_SASL_INTERACTIVE_BIND_S
   /* TODO: store this information in the session */
   if (!nslcd_cfg->ldc_usesasl)
   {
@@ -670,6 +686,19 @@ static int do_open(MYLDAP_SESSION *session)
   return LDAP_SUCCESS;
 }
 
+/* Set alternative credentials for the session. */
+int myldap_set_credentials(MYLDAP_SESSION *session,const char *dn,
+                           const char *password)
+{
+  /* copy dn and password into session */
+  strncpy(session->binddn,dn,sizeof(session->binddn));
+  session->binddn[sizeof(session->binddn)-1]='\0';
+  strncpy(session->bindpw,password,sizeof(session->bindpw));
+  session->bindpw[sizeof(session->bindpw)-1]='\0';
+  /* try to open a connection */
+  return do_open(session);
+}
+
 static int do_try_search(MYLDAP_SEARCH *search)
 {
   int rc;
@@ -1177,6 +1206,19 @@ const char *myldap_get_dn(MYLDAP_ENTRY *entry)
   return entry->dn;
 }
 
+char *myldap_cpy_dn(MYLDAP_ENTRY *entry,char *buf,size_t buflen)
+{
+  const char *dn;
+  /* get the dn */
+  dn=myldap_get_dn(entry);
+  /* copy into buffer */
+  if (strlen(dn)<buflen)
+    strcpy(buf,dn);
+  else
+    buf=NULL;
+  return buf;
+}
+
 /* Return a buffer that is an a list of strings that can be freed
    with a single call to free(). This function frees the set. */
 static char **set2values(SET *set)
-- 
cgit v1.2.3