Attachment #20522 for bug #26538

View | Details | Raw Unified | Return to bug 26538
Collapse All | Expand All




/* Licensed to the Apache Software Foundation (ASF) under one or more
 * contributor license agreements.  See the NOTICE file distributed with
 * this work for additional information regarding copyright ownership.
 * The ASF licenses this file to You under the Apache License, Version 2.0
 * (the "License"); you may not use this file except in compliance with
 * the License.  You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

/*  apr_ldap_option.c -- LDAP options
 *
 *  The LDAP SDK allows the getting and setting of options on an LDAP
 *  connection.
 *
 */

#include "apr.h"
#include "apu.h"
#include "apr_ldap.h"
#include "apr_errno.h"
#include "apr_strings.h"
#include "apr_ldap_rebind.h"

#include "stdio.h"

#if APR_HAS_THREADS
static apr_thread_mutex_t *apr_ldap_xref_lock = NULL;
#endif
static LDAP_xref_entry_t *xref_head = NULL;


/* APR utility routine used to create the xref_lock. */
APU_DECLARE(apr_status_t) apr_ldap_init_xref_lock(apr_pool_t *pool)
{
    apr_status_t retcode = APR_SUCCESS;

#if APR_HAS_THREADS
    retcode = apr_thread_mutex_create(&apr_ldap_xref_lock, APR_THREAD_MUTEX_DEFAULT, pool);
#endif

    return(retcode);
}


/*************************************************************************************/
APU_DECLARE(int) apr_ldap_xref_add(apr_pool_t *pool, LDAP *ld, const char *bindDN, const char *bindPW)
{
    LDAP_xref_entry_t *new_xref;

    new_xref = (LDAP_xref_entry_t *)apr_pcalloc(pool, sizeof(LDAP_xref_entry_t));
    if (new_xref) {
        new_xref->index = ld;
        if (bindDN) {
            new_xref->bindDN = apr_pstrdup(pool, bindDN);
        }
        if (bindPW) {
            new_xref->bindPW = apr_pstrdup(pool, bindPW);
        }
    
#if APR_HAS_THREADS
       apr_thread_mutex_lock(apr_ldap_xref_lock);
#endif
    
        new_xref->next = xref_head;
        xref_head = new_xref;
    
#if APR_HAS_THREADS
        apr_thread_mutex_unlock(apr_ldap_xref_lock);
#endif
    }
    else {
        return(APR_ENOMEM);
    }

    return(APR_SUCCESS);
}

/*************************************************************************************/
APU_DECLARE(void) apr_ldap_xref_remove(LDAP *ld)
{
    LDAP_xref_entry_t *tmp_xref, *prev = NULL;

#if APR_HAS_THREADS
    apr_thread_mutex_lock(apr_ldap_xref_lock);
#endif
    tmp_xref = xref_head;

    while ((tmp_xref) && (tmp_xref->index != ld)) {
        prev = tmp_xref;
        tmp_xref = tmp_xref->next;
    }

    if (tmp_xref) {
        if (tmp_xref == xref_head) {
            xref_head = xref_head->next;
        }
        else {
            prev->next = tmp_xref->next;
        }
        /* tmp_xref and its contents were pool allocated so they don't need to be freed here. */
    }

#if APR_HAS_THREADS
    apr_thread_mutex_unlock(apr_ldap_xref_lock);
#endif
}

/*************************************************************************************/
static LDAP_xref_entry_t *apr_ldap_xref_lookup(LDAP *ld)
{
    LDAP_xref_entry_t *tmp_xref, *match = NULL;

#if APR_HAS_THREADS
    apr_thread_mutex_lock(apr_ldap_xref_lock);
#endif
    tmp_xref = xref_head;

    while (tmp_xref) {
        if (tmp_xref->index == ld) {
            match = tmp_xref;
            tmp_xref = NULL;
        }
        else {
            tmp_xref = tmp_xref->next;
        }
    }

#if APR_HAS_THREADS
    apr_thread_mutex_unlock(apr_ldap_xref_lock);
#endif

    return (match);
}

/* LDAP_rebindproc() ITDS style
 *     Rebind callback function. Called when chasing referrals. See API docs.
 * ON ENTRY:
 *     ld       Pointer to an LDAP control structure. (input only)
 *     binddnp  Pointer to an Application DName used for binding (in *or* out)
 *     passwdp  Pointer to the password associated with the DName (in *or* out)
 *     methodp  Pointer to the Auth method (output only)
 *     freeit   Flag to indicate if this is a lookup or a free request (input only)
 */
#if APR_HAS_TIVOLI_LDAPSDK
int LDAP_rebindproc(LDAP *ld, char **binddnp, char **passwdp, int *methodp, int freeit)
{
    if (!freeit) {
        LDAP_xref_entry_t *my_conn;

        *methodp = LDAP_AUTH_SIMPLE;
        my_conn = apr_ldap_xref_lookup(ld);

        if ((my_conn) && (my_conn->bindDN != NULL)) {
            *binddnp = strdup(my_conn->bindDN);
            *passwdp = strdup(my_conn->bindPW);
        } else {
            *binddnp = NULL;
            *passwdp = NULL;
        }
    } else {
        free(*binddnp);
        free(*passwdp);
    }

    return LDAP_SUCCESS;
}
#elif APR_HAS_OPENLDAP_LDAPSDK

/* LDAP_rebindproc() openLDAP V3 style */
int LDAP_rebindproc(LDAP *ld, LDAP_CONST char *url, ber_tag_t request, ber_int_t msgid, void *params)
{
    LDAP_xref_entry_t *my_conn;
    const char *bindDN = NULL;
    const char *bindPW = NULL;

    my_conn = apr_ldap_xref_lookup(ld);

    if ((my_conn) && (my_conn->bindDN != NULL)) {
        bindDN = my_conn->bindDN;
        bindPW = my_conn->bindPW;
    }

    return (ldap_bind_s(ld, bindDN, bindPW, LDAP_AUTH_SIMPLE));
}

#endif

/* APR utility routine used to set the rebind callback routine. */
APU_DECLARE(void) apr_ldap_set_rebind_callback(LDAP *ld)
{
#if APR_HAS_TIVOLI_LDAPSDK
    ldap_set_rebind_proc(ld, (LDAPRebindProc)LDAP_rebindproc);
#elif APR_HAS_OPENLDAP_LDAPSDK
    ldap_set_rebind_proc(ld, LDAP_rebindproc, NULL);
#endif
}

Lines 231-236 Link Here

(-)apr-util-trunk/ldap/NWGNUmakefile (+1 lines)
231	$(OBJDIR)/apr_ldap_init.o \	231	$(OBJDIR)/apr_ldap_init.o \
232	$(OBJDIR)/apr_ldap_option.o \	232	$(OBJDIR)/apr_ldap_option.o \
233	$(OBJDIR)/apr_ldap_url.o \	233	$(OBJDIR)/apr_ldap_url.o \
		234	$(OBJDIR)/apr_ldap_rebind.o \
234	$(EOLIST)	235	$(EOLIST)
235		236
236	#	237	#




/* Licensed to the Apache Software Foundation (ASF) under one or more
 * contributor license agreements.  See the NOTICE file distributed with
 * this work for additional information regarding copyright ownership.
 * The ASF licenses this file to You under the Apache License, Version 2.0
 * (the "License"); you may not use this file except in compliance with
 * the License.  You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

/**
 * @file apu_ldap_rebind.h
 * @brief Apache LDAP library
 */

#ifndef APU_LDAP_REBIND_H
#define APU_LDAP_REBIND_H

/* Used to store information about connections for use in the referral rebind callback. */
struct LDAP_xref_entry {
    LDAP *index;
    const char *bindDN;
    const char *bindPW;
    struct LDAP_xref_entry *next;
};
typedef struct LDAP_xref_entry LDAP_xref_entry_t;

#endif /* APU_LDAP_REBIND_H */


/**
 * APR LDAP initialize xref lock
 *
 * This function creates the lock for controlling access to the xref list..
 * @param pool Pool to use when creating the xref_lock.
 */
APU_DECLARE(apr_status_t) apr_ldap_init_xref_lock(apr_pool_t *pool);


/**
 * APR LDAP xref_add function
 *
 * This function creates a cross reference entry for the specified ldap
 * connection. The rebind callback function will look up this ldap 
 * connection so it can retrieve the bindDN and bindPW for use in any 
 * binds while referrals are being chased.
 * @param pool The pool to use
 * @param ld The LDAP connectionhandle
 * @param bindDN The bind DN to be used for any binds while chasing 
 *               referrals on this ldap connection.
 * @param bindPW The bind Password to be used for any binds while 
 *               chasing referrals on this ldap connection.
 */
APU_DECLARE(int) apr_ldap_xref_add(apr_pool_t *pool,
                                   LDAP *ld,
                                   const char *bindDN,
                                   const char *bindPW);

/**
 * APR LDAP xref_remove function
 *
 * This function removes the rebind cross reference entry for the specified ldap connection.
 * @param ld The LDAP connectionhandle
 */
APU_DECLARE(void) apr_ldap_xref_remove(LDAP *ld);

/**
 * APR LDAP set rebind callback function
 *
 * This function sets the rebind callback function for this ldap connection.
 * @param ld The LDAP connectionhandle
 */
APU_DECLARE(void) apr_ldap_set_rebind_callback(LDAP *ld);

Lines 149-154 Link Here

(-)apr-util-trunk/include/apr_ldap.h.in (+1 lines)
149	#include "apr_ldap_url.h"	149	#include "apr_ldap_url.h"
150	#include "apr_ldap_init.h"	150	#include "apr_ldap_init.h"
151	#include "apr_ldap_option.h"	151	#include "apr_ldap_option.h"
		152	#include "apr_ldap_rebind.h"
152		153
153	/** @} */	154	/** @} */
154	#endif /* APR_HAS_LDAP */	155	#endif /* APR_HAS_LDAP */

Return to bug 26538

Line 0 Link Here

(-)apr-util-trunk/ldap/apr_ldap_rebind.c (+203 lines)
		1	/* Licensed to the Apache Software Foundation (ASF) under one or more
		2	* contributor license agreements. See the NOTICE file distributed with
		3	* this work for additional information regarding copyright ownership.
		4	* The ASF licenses this file to You under the Apache License, Version 2.0
		5	* (the "License"); you may not use this file except in compliance with
		6	* the License. You may obtain a copy of the License at
		7	*
		8	* http://www.apache.org/licenses/LICENSE-2.0
		9	*
		10	* Unless required by applicable law or agreed to in writing, software
		11	* distributed under the License is distributed on an "AS IS" BASIS,
		12	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
		13	* See the License for the specific language governing permissions and
		14	* limitations under the License.
		15	*/
		16
		17	/* apr_ldap_option.c -- LDAP options
		18	*
		19	* The LDAP SDK allows the getting and setting of options on an LDAP
		20	* connection.
		21	*
		22	*/
		23
		24	#include "apr.h"
		25	#include "apu.h"
		26	#include "apr_ldap.h"
		27	#include "apr_errno.h"
		28	#include "apr_strings.h"
		29	#include "apr_ldap_rebind.h"
		30
		31	#include "stdio.h"
		32
		33	#if APR_HAS_THREADS
		34	static apr_thread_mutex_t *apr_ldap_xref_lock = NULL;
		35	#endif
		36	static LDAP_xref_entry_t *xref_head = NULL;
		37
		38
		39	/* APR utility routine used to create the xref_lock. */
		40	APU_DECLARE(apr_status_t) apr_ldap_init_xref_lock(apr_pool_t *pool)
		41	{
		42	apr_status_t retcode = APR_SUCCESS;
		43
		44	#if APR_HAS_THREADS
		45	retcode = apr_thread_mutex_create(&apr_ldap_xref_lock, APR_THREAD_MUTEX_DEFAULT, pool);
		46	#endif
		47
		48	return(retcode);
		49	}
		50
		51
		52	/*************************************************************************************/
		53	APU_DECLARE(int) apr_ldap_xref_add(apr_pool_t pool, LDAP ld, const char bindDN, const char bindPW)
		54	{
		55	LDAP_xref_entry_t *new_xref;
		56
		57	new_xref = (LDAP_xref_entry_t *)apr_pcalloc(pool, sizeof(LDAP_xref_entry_t));
		58	if (new_xref) {
		59	new_xref->index = ld;
		60	if (bindDN) {
		61	new_xref->bindDN = apr_pstrdup(pool, bindDN);
		62	}
		63	if (bindPW) {
		64	new_xref->bindPW = apr_pstrdup(pool, bindPW);
65	}
66
67	#if APR_HAS_THREADS
68	apr_thread_mutex_lock(apr_ldap_xref_lock);
69	#endif
70
71	new_xref->next = xref_head;
72	xref_head = new_xref;
73
74	#if APR_HAS_THREADS
75	apr_thread_mutex_unlock(apr_ldap_xref_lock);
76	#endif
77	}
78	else {
79	return(APR_ENOMEM);
80	}
81
82	return(APR_SUCCESS);
83	}
84
85	/*************************************************************************************/
86	APU_DECLARE(void) apr_ldap_xref_remove(LDAP *ld)
87	{
88	LDAP_xref_entry_t tmp_xref, prev = NULL;
89
90	#if APR_HAS_THREADS
91	apr_thread_mutex_lock(apr_ldap_xref_lock);
92	#endif
93	tmp_xref = xref_head;
94
95	while ((tmp_xref) && (tmp_xref->index != ld)) {
96	prev = tmp_xref;
97	tmp_xref = tmp_xref->next;
98	}
99
100	if (tmp_xref) {
101	if (tmp_xref == xref_head) {
102	xref_head = xref_head->next;
103	}
104	else {
105	prev->next = tmp_xref->next;
106	}
107	/* tmp_xref and its contents were pool allocated so they don't need to be freed here. */
108	}
109
110	#if APR_HAS_THREADS
111	apr_thread_mutex_unlock(apr_ldap_xref_lock);
112	#endif
113	}
114
115	/*************************************************************************************/
116	static LDAP_xref_entry_t apr_ldap_xref_lookup(LDAP ld)
117	{
118	LDAP_xref_entry_t tmp_xref, match = NULL;
119
120	#if APR_HAS_THREADS
121	apr_thread_mutex_lock(apr_ldap_xref_lock);
122	#endif
123	tmp_xref = xref_head;
124
125	while (tmp_xref) {
126	if (tmp_xref->index == ld) {
127	match = tmp_xref;
128	tmp_xref = NULL;
129	}
130	else {
131	tmp_xref = tmp_xref->next;
132	}
133	}
134
135	#if APR_HAS_THREADS
136	apr_thread_mutex_unlock(apr_ldap_xref_lock);
137	#endif
138
139	return (match);
140	}
141
142	/* LDAP_rebindproc() ITDS style
143	* Rebind callback function. Called when chasing referrals. See API docs.
144	* ON ENTRY:
145	* ld Pointer to an LDAP control structure. (input only)
146	* binddnp Pointer to an Application DName used for binding (in or out)
147	* passwdp Pointer to the password associated with the DName (in or out)
148	* methodp Pointer to the Auth method (output only)
149	* freeit Flag to indicate if this is a lookup or a free request (input only)
150	*/
151	#if APR_HAS_TIVOLI_LDAPSDK
152	int LDAP_rebindproc(LDAP ld, char binddnp, char passwdp, int methodp, int freeit)
153	{
154	if (!freeit) {
155	LDAP_xref_entry_t *my_conn;
156
157	*methodp = LDAP_AUTH_SIMPLE;
158	my_conn = apr_ldap_xref_lookup(ld);
159
160	if ((my_conn) && (my_conn->bindDN != NULL)) {
161	*binddnp = strdup(my_conn->bindDN);
162	*passwdp = strdup(my_conn->bindPW);
163	} else {
164	*binddnp = NULL;
165	*passwdp = NULL;
166	}
167	} else {
168	free(*binddnp);
169	free(*passwdp);
170	}
171
172	return LDAP_SUCCESS;
173	}
174	#elif APR_HAS_OPENLDAP_LDAPSDK
175
176	/* LDAP_rebindproc() openLDAP V3 style */
177	int LDAP_rebindproc(LDAP ld, LDAP_CONST char url, ber_tag_t request, ber_int_t msgid, void *params)
178	{
179	LDAP_xref_entry_t *my_conn;
180	const char *bindDN = NULL;
181	const char *bindPW = NULL;
182
183	my_conn = apr_ldap_xref_lookup(ld);
184
185	if ((my_conn) && (my_conn->bindDN != NULL)) {
186	bindDN = my_conn->bindDN;
187	bindPW = my_conn->bindPW;
188	}
189
190	return (ldap_bind_s(ld, bindDN, bindPW, LDAP_AUTH_SIMPLE));
191	}
192
193	#endif
194
195	/* APR utility routine used to set the rebind callback routine. */
196	APU_DECLARE(void) apr_ldap_set_rebind_callback(LDAP *ld)
197	{
198	#if APR_HAS_TIVOLI_LDAPSDK
199	ldap_set_rebind_proc(ld, (LDAPRebindProc)LDAP_rebindproc);
200	#elif APR_HAS_OPENLDAP_LDAPSDK
201	ldap_set_rebind_proc(ld, LDAP_rebindproc, NULL);
202	#endif
203	}

Line 0 Link Here

(-)apr-util-trunk/include/apr_ldap_rebind.h (+79 lines)
		1	/* Licensed to the Apache Software Foundation (ASF) under one or more
		2	* contributor license agreements. See the NOTICE file distributed with
		3	* this work for additional information regarding copyright ownership.
		4	* The ASF licenses this file to You under the Apache License, Version 2.0
		5	* (the "License"); you may not use this file except in compliance with
		6	* the License. You may obtain a copy of the License at
		7	*
		8	* http://www.apache.org/licenses/LICENSE-2.0
		9	*
		10	* Unless required by applicable law or agreed to in writing, software
		11	* distributed under the License is distributed on an "AS IS" BASIS,
		12	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
		13	* See the License for the specific language governing permissions and
		14	* limitations under the License.
		15	*/
		16
		17	/**
		18	* @file apu_ldap_rebind.h
		19	* @brief Apache LDAP library
		20	*/
		21
		22	#ifndef APU_LDAP_REBIND_H
		23	#define APU_LDAP_REBIND_H
		24
		25	/* Used to store information about connections for use in the referral rebind callback. */
		26	struct LDAP_xref_entry {
		27	LDAP *index;
		28	const char *bindDN;
		29	const char *bindPW;
		30	struct LDAP_xref_entry *next;
		31	};
		32	typedef struct LDAP_xref_entry LDAP_xref_entry_t;
		33
		34	#endif /* APU_LDAP_REBIND_H */
		35
		36
		37	/**
		38	* APR LDAP initialize xref lock
		39	*
		40	* This function creates the lock for controlling access to the xref list..
		41	* @param pool Pool to use when creating the xref_lock.
		42	*/
		43	APU_DECLARE(apr_status_t) apr_ldap_init_xref_lock(apr_pool_t *pool);
		44
		45
		46	/**
		47	* APR LDAP xref_add function
		48	*
		49	* This function creates a cross reference entry for the specified ldap
		50	* connection. The rebind callback function will look up this ldap
		51	* connection so it can retrieve the bindDN and bindPW for use in any
		52	* binds while referrals are being chased.
		53	* @param pool The pool to use
		54	* @param ld The LDAP connectionhandle
		55	* @param bindDN The bind DN to be used for any binds while chasing
		56	* referrals on this ldap connection.
		57	* @param bindPW The bind Password to be used for any binds while
		58	* chasing referrals on this ldap connection.
		59	*/
		60	APU_DECLARE(int) apr_ldap_xref_add(apr_pool_t *pool,
		61	LDAP *ld,
		62	const char *bindDN,
		63	const char *bindPW);
		64
65	/**
66	* APR LDAP xref_remove function
67	*
68	* This function removes the rebind cross reference entry for the specified ldap connection.
69	* @param ld The LDAP connectionhandle
70	*/
71	APU_DECLARE(void) apr_ldap_xref_remove(LDAP *ld);
72
73	/**
74	* APR LDAP set rebind callback function
75	*
76	* This function sets the rebind callback function for this ldap connection.
77	* @param ld The LDAP connectionhandle
78	*/
79	APU_DECLARE(void) apr_ldap_set_rebind_callback(LDAP *ld);