1/* bind.c */ 2/* $OpenLDAP$ */ 3/* This work is part of OpenLDAP Software <http://www.openldap.org/>. 4 * 5 * Copyright 1998-2011 The OpenLDAP Foundation. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted only as authorized by the OpenLDAP 10 * Public License. 11 * 12 * A copy of this license is available in the file LICENSE in the 13 * top-level directory of the distribution or, alternatively, at 14 * <http://www.OpenLDAP.org/license.html>. 15 */ 16/* Portions Copyright (c) 1990 Regents of the University of Michigan. 17 * All rights reserved. 18 */ 19 20#include "portable.h" 21 22#include <stdio.h> 23 24#include <ac/stdlib.h> 25 26#include <ac/socket.h> 27#include <ac/string.h> 28#include <ac/time.h> 29 30#include "ldap-int.h" 31#include "ldap_log.h" 32 33/* 34 * BindRequest ::= SEQUENCE { 35 * version INTEGER, 36 * name DistinguishedName, -- who 37 * authentication CHOICE { 38 * simple [0] OCTET STRING -- passwd 39 * krbv42ldap [1] OCTET STRING -- OBSOLETE 40 * krbv42dsa [2] OCTET STRING -- OBSOLETE 41 * sasl [3] SaslCredentials -- LDAPv3 42 * } 43 * } 44 * 45 * BindResponse ::= SEQUENCE { 46 * COMPONENTS OF LDAPResult, 47 * serverSaslCreds OCTET STRING OPTIONAL -- LDAPv3 48 * } 49 * 50 * (Source: RFC 2251) 51 */ 52 53/* 54 * ldap_bind - bind to the ldap server (and X.500). The dn and password 55 * of the entry to which to bind are supplied, along with the authentication 56 * method to use. The msgid of the bind request is returned on success, 57 * -1 if there's trouble. ldap_result() should be called to find out the 58 * outcome of the bind request. 59 * 60 * Example: 61 * ldap_bind( ld, "cn=manager, o=university of michigan, c=us", "secret", 62 * LDAP_AUTH_SIMPLE ) 63 */ 64 65int 66ldap_bind( LDAP *ld, LDAP_CONST char *dn, LDAP_CONST char *passwd, int authmethod ) 67{ 68 Debug( LDAP_DEBUG_TRACE, "ldap_bind\n", 0, 0, 0 ); 69 70 switch ( authmethod ) { 71 case LDAP_AUTH_SIMPLE: 72 return( ldap_simple_bind( ld, dn, passwd ) ); 73 74#ifdef HAVE_GSSAPI 75 case LDAP_AUTH_NEGOTIATE: 76 return( ldap_gssapi_bind_s( ld, dn, passwd) ); 77#endif 78 79 case LDAP_AUTH_SASL: 80 /* user must use ldap_sasl_bind */ 81 /* FALL-THRU */ 82 83 default: 84 ld->ld_errno = LDAP_AUTH_UNKNOWN; 85 return( -1 ); 86 } 87} 88 89/* 90 * ldap_bind_s - bind to the ldap server (and X.500). The dn and password 91 * of the entry to which to bind are supplied, along with the authentication 92 * method to use. This routine just calls whichever bind routine is 93 * appropriate and returns the result of the bind (e.g. LDAP_SUCCESS or 94 * some other error indication). 95 * 96 * Examples: 97 * ldap_bind_s( ld, "cn=manager, o=university of michigan, c=us", 98 * "secret", LDAP_AUTH_SIMPLE ) 99 * ldap_bind_s( ld, "cn=manager, o=university of michigan, c=us", 100 * NULL, LDAP_AUTH_KRBV4 ) 101 */ 102int 103ldap_bind_s( 104 LDAP *ld, 105 LDAP_CONST char *dn, 106 LDAP_CONST char *passwd, 107 int authmethod ) 108{ 109 Debug( LDAP_DEBUG_TRACE, "ldap_bind_s\n", 0, 0, 0 ); 110 111 switch ( authmethod ) { 112 case LDAP_AUTH_SIMPLE: 113 return( ldap_simple_bind_s( ld, dn, passwd ) ); 114 115#ifdef HAVE_GSSAPI 116 case LDAP_AUTH_NEGOTIATE: 117 return( ldap_gssapi_bind_s( ld, dn, passwd) ); 118#endif 119 120 case LDAP_AUTH_SASL: 121 /* user must use ldap_sasl_bind */ 122 /* FALL-THRU */ 123 124 default: 125 return( ld->ld_errno = LDAP_AUTH_UNKNOWN ); 126 } 127} 128