1/* $NetBSD: bind.c,v 1.1.1.3 2010/12/12 15:23:23 adam Exp $ */ 2 3/* OpenLDAP: pkg/ldap/servers/slapd/back-sql/bind.c,v 1.41.2.5 2010/04/13 20:23:42 kurt Exp */ 4/* This work is part of OpenLDAP Software <http://www.openldap.org/>. 5 * 6 * Copyright 1999-2010 The OpenLDAP Foundation. 7 * Portions Copyright 1999 Dmitry Kovalev. 8 * Portions Copyright 2002 Pierangelo Masarati. 9 * All rights reserved. 10 * 11 * Redistribution and use in source and binary forms, with or without 12 * modification, are permitted only as authorized by the OpenLDAP 13 * Public License. 14 * 15 * A copy of this license is available in the file LICENSE in the 16 * top-level directory of the distribution or, alternatively, at 17 * <http://www.OpenLDAP.org/license.html>. 18 */ 19/* ACKNOWLEDGEMENTS: 20 * This work was initially developed by Dmitry Kovalev for inclusion 21 * by OpenLDAP Software. Additional significant contributors include 22 * Pierangelo Masarati. 23 */ 24 25#include "portable.h" 26 27#include <stdio.h> 28#include <sys/types.h> 29 30#include "slap.h" 31#include "proto-sql.h" 32 33int 34backsql_bind( Operation *op, SlapReply *rs ) 35{ 36 SQLHDBC dbh = SQL_NULL_HDBC; 37 Entry e = { 0 }; 38 Attribute *a; 39 backsql_srch_info bsi = { 0 }; 40 AttributeName anlist[2]; 41 int rc; 42 43 Debug( LDAP_DEBUG_TRACE, "==>backsql_bind()\n", 0, 0, 0 ); 44 45 switch ( be_rootdn_bind( op, rs ) ) { 46 case SLAP_CB_CONTINUE: 47 break; 48 49 default: 50 /* in case of success, front end will send result; 51 * otherwise, be_rootdn_bind() did */ 52 Debug( LDAP_DEBUG_TRACE, "<==backsql_bind(%d)\n", 53 rs->sr_err, 0, 0 ); 54 return rs->sr_err; 55 } 56 57 rs->sr_err = backsql_get_db_conn( op, &dbh ); 58 if ( rs->sr_err != LDAP_SUCCESS ) { 59 Debug( LDAP_DEBUG_TRACE, "backsql_bind(): " 60 "could not get connection handle - exiting\n", 61 0, 0, 0 ); 62 63 rs->sr_text = ( rs->sr_err == LDAP_OTHER ) 64 ? "SQL-backend error" : NULL; 65 goto error_return; 66 } 67 68 anlist[0].an_name = slap_schema.si_ad_userPassword->ad_cname; 69 anlist[0].an_desc = slap_schema.si_ad_userPassword; 70 anlist[1].an_name.bv_val = NULL; 71 72 bsi.bsi_e = &e; 73 rc = backsql_init_search( &bsi, &op->o_req_ndn, LDAP_SCOPE_BASE, 74 (time_t)(-1), NULL, dbh, op, rs, anlist, 75 BACKSQL_ISF_GET_ENTRY ); 76 if ( rc != LDAP_SUCCESS ) { 77 Debug( LDAP_DEBUG_TRACE, "backsql_bind(): " 78 "could not retrieve bindDN ID - no such entry\n", 79 0, 0, 0 ); 80 rs->sr_err = LDAP_INVALID_CREDENTIALS; 81 goto error_return; 82 } 83 84 a = attr_find( e.e_attrs, slap_schema.si_ad_userPassword ); 85 if ( a == NULL ) { 86 rs->sr_err = LDAP_INVALID_CREDENTIALS; 87 goto error_return; 88 } 89 90 if ( slap_passwd_check( op, &e, a, &op->oq_bind.rb_cred, 91 &rs->sr_text ) != 0 ) 92 { 93 rs->sr_err = LDAP_INVALID_CREDENTIALS; 94 goto error_return; 95 } 96 97error_return:; 98 if ( !BER_BVISNULL( &bsi.bsi_base_id.eid_ndn ) ) { 99 (void)backsql_free_entryID( &bsi.bsi_base_id, 0, op->o_tmpmemctx ); 100 } 101 102 if ( !BER_BVISNULL( &e.e_nname ) ) { 103 backsql_entry_clean( op, &e ); 104 } 105 106 if ( bsi.bsi_attrs != NULL ) { 107 op->o_tmpfree( bsi.bsi_attrs, op->o_tmpmemctx ); 108 } 109 110 if ( rs->sr_err != LDAP_SUCCESS ) { 111 send_ldap_result( op, rs ); 112 } 113 114 Debug( LDAP_DEBUG_TRACE,"<==backsql_bind()\n", 0, 0, 0 ); 115 116 return rs->sr_err; 117} 118 119