1/* $NetBSD: bind.c,v 1.3 2021/08/14 16:14:55 christos Exp $ */ 2 3/* bind.c */ 4/* $OpenLDAP$ */ 5/* This work is part of OpenLDAP Software <http://www.openldap.org/>. 6 * 7 * Copyright 1998-2021 The OpenLDAP Foundation. 8 * All rights reserved. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted only as authorized by the OpenLDAP 12 * Public License. 13 * 14 * A copy of this license is available in the file LICENSE in the 15 * top-level directory of the distribution or, alternatively, at 16 * <http://www.OpenLDAP.org/license.html>. 17 */ 18/* Portions Copyright (c) 1990 Regents of the University of Michigan. 19 * All rights reserved. 20 */ 21 22#include <sys/cdefs.h> 23__RCSID("$NetBSD: bind.c,v 1.3 2021/08/14 16:14:55 christos Exp $"); 24 25#include "portable.h" 26 27#include <stdio.h> 28 29#include <ac/stdlib.h> 30 31#include <ac/socket.h> 32#include <ac/string.h> 33#include <ac/time.h> 34 35#include "ldap-int.h" 36#include "ldap_log.h" 37 38/* 39 * BindRequest ::= SEQUENCE { 40 * version INTEGER, 41 * name DistinguishedName, -- who 42 * authentication CHOICE { 43 * simple [0] OCTET STRING -- passwd 44 * krbv42ldap [1] OCTET STRING -- OBSOLETE 45 * krbv42dsa [2] OCTET STRING -- OBSOLETE 46 * sasl [3] SaslCredentials -- LDAPv3 47 * } 48 * } 49 * 50 * BindResponse ::= SEQUENCE { 51 * COMPONENTS OF LDAPResult, 52 * serverSaslCreds OCTET STRING OPTIONAL -- LDAPv3 53 * } 54 * 55 * (Source: RFC 2251) 56 */ 57 58/* 59 * ldap_bind - bind to the ldap server (and X.500). The dn and password 60 * of the entry to which to bind are supplied, along with the authentication 61 * method to use. The msgid of the bind request is returned on success, 62 * -1 if there's trouble. ldap_result() should be called to find out the 63 * outcome of the bind request. 64 * 65 * Example: 66 * ldap_bind( ld, "cn=manager, o=university of michigan, c=us", "secret", 67 * LDAP_AUTH_SIMPLE ) 68 */ 69 70int 71ldap_bind( LDAP *ld, LDAP_CONST char *dn, LDAP_CONST char *passwd, int authmethod ) 72{ 73 Debug0( LDAP_DEBUG_TRACE, "ldap_bind\n" ); 74 75 switch ( authmethod ) { 76 case LDAP_AUTH_SIMPLE: 77 return( ldap_simple_bind( ld, dn, passwd ) ); 78 79#ifdef HAVE_GSSAPI 80 case LDAP_AUTH_NEGOTIATE: 81 return( ldap_gssapi_bind_s( ld, dn, passwd) ); 82#endif 83 84 case LDAP_AUTH_SASL: 85 /* user must use ldap_sasl_bind */ 86 /* FALL-THRU */ 87 88 default: 89 ld->ld_errno = LDAP_AUTH_UNKNOWN; 90 return( -1 ); 91 } 92} 93 94/* 95 * ldap_bind_s - bind to the ldap server (and X.500). The dn and password 96 * of the entry to which to bind are supplied, along with the authentication 97 * method to use. This routine just calls whichever bind routine is 98 * appropriate and returns the result of the bind (e.g. LDAP_SUCCESS or 99 * some other error indication). 100 * 101 * Examples: 102 * ldap_bind_s( ld, "cn=manager, o=university of michigan, c=us", 103 * "secret", LDAP_AUTH_SIMPLE ) 104 * ldap_bind_s( ld, "cn=manager, o=university of michigan, c=us", 105 * NULL, LDAP_AUTH_KRBV4 ) 106 */ 107int 108ldap_bind_s( 109 LDAP *ld, 110 LDAP_CONST char *dn, 111 LDAP_CONST char *passwd, 112 int authmethod ) 113{ 114 Debug0( LDAP_DEBUG_TRACE, "ldap_bind_s\n" ); 115 116 switch ( authmethod ) { 117 case LDAP_AUTH_SIMPLE: 118 return( ldap_simple_bind_s( ld, dn, passwd ) ); 119 120#ifdef HAVE_GSSAPI 121 case LDAP_AUTH_NEGOTIATE: 122 return( ldap_gssapi_bind_s( ld, dn, passwd) ); 123#endif 124 125 case LDAP_AUTH_SASL: 126 /* user must use ldap_sasl_bind */ 127 /* FALL-THRU */ 128 129 default: 130 return( ld->ld_errno = LDAP_AUTH_UNKNOWN ); 131 } 132} 133