1#pragma ident	"%Z%%M%	%I%	%E% SMI"
2
3/*
4 * The contents of this file are subject to the Netscape Public
5 * License Version 1.1 (the "License"); you may not use this file
6 * except in compliance with the License. You may obtain a copy of
7 * the License at http://www.mozilla.org/NPL/
8 *
9 * Software distributed under the License is distributed on an "AS
10 * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
11 * implied. See the License for the specific language governing
12 * rights and limitations under the License.
13 *
14 * The Original Code is Mozilla Communicator client code, released
15 * March 31, 1998.
16 *
17 * The Initial Developer of the Original Code is Netscape
18 * Communications Corporation. Portions created by Netscape are
19 * Copyright (C) 1998-1999 Netscape Communications Corporation. All
20 * Rights Reserved.
21 *
22 * Contributor(s):
23 */
24/*
25 *  bind.c
26 */
27
28#if 0
29#ifndef lint
30static char copyright[] = "@(#) Copyright (c) 1990 Regents of the University of Michigan.\nAll rights reserved.\n";
31#endif
32#endif
33
34#include "ldap-int.h"
35
36/*
37 * ldap_bind - bind to the ldap server. The dn and password
38 * of the entry to which to bind are supplied, along with the authentication
39 * method to use.  The msgid of the bind request is returned on success,
40 * -1 if there's trouble.  Note, the kerberos support assumes the user already
41 * has a valid tgt for now.  ldap_result() should be called to find out the
42 * outcome of the bind request.
43 *
44 * Example:
45 *	ldap_bind( ld, "cn=manager, o=university of michigan, c=us", "secret",
46 *	    LDAP_AUTH_SIMPLE )
47 */
48
49int
50LDAP_CALL
51ldap_bind( LDAP *ld, const char *dn, const char *passwd, int authmethod )
52{
53	/*
54	 * The bind request looks like this:
55	 *	BindRequest ::= SEQUENCE {
56	 *		version		INTEGER,
57	 *		name		DistinguishedName,	 -- who
58	 *		authentication	CHOICE {
59	 *			simple		[0] OCTET STRING -- passwd
60	 *		}
61	 *	}
62	 * all wrapped up in an LDAPMessage sequence.
63	 */
64
65	LDAPDebug( LDAP_DEBUG_TRACE, "ldap_bind\n", 0, 0, 0 );
66
67	if ( !NSLDAPI_VALID_LDAP_POINTER( ld )) {
68		return( -1 );
69	}
70
71	switch ( authmethod ) {
72	case LDAP_AUTH_SIMPLE:
73		return( ldap_simple_bind( ld, dn, passwd ) );
74
75	default:
76		LDAP_SET_LDERRNO( ld, LDAP_AUTH_UNKNOWN, NULL, NULL );
77		return( -1 );
78	}
79}
80
81/*
82 * ldap_bind_s - bind to the ldap server.  The dn and password
83 * of the entry to which to bind are supplied, along with the authentication
84 * method to use.  This routine just calls whichever bind routine is
85 * appropriate and returns the result of the bind (e.g. LDAP_SUCCESS or
86 * some other error indication).  Note, the kerberos support assumes the
87 * user already has a valid tgt for now.
88 *
89 * Examples:
90 *	ldap_bind_s( ld, "cn=manager, o=university of michigan, c=us",
91 *	    "secret", LDAP_AUTH_SIMPLE )
92 *	ldap_bind_s( ld, "cn=manager, o=university of michigan, c=us",
93 *	    NULL, LDAP_AUTH_KRBV4 )
94 */
95int
96LDAP_CALL
97ldap_bind_s( LDAP *ld, const char *dn, const char *passwd, int authmethod )
98{
99	int	err;
100
101	LDAPDebug( LDAP_DEBUG_TRACE, "ldap_bind_s\n", 0, 0, 0 );
102
103	switch ( authmethod ) {
104	case LDAP_AUTH_SIMPLE:
105		return( ldap_simple_bind_s( ld, dn, passwd ) );
106
107	default:
108		err = LDAP_AUTH_UNKNOWN;
109		LDAP_SET_LDERRNO( ld, err, NULL, NULL );
110		return( err );
111	}
112}
113
114
115void
116LDAP_CALL
117ldap_set_rebind_proc( LDAP *ld, LDAP_REBINDPROC_CALLBACK *rebindproc,
118    void *arg )
119{
120	if ( ld == NULL ) {
121		if ( !nsldapi_initialized ) {
122			nsldapi_initialize_defaults();
123		}
124		ld = &nsldapi_ld_defaults;
125	}
126
127	if ( NSLDAPI_VALID_LDAP_POINTER( ld )) {
128		LDAP_MUTEX_LOCK( ld, LDAP_OPTION_LOCK );
129		ld->ld_rebind_fn = rebindproc;
130		ld->ld_rebind_arg = arg;
131		LDAP_MUTEX_UNLOCK( ld, LDAP_OPTION_LOCK );
132	}
133}
134
135
136/*
137 * return a pointer to the bind DN for the default connection (a copy is
138 * not made).  If there is no bind DN available, NULL is returned.
139 */
140char *
141nsldapi_get_binddn( LDAP *ld )
142{
143	char	*binddn;
144
145	binddn = NULL;	/* default -- assume they are not bound */
146
147	LDAP_MUTEX_LOCK( ld, LDAP_CONN_LOCK );
148	if ( NULL != ld->ld_defconn && LDAP_CONNST_CONNECTED ==
149	    ld->ld_defconn->lconn_status && ld->ld_defconn->lconn_bound ) {
150		if (( binddn = ld->ld_defconn->lconn_binddn ) == NULL ) {
151			binddn = "";
152		}
153	}
154	LDAP_MUTEX_UNLOCK( ld, LDAP_CONN_LOCK );
155
156	return( binddn );
157}
158