svn commit: samba r12310 - in branches/SAMBA_4_0/source:
auth/credentials lib/ldb/ldb_ildap
abartlet at samba.org
abartlet at samba.org
Sun Dec 18 05:01:15 GMT 2005
Author: abartlet
Date: 2005-12-18 05:01:15 +0000 (Sun, 18 Dec 2005)
New Revision: 12310
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=12310
Log:
Link simple bind support in our internal LDAP libs to LDB and the
command line processing system.
This is a little ugly at the moment, but works. What I cannot manage
to get to work is the extraction and propogation of command line
credentials into the js interface to ldb.
Andrew Bartlett
Modified:
branches/SAMBA_4_0/source/auth/credentials/credentials.c
branches/SAMBA_4_0/source/auth/credentials/credentials.h
branches/SAMBA_4_0/source/lib/ldb/ldb_ildap/ldb_ildap.c
Changeset:
Modified: branches/SAMBA_4_0/source/auth/credentials/credentials.c
===================================================================
--- branches/SAMBA_4_0/source/auth/credentials/credentials.c 2005-12-17 19:24:13 UTC (rev 12309)
+++ branches/SAMBA_4_0/source/auth/credentials/credentials.c 2005-12-18 05:01:15 UTC (rev 12310)
@@ -57,6 +57,8 @@
cred->machine_account = False;
cred->gensec_list = NULL;
+ cred->bind_dn = NULL;
+
return cred;
}
@@ -104,8 +106,25 @@
return False;
}
+BOOL cli_credentials_set_bind_dn(struct cli_credentials *cred,
+ const char *bind_dn)
+{
+ cred->bind_dn = talloc_strdup(cred, bind_dn);
+ return True;
+}
+/**
+ * Obtain the BIND DN for this credentials context.
+ * @param cred credentials context
+ * @retval The username set on this context.
+ * @note Return value will be NULL if not specified explictly
+ */
+const char *cli_credentials_get_bind_dn(struct cli_credentials *cred)
+{
+ return cred->bind_dn;
+}
+
/**
* Obtain the client principal for this credentials context.
* @param cred credentials context
@@ -171,6 +190,10 @@
BOOL cli_credentials_authentication_requested(struct cli_credentials *cred)
{
+ if (cred->bind_dn) {
+ return True;
+ }
+
if (cred->machine_account_pending) {
cli_credentials_set_machine_account(cred);
}
Modified: branches/SAMBA_4_0/source/auth/credentials/credentials.h
===================================================================
--- branches/SAMBA_4_0/source/auth/credentials/credentials.h 2005-12-17 19:24:13 UTC (rev 12309)
+++ branches/SAMBA_4_0/source/auth/credentials/credentials.h 2005-12-18 05:01:15 UTC (rev 12310)
@@ -61,6 +61,8 @@
const char *principal;
const char *salt_principal;
+ const char *bind_dn;
+
struct samr_Password *nt_hash;
struct ccache_container *ccache;
Modified: branches/SAMBA_4_0/source/lib/ldb/ldb_ildap/ldb_ildap.c
===================================================================
--- branches/SAMBA_4_0/source/lib/ldb/ldb_ildap/ldb_ildap.c 2005-12-17 19:24:13 UTC (rev 12309)
+++ branches/SAMBA_4_0/source/lib/ldb/ldb_ildap/ldb_ildap.c 2005-12-18 05:01:15 UTC (rev 12310)
@@ -510,11 +510,22 @@
}
if (creds != NULL && cli_credentials_authentication_requested(creds)) {
- status = ldap_bind_sasl(ildb->ldap, creds);
- if (!NT_STATUS_IS_OK(status)) {
- ldb_debug(ldb, LDB_DEBUG_ERROR, "Failed to bind - %s\n",
- ldap_errstr(ildb->ldap, status));
- goto failed;
+ const char *bind_dn = cli_credentials_get_bind_dn(creds);
+ if (bind_dn) {
+ const char *password = cli_credentials_get_password(creds);
+ status = ldap_bind_simple(ildb->ldap, bind_dn, password);
+ if (!NT_STATUS_IS_OK(status)) {
+ ldb_debug(ldb, LDB_DEBUG_ERROR, "Failed to bind - %s\n",
+ ldap_errstr(ildb->ldap, status));
+ goto failed;
+ }
+ } else {
+ status = ldap_bind_sasl(ildb->ldap, creds);
+ if (!NT_STATUS_IS_OK(status)) {
+ ldb_debug(ldb, LDB_DEBUG_ERROR, "Failed to bind - %s\n",
+ ldap_errstr(ildb->ldap, status));
+ goto failed;
+ }
}
}
More information about the samba-cvs
mailing list