svn commit: samba r12310 - in branches/SAMBA_4_0/source: auth/credentials lib/ldb/ldb_ildap

abartlet at samba.org abartlet at samba.org
Sun Dec 18 05:01:15 GMT 2005


Author: abartlet
Date: 2005-12-18 05:01:15 +0000 (Sun, 18 Dec 2005)
New Revision: 12310

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=12310

Log:
Link simple bind support in our internal LDAP libs to LDB and the
command line processing system.

This is a little ugly at the moment, but works.  What I cannot manage
to get to work is the extraction and propogation of command line
credentials into the js interface to ldb.

Andrew Bartlett

Modified:
   branches/SAMBA_4_0/source/auth/credentials/credentials.c
   branches/SAMBA_4_0/source/auth/credentials/credentials.h
   branches/SAMBA_4_0/source/lib/ldb/ldb_ildap/ldb_ildap.c


Changeset:
Modified: branches/SAMBA_4_0/source/auth/credentials/credentials.c
===================================================================
--- branches/SAMBA_4_0/source/auth/credentials/credentials.c	2005-12-17 19:24:13 UTC (rev 12309)
+++ branches/SAMBA_4_0/source/auth/credentials/credentials.c	2005-12-18 05:01:15 UTC (rev 12310)
@@ -57,6 +57,8 @@
 	cred->machine_account = False;
 	cred->gensec_list = NULL;
 
+	cred->bind_dn = NULL;
+
 	return cred;
 }
 
@@ -104,8 +106,25 @@
 	return False;
 }
 
+BOOL cli_credentials_set_bind_dn(struct cli_credentials *cred, 
+				 const char *bind_dn)
+{
+	cred->bind_dn = talloc_strdup(cred, bind_dn);
+	return True;
+}
 
+/**
+ * Obtain the BIND DN for this credentials context.
+ * @param cred credentials context
+ * @retval The username set on this context.
+ * @note Return value will be NULL if not specified explictly
+ */
+const char *cli_credentials_get_bind_dn(struct cli_credentials *cred)
+{
+	return cred->bind_dn;
+}
 
+
 /**
  * Obtain the client principal for this credentials context.
  * @param cred credentials context
@@ -171,6 +190,10 @@
 
 BOOL cli_credentials_authentication_requested(struct cli_credentials *cred) 
 {
+	if (cred->bind_dn) {
+		return True;
+	}
+
 	if (cred->machine_account_pending) {
 		cli_credentials_set_machine_account(cred);
 	}

Modified: branches/SAMBA_4_0/source/auth/credentials/credentials.h
===================================================================
--- branches/SAMBA_4_0/source/auth/credentials/credentials.h	2005-12-17 19:24:13 UTC (rev 12309)
+++ branches/SAMBA_4_0/source/auth/credentials/credentials.h	2005-12-18 05:01:15 UTC (rev 12310)
@@ -61,6 +61,8 @@
 	const char *principal;
 	const char *salt_principal;
 
+	const char *bind_dn;
+
 	struct samr_Password *nt_hash;
 
 	struct ccache_container *ccache;

Modified: branches/SAMBA_4_0/source/lib/ldb/ldb_ildap/ldb_ildap.c
===================================================================
--- branches/SAMBA_4_0/source/lib/ldb/ldb_ildap/ldb_ildap.c	2005-12-17 19:24:13 UTC (rev 12309)
+++ branches/SAMBA_4_0/source/lib/ldb/ldb_ildap/ldb_ildap.c	2005-12-18 05:01:15 UTC (rev 12310)
@@ -510,11 +510,22 @@
 	}
 
 	if (creds != NULL && cli_credentials_authentication_requested(creds)) {
-		status = ldap_bind_sasl(ildb->ldap, creds);
-		if (!NT_STATUS_IS_OK(status)) {
-			ldb_debug(ldb, LDB_DEBUG_ERROR, "Failed to bind - %s\n",
-				  ldap_errstr(ildb->ldap, status));
-			goto failed;
+		const char *bind_dn = cli_credentials_get_bind_dn(creds);
+		if (bind_dn) {
+			const char *password = cli_credentials_get_password(creds);
+			status = ldap_bind_simple(ildb->ldap, bind_dn, password);
+			if (!NT_STATUS_IS_OK(status)) {
+				ldb_debug(ldb, LDB_DEBUG_ERROR, "Failed to bind - %s\n",
+					  ldap_errstr(ildb->ldap, status));
+				goto failed;
+			}
+		} else {
+			status = ldap_bind_sasl(ildb->ldap, creds);
+			if (!NT_STATUS_IS_OK(status)) {
+				ldb_debug(ldb, LDB_DEBUG_ERROR, "Failed to bind - %s\n",
+					  ldap_errstr(ildb->ldap, status));
+				goto failed;
+			}
 		}
 	}
 



More information about the samba-cvs mailing list