[SCM] Samba Shared Repository - branch master updated
Andrew Tridgell
tridge at samba.org
Wed Jul 7 01:27:03 MDT 2010
The branch, master has been updated
via 9c3a982... s4-ldb: added support for simple binds on ldb_ldap backend
via 7f9153f... s4-ldb: added ldb_options_find()
from 85504ae... s4:libcli: Modify S4 client library to check for proper CN alignment
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 9c3a9824a9165e9d7cf362d4b8c6add8ad0cc983
Author: Andrew Tridgell <tridge at samba.org>
Date: Tue Jul 6 15:36:21 2010 +1000
s4-ldb: added support for simple binds on ldb_ldap backend
this uses the options[] array to pass in bindMech, bindID and
bindSecret. Currently only "simple" is supported.
commit 7f9153f7e8a3a39d23b6b9c1336031f769dce923
Author: Andrew Tridgell <tridge at samba.org>
Date: Tue Jul 6 15:35:16 2010 +1000
s4-ldb: added ldb_options_find()
ldb_options_find() allows backends to find options in the options[]
array passed to the connect operation.
This will be used by the ldb_ldap bind code
-----------------------------------------------------------------------
Summary of changes:
source4/lib/ldb/common/ldb_modules.c | 8 ++--
source4/lib/ldb/common/ldb_options.c | 72 +++++++++++++++++++++++++++++++++
source4/lib/ldb/config.mk | 2 +-
source4/lib/ldb/include/ldb_private.h | 6 +++
source4/lib/ldb/ldb.mk | 2 +-
source4/lib/ldb/ldb_ldap/ldb_ldap.c | 50 +++++++++++++++++++++++
source4/lib/ldb/wscript | 2 +-
7 files changed, 135 insertions(+), 7 deletions(-)
create mode 100644 source4/lib/ldb/common/ldb_options.c
Changeset truncated at 500 lines:
diff --git a/source4/lib/ldb/common/ldb_modules.c b/source4/lib/ldb/common/ldb_modules.c
index 6e92fc5..e4e2c15 100644
--- a/source4/lib/ldb/common/ldb_modules.c
+++ b/source4/lib/ldb/common/ldb_modules.c
@@ -397,6 +397,7 @@ int ldb_init_module_chain(struct ldb_context *ldb, struct ldb_module *module)
int ldb_load_modules(struct ldb_context *ldb, const char *options[])
{
+ const char *modules_string;
const char **modules = NULL;
unsigned int i;
int ret;
@@ -409,10 +410,9 @@ int ldb_load_modules(struct ldb_context *ldb, const char *options[])
/* check if we have a custom module list passd as ldb option */
if (options) {
- for (i = 0; options[i] != NULL; i++) {
- if (strncmp(options[i], LDB_MODULE_PREFIX, LDB_MODULE_PREFIX_LEN) == 0) {
- modules = ldb_modules_list_from_string(ldb, mem_ctx, &options[i][LDB_MODULE_PREFIX_LEN]);
- }
+ modules_string = ldb_options_find(ldb, options, "modules");
+ if (modules_string) {
+ modules = ldb_modules_list_from_string(ldb, mem_ctx, modules_string);
}
}
diff --git a/source4/lib/ldb/common/ldb_options.c b/source4/lib/ldb/common/ldb_options.c
new file mode 100644
index 0000000..f806057
--- /dev/null
+++ b/source4/lib/ldb/common/ldb_options.c
@@ -0,0 +1,72 @@
+/*
+ ldb database library
+
+ Copyright (C) Andrew Tridgell 2010
+
+ ** NOTE! The following LGPL license applies to the ldb
+ ** library. This does NOT imply that all of Samba is released
+ ** under the LGPL
+
+ This library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 3 of the License, or (at your option) any later version.
+
+ This library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with this library; if not, see <http://www.gnu.org/licenses/>.
+*/
+
+/*
+ * Name: ldb
+ *
+ * Component: ldb options[] handling
+ *
+ * Author: Andrew Tridgell
+ */
+
+#include "ldb_private.h"
+
+/*
+ find an option within an options array
+
+ accepts the following forms:
+
+ NAME
+ NAME:value
+ NAME=value
+
+ returns a pointer into an element of the options[] array, or NULL is
+ not found.
+
+ For the NAME form, returns a pointer to an empty string (thus
+ allowing for boolean options).
+ */
+_PRIVATE_ const char *ldb_options_find(struct ldb_context *ldb, const char *options[],
+ const char *option_name)
+{
+ size_t len = strlen(option_name);
+ int i;
+
+ if (options == NULL) {
+ return NULL;
+ }
+
+ for (i=0; options[i]; i++) {
+ if (strncmp(option_name, options[i], len) != 0) {
+ continue;
+ }
+ if (options[i][len] == ':' || options[i][len] == '=') {
+ return &options[i][len+1];
+ }
+ if (options[i][len] == 0) {
+ return &options[i][len];
+ }
+ }
+
+ return NULL;
+}
diff --git a/source4/lib/ldb/config.mk b/source4/lib/ldb/config.mk
index 54e1416..dd20e64 100644
--- a/source4/lib/ldb/config.mk
+++ b/source4/lib/ldb/config.mk
@@ -130,7 +130,7 @@ PC_FILES += $(ldbsrcdir)/ldb.pc
LIBLDB_VERSION = 0.0.1
LIBLDB_SOVERSION = 0
-LIBLDB_OBJ_FILES = $(addprefix $(ldbsrcdir)/common/, ldb.o ldb_ldif.o ldb_parse.o ldb_msg.o ldb_utf8.o ldb_debug.o ldb_modules.o ldb_match.o ldb_attributes.o attrib_handlers.o ldb_dn.o ldb_controls.o qsort.o) $(ldb_map_OBJ_FILES)
+LIBLDB_OBJ_FILES = $(addprefix $(ldbsrcdir)/common/, ldb.o ldb_ldif.o ldb_parse.o ldb_msg.o ldb_utf8.o ldb_debug.o ldb_modules.o ldb_options.o ldb_match.o ldb_attributes.o attrib_handlers.o ldb_dn.o ldb_controls.o qsort.o) $(ldb_map_OBJ_FILES)
$(LIBLDB_OBJ_FILES): CFLAGS+=-I$(ldbsrcdir)/include
diff --git a/source4/lib/ldb/include/ldb_private.h b/source4/lib/ldb/include/ldb_private.h
index 0e0a1a2..aac21c7 100644
--- a/source4/lib/ldb/include/ldb_private.h
+++ b/source4/lib/ldb/include/ldb_private.h
@@ -171,4 +171,10 @@ int ldb_init_module_chain(struct ldb_context *ldb, struct ldb_module *module);
struct ldb_val ldb_binary_decode(void *mem_ctx, const char *str);
+
+/* The following definitions come from lib/ldb/common/ldb_options.c */
+
+const char *ldb_options_find(struct ldb_context *ldb, const char *options[],
+ const char *option_name);
+
#endif
diff --git a/source4/lib/ldb/ldb.mk b/source4/lib/ldb/ldb.mk
index 0c9b115..ac1a48b 100644
--- a/source4/lib/ldb/ldb.mk
+++ b/source4/lib/ldb/ldb.mk
@@ -15,7 +15,7 @@ LDB_MAP_OBJ=$(LDB_MAP_DIR)/ldb_map.o $(LDB_MAP_DIR)/ldb_map_inbound.o \
COMDIR=common
COMMON_OBJ=$(COMDIR)/ldb.o $(COMDIR)/ldb_ldif.o \
$(COMDIR)/ldb_parse.o $(COMDIR)/ldb_msg.o $(COMDIR)/ldb_utf8.o \
- $(COMDIR)/ldb_debug.o $(COMDIR)/ldb_modules.o \
+ $(COMDIR)/ldb_debug.o $(COMDIR)/ldb_modules.o $(COMDIR)/ldb_options.o \
$(COMDIR)/ldb_dn.o $(COMDIR)/ldb_match.o $(COMDIR)/ldb_attributes.o \
$(COMDIR)/attrib_handlers.o $(COMDIR)/ldb_controls.o $(COMDIR)/qsort.o
diff --git a/source4/lib/ldb/ldb_ldap/ldb_ldap.c b/source4/lib/ldb/ldb_ldap/ldb_ldap.c
index 292da7a..8383627 100644
--- a/source4/lib/ldb/ldb_ldap/ldb_ldap.c
+++ b/source4/lib/ldb/ldb_ldap/ldb_ldap.c
@@ -40,6 +40,7 @@
#include "ldb_includes.h"
#include "ldb_module.h"
+#include "ldb_private.h"
#define LDAP_DEPRECATED 1
#include <ldap.h>
@@ -856,6 +857,48 @@ static int lldb_destructor(struct lldb_private *lldb)
return 0;
}
+
+/*
+ optionally perform a bind
+ */
+static int lldb_bind(struct ldb_module *module,
+ const char *options[])
+{
+ const char *bind_mechanism;
+ struct lldb_private *lldb;
+ struct ldb_context *ldb = ldb_module_get_ctx(module);
+ int ret;
+
+ bind_mechanism = ldb_options_find(ldb, options, "bindMech");
+ if (bind_mechanism == NULL) {
+ /* no bind wanted */
+ return LDB_SUCCESS;
+ }
+
+ lldb = talloc_get_type(ldb_module_get_private(module), struct lldb_private);
+
+ if (strcmp(bind_mechanism, "simple") == 0) {
+ const char *bind_id, *bind_secret;
+
+ bind_id = ldb_options_find(ldb, options, "bindID");
+ bind_secret = ldb_options_find(ldb, options, "bindSecret");
+ if (bind_id == NULL || bind_secret == NULL) {
+ ldb_asprintf_errstring(ldb, "simple bind requires bindID and bindSecret");
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+
+ ret = ldap_simple_bind_s(lldb->ldap, bind_id, bind_secret);
+ if (ret != LDAP_SUCCESS) {
+ ldb_asprintf_errstring(ldb, "bind failed: %s", ldap_err2string(ret));
+ return ret;
+ }
+ return LDB_SUCCESS;
+ }
+
+ ldb_asprintf_errstring(ldb, "bind failed: unknown mechanism %s", bind_mechanism);
+ return LDB_ERR_INAPPROPRIATE_AUTHENTICATION;
+}
+
/*
connect to the database
*/
@@ -897,6 +940,13 @@ static int lldb_connect(struct ldb_context *ldb,
}
*_module = module;
+
+ ret = lldb_bind(module, options);
+ if (ret != LDB_SUCCESS) {
+ goto failed;
+ }
+
+
return LDB_SUCCESS;
failed:
diff --git a/source4/lib/ldb/wscript b/source4/lib/ldb/wscript
index 9de9a5b..773925e 100644
--- a/source4/lib/ldb/wscript
+++ b/source4/lib/ldb/wscript
@@ -70,7 +70,7 @@ def build(bld):
COMMON_SRC = bld.SUBDIR('common',
'''ldb.c ldb_ldif.c ldb_parse.c ldb_msg.c ldb_utf8.c
- ldb_debug.c ldb_dn.c ldb_match.c ldb_modules.c
+ ldb_debug.c ldb_dn.c ldb_match.c ldb_modules.c ldb_options.c
ldb_attributes.c attrib_handlers.c ldb_controls.c qsort.c''')
if s4_build:
--
Samba Shared Repository
More information about the samba-cvs
mailing list