[SCM] Samba Shared Repository - branch master updated

Andrew Tridgell tridge at samba.org
Wed Jul 7 01:27:03 MDT 2010 

The branch, master has been updated
       via  9c3a982... s4-ldb: added support for simple binds on ldb_ldap backend
       via  7f9153f... s4-ldb: added ldb_options_find()
      from  85504ae... s4:libcli: Modify S4 client library to check for proper CN alignment

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 9c3a9824a9165e9d7cf362d4b8c6add8ad0cc983
Author: Andrew Tridgell <tridge at samba.org>
Date:   Tue Jul 6 15:36:21 2010 +1000

    s4-ldb: added support for simple binds on ldb_ldap backend
    
    this uses the options[] array to pass in bindMech, bindID and
    bindSecret. Currently only "simple" is supported.

commit 7f9153f7e8a3a39d23b6b9c1336031f769dce923
Author: Andrew Tridgell <tridge at samba.org>
Date:   Tue Jul 6 15:35:16 2010 +1000

    s4-ldb: added ldb_options_find()
    
    ldb_options_find() allows backends to find options in the options[]
    array passed to the connect operation.
    
    This will be used by the ldb_ldap bind code

-----------------------------------------------------------------------

Summary of changes:
 source4/lib/ldb/common/ldb_modules.c  |    8 ++--
 source4/lib/ldb/common/ldb_options.c  |   72 +++++++++++++++++++++++++++++++++
 source4/lib/ldb/config.mk             |    2 +-
 source4/lib/ldb/include/ldb_private.h |    6 +++
 source4/lib/ldb/ldb.mk                |    2 +-
 source4/lib/ldb/ldb_ldap/ldb_ldap.c   |   50 +++++++++++++++++++++++
 source4/lib/ldb/wscript               |    2 +-
 7 files changed, 135 insertions(+), 7 deletions(-)
 create mode 100644 source4/lib/ldb/common/ldb_options.c


Changeset truncated at 500 lines:

diff --git a/source4/lib/ldb/common/ldb_modules.c b/source4/lib/ldb/common/ldb_modules.c
index 6e92fc5..e4e2c15 100644
--- a/source4/lib/ldb/common/ldb_modules.c
+++ b/source4/lib/ldb/common/ldb_modules.c
@@ -397,6 +397,7 @@ int ldb_init_module_chain(struct ldb_context *ldb, struct ldb_module *module)
 
 int ldb_load_modules(struct ldb_context *ldb, const char *options[])
 {
+	const char *modules_string;
 	const char **modules = NULL;
 	unsigned int i;
 	int ret;
@@ -409,10 +410,9 @@ int ldb_load_modules(struct ldb_context *ldb, const char *options[])
 
 	/* check if we have a custom module list passd as ldb option */
 	if (options) {
-		for (i = 0; options[i] != NULL; i++) {
-			if (strncmp(options[i], LDB_MODULE_PREFIX, LDB_MODULE_PREFIX_LEN) == 0) {
-				modules = ldb_modules_list_from_string(ldb, mem_ctx, &options[i][LDB_MODULE_PREFIX_LEN]);
-			}
+		modules_string = ldb_options_find(ldb, options, "modules");
+		if (modules_string) {
+			modules = ldb_modules_list_from_string(ldb, mem_ctx, modules_string);
 		}
 	}
 
diff --git a/source4/lib/ldb/common/ldb_options.c b/source4/lib/ldb/common/ldb_options.c
new file mode 100644
index 0000000..f806057
--- /dev/null
+++ b/source4/lib/ldb/common/ldb_options.c
@@ -0,0 +1,72 @@
+/*
+   ldb database library
+
+   Copyright (C) Andrew Tridgell  2010
+
+     ** NOTE! The following LGPL license applies to the ldb
+     ** library. This does NOT imply that all of Samba is released
+     ** under the LGPL
+
+   This library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 3 of the License, or (at your option) any later version.
+
+   This library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with this library; if not, see <http://www.gnu.org/licenses/>.
+*/
+
+/*
+ *  Name: ldb
+ *
+ *  Component: ldb options[] handling
+ *
+ *  Author: Andrew Tridgell
+ */
+
+#include "ldb_private.h"
+
+/*
+  find an option within an options array
+
+  accepts the following forms:
+
+     NAME
+     NAME:value
+     NAME=value
+
+  returns a pointer into an element of the options[] array, or NULL is
+  not found.
+
+  For the NAME form, returns a pointer to an empty string (thus
+  allowing for boolean options).
+ */
+_PRIVATE_ const char *ldb_options_find(struct ldb_context *ldb, const char *options[],
+				       const char *option_name)
+{
+	size_t len = strlen(option_name);
+	int i;
+
+	if (options == NULL) {
+		return NULL;
+	}
+
+	for (i=0; options[i]; i++) {
+		if (strncmp(option_name, options[i], len) != 0) {
+			continue;
+		}
+		if (options[i][len] == ':' || options[i][len] == '=') {
+			return &options[i][len+1];
+		}
+		if (options[i][len] == 0) {
+			return &options[i][len];
+		}
+	}
+
+	return NULL;
+}
diff --git a/source4/lib/ldb/config.mk b/source4/lib/ldb/config.mk
index 54e1416..dd20e64 100644
--- a/source4/lib/ldb/config.mk
+++ b/source4/lib/ldb/config.mk
@@ -130,7 +130,7 @@ PC_FILES += $(ldbsrcdir)/ldb.pc
 LIBLDB_VERSION = 0.0.1
 LIBLDB_SOVERSION = 0
 
-LIBLDB_OBJ_FILES = $(addprefix $(ldbsrcdir)/common/, ldb.o ldb_ldif.o ldb_parse.o ldb_msg.o ldb_utf8.o ldb_debug.o ldb_modules.o ldb_match.o ldb_attributes.o attrib_handlers.o ldb_dn.o ldb_controls.o qsort.o) $(ldb_map_OBJ_FILES)
+LIBLDB_OBJ_FILES = $(addprefix $(ldbsrcdir)/common/, ldb.o ldb_ldif.o ldb_parse.o ldb_msg.o ldb_utf8.o ldb_debug.o ldb_modules.o ldb_options.o ldb_match.o ldb_attributes.o attrib_handlers.o ldb_dn.o ldb_controls.o qsort.o) $(ldb_map_OBJ_FILES)
 
 $(LIBLDB_OBJ_FILES): CFLAGS+=-I$(ldbsrcdir)/include
 
diff --git a/source4/lib/ldb/include/ldb_private.h b/source4/lib/ldb/include/ldb_private.h
index 0e0a1a2..aac21c7 100644
--- a/source4/lib/ldb/include/ldb_private.h
+++ b/source4/lib/ldb/include/ldb_private.h
@@ -171,4 +171,10 @@ int ldb_init_module_chain(struct ldb_context *ldb, struct ldb_module *module);
 
 struct ldb_val ldb_binary_decode(void *mem_ctx, const char *str);
 
+
+/* The following definitions come from lib/ldb/common/ldb_options.c  */
+
+const char *ldb_options_find(struct ldb_context *ldb, const char *options[],
+			     const char *option_name);
+
 #endif
diff --git a/source4/lib/ldb/ldb.mk b/source4/lib/ldb/ldb.mk
index 0c9b115..ac1a48b 100644
--- a/source4/lib/ldb/ldb.mk
+++ b/source4/lib/ldb/ldb.mk
@@ -15,7 +15,7 @@ LDB_MAP_OBJ=$(LDB_MAP_DIR)/ldb_map.o $(LDB_MAP_DIR)/ldb_map_inbound.o \
 COMDIR=common
 COMMON_OBJ=$(COMDIR)/ldb.o $(COMDIR)/ldb_ldif.o \
 	   $(COMDIR)/ldb_parse.o $(COMDIR)/ldb_msg.o $(COMDIR)/ldb_utf8.o \
-	   $(COMDIR)/ldb_debug.o $(COMDIR)/ldb_modules.o \
+	   $(COMDIR)/ldb_debug.o $(COMDIR)/ldb_modules.o $(COMDIR)/ldb_options.o \
 	   $(COMDIR)/ldb_dn.o $(COMDIR)/ldb_match.o $(COMDIR)/ldb_attributes.o \
 	   $(COMDIR)/attrib_handlers.o $(COMDIR)/ldb_controls.o $(COMDIR)/qsort.o
 
diff --git a/source4/lib/ldb/ldb_ldap/ldb_ldap.c b/source4/lib/ldb/ldb_ldap/ldb_ldap.c
index 292da7a..8383627 100644
--- a/source4/lib/ldb/ldb_ldap/ldb_ldap.c
+++ b/source4/lib/ldb/ldb_ldap/ldb_ldap.c
@@ -40,6 +40,7 @@
 
 #include "ldb_includes.h"
 #include "ldb_module.h"
+#include "ldb_private.h"
 
 #define LDAP_DEPRECATED 1
 #include <ldap.h>
@@ -856,6 +857,48 @@ static int lldb_destructor(struct lldb_private *lldb)
 	return 0;
 }
 
+
+/*
+  optionally perform a bind
+ */
+static int lldb_bind(struct ldb_module *module,
+		     const char *options[])
+{
+	const char *bind_mechanism;
+	struct lldb_private *lldb;
+	struct ldb_context *ldb = ldb_module_get_ctx(module);
+	int ret;
+
+	bind_mechanism = ldb_options_find(ldb, options, "bindMech");
+	if (bind_mechanism == NULL) {
+		/* no bind wanted */
+		return LDB_SUCCESS;
+	}
+
+	lldb = talloc_get_type(ldb_module_get_private(module), struct lldb_private);
+
+	if (strcmp(bind_mechanism, "simple") == 0) {
+		const char *bind_id, *bind_secret;
+
+		bind_id = ldb_options_find(ldb, options, "bindID");
+		bind_secret = ldb_options_find(ldb, options, "bindSecret");
+		if (bind_id == NULL || bind_secret == NULL) {
+			ldb_asprintf_errstring(ldb, "simple bind requires bindID and bindSecret");
+			return LDB_ERR_OPERATIONS_ERROR;
+		}
+
+		ret = ldap_simple_bind_s(lldb->ldap, bind_id, bind_secret);
+		if (ret != LDAP_SUCCESS) {
+			ldb_asprintf_errstring(ldb, "bind failed: %s", ldap_err2string(ret));
+			return ret;
+		}
+		return LDB_SUCCESS;
+	}
+
+	ldb_asprintf_errstring(ldb, "bind failed: unknown mechanism %s", bind_mechanism);
+	return LDB_ERR_INAPPROPRIATE_AUTHENTICATION;
+}
+
 /*
   connect to the database
 */
@@ -897,6 +940,13 @@ static int lldb_connect(struct ldb_context *ldb,
 	}
 
 	*_module = module;
+
+	ret = lldb_bind(module, options);
+	if (ret != LDB_SUCCESS) {
+		goto failed;
+	}
+
+
 	return LDB_SUCCESS;
 
 failed:
diff --git a/source4/lib/ldb/wscript b/source4/lib/ldb/wscript
index 9de9a5b..773925e 100644
--- a/source4/lib/ldb/wscript
+++ b/source4/lib/ldb/wscript
@@ -70,7 +70,7 @@ def build(bld):
 
     COMMON_SRC = bld.SUBDIR('common',
                             '''ldb.c ldb_ldif.c ldb_parse.c ldb_msg.c ldb_utf8.c
-                            ldb_debug.c ldb_dn.c ldb_match.c ldb_modules.c
+                            ldb_debug.c ldb_dn.c ldb_match.c ldb_modules.c ldb_options.c
                             ldb_attributes.c attrib_handlers.c ldb_controls.c qsort.c''')
 
     if s4_build:


-- 
Samba Shared Repository

More information about the samba-cvs mailing list