/* * WLDAP32 - LDAP support for Wine * * Copyright 2005 Hans Leidekker * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public * License as published by the Free Software Foundation; either * version 2.1 of the License, or (at your option) any later version. * * This library is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * Lesser General Public License for more details. * * You should have received a copy of the GNU Lesser General Public * License along with this library; if not, write to the Free Software * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA */ #include #include #include "windef.h" #include "winbase.h" #include "winnls.h" #include "rpc.h" #include "winldap.h" #include "wine/debug.h" #include "winldap_private.h" WINE_DEFAULT_DEBUG_CHANNEL(wldap32); /*********************************************************************** * ldap_bindA (WLDAP32.@) * * See ldap_bindW. */ ULONG CDECL ldap_bindA( LDAP *ld, char *dn, char *cred, ULONG method ) { ULONG ret = LDAP_NO_MEMORY; WCHAR *dnW = NULL, *credW = NULL; TRACE( "(%p, %s, %p, %#lx)\n", ld, debugstr_a(dn), cred, method ); if (!ld) return ~0u; if (dn && !(dnW = strAtoW( dn ))) goto exit; if (cred && !(credW = strAtoW( cred ))) goto exit; ret = ldap_bindW( ld, dnW, credW, method ); exit: free( dnW ); free( credW ); return ret; } /*********************************************************************** * ldap_bindW (WLDAP32.@) * * Authenticate with an LDAP server (asynchronous operation). * * PARAMS * ld [I] Pointer to an LDAP context. * dn [I] DN of entry to bind as. * cred [I] Credentials (e.g. password string). * method [I] Authentication method. * * RETURNS * Success: Message ID of the bind operation. * Failure: An LDAP error code. * * NOTES * Only LDAP_AUTH_SIMPLE is supported (just like native). */ ULONG CDECL ldap_bindW( LDAP *ld, WCHAR *dn, WCHAR *cred, ULONG method ) { ULONG ret = LDAP_NO_MEMORY; char *dnU = NULL, *credU = NULL; struct bervalU pwd = { 0, NULL }; int msg; TRACE( "(%p, %s, %p, %#lx)\n", ld, debugstr_w(dn), cred, method ); if (!ld) return ~0u; if (method != LDAP_AUTH_SIMPLE) return LDAP_PARAM_ERROR; if (dn && !(dnU = strWtoU( dn ))) goto exit; if (cred) { if (!(credU = strWtoU( cred ))) goto exit; pwd.bv_len = strlen( credU ); pwd.bv_val = credU; } { struct ldap_sasl_bind_params params = { CTX(ld), dnU, 0, &pwd, NULL, NULL, &msg }; ret = map_error( LDAP_CALL( ldap_sasl_bind, ¶ms )); } if (ret == LDAP_SUCCESS) ret = msg; else ret = ~0u; exit: free( dnU ); free( credU ); return ret; } /*********************************************************************** * ldap_bind_sA (WLDAP32.@) * * See ldap_bind_sW. */ ULONG CDECL ldap_bind_sA( LDAP *ld, char *dn, char *cred, ULONG method ) { ULONG ret = LDAP_NO_MEMORY; WCHAR *dnW = NULL, *credW = NULL; TRACE( "(%p, %s, %p, %#lx)\n", ld, debugstr_a(dn), cred, method ); if (!ld) return LDAP_PARAM_ERROR; if (dn && !(dnW = strAtoW( dn ))) goto exit; if (cred) { if (method == LDAP_AUTH_SIMPLE) { if (!(credW = strAtoW( cred ))) goto exit; } else credW = (WCHAR *)cred /* SEC_WINNT_AUTH_IDENTITY_A */; } ret = ldap_bind_sW( ld, dnW, credW, method ); exit: free( dnW ); if (credW != (WCHAR *)cred) free( credW ); return ret; } /*********************************************************************** * ldap_bind_sW (WLDAP32.@) * * Authenticate with an LDAP server (synchronous operation). * * PARAMS * ld [I] Pointer to an LDAP context. * dn [I] DN of entry to bind as. * cred [I] Credentials (e.g. password string). * method [I] Authentication method. * * RETURNS * Success: LDAP_SUCCESS * Failure: An LDAP error code. */ ULONG CDECL ldap_bind_sW( LDAP *ld, WCHAR *dn, WCHAR *cred, ULONG method ) { ULONG ret = LDAP_NO_MEMORY; char *dnU = NULL, *credU = NULL; struct bervalU pwd = { 0, NULL }; TRACE( "(%p, %s, %p, %#lx)\n", ld, debugstr_w(dn), cred, method ); if (!ld) return LDAP_PARAM_ERROR; if (method == LDAP_AUTH_SIMPLE) { if (dn && !(dnU = strWtoU( dn ))) goto exit; if (cred) { if (!(credU = strWtoU( cred ))) goto exit; pwd.bv_len = strlen( credU ); pwd.bv_val = credU; } { struct ldap_sasl_bind_s_params params = { CTX(ld), dnU, 0, &pwd, NULL, NULL, NULL }; ret = map_error( LDAP_CALL( ldap_sasl_bind_s, ¶ms )); } } else if (method == LDAP_AUTH_NEGOTIATE) { SEC_WINNT_AUTH_IDENTITY_A idU; SEC_WINNT_AUTH_IDENTITY_W idW; SEC_WINNT_AUTH_IDENTITY_W *id = (SEC_WINNT_AUTH_IDENTITY_W *)cred; memset( &idU, 0, sizeof(idU) ); if (id) { if (id->Flags & SEC_WINNT_AUTH_IDENTITY_ANSI) { idW.Flags = SEC_WINNT_AUTH_IDENTITY_UNICODE; idW.Domain = (unsigned short *)strnAtoW( (char *)id->Domain, id->DomainLength, &idW.DomainLength ); idW.User = (unsigned short *)strnAtoW( (char *)id->User, id->UserLength, &idW.UserLength ); idW.Password = (unsigned short *)strnAtoW( (char *)id->Password, id->PasswordLength, &idW.PasswordLength ); id = &idW; } idU.Domain = (unsigned char *)strnWtoU( id->Domain, id->DomainLength, &idU.DomainLength ); idU.User = (unsigned char *)strnWtoU( id->User, id->UserLength, &idU.UserLength ); idU.Password = (unsigned char *)strnWtoU( id->Password, id->PasswordLength, &idU.PasswordLength ); } { struct ldap_sasl_interactive_bind_s_params params = { CTX(ld), NULL /* server will ignore DN anyway */, NULL /* query supportedSASLMechanisms */, NULL, NULL, 2 /* LDAP_SASL_QUIET */, &idU }; ret = map_error( LDAP_CALL( ldap_sasl_interactive_bind_s, ¶ms )); } if (id && (id->Flags & SEC_WINNT_AUTH_IDENTITY_ANSI)) { free( (WCHAR *)idW.Domain ); free( (WCHAR *)idW.User ); free( (WCHAR *)idW.Password ); } free( (char *)idU.Domain ); free( (char *)idU.User ); free( (char *)idU.Password ); } else { FIXME( "method %#lx not supported\n", method ); return LDAP_PARAM_ERROR; } exit: free( dnU ); free( credU ); return ret; } /*********************************************************************** * ldap_sasl_bindA (WLDAP32.@) * * See ldap_sasl_bindW. */ ULONG CDECL ldap_sasl_bindA( LDAP *ld, const PCHAR dn, const PCHAR mechanism, const BERVAL *cred, LDAPControlA **serverctrls, LDAPControlA **clientctrls, int *message ) { ULONG ret = LDAP_NO_MEMORY; WCHAR *dnW, *mechanismW = NULL; LDAPControlW **serverctrlsW = NULL, **clientctrlsW = NULL; TRACE( "(%p, %s, %s, %p, %p, %p, %p)\n", ld, debugstr_a(dn), debugstr_a(mechanism), cred, serverctrls, clientctrls, message ); if (!ld || !dn || !mechanism || !cred || !message) return LDAP_PARAM_ERROR; if (!(dnW = strAtoW( dn ))) goto exit; if (!(mechanismW = strAtoW( mechanism ))) goto exit; if (serverctrls && !(serverctrlsW = controlarrayAtoW( serverctrls ))) goto exit; if (clientctrls && !(clientctrlsW = controlarrayAtoW( clientctrls ))) goto exit; ret = ldap_sasl_bindW( ld, dnW, mechanismW, cred, serverctrlsW, clientctrlsW, message ); exit: free( dnW ); free( mechanismW ); controlarrayfreeW( serverctrlsW ); controlarrayfreeW( clientctrlsW ); return ret; } /*********************************************************************** * ldap_sasl_bindW (WLDAP32.@) * * Authenticate with an LDAP server using SASL (asynchronous operation). * * PARAMS * ld [I] Pointer to an LDAP context. * dn [I] DN of entry to bind as. * mechanism [I] Authentication method. * cred [I] Credentials. * serverctrls [I] Array of LDAP server controls. * clientctrls [I] Array of LDAP client controls. * message [O] Message ID of the bind operation. * * RETURNS * Success: LDAP_SUCCESS * Failure: An LDAP error code. * * NOTES * The serverctrls and clientctrls parameters are optional and should * be set to NULL if not used. */ ULONG CDECL ldap_sasl_bindW( LDAP *ld, const PWCHAR dn, const PWCHAR mechanism, const BERVAL *cred, LDAPControlW **serverctrls, LDAPControlW **clientctrls, int *message ) { ULONG ret = LDAP_NO_MEMORY; char *dnU, *mechanismU = NULL; LDAPControlU **serverctrlsU = NULL, **clientctrlsU = NULL; struct bervalU credU; TRACE( "(%p, %s, %s, %p, %p, %p, %p)\n", ld, debugstr_w(dn), debugstr_w(mechanism), cred, serverctrls, clientctrls, message ); if (!ld || !dn || !mechanism || !cred || !message) return LDAP_PARAM_ERROR; if (!(dnU = strWtoU( dn ))) goto exit; if (!(mechanismU = strWtoU( mechanism ))) goto exit; if (serverctrls && !(serverctrlsU = controlarrayWtoU( serverctrls ))) goto exit; if (clientctrls && !(clientctrlsU = controlarrayWtoU( clientctrls ))) goto exit; else { struct ldap_sasl_bind_params params = { CTX(ld), dnU, mechanismU, &credU, serverctrlsU, clientctrlsU, message }; credU.bv_len = cred->bv_len; credU.bv_val = cred->bv_val; ret = map_error( LDAP_CALL( ldap_sasl_bind, ¶ms )); } exit: free( dnU ); free( mechanismU ); controlarrayfreeU( serverctrlsU ); controlarrayfreeU( clientctrlsU ); return ret; } /*********************************************************************** * ldap_sasl_bind_sA (WLDAP32.@) * * See ldap_sasl_bind_sW. */ ULONG CDECL ldap_sasl_bind_sA( LDAP *ld, const PCHAR dn, const PCHAR mechanism, const BERVAL *cred, LDAPControlA **serverctrls, LDAPControlA **clientctrls, BERVAL **serverdata ) { ULONG ret = LDAP_NO_MEMORY; WCHAR *dnW, *mechanismW = NULL; LDAPControlW **serverctrlsW = NULL, **clientctrlsW = NULL; TRACE( "(%p, %s, %s, %p, %p, %p, %p)\n", ld, debugstr_a(dn), debugstr_a(mechanism), cred, serverctrls, clientctrls, serverdata ); if (!ld || !dn || !mechanism || !cred || !serverdata) return LDAP_PARAM_ERROR; if (!(dnW = strAtoW( dn ))) goto exit; if (!(mechanismW = strAtoW( mechanism ))) goto exit; if (serverctrls && !(serverctrlsW = controlarrayAtoW( serverctrls ))) goto exit; if (clientctrls && !(clientctrlsW = controlarrayAtoW( clientctrls ))) goto exit; ret = ldap_sasl_bind_sW( ld, dnW, mechanismW, cred, serverctrlsW, clientctrlsW, serverdata ); exit: free( dnW ); free( mechanismW ); controlarrayfreeW( serverctrlsW ); controlarrayfreeW( clientctrlsW ); return ret; } /*********************************************************************** * ldap_sasl_bind_sW (WLDAP32.@) * * Authenticate with an LDAP server using SASL (synchronous operation). * * PARAMS * ld [I] Pointer to an LDAP context. * dn [I] DN of entry to bind as. * mechanism [I] Authentication method. * cred [I] Credentials. * serverctrls [I] Array of LDAP server controls. * clientctrls [I] Array of LDAP client controls. * serverdata [O] Authentication response from the server. * * RETURNS * Success: LDAP_SUCCESS * Failure: An LDAP error code. * * NOTES * The serverctrls and clientctrls parameters are optional and should * be set to NULL if not used. */ ULONG CDECL ldap_sasl_bind_sW( LDAP *ld, const PWCHAR dn, const PWCHAR mechanism, const BERVAL *cred, LDAPControlW **serverctrls, LDAPControlW **clientctrls, BERVAL **serverdata ) { ULONG ret = LDAP_NO_MEMORY; char *dnU, *mechanismU = NULL; LDAPControlU **serverctrlsU = NULL, **clientctrlsU = NULL; struct bervalU *dataU, credU; TRACE( "(%p, %s, %s, %p, %p, %p, %p)\n", ld, debugstr_w(dn), debugstr_w(mechanism), cred, serverctrls, clientctrls, serverdata ); if (!ld || !dn || !mechanism || !cred || !serverdata) return LDAP_PARAM_ERROR; if (!(dnU = strWtoU( dn ))) goto exit; if (!(mechanismU = strWtoU( mechanism ))) goto exit; if (serverctrls && !(serverctrlsU = controlarrayWtoU( serverctrls ))) goto exit; if (clientctrls && !(clientctrlsU = controlarrayWtoU( clientctrls ))) goto exit; credU.bv_len = cred->bv_len; credU.bv_val = cred->bv_val; { struct ldap_sasl_bind_s_params params = { CTX(ld), dnU, mechanismU, &credU, serverctrlsU, clientctrlsU, &dataU }; ret = map_error( LDAP_CALL( ldap_sasl_bind_s, ¶ms )); } if (ret == LDAP_SUCCESS) { BERVAL *ptr; if (!(ptr = bervalUtoW( dataU ))) ret = LDAP_NO_MEMORY; else *serverdata = ptr; LDAP_CALL( ber_bvfree, dataU ); } exit: free( dnU ); free( mechanismU ); controlarrayfreeU( serverctrlsU ); controlarrayfreeU( clientctrlsU ); return ret; } /*********************************************************************** * ldap_simple_bindA (WLDAP32.@) * * See ldap_simple_bindW. */ ULONG CDECL ldap_simple_bindA( LDAP *ld, char *dn, char *passwd ) { ULONG ret = LDAP_NO_MEMORY; WCHAR *dnW = NULL, *passwdW = NULL; TRACE( "(%p, %s, %p)\n", ld, debugstr_a(dn), passwd ); if (!ld) return ~0u; if (dn && !(dnW = strAtoW( dn ))) goto exit; if (passwd && !(passwdW = strAtoW( passwd ))) goto exit; ret = ldap_simple_bindW( ld, dnW, passwdW ); exit: free( dnW ); free( passwdW ); return ret; } /*********************************************************************** * ldap_simple_bindW (WLDAP32.@) * * Authenticate with an LDAP server (asynchronous operation). * * PARAMS * ld [I] Pointer to an LDAP context. * dn [I] DN of entry to bind as. * passwd [I] Password string. * * RETURNS * Success: Message ID of the bind operation. * Failure: An LDAP error code. * * NOTES * Set dn and passwd to NULL to bind as an anonymous user. */ ULONG CDECL ldap_simple_bindW( LDAP *ld, WCHAR *dn, WCHAR *passwd ) { ULONG ret = LDAP_NO_MEMORY; char *dnU = NULL, *passwdU = NULL; struct bervalU pwd = { 0, NULL }; int msg; TRACE( "(%p, %s, %p)\n", ld, debugstr_w(dn), passwd ); if (!ld) return ~0u; if (dn && !(dnU = strWtoU( dn ))) goto exit; if (passwd) { if (!(passwdU = strWtoU( passwd ))) goto exit; pwd.bv_len = strlen( passwdU ); pwd.bv_val = passwdU; } { struct ldap_sasl_bind_params params = { CTX(ld), dnU, 0, &pwd, NULL, NULL, &msg }; ret = map_error( LDAP_CALL( ldap_sasl_bind, ¶ms )); } if (ret == LDAP_SUCCESS) ret = msg; else ret = ~0u; exit: free( dnU ); free( passwdU ); return ret; } /*********************************************************************** * ldap_simple_bind_sA (WLDAP32.@) * * See ldap_simple_bind_sW. */ ULONG CDECL ldap_simple_bind_sA( LDAP *ld, char *dn, char *passwd ) { ULONG ret = LDAP_NO_MEMORY; WCHAR *dnW = NULL, *passwdW = NULL; TRACE( "(%p, %s, %p)\n", ld, debugstr_a(dn), passwd ); if (!ld) return LDAP_PARAM_ERROR; if (dn && !(dnW = strAtoW( dn ))) goto exit; if (passwd && !(passwdW = strAtoW( passwd ))) goto exit; ret = ldap_simple_bind_sW( ld, dnW, passwdW ); exit: free( dnW ); free( passwdW ); return ret; } /*********************************************************************** * ldap_simple_bind_sW (WLDAP32.@) * * Authenticate with an LDAP server (synchronous operation). * * PARAMS * ld [I] Pointer to an LDAP context. * dn [I] DN of entry to bind as. * passwd [I] Password string. * * RETURNS * Success: LDAP_SUCCESS * Failure: An LDAP error code. * * NOTES * Set dn and passwd to NULL to bind as an anonymous user. */ ULONG CDECL ldap_simple_bind_sW( LDAP *ld, WCHAR *dn, WCHAR *passwd ) { ULONG ret = LDAP_NO_MEMORY; char *dnU = NULL, *passwdU = NULL; struct bervalU pwd = { 0, NULL }; TRACE( "(%p, %s, %p)\n", ld, debugstr_w(dn), passwd ); if (!ld) return LDAP_PARAM_ERROR; if (dn && !(dnU = strWtoU( dn ))) goto exit; if (passwd) { if (!(passwdU = strWtoU( passwd ))) goto exit; pwd.bv_len = strlen( passwdU ); pwd.bv_val = passwdU; } { struct ldap_sasl_bind_s_params params = { CTX(ld), dnU, 0, &pwd, NULL, NULL, NULL }; ret = map_error( LDAP_CALL( ldap_sasl_bind_s, ¶ms )); } exit: free( dnU ); free( passwdU ); return ret; } /*********************************************************************** * ldap_unbind (WLDAP32.@) * * Close LDAP connection and free resources (asynchronous operation). * * PARAMS * ld [I] Pointer to an LDAP context. * * RETURNS * Success: LDAP_SUCCESS * Failure: An LDAP error code. */ ULONG CDECL ldap_unbind( LDAP *ld ) { ULONG ret; TRACE( "(%p)\n", ld ); if (ld) { struct ldap_unbind_ext_params params = { CTX(ld), NULL, NULL }; ret = map_error( LDAP_CALL( ldap_unbind_ext, ¶ms )); } else return LDAP_PARAM_ERROR; if (SERVER_CTRLS(ld)) LDAP_CALL( ldap_value_free_len, SERVER_CTRLS(ld) ); free( ld ); return ret; } /*********************************************************************** * ldap_unbind_s (WLDAP32.@) * * Close LDAP connection and free resources (synchronous operation). * * PARAMS * ld [I] Pointer to an LDAP context. * * RETURNS * Success: LDAP_SUCCESS * Failure: An LDAP error code. */ ULONG CDECL ldap_unbind_s( LDAP *ld ) { ULONG ret; TRACE( "(%p)\n", ld ); if (ld) { struct ldap_unbind_ext_s_params params = { CTX(ld), NULL, NULL }; ret = map_error( LDAP_CALL( ldap_unbind_ext_s, ¶ms )); } else return LDAP_PARAM_ERROR; if (SERVER_CTRLS(ld)) LDAP_CALL( ldap_value_free_len, SERVER_CTRLS(ld) ); free( ld ); return ret; }