Sweden-Number/dlls/wldap32/bind.c

633 lines
19 KiB
C

/*
* WLDAP32 - LDAP support for Wine
*
* Copyright 2005 Hans Leidekker
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
*/
#include <stdarg.h>
#include <stdlib.h>
#include "windef.h"
#include "winbase.h"
#include "winnls.h"
#include "rpc.h"
#include "winldap.h"
#include "wine/debug.h"
#include "winldap_private.h"
WINE_DEFAULT_DEBUG_CHANNEL(wldap32);
/***********************************************************************
* ldap_bindA (WLDAP32.@)
*
* See ldap_bindW.
*/
ULONG CDECL ldap_bindA( LDAP *ld, char *dn, char *cred, ULONG method )
{
ULONG ret = LDAP_NO_MEMORY;
WCHAR *dnW = NULL, *credW = NULL;
TRACE( "(%p, %s, %p, 0x%08x)\n", ld, debugstr_a(dn), cred, method );
if (!ld) return ~0u;
if (dn && !(dnW = strAtoW( dn ))) goto exit;
if (cred && !(credW = strAtoW( cred ))) goto exit;
ret = ldap_bindW( ld, dnW, credW, method );
exit:
free( dnW );
free( credW );
return ret;
}
/***********************************************************************
* ldap_bindW (WLDAP32.@)
*
* Authenticate with an LDAP server (asynchronous operation).
*
* PARAMS
* ld [I] Pointer to an LDAP context.
* dn [I] DN of entry to bind as.
* cred [I] Credentials (e.g. password string).
* method [I] Authentication method.
*
* RETURNS
* Success: Message ID of the bind operation.
* Failure: An LDAP error code.
*
* NOTES
* Only LDAP_AUTH_SIMPLE is supported (just like native).
*/
ULONG CDECL ldap_bindW( LDAP *ld, WCHAR *dn, WCHAR *cred, ULONG method )
{
ULONG ret = LDAP_NO_MEMORY;
char *dnU = NULL, *credU = NULL;
struct bervalU pwd = { 0, NULL };
int msg;
TRACE( "(%p, %s, %p, 0x%08x)\n", ld, debugstr_w(dn), cred, method );
if (!ld) return ~0u;
if (method != LDAP_AUTH_SIMPLE) return LDAP_PARAM_ERROR;
if (dn && !(dnU = strWtoU( dn ))) goto exit;
if (cred)
{
if (!(credU = strWtoU( cred ))) goto exit;
pwd.bv_len = strlen( credU );
pwd.bv_val = credU;
}
ret = map_error( ldap_funcs->fn_ldap_sasl_bind( CTX(ld), dnU, 0, &pwd, NULL, NULL, &msg ) );
if (ret == LDAP_SUCCESS)
ret = msg;
else
ret = ~0u;
exit:
free( dnU );
free( credU );
return ret;
}
/***********************************************************************
* ldap_bind_sA (WLDAP32.@)
*
* See ldap_bind_sW.
*/
ULONG CDECL ldap_bind_sA( LDAP *ld, char *dn, char *cred, ULONG method )
{
ULONG ret = LDAP_NO_MEMORY;
WCHAR *dnW = NULL, *credW = NULL;
TRACE( "(%p, %s, %p, 0x%08x)\n", ld, debugstr_a(dn), cred, method );
if (!ld) return LDAP_PARAM_ERROR;
if (dn && !(dnW = strAtoW( dn ))) goto exit;
if (cred)
{
if (method == LDAP_AUTH_SIMPLE)
{
if (!(credW = strAtoW( cred ))) goto exit;
}
else credW = (WCHAR *)cred /* SEC_WINNT_AUTH_IDENTITY_A */;
}
ret = ldap_bind_sW( ld, dnW, credW, method );
exit:
free( dnW );
if (credW != (WCHAR *)cred) free( credW );
return ret;
}
int CDECL sasl_interact_cb( void *ld, unsigned flags, void *defaults, void *interact )
{
SEC_WINNT_AUTH_IDENTITY_A *id = defaults;
struct sasl_interactU *sasl = interact;
TRACE( "(%p, 0x%08x, %p, %p)\n", ld, flags, defaults, interact );
while (sasl->id != SASL_CB_LIST_END)
{
TRACE( "sasl->id = %04lx\n", sasl->id );
if (sasl->id == SASL_CB_GETREALM)
{
sasl->result = id->Domain;
sasl->len = id->DomainLength;
}
else if (sasl->id == SASL_CB_USER)
{
sasl->result = id->User;
sasl->len = id->UserLength;
}
else if (sasl->id == SASL_CB_PASS)
{
sasl->result = id->Password;
sasl->len = id->PasswordLength;
}
sasl++;
}
return LDAP_SUCCESS;
}
/***********************************************************************
* ldap_bind_sW (WLDAP32.@)
*
* Authenticate with an LDAP server (synchronous operation).
*
* PARAMS
* ld [I] Pointer to an LDAP context.
* dn [I] DN of entry to bind as.
* cred [I] Credentials (e.g. password string).
* method [I] Authentication method.
*
* RETURNS
* Success: LDAP_SUCCESS
* Failure: An LDAP error code.
*/
ULONG CDECL ldap_bind_sW( LDAP *ld, WCHAR *dn, WCHAR *cred, ULONG method )
{
ULONG ret = LDAP_NO_MEMORY;
char *dnU = NULL, *credU = NULL;
struct bervalU pwd = { 0, NULL };
TRACE( "(%p, %s, %p, 0x%08x)\n", ld, debugstr_w(dn), cred, method );
if (!ld) return LDAP_PARAM_ERROR;
if (method == LDAP_AUTH_SIMPLE)
{
if (dn && !(dnU = strWtoU( dn ))) goto exit;
if (cred)
{
if (!(credU = strWtoU( cred ))) goto exit;
pwd.bv_len = strlen( credU );
pwd.bv_val = credU;
}
ret = map_error( ldap_funcs->fn_ldap_sasl_bind_s( CTX(ld), dnU, 0, &pwd, NULL, NULL, NULL ) );
}
else if (method == LDAP_AUTH_NEGOTIATE)
{
SEC_WINNT_AUTH_IDENTITY_A idU;
SEC_WINNT_AUTH_IDENTITY_W idW;
SEC_WINNT_AUTH_IDENTITY_W *id = (SEC_WINNT_AUTH_IDENTITY_W *)cred;
memset( &idU, 0, sizeof(idU) );
if (id)
{
if (id->Flags & SEC_WINNT_AUTH_IDENTITY_ANSI)
{
idW.Flags = SEC_WINNT_AUTH_IDENTITY_UNICODE;
idW.Domain = (unsigned short *)strnAtoW( (char *)id->Domain, id->DomainLength, &idW.DomainLength );
idW.User = (unsigned short *)strnAtoW( (char *)id->User, id->UserLength, &idW.UserLength );
idW.Password = (unsigned short *)strnAtoW( (char *)id->Password, id->PasswordLength, &idW.PasswordLength );
id = &idW;
}
idU.Domain = (unsigned char *)strnWtoU( id->Domain, id->DomainLength, &idU.DomainLength );
idU.User = (unsigned char *)strnWtoU( id->User, id->UserLength, &idU.UserLength );
idU.Password = (unsigned char *)strnWtoU( id->Password, id->PasswordLength, &idU.PasswordLength );
}
ret = map_error( ldap_funcs->fn_ldap_sasl_interactive_bind_s( CTX(ld),
NULL /* server will ignore DN anyway */,
NULL /* query supportedSASLMechanisms */,
NULL, NULL, 2 /* LDAP_SASL_QUIET */, &idU ) );
if (id && (id->Flags & SEC_WINNT_AUTH_IDENTITY_ANSI))
{
free( (WCHAR *)idW.Domain );
free( (WCHAR *)idW.User );
free( (WCHAR *)idW.Password );
}
free( (char *)idU.Domain );
free( (char *)idU.User );
free( (char *)idU.Password );
}
else
{
FIXME( "method %#x not supported\n", method );
return LDAP_PARAM_ERROR;
}
exit:
free( dnU );
free( credU );
return ret;
}
/***********************************************************************
* ldap_sasl_bindA (WLDAP32.@)
*
* See ldap_sasl_bindW.
*/
ULONG CDECL ldap_sasl_bindA( LDAP *ld, const PCHAR dn, const PCHAR mechanism, const BERVAL *cred,
LDAPControlA **serverctrls, LDAPControlA **clientctrls, int *message )
{
ULONG ret = LDAP_NO_MEMORY;
WCHAR *dnW, *mechanismW = NULL;
LDAPControlW **serverctrlsW = NULL, **clientctrlsW = NULL;
TRACE( "(%p, %s, %s, %p, %p, %p, %p)\n", ld, debugstr_a(dn),
debugstr_a(mechanism), cred, serverctrls, clientctrls, message );
if (!ld || !dn || !mechanism || !cred || !message) return LDAP_PARAM_ERROR;
if (!(dnW = strAtoW( dn ))) goto exit;
if (!(mechanismW = strAtoW( mechanism ))) goto exit;
if (serverctrls && !(serverctrlsW = controlarrayAtoW( serverctrls ))) goto exit;
if (clientctrls && !(clientctrlsW = controlarrayAtoW( clientctrls ))) goto exit;
ret = ldap_sasl_bindW( ld, dnW, mechanismW, cred, serverctrlsW, clientctrlsW, message );
exit:
free( dnW );
free( mechanismW );
controlarrayfreeW( serverctrlsW );
controlarrayfreeW( clientctrlsW );
return ret;
}
/***********************************************************************
* ldap_sasl_bindW (WLDAP32.@)
*
* Authenticate with an LDAP server using SASL (asynchronous operation).
*
* PARAMS
* ld [I] Pointer to an LDAP context.
* dn [I] DN of entry to bind as.
* mechanism [I] Authentication method.
* cred [I] Credentials.
* serverctrls [I] Array of LDAP server controls.
* clientctrls [I] Array of LDAP client controls.
* message [O] Message ID of the bind operation.
*
* RETURNS
* Success: LDAP_SUCCESS
* Failure: An LDAP error code.
*
* NOTES
* The serverctrls and clientctrls parameters are optional and should
* be set to NULL if not used.
*/
ULONG CDECL ldap_sasl_bindW( LDAP *ld, const PWCHAR dn, const PWCHAR mechanism, const BERVAL *cred,
LDAPControlW **serverctrls, LDAPControlW **clientctrls, int *message )
{
ULONG ret = LDAP_NO_MEMORY;
char *dnU, *mechanismU = NULL;
LDAPControlU **serverctrlsU = NULL, **clientctrlsU = NULL;
struct bervalU credU;
TRACE( "(%p, %s, %s, %p, %p, %p, %p)\n", ld, debugstr_w(dn),
debugstr_w(mechanism), cred, serverctrls, clientctrls, message );
if (!ld || !dn || !mechanism || !cred || !message) return LDAP_PARAM_ERROR;
if (!(dnU = strWtoU( dn ))) goto exit;
if (!(mechanismU = strWtoU( mechanism ))) goto exit;
if (serverctrls && !(serverctrlsU = controlarrayWtoU( serverctrls ))) goto exit;
if (clientctrls && !(clientctrlsU = controlarrayWtoU( clientctrls ))) goto exit;
credU.bv_len = cred->bv_len;
credU.bv_val = cred->bv_val;
ret = map_error( ldap_funcs->fn_ldap_sasl_bind( CTX(ld), dnU, mechanismU, &credU, serverctrlsU, clientctrlsU,
message ) );
exit:
free( dnU );
free( mechanismU );
controlarrayfreeU( serverctrlsU );
controlarrayfreeU( clientctrlsU );
return ret;
}
/***********************************************************************
* ldap_sasl_bind_sA (WLDAP32.@)
*
* See ldap_sasl_bind_sW.
*/
ULONG CDECL ldap_sasl_bind_sA( LDAP *ld, const PCHAR dn, const PCHAR mechanism, const BERVAL *cred,
LDAPControlA **serverctrls, LDAPControlA **clientctrls, BERVAL **serverdata )
{
ULONG ret = LDAP_NO_MEMORY;
WCHAR *dnW, *mechanismW = NULL;
LDAPControlW **serverctrlsW = NULL, **clientctrlsW = NULL;
TRACE( "(%p, %s, %s, %p, %p, %p, %p)\n", ld, debugstr_a(dn),
debugstr_a(mechanism), cred, serverctrls, clientctrls, serverdata );
if (!ld || !dn || !mechanism || !cred || !serverdata) return LDAP_PARAM_ERROR;
if (!(dnW = strAtoW( dn ))) goto exit;
if (!(mechanismW = strAtoW( mechanism ))) goto exit;
if (serverctrls && !(serverctrlsW = controlarrayAtoW( serverctrls ))) goto exit;
if (clientctrls && !(clientctrlsW = controlarrayAtoW( clientctrls ))) goto exit;
ret = ldap_sasl_bind_sW( ld, dnW, mechanismW, cred, serverctrlsW, clientctrlsW, serverdata );
exit:
free( dnW );
free( mechanismW );
controlarrayfreeW( serverctrlsW );
controlarrayfreeW( clientctrlsW );
return ret;
}
/***********************************************************************
* ldap_sasl_bind_sW (WLDAP32.@)
*
* Authenticate with an LDAP server using SASL (synchronous operation).
*
* PARAMS
* ld [I] Pointer to an LDAP context.
* dn [I] DN of entry to bind as.
* mechanism [I] Authentication method.
* cred [I] Credentials.
* serverctrls [I] Array of LDAP server controls.
* clientctrls [I] Array of LDAP client controls.
* serverdata [O] Authentication response from the server.
*
* RETURNS
* Success: LDAP_SUCCESS
* Failure: An LDAP error code.
*
* NOTES
* The serverctrls and clientctrls parameters are optional and should
* be set to NULL if not used.
*/
ULONG CDECL ldap_sasl_bind_sW( LDAP *ld, const PWCHAR dn, const PWCHAR mechanism, const BERVAL *cred,
LDAPControlW **serverctrls, LDAPControlW **clientctrls, BERVAL **serverdata )
{
ULONG ret = LDAP_NO_MEMORY;
char *dnU, *mechanismU = NULL;
LDAPControlU **serverctrlsU = NULL, **clientctrlsU = NULL;
struct bervalU *dataU, credU;
TRACE( "(%p, %s, %s, %p, %p, %p, %p)\n", ld, debugstr_w(dn),
debugstr_w(mechanism), cred, serverctrls, clientctrls, serverdata );
if (!ld || !dn || !mechanism || !cred || !serverdata) return LDAP_PARAM_ERROR;
if (!(dnU = strWtoU( dn ))) goto exit;
if (!(mechanismU = strWtoU( mechanism ))) goto exit;
if (serverctrls && !(serverctrlsU = controlarrayWtoU( serverctrls ))) goto exit;
if (clientctrls && !(clientctrlsU = controlarrayWtoU( clientctrls ))) goto exit;
credU.bv_len = cred->bv_len;
credU.bv_val = cred->bv_val;
ret = map_error( ldap_funcs->fn_ldap_sasl_bind_s( CTX(ld), dnU, mechanismU, &credU, serverctrlsU, clientctrlsU,
&dataU ) );
if (ret == LDAP_SUCCESS)
{
BERVAL *ptr;
if (!(ptr = bervalUtoW( dataU ))) ret = LDAP_NO_MEMORY;
else *serverdata = ptr;
ldap_funcs->fn_ber_bvfree( dataU );
}
exit:
free( dnU );
free( mechanismU );
controlarrayfreeU( serverctrlsU );
controlarrayfreeU( clientctrlsU );
return ret;
}
/***********************************************************************
* ldap_simple_bindA (WLDAP32.@)
*
* See ldap_simple_bindW.
*/
ULONG CDECL ldap_simple_bindA( LDAP *ld, char *dn, char *passwd )
{
ULONG ret = LDAP_NO_MEMORY;
WCHAR *dnW = NULL, *passwdW = NULL;
TRACE( "(%p, %s, %p)\n", ld, debugstr_a(dn), passwd );
if (!ld) return ~0u;
if (dn && !(dnW = strAtoW( dn ))) goto exit;
if (passwd && !(passwdW = strAtoW( passwd ))) goto exit;
ret = ldap_simple_bindW( ld, dnW, passwdW );
exit:
free( dnW );
free( passwdW );
return ret;
}
/***********************************************************************
* ldap_simple_bindW (WLDAP32.@)
*
* Authenticate with an LDAP server (asynchronous operation).
*
* PARAMS
* ld [I] Pointer to an LDAP context.
* dn [I] DN of entry to bind as.
* passwd [I] Password string.
*
* RETURNS
* Success: Message ID of the bind operation.
* Failure: An LDAP error code.
*
* NOTES
* Set dn and passwd to NULL to bind as an anonymous user.
*/
ULONG CDECL ldap_simple_bindW( LDAP *ld, WCHAR *dn, WCHAR *passwd )
{
ULONG ret = LDAP_NO_MEMORY;
char *dnU = NULL, *passwdU = NULL;
struct bervalU pwd = { 0, NULL };
int msg;
TRACE( "(%p, %s, %p)\n", ld, debugstr_w(dn), passwd );
if (!ld) return ~0u;
if (dn && !(dnU = strWtoU( dn ))) goto exit;
if (passwd)
{
if (!(passwdU = strWtoU( passwd ))) goto exit;
pwd.bv_len = strlen( passwdU );
pwd.bv_val = passwdU;
}
ret = map_error( ldap_funcs->fn_ldap_sasl_bind( CTX(ld), dnU, 0, &pwd, NULL, NULL, &msg ) );
if (ret == LDAP_SUCCESS)
ret = msg;
else
ret = ~0u;
exit:
free( dnU );
free( passwdU );
return ret;
}
/***********************************************************************
* ldap_simple_bind_sA (WLDAP32.@)
*
* See ldap_simple_bind_sW.
*/
ULONG CDECL ldap_simple_bind_sA( LDAP *ld, char *dn, char *passwd )
{
ULONG ret = LDAP_NO_MEMORY;
WCHAR *dnW = NULL, *passwdW = NULL;
TRACE( "(%p, %s, %p)\n", ld, debugstr_a(dn), passwd );
if (!ld) return LDAP_PARAM_ERROR;
if (dn && !(dnW = strAtoW( dn ))) goto exit;
if (passwd && !(passwdW = strAtoW( passwd ))) goto exit;
ret = ldap_simple_bind_sW( ld, dnW, passwdW );
exit:
free( dnW );
free( passwdW );
return ret;
}
/***********************************************************************
* ldap_simple_bind_sW (WLDAP32.@)
*
* Authenticate with an LDAP server (synchronous operation).
*
* PARAMS
* ld [I] Pointer to an LDAP context.
* dn [I] DN of entry to bind as.
* passwd [I] Password string.
*
* RETURNS
* Success: LDAP_SUCCESS
* Failure: An LDAP error code.
*
* NOTES
* Set dn and passwd to NULL to bind as an anonymous user.
*/
ULONG CDECL ldap_simple_bind_sW( LDAP *ld, WCHAR *dn, WCHAR *passwd )
{
ULONG ret = LDAP_NO_MEMORY;
char *dnU = NULL, *passwdU = NULL;
struct bervalU pwd = { 0, NULL };
TRACE( "(%p, %s, %p)\n", ld, debugstr_w(dn), passwd );
if (!ld) return LDAP_PARAM_ERROR;
if (dn && !(dnU = strWtoU( dn ))) goto exit;
if (passwd)
{
if (!(passwdU = strWtoU( passwd ))) goto exit;
pwd.bv_len = strlen( passwdU );
pwd.bv_val = passwdU;
}
ret = map_error( ldap_funcs->fn_ldap_sasl_bind_s( CTX(ld), dnU, 0, &pwd, NULL, NULL, NULL ) );
exit:
free( dnU );
free( passwdU );
return ret;
}
/***********************************************************************
* ldap_unbind (WLDAP32.@)
*
* Close LDAP connection and free resources (asynchronous operation).
*
* PARAMS
* ld [I] Pointer to an LDAP context.
*
* RETURNS
* Success: LDAP_SUCCESS
* Failure: An LDAP error code.
*/
ULONG CDECL ldap_unbind( LDAP *ld )
{
ULONG ret;
TRACE( "(%p)\n", ld );
if (!ld) return LDAP_PARAM_ERROR;
ret = map_error( ldap_funcs->fn_ldap_unbind_ext( CTX(ld), NULL, NULL ));
if (SERVER_CTRLS(ld)) ldap_funcs->fn_ldap_value_free_len( SERVER_CTRLS(ld) );
free( ld );
return ret;
}
/***********************************************************************
* ldap_unbind_s (WLDAP32.@)
*
* Close LDAP connection and free resources (synchronous operation).
*
* PARAMS
* ld [I] Pointer to an LDAP context.
*
* RETURNS
* Success: LDAP_SUCCESS
* Failure: An LDAP error code.
*/
ULONG CDECL ldap_unbind_s( LDAP *ld )
{
ULONG ret;
TRACE( "(%p)\n", ld );
if (!ld) return LDAP_PARAM_ERROR;
ret = map_error( ldap_funcs->fn_ldap_unbind_ext_s( CTX(ld), NULL, NULL ) );
if (SERVER_CTRLS(ld)) ldap_funcs->fn_ldap_value_free_len( SERVER_CTRLS(ld) );
free( ld );
return ret;
}