Annotation of embedaddon/strongswan/src/libstrongswan/plugins/ldap/ldap_fetcher.c, revision 1.1
1.1 ! misho 1: /*
! 2: * Copyright (C) 2008 Martin Willi
! 3: * Copyright (C) 2007 Andreas Steffen
! 4: * HSR Hochschule fuer Technik Rapperswil
! 5: *
! 6: * This program is free software; you can redistribute it and/or modify it
! 7: * under the terms of the GNU General Public License as published by the
! 8: * Free Software Foundation; either version 2 of the License, or (at your
! 9: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
! 10: *
! 11: * This program is distributed in the hope that it will be useful, but
! 12: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
! 13: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
! 14: * for more details.
! 15: */
! 16:
! 17: #ifndef LDAP_DEPRECATED
! 18: #define LDAP_DEPRECATED 1
! 19: #endif /* LDAP_DEPRECATED */
! 20: #include <ldap.h>
! 21:
! 22: #include <errno.h>
! 23:
! 24: #include <library.h>
! 25: #include <utils/debug.h>
! 26:
! 27: #include "ldap_fetcher.h"
! 28:
! 29: #define DEFAULT_TIMEOUT 10
! 30:
! 31: typedef struct private_ldap_fetcher_t private_ldap_fetcher_t;
! 32:
! 33: /**
! 34: * Private Data of a ldap_fetcher_t object.
! 35: */
! 36: struct private_ldap_fetcher_t {
! 37: /**
! 38: * Public data
! 39: */
! 40: ldap_fetcher_t public;
! 41:
! 42: /**
! 43: * timeout to use for fetches
! 44: */
! 45: u_int timeout;
! 46: };
! 47:
! 48: /**
! 49: * Parses the result returned by an ldap query
! 50: */
! 51: static bool parse(LDAP *ldap, LDAPMessage *result, chunk_t *response)
! 52: {
! 53: LDAPMessage *entry = ldap_first_entry(ldap, result);
! 54: bool success = FALSE;
! 55:
! 56: if (entry)
! 57: {
! 58: BerElement *ber = NULL;
! 59: char *attr;
! 60:
! 61: attr = ldap_first_attribute(ldap, entry, &ber);
! 62: if (attr)
! 63: {
! 64: struct berval **values = ldap_get_values_len(ldap, entry, attr);
! 65:
! 66: if (values)
! 67: {
! 68: if (values[0])
! 69: {
! 70: *response = chunk_alloc(values[0]->bv_len);
! 71: memcpy(response->ptr, values[0]->bv_val, response->len);
! 72: success = TRUE;
! 73: }
! 74: else
! 75: {
! 76: DBG1(DBG_LIB, "LDAP response contains no values");
! 77: }
! 78: ldap_value_free_len(values);
! 79: }
! 80: else
! 81: {
! 82: DBG1(DBG_LIB, "getting LDAP values failed: %s",
! 83: ldap_err2string(ldap_result2error(ldap, entry, 0)));
! 84: }
! 85: ldap_memfree(attr);
! 86: }
! 87: else
! 88: {
! 89: DBG1(DBG_LIB, "finding LDAP attributes failed: %s",
! 90: ldap_err2string(ldap_result2error(ldap, entry, 0)));
! 91: }
! 92: ber_free(ber, 0);
! 93: }
! 94: else
! 95: {
! 96: DBG1(DBG_LIB, "finding first LDAP entry failed");
! 97: }
! 98: return success;
! 99: }
! 100:
! 101:
! 102: METHOD(fetcher_t, fetch, status_t,
! 103: private_ldap_fetcher_t *this, char *url, void *userdata)
! 104: {
! 105: LDAP *ldap;
! 106: LDAPURLDesc *lurl;
! 107: LDAPMessage *msg;
! 108: int res;
! 109: int ldap_version = LDAP_VERSION3;
! 110: struct timeval timeout;
! 111: status_t status = FAILED;
! 112: chunk_t *result = userdata;
! 113:
! 114: if (!strpfx(url, "ldap"))
! 115: {
! 116: return NOT_SUPPORTED;
! 117: }
! 118: if (ldap_url_parse(url, &lurl) != LDAP_SUCCESS)
! 119: {
! 120: return NOT_SUPPORTED;
! 121: }
! 122: ldap = ldap_init(lurl->lud_host, lurl->lud_port);
! 123: if (ldap == NULL)
! 124: {
! 125: DBG1(DBG_LIB, "LDAP initialization failed: %s", strerror(errno));
! 126: ldap_free_urldesc(lurl);
! 127: return FAILED;
! 128: }
! 129:
! 130: timeout.tv_sec = this->timeout;
! 131: timeout.tv_usec = 0;
! 132:
! 133: ldap_set_option(ldap, LDAP_OPT_PROTOCOL_VERSION, &ldap_version);
! 134: ldap_set_option(ldap, LDAP_OPT_NETWORK_TIMEOUT, &timeout);
! 135:
! 136: DBG2(DBG_LIB, "sending LDAP request to '%s'...", url);
! 137:
! 138: res = ldap_simple_bind_s(ldap, NULL, NULL);
! 139: if (res == LDAP_SUCCESS)
! 140: {
! 141: res = ldap_search_st(ldap, lurl->lud_dn, lurl->lud_scope,
! 142: lurl->lud_filter, lurl->lud_attrs,
! 143: 0, &timeout, &msg);
! 144:
! 145: if (res == LDAP_SUCCESS)
! 146: {
! 147: if (parse(ldap, msg, result))
! 148: {
! 149: status = SUCCESS;
! 150: }
! 151: ldap_msgfree(msg);
! 152: }
! 153: else
! 154: {
! 155: DBG1(DBG_LIB, "LDAP search failed: %s", ldap_err2string(res));
! 156: }
! 157: }
! 158: else
! 159: {
! 160: DBG1(DBG_LIB, "LDAP bind to '%s' failed: %s", url,
! 161: ldap_err2string(res));
! 162: }
! 163: ldap_unbind_s(ldap);
! 164: ldap_free_urldesc(lurl);
! 165: return status;
! 166: }
! 167:
! 168:
! 169: METHOD(fetcher_t, set_option, bool,
! 170: private_ldap_fetcher_t *this, fetcher_option_t option, ...)
! 171: {
! 172: va_list args;
! 173:
! 174: va_start(args, option);
! 175: switch (option)
! 176: {
! 177: case FETCH_TIMEOUT:
! 178: this->timeout = va_arg(args, u_int);
! 179: break;
! 180: default:
! 181: va_end(args);
! 182: return FALSE;
! 183: }
! 184: va_end(args);
! 185: return TRUE;
! 186: }
! 187:
! 188: METHOD(fetcher_t, destroy, void,
! 189: private_ldap_fetcher_t *this)
! 190: {
! 191: free(this);
! 192: }
! 193:
! 194: /*
! 195: * Described in header.
! 196: */
! 197: ldap_fetcher_t *ldap_fetcher_create()
! 198: {
! 199: private_ldap_fetcher_t *this;
! 200:
! 201: INIT(this,
! 202: .public = {
! 203: .interface = {
! 204: .fetch = _fetch,
! 205: .set_option = _set_option,
! 206: .destroy = _destroy,
! 207: },
! 208: },
! 209: .timeout = DEFAULT_TIMEOUT,
! 210: );
! 211:
! 212: return &this->public;
! 213: }
! 214:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to ldap_fetcher.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libstrongswan / plugins / ldap