1
/* Licensed to the Apache Software Foundation (ASF) under one or more
2
* contributor license agreements. See the NOTICE file distributed with
3
* this work for additional information regarding copyright ownership.
4
* The ASF licenses this file to You under the Apache License, Version 2.0
5
* (the "License"); you may not use this file except in compliance with
6
* the License. You may obtain a copy of the License at
8
* http://www.apache.org/licenses/LICENSE-2.0
10
* Unless required by applicable law or agreed to in writing, software
11
* distributed under the License is distributed on an "AS IS" BASIS,
12
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13
* See the License for the specific language governing permissions and
14
* limitations under the License.
17
/* apr_ldap_rebind.c -- LDAP rebind callbacks for referrals
19
* The LDAP SDK allows a callback to be set to enable rebinding
20
* for referral processing.
26
#include "apu_config.h"
29
#define APU_DSO_LDAP_BUILD
33
#include "apr_errno.h"
34
#include "apr_strings.h"
35
#include "apr_ldap_rebind.h"
41
/* Used to store information about connections for use in the referral rebind callback. */
42
struct apr_ldap_rebind_entry {
47
struct apr_ldap_rebind_entry *next;
49
typedef struct apr_ldap_rebind_entry apr_ldap_rebind_entry_t;
53
#include "apr_private.h"
54
#define get_apd APP_DATA* apd = (APP_DATA*)get_app_data(gLibId);
55
#define apr_ldap_xref_lock ((apr_thread_mutex_t *)(apd->gs_ldap_xref_lock))
56
#define xref_head ((apr_ldap_rebind_entry_t *)(apd->gs_xref_head))
59
static apr_thread_mutex_t *apr_ldap_xref_lock = NULL;
61
static apr_ldap_rebind_entry_t *xref_head = NULL;
64
static int apr_ldap_rebind_set_callback(LDAP *ld);
65
static apr_status_t apr_ldap_rebind_remove_helper(void *data);
67
/* APR utility routine used to create the xref_lock. */
68
APU_DECLARE_LDAP(apr_status_t) apr_ldap_rebind_init(apr_pool_t *pool)
70
apr_status_t retcode = APR_SUCCESS;
77
if (apr_ldap_xref_lock == NULL) {
78
retcode = apr_thread_mutex_create(&apr_ldap_xref_lock, APR_THREAD_MUTEX_DEFAULT, pool);
86
APU_DECLARE_LDAP(apr_status_t) apr_ldap_rebind_add(apr_pool_t *pool,
91
apr_status_t retcode = APR_SUCCESS;
92
apr_ldap_rebind_entry_t *new_xref;
98
new_xref = (apr_ldap_rebind_entry_t *)apr_pcalloc(pool, sizeof(apr_ldap_rebind_entry_t));
100
new_xref->pool = pool;
101
new_xref->index = ld;
103
new_xref->bindDN = apr_pstrdup(pool, bindDN);
106
new_xref->bindPW = apr_pstrdup(pool, bindPW);
110
apr_thread_mutex_lock(apr_ldap_xref_lock);
113
new_xref->next = xref_head;
114
xref_head = new_xref;
117
apr_thread_mutex_unlock(apr_ldap_xref_lock);
124
retcode = apr_ldap_rebind_set_callback(ld);
125
if (APR_SUCCESS != retcode) {
126
apr_ldap_rebind_remove(ld);
130
apr_pool_cleanup_register(pool, ld,
131
apr_ldap_rebind_remove_helper,
132
apr_pool_cleanup_null);
138
APU_DECLARE_LDAP(apr_status_t) apr_ldap_rebind_remove(LDAP *ld)
140
apr_ldap_rebind_entry_t *tmp_xref, *prev = NULL;
147
apr_thread_mutex_lock(apr_ldap_xref_lock);
149
tmp_xref = xref_head;
151
while ((tmp_xref) && (tmp_xref->index != ld)) {
153
tmp_xref = tmp_xref->next;
157
if (tmp_xref == xref_head) {
158
xref_head = xref_head->next;
161
prev->next = tmp_xref->next;
164
/* tmp_xref and its contents were pool allocated so they don't need to be freed here. */
166
/* remove the cleanup, just in case this was done manually */
167
apr_pool_cleanup_kill(tmp_xref->pool, tmp_xref->index,
168
apr_ldap_rebind_remove_helper);
172
apr_thread_mutex_unlock(apr_ldap_xref_lock);
178
static apr_status_t apr_ldap_rebind_remove_helper(void *data)
180
LDAP *ld = (LDAP *)data;
181
apr_ldap_rebind_remove(ld);
185
#if APR_HAS_TIVOLI_LDAPSDK || APR_HAS_OPENLDAP_LDAPSDK || APR_HAS_NOVELL_LDAPSDK
186
static apr_ldap_rebind_entry_t *apr_ldap_rebind_lookup(LDAP *ld)
188
apr_ldap_rebind_entry_t *tmp_xref, *match = NULL;
195
apr_thread_mutex_lock(apr_ldap_xref_lock);
197
tmp_xref = xref_head;
200
if (tmp_xref->index == ld) {
205
tmp_xref = tmp_xref->next;
210
apr_thread_mutex_unlock(apr_ldap_xref_lock);
217
#if APR_HAS_TIVOLI_LDAPSDK
219
/* LDAP_rebindproc() Tivoli LDAP style
220
* Rebind callback function. Called when chasing referrals. See API docs.
222
* ld Pointer to an LDAP control structure. (input only)
223
* binddnp Pointer to an Application DName used for binding (in *or* out)
224
* passwdp Pointer to the password associated with the DName (in *or* out)
225
* methodp Pointer to the Auth method (output only)
226
* freeit Flag to indicate if this is a lookup or a free request (input only)
228
static int LDAP_rebindproc(LDAP *ld, char **binddnp, char **passwdp, int *methodp, int freeit)
231
apr_ldap_rebind_entry_t *my_conn;
233
*methodp = LDAP_AUTH_SIMPLE;
234
my_conn = apr_ldap_rebind_lookup(ld);
236
if ((my_conn) && (my_conn->bindDN != NULL)) {
237
*binddnp = strdup(my_conn->bindDN);
238
*passwdp = strdup(my_conn->bindPW);
255
static int apr_ldap_rebind_set_callback(LDAP *ld)
257
ldap_set_rebind_proc(ld, (LDAPRebindProc)LDAP_rebindproc);
261
#elif APR_HAS_OPENLDAP_LDAPSDK
263
/* LDAP_rebindproc() openLDAP V3 style
265
* ld Pointer to an LDAP control structure. (input only)
266
* url Unused in this routine
267
* request Unused in this routine
268
* msgid Unused in this routine
269
* params Unused in this routine
273
* ld Pointer to an LDAP control structure. (input only)
274
* url Unused in this routine
275
* request Unused in this routine
276
* msgid Unused in this routine
278
#if defined(LDAP_SET_REBIND_PROC_THREE)
279
static int LDAP_rebindproc(LDAP *ld, LDAP_CONST char *url, ber_tag_t request,
280
ber_int_t msgid, void *params)
282
static int LDAP_rebindproc(LDAP *ld, LDAP_CONST char *url, int request,
286
apr_ldap_rebind_entry_t *my_conn;
287
const char *bindDN = NULL;
288
const char *bindPW = NULL;
290
my_conn = apr_ldap_rebind_lookup(ld);
292
if ((my_conn) && (my_conn->bindDN != NULL)) {
293
bindDN = my_conn->bindDN;
294
bindPW = my_conn->bindPW;
297
return (ldap_bind_s(ld, bindDN, bindPW, LDAP_AUTH_SIMPLE));
300
static int apr_ldap_rebind_set_callback(LDAP *ld)
302
#if defined(LDAP_SET_REBIND_PROC_THREE)
303
ldap_set_rebind_proc(ld, LDAP_rebindproc, NULL);
305
ldap_set_rebind_proc(ld, LDAP_rebindproc);
310
#elif APR_HAS_NOVELL_LDAPSDK
312
/* LDAP_rebindproc() openLDAP V3 style
314
* ld Pointer to an LDAP control structure. (input only)
315
* url Unused in this routine
316
* request Unused in this routine
317
* msgid Unused in this routine
319
static int LDAP_rebindproc(LDAP *ld, LDAP_CONST char *url, int request, ber_int_t msgid)
322
apr_ldap_rebind_entry_t *my_conn;
323
const char *bindDN = NULL;
324
const char *bindPW = NULL;
326
my_conn = apr_ldap_rebind_lookup(ld);
328
if ((my_conn) && (my_conn->bindDN != NULL)) {
329
bindDN = my_conn->bindDN;
330
bindPW = my_conn->bindPW;
333
return (ldap_bind_s(ld, bindDN, bindPW, LDAP_AUTH_SIMPLE));
336
static int apr_ldap_rebind_set_callback(LDAP *ld)
338
ldap_set_rebind_proc(ld, LDAP_rebindproc);
342
#else /* Implementation not recognised */
344
static int apr_ldap_rebind_set_callback(LDAP *ld)
351
#endif /* APR_HAS_LDAP */