ad_user
/
oal
1
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Browse Source

* oal_check_cred()

master
Alex 'AdUser' Z 9 years ago
parent
75958cfafc
commit
4181c02289
1 changed files with 32 additions and 17 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 49
      src/ldapauth.c

49
src/ldapauth.c
Unescape View File

@ -70,6 +70,7 @@ oal_connect(LDAP * ld,
} }
/** /**
* @brief find user by name in ldap directory and tries to bind with given pass
* @returns 1 if user pass the check, 0 on password mismatch and -1 on error * @returns 1 if user pass the check, 0 on password mismatch and -1 on error
*/ */
int int
@ -77,43 +78,57 @@ oal_check_cred(oal_config_t * const config,
const char * const username, const char * const username,
const char * const password) const char * const password)
{ {
LDAP *ld = NULL; LDAP *sld = NULL; /* used for user search, read as 'search ldap descriptor' */
LDAP *ald = NULL; /* used for user search, read as 'auth ldap descriptor' */
LDAPMessage *res = NULL; /* whole search result */ LDAPMessage *res = NULL; /* whole search result */
LDAPMessage *msg = NULL; /* first message from search result */ LDAPMessage *msg = NULL; /* first message from search result */
char *searchattr[] = { (char *) LDAP_NO_ATTRS, NULL }; char *searchattr[] = { (char *) LDAP_NO_ATTRS, NULL };
char *udn = NULL; /* DN of found user */ char *udn = NULL; /* DN of found user */
int rc = 0; int lrc = 0; /* return code for ldap operations, read as 'ldap return code' */
int rc = -1; /* function return code */
if ((oal_connect(ld, config, config->binddn, config->bindpass)) != 0) if ((oal_connect(sld, config, config->binddn, config->bindpass)) != 0)
return -1; /* error text already set inside oal_connect() */ return -1; /* error text already set inside oal_connect() */
rc = ldap_search_s(ld, config->basedn, LDAP_SCOPE_SUBTREE, config->userfilter, searchattr, 1, &res); /* TODO: expand searchfilter */
if (rc != LDAP_SUCCESS) {
lrc = ldap_search_s(sld, config->basedn, LDAP_SCOPE_SUBTREE, config->userfilter, searchattr, 1, &res);
if (lrc != LDAP_SUCCESS) {
snprintf(config->error, sizeof(config->error), "ldap search failed: %s", ldap_err2string(rc)); snprintf(config->error, sizeof(config->error), "ldap search failed: %s", ldap_err2string(rc));
goto error; /* TODO */ goto cleanup; /* TODO */
} }
if (ldap_count_messages(ld, res) <= 0) { lrc = ldap_count_messages(sld, res);
ldap_msgfree(res); if (lrc <= 0) {
return 0; /* no such user or error */ if (lrc == 0) {
snprintf(config->error, sizeof(config->error), "user not found");
rc = 0;
}
goto cleanup;
} }
if ((msg = ldap_first_message(ld, res)) == NULL) { if ((msg = ldap_first_message(sld, res)) == NULL) {
snprintf(config->error, sizeof(config->error), "ldap search found something, but can't get result"); snprintf(config->error, sizeof(config->error), "ldap search found something, but can't get result");
goto error; goto cleanup;
} }
if ((udn = ldap_get_dn(ld, msg)) == NULL) { if ((udn = ldap_get_dn(sld, msg)) == NULL) {
snprintf(config->error, sizeof(config->error), "can't get DN of found user"); snprintf(config->error, sizeof(config->error), "can't get DN of found user");
goto error; goto cleanup;
} }
return 1; if (oal_connect(ald, config, udn, password) == 0) {
rc = 1;
ldap_unbind(ald);
goto cleanup;
} else {
rc = 0;
}
error: cleanup:
if (res) ldap_msgfree(res); if (res) ldap_msgfree(res);
if (msg) ldap_msgfree(msg); if (msg) ldap_msgfree(msg);
if (udn) ldap_memfree(udn); if (udn) ldap_memfree(udn);
if (ld) ldap_unbind(ld); if (sld) ldap_unbind(sld);
return -1; return rc;
} }

Write Preview
Loading…
Cancel
Save