return rc;
}
+
+int
+handle_bind_response( Operation *op, BerElement *ber )
+{
+ Connection *client = op->o_client, *upstream = op->o_upstream;
+ BerValue response;
+ BerElement *copy;
+ ber_int_t result;
+ ber_tag_t tag;
+ int rc = LDAP_SUCCESS;
+
+ if ( (copy = ber_alloc()) == NULL ) {
+ rc = -1;
+ goto done;
+ }
+
+ tag = ber_peek_element( ber, &response );
+ assert( tag == LDAP_RES_BIND );
+
+ ber_init2( copy, &response, 0 );
+
+ tag = ber_get_enum( copy, &result );
+ ber_free( copy, 0 );
+
+ if ( tag == LBER_ERROR ) {
+ rc = -1;
+ goto done;
+ }
+
+ Debug( LDAP_DEBUG_STATS, "handle_bind_response: "
+ "received response for bind request msgid=%d by client "
+ "connid=%lu, result=%d\n",
+ op->o_client_msgid, op->o_client_connid, result );
+
+ CONNECTION_LOCK(upstream);
+ if ( result != LDAP_SASL_BIND_IN_PROGRESS ) {
+ upstream->c_state = LLOAD_C_READY;
+ }
+ CONNECTION_UNLOCK(upstream);
+
+ CONNECTION_LOCK(client);
+ if ( client->c_state == LLOAD_C_BINDING ) {
+ switch ( result ) {
+ case LDAP_SASL_BIND_IN_PROGRESS:
+ break;
+ case LDAP_SUCCESS:
+ default: {
+ client->c_state = LLOAD_C_READY;
+ client->c_type = LLOAD_C_OPEN;
+ if ( result != LDAP_SUCCESS ) {
+ ber_memfree( client->c_auth.bv_val );
+ BER_BVZERO( &client->c_auth );
+ } else if ( !ber_bvstrcasecmp(
+ &client->c_auth, &lloadd_identity ) ) {
+ client->c_type = LLOAD_C_PRIVILEGED;
+ }
+ if ( !BER_BVISNULL( &client->c_sasl_bind_mech ) ) {
+ ber_memfree( client->c_sasl_bind_mech.bv_val );
+ BER_BVZERO( &client->c_sasl_bind_mech );
+ }
+ break;
+ }
+ }
+ } else {
+ assert( client->c_state == LLOAD_C_INVALID ||
+ client->c_state == LLOAD_C_CLOSING );
+ }
+ CONNECTION_UNLOCK(client);
+
+done:
+ if ( rc ) {
+ operation_send_reject( op, LDAP_OTHER, "internal error", 0 );
+
+ ber_free( ber, 1 );
+ return LDAP_SUCCESS;
+ }
+ return forward_final_response( op, ber );
+}
+
+#ifdef LDAP_API_FEATURE_VERIFY_CREDENTIALS
+int
+handle_vc_bind_response( Operation *op, BerElement *ber )
+{
+ Connection *c = op->o_client;
+ BerElement *output;
+ BerValue matched, diagmsg, creds = BER_BVNULL, controls = BER_BVNULL;
+ ber_int_t result;
+ ber_tag_t tag;
+ ber_len_t len;
+ int rc = 0;
+
+ tag = ber_scanf( ber, "{emm" /* "}" */,
+ &result, &matched, &diagmsg );
+ if ( tag == LBER_ERROR ) {
+ rc = -1;
+ goto done;
+ }
+
+ tag = ber_peek_tag( ber, &len );
+ if ( result == LDAP_PROTOCOL_ERROR ) {
+ Connection *upstream = op->o_upstream;
+ Backend *b;
+
+ CONNECTION_LOCK(upstream);
+ b = (Backend *)upstream->c_private;
+ Debug( LDAP_DEBUG_ANY, "handle_vc_bind_response: "
+ "VC extended operation not supported on backend %s\n",
+ b->b_uri.bv_val );
+ CONNECTION_UNLOCK(upstream);
+ }
+
+ Debug( LDAP_DEBUG_STATS, "handle_vc_bind_response: "
+ "received response for bind request msgid=%d by client "
+ "connid=%lu, result=%d\n",
+ op->o_client_msgid, op->o_client_connid, result );
+
+ CONNECTION_LOCK(c);
+
+ if ( tag == LDAP_TAG_EXOP_VERIFY_CREDENTIALS_COOKIE ) {
+ if ( !BER_BVISNULL( &c->c_vc_cookie ) ) {
+ ber_memfree( c->c_vc_cookie.bv_val );
+ }
+ tag = ber_scanf( ber, "o", &c->c_vc_cookie );
+ if ( tag == LBER_ERROR ) {
+ rc = -1;
+ CONNECTION_UNLOCK_INCREF(c);
+ goto done;
+ }
+ tag = ber_peek_tag( ber, &len );
+ }
+
+ if ( tag == LDAP_TAG_EXOP_VERIFY_CREDENTIALS_SCREDS ) {
+ tag = ber_scanf( ber, "m", &creds );
+ if ( tag == LBER_ERROR ) {
+ rc = -1;
+ CONNECTION_UNLOCK_INCREF(c);
+ goto done;
+ }
+ tag = ber_peek_tag( ber, &len );
+ }
+
+ if ( tag == LDAP_TAG_EXOP_VERIFY_CREDENTIALS_CONTROLS ) {
+ tag = ber_scanf( ber, "m", &controls );
+ if ( tag == LBER_ERROR ) {
+ rc = -1;
+ CONNECTION_UNLOCK_INCREF(c);
+ goto done;
+ }
+ }
+
+ if ( c->c_state == LLOAD_C_BINDING ) {
+ switch ( result ) {
+ case LDAP_SASL_BIND_IN_PROGRESS:
+ break;
+ case LDAP_SUCCESS:
+ default: {
+ c->c_state = LLOAD_C_READY;
+ c->c_type = LLOAD_C_OPEN;
+ if ( result != LDAP_SUCCESS ) {
+ ber_memfree( c->c_auth.bv_val );
+ BER_BVZERO( &c->c_auth );
+ } else if ( !ber_bvstrcasecmp(
+ &c->c_auth, &lloadd_identity ) ) {
+ c->c_type = LLOAD_C_PRIVILEGED;
+ }
+ if ( !BER_BVISNULL( &c->c_vc_cookie ) ) {
+ ber_memfree( c->c_vc_cookie.bv_val );
+ BER_BVZERO( &c->c_vc_cookie );
+ }
+ if ( !BER_BVISNULL( &c->c_sasl_bind_mech ) ) {
+ ber_memfree( c->c_sasl_bind_mech.bv_val );
+ BER_BVZERO( &c->c_sasl_bind_mech );
+ }
+ break;
+ }
+ }
+ } else {
+ assert( c->c_state == LLOAD_C_INVALID ||
+ c->c_state == LLOAD_C_CLOSING );
+ }
+ CONNECTION_UNLOCK_INCREF(c);
+
+ ldap_pvt_thread_mutex_lock( &c->c_io_mutex );
+ output = c->c_pendingber;
+ if ( output == NULL && (output = ber_alloc()) == NULL ) {
+ rc = -1;
+ ldap_pvt_thread_mutex_unlock( &c->c_io_mutex );
+ goto done;
+ }
+ c->c_pendingber = output;
+
+ rc = ber_printf( output, "t{tit{eOOtO}tO}", LDAP_TAG_MESSAGE,
+ LDAP_TAG_MSGID, op->o_client_msgid, LDAP_RES_BIND,
+ result, &matched, &diagmsg,
+ LDAP_TAG_SASL_RES_CREDS, BER_BV_OPTIONAL( &creds ),
+ LDAP_TAG_CONTROLS, BER_BV_OPTIONAL( &controls ) );
+
+ ldap_pvt_thread_mutex_unlock( &c->c_io_mutex );
+ if ( rc >= 0 ) {
+ connection_write_cb( -1, 0, c );
+ rc = 0;
+ }
+
+done:
+ CONNECTION_LOCK_DECREF(c);
+ operation_destroy_from_client( op );
+ CONNECTION_UNLOCK_OR_DESTROY(c);
+ ber_free( ber, 1 );
+ return rc;
+}
+#endif /* LDAP_API_FEATURE_VERIFY_CREDENTIALS */
* bind.c
*/
LDAP_SLAPD_F (int) request_bind( Connection *c, Operation *op );
+LDAP_SLAPD_F (int) handle_bind_response( Operation *op, BerElement *ber );
+LDAP_SLAPD_F (int) handle_vc_bind_response( Operation *op, BerElement *ber );
/*
* client.c
/*
* upstream.c
*/
+LDAP_SLAPD_F (int) forward_final_response( Operation *op, BerElement *ber );
+LDAP_SLAPD_F (int) forward_response( Operation *op, BerElement *ber );
LDAP_SLAPD_F (Connection *) upstream_init( ber_socket_t s, Backend *b );
LDAP_SLAPD_F (void) upstream_destroy( Connection *c );
#include "lutil.h"
#include "slap.h"
-static int
+int
forward_response( Operation *op, BerElement *ber )
{
Connection *c = op->o_client;
return 0;
}
-static int
+int
forward_final_response( Operation *op, BerElement *ber )
{
int rc;
return rc;
}
-static int
-handle_bind_response( Operation *op, BerElement *ber )
-{
- Connection *client = op->o_client, *upstream = op->o_upstream;
- BerValue response;
- BerElement *copy;
- ber_int_t result;
- ber_tag_t tag;
- int rc = LDAP_SUCCESS;
-
- if ( (copy = ber_alloc()) == NULL ) {
- rc = -1;
- goto done;
- }
-
- tag = ber_peek_element( ber, &response );
- assert( tag == LDAP_RES_BIND );
-
- ber_init2( copy, &response, 0 );
-
- tag = ber_get_enum( copy, &result );
- ber_free( copy, 0 );
-
- if ( tag == LBER_ERROR ) {
- rc = -1;
- goto done;
- }
-
- Debug( LDAP_DEBUG_STATS, "handle_bind_response: "
- "received response for bind request msgid=%d by client "
- "connid=%lu, result=%d\n",
- op->o_client_msgid, op->o_client_connid, result );
-
- CONNECTION_LOCK(upstream);
- if ( result != LDAP_SASL_BIND_IN_PROGRESS ) {
- upstream->c_state = LLOAD_C_READY;
- }
- CONNECTION_UNLOCK(upstream);
-
- CONNECTION_LOCK(client);
- if ( client->c_state == LLOAD_C_BINDING ) {
- switch ( result ) {
- case LDAP_SASL_BIND_IN_PROGRESS:
- break;
- case LDAP_SUCCESS:
- default: {
- client->c_state = LLOAD_C_READY;
- client->c_type = LLOAD_C_OPEN;
- if ( result != LDAP_SUCCESS ) {
- ber_memfree( client->c_auth.bv_val );
- BER_BVZERO( &client->c_auth );
- } else if ( !ber_bvstrcasecmp(
- &client->c_auth, &lloadd_identity ) ) {
- client->c_type = LLOAD_C_PRIVILEGED;
- }
- if ( !BER_BVISNULL( &client->c_sasl_bind_mech ) ) {
- ber_memfree( client->c_sasl_bind_mech.bv_val );
- BER_BVZERO( &client->c_sasl_bind_mech );
- }
- break;
- }
- }
- } else {
- assert( client->c_state == LLOAD_C_INVALID ||
- client->c_state == LLOAD_C_CLOSING );
- }
- CONNECTION_UNLOCK(client);
-
-done:
- if ( rc ) {
- operation_send_reject( op, LDAP_OTHER, "internal error", 0 );
-
- ber_free( ber, 1 );
- return LDAP_SUCCESS;
- }
- return forward_final_response( op, ber );
-}
-
-#ifdef LDAP_API_FEATURE_VERIFY_CREDENTIALS
-static int
-handle_vc_bind_response( Operation *op, BerElement *ber )
-{
- Connection *c = op->o_client;
- BerElement *output;
- BerValue matched, diagmsg, creds = BER_BVNULL, controls = BER_BVNULL;
- ber_int_t result;
- ber_tag_t tag;
- ber_len_t len;
- int rc = 0;
-
- tag = ber_scanf( ber, "{emm" /* "}" */,
- &result, &matched, &diagmsg );
- if ( tag == LBER_ERROR ) {
- rc = -1;
- goto done;
- }
-
- tag = ber_peek_tag( ber, &len );
- if ( result == LDAP_PROTOCOL_ERROR ) {
- Connection *upstream = op->o_upstream;
- Backend *b;
-
- CONNECTION_LOCK(upstream);
- b = (Backend *)upstream->c_private;
- Debug( LDAP_DEBUG_ANY, "handle_vc_bind_response: "
- "VC extended operation not supported on backend %s\n",
- b->b_uri.bv_val );
- CONNECTION_UNLOCK(upstream);
- }
-
- Debug( LDAP_DEBUG_STATS, "handle_vc_bind_response: "
- "received response for bind request msgid=%d by client "
- "connid=%lu, result=%d\n",
- op->o_client_msgid, op->o_client_connid, result );
-
- CONNECTION_LOCK(c);
-
- if ( tag == LDAP_TAG_EXOP_VERIFY_CREDENTIALS_COOKIE ) {
- if ( !BER_BVISNULL( &c->c_vc_cookie ) ) {
- ber_memfree( c->c_vc_cookie.bv_val );
- }
- tag = ber_scanf( ber, "o", &c->c_vc_cookie );
- if ( tag == LBER_ERROR ) {
- rc = -1;
- CONNECTION_UNLOCK_INCREF(c);
- goto done;
- }
- tag = ber_peek_tag( ber, &len );
- }
-
- if ( tag == LDAP_TAG_EXOP_VERIFY_CREDENTIALS_SCREDS ) {
- tag = ber_scanf( ber, "m", &creds );
- if ( tag == LBER_ERROR ) {
- rc = -1;
- CONNECTION_UNLOCK_INCREF(c);
- goto done;
- }
- tag = ber_peek_tag( ber, &len );
- }
-
- if ( tag == LDAP_TAG_EXOP_VERIFY_CREDENTIALS_CONTROLS ) {
- tag = ber_scanf( ber, "m", &controls );
- if ( tag == LBER_ERROR ) {
- rc = -1;
- CONNECTION_UNLOCK_INCREF(c);
- goto done;
- }
- }
-
- if ( c->c_state == LLOAD_C_BINDING ) {
- switch ( result ) {
- case LDAP_SASL_BIND_IN_PROGRESS:
- break;
- case LDAP_SUCCESS:
- default: {
- c->c_state = LLOAD_C_READY;
- c->c_type = LLOAD_C_OPEN;
- if ( result != LDAP_SUCCESS ) {
- ber_memfree( c->c_auth.bv_val );
- BER_BVZERO( &c->c_auth );
- } else if ( !ber_bvstrcasecmp(
- &c->c_auth, &lloadd_identity ) ) {
- c->c_type = LLOAD_C_PRIVILEGED;
- }
- if ( !BER_BVISNULL( &c->c_vc_cookie ) ) {
- ber_memfree( c->c_vc_cookie.bv_val );
- BER_BVZERO( &c->c_vc_cookie );
- }
- if ( !BER_BVISNULL( &c->c_sasl_bind_mech ) ) {
- ber_memfree( c->c_sasl_bind_mech.bv_val );
- BER_BVZERO( &c->c_sasl_bind_mech );
- }
- break;
- }
- }
- } else {
- assert( c->c_state == LLOAD_C_INVALID ||
- c->c_state == LLOAD_C_CLOSING );
- }
- CONNECTION_UNLOCK_INCREF(c);
-
- ldap_pvt_thread_mutex_lock( &c->c_io_mutex );
- output = c->c_pendingber;
- if ( output == NULL && (output = ber_alloc()) == NULL ) {
- rc = -1;
- ldap_pvt_thread_mutex_unlock( &c->c_io_mutex );
- goto done;
- }
- c->c_pendingber = output;
-
- rc = ber_printf( output, "t{tit{eOOtO}tO}", LDAP_TAG_MESSAGE,
- LDAP_TAG_MSGID, op->o_client_msgid, LDAP_RES_BIND,
- result, &matched, &diagmsg,
- LDAP_TAG_SASL_RES_CREDS, BER_BV_OPTIONAL( &creds ),
- LDAP_TAG_CONTROLS, BER_BV_OPTIONAL( &controls ) );
-
- ldap_pvt_thread_mutex_unlock( &c->c_io_mutex );
- if ( rc >= 0 ) {
- connection_write_cb( -1, 0, c );
- rc = 0;
- }
-
-done:
- CONNECTION_LOCK_DECREF(c);
- operation_destroy_from_client( op );
- CONNECTION_UNLOCK_OR_DESTROY(c);
- ber_free( ber, 1 );
- return rc;
-}
-#endif /* LDAP_API_FEATURE_VERIFY_CREDENTIALS */
-
static int
handle_unsolicited( Connection *c, BerElement *ber )
{
projects / thirdparty / openldap.git / commitdiff
