Back to index

lightning-sunbird  0.9+nobinonly
Defines | Functions
ppolicy.c File Reference
#include "examples.h"

Go to the source code of this file.

Defines

#define NO_PASSWORD_CONTROLS   0
#define PASSWORD_EXPIRED   -1

Functions

static void doUsage ()
static int check_controls (LDAPControl **ctrls)
static void process_other_errors (int lderr)
static void process_other_messages (char *errmsg)
int main (int argc, char **argv)

Define Documentation

Definition at line 44 of file ppolicy.c.

Definition at line 45 of file ppolicy.c.


Function Documentation

static int check_controls ( LDAPControl **  ctrls) [static]

Definition at line 52 of file ppolicy.c.

                                      {
       int           i;
       char buf[256];
       int status = NO_PASSWORD_CONTROLS;

       if ( ctrls == NULL ) {
              return NO_PASSWORD_CONTROLS;
       }

       for ( i = 0; ctrls[ i ] != NULL; ++i ) {
              memcpy( buf, ctrls[ i ]->ldctl_value.bv_val,
                            ctrls[ i ]->ldctl_value.bv_len );
              buf[ctrls[ i ]->ldctl_value.bv_len] = 0;
              if( !strcmp( LDAP_CONTROL_PWEXPIRED, ctrls[ i ]->ldctl_oid ) ) {
                     status = PASSWORD_EXPIRED;
              } else if ( !strcmp( LDAP_CONTROL_PWEXPIRING,
                                                  ctrls[ i ]->ldctl_oid ) ) {
                     status = atoi( buf );
              }
       }

       return status;
}

Here is the call graph for this function:

Here is the caller graph for this function:

static void doUsage ( ) [static]

Definition at line 47 of file ppolicy.c.

                      {
       printf( "Usage: ppolicy HOST PORT DN PASSWORD\n" );
}

Here is the caller graph for this function:

int main ( int  argc,
char **  argv 
)

Definition at line 100 of file ppolicy.c.

                              {
    LDAP             *ld;
    char             *dn;
       char            *password;
       char            *host;
       int             port;
    int                     rc = 0;
    int             version = LDAP_VERSION3;
       int             msgid;
       LDAPMessage     *result;
       LDAPControl       **ctrls;
       int                   lderr;
       int             password_status = 0;
       char              *matcheddn, *errmsg, **refs;

       if ( argc == 1 ) {
              host = MY_HOST;
              port = MY_PORT;
              dn = USER_DN;
              password = USER_PW;
       } else if ( argc == 5 ) {
              host = argv[1];
              port = atoi( argv[2] );
              dn = argv[3];
              password = argv[4];
       } else {
              doUsage();
              return( 1 );
       }

    /* get a handle to an LDAP connection */
    if ( (ld = ldap_init( host, port )) == NULL ) {
              perror( "ldap_init" );
              return( 1 );
    }
    
    if (ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &version ) != 0) {
              ldap_perror( ld, "ldap_set_option");
              return ( 1 );
    }

    /* authenticate to the directory */
#ifdef SYNCHRONOUS_BIND
       /* Synchronous bind */
       ldap_simple_bind_s( ld, dn, password );
       lderr = ldap_get_lderrno( ld, NULL, &errmsg );
       if ( LDAP_SUCCESS == lderr ) {
              printf( "Authentication successful\n" );
       } else {
              rc = -1;
              if ( LDAP_INVALID_CREDENTIALS == lderr ) {
                     fprintf( stderr, "Invalid credentials\n" );
              } else {
                     process_other_errors( lderr );
              }
              if ( errmsg != NULL ) {
                     if ( strstr( errmsg, "password expired" ) != NULL ) {
                            fprintf( stderr, "Password expired\n" );
                     } else {
                            fprintf( stderr, "Additional info: %s\n",
                                           errmsg );
                     }
                     ldap_memfree( errmsg );
              }
       }
       /* You can't get the controls with a synchronous bind, so we
          can't report if the password is about to expire */

#else
       /* Asynchronous bind */
       if ( msgid = ldap_simple_bind( ld, dn, password ) < 0 ) {
              ldap_perror( ld, "ldap_simple_bind" );
              rc = -1;
       } else {
              rc = ldap_result( ld, LDAP_RES_ANY, LDAP_MSG_ONE,
                            (struct timeval *)NULL, &result );
              if ( rc == LDAP_RES_BIND ) {
                     if ( ldap_parse_result( ld, result, &lderr, &matcheddn, &errmsg,
                                                               &refs, &ctrls, 0 ) != LDAP_SUCCESS ) {
                            ldap_perror( ld, "ldap_parse_result" );
                     } else {
                            if ( LDAP_SUCCESS == lderr ) {
                                   printf( "Authentication successful\n" );
                            } else {
                                   if ( LDAP_INVALID_CREDENTIALS == lderr ) {
                                          fprintf( stderr, "Invalid credentials\n" );
                                   } else {
                                          process_other_errors( lderr );
                                   }
                                   if ( errmsg != NULL ) {
                                          if ( strstr( errmsg, "password expired" ) != NULL ) {
                                                 fprintf( stderr, "Password expired\n" );
                                          } else {
                                                 fprintf( stderr, "Additional info: %s\n",
                                                                errmsg );
                                          }
                                          ldap_memfree( errmsg );
                                   }
                            }

                            password_status = check_controls( ctrls );
                            ldap_controls_free( ctrls );
                            if ( password_status == PASSWORD_EXPIRED ) {
                                   fprintf( stderr,
                                                  "Password expired and must be reset\n" );
                            } else if ( password_status > 0 ) {
                                   fprintf( stderr,
                                                  "Password will expire in %d seconds\n",
                                                  password_status );
                            }
                            rc = 0;
                     }
              } else {
                     fprintf( stderr, "ldap_result returned %d\n", rc );
                     ldap_perror( ld, "ldap_result" );
                     rc = -1;
              }
       }
#endif

       if ( LDAP_SUCCESS == lderr ) {
              ldap_unbind( ld );
       }

    return rc;
}

Here is the call graph for this function:

static void process_other_errors ( int  lderr) [static]

Definition at line 77 of file ppolicy.c.

                                  {
       fprintf( stderr, "ldap_parse_result: %s",
                      ldap_err2string( lderr ));
       if ( LDAP_CONNECT_ERROR == lderr ) {
              perror( " - " );
       } else {
              fputc( '\n', stderr );
       }
}

Here is the call graph for this function:

Here is the caller graph for this function:

static void process_other_messages ( char *  errmsg) [static]

Definition at line 88 of file ppolicy.c.

                                       {
       if ( errmsg != NULL ) {
              if ( *errmsg != '\0' ) {
                     fprintf( stderr, "Additional info: %s\n",
                                    errmsg );
              }
              ldap_memfree( errmsg );
       }
}

Here is the call graph for this function: