Back to index

openldap  2.4.31
Functions
bind.c File Reference
#include "portable.h"
#include <stdio.h>
#include <ac/socket.h>
#include <ac/string.h>
#include "slap.h"
#include "proto-dnssrv.h"

Go to the source code of this file.

Functions

int dnssrv_back_bind (Operation *op, SlapReply *rs)

Function Documentation

int dnssrv_back_bind ( Operation op,
SlapReply rs 
)

Definition at line 34 of file bind.c.

{
       Debug( LDAP_DEBUG_TRACE, "DNSSRV: bind dn=\"%s\" (%d)\n",
              BER_BVISNULL( &op->o_req_dn ) ? "" : op->o_req_dn.bv_val, 
              op->orb_method, 0 );

       /* allow rootdn as a means to auth without the need to actually
        * contact the proxied DSA */
       switch ( be_rootdn_bind( op, NULL ) ) {
       case LDAP_SUCCESS:
              /* frontend will send result */
              return rs->sr_err;

       default:
              /* treat failure and like any other bind, otherwise
               * it could reveal the DN of the rootdn */
              break;
       }

       if ( !BER_BVISNULL( &op->orb_cred ) &&
              !BER_BVISEMPTY( &op->orb_cred ) )
       {
              /* simple bind */
              Statslog( LDAP_DEBUG_STATS,
                     "%s DNSSRV BIND dn=\"%s\" provided cleartext passwd\n",
                     op->o_log_prefix,
                     BER_BVISNULL( &op->o_req_dn ) ? "" : op->o_req_dn.bv_val , 0, 0, 0 );

              send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
                     "you shouldn't send strangers your password" );

       } else {
              /* unauthenticated bind */
              /* NOTE: we're not going to get here anyway:
               * unauthenticated bind is dealt with by the frontend */
              Debug( LDAP_DEBUG_TRACE, "DNSSRV: BIND dn=\"%s\"\n",
                     BER_BVISNULL( &op->o_req_dn ) ? "" : op->o_req_dn.bv_val, 0, 0 );

              send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
                     "anonymous bind expected" );
       }

       return 1;
}

Here is the call graph for this function: