mirror of
https://git.openldap.org/openldap/openldap.git
synced 2025-12-26 01:29:59 -05:00
merge changes from authPassword work which should fix SPASSWD code...
This commit is contained in:
Kurt Zeilenga
parent
3ddb829076
commit
50714d2d48
6 changed files with 38 additions and 37 deletions
|
|
@ -165,7 +165,7 @@ ldbm_back_bind(
|
|||
goto return_results;
|
||||
}
|
||||
|
||||
if ( slap_passwd_check( a, cred ) != 0 ) {
|
||||
if ( slap_passwd_check( conn, a, cred ) != 0 ) {
|
||||
send_ldap_result( conn, op, LDAP_INVALID_CREDENTIALS,
|
||||
NULL, NULL, NULL, NULL );
|
||||
/* stop front end from sending result */
|
||||
|
|
|
|||
|
|
@ -516,14 +516,17 @@ be_isroot_pw( Backend *be, const char *ndn, struct berval *cred )
|
|||
return 0;
|
||||
}
|
||||
|
||||
#ifdef SLAPD_CRYPT
|
||||
ldap_pvt_thread_mutex_lock( &crypt_mutex );
|
||||
#if defined( SLAPD_CRYPT ) || defined( SLAPD_PASSWD )
|
||||
ldap_pvt_thread_mutex_lock( &passwd_mutex );
|
||||
#ifdef SLAPD_SPASSWD
|
||||
lutil_passwd_sasl_conn = conn->c_sasl_context;
|
||||
#endif
|
||||
#endif
|
||||
|
||||
result = lutil_passwd( &be->be_root_pw, cred, NULL );
|
||||
|
||||
#ifdef SLAPD_CRYPT
|
||||
ldap_pvt_thread_mutex_unlock( &crypt_mutex );
|
||||
#if defined( SLAPD_CRYPT ) || defined( SLAPD_PASSWD )
|
||||
ldap_pvt_thread_mutex_unlock( &passwd_mutex );
|
||||
#endif
|
||||
|
||||
return result == 0;
|
||||
|
|
|
|||
|
|
@ -40,8 +40,8 @@ char **g_argv;
|
|||
*/
|
||||
ldap_pvt_thread_pool_t connection_pool;
|
||||
ldap_pvt_thread_mutex_t gmtime_mutex;
|
||||
#ifdef SLAPD_CRYPT
|
||||
ldap_pvt_thread_mutex_t crypt_mutex;
|
||||
#if defined( SLAPD_CRYPT ) || defined( SLAPD_PASSWD )
|
||||
ldap_pvt_thread_mutex_t passwd_mutex;
|
||||
#endif
|
||||
|
||||
int num_conns;
|
||||
|
|
@ -103,8 +103,8 @@ slap_init( int mode, const char *name )
|
|||
ldap_pvt_thread_mutex_init( &num_sent_mutex );
|
||||
|
||||
ldap_pvt_thread_mutex_init( &gmtime_mutex );
|
||||
#ifdef SLAPD_CRYPT
|
||||
ldap_pvt_thread_mutex_init( &crypt_mutex );
|
||||
#if defined( SLAPD_CRYPT ) || defined( SLAPD_PASSWD )
|
||||
ldap_pvt_thread_mutex_init( &passwd_mutex );
|
||||
#endif
|
||||
|
||||
rc = slap_sasl_init();
|
||||
|
|
|
|||
|
|
@ -217,28 +217,32 @@ struct berval * slap_passwd_return(
|
|||
|
||||
int
|
||||
slap_passwd_check(
|
||||
Connection *conn,
|
||||
Attribute *a,
|
||||
struct berval *cred )
|
||||
{
|
||||
int i;
|
||||
int result = 1;
|
||||
|
||||
#if defined( SLAPD_CRYPT ) || defined( SLAPD_PASSWD )
|
||||
ldap_pvt_thread_mutex_lock( &crypt_mutex );
|
||||
#ifdef SLAPD_SPASSWD
|
||||
lutil_passwd_sasl_conn = conn->c_sasl_context;
|
||||
#endif
|
||||
#endif
|
||||
|
||||
for ( i = 0; a->a_vals[i] != NULL; i++ ) {
|
||||
int result;
|
||||
|
||||
#ifdef SLAPD_CRYPT
|
||||
ldap_pvt_thread_mutex_lock( &crypt_mutex );
|
||||
#endif
|
||||
|
||||
result = lutil_passwd( a->a_vals[i], cred, NULL );
|
||||
|
||||
#ifdef SLAPD_CRYPT
|
||||
ldap_pvt_thread_mutex_unlock( &crypt_mutex );
|
||||
#endif
|
||||
|
||||
if( !result )
|
||||
return result;
|
||||
if( !lutil_passwd( a->a_vals[i], cred, NULL ) ) {
|
||||
result = 0;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
return( 1 );
|
||||
#if defined( SLAPD_CRYPT ) || defined( SLAPD_PASSWD )
|
||||
ldap_pvt_thread_mutex_unlock( &passwd_mutex );
|
||||
#endif
|
||||
|
||||
return result;
|
||||
}
|
||||
|
||||
struct berval * slap_passwd_generate( void )
|
||||
|
|
@ -259,14 +263,14 @@ struct berval * slap_passwd_hash(
|
|||
|
||||
struct berval *new;
|
||||
|
||||
#ifdef SLAPD_CRYPT
|
||||
ldap_pvt_thread_mutex_lock( &crypt_mutex );
|
||||
#if defined( SLAPD_CRYPT ) || defined( SLAPD_PASSWD )
|
||||
ldap_pvt_thread_mutex_lock( &passwd_mutex );
|
||||
#endif
|
||||
|
||||
new = lutil_passwd_hash( cred , hash );
|
||||
|
||||
#ifdef SLAPD_CRYPT
|
||||
ldap_pvt_thread_mutex_unlock( &crypt_mutex );
|
||||
#if defined( SLAPD_CRYPT ) || defined( SLAPD_PASSWD )
|
||||
ldap_pvt_thread_mutex_unlock( &passwd_mutex );
|
||||
#endif
|
||||
|
||||
return new;
|
||||
|
|
|
|||
|
|
@ -727,6 +727,7 @@ LDAP_SLAPD_F (int) passwd_extop LDAP_P((
|
|||
struct berval *** refs ));
|
||||
|
||||
LDAP_SLAPD_F (int) slap_passwd_check(
|
||||
Connection *conn,
|
||||
Attribute *attr,
|
||||
struct berval *cred );
|
||||
|
||||
|
|
@ -804,8 +805,8 @@ LDAP_SLAPD_F (ldap_pvt_thread_pool_t) connection_pool;
|
|||
LDAP_SLAPD_F (ldap_pvt_thread_mutex_t) entry2str_mutex;
|
||||
LDAP_SLAPD_F (ldap_pvt_thread_mutex_t) replog_mutex;
|
||||
|
||||
#ifdef SLAPD_CRYPT
|
||||
LDAP_SLAPD_F (ldap_pvt_thread_mutex_t) crypt_mutex;
|
||||
#if defined( SLAPD_CRYPT ) || defined( SLAPD_SPASSWD )
|
||||
LDAP_SLAPD_F (ldap_pvt_thread_mutex_t) passwd_mutex;
|
||||
#endif
|
||||
LDAP_SLAPD_F (ldap_pvt_thread_mutex_t) gmtime_mutex;
|
||||
|
||||
|
|
|
|||
|
|
@ -203,11 +203,7 @@ int slap_sasl_init( void )
|
|||
sasl_secprops.maxbufsize = 65536;
|
||||
sasl_secprops.security_flags = SASL_SEC_NOPLAINTEXT|SASL_SEC_NOANONYMOUS;
|
||||
|
||||
#ifdef SLAPD_SPASSWD
|
||||
lutil_passwd_sasl_conn = server;
|
||||
#else
|
||||
sasl_dispose( &server );
|
||||
#endif
|
||||
|
||||
#endif
|
||||
return 0;
|
||||
|
|
@ -216,9 +212,6 @@ int slap_sasl_init( void )
|
|||
int slap_sasl_destroy( void )
|
||||
{
|
||||
#ifdef HAVE_CYRUS_SASL
|
||||
#ifdef SLAPD_SPASSWD
|
||||
sasl_dispose( &lutil_passwd_sasl_conn );
|
||||
#endif
|
||||
sasl_done();
|
||||
#endif
|
||||
return 0;
|
||||
|
|
|
|||
Loading…
Reference in a new issue