#include "http_log.h"
#include "http_protocol.h"
#include "http_request.h"
+#include "apr_optional.h"
/* Create a set of LDAP_DECLARE macros with appropriate export
* and import tags for the platform
* @deffunc int util_ldap_connection_open(request_rec *r,
* util_ldap_connection_t *ldc)
*/
-LDAP_DECLARE(int) util_ldap_connection_open(request_rec *r,
- util_ldap_connection_t *ldc);
+APR_DECLARE_OPTIONAL_FN(int,uldap_connection_open,(request_rec *r,
+ util_ldap_connection_t *ldc));
/**
* Close a connection to an LDAP server
* structure, using apr_ldap_open_connection().
* @deffunc util_ldap_close_connection(util_ldap_connection_t *ldc)
*/
-LDAP_DECLARE(void) util_ldap_connection_close(util_ldap_connection_t *ldc);
+APR_DECLARE_OPTIONAL_FN(void,uldap_connection_close,(util_ldap_connection_t *ldc));
/**
* Unbind a connection to an LDAP server
* connection back to a known state.
* @deffunc apr_status_t util_ldap_connection_unbind(util_ldap_connection_t *ldc)
*/
-LDAP_DECLARE_NONSTD(apr_status_t) util_ldap_connection_unbind(void *param);
+APR_DECLARE_OPTIONAL_FN(apr_status_t,uldap_connection_unbind,(void *param));
/**
* Cleanup a connection to an LDAP server
* LDAP connections when the server is finished with them.
* @deffunc apr_status_t util_ldap_connection_cleanup(util_ldap_connection_t *ldc)
*/
-LDAP_DECLARE_NONSTD(apr_status_t) util_ldap_connection_cleanup(void *param);
+APR_DECLARE_OPTIONAL_FN(apr_status_t,uldap_connection_cleanup,(void *param));
/**
* Find a connection in a list of connections
* const char *binddn, const char *bindpw, deref_options deref,
* int netscapessl, int starttls)
*/
-LDAP_DECLARE(util_ldap_connection_t *) util_ldap_connection_find(request_rec *r, const char *host, int port,
+APR_DECLARE_OPTIONAL_FN(util_ldap_connection_t *,uldap_connection_find,(request_rec *r, const char *host, int port,
const char *binddn, const char *bindpw, deref_options deref,
- int secure);
-
+ int secure));
/**
* Compare two DNs for sameness
* const char *url, const char *dn, const char *reqdn,
* int compare_dn_on_server)
*/
-LDAP_DECLARE(int) util_ldap_cache_comparedn(request_rec *r, util_ldap_connection_t *ldc,
+APR_DECLARE_OPTIONAL_FN(int,uldap_cache_comparedn,(request_rec *r, util_ldap_connection_t *ldc,
const char *url, const char *dn, const char *reqdn,
- int compare_dn_on_server);
+ int compare_dn_on_server));
/**
* A generic LDAP compare function
* @deffunc int util_ldap_cache_compare(request_rec *r, util_ldap_connection_t *ldc,
* const char *url, const char *dn, const char *attrib, const char *value)
*/
-LDAP_DECLARE(int) util_ldap_cache_compare(request_rec *r, util_ldap_connection_t *ldc,
- const char *url, const char *dn, const char *attrib, const char *value);
+APR_DECLARE_OPTIONAL_FN(int,uldap_cache_compare,(request_rec *r, util_ldap_connection_t *ldc,
+ const char *url, const char *dn, const char *attrib, const char *value));
/**
* Checks a username/password combination by binding to the LDAP server
* char *url, const char *basedn, int scope, char **attrs,
* char *filter, char *bindpw, char **binddn, char ***retvals)
*/
-LDAP_DECLARE(int) util_ldap_cache_checkuserid(request_rec *r, util_ldap_connection_t *ldc,
+APR_DECLARE_OPTIONAL_FN(int,uldap_cache_checkuserid,(request_rec *r, util_ldap_connection_t *ldc,
const char *url, const char *basedn, int scope, char **attrs,
- const char *filter, const char *bindpw, const char **binddn, const char ***retvals);
+ const char *filter, const char *bindpw, const char **binddn, const char ***retvals));
/**
* Searches for a specified user object in an LDAP directory
* char *url, const char *basedn, int scope, char **attrs,
* char *filter, char **binddn, char ***retvals)
*/
-LDAP_DECLARE(int) util_ldap_cache_getuserdn(request_rec *r, util_ldap_connection_t *ldc,
+APR_DECLARE_OPTIONAL_FN(int,uldap_cache_getuserdn,(request_rec *r, util_ldap_connection_t *ldc,
const char *url, const char *basedn, int scope, char **attrs,
- const char *filter, const char **binddn, const char ***retvals);
+ const char *filter, const char **binddn, const char ***retvals));
/**
* Checks if SSL support is available in mod_ldap
* @deffunc int util_ldap_ssl_supported(request_rec *r)
*/
-LDAP_DECLARE(int) util_ldap_ssl_supported(request_rec *r);
+APR_DECLARE_OPTIONAL_FN(int,uldap_ssl_supported,(request_rec *r));
/* from apr_ldap_cache.c */
module AP_MODULE_DECLARE_DATA authnz_ldap_module;
+static APR_OPTIONAL_FN_TYPE(uldap_connection_close) *util_ldap_connection_close;
+static APR_OPTIONAL_FN_TYPE(uldap_connection_find) *util_ldap_connection_find;
+static APR_OPTIONAL_FN_TYPE(uldap_cache_comparedn) *util_ldap_cache_comparedn;
+static APR_OPTIONAL_FN_TYPE(uldap_cache_compare) *util_ldap_cache_compare;
+static APR_OPTIONAL_FN_TYPE(uldap_cache_checkuserid) *util_ldap_cache_checkuserid;
+static APR_OPTIONAL_FN_TYPE(uldap_cache_getuserdn) *util_ldap_cache_getuserdn;
+static APR_OPTIONAL_FN_TYPE(uldap_ssl_supported) *util_ldap_ssl_supported;
+
static apr_hash_t *charset_conversions = NULL;
static char *to_charset = NULL; /* UTF-8 identifier derived from the charset.conv file */
&authn_ldap_check_password,
};
+static void ImportULDAPOptFn(void)
+{
+ util_ldap_connection_close = APR_RETRIEVE_OPTIONAL_FN(uldap_connection_close);
+ util_ldap_connection_find = APR_RETRIEVE_OPTIONAL_FN(uldap_connection_find);
+ util_ldap_cache_comparedn = APR_RETRIEVE_OPTIONAL_FN(uldap_cache_comparedn);
+ util_ldap_cache_compare = APR_RETRIEVE_OPTIONAL_FN(uldap_cache_compare);
+ util_ldap_cache_checkuserid = APR_RETRIEVE_OPTIONAL_FN(uldap_cache_checkuserid);
+ util_ldap_cache_getuserdn = APR_RETRIEVE_OPTIONAL_FN(uldap_cache_getuserdn);
+ util_ldap_ssl_supported = APR_RETRIEVE_OPTIONAL_FN(uldap_ssl_supported);
+}
+
static void register_hooks(apr_pool_t *p)
{
static const char * const aszPost[]={ "mod_authz_user.c", NULL };
ap_hook_post_config(authnz_ldap_post_config,NULL,NULL,APR_HOOK_MIDDLE);
ap_hook_auth_checker(authz_ldap_check_user_access, NULL, aszPost, APR_HOOK_MIDDLE);
+ ap_hook_optional_fn_retrieve(ImportULDAPOptFn,NULL,NULL,APR_HOOK_MIDDLE);
}
module AP_MODULE_DECLARE_DATA authnz_ldap_module =
#
FILES_nlm_exports = \
ldap_module \
- util_ldap_connection_find \
- util_ldap_connection_close \
- util_ldap_connection_unbind \
- util_ldap_connection_cleanup \
- util_ldap_cache_checkuserid \
- util_ldap_cache_getuserdn \
- util_ldap_cache_compare \
- util_ldap_cache_comparedn \
- util_ldap_ssl_supported \
+ uldap_connection_open \
+ uldap_connection_find \
+ uldap_connection_close \
+ uldap_connection_unbind \
+ uldap_connection_cleanup \
+ uldap_cache_checkuserid \
+ uldap_cache_getuserdn \
+ uldap_cache_compare \
+ uldap_cache_comparedn \
+ uldap_ssl_supported \
$(EOLIST)
#
/*
* Closes an LDAP connection by unlocking it. The next time
- * util_ldap_connection_find() is called this connection will be
+ * uldap_connection_find() is called this connection will be
* available for reuse.
*/
-LDAP_DECLARE(void) util_ldap_connection_close(util_ldap_connection_t *ldc)
+LDAP_DECLARE(void) uldap_connection_close(util_ldap_connection_t *ldc)
{
/*
* the LDAP server. It is used to bring the connection back to a known
* state after an error, and during pool cleanup.
*/
-LDAP_DECLARE_NONSTD(apr_status_t) util_ldap_connection_unbind(void *param)
+LDAP_DECLARE_NONSTD(apr_status_t) uldap_connection_unbind(void *param)
{
util_ldap_connection_t *ldc = param;
* This function is registered with the pool cleanup function - causing
* the LDAP connections to be shut down cleanly on graceful restart.
*/
-LDAP_DECLARE_NONSTD(apr_status_t) util_ldap_connection_cleanup(void *param)
+LDAP_DECLARE_NONSTD(apr_status_t) uldap_connection_cleanup(void *param)
{
util_ldap_connection_t *ldc = param;
if (ldc) {
/* unbind and disconnect from the LDAP server */
- util_ldap_connection_unbind(ldc);
+ uldap_connection_unbind(ldc);
/* free the username and password */
if (ldc->bindpw) {
}
/* unlock this entry */
- util_ldap_connection_close(ldc);
+ uldap_connection_close(ldc);
}
*
* Returns LDAP_SUCCESS on success; and an error code on failure
*/
-LDAP_DECLARE(int) util_ldap_connection_open(request_rec *r,
+LDAP_DECLARE(int) uldap_connection_open(request_rec *r,
util_ldap_connection_t *ldc)
{
int rc = 0;
* ldc structure will be returned.
*/
LDAP_DECLARE(util_ldap_connection_t *)
- util_ldap_connection_find(request_rec *r,
+ uldap_connection_find(request_rec *r,
const char *host, int port,
const char *binddn, const char *bindpw,
deref_options deref, int secure) {
/* add the cleanup to the pool */
apr_pool_cleanup_register(l->pool, l,
- util_ldap_connection_cleanup,
+ uldap_connection_cleanup,
apr_pool_cleanup_null);
if (p) {
*
* The lock for the ldap cache should already be acquired.
*/
-LDAP_DECLARE(int) util_ldap_cache_comparedn(request_rec *r, util_ldap_connection_t *ldc,
+LDAP_DECLARE(int) uldap_cache_comparedn(request_rec *r, util_ldap_connection_t *ldc,
const char *url, const char *dn, const char *reqdn,
int compare_dn_on_server)
{
}
/* make a server connection */
- if (LDAP_SUCCESS != (result = util_ldap_connection_open(r, ldc))) {
+ if (LDAP_SUCCESS != (result = uldap_connection_open(r, ldc))) {
/* connect to server failed */
return result;
}
"(objectclass=*)", NULL, 1,
NULL, NULL, NULL, -1, &res)) == LDAP_SERVER_DOWN) {
ldc->reason = "DN Comparison ldap_search_ext_s() failed with server down";
- util_ldap_connection_unbind(ldc);
+ uldap_connection_unbind(ldc);
goto start_over;
}
if (result != LDAP_SUCCESS) {
* require user cache is owned by the
*
*/
-LDAP_DECLARE(int) util_ldap_cache_compare(request_rec *r, util_ldap_connection_t *ldc,
+LDAP_DECLARE(int) uldap_cache_compare(request_rec *r, util_ldap_connection_t *ldc,
const char *url, const char *dn,
const char *attrib, const char *value)
{
/* too many failures */
return result;
}
- if (LDAP_SUCCESS != (result = util_ldap_connection_open(r, ldc))) {
+ if (LDAP_SUCCESS != (result = uldap_connection_open(r, ldc))) {
/* connect failed */
return result;
}
== LDAP_SERVER_DOWN) {
/* connection failed - try again */
ldc->reason = "ldap_compare_s() failed with server down";
- util_ldap_connection_unbind(ldc);
+ uldap_connection_unbind(ldc);
goto start_over;
}
return result;
}
-LDAP_DECLARE(int) util_ldap_cache_checkuserid(request_rec *r, util_ldap_connection_t *ldc,
+LDAP_DECLARE(int) uldap_cache_checkuserid(request_rec *r, util_ldap_connection_t *ldc,
const char *url, const char *basedn, int scope, char **attrs,
const char *filter, const char *bindpw, const char **binddn,
const char ***retvals)
if (failures++ > 10) {
return result;
}
- if (LDAP_SUCCESS != (result = util_ldap_connection_open(r, ldc))) {
+ if (LDAP_SUCCESS != (result = uldap_connection_open(r, ldc))) {
return result;
}
(char *)filter, attrs, 0,
NULL, NULL, NULL, -1, &res)) == LDAP_SERVER_DOWN) {
ldc->reason = "ldap_search_ext_s() for user failed with server down";
- util_ldap_connection_unbind(ldc);
+ uldap_connection_unbind(ldc);
goto start_over;
}
ldc->reason = "ldap_simple_bind_s() to check user credentials "
"failed with server down";
ldap_msgfree(res);
- util_ldap_connection_unbind(ldc);
+ uldap_connection_unbind(ldc);
goto start_over;
}
if (result != LDAP_SUCCESS) {
ldc->reason = "ldap_simple_bind_s() to check user credentials failed";
ldap_msgfree(res);
- util_ldap_connection_unbind(ldc);
+ uldap_connection_unbind(ldc);
return result;
}
else {
* This function will return the DN of the entry matching userid.
* It is used to get the DN in case some other module than mod_auth_ldap
* has authenticated the user.
- * The function is basically a copy of util_ldap_cache_checkuserid
+ * The function is basically a copy of uldap_cache_checkuserid
* with password checking removed.
*/
-LDAP_DECLARE(int) util_ldap_cache_getuserdn(request_rec *r, util_ldap_connection_t *ldc,
+LDAP_DECLARE(int) uldap_cache_getuserdn(request_rec *r, util_ldap_connection_t *ldc,
const char *url, const char *basedn, int scope, char **attrs,
const char *filter, const char **binddn,
const char ***retvals)
if (failures++ > 10) {
return result;
}
- if (LDAP_SUCCESS != (result = util_ldap_connection_open(r, ldc))) {
+ if (LDAP_SUCCESS != (result = uldap_connection_open(r, ldc))) {
return result;
}
(char *)filter, attrs, 0,
NULL, NULL, NULL, -1, &res)) == LDAP_SERVER_DOWN) {
ldc->reason = "ldap_search_ext_s() for user failed with server down";
- util_ldap_connection_unbind(ldc);
+ uldap_connection_unbind(ldc);
goto start_over;
}
*
* 1 = enabled, 0 = not enabled
*/
-LDAP_DECLARE(int) util_ldap_ssl_supported(request_rec *r)
+LDAP_DECLARE(int) uldap_ssl_supported(request_rec *r)
{
util_ldap_state_t *st = (util_ldap_state_t *)ap_get_module_config(
r->server->module_config, &ldap_module);
static void util_ldap_register_hooks(apr_pool_t *p)
{
+ APR_REGISTER_OPTIONAL_FN(uldap_connection_open);
+ APR_REGISTER_OPTIONAL_FN(uldap_connection_close);
+ APR_REGISTER_OPTIONAL_FN(uldap_connection_unbind);
+ APR_REGISTER_OPTIONAL_FN(uldap_connection_cleanup);
+ APR_REGISTER_OPTIONAL_FN(uldap_connection_find);
+ APR_REGISTER_OPTIONAL_FN(uldap_cache_comparedn);
+ APR_REGISTER_OPTIONAL_FN(uldap_cache_compare);
+ APR_REGISTER_OPTIONAL_FN(uldap_cache_checkuserid);
+ APR_REGISTER_OPTIONAL_FN(uldap_cache_getuserdn);
+ APR_REGISTER_OPTIONAL_FN(uldap_ssl_supported);
+
ap_hook_post_config(util_ldap_post_config,NULL,NULL,APR_HOOK_MIDDLE);
ap_hook_handler(util_ldap_handler, NULL, NULL, APR_HOOK_MIDDLE);
ap_hook_child_init(util_ldap_child_init, NULL, NULL, APR_HOOK_MIDDLE);