#include #include #include #include #define LDAP_URI "ldap://ldap.technikum-wien.at:389" #define SEARCHBASE "dc=technikum-wien,dc=at" #define SCOPE LDAP_SCOPE_SUBTREE #define FILTER "(uid=if17b*)" static int ldapTryLoginIntern(char* user, char* password) { LDAP *ld; // LDAP resource handle BerValue *servercredp; BerValue cred; cred.bv_val = password; cred.bv_len = strlen(password); int rc = 0; int ldapversion = LDAP_VERSION3; /* setup LDAP connection */ if(ldap_initialize(&ld, LDAP_URI) != LDAP_SUCCESS) { fprintf(stderr, "ldap_init failed"); return 0; } if((rc = ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &ldapversion)) != LDAP_SUCCESS) { fprintf(stderr, "ldap_set_option(PROTOCOL_VERSION): %s\n", ldap_err2string(rc)); ldap_unbind_ext_s(ld, NULL, NULL); return 0; } if((rc = ldap_start_tls_s(ld, NULL, NULL)) != LDAP_SUCCESS) { fprintf(stderr, "ldap_start_tls_s(): %s\n", ldap_err2string(rc)); ldap_unbind_ext_s(ld, NULL, NULL); return 0; } rc = ldap_sasl_bind_s(ld, user, LDAP_SASL_SIMPLE, &cred, NULL, NULL, &servercredp); if(rc != LDAP_SUCCESS) { return 0; } ldap_unbind_ext_s(ld, NULL, NULL); return 1; } int ldapTryLogin(char* user, char* password) { LDAP *ld; // LDAP resource handle LDAPMessage *result, *e; // LDAP result handle BerElement *ber; // array of attributes char *attribute; BerValue **vals; BerValue *servercredp; BerValue cred; cred.bv_val = ""; cred.bv_len = 0; int i, rc = 0; const char *attribs[] = {"uid", "cn", NULL}; /* attribute array for search */ int ldapversion = LDAP_VERSION3; /* setup LDAP connection */ if(ldap_initialize(&ld, LDAP_URI) != LDAP_SUCCESS) { fprintf(stderr, "ldap_init failed"); return 0; } if((rc = ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &ldapversion)) != LDAP_SUCCESS) { fprintf(stderr, "ldap_set_option(PROTOCOL_VERSION): %s\n", ldap_err2string(rc)); ldap_unbind_ext_s(ld, NULL, NULL); return 0; } if((rc = ldap_start_tls_s(ld, NULL, NULL)) != LDAP_SUCCESS) { fprintf(stderr, "ldap_start_tls_s(): %s\n", ldap_err2string(rc)); ldap_unbind_ext_s(ld, NULL, NULL); return 0; } // anonymous bind rc = ldap_sasl_bind_s(ld, "", LDAP_SASL_SIMPLE, &cred, NULL, NULL, &servercredp); if(rc != LDAP_SUCCESS) { fprintf(stderr, "LDAP bind error: %s\n", ldap_err2string(rc)); ldap_unbind_ext_s(ld, NULL, NULL); return 0; } /* perform ldap search */ rc = ldap_search_ext_s(ld, SEARCHBASE, SCOPE, FILTER, (char **) attribs, 0, NULL, NULL, NULL, 500, &result); if(rc != LDAP_SUCCESS) { fprintf(stderr, "LDAP search error: %s\n", ldap_err2string(rc)); ldap_unbind_ext_s(ld, NULL, NULL); return 0; } char buffer[1024]; buffer[0] = '\0'; for(e = ldap_first_entry(ld, result); e != NULL; e = ldap_next_entry(ld, e)) { for(attribute = ldap_first_attribute(ld, e, &ber); attribute != NULL; attribute = ldap_next_attribute(ld, e, ber)) { if((vals = ldap_get_values_len(ld, e, attribute)) != NULL) { for(i = 0; i < ldap_count_values_len(vals); i++) { if(strcmp(attribute, "uid") == 0 && strcmp(vals[i]->bv_val, user) == 0) { strncpy(buffer, ldap_get_dn(ld, e), 1023); } } ldap_value_free_len(vals); } // free memory used to store the attribute ldap_memfree(attribute); } // free memory used to store the value structure if(ber != NULL) { ber_free(ber, 0); } } /* free memory used for result */ ldap_msgfree(result); printf("LDAP search suceeded\n"); ldap_unbind_ext_s(ld, NULL, NULL); if(strlen(buffer) == 0) { return 0; } return ldapTryLoginIntern(buffer, password); }