kamp/RetroZilla
1
0
Fork 0
mirror of https://github.com/rn10950/RetroZilla.git synced 2024-11-11 02:10:17 +01:00
Code Issues Packages Projects Releases Wiki Activity
8444083c28
RetroZilla/directory/c-sdk/ldap/examples/ppolicy.c
Ryan Nematz 2f2ae146c0 first commit
2015-10-20 23:03:22 -04:00

226 lines
6.1 KiB
C
Raw Blame History

/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is Mozilla Communicator client code, released
* March 31, 1998.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1998-1999
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* Attempt to bind to the directory, and report back any password
* expiration information received.
*/
#include "examples.h"
#define NO_PASSWORD_CONTROLS 0
#define PASSWORD_EXPIRED -1
static void doUsage() {
printf( "Usage: ppolicy HOST PORT DN PASSWORD\n" );
}
static int
check_controls( LDAPControl **ctrls ) {
int i;
char buf[256];
int status = NO_PASSWORD_CONTROLS;
if ( ctrls == NULL ) {
return NO_PASSWORD_CONTROLS;
}
for ( i = 0; ctrls[ i ] != NULL; ++i ) {
memcpy( buf, ctrls[ i ]->ldctl_value.bv_val,
ctrls[ i ]->ldctl_value.bv_len );
buf[ctrls[ i ]->ldctl_value.bv_len] = 0;
if( !strcmp( LDAP_CONTROL_PWEXPIRED, ctrls[ i ]->ldctl_oid ) ) {
status = PASSWORD_EXPIRED;
} else if ( !strcmp( LDAP_CONTROL_PWEXPIRING,
ctrls[ i ]->ldctl_oid ) ) {
status = atoi( buf );
}
}
return status;
}
static void
process_other_errors( int lderr ) {
fprintf( stderr, "ldap_parse_result: %s",
ldap_err2string( lderr ));
if ( LDAP_CONNECT_ERROR == lderr ) {
perror( " - " );
} else {
fputc( '\n', stderr );
}
}
static void
process_other_messages( char *errmsg ) {
if ( errmsg != NULL ) {
if ( *errmsg != '\0' ) {
fprintf( stderr, "Additional info: %s\n",
errmsg );
}
ldap_memfree( errmsg );
}
}
int
main( int argc, char **argv ) {
LDAP *ld;
char *dn;
char *password;
char *host;
int port;
int rc = 0;
int version = LDAP_VERSION3;
int msgid;
LDAPMessage *result;
LDAPControl **ctrls;
int lderr;
int password_status = 0;
char *matcheddn, *errmsg, **refs;
if ( argc == 1 ) {
host = MY_HOST;
port = MY_PORT;
dn = USER_DN;
password = USER_PW;
} else if ( argc == 5 ) {
host = argv[1];
port = atoi( argv[2] );
dn = argv[3];
password = argv[4];
} else {
doUsage();
return( 1 );
}
/* get a handle to an LDAP connection */
if ( (ld = ldap_init( host, port )) == NULL ) {
perror( "ldap_init" );
return( 1 );
}
if (ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &version ) != 0) {
ldap_perror( ld, "ldap_set_option");
return ( 1 );
}
/* authenticate to the directory */
#ifdef SYNCHRONOUS_BIND
/* Synchronous bind */
ldap_simple_bind_s( ld, dn, password );
lderr = ldap_get_lderrno( ld, NULL, &errmsg );
if ( LDAP_SUCCESS == lderr ) {
printf( "Authentication successful\n" );
} else {
rc = -1;
if ( LDAP_INVALID_CREDENTIALS == lderr ) {
fprintf( stderr, "Invalid credentials\n" );
} else {
process_other_errors( lderr );
}
if ( errmsg != NULL ) {
if ( strstr( errmsg, "password expired" ) != NULL ) {
fprintf( stderr, "Password expired\n" );
} else {
fprintf( stderr, "Additional info: %s\n",
errmsg );
}
ldap_memfree( errmsg );
}
}
/* You can't get the controls with a synchronous bind, so we
can't report if the password is about to expire */
#else
/* Asynchronous bind */
if ( msgid = ldap_simple_bind( ld, dn, password ) < 0 ) {
ldap_perror( ld, "ldap_simple_bind" );
rc = -1;
} else {
rc = ldap_result( ld, LDAP_RES_ANY, LDAP_MSG_ONE,
(struct timeval *)NULL, &result );
if ( rc == LDAP_RES_BIND ) {
if ( ldap_parse_result( ld, result, &lderr, &matcheddn, &errmsg,
&refs, &ctrls, 0 ) != LDAP_SUCCESS ) {
ldap_perror( ld, "ldap_parse_result" );
} else {
if ( LDAP_SUCCESS == lderr ) {
printf( "Authentication successful\n" );
} else {
if ( LDAP_INVALID_CREDENTIALS == lderr ) {
fprintf( stderr, "Invalid credentials\n" );
} else {
process_other_errors( lderr );
}
if ( errmsg != NULL ) {
if ( strstr( errmsg, "password expired" ) != NULL ) {
fprintf( stderr, "Password expired\n" );
} else {
fprintf( stderr, "Additional info: %s\n",
errmsg );
}
ldap_memfree( errmsg );
}
}
password_status = check_controls( ctrls );
ldap_controls_free( ctrls );
if ( password_status == PASSWORD_EXPIRED ) {
fprintf( stderr,
"Password expired and must be reset\n" );
} else if ( password_status > 0 ) {
fprintf( stderr,
"Password will expire in %d seconds\n",
password_status );
}
rc = 0;
}
} else {
fprintf( stderr, "ldap_result returned %d\n", rc );
ldap_perror( ld, "ldap_result" );
rc = -1;
}
}
#endif
if ( LDAP_SUCCESS == lderr ) {
ldap_unbind( ld );
}
return rc;
}
Reference in New Issue View Git Blame Copy Permalink