sasl.c File Reference

#include <freeradius-devel/ldap/base.h>
#include <freeradius-devel/util/debug.h>
#include <sasl/sasl.h>

Include dependency graph for sasl.c:

Go to the source code of this file.

Functions
static void	_ldap_sasl_bind_io_error (UNUSED fr_event_list_t *el, UNUSED int fd, UNUSED int flags, UNUSED int fd_errno, void *uctx)
	Error reading from or writing to the file descriptor.
static void	_ldap_sasl_bind_io_read (fr_event_list_t *el, int fd, UNUSED int flags, void *uctx)
	Parse a sasl bind response from a server.
static USES_APPLE_DEPRECATED_API void	_ldap_sasl_bind_io_write (fr_event_list_t *el, int fd, UNUSED int flags, void *uctx)
	Progress an interactive SASL bind.
static int	_sasl_ctx_free (fr_ldap_sasl_ctx_t *sasl_ctx)
	Ensure any outstanding messages are freed.
static int	_sasl_interact (UNUSED LDAP *handle, UNUSED unsigned flags, void *uctx, void *sasl_callbacks)
	Callback for fr_ldap_sasl_interactive_bind.
int	fr_ldap_sasl_bind_async (fr_ldap_connection_t *c, char const *mechs, char const *identity, char const *password, char const *proxy, char const *realm, LDAPControl **serverctrls, LDAPControl **clientctrls)
	Install I/O handlers for the bind operation.
unlang_action_t	fr_ldap_sasl_bind_auth_async (request_t *request, fr_ldap_thread_t *thread, char const *mechs, char const *identity, char const *password, char const *proxy, char const *realm)
	Initiate an async SASL LDAP bind for authentication.
int	fr_ldap_sasl_bind_auth_send (fr_ldap_sasl_ctx_t *sasl_ctx, int *msgid, fr_ldap_connection_t *ldap_conn)
	Send a SASL LDAP auth bind.
static void	ldap_async_sasl_bind_auth_cancel (request_t *request, UNUSED fr_signal_t action, void *uctx)
	Signal an outstanding SASL LDAP bind to cancel.
static unlang_action_t	ldap_async_sasl_bind_auth_results (rlm_rcode_t *p_result, UNUSED int *priority, request_t *request, void *uctx)
	Handle the return code from parsed LDAP results to set the module rcode.
static unlang_action_t	ldap_async_sasl_bind_auth_start (UNUSED rlm_rcode_t *p_result, UNUSED int *priority, UNUSED request_t *request, UNUSED void *uctx)
	Yield interpreter after enqueueing sasl auth bind.

Function Documentation

_ldap_sasl_bind_io_error()

static void _ldap_sasl_bind_io_error ( UNUSED fr_event_list_t *  el, UNUSED int  fd, UNUSED int  flags, UNUSED int  fd_errno, void *  uctx  )

static

Error reading from or writing to the file descriptor.

Parameters

[in]	el	the event occurred in.
[in]	fd	the event occurred on.
[in]	flags	from kevent.
[in]	fd_errno	The error that occurred.
[in]	uctx	Connection config and handle.

Definition at line 42 of file sasl.c.

Here is the call graph for this function:

Here is the caller graph for this function:

_ldap_sasl_bind_io_read()

static void _ldap_sasl_bind_io_read ( fr_event_list_t *  el, int  fd, UNUSED int  flags, void *  uctx  )

static

Parse a sasl bind response from a server.

Parameters

[in]	el	the event occurred in.
[in]	fd	the event occurred on.
[in]	flags	from kevent.
[in]	uctx	bind_ctx containing credentials, and connection config/handle.

Definition at line 122 of file sasl.c.

Here is the call graph for this function:

Here is the caller graph for this function:

_ldap_sasl_bind_io_write()

static void _ldap_sasl_bind_io_write ( fr_event_list_t *  el, int  fd, UNUSED int  flags, void *  uctx  )

static

Progress an interactive SASL bind.

Parameters

[in]	el	the event occurred in.
[in]	fd	the event occurred on.
[in]	flags	from kevent.
[in]	uctx	Connection config and handle.

Definition at line 200 of file sasl.c.

Here is the call graph for this function:

Here is the caller graph for this function:

_sasl_ctx_free()

static int _sasl_ctx_free ( fr_ldap_sasl_ctx_t *  sasl_ctx )

static

Ensure any outstanding messages are freed.

Parameters

[in]

sasl_ctx

to free.

Returns

0;

Definition at line 287 of file sasl.c.

Here is the caller graph for this function:

_sasl_interact()

static int _sasl_interact ( UNUSED LDAP *  handle, UNUSED unsigned  flags, void *  uctx, void *  sasl_callbacks  )

static

Callback for fr_ldap_sasl_interactive_bind.

Parameters

[in]	handle	used for the SASL bind.
[in]	flags	data as provided to fr_ldap_sasl_interactive_bind.
[in]	uctx	Our context data, containing the identity, password, realm and various other things.
[in]	sasl_callbacks	Array of challenges to provide responses for.

Returns

SASL_OK.

Definition at line 60 of file sasl.c.

Here is the caller graph for this function:

fr_ldap_sasl_bind_async()

int fr_ldap_sasl_bind_async	(	fr_ldap_connection_t *	c,
		char const *	mechs,
		char const *	identity,
		char const *	password,
		char const *	proxy,
		char const *	realm,
		LDAPControl **	serverctrls,
		LDAPControl **	clientctrls
	)

Install I/O handlers for the bind operation.

Parameters

[in]	c	connection to StartTLS on.
[in]	mechs	Space delimited list of sasl mechs to try.
[in]	identity	SASL identity to bind with.
[in]	password	Password credential to pass to SASL.
[in]	proxy	identity. May be NULL.
[in]	realm	SASL realm.
[in]	serverctrls	Extra controls to pass to the server.
[in]	clientctrls	Extra controls to pass to libldap.

Returns

• 0 on success.
• -1 on failure.

Definition at line 308 of file sasl.c.

Here is the call graph for this function:

Here is the caller graph for this function:

fr_ldap_sasl_bind_auth_async()

unlang_action_t fr_ldap_sasl_bind_auth_async	(	request_t *	request,
		fr_ldap_thread_t *	thread,
		char const *	mechs,
		char const *	identity,
		char const *	password,
		char const *	proxy,
		char const *	realm
	)

Initiate an async SASL LDAP bind for authentication.

Parameters

[in]	request	this bind relates to.
[in]	thread	whose connection the bind should be performed on.
[in]	mechs	SASL mechanisms to use.
[in]	identity	Identity to bind with.
[in]	password	Password to bind with.
[in]	proxy	Identity to proxy.
[in]	realm	SASL realm if applicable.

Returns

• 0 on success.
• -1 on failure.

Definition at line 504 of file sasl.c.

Here is the call graph for this function:

Here is the caller graph for this function:

fr_ldap_sasl_bind_auth_send()

int fr_ldap_sasl_bind_auth_send	(	fr_ldap_sasl_ctx_t *	sasl_ctx,
		int *	msgid,
		fr_ldap_connection_t *	ldap_conn
	)

Send a SASL LDAP auth bind.

Shares the same callback as SASL admin binds

Parameters

[in]	sasl_ctx	containing SASL parameters / state for the bind.
[out]	msgid	where to write the LDAP message ID.
[in]	ldap_conn	on which the message should be sent.

Definition at line 367 of file sasl.c.

Here is the call graph for this function:

Here is the caller graph for this function:

ldap_async_sasl_bind_auth_cancel()

static void ldap_async_sasl_bind_auth_cancel ( request_t *  request, UNUSED fr_signal_t  action, void *  uctx  )

static

Signal an outstanding SASL LDAP bind to cancel.

Parameters

[in]	request	being processed. Unused.
[in]	action	Signal to handle.
[in]	uctx	bind auth ctx.

Definition at line 391 of file sasl.c.

Here is the call graph for this function:

Here is the caller graph for this function:

ldap_async_sasl_bind_auth_results()

static unlang_action_t ldap_async_sasl_bind_auth_results ( rlm_rcode_t *  p_result, UNUSED int *  priority, request_t *  request, void *  uctx  )

static

Handle the return code from parsed LDAP results to set the module rcode.

Parameters

[out]	p_result	Where to write return code.
[in]	priority	Unused.
[in]	request	being processed.
[in]	uctx	bind auth ctx.

Returns

unlang action.

Definition at line 408 of file sasl.c.

Here is the call graph for this function:

Here is the caller graph for this function:

ldap_async_sasl_bind_auth_start()

static unlang_action_t ldap_async_sasl_bind_auth_start ( UNUSED rlm_rcode_t *  p_result, UNUSED int *  priority, UNUSED request_t *  request, UNUSED void *  uctx  )

static

Yield interpreter after enqueueing sasl auth bind.

Definition at line 379 of file sasl.c.

Here is the caller graph for this function: