+++ /dev/null
-// -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
-// vim: ts=8 sw=2 smarttab
-
-#ifndef RGW_LDAP_H
-#define RGW_LDAP_H
-
-#include "acconfig.h"
-
-#if defined(HAVE_OPENLDAP)
-#define LDAP_DEPRECATED 1
-#include "ldap.h"
-#endif
-
-#include <stdint.h>
-#include <tuple>
-#include <vector>
-#include <string>
-#include <iostream>
-#include <mutex>
-
-namespace rgw {
-
-#if defined(HAVE_OPENLDAP)
-
- class LDAPHelper
- {
- std::string uri;
- std::string binddn;
- std::string bindpw;
- std::string searchdn;
- std::string searchfilter;
- std::string dnattr;
- LDAP *ldap;
- bool msad = false; /* TODO: possible future specialization */
- std::mutex mtx;
-
- public:
- using lock_guard = std::lock_guard<std::mutex>;
-
- LDAPHelper(std::string _uri, std::string _binddn, std::string _bindpw,
- std::string _searchdn, std::string _searchfilter, std::string _dnattr)
- : uri(std::move(_uri)), binddn(std::move(_binddn)),
- bindpw(std::move(_bindpw)), searchdn(_searchdn), searchfilter(_searchfilter), dnattr(_dnattr),
- ldap(nullptr) {
- // nothing
- }
-
- int init() {
- int ret;
- ret = ldap_initialize(&ldap, uri.c_str());
- if (ret == LDAP_SUCCESS) {
- unsigned long ldap_ver = LDAP_VERSION3;
- ret = ldap_set_option(ldap, LDAP_OPT_PROTOCOL_VERSION,
- (void*) &ldap_ver);
- }
- if (ret == LDAP_SUCCESS) {
- ret = ldap_set_option(ldap, LDAP_OPT_REFERRALS, LDAP_OPT_OFF);
- }
- return (ret == LDAP_SUCCESS) ? ret : -EINVAL;
- }
-
- int bind() {
- int ret;
- ret = ldap_simple_bind_s(ldap, binddn.c_str(), bindpw.c_str());
- return (ret == LDAP_SUCCESS) ? ret : -EINVAL;
- }
-
- int rebind() {
- if (ldap) {
- (void) ldap_unbind(ldap);
- (void) init();
- return bind();
- }
- return -EINVAL;
- }
-
- int simple_bind(const char *dn, const std::string& pwd) {
- LDAP* tldap;
- int ret = ldap_initialize(&tldap, uri.c_str());
- if (ret == LDAP_SUCCESS) {
- unsigned long ldap_ver = LDAP_VERSION3;
- ret = ldap_set_option(tldap, LDAP_OPT_PROTOCOL_VERSION,
- (void*) &ldap_ver);
- if (ret == LDAP_SUCCESS) {
- ret = ldap_simple_bind_s(tldap, dn, pwd.c_str());
- if (ret == LDAP_SUCCESS) {
- (void) ldap_unbind(tldap);
- }
- }
- }
- return ret; // OpenLDAP client error space
- }
-
- int auth(const std::string uid, const std::string pwd);
-
- ~LDAPHelper() {
- if (ldap)
- (void) ldap_unbind(ldap);
- }
-
- }; /* LDAPHelper */
-
-#else
-
- class LDAPHelper
- {
- public:
- LDAPHelper(std::string _uri, std::string _binddn, std::string _bindpw,
- std::string _searchdn, std::string _searchfilter, std::string _dnattr)
- {}
-
- int init() {
- return -ENOTSUP;
- }
-
- int bind() {
- return -ENOTSUP;
- }
-
- int auth(const std::string uid, const std::string pwd) {
- return -EACCES;
- }
-
- ~LDAPHelper() {}
-
- }; /* LDAPHelper */
-
-
-#endif /* HAVE_OPENLDAP */
-
-} /* namespace rgw */
-
-#include "common/ceph_context.h"
-#include "common/common_init.h"
-#include "common/dout.h"
-#include "common/safe_io.h"
-#include <boost/algorithm/string.hpp>
-
-#include "include/assert.h"
-
-std::string parse_rgw_ldap_bindpw(CephContext* ctx);
-
-#endif /* RGW_LDAP_H */