Permalink
Browse files

Merge branch 'pu'

  • Loading branch information...
2 parents 4dca6f9 + d823a03 commit 8f5c102295dbe903f47d79fd64714b7de17026ec @gebi committed Nov 19, 2015
View
@@ -51,7 +51,7 @@ case "$target_os" in
;;
linux*)
AC_DEFINE(LINUX,,LINUX)
- LD_SHARED="ld -shared"
+ LD_SHARED="$CC -shared"
;;
*bsd*)
AC_DEFINE(BSD,,BSD)
View
@@ -12,7 +12,7 @@
approxMatch/2,search/2,substrings/2,present/1,
'and'/1,'or'/1,'not'/1,modify/3, mod_add/2, mod_delete/2,
mod_replace/2, add/3, delete/2, modify_dn/5,parse_dn/1,
- parse_ldap_url/1]).
+ parse_ldap_url/1,sasl_bind/1,sasl_bind/2]).
-import(lists,[concat/1]).
@@ -22,6 +22,7 @@
-define(LDAP_VERSION, 3).
-define(LDAP_PORT, 389).
-define(LDAPS_PORT, 636).
+-define(LDAP_SERVICE, "ldap").
-record(eldap, {version = ?LDAP_VERSION,
host, % Host running LDAP server
@@ -36,6 +37,11 @@
use_tls = false % LDAP/LDAPS
}).
+-record(sasl_props, {
+ mechanism, % SASL mechanism (GSSAPI)
+ esasl % esasl reference
+ }).
+
%%% For debug purposes
%%-define(PRINT(S, A), io:fwrite("~w(~w): " ++ S, [?MODULE,?LINE|A])).
-define(PRINT(S, A), true).
@@ -95,6 +101,34 @@ simple_bind(Handle, Dn, Passwd) when pid(Handle) ->
send(Handle, {simple_bind, Dn, Passwd}),
recv(Handle).
+%%% --------------------------------------------------------------------
+%%% sasl_bind(Handle [,Opts] )
+%%% --------------------
+%%% Authenticate ourselves to the Directory
+%%% using SASL authentication.
+%%%
+%%% Valid Opts are: Where:
+%%%
+%%% {mech, Mech} - Mech is the SASL mechanism (default "GSSAPI").
+%%% {authid, Authid} - Authid is the authentication ID (default "").
+%%% {authid, Authzid} - Authzid is the authorization ID (default "").
+%%% {realm, Realm} - Realm is the realm of authentication ID
+%%% (default "")
+%%%
+%%% Returns: ok | {error, Error}
+%%% --------------------------------------------------------------------
+sasl_bind(Handle) when pid(Handle) ->
+ sasl_bind(Handle, []).
+
+sasl_bind(Handle, Options) when pid(Handle) ->
+ Defaults = [{mech, "GSSAPI"},
+ {authid, ""},
+ {authzid, ""},
+ {realm, ""}],
+ Options1 = lists:keymerge(1, Options, Defaults),
+ send(Handle, {sasl_bind, Options1}),
+ recv(Handle).
+
%%% --------------------------------------------------------------------
%%% Add an entry. The entry field MUST NOT exist for the AddRequest
%%% to succeed. The parent of the entry MUST exist.
@@ -326,7 +360,7 @@ parse_args([{port, Port}|T], Cpid, Data) when integer(Port) ->
parse_args([{timeout, Timeout}|T], Cpid, Data) when integer(Timeout),Timeout>0 ->
parse_args(T, Cpid, Data#eldap{timeout = Timeout});
parse_args([{anon_auth, true}|T], Cpid, Data) ->
- parse_args(T, Cpid, Data#eldap{anon_auth = false});
+ parse_args(T, Cpid, Data#eldap{anon_auth = true});
parse_args([{anon_auth, _}|T], Cpid, Data) ->
parse_args(T, Cpid, Data);
parse_args([{ssl, true}|T], Cpid, Data) ->
@@ -402,6 +436,11 @@ loop(Cpid, Data) ->
send(From,Res),
loop(Cpid, NewData);
+ {From, {sasl_bind, Options}} ->
+ {Res,NewData} = do_sasl_bind(Data, Options),
+ send(From,Res),
+ loop(Cpid, NewData);
+
{From, {cnt_proc, NewCpid}} ->
unlink(Cpid),
send(From,ok),
@@ -469,6 +508,84 @@ exec_simple_bind_reply(Data, {ok,Msg}) when
exec_simple_bind_reply(_, Error) ->
{error, Error}.
+do_sasl_bind(Data, Options) ->
+ case catch do_the_sasl_bind(Data, Options) of
+ {ok,NewData} -> {ok,NewData};
+ {error,Emsg} -> {{error,Emsg},Data};
+ Else -> {{error,Else},Data}
+ end.
+
+do_the_sasl_bind(Data, Options1) ->
+ Host = Data#eldap.host,
+
+ {value, {mech, Mech}} = lists:keysearch(mech, 1, Options1),
+ Ccname =
+ case lists:keysearch(ccname, 1, Options1) of
+ {value, {ccname, Ccname1}} ->
+ Ccname1;
+ _ ->
+ ""
+ end,
+
+ {ok, Pid} = esasl:start_link("", Ccname),
+ {ok, Ref} = esasl:client_start(Pid, Mech, ?LDAP_SERVICE, Host),
+ Set_prop = fun(E) ->
+ {value, {E, Value}} = lists:keysearch(E, 1, Options1),
+ esasl:property_set(Ref, E, Value)
+ end,
+
+ lists:foreach(Set_prop, [authid, authzid, realm]),
+
+ Sasl = #sasl_props{mechanism=Mech,
+ esasl=Ref},
+ Res = exec_sasl_bind(Data, Sasl),
+ esasl:finish(Ref),
+ esasl:stop(Pid),
+ Res.
+
+exec_sasl_bind(Data, Sasl) ->
+ exec_sasl_bind(Data, Sasl, <<>>).
+
+exec_sasl_bind(Data, Sasl, Input) ->
+ Ref = Sasl#sasl_props.esasl,
+
+ case esasl:step(Ref, Input) of
+ {error, Reason} ->
+ {error, Reason};
+ {ok, Rsp} ->
+ send_sasl_bind(Data, Sasl, Rsp);
+ {needsmore, Rsp} ->
+ send_sasl_bind(Data, Sasl, Rsp)
+ end.
+
+send_sasl_bind(Data, Sasl, Rsp) ->
+ Mechanism = Sasl#sasl_props.mechanism,
+ Creds = #'SaslCredentials'{mechanism = Mechanism,
+ credentials = binary_to_list(Rsp)},
+ Req = #'BindRequest'{version = Data#eldap.version,
+ name = Data#eldap.binddn,
+ authentication = {sasl, Creds}},
+ log2(Data, "bind request = ~p~n", [Req]),
+ Reply = request(Data#eldap.fd, Data, Data#eldap.id, {bindRequest, Req}),
+ log2(Data, "bind reply = ~p~n", [Reply]),
+ exec_sasl_bind_reply(Data, Sasl, Reply).
+
+exec_sasl_bind_reply(Data, Sasl, {ok,Msg}) when
+ Msg#'LDAPMessage'.messageID == Data#eldap.id ->
+ case Msg#'LDAPMessage'.protocolOp of
+ {bindResponse, Result} ->
+ case Result#'BindResponse'.resultCode of
+ success -> {ok,Data};
+ saslBindInProgress ->
+ Rsp = Result#'BindResponse'.serverSaslCreds,
+ exec_sasl_bind(Data, Sasl, list_to_binary(Rsp));
+ Error -> {error, Error}
+ end;
+ Other -> {error, Other}
+ end;
+exec_sasl_bind_reply(_, _, Error) ->
+ {error, Error}.
+
%%% --------------------------------------------------------------------
%%% searchRequest
@@ -110,7 +110,7 @@ int fd_listen_path(ErlDrvPort port, char* path)
int fd_accept_path(ErlDrvPort port, int s, char* path)
{
int c;
- int len = 0;
+ unsigned len = 0;
/* Need to make this non blocking .. */
@@ -46,7 +46,7 @@ extern int errno;
*/
static void report_error(msg)
- char *msg;
+ const char *msg;
{
unsigned char c;
@@ -7,11 +7,8 @@ TUNCTL = ../priv/tunctl
all: $(TUN_DRV_SO) $(TUNCTL)
-$(TUN_DRV_SO): tun_drv.o
- ld -G -o $@ $<
-
-tun_drv.o: tun_drv.c
- $(CC) $(CFLAGS) -o $@ -c -fpic $(ERL_INCLUDE) $<
+$(TUN_DRV_SO): tun_drv.c
+ $(CC) $(CFLAGS) -o $@ -shared -fpic $(ERL_INCLUDE) $<
$(TUNCTL): tunctl.c
$(CC) $(CFLAGS) -o $@ $<
@@ -14,6 +14,7 @@
#include <net/if.h>
#include <sys/ioctl.h>
#include <assert.h>
+#include <string.h>
#include <linux/if_tun.h>
View
@@ -3,6 +3,6 @@
{vsn,"0.3"},
{id,""},
{modules,[ucs,ucs_app,ucs_data,ucs_data_build]},
- {applications, []},
+ {applications, [kernel, stdlib]},
{mod, {ucs_app, []}}
]}.
@@ -16,33 +16,60 @@ null(void)
printf("Hello, world! This is null()\r\n");
}
+#define IS_SERVER 1
+#define IS_ABSTRACT 2
+#define IS_NULLTERM 4
+
int
-my_open(char *path, int is_server)
+my_open(char *path, int flags)
{
struct stat sb;
struct sockaddr_un sin;
+ size_t sin_len;
int s;
int res;
+ int is_server = !!(flags & IS_SERVER);
+ int is_abstract = !!(flags & IS_ABSTRACT);
+ int is_nullterm = !!(flags & IS_NULLTERM);
/* Race condition exists, but is better than nothing */
- if (is_server && stat(path, &sb) == 0) {
+ if (is_server && !is_abstract && stat(path, &sb) == 0) {
errno = EEXIST;
return -1;
}
if ((s = socket(PF_LOCAL, SOCK_STREAM, 0)) < 0) {
return -1;
}
+ memset(&sin, 0, sizeof(sin));
sin.sun_family = AF_UNIX;
- strcpy(sin.sun_path, path);
+ /* Path to abstract unix domain contains \0 in first position. */
+ /* TODO abstract path doesn't need to be null terminated! */
+ if (is_abstract) {
+ sin.sun_path[0] = '\0';
+ strncpy(sin.sun_path+1, path, sizeof(sin.sun_path)-1);
+ } else {
+ strncpy(sin.sun_path, path, sizeof(sin.sun_path));
+ }
+
+ if (is_nullterm) {
+ if (is_abstract)
+ sin_len = sizeof(sin) - sizeof(sin.sun_path)
+ + strlen(sin.sun_path+1) + 1;
+ else
+ sin_len = sizeof(sin) - sizeof(sin.sun_path)
+ + strlen(sin.sun_path);
+ } else
+ sin_len = sizeof(sin);
+
#if defined(SUN_LEN) && (! (defined(solaris) || defined(linux)))
sin.sun_len = SUN_LEN(&sin);
#endif /* SUN_LEN */
if (is_server) {
- res = bind(s, (struct sockaddr *) &sin, sizeof(sin));
+ res = bind(s, (struct sockaddr *) &sin, sin_len);
} else {
- res = connect(s, (struct sockaddr *) &sin, sizeof(sin));
+ res = connect(s, (struct sockaddr *) &sin, sin_len);
}
if (res < 0) {
return -1;
View
@@ -4,7 +4,7 @@
## C
CC := @CC@
-CFLAGS := @CFLAGS@ @DEFS@
+CFLAGS := @CFLAGS@ @DEFS@ -I@abs_top_srcdir@/../support
LD_SHARED := @LD_SHARED@
SLANG_INCLUDE := @SLANG_INCLUDE@

0 comments on commit 8f5c102

Please sign in to comment.