1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
|
/**
* PROPRIETARY/CONFIDENTIAL. Use of this product is subject to
* license terms. Copyright © 2001 Sun Microsystems, Inc.
* Some preexisting portions Copyright © 2001 Netscape Communications Corp.
* All rights reserved.
*/
/*
* auth.c -- CGI authentication form generator -- HTTP gateway
*
* Copyright (c) 1996 Netscape Communications Corp.
* All rights reserved.
*/
#include "dsgw.h"
#include "dbtdsgw.h"
static void post_request();
static void get_request(char *binddn);
int main(
int argc,
char **argv
#ifdef DSGW_DEBUG
,char *env[]
#endif
) {
int reqmethod;
char *binddn = NULL;
char *qs = NULL;
if (( qs = getenv( "QUERY_STRING" )) != NULL && *qs != '\0' ) {
/* parse the query string: */
auto char *p, *iter = NULL;
qs = dsgw_ch_strdup( qs );
for ( p = ldap_utf8strtok_r( qs, "&", &iter ); p != NULL;
p = ldap_utf8strtok_r( NULL, "&", &iter )) {
/*Get the context.*/
if ( !strncasecmp( p, "context=", 8 )) {
context = dsgw_ch_strdup( p + 8 );
dsgw_form_unescape( context );
continue;
}
/*Get the dn*/
if ( !strncasecmp( p, "dn=", 3 )) {
binddn = dsgw_ch_strdup( p + 3 );
dsgw_form_unescape( binddn );
continue;
}
}
free( qs ); qs = NULL;
}
reqmethod = dsgw_init( argc, argv, DSGW_METHOD_POST | DSGW_METHOD_GET );
#ifdef DSGW_DEBUG
dsgw_logstringarray( "env", env );
#endif
if ( reqmethod == DSGW_METHOD_POST ) {
post_request();
} else {
get_request(binddn);
}
exit( 0 );
}
static void
get_request(char *binddn)
{
dsgw_send_header();
if ( binddn != NULL ) {
if ( !strcmp( binddn, MGRDNSTR )) {
if ( gc->gc_rootdn == NULL ) {
dsgw_error( DSGW_ERR_NO_MGRDN,
XP_GetClientStr (DBT_noDirMgrIsDefined_),
DSGW_ERROPT_EXIT, 0, NULL );
}
binddn = dsgw_ch_strdup( gc->gc_rootdn );
} else if ( *binddn == '\0' ) {
binddn = NULL;
} else {
binddn = dsgw_ch_strdup( binddn );
dsgw_form_unescape( binddn );
}
}
dsgw_emit_auth_form( binddn );
if ( binddn != NULL ) {
free( binddn );
}
}
static void
post_request()
{
char *binddn = NULL;
char *dorootbind = NULL;
dsgw_send_header();
/*
* If the "authasrootdn" CGI variable is present and has the value
* "true" then the user clicked on the "authenticate as directory
* manager" button. In that case, try to bind as the root dn given
* in the dsgw config file.
*/
dorootbind = dsgw_get_cgi_var( "authasrootdn", DSGW_CGIVAR_OPTIONAL );
if ( dorootbind != NULL && !strcasecmp( dorootbind, "true" )) {
binddn = dsgw_ch_strdup( gc->gc_rootdn );
} else {
binddn = dsgw_get_escaped_cgi_var( "escapedbinddn", "binddn",
DSGW_CGIVAR_OPTIONAL );
}
dsgw_emit_auth_form( binddn );
}
|
