1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
|
/** BEGIN COPYRIGHT BLOCK
* Copyright (C) 2001 Sun Microsystems, Inc. Used by permission.
* Copyright (C) 2005 Red Hat, Inc.
* All rights reserved.
* END COPYRIGHT BLOCK **/
#include <ctype.h> /* isspace */
#include <string.h>
#include <stdio.h> /* sprintf */
#include <stdlib.h> /* malloc */
#include <ldap.h>
#include <ldaputil/certmap.h>
#include <ldaputil/cert.h>
#include <ldaputil/errors.h>
#define BIG_LINE 1024
NSAPI_PUBLIC int ldapu_get_cert_subject_dn (void *cert_in, char **subjectDN)
{
char *cert = (char *)cert_in;
*subjectDN = strdup((char *)cert);
return *subjectDN ? LDAPU_SUCCESS : LDAPU_FAILED;
}
NSAPI_PUBLIC int ldapu_get_cert_issuer_dn (void *cert, char **issuerDN)
{
extern char *global_issuer_dn;
/* TEMPORARY -- not implemented yet*/
*issuerDN = global_issuer_dn ? strdup(global_issuer_dn) : 0;
return LDAPU_SUCCESS;
}
/* A stub to remove link errors -- ignore SSL */
LDAP *ldapssl_init (const char *host, int port, int secure)
{
LDAP *ld = 0;
if ((ld = ldap_init(host, port)) == NULL) {
fprintf(stderr, "ldap_init: Failed to initialize connection");
return(0);
}
return ld;
}
NSAPI_PUBLIC int ldapu_get_cert_ava_val (void *cert_in, int which_dn,
const char *attr, char ***val_out)
{
int rv;
char *cert_dn;
char **ptr;
char **val;
char *dnptr;
char attr_eq1[BIG_LINE];
char attr_eq2[BIG_LINE];
char *comma;
*val_out = 0;
if (which_dn == LDAPU_SUBJECT_DN)
rv = ldapu_get_cert_subject_dn(cert_in, &cert_dn);
else if (which_dn == LDAPU_ISSUER_DN)
rv = ldapu_get_cert_issuer_dn(cert_in, &cert_dn);
else
return LDAPU_ERR_INVALID_ARGUMENT;
if (rv != LDAPU_SUCCESS) return rv;
val = (char **)malloc(32*sizeof(char *));
if (!val) return LDAPU_ERR_OUT_OF_MEMORY;
ptr = val;
sprintf(attr_eq1, "%s =", attr);
sprintf(attr_eq2, "%s=", attr);
while(cert_dn &&
((dnptr = strstr(cert_dn, attr_eq1)) ||
(dnptr = strstr(cert_dn, attr_eq2))))
{
dnptr = strchr(dnptr, '=');
dnptr++;
while(isspace(*dnptr)) dnptr++;
comma = strchr(dnptr, ',');
if (comma) {
*ptr = (char *)malloc((comma-dnptr+1)*sizeof(char));
strncpy(*ptr, dnptr, (comma-dnptr));
(*ptr++)[comma-dnptr] = 0;
}
else {
*ptr++ = strdup(dnptr);
}
cert_dn = comma;
}
*ptr = 0;
*val_out = val;
return LDAPU_SUCCESS;
}
NSAPI_PUBLIC int ldapu_get_cert_der (void *cert_in, unsigned char **der,
unsigned int *len)
{
return LDAPU_FAILED;
}
|
