| commit | 72029d5547766787afb0a76c3959d1820388e28e | |
| author | Alexander Bokovoy <ab@samba.org> | |
| Thu, 24 May 2012 12:38:41 +0000 (24 15:38 +0300) | ||
| committer | Alexander Bokovoy <ab@samba.org> | |
| Thu, 24 May 2012 14:21:26 +0000 (24 16:21 +0200) | ||
| tree | 5159b88c04e705bef3565dcb787b8bfaba22a8fd | treesnapshot (tar.gz zip) |
| parent | 838435ab30c03e5db7eb1e80f486528231dffdfc | commitdiff |
s3-smbldap: Add API for external callback to perform LDAP bind in smbldap
In order to support other bind methods, introduce a generic bind callback.
When smbldap_state.bind_callback is set, it means there is an alternative
way to perform LDAP bind to ldap_simple_bind_s() so call it instead.
The call is wrapped in become_root()/unbecome_root() to allow proper permissions
in smbd to access needed resources in the callback, for example, credential caches.
When run outside smbd, become_root()/unbecome_root() are no-op.
The API expectation is similar to ldap_simple_bind_s().
A caller of smbldap API can pass additional information to the callback by setting
smbldap_state.bind_callback_data pointer.
Both callback and the data pointer elements of smbldap_state structure get
cleaned up if someone sets proper credentials on smbldap_state with
smbldap_set_creds() so if you are interested in using smbldap_state.bind_dn
with the callback, make sure to set callback after credentials are set.
In order to support other bind methods, introduce a generic bind callback.
When smbldap_state.bind_callback is set, it means there is an alternative
way to perform LDAP bind to ldap_simple_bind_s() so call it instead.
The call is wrapped in become_root()/unbecome_root() to allow proper permissions
in smbd to access needed resources in the callback, for example, credential caches.
When run outside smbd, become_root()/unbecome_root() are no-op.
The API expectation is similar to ldap_simple_bind_s().
A caller of smbldap API can pass additional information to the callback by setting
smbldap_state.bind_callback_data pointer.
Both callback and the data pointer elements of smbldap_state structure get
cleaned up if someone sets proper credentials on smbldap_state with
smbldap_set_creds() so if you are interested in using smbldap_state.bind_dn
with the callback, make sure to set callback after credentials are set.
| source3/include/smbldap.h | diffblobblamehistory | |
| source3/lib/smbldap.c | diffblobblamehistory |