Home Explore Help
Register Sign In
isundil
/
mysql_ldap_auth
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Branch: master
Branches Tags
mysql_ldap_auth
/
mysql_plugin
/
ldapReader.cpp

ldapReader.cpp 2.5 KB
Permalink History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586 
  1. #include <iostream>
    2. 

  2. #include <sstream>
    3. 

  3. #include <ldap.h>
    4. 

  4. #include "ldapReader.h"
    5. 

  5. 

  6. LDAPReader::LDAPReader(const std::string& _uri, const std::string& _attribute,
    7. 

  7.         const std::string& _base, const std::string& _filter):
    8. 

  8.     uri(_uri), attribute(_attribute), baseDn(_base), filter(_filter)
    9. 

  9. {}
    10. 

  10. 

  11. LDAPReader::~LDAPReader()
    12. 

  12. {}
    13. 

  13. 

  14. LDAP* LDAPReader::InitConnection()
    15. 

  15. {
    16. 

  16.     LDAP* ldapHandler;
    17. 

  17.     int protoVersion = LDAP_VERSION3;
    18. 

  18. 

  19.     int err = ldap_initialize(&ldapHandler, uri.c_str());
    20. 

  20.     if (err != LDAP_SUCCESS)
    21. 

  21.     {
    22. 

  22.         std::cerr << "LDAP Initialize error: (" << err << ") " << ldap_err2string(err) << std::endl;
    23. 

  23.         return nullptr;
    24. 

  24.     }
    25. 

  25. 

  26.     err = ldap_set_option(ldapHandler, LDAP_OPT_PROTOCOL_VERSION, &protoVersion);
    27. 

  27.     if (err != LDAP_SUCCESS)
    28. 

  28.     {
    29. 

  29.         std::cerr << "LDAP Protocol error: (" << err << ") " << ldap_err2string(err) << std::endl;
    30. 

  30.         return nullptr;
    31. 

  31.     }
    32. 

  32. 

  33.     return ldapHandler;
    34. 

  34. }
    35. 

  35. 

  36. bool LDAPReader::CheckFilter(LDAP* ldapHandler, const std::string& queryBase)
    37. 

  37. {
    38. 

  38.     LDAPMessage* msg;
    39. 

  39.     struct timeval timeo;
    40. 

  40.     timeo.tv_sec = 5;
    41. 

  41.     timeo.tv_usec = 0;
    42. 

  42. 

  43.     char attrCstr[attribute.length()];
    44. 

  44.     strcpy(attrCstr, attribute.c_str());
    45. 

  45.     char* attrs[] = { attrCstr, nullptr };
    46. 

  46. 

  47.     int err = ldap_search_ext_s(ldapHandler, queryBase.c_str(), LDAP_SCOPE_BASE, filter.c_str(), attrs, false, nullptr, nullptr, &timeo, 1, &msg);
    48. 

  48.     if (err != LDAP_SUCCESS)
    49. 

  49.     {
    50. 

  50.         std::cerr << "LDAP Search Error: (" << err << ") " << ldap_err2string(err) << std::endl;
    51. 

  51.         return false;
    52. 

  52.     }
    53. 

  53.     if (!msg)
    54. 

  54.         return false;
    55. 

  55. 

  56.     bool result = nullptr != ldap_first_entry(ldapHandler, msg);
    57. 

  57.     ldap_msgfree(msg);
    58. 

  58.     return result;
    59. 

  59. }
    60. 

  60. 

  61. bool LDAPReader::Authenticate(const std::string& username, const std::string& password)
    62. 

  62. {
    63. 

  63.     LDAP* ldapHandler = InitConnection();
    64. 

  64.     if (!ldapHandler)
    65. 

  65.         return false;
    66. 

  66. 

  67.     std::stringstream bindDn;
    68. 

  68.     bindDn << attribute << "=" << username << "," << baseDn;
    69. 

  69. 

  70.     struct berval bindPw;
    71. 

  71.     char passwordCstr[password.length()];
    72. 

  72.     strcpy(passwordCstr, password.c_str());
    73. 

  73.     bindPw.bv_len = password.length();
    74. 

  74.     bindPw.bv_val = passwordCstr;
    75. 

  75. 

  76.     int err = ldap_sasl_bind_s(ldapHandler, bindDn.str().c_str(), LDAP_SASL_SIMPLE, &bindPw, nullptr, nullptr, nullptr);
    77. 

  77.     bool success = err == LDAP_SUCCESS;
    78. 

  78. 

  79.     if (!success)
    80. 

  80.         std::cerr << "LDAP Bind Error: (" << err << ") " << ldap_err2string(err) << std::endl;
    81. 

  81.     else if (!filter.empty())
    82. 

  82.         success &= CheckFilter(ldapHandler, bindDn.str());
    83. 

  83.     ldap_unbind_ext(ldapHandler, nullptr, nullptr);
    84. 

  84.     return success;
    85. 

  85. }
    86. 

  86.