[PATCH v3 2/4] adsldp: Bind to an LDAP server after connection.
Dmitry Timoshkov
dmitry at baikal.ru
Thu Mar 12 22:53:07 CDT 2020
v2: Fix test failures.
v3: actually fail on ADS_SECURE_AUTHENTICATION.
Signed-off-by: Dmitry Timoshkov <dmitry at baikal.ru>
---
dlls/adsldp/Makefile.in | 3 +-
dlls/adsldp/adsldp.c | 29 ++++++++++--
dlls/adsldp/adsldp_private.h | 24 ++++++++++
dlls/adsldp/ldap.c | 91 ++++++++++++++++++++++++++++++++++++
dlls/adsldp/tests/ldap.c | 31 +++++++++---
5 files changed, 166 insertions(+), 12 deletions(-)
create mode 100644 dlls/adsldp/adsldp_private.h
create mode 100644 dlls/adsldp/ldap.c
diff --git a/dlls/adsldp/Makefile.in b/dlls/adsldp/Makefile.in
index e9c87e68f1..3e5a5e310e 100644
--- a/dlls/adsldp/Makefile.in
+++ b/dlls/adsldp/Makefile.in
@@ -5,7 +5,8 @@ DELAYIMPORTS = netapi32 wldap32
EXTRADLLFLAGS = -mno-cygwin
C_SRCS = \
- adsldp.c
+ adsldp.c \
+ ldap.c
IDL_SRCS = \
adsldp.idl
diff --git a/dlls/adsldp/adsldp.c b/dlls/adsldp/adsldp.c
index 30bd1672f6..bc4e9780b0 100644
--- a/dlls/adsldp/adsldp.c
+++ b/dlls/adsldp/adsldp.c
@@ -36,6 +36,8 @@
#include "lmapibuf.h"
#include "winldap.h"
+#include "adsldp_private.h"
+
#include "wine/heap.h"
#include "wine/debug.h"
@@ -700,7 +702,7 @@ static HRESULT parse_path(WCHAR *path, BSTR *host, ULONG *port, BSTR *object)
}
static HRESULT WINAPI openobj_OpenDSObject(IADsOpenDSObject *iface, BSTR path, BSTR user, BSTR password,
- LONG reserved, IDispatch **obj)
+ LONG flags, IDispatch **obj)
{
BSTR host, object;
ULONG port;
@@ -709,7 +711,7 @@ static HRESULT WINAPI openobj_OpenDSObject(IADsOpenDSObject *iface, BSTR path, B
HRESULT hr;
ULONG err;
- FIXME("%p,%s,%s,%08x,%p: semi-stub\n", iface, debugstr_w(path), debugstr_w(user), reserved, obj);
+ FIXME("%p,%s,%s,%p,%08x,%p: semi-stub\n", iface, debugstr_w(path), debugstr_w(user), password, flags, obj);
hr = parse_path(path, &host, &port, &object);
if (hr != S_OK) return hr;
@@ -760,7 +762,7 @@ static HRESULT WINAPI openobj_OpenDSObject(IADsOpenDSObject *iface, BSTR path, B
err = ldap_set_optionW(ld, LDAP_OPT_PROTOCOL_VERSION, &version);
if (err != LDAP_SUCCESS)
{
- hr = HRESULT_FROM_WIN32(err);
+ hr = HRESULT_FROM_WIN32(map_ldap_error(err));
ldap_unbind(ld);
goto fail;
}
@@ -768,10 +770,29 @@ static HRESULT WINAPI openobj_OpenDSObject(IADsOpenDSObject *iface, BSTR path, B
err = ldap_connect(ld, NULL);
if (err != LDAP_SUCCESS)
{
- hr = HRESULT_FROM_WIN32(err);
+ hr = HRESULT_FROM_WIN32(map_ldap_error(err));
+ ldap_unbind(ld);
+ goto fail;
+ }
+
+ if (flags & ADS_SECURE_AUTHENTICATION)
+ {
+ FIXME("ADS_SECURE_AUTHENTICATION is not supported\n");
+ hr = ERROR_DS_AUTH_METHOD_NOT_SUPPORTED;
ldap_unbind(ld);
goto fail;
}
+ else
+ {
+ err = ldap_simple_bind_sW(ld, user, password);
+ if (err != LDAP_SUCCESS)
+ {
+ TRACE("ldap_simple_bind_sW error %#x\n", err);
+ hr = HRESULT_FROM_WIN32(map_ldap_error(err));
+ ldap_unbind(ld);
+ goto fail;
+ }
+ }
}
hr = LDAPNamespace_create(&IID_IADs, (void **)&ads);
diff --git a/dlls/adsldp/adsldp_private.h b/dlls/adsldp/adsldp_private.h
new file mode 100644
index 0000000000..8748d0496d
--- /dev/null
+++ b/dlls/adsldp/adsldp_private.h
@@ -0,0 +1,24 @@
+/*
+ * Copyright 2020 Dmitry Timoshkov
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifndef _ADSLDP_PRIVATE_H
+#define _ADSLDP_PRIVATE_H
+
+DWORD map_ldap_error(DWORD) DECLSPEC_HIDDEN;
+
+#endif
diff --git a/dlls/adsldp/ldap.c b/dlls/adsldp/ldap.c
new file mode 100644
index 0000000000..c23f46267e
--- /dev/null
+++ b/dlls/adsldp/ldap.c
@@ -0,0 +1,91 @@
+/*
+ * Copyright 2020 Dmitry Timoshkov
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#include <stdarg.h>
+
+#include "windef.h"
+#include "winbase.h"
+#include "winerror.h"
+#include "winldap.h"
+
+DWORD map_ldap_error(DWORD err)
+{
+ switch (err)
+ {
+ case LDAP_SUCCESS: return ERROR_SUCCESS;
+ case LDAP_OPERATIONS_ERROR: return ERROR_DS_OPERATIONS_ERROR;
+ case LDAP_PROTOCOL_ERROR: return ERROR_DS_PROTOCOL_ERROR;
+ case LDAP_TIMELIMIT_EXCEEDED: return ERROR_DS_TIMELIMIT_EXCEEDED;
+ case LDAP_SIZELIMIT_EXCEEDED: return ERROR_DS_SIZELIMIT_EXCEEDED;
+ case LDAP_COMPARE_FALSE: return ERROR_DS_COMPARE_FALSE;
+ case LDAP_COMPARE_TRUE: return ERROR_DS_COMPARE_TRUE;
+ case LDAP_AUTH_METHOD_NOT_SUPPORTED: return ERROR_DS_AUTH_METHOD_NOT_SUPPORTED;
+ case LDAP_STRONG_AUTH_REQUIRED: return ERROR_DS_STRONG_AUTH_REQUIRED;
+ case LDAP_REFERRAL_V2: return ERROR_DS_REFERRAL;
+ case LDAP_REFERRAL: return ERROR_DS_REFERRAL;
+ case LDAP_ADMIN_LIMIT_EXCEEDED: return ERROR_DS_ADMIN_LIMIT_EXCEEDED;
+ case LDAP_UNAVAILABLE_CRIT_EXTENSION: return ERROR_DS_UNAVAILABLE_CRIT_EXTENSION;
+ case LDAP_CONFIDENTIALITY_REQUIRED: return ERROR_DS_CONFIDENTIALITY_REQUIRED;
+ case LDAP_NO_SUCH_ATTRIBUTE: return ERROR_DS_NO_ATTRIBUTE_OR_VALUE;
+ case LDAP_UNDEFINED_TYPE: return ERROR_DS_ATTRIBUTE_TYPE_UNDEFINED;
+ case LDAP_INAPPROPRIATE_MATCHING: return ERROR_DS_INAPPROPRIATE_MATCHING;
+ case LDAP_CONSTRAINT_VIOLATION: return ERROR_DS_CONSTRAINT_VIOLATION;
+ case LDAP_ATTRIBUTE_OR_VALUE_EXISTS: return ERROR_DS_ATTRIBUTE_OR_VALUE_EXISTS;
+ case LDAP_INVALID_SYNTAX: return ERROR_DS_INVALID_ATTRIBUTE_SYNTAX;
+ case LDAP_NO_SUCH_OBJECT: return ERROR_DS_NO_SUCH_OBJECT;
+ case LDAP_ALIAS_PROBLEM: return ERROR_DS_ALIAS_PROBLEM;
+ case LDAP_INVALID_DN_SYNTAX: return ERROR_DS_INVALID_DN_SYNTAX;
+ case LDAP_IS_LEAF: return ERROR_DS_IS_LEAF;
+ case LDAP_ALIAS_DEREF_PROBLEM: return ERROR_DS_ALIAS_DEREF_PROBLEM;
+ case LDAP_INAPPROPRIATE_AUTH: return ERROR_DS_INAPPROPRIATE_AUTH;
+ case LDAP_INVALID_CREDENTIALS: return ERROR_DS_SEC_DESC_INVALID;
+ case LDAP_INSUFFICIENT_RIGHTS: return ERROR_DS_INSUFF_ACCESS_RIGHTS;
+ case LDAP_BUSY: return ERROR_DS_BUSY;
+ case LDAP_UNAVAILABLE: return ERROR_DS_UNAVAILABLE;
+ case LDAP_UNWILLING_TO_PERFORM: return ERROR_DS_UNWILLING_TO_PERFORM;
+ case LDAP_LOOP_DETECT: return ERROR_DS_LOOP_DETECT;
+ case LDAP_SORT_CONTROL_MISSING: return ERROR_DS_SORT_CONTROL_MISSING;
+ case LDAP_OFFSET_RANGE_ERROR: return ERROR_DS_OFFSET_RANGE_ERROR;
+ case LDAP_NAMING_VIOLATION: return ERROR_DS_NAMING_VIOLATION;
+ case LDAP_OBJECT_CLASS_VIOLATION: return ERROR_DS_OBJ_CLASS_VIOLATION;
+ case LDAP_NOT_ALLOWED_ON_NONLEAF: return ERROR_DS_CANT_ON_NON_LEAF;
+ case LDAP_NOT_ALLOWED_ON_RDN: return ERROR_DS_CANT_ON_RDN;
+ case LDAP_ALREADY_EXISTS: return ERROR_ALREADY_EXISTS;
+ case LDAP_NO_OBJECT_CLASS_MODS: return ERROR_DS_CANT_MOD_OBJ_CLASS;
+ case LDAP_RESULTS_TOO_LARGE: return ERROR_DS_OBJECT_RESULTS_TOO_LARGE;
+ case LDAP_AFFECTS_MULTIPLE_DSAS: return ERROR_DS_AFFECTS_MULTIPLE_DSAS;
+ case LDAP_SERVER_DOWN: return ERROR_DS_SERVER_DOWN;
+ case LDAP_LOCAL_ERROR: return ERROR_DS_LOCAL_ERROR;
+ case LDAP_ENCODING_ERROR: return ERROR_DS_ENCODING_ERROR;
+ case LDAP_DECODING_ERROR: return ERROR_DS_DECODING_ERROR;
+ case LDAP_TIMEOUT: return ERROR_TIMEOUT;
+ case LDAP_AUTH_UNKNOWN: return ERROR_DS_AUTH_UNKNOWN;
+ case LDAP_FILTER_ERROR: return ERROR_DS_FILTER_UNKNOWN;
+ case LDAP_USER_CANCELLED: return ERROR_CANCELLED;
+ case LDAP_PARAM_ERROR: return ERROR_DS_PARAM_ERROR;
+ case LDAP_NO_MEMORY: return ERROR_NOT_ENOUGH_MEMORY;
+ case LDAP_CONNECT_ERROR: return ERROR_CONNECTION_UNAVAIL;
+ case LDAP_NOT_SUPPORTED: return ERROR_DS_NOT_SUPPORTED;
+ case LDAP_CONTROL_NOT_FOUND: return ERROR_DS_CONTROL_NOT_FOUND;
+ case LDAP_NO_RESULTS_RETURNED: return ERROR_DS_NO_RESULTS_RETURNED;
+ case LDAP_MORE_RESULTS_TO_RETURN: return ERROR_MORE_DATA;
+ case LDAP_CLIENT_LOOP: return ERROR_DS_CLIENT_LOOP;
+ case LDAP_REFERRAL_LIMIT_EXCEEDED: return ERROR_DS_REFERRAL_LIMIT_EXCEEDED;
+ default: return err;
+ }
+}
diff --git a/dlls/adsldp/tests/ldap.c b/dlls/adsldp/tests/ldap.c
index 0ecba26817..6f8c00aa89 100644
--- a/dlls/adsldp/tests/ldap.c
+++ b/dlls/adsldp/tests/ldap.c
@@ -40,6 +40,8 @@ static const struct
{
const WCHAR *path;
HRESULT hr, hr_ads_open, hr_ads_get;
+ const WCHAR *user, *password;
+ LONG flags;
} test[] =
{
{ L"invalid", MK_E_SYNTAX, E_ADS_BAD_PATHNAME, E_FAIL },
@@ -55,6 +57,9 @@ static const struct
{ L"LDAP://ldap.forumsys.com/rootDSE", S_OK },
{ L"LDAP://ldap.forumsys.com/rootDSE/", E_ADS_BAD_PATHNAME },
{ L"LDAP://ldap.forumsys.com/rootDSE/invalid", E_ADS_BAD_PATHNAME },
+ { L"LDAP://ldap.forumsys.com/rootDSE", S_OK, S_OK, S_OK, NULL, NULL, 0 },
+ { L"LDAP://ldap.forumsys.com/rootDSE", S_OK, S_OK, S_OK, L"CN=read-only-admin,DC=example,DC=com", L"password", 0 },
+
/*{ L"LDAP://invalid", __HRESULT_FROM_WIN32(ERROR_DS_INVALID_DN_SYNTAX) }, takes way too much time */
};
@@ -65,7 +70,8 @@ static void test_LDAP(void)
IADs *ads;
IADsOpenDSObject *ads_open;
IDispatch *disp;
- BSTR path;
+ BSTR path, user, password;
+ int i;
hr = CoCreateInstance(&CLSID_LDAPNamespace, 0, CLSCTX_INPROC_SERVER, &IID_IADs, (void **)&ads);
ok(hr == S_OK, "got %#x\n", hr);
@@ -80,14 +86,25 @@ static void test_LDAP(void)
hr = IUnknown_QueryInterface(unk, &IID_IADsOpenDSObject, (void **)&ads_open);
ok(hr == S_OK, "got %#x\n", hr);
- IADsOpenDSObject_Release(ads_open);
- path = SysAllocString(L"LDAP:");
- hr = IADsOpenDSObject_OpenDSObject(ads_open, path, NULL, NULL, ADS_SECURE_AUTHENTICATION, &disp);
- SysFreeString(path);
- ok(hr == S_OK, "got %#x\n", hr);
- IDispatch_Release(disp);
+ for (i = 0; i < ARRAY_SIZE(test); i++)
+ {
+ path = SysAllocString(test[i].path);
+ user = test[i].user ? SysAllocString(test[i].user) : NULL;
+ password = test[i].password ? SysAllocString(test[i].password) : NULL;
+ hr = IADsOpenDSObject_OpenDSObject(ads_open, path, user, password, test[i].flags, &disp);
+ ok(hr == test[i].hr || hr == test[i].hr_ads_open, "%d: got %#x, expected %#x\n", i, hr, test[i].hr);
+ if (hr == S_OK)
+ IDispatch_Release(disp);
+
+ SysFreeString(path);
+ SysFreeString(user);
+ SysFreeString(password);
+ }
+
+
+ IADsOpenDSObject_Release(ads_open);
IUnknown_Release(unk);
}
--
2.20.1
More information about the wine-devel
mailing list