[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#4244) SLAPI_ADD_RESCONTROL in prebind plugin not being sent

To: openldap-its@OpenLDAP.org
Subject: (ITS#4244) SLAPI_ADD_RESCONTROL in prebind plugin not being sent
From: dbroady1@yahoo.com
Date: Fri, 2 Dec 2005 19:07:57 GMT

Full_Name: Darin Broady
Version: 2.3.12
OS: Solaris 9
URL: 
Submission from: (NULL) (192.146.101.24)


I have written a SLAPI prebind plugin that checks for account expiration to
allow Solaris 8 & 9 clients to determine if a password is expired or expiring
(uses controls 2.16.840.1.113730.3.4.4 and 2.16.840.1.113730.3.4.5).  All the
plugin does it check for the condition and add the resulting control to the
pblock via the slapi_pblock_set(pblock, SLAPI_ADD_RESCONTROL, &pwdcontrol), and
then return SLAPI_BIND_SUCCESS to allow the backend bind functions to proceed
and actually verify the password.

What is happening this that after I add my control to the pblock, it is not
being sent back to the client when the backend bind function executes
send_ldap_result().

I have included a simplified version of my plugin that demonstrates the problem.
 I have looked at the documentation for slapi with Netscape Directory Server,
and I think that I'm following the procedure correctly.  However, it may differ
with OpenLDAP in a way that I'm not familiar with yet.  If someone could help me
determine if my code is wrong or if it is a bug in the SLAPI code of OL I would
be greatful.

Thanks.


The prebind code for my plugin is the following (simplified version):
----------------------------------------------------------------------
#include <slapi-plugin.h>

#define CONTROL_PWDEXPIRED_OID  "2.16.840.1.113730.3.4.4"
#define CONTROL_PWDEXPIRING_OID "2.16.840.1.113730.3.4.5"

Slapi_PluginDesc prebindDesc = { "prebind", "prebind", "1.0", "prebind" };

static int prebindFunc(Slapi_PBlock *pb) {
   LDAPControl pwdcontrol;
   pwdcontrol.ldctl_oid = CONTROL_PWD_EXPIRED_OID;
   pwdcontrol.ldctl_value.bv_val = NULL;
   pwdcontrol.ldctl_value.bv_len = 0;

   slapi_pblock_set(pb, SLAPI_ADD_RESCONTROL, &pwdcontrol);
   return SLAPI_BIND_SUCCESS;
}


int prebind_init(Slapi_PBlock *pb) {
   int rc = 0;
   rc |= slapi_pblock_set(pb, SLAPI_PLUGIN_VERSION,
SLAPI_PLUGIN_CURRENT_VERSION);
   rc |= slapi_pblock_set(pb, SLAPI_PLUGIN_DESCRIPTION, (void *)prebindDesc);
   rc |= slapi_pblock_set(pb, SLAPI_PLUGIN_PRE_BIND_FN, (void *)prebindFunc);

   slapi_register_supported_control(CONTROL_PWEXPIRED_OID,
SLAPI_OPERATION_BIND);
   slapi_register_supported_control(CONTROL_PWEXPIRING_OID,
SLAPI_OPERATION_BIND);

   return LDAP_SUCCESS;
}

/**************************** END OF CODE *******************************/


Darin Broady
dbroady1@yahoo.com

Prev by Date: RE: (ITS#4216) slapd terminates unexpectedly
Next by Date: Re: (ITS#4242) slapindex fails to clean up DB after unclean shutdown
Index(es):
- Chronological
- Thread