~drizzle-trunk/drizzle/development

« back to all changes in this revision

Viewing changes to plugin/auth_ldap/auth_ldap.cc

Committer: Brian Aker
Date: 2010-12-18 10:14:05 UTC
mfrom: (2008.1.3 clean)
Revision ID: brian@tangent.org-20101218101405-qjbse29shi9coklg

Merge of user identifier work

files added:
drizzled/identifier/user.cc

drizzled/identifier/user.h

plugin/utility_functions/tests/t/execute.test

files removed:
drizzled/security_context.h

files renamed:
plugin/utility_functions/tests/t/execute.test => plugin/utility_functions/tests/t/execute_complex.disabled

files modified:
drizzled/db.cc

drizzled/execute.cc

drizzled/identifier.h

drizzled/include.am

drizzled/plugin/authentication.cc

drizzled/plugin/authentication.h

drizzled/plugin/authorization.cc

drizzled/plugin/authorization.h

drizzled/plugin/schema_engine.cc

drizzled/session.cc

drizzled/session.h

drizzled/sql_base.cc

drizzled/statement/create_schema.cc

drizzled/table.cc

plugin/auth_file/auth_file.cc

plugin/auth_http/auth_http.cc

plugin/auth_ldap/auth_ldap.cc

plugin/auth_pam/auth_pam.cc

plugin/auth_test/auth_test.cc

plugin/console/console.cc

plugin/drizzle_protocol/drizzle_protocol.cc

plugin/innobase/handler/ha_innodb.cc

plugin/logging_stats/logging_stats.cc

plugin/logging_stats/scoreboard.cc

plugin/mysql_protocol/mysql_protocol.cc

plugin/session_dictionary/processlist.cc

plugin/simple_user_policy/policy.h

plugin/user_locks/barriers.h

plugin/user_locks/create_barrier.cc

plugin/user_locks/get_lock.cc

plugin/user_locks/get_locks.cc

plugin/user_locks/is_free_lock.cc

plugin/user_locks/is_used_lock.cc

plugin/user_locks/key.h

plugin/user_locks/release_barrier.cc

plugin/user_locks/release_lock.cc

plugin/user_locks/release_wait.cc

plugin/user_locks/signal.cc

plugin/user_locks/wait.cc

plugin/user_locks/wait_for_lock.cc

plugin/user_locks/wait_until.cc

plugin/utility_functions/tests/r/execute.result

plugin/utility_functions/user.cc

support-files/drizzle.spec.in

unittests/plugin/authentication_test.cc

unittests/plugin/plugin_stubs.h

Show diffs side-by-side

added added

removed removed

plugin/auth_ldap/auth_ldap.cc

#include <string>

#include "drizzled/plugin/authentication.h"

#include "drizzled/security_context.h"

#include "drizzled/identifier.h"

#include "drizzled/util/convert.h"

#include "drizzled/algorithm/sha1.h"

/**

100

* Base class method to check authentication for a user.

101

102

bool authenticate(const SecurityContext &sctx, const string &password);

102

bool authenticate(const identifier::User &sctx, const string &password);

103

104

/**

105

* Lookup a user in LDAP.

200

return error;

201

}

202

203

bool AuthLDAP::authenticate(const SecurityContext &sctx, const string &password)

203

bool AuthLDAP::authenticate(const identifier::User &sctx, const string &password)

204

{

205

/* See if cache should be emptied. */

206

if (cache_timeout > 0)

222

223

pthread_rwlock_rdlock(&lock);

224

225

AuthLDAP::UserCache::const_iterator user= users.find(sctx.getUser());

225

AuthLDAP::UserCache::const_iterator user= users.find(sctx.username());

226

if (user == users.end())

227

{

228

pthread_rwlock_unlock(&lock);

230

pthread_rwlock_wrlock(&lock);

231

232

/* Make sure the user was not added while we unlocked. */

233

user= users.find(sctx.getUser());

233

user= users.find(sctx.username());

234

if (user == users.end())

235

lookupUser(sctx.getUser());

235

lookupUser(sctx.username());

236

237

pthread_rwlock_unlock(&lock);

238

239

pthread_rwlock_rdlock(&lock);

240

241

/* Get user again because map may have changed while unlocked. */

242

user= users.find(sctx.getUser());

242

user= users.find(sctx.username());

243

if (user == users.end())

244

{

245

pthread_rwlock_unlock(&lock);

253

return false;

254

}

255

256

if (sctx.getPasswordType() == SecurityContext::MYSQL_HASH)

256

if (sctx.getPasswordType() == identifier::User::MYSQL_HASH)

257

{

258

bool allow= verifyMySQLHash(user->second, sctx.getPasswordContext(), password);

259

pthread_rwlock_unlock(&lock);

Older »