protected override int SendRequest(SafeHandle handle, DirectoryRequest request, IntPtr serverControlArray, IntPtr clientControlArray, ref int messageId)
{
if (request is AddRequest addRequest)
{
if (string.IsNullOrWhiteSpace(addRequest.DistinguishedName))
{
throw new ArgumentNullException(nameof(addRequest.DistinguishedName));
}
var attrs = addRequest.Attributes.Select(ToLdapMod).ToList();
var ptr = MarshalUtils.AllocHGlobalIntPtrArray(addRequest.Attributes.Count + 1);
MarshalUtils.StructureArrayToPtr(attrs, ptr, true);
var result = Native.ldap_add_ext(handle,
addRequest.DistinguishedName,
ptr,
serverControlArray,
clientControlArray,
ref messageId
);
attrs.ForEach(_ =>
{
MarshalUtils.BerValuesFree(_.mod_vals_u.modv_bvals);
Marshal.FreeHGlobal(_.mod_vals_u.modv_bvals);
Marshal.FreeHGlobal(_.mod_type);
});
Marshal.FreeHGlobal(ptr);
return(result);
}
return(0);
}
private static Native.Native.LDAPMod ToLdapMod(LdapModifyAttribute attribute)
{
var modValue = attribute.Values ?? new List <string>();
var modValuePtr = MarshalUtils.AllocHGlobalIntPtrArray(modValue.Count + 1);
MarshalUtils.ByteArraysToBerValueArray(modValue.Select(GetModValue).ToArray(), modValuePtr);
return(new Native.Native.LDAPMod
{
mod_op = (int)attribute.LdapModOperation | (int)LdapForNet.Native.Native.LdapModOperation.LDAP_MOD_BVALUES,
mod_type = Encoder.Instance.StringToPtr(attribute.Type),
mod_vals_u = new Native.Native.LDAPMod.mod_vals
{
modv_bvals = modValuePtr
},
mod_next = IntPtr.Zero
});
}
private static Native.Native.LDAPMod ToLdapMod(DirectoryAttribute attribute,
Native.Native.LdapModOperation operation)
{
var modValue = attribute.GetValues <byte[]>()?.ToList() ?? new List <byte[]>();
var modValuePtr = MarshalUtils.AllocHGlobalIntPtrArray(modValue.Count + 1);
MarshalUtils.ByteArraysToBerValueArray(modValue.Select(_ => _ ?? new byte[0]).ToArray(), modValuePtr);
return(new Native.Native.LDAPMod
{
mod_op = (int)operation | (int)LdapForNet.Native.Native.LdapModOperation.LDAP_MOD_BVALUES,
mod_type = Encoder.Instance.StringToPtr(attribute.Name),
mod_vals_u = new Native.Native.LDAPMod.mod_vals
{
modv_bvals = modValuePtr
},
mod_next = IntPtr.Zero
});
}
public override int SendRequest(SafeHandle handle, DirectoryRequest request, ref int messageId)
{
if (request is AddRequest addRequest)
{
var entry = addRequest.LdapEntry;
if (string.IsNullOrWhiteSpace(entry.Dn))
{
throw new ArgumentNullException(nameof(entry.Dn));
}
if (entry.Attributes == null)
{
entry.Attributes = new Dictionary <string, List <string> >();
}
var attrs = entry.Attributes.Select(ToLdapMod).ToList();
var ptr = MarshalUtils.AllocHGlobalIntPtrArray(entry.Attributes.Count + 1);
MarshalUtils.StructureArrayToPtr(attrs, ptr, true);
var result = Native.ldap_add_ext(handle,
addRequest.LdapEntry.Dn,
ptr,
IntPtr.Zero,
IntPtr.Zero,
ref messageId
);
attrs.ForEach(_ =>
{
MarshalUtils.BerValuesFree(_.mod_vals_u.modv_bvals);
Marshal.FreeHGlobal(_.mod_vals_u.modv_bvals);
Marshal.FreeHGlobal(_.mod_type);
});
Marshal.FreeHGlobal(ptr);
return(result);
}
return(0);
}
private static IntPtr GetAttributesPtr(SearchRequest searchRequest)
{
var attributeCount = searchRequest.Attributes?.Count ?? 0;
var searchAttributes = IntPtr.Zero;
if (searchRequest.Attributes == null || attributeCount == 0)
{
return(searchAttributes);
}
searchAttributes = MarshalUtils.AllocHGlobalIntPtrArray(attributeCount + 1);
int i;
for (i = 0; i < attributeCount; i++)
{
var controlPtr = Encoder.Instance.StringToPtr(searchRequest.Attributes[i]);
Marshal.WriteIntPtr(searchAttributes, IntPtr.Size * i, controlPtr);
}
Marshal.WriteIntPtr(searchAttributes, IntPtr.Size * i, IntPtr.Zero);
return(searchAttributes);
}
private static int EncodingBerValMultiByteArrayHelper(BerSafeHandle berElement, char fmt, byte[][] value)
{
var berValArray = IntPtr.Zero;
Native.Native.SafeBerval[] managedBerVal = null;
int rc;
try
{
if (value != null)
{
berValArray = MarshalUtils.AllocHGlobalIntPtrArray(value.Length + 1);
var structSize = Marshal.SizeOf(typeof(Native.Native.SafeBerval));
managedBerVal = new Native.Native.SafeBerval[value.Length];
for (var i = 0; i < value.Length; i++)
{
var byteArray = value[i];
// construct the managed berval
managedBerVal[i] = new Native.Native.SafeBerval();
if (byteArray == null)
{
managedBerVal[i].bv_len = 0;
managedBerVal[i].bv_val = IntPtr.Zero;
}
else
{
managedBerVal[i].bv_len = byteArray.Length;
managedBerVal[i].bv_val = Marshal.AllocHGlobal(byteArray.Length);
if (managedBerVal[i].bv_val != IntPtr.Zero)
{
Marshal.Copy(byteArray, 0, managedBerVal[i].bv_val, byteArray.Length);
}
}
// allocate memory for the unmanaged structure
var valPtr = Marshal.AllocHGlobal(structSize);
Marshal.StructureToPtr(managedBerVal[i], valPtr, false);
Marshal.WriteIntPtr(berValArray, IntPtr.Size * i, valPtr);
}
Marshal.WriteIntPtr(berValArray, IntPtr.Size * value.Length, IntPtr.Zero);
}
rc = LdapNative.Instance.ber_printf_berarray(berElement, new string(fmt, 1), berValArray);
GC.KeepAlive(managedBerVal);
}
finally
{
if (berValArray != IntPtr.Zero)
{
foreach (var ptr in MarshalUtils.GetPointerArray(berValArray))
{
Marshal.FreeHGlobal(ptr);
}
Marshal.FreeHGlobal(berValArray);
}
}
return(rc);
}
internal override int SetClientCertificate(SafeHandle ld, X509Certificate2 certificate)
{
const int verifyDepth = 6;
var certData = MarshalUtils.ByteArrayToGnuTlsDatum(certificate.Export(X509ContentType.Cert));
var certs = MarshalUtils.AllocHGlobalIntPtrArray(verifyDepth);
var privateKey = (RSA)certificate.PrivateKey;
var keyData = MarshalUtils.ByteArrayToGnuTlsDatum(privateKey.ToRsaPrivateKey());
try
{
var max = verifyDepth;
var tlsCtx = IntPtr.Zero;
var isServer = 0;
ThrowIfError(ld,
ldap_set_option(new LdapHandle(IntPtr.Zero), (int)Native.LdapOption.LDAP_OPT_X_TLS_NEWCTX,
ref isServer), nameof(ldap_set_option));
ThrowIfError(ld,
ldap_get_option(new LdapHandle(IntPtr.Zero), (int)Native.LdapOption.LDAP_OPT_X_TLS_CTX,
ref tlsCtx),
nameof(ldap_set_option));
var key = IntPtr.Zero;
var cred = Marshal.ReadIntPtr(tlsCtx);
ThrowIfGnuTlsError(NativeMethodsLinux.gnutls_x509_privkey_init(ref key),
nameof(NativeMethodsLinux.gnutls_x509_privkey_init));
ThrowIfGnuTlsError(
NativeMethodsLinux.gnutls_x509_privkey_import(key, keyData,
NativeMethodsLinux.GNUTLS_X509_FMT.GNUTLS_X509_FMT_DER),
nameof(NativeMethodsLinux.gnutls_x509_privkey_import));
ThrowIfGnuTlsError(
NativeMethodsLinux.gnutls_x509_crt_list_import(certs, ref max, certData,
NativeMethodsLinux.GNUTLS_X509_FMT.GNUTLS_X509_FMT_DER, 0),
nameof(NativeMethodsLinux.gnutls_x509_crt_list_import));
var cert = Marshal.ReadIntPtr(certs);
// If there's only one cert and it's not self-signed, then we have to build the cert chain.
if (max == 1 && !IsSelfSigned(cert))
{
for (var i = 1; i < verifyDepth; i++)
{
cert = Marshal.ReadIntPtr(certs, (i - 1) * IntPtr.Size);
var issuer = Marshal.ReadIntPtr(certs, i * IntPtr.Size);
if (NativeMethodsLinux.gnutls_certificate_get_issuer(cred, cert, ref issuer, 0) != 0)
{
break;
}
Marshal.WriteIntPtr(certs, i * IntPtr.Size, issuer);
max++;
if (IsSelfSigned(issuer))
{
break;
}
}
}
ThrowIfGnuTlsError(NativeMethodsLinux.gnutls_certificate_set_x509_key(cred, certs, max, key),
nameof(NativeMethodsLinux.gnutls_certificate_set_x509_key));
NativeMethodsLinux.gnutls_certificate_set_verify_flags(cred, 0);
return(ldap_set_option(new LdapHandle(IntPtr.Zero), (int)Native.LdapOption.LDAP_OPT_X_TLS_CTX, tlsCtx));
}
finally
{
MarshalUtils.TlsDatumFree(certData);
MarshalUtils.TlsDatumFree(keyData);
if (certs != IntPtr.Zero)
{
Marshal.FreeHGlobal(certs);
}
}
}
