private NetworkCredential ProcessSecAuthIdentity(SEC_WINNT_AUTH_IDENTITY_EX SecAuthIdentit) { if (SecAuthIdentit == null) { return(new NetworkCredential()); } string user = SecAuthIdentit.user; string domain = SecAuthIdentit.domain; return(new NetworkCredential(user, SecAuthIdentit.password, domain)); }
private NetworkCredential ProcessSecAuthIdentity(SEC_WINNT_AUTH_IDENTITY_EX SecAuthIdentit) { if (SecAuthIdentit != null) { string secAuthIdentit = SecAuthIdentit.user; string str = SecAuthIdentit.domain; string secAuthIdentit1 = SecAuthIdentit.password; return(new NetworkCredential(secAuthIdentit, secAuthIdentit1, str)); } else { return(new NetworkCredential()); } }
public Native(SEC_WINNT_AUTH_IDENTITY_EX managed) { version = managed.version; length = managed.length; user = Marshal.StringToCoTaskMemUni(managed.user); userLength = managed.userLength; domain = Marshal.StringToCoTaskMemUni(managed.domain); domainLength = managed.domainLength; password = Marshal.StringToCoTaskMemUni(managed.password); passwordLength = managed.passwordLength; flags = managed.flags; packageList = Marshal.StringToCoTaskMemUni(managed.packageList); packageListLength = managed.packageListLength; }
private int InternalBind(NetworkCredential tempCredential, SEC_WINNT_AUTH_IDENTITY_EX cred, BindMethod method) { int error; if (tempCredential == null && (AuthType == AuthType.External || AuthType == AuthType.Kerberos)) { error = BindSasl(); } else { error = Interop.Ldap.ldap_simple_bind(_ldapHandle, cred.user, cred.password); } return(error); }
public static Native ConvertToUnmanaged(SEC_WINNT_AUTH_IDENTITY_EX managed) { Native n = default; n.version = managed.version; n.length = managed.length; n.user = Marshal.StringToCoTaskMemUni(managed.user); n.userLength = managed.userLength; n.domain = Marshal.StringToCoTaskMemUni(managed.domain); n.domainLength = managed.domainLength; n.password = Marshal.StringToCoTaskMemUni(managed.password); n.passwordLength = managed.passwordLength; n.flags = managed.flags; n.packageList = Marshal.StringToCoTaskMemUni(managed.packageList); n.packageListLength = managed.packageListLength; return(n); }
private int InternalBind(NetworkCredential tempCredential, SEC_WINNT_AUTH_IDENTITY_EX cred, BindMethod method) { int error; if (LocalAppContextSwitches.UseBasicAuthFallback) { if (tempCredential == null && (AuthType == AuthType.External || AuthType == AuthType.Kerberos)) { error = BindSasl(); } else { error = LdapPal.BindToDirectory(_ldapHandle, cred.user, cred.password); } } else { if (method == BindMethod.LDAP_AUTH_NEGOTIATE) { if (tempCredential == null) { error = BindSasl(); } else { // Explicit credentials were provided. If we call ldap_bind_s it will // return LDAP_NOT_SUPPORTED, so just skip the P/Invoke. error = (int)LdapError.NotSupported; } } else { // Basic and Anonymous are handled elsewhere. Debug.Assert(AuthType != AuthType.Anonymous && AuthType != AuthType.Basic); error = (int)LdapError.AuthUnknown; } } return(error); }
private NetworkCredential ProcessSecAuthIdentity(SEC_WINNT_AUTH_IDENTITY_EX SecAuthIdentit) { if (SecAuthIdentit != null) { string secAuthIdentit = SecAuthIdentit.user; string str = SecAuthIdentit.domain; string secAuthIdentit1 = SecAuthIdentit.password; return new NetworkCredential(secAuthIdentit, secAuthIdentit1, str); } else { return new NetworkCredential(); } }
private bool ProcessNotifyConnection(IntPtr PrimaryConnection, IntPtr ReferralFromConnection, IntPtr NewDNPtr, string HostName, IntPtr NewConnection, int PortNumber, SEC_WINNT_AUTH_IDENTITY_EX SecAuthIdentity, Luid CurrentUser, int ErrorCodeFromBind) { string NewDN = null; if (NewConnection != (IntPtr)0 && _callbackRoutine.NotifyNewConnection != null) { if (NewDNPtr != (IntPtr)0) { NewDN = Marshal.PtrToStringUni(NewDNPtr); } StringBuilder target = new StringBuilder(); target.Append(HostName); target.Append(":"); target.Append(PortNumber); LdapDirectoryIdentifier identifier = new LdapDirectoryIdentifier(target.ToString()); NetworkCredential cred = ProcessSecAuthIdentity(SecAuthIdentity); LdapConnection tempNewConnection = null; LdapConnection tempReferralConnection = null; WeakReference reference = null; lock (LdapConnection.objectLock) { // if referrafromconnection handle is valid if (ReferralFromConnection != (IntPtr)0) { //check whether we have save it in the handle table before reference = (WeakReference)(LdapConnection.handleTable[ReferralFromConnection]); if (reference != null && reference.IsAlive && null != ((LdapConnection)reference.Target).ldapHandle) { // save this before and object has not been garbage collected yet. tempReferralConnection = (LdapConnection)reference.Target; } else { // connection has been garbage collected, we need to remove this one if (reference != null) { LdapConnection.handleTable.Remove(ReferralFromConnection); } // we don't have it yet, construct a new one tempReferralConnection = new LdapConnection(((LdapDirectoryIdentifier)(_connection.Directory)), _connection.GetCredential(), _connection.AuthType, ReferralFromConnection); // save it to the handle table LdapConnection.handleTable.Add(ReferralFromConnection, new WeakReference(tempReferralConnection)); } } if (NewConnection != (IntPtr)0) { //check whether we have save it in the handle table before reference = (WeakReference)(LdapConnection.handleTable[NewConnection]); if (reference != null && reference.IsAlive && null != ((LdapConnection)reference.Target).ldapHandle) { // save this before and object has not been garbage collected yet. tempNewConnection = (LdapConnection)reference.Target; } else { // connection has been garbage collected, we need to remove this one if (reference != null) { LdapConnection.handleTable.Remove(NewConnection); } // we don't have it yet, construct a new one tempNewConnection = new LdapConnection(identifier, cred, _connection.AuthType, NewConnection); // save it to the handle table LdapConnection.handleTable.Add(NewConnection, new WeakReference(tempNewConnection)); } } } long tokenValue = (long)((uint)CurrentUser.LowPart + (((long)CurrentUser.HighPart) << 32)); bool value = _callbackRoutine.NotifyNewConnection(_connection, tempReferralConnection, NewDN, identifier, tempNewConnection, cred, tokenValue, ErrorCodeFromBind); if (value) { value = AddLdapHandleRef(tempNewConnection); if (value) { tempNewConnection.NeedDispose = true; } } return(value); } else { return(false); } }
private void BindHelper(NetworkCredential newCredential, bool needSetCredential) { string str2; string str3; string str4; int errorCode = 0; NetworkCredential directoryCredential = null; if (this.disposed) { throw new ObjectDisposedException(base.GetType().Name); } if (((this.AuthType == System.DirectoryServices.Protocols.AuthType.Anonymous) && (newCredential != null)) && (((newCredential.Password != null) && (newCredential.Password.Length != 0)) || ((newCredential.UserName != null) && (newCredential.UserName.Length != 0)))) { throw new InvalidOperationException(System.DirectoryServices.Protocols.Res.GetString("InvalidAuthCredential")); } if (needSetCredential) { base.directoryCredential = directoryCredential = (newCredential != null) ? new NetworkCredential(newCredential.UserName, newCredential.Password, newCredential.Domain) : null; } else { directoryCredential = base.directoryCredential; } if (!this.connected) { this.Connect(); this.connected = true; } if (((directoryCredential != null) && (directoryCredential.UserName.Length == 0)) && ((directoryCredential.Password.Length == 0) && (directoryCredential.Domain.Length == 0))) { str2 = null; str3 = null; str4 = null; } else { str2 = (directoryCredential == null) ? null : directoryCredential.UserName; str3 = (directoryCredential == null) ? null : directoryCredential.Domain; str4 = (directoryCredential == null) ? null : directoryCredential.Password; } if (this.AuthType == System.DirectoryServices.Protocols.AuthType.Anonymous) { errorCode = Wldap32.ldap_simple_bind_s(this.ldapHandle, null, null); } else if (this.AuthType == System.DirectoryServices.Protocols.AuthType.Basic) { StringBuilder builder = new StringBuilder(100); if ((str3 != null) && (str3.Length != 0)) { builder.Append(str3); builder.Append(@"\"); } builder.Append(str2); errorCode = Wldap32.ldap_simple_bind_s(this.ldapHandle, builder.ToString(), str4); } else { SEC_WINNT_AUTH_IDENTITY_EX credentials = new SEC_WINNT_AUTH_IDENTITY_EX { version = 0x200, length = Marshal.SizeOf(typeof(SEC_WINNT_AUTH_IDENTITY_EX)), flags = 2 }; if (this.AuthType == System.DirectoryServices.Protocols.AuthType.Kerberos) { credentials.packageList = "Kerberos"; credentials.packageListLength = credentials.packageList.Length; } if (directoryCredential != null) { credentials.user = str2; credentials.userLength = (str2 == null) ? 0 : str2.Length; credentials.domain = str3; credentials.domainLength = (str3 == null) ? 0 : str3.Length; credentials.password = str4; credentials.passwordLength = (str4 == null) ? 0 : str4.Length; } BindMethod method = BindMethod.LDAP_AUTH_NEGOTIATE; switch (this.AuthType) { case System.DirectoryServices.Protocols.AuthType.Negotiate: method = BindMethod.LDAP_AUTH_NEGOTIATE; break; case System.DirectoryServices.Protocols.AuthType.Ntlm: method = BindMethod.LDAP_AUTH_NTLM; break; case System.DirectoryServices.Protocols.AuthType.Digest: method = BindMethod.LDAP_AUTH_DIGEST; break; case System.DirectoryServices.Protocols.AuthType.Sicily: method = BindMethod.LDAP_AUTH_SICILY; break; case System.DirectoryServices.Protocols.AuthType.Dpa: method = BindMethod.LDAP_AUTH_DPA; break; case System.DirectoryServices.Protocols.AuthType.Msn: method = BindMethod.LDAP_AUTH_MSN; break; case System.DirectoryServices.Protocols.AuthType.External: method = BindMethod.LDAP_AUTH_EXTERNAL; break; case System.DirectoryServices.Protocols.AuthType.Kerberos: method = BindMethod.LDAP_AUTH_NEGOTIATE; break; } if ((directoryCredential == null) && (this.AuthType == System.DirectoryServices.Protocols.AuthType.External)) { errorCode = Wldap32.ldap_bind_s(this.ldapHandle, null, null, method); } else { errorCode = Wldap32.ldap_bind_s(this.ldapHandle, null, credentials, method); } } if (errorCode != 0) { string str; if (Utility.IsResultCode((ResultCode) errorCode)) { str = OperationErrorMappings.MapResultCode(errorCode); throw new DirectoryOperationException(null, str); } if (!Utility.IsLdapError((LdapError) errorCode)) { throw new LdapException(errorCode); } str = LdapErrorMappings.MapResultCode(errorCode); string serverErrorMessage = this.options.ServerErrorMessage; if ((serverErrorMessage != null) && (serverErrorMessage.Length > 0)) { throw new LdapException(errorCode, str, serverErrorMessage); } throw new LdapException(errorCode, str); } this.bounded = true; this.needRebind = false; }
private int ProcessQueryConnection(IntPtr PrimaryConnection, IntPtr ReferralFromConnection, IntPtr NewDNPtr, string HostName, int PortNumber, SEC_WINNT_AUTH_IDENTITY_EX SecAuthIdentity, Luid CurrentUserToken, ref IntPtr ConnectionToUse) { ConnectionToUse = IntPtr.Zero; string newDistinguishedName = null; if (this.callbackRoutine.QueryForConnection == null) { return 1; } if (NewDNPtr != IntPtr.Zero) { newDistinguishedName = Marshal.PtrToStringUni(NewDNPtr); } StringBuilder builder = new StringBuilder(); builder.Append(HostName); builder.Append(":"); builder.Append(PortNumber); LdapDirectoryIdentifier identifier = new LdapDirectoryIdentifier(builder.ToString()); NetworkCredential credential = this.ProcessSecAuthIdentity(SecAuthIdentity); LdapConnection target = null; WeakReference reference = null; if (ReferralFromConnection != IntPtr.Zero) { lock (LdapConnection.objectLock) { reference = (WeakReference) LdapConnection.handleTable[ReferralFromConnection]; if ((reference != null) && reference.IsAlive) { target = (LdapConnection) reference.Target; } else { if (reference != null) { LdapConnection.handleTable.Remove(ReferralFromConnection); } target = new LdapConnection((LdapDirectoryIdentifier) this.connection.Directory, this.connection.GetCredential(), this.connection.AuthType, ReferralFromConnection); LdapConnection.handleTable.Add(ReferralFromConnection, new WeakReference(target)); } } } long currentUserToken = ((long) ((ulong) CurrentUserToken.LowPart)) + (CurrentUserToken.HighPart << 0x20); LdapConnection connection2 = this.callbackRoutine.QueryForConnection(this.connection, target, newDistinguishedName, identifier, credential, currentUserToken); if (connection2 != null) { ConnectionToUse = connection2.ldapHandle; } return 0; }
private int ProcessQueryConnection(IntPtr PrimaryConnection, IntPtr ReferralFromConnection, IntPtr NewDNPtr, string HostName, int PortNumber, SEC_WINNT_AUTH_IDENTITY_EX SecAuthIdentity, Luid CurrentUserToken, ref IntPtr ConnectionToUse) { ConnectionToUse = IntPtr.Zero; string NewDN = null; // user must have registered callback function Debug.Assert(_callbackRoutine.QueryForConnection != null); // user registers the QUERYFORCONNECTION callback if (_callbackRoutine.QueryForConnection != null) { if (NewDNPtr != (IntPtr)0) { NewDN = Marshal.PtrToStringUni(NewDNPtr); } StringBuilder target = new StringBuilder(); target.Append(HostName); target.Append(":"); target.Append(PortNumber); LdapDirectoryIdentifier identifier = new LdapDirectoryIdentifier(target.ToString()); NetworkCredential cred = ProcessSecAuthIdentity(SecAuthIdentity); LdapConnection tempReferralConnection = null; WeakReference reference = null; // if referrafromconnection handle is valid if (ReferralFromConnection != (IntPtr)0) { lock (LdapConnection.objectLock) { //make sure first whether we have saved it in the handle table before reference = (WeakReference)(LdapConnection.handleTable[ReferralFromConnection]); if (reference != null && reference.IsAlive) { // save this before and object has not been garbage collected yet. tempReferralConnection = (LdapConnection)reference.Target; } else { if (reference != null) { // connection has been garbage collected, we need to remove this one LdapConnection.handleTable.Remove(ReferralFromConnection); } // we don't have it yet, construct a new one tempReferralConnection = new LdapConnection(((LdapDirectoryIdentifier)(_connection.Directory)), _connection.GetCredential(), _connection.AuthType, ReferralFromConnection); // save it to the handle table LdapConnection.handleTable.Add(ReferralFromConnection, new WeakReference(tempReferralConnection)); } } } long tokenValue = (long)((uint)CurrentUserToken.LowPart + (((long)CurrentUserToken.HighPart) << 32)); LdapConnection con = _callbackRoutine.QueryForConnection(_connection, tempReferralConnection, NewDN, identifier, cred, tokenValue); if (null != con && null != con.ldapHandle && !con.ldapHandle.IsInvalid) { bool success = AddLdapHandleRef(con); if (success) { ConnectionToUse = con.ldapHandle.DangerousGetHandle(); } } return(0); } else { // user does not take ownership of the connection return(1); } }
private void BindHelper(NetworkCredential newCredential, bool needSetCredential) { int num; string str; string str1; string str2; string str3; NetworkCredential networkCredential; string userName; string domain; string password; int length; int length1; int num1; object obj; if (!this.disposed) { if (this.AuthType != AuthType.Anonymous || newCredential == null || (newCredential.Password == null || newCredential.Password.Length == 0) && (newCredential.UserName == null || newCredential.UserName.Length == 0)) { if (!needSetCredential) { networkCredential = this.directoryCredential; } else { LdapConnection ldapConnection = this; if (newCredential != null) { obj = new NetworkCredential(newCredential.UserName, newCredential.Password, newCredential.Domain); } else { obj = null; } networkCredential = (NetworkCredential)obj; ldapConnection.directoryCredential = (NetworkCredential)obj; } if (!this.connected) { this.Connect(); this.connected = true; } if (networkCredential == null || networkCredential.UserName.Length != 0 || networkCredential.Password.Length != 0 || networkCredential.Domain.Length != 0) { if (networkCredential == null) { userName = null; } else { userName = networkCredential.UserName; } str1 = userName; if (networkCredential == null) { domain = null; } else { domain = networkCredential.Domain; } str2 = domain; if (networkCredential == null) { password = null; } else { password = networkCredential.Password; } str3 = password; } else { str1 = null; str2 = null; str3 = null; } if (this.AuthType != AuthType.Anonymous) { if (this.AuthType != AuthType.Basic) { SEC_WINNT_AUTH_IDENTITY_EX sECWINNTAUTHIDENTITYEX = new SEC_WINNT_AUTH_IDENTITY_EX(); sECWINNTAUTHIDENTITYEX.version = 0x200; sECWINNTAUTHIDENTITYEX.length = Marshal.SizeOf(typeof(SEC_WINNT_AUTH_IDENTITY_EX)); sECWINNTAUTHIDENTITYEX.flags = 2; if (this.AuthType == AuthType.Kerberos) { sECWINNTAUTHIDENTITYEX.packageList = "Kerberos"; sECWINNTAUTHIDENTITYEX.packageListLength = sECWINNTAUTHIDENTITYEX.packageList.Length; } if (networkCredential != null) { sECWINNTAUTHIDENTITYEX.user = str1; SEC_WINNT_AUTH_IDENTITY_EX sECWINNTAUTHIDENTITYEX1 = sECWINNTAUTHIDENTITYEX; if (str1 == null) { length = 0; } else { length = str1.Length; } sECWINNTAUTHIDENTITYEX1.userLength = length; sECWINNTAUTHIDENTITYEX.domain = str2; SEC_WINNT_AUTH_IDENTITY_EX sECWINNTAUTHIDENTITYEX2 = sECWINNTAUTHIDENTITYEX; if (str2 == null) { length1 = 0; } else { length1 = str2.Length; } sECWINNTAUTHIDENTITYEX2.domainLength = length1; sECWINNTAUTHIDENTITYEX.password = str3; SEC_WINNT_AUTH_IDENTITY_EX sECWINNTAUTHIDENTITYEX3 = sECWINNTAUTHIDENTITYEX; if (str3 == null) { num1 = 0; } else { num1 = str3.Length; } sECWINNTAUTHIDENTITYEX3.passwordLength = num1; } BindMethod bindMethod = BindMethod.LDAP_AUTH_NEGOTIATE; AuthType authType = this.AuthType; switch (authType) { case AuthType.Negotiate: { bindMethod = BindMethod.LDAP_AUTH_NEGOTIATE; break; } case AuthType.Ntlm: { bindMethod = BindMethod.LDAP_AUTH_NTLM; break; } case AuthType.Digest: { bindMethod = BindMethod.LDAP_AUTH_DIGEST; break; } case AuthType.Sicily: { bindMethod = BindMethod.LDAP_AUTH_SICILY; break; } case AuthType.Dpa: { bindMethod = BindMethod.LDAP_AUTH_DPA; break; } case AuthType.Msn: { bindMethod = BindMethod.LDAP_AUTH_MSN; break; } case AuthType.External: { bindMethod = BindMethod.LDAP_AUTH_EXTERNAL; break; } case AuthType.Kerberos: { bindMethod = BindMethod.LDAP_AUTH_NEGOTIATE; break; } } if (networkCredential != null || this.AuthType != AuthType.External) { num = Wldap32.ldap_bind_s(this.ldapHandle, null, sECWINNTAUTHIDENTITYEX, bindMethod); } else { num = Wldap32.ldap_bind_s(this.ldapHandle, null, null, bindMethod); } } else { StringBuilder stringBuilder = new StringBuilder(100); if (str2 != null && str2.Length != 0) { stringBuilder.Append(str2); stringBuilder.Append("\\"); } stringBuilder.Append(str1); num = Wldap32.ldap_simple_bind_s(this.ldapHandle, stringBuilder.ToString(), str3); } } else { num = Wldap32.ldap_simple_bind_s(this.ldapHandle, null, null); } if (num == 0) { this.bounded = true; this.needRebind = false; return; } else { if (!Utility.IsResultCode((ResultCode)num)) { if (!Utility.IsLdapError((LdapError)num)) { throw new LdapException(num); } else { str = LdapErrorMappings.MapResultCode(num); string serverErrorMessage = this.options.ServerErrorMessage; if (serverErrorMessage == null || serverErrorMessage.Length <= 0) { throw new LdapException(num, str); } else { throw new LdapException(num, str, serverErrorMessage); } } } else { str = OperationErrorMappings.MapResultCode(num); throw new DirectoryOperationException(null, str); } } } else { throw new InvalidOperationException(Res.GetString("InvalidAuthCredential")); } } else { throw new ObjectDisposedException(base.GetType().Name); } }
public static extern int ldap_bind_s([In]ConnectionHandle ldapHandle, string dn, SEC_WINNT_AUTH_IDENTITY_EX credentials, BindMethod method);
private bool ProcessNotifyConnection(IntPtr PrimaryConnection, IntPtr ReferralFromConnection, IntPtr NewDNPtr, string HostName, IntPtr NewConnection, int PortNumber, SEC_WINNT_AUTH_IDENTITY_EX SecAuthIdentity, Luid CurrentUser, int ErrorCodeFromBind) { WeakReference item; string stringUni = null; if (!(NewConnection != (IntPtr)0) || this.callbackRoutine.NotifyNewConnection == null) { return(false); } else { if (NewDNPtr != (IntPtr)0) { stringUni = Marshal.PtrToStringUni(NewDNPtr); } StringBuilder stringBuilder = new StringBuilder(); stringBuilder.Append(HostName); stringBuilder.Append(":"); stringBuilder.Append(PortNumber); LdapDirectoryIdentifier ldapDirectoryIdentifier = new LdapDirectoryIdentifier(stringBuilder.ToString()); NetworkCredential networkCredential = this.ProcessSecAuthIdentity(SecAuthIdentity); LdapConnection ldapConnection = null; LdapConnection target = null; lock (LdapConnection.objectLock) { if (ReferralFromConnection != (IntPtr)0) { item = (WeakReference)LdapConnection.handleTable[(object)ReferralFromConnection]; if (item == null || !item.IsAlive) { if (item != null) { LdapConnection.handleTable.Remove(ReferralFromConnection); } target = new LdapConnection((LdapDirectoryIdentifier)this.connection.Directory, this.connection.GetCredential(), this.connection.AuthType, ReferralFromConnection); LdapConnection.handleTable.Add(ReferralFromConnection, new WeakReference(target)); } else { target = (LdapConnection)item.Target; } } if (NewConnection != (IntPtr)0) { item = (WeakReference)LdapConnection.handleTable[(object)NewConnection]; if (item == null || !item.IsAlive) { if (item != null) { LdapConnection.handleTable.Remove(NewConnection); } ldapConnection = new LdapConnection(ldapDirectoryIdentifier, networkCredential, this.connection.AuthType, NewConnection); LdapConnection.handleTable.Add(NewConnection, new WeakReference(ldapConnection)); } else { ldapConnection = (LdapConnection)item.Target; } } } long lowPart = (long)CurrentUser.LowPart + ((long)CurrentUser.HighPart << 32); bool errorCodeFromBind = this.callbackRoutine.NotifyNewConnection(this.connection, target, stringUni, ldapDirectoryIdentifier, ldapConnection, networkCredential, lowPart, ErrorCodeFromBind); if (errorCodeFromBind) { ldapConnection.needDispose = true; } return(errorCodeFromBind); } }
private bool ProcessNotifyConnection(IntPtr PrimaryConnection, IntPtr ReferralFromConnection, IntPtr NewDNPtr, string HostName, IntPtr NewConnection, int PortNumber, SEC_WINNT_AUTH_IDENTITY_EX SecAuthIdentity, Luid CurrentUser, int ErrorCodeFromBind) { string newDistinguishedName = null; if (!(NewConnection != IntPtr.Zero) || (this.callbackRoutine.NotifyNewConnection == null)) { return(false); } if (NewDNPtr != IntPtr.Zero) { newDistinguishedName = Marshal.PtrToStringUni(NewDNPtr); } StringBuilder builder = new StringBuilder(); builder.Append(HostName); builder.Append(":"); builder.Append(PortNumber); LdapDirectoryIdentifier identifier = new LdapDirectoryIdentifier(builder.ToString()); NetworkCredential credential = this.ProcessSecAuthIdentity(SecAuthIdentity); LdapConnection target = null; LdapConnection connection2 = null; WeakReference reference = null; lock (LdapConnection.objectLock) { if (ReferralFromConnection != IntPtr.Zero) { reference = (WeakReference)LdapConnection.handleTable[ReferralFromConnection]; if ((reference != null) && reference.IsAlive) { connection2 = (LdapConnection)reference.Target; } else { if (reference != null) { LdapConnection.handleTable.Remove(ReferralFromConnection); } connection2 = new LdapConnection((LdapDirectoryIdentifier)this.connection.Directory, this.connection.GetCredential(), this.connection.AuthType, ReferralFromConnection); LdapConnection.handleTable.Add(ReferralFromConnection, new WeakReference(connection2)); } } if (NewConnection != IntPtr.Zero) { reference = (WeakReference)LdapConnection.handleTable[NewConnection]; if ((reference != null) && reference.IsAlive) { target = (LdapConnection)reference.Target; } else { if (reference != null) { LdapConnection.handleTable.Remove(NewConnection); } target = new LdapConnection(identifier, credential, this.connection.AuthType, NewConnection); LdapConnection.handleTable.Add(NewConnection, new WeakReference(target)); } } } long currentUserToken = ((long)((ulong)CurrentUser.LowPart)) + (CurrentUser.HighPart << 0x20); bool flag = this.callbackRoutine.NotifyNewConnection(this.connection, connection2, newDistinguishedName, identifier, target, credential, currentUserToken, ErrorCodeFromBind); if (flag) { target.needDispose = true; } return(flag); }
private int ProcessQueryConnection(IntPtr PrimaryConnection, IntPtr ReferralFromConnection, IntPtr NewDNPtr, string HostName, int PortNumber, SEC_WINNT_AUTH_IDENTITY_EX SecAuthIdentity, Luid CurrentUserToken, ref ConnectionHandle ConnectionToUse) { ConnectionToUse = null; string stringUni = null; if (this.callbackRoutine.QueryForConnection == null) { return 1; } else { if (NewDNPtr != (IntPtr)0) { stringUni = Marshal.PtrToStringUni(NewDNPtr); } StringBuilder stringBuilder = new StringBuilder(); stringBuilder.Append(HostName); stringBuilder.Append(":"); stringBuilder.Append(PortNumber); LdapDirectoryIdentifier ldapDirectoryIdentifier = new LdapDirectoryIdentifier(stringBuilder.ToString()); NetworkCredential networkCredential = this.ProcessSecAuthIdentity(SecAuthIdentity); LdapConnection ldapConnection = null; if (ReferralFromConnection != (IntPtr)0) { lock (LdapConnection.objectLock) { WeakReference item = (WeakReference)LdapConnection.handleTable[(object)ReferralFromConnection]; if (item == null || !item.IsAlive) { if (item != null) { LdapConnection.handleTable.Remove(ReferralFromConnection); } ldapConnection = new LdapConnection((LdapDirectoryIdentifier)this.connection.Directory, this.connection.GetCredential(), this.connection.AuthType, ReferralFromConnection); LdapConnection.handleTable.Add(ReferralFromConnection, new WeakReference(ldapConnection)); } else { ldapConnection = (LdapConnection)item.Target; } } } long lowPart = (long)CurrentUserToken.LowPart + ((long)CurrentUserToken.HighPart << 32); LdapConnection queryForConnection = this.callbackRoutine.QueryForConnection(this.connection, ldapConnection, stringUni, ldapDirectoryIdentifier, networkCredential, lowPart); if (queryForConnection != null) { ConnectionToUse = queryForConnection.ldapHandle; } return 0; } }
private bool ProcessNotifyConnection(IntPtr PrimaryConnection, IntPtr ReferralFromConnection, IntPtr NewDNPtr, string HostName, IntPtr NewConnection, int PortNumber, SEC_WINNT_AUTH_IDENTITY_EX SecAuthIdentity, Luid CurrentUser, int ErrorCodeFromBind) { WeakReference item; string stringUni = null; if (!(NewConnection != (IntPtr)0) || this.callbackRoutine.NotifyNewConnection == null) { return false; } else { if (NewDNPtr != (IntPtr)0) { stringUni = Marshal.PtrToStringUni(NewDNPtr); } StringBuilder stringBuilder = new StringBuilder(); stringBuilder.Append(HostName); stringBuilder.Append(":"); stringBuilder.Append(PortNumber); LdapDirectoryIdentifier ldapDirectoryIdentifier = new LdapDirectoryIdentifier(stringBuilder.ToString()); NetworkCredential networkCredential = this.ProcessSecAuthIdentity(SecAuthIdentity); LdapConnection ldapConnection = null; LdapConnection target = null; lock (LdapConnection.objectLock) { if (ReferralFromConnection != (IntPtr)0) { item = (WeakReference)LdapConnection.handleTable[(object)ReferralFromConnection]; if (item == null || !item.IsAlive) { if (item != null) { LdapConnection.handleTable.Remove(ReferralFromConnection); } target = new LdapConnection((LdapDirectoryIdentifier)this.connection.Directory, this.connection.GetCredential(), this.connection.AuthType, ReferralFromConnection); LdapConnection.handleTable.Add(ReferralFromConnection, new WeakReference(target)); } else { target = (LdapConnection)item.Target; } } if (NewConnection != (IntPtr)0) { item = (WeakReference)LdapConnection.handleTable[(object)NewConnection]; if (item == null || !item.IsAlive) { if (item != null) { LdapConnection.handleTable.Remove(NewConnection); } ldapConnection = new LdapConnection(ldapDirectoryIdentifier, networkCredential, this.connection.AuthType, NewConnection); LdapConnection.handleTable.Add(NewConnection, new WeakReference(ldapConnection)); } else { ldapConnection = (LdapConnection)item.Target; } } } long lowPart = (long)CurrentUser.LowPart + ((long)CurrentUser.HighPart << 32); bool errorCodeFromBind = this.callbackRoutine.NotifyNewConnection(this.connection, target, stringUni, ldapDirectoryIdentifier, ldapConnection, networkCredential, lowPart, ErrorCodeFromBind); if (errorCodeFromBind) { ldapConnection.needDispose = true; } return errorCodeFromBind; } }
private int ProcessQueryConnection(IntPtr PrimaryConnection, IntPtr ReferralFromConnection, IntPtr NewDNPtr, string HostName, int PortNumber, SEC_WINNT_AUTH_IDENTITY_EX SecAuthIdentity, Luid CurrentUserToken, ref ConnectionHandle ConnectionToUse) { ConnectionToUse = null; string stringUni = null; if (this.callbackRoutine.QueryForConnection == null) { return(1); } else { if (NewDNPtr != (IntPtr)0) { stringUni = Marshal.PtrToStringUni(NewDNPtr); } StringBuilder stringBuilder = new StringBuilder(); stringBuilder.Append(HostName); stringBuilder.Append(":"); stringBuilder.Append(PortNumber); LdapDirectoryIdentifier ldapDirectoryIdentifier = new LdapDirectoryIdentifier(stringBuilder.ToString()); NetworkCredential networkCredential = this.ProcessSecAuthIdentity(SecAuthIdentity); LdapConnection ldapConnection = null; if (ReferralFromConnection != (IntPtr)0) { lock (LdapConnection.objectLock) { WeakReference item = (WeakReference)LdapConnection.handleTable[(object)ReferralFromConnection]; if (item == null || !item.IsAlive) { if (item != null) { LdapConnection.handleTable.Remove(ReferralFromConnection); } ldapConnection = new LdapConnection((LdapDirectoryIdentifier)this.connection.Directory, this.connection.GetCredential(), this.connection.AuthType, ReferralFromConnection); LdapConnection.handleTable.Add(ReferralFromConnection, new WeakReference(ldapConnection)); } else { ldapConnection = (LdapConnection)item.Target; } } } long lowPart = (long)CurrentUserToken.LowPart + ((long)CurrentUserToken.HighPart << 32); LdapConnection queryForConnection = this.callbackRoutine.QueryForConnection(this.connection, ldapConnection, stringUni, ldapDirectoryIdentifier, networkCredential, lowPart); if (queryForConnection != null) { ConnectionToUse = queryForConnection.ldapHandle; } return(0); } }
private int ProcessQueryConnection(IntPtr PrimaryConnection, IntPtr ReferralFromConnection, IntPtr NewDNPtr, string HostName, int PortNumber, SEC_WINNT_AUTH_IDENTITY_EX SecAuthIdentity, Luid CurrentUserToken, ref IntPtr ConnectionToUse) { ConnectionToUse = IntPtr.Zero; string newDistinguishedName = null; if (this.callbackRoutine.QueryForConnection == null) { return(1); } if (NewDNPtr != IntPtr.Zero) { newDistinguishedName = Marshal.PtrToStringUni(NewDNPtr); } StringBuilder builder = new StringBuilder(); builder.Append(HostName); builder.Append(":"); builder.Append(PortNumber); LdapDirectoryIdentifier identifier = new LdapDirectoryIdentifier(builder.ToString()); NetworkCredential credential = this.ProcessSecAuthIdentity(SecAuthIdentity); LdapConnection target = null; WeakReference reference = null; if (ReferralFromConnection != IntPtr.Zero) { lock (LdapConnection.objectLock) { reference = (WeakReference)LdapConnection.handleTable[ReferralFromConnection]; if ((reference != null) && reference.IsAlive) { target = (LdapConnection)reference.Target; } else { if (reference != null) { LdapConnection.handleTable.Remove(ReferralFromConnection); } target = new LdapConnection((LdapDirectoryIdentifier)this.connection.Directory, this.connection.GetCredential(), this.connection.AuthType, ReferralFromConnection); LdapConnection.handleTable.Add(ReferralFromConnection, new WeakReference(target)); } } } long currentUserToken = ((long)((ulong)CurrentUserToken.LowPart)) + (CurrentUserToken.HighPart << 0x20); LdapConnection connection2 = this.callbackRoutine.QueryForConnection(this.connection, target, newDistinguishedName, identifier, credential, currentUserToken); if (connection2 != null) { ConnectionToUse = connection2.ldapHandle; } return(0); }
private int InternalBind(NetworkCredential tempCredential, SEC_WINNT_AUTH_IDENTITY_EX cred, BindMethod method) => tempCredential == null && AuthType == AuthType.External ? Interop.Ldap.ldap_bind_s(_ldapHandle, null, null, method) : Interop.Ldap.ldap_bind_s(_ldapHandle, null, cred, method);
public static extern int ldap_bind_s([In] ConnectionHandle ldapHandle, string dn, SEC_WINNT_AUTH_IDENTITY_EX credentials, BindMethod method);
private int ProcessQueryConnection(IntPtr PrimaryConnection, IntPtr ReferralFromConnection, IntPtr NewDNPtr, string HostName, int PortNumber, SEC_WINNT_AUTH_IDENTITY_EX SecAuthIdentity, Luid CurrentUserToken, ref IntPtr ConnectionToUse) { ConnectionToUse = IntPtr.Zero; string NewDN = null; // user must have registered callback function Debug.Assert(_callbackRoutine.QueryForConnection != null); // user registers the QUERYFORCONNECTION callback if (_callbackRoutine.QueryForConnection != null) { if (NewDNPtr != (IntPtr)0) NewDN = Marshal.PtrToStringUni(NewDNPtr); StringBuilder target = new StringBuilder(); target.Append(HostName); target.Append(":"); target.Append(PortNumber); LdapDirectoryIdentifier identifier = new LdapDirectoryIdentifier(target.ToString()); NetworkCredential cred = ProcessSecAuthIdentity(SecAuthIdentity); LdapConnection tempReferralConnection = null; WeakReference reference = null; // if referrafromconnection handle is valid if (ReferralFromConnection != (IntPtr)0) { lock (LdapConnection.objectLock) { //make sure first whether we have saved it in the handle table before reference = (WeakReference)(LdapConnection.handleTable[ReferralFromConnection]); if (reference != null && reference.IsAlive) { // save this before and object has not been garbage collected yet. tempReferralConnection = (LdapConnection)reference.Target; } else { if (reference != null) { // connection has been garbage collected, we need to remove this one LdapConnection.handleTable.Remove(ReferralFromConnection); } // we don't have it yet, construct a new one tempReferralConnection = new LdapConnection(((LdapDirectoryIdentifier)(_connection.Directory)), _connection.GetCredential(), _connection.AuthType, ReferralFromConnection); // save it to the handle table LdapConnection.handleTable.Add(ReferralFromConnection, new WeakReference(tempReferralConnection)); } } } long tokenValue = (long)((uint)CurrentUserToken.LowPart + (((long)CurrentUserToken.HighPart) << 32)); LdapConnection con = _callbackRoutine.QueryForConnection(_connection, tempReferralConnection, NewDN, identifier, cred, tokenValue); if (null != con && null != con.ldapHandle && !con.ldapHandle.IsInvalid) { bool success = AddLdapHandleRef(con); if (success) { ConnectionToUse = con.ldapHandle.DangerousGetHandle(); } } return 0; } else { // user does not take ownership of the connection return 1; } }
private void BindHelper(NetworkCredential newCredential, bool needSetCredential) { int error = 0; string errorMessage; string username; string domainname; string password; NetworkCredential tempCredential = null; // if already disposed, we need to throw exception if (this.disposed) throw new ObjectDisposedException(GetType().Name); // if user wants to do anonymous bind, but specifies credential, error out if (AuthType == AuthType.Anonymous && (newCredential != null && ((newCredential.Password != null && newCredential.Password.Length != 0) || (newCredential.UserName != null && newCredential.UserName.Length != 0)))) throw new InvalidOperationException(Res.GetString(Res.InvalidAuthCredential)); // set the credential if (needSetCredential) directoryCredential = tempCredential = (newCredential != null ? new NetworkCredential(newCredential.UserName, newCredential.Password, newCredential.Domain) : null); else tempCredential = directoryCredential; // connect to the server first if (!_connected) { Connect(); _connected = true; } // bind to the server if (tempCredential != null && tempCredential.UserName.Length == 0 && tempCredential.Password.Length == 0 && tempCredential.Domain.Length == 0) { // default credential username = null; domainname = null; password = null; } else { username = (tempCredential == null) ? null : tempCredential.UserName; domainname = (tempCredential == null) ? null : tempCredential.Domain; password = (tempCredential == null) ? null : tempCredential.Password; } if (AuthType == AuthType.Anonymous) error = Wldap32.ldap_simple_bind_s(ldapHandle, null, null); else if (AuthType == AuthType.Basic) { StringBuilder tempdn = new StringBuilder(100); if (domainname != null && domainname.Length != 0) { tempdn.Append(domainname); tempdn.Append("\\"); } tempdn.Append(username); error = Wldap32.ldap_simple_bind_s(ldapHandle, tempdn.ToString(), password); } else { SEC_WINNT_AUTH_IDENTITY_EX cred = new SEC_WINNT_AUTH_IDENTITY_EX(); cred.version = Wldap32.SEC_WINNT_AUTH_IDENTITY_VERSION; cred.length = Marshal.SizeOf(typeof(SEC_WINNT_AUTH_IDENTITY_EX)); cred.flags = Wldap32.SEC_WINNT_AUTH_IDENTITY_UNICODE; if (AuthType == AuthType.Kerberos) { cred.packageList = Wldap32.MICROSOFT_KERBEROS_NAME_W; cred.packageListLength = cred.packageList.Length; } if (tempCredential != null) { cred.user = username; cred.userLength = (username == null ? 0 : username.Length); cred.domain = domainname; cred.domainLength = (domainname == null ? 0 : domainname.Length); cred.password = password; cred.passwordLength = (password == null ? 0 : password.Length); } BindMethod method = BindMethod.LDAP_AUTH_NEGOTIATE; switch (AuthType) { case AuthType.Negotiate: method = BindMethod.LDAP_AUTH_NEGOTIATE; break; case AuthType.Kerberos: method = BindMethod.LDAP_AUTH_NEGOTIATE; break; case AuthType.Ntlm: method = BindMethod.LDAP_AUTH_NTLM; break; case AuthType.Digest: method = BindMethod.LDAP_AUTH_DIGEST; break; case AuthType.Sicily: method = BindMethod.LDAP_AUTH_SICILY; break; case AuthType.Dpa: method = BindMethod.LDAP_AUTH_DPA; break; case AuthType.Msn: method = BindMethod.LDAP_AUTH_MSN; break; case AuthType.External: method = BindMethod.LDAP_AUTH_EXTERNAL; break; } if ((tempCredential == null) && (AuthType == AuthType.External)) { error = Wldap32.ldap_bind_s(ldapHandle, null, null, method); } else { error = Wldap32.ldap_bind_s(ldapHandle, null, cred, method); } } // failed, throw exception if (error != (int)ResultCode.Success) { if (Utility.IsResultCode((ResultCode)error)) { errorMessage = OperationErrorMappings.MapResultCode(error); throw new DirectoryOperationException(null, errorMessage); } else if (Utility.IsLdapError((LdapError)error)) { errorMessage = LdapErrorMappings.MapResultCode(error); string serverErrorMessage = _options.ServerErrorMessage; if ((serverErrorMessage != null) && (serverErrorMessage.Length > 0)) { throw new LdapException(error, errorMessage, serverErrorMessage); } else { throw new LdapException(error, errorMessage); } } else throw new LdapException(error); } // we successfully bind to the server _bounded = true; // rebind has been done _needRebind = false; }
private bool ProcessNotifyConnection(IntPtr PrimaryConnection, IntPtr ReferralFromConnection, IntPtr NewDNPtr, string HostName, IntPtr NewConnection, int PortNumber, SEC_WINNT_AUTH_IDENTITY_EX SecAuthIdentity, Luid CurrentUser, int ErrorCodeFromBind) { string NewDN = null; if (NewConnection != (IntPtr)0 && _callbackRoutine.NotifyNewConnection != null) { if (NewDNPtr != (IntPtr)0) NewDN = Marshal.PtrToStringUni(NewDNPtr); StringBuilder target = new StringBuilder(); target.Append(HostName); target.Append(":"); target.Append(PortNumber); LdapDirectoryIdentifier identifier = new LdapDirectoryIdentifier(target.ToString()); NetworkCredential cred = ProcessSecAuthIdentity(SecAuthIdentity); LdapConnection tempNewConnection = null; LdapConnection tempReferralConnection = null; WeakReference reference = null; lock (LdapConnection.objectLock) { // if referrafromconnection handle is valid if (ReferralFromConnection != (IntPtr)0) { //check whether we have save it in the handle table before reference = (WeakReference)(LdapConnection.handleTable[ReferralFromConnection]); if (reference != null && reference.IsAlive && null != ((LdapConnection)reference.Target).ldapHandle) { // save this before and object has not been garbage collected yet. tempReferralConnection = (LdapConnection)reference.Target; } else { // connection has been garbage collected, we need to remove this one if (reference != null) LdapConnection.handleTable.Remove(ReferralFromConnection); // we don't have it yet, construct a new one tempReferralConnection = new LdapConnection(((LdapDirectoryIdentifier)(_connection.Directory)), _connection.GetCredential(), _connection.AuthType, ReferralFromConnection); // save it to the handle table LdapConnection.handleTable.Add(ReferralFromConnection, new WeakReference(tempReferralConnection)); } } if (NewConnection != (IntPtr)0) { //check whether we have save it in the handle table before reference = (WeakReference)(LdapConnection.handleTable[NewConnection]); if (reference != null && reference.IsAlive && null != ((LdapConnection)reference.Target).ldapHandle) { // save this before and object has not been garbage collected yet. tempNewConnection = (LdapConnection)reference.Target; } else { // connection has been garbage collected, we need to remove this one if (reference != null) LdapConnection.handleTable.Remove(NewConnection); // we don't have it yet, construct a new one tempNewConnection = new LdapConnection(identifier, cred, _connection.AuthType, NewConnection); // save it to the handle table LdapConnection.handleTable.Add(NewConnection, new WeakReference(tempNewConnection)); } } } long tokenValue = (long)((uint)CurrentUser.LowPart + (((long)CurrentUser.HighPart) << 32)); bool value = _callbackRoutine.NotifyNewConnection(_connection, tempReferralConnection, NewDN, identifier, tempNewConnection, cred, tokenValue, ErrorCodeFromBind); if (value) { value = AddLdapHandleRef(tempNewConnection); if (value) { tempNewConnection.NeedDispose = true; } } return value; } else { return false; } }
private NetworkCredential ProcessSecAuthIdentity(SEC_WINNT_AUTH_IDENTITY_EX SecAuthIdentit) { if (SecAuthIdentit == null) return new NetworkCredential(); else { string user = SecAuthIdentit.user; string domain = SecAuthIdentit.domain; string password = SecAuthIdentit.password; return new NetworkCredential(user, password, domain); } }
private bool ProcessNotifyConnection(IntPtr PrimaryConnection, IntPtr ReferralFromConnection, IntPtr NewDNPtr, string HostName, IntPtr NewConnection, int PortNumber, SEC_WINNT_AUTH_IDENTITY_EX SecAuthIdentity, Luid CurrentUser, int ErrorCodeFromBind) { string newDistinguishedName = null; if (!(NewConnection != IntPtr.Zero) || (this.callbackRoutine.NotifyNewConnection == null)) { return false; } if (NewDNPtr != IntPtr.Zero) { newDistinguishedName = Marshal.PtrToStringUni(NewDNPtr); } StringBuilder builder = new StringBuilder(); builder.Append(HostName); builder.Append(":"); builder.Append(PortNumber); LdapDirectoryIdentifier identifier = new LdapDirectoryIdentifier(builder.ToString()); NetworkCredential credential = this.ProcessSecAuthIdentity(SecAuthIdentity); LdapConnection target = null; LdapConnection connection2 = null; WeakReference reference = null; lock (LdapConnection.objectLock) { if (ReferralFromConnection != IntPtr.Zero) { reference = (WeakReference) LdapConnection.handleTable[ReferralFromConnection]; if ((reference != null) && reference.IsAlive) { connection2 = (LdapConnection) reference.Target; } else { if (reference != null) { LdapConnection.handleTable.Remove(ReferralFromConnection); } connection2 = new LdapConnection((LdapDirectoryIdentifier) this.connection.Directory, this.connection.GetCredential(), this.connection.AuthType, ReferralFromConnection); LdapConnection.handleTable.Add(ReferralFromConnection, new WeakReference(connection2)); } } if (NewConnection != IntPtr.Zero) { reference = (WeakReference) LdapConnection.handleTable[NewConnection]; if ((reference != null) && reference.IsAlive) { target = (LdapConnection) reference.Target; } else { if (reference != null) { LdapConnection.handleTable.Remove(NewConnection); } target = new LdapConnection(identifier, credential, this.connection.AuthType, NewConnection); LdapConnection.handleTable.Add(NewConnection, new WeakReference(target)); } } } long currentUserToken = ((long) ((ulong) CurrentUser.LowPart)) + (CurrentUser.HighPart << 0x20); bool flag = this.callbackRoutine.NotifyNewConnection(this.connection, connection2, newDistinguishedName, identifier, target, credential, currentUserToken, ErrorCodeFromBind); if (flag) { target.needDispose = true; } return flag; }