Mercurial > dovecot > original-hg > dovecot-1.2
annotate src/auth/db-ldap.c @ 1897:1e6ed8045f2b HEAD
Changed hash_foreach() to iterator.
| author | Timo Sirainen <tss@iki.fi> |
|---|---|
| date | Wed, 03 Dec 2003 02:40:21 +0200 |
| parents | 044fdf70f11a |
| children | b9005f93be70 |
| rev | line source |
|---|---|
|
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
1 /* Copyright (C) 2003 Timo Sirainen */ |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
2 |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
3 #include "config.h" |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
4 #undef HAVE_CONFIG_H |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
5 |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
6 #if defined(PASSDB_LDAP) || defined(USERDB_LDAP) |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
7 |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
8 #include "common.h" |
|
1075
f1401fa7ab03
auth process fixes, LDAP seems to be working (with the kludge define or
Timo Sirainen <tss@iki.fi>
parents:
1062
diff
changeset
|
9 #include "network.h" |
|
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
10 #include "ioloop.h" |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
11 #include "hash.h" |
|
1189
2cb8e2136283
Escape special chars in username if needed.
Timo Sirainen <tss@iki.fi>
parents:
1182
diff
changeset
|
12 #include "str.h" |
|
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
13 #include "settings.h" |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
14 #include "db-ldap.h" |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
15 |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
16 #include <stddef.h> |
|
1610
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1330
diff
changeset
|
17 #include <stdlib.h> |
|
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
18 |
|
1181
ac7dbb236b59
Rather than block for two seconds, we can just call ldap_result() again if
Timo Sirainen <tss@iki.fi>
parents:
1143
diff
changeset
|
19 /* Older versions may require calling ldap_result() twice */ |
|
ac7dbb236b59
Rather than block for two seconds, we can just call ldap_result() again if
Timo Sirainen <tss@iki.fi>
parents:
1143
diff
changeset
|
20 #if LDAP_VENDOR_VERSION <= 20112 |
|
1086
067130d609b7
Define OPENLDAP_ASYNC_WORKAROUND
Timo Sirainen <tss@iki.fi>
parents:
1075
diff
changeset
|
21 # define OPENLDAP_ASYNC_WORKAROUND |
|
067130d609b7
Define OPENLDAP_ASYNC_WORKAROUND
Timo Sirainen <tss@iki.fi>
parents:
1075
diff
changeset
|
22 #endif |
|
067130d609b7
Define OPENLDAP_ASYNC_WORKAROUND
Timo Sirainen <tss@iki.fi>
parents:
1075
diff
changeset
|
23 |
|
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
24 #define DEF(type, name) \ |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
25 { type, #name, offsetof(struct ldap_settings, name) } |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
26 |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
27 static struct setting_def setting_defs[] = { |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
28 DEF(SET_STR, hosts), |
|
1075
f1401fa7ab03
auth process fixes, LDAP seems to be working (with the kludge define or
Timo Sirainen <tss@iki.fi>
parents:
1062
diff
changeset
|
29 DEF(SET_STR, dn), |
|
f1401fa7ab03
auth process fixes, LDAP seems to be working (with the kludge define or
Timo Sirainen <tss@iki.fi>
parents:
1062
diff
changeset
|
30 DEF(SET_STR, dnpass), |
|
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
31 DEF(SET_STR, deref), |
|
1135
81930fff13cf
passdb ldap added. fixes to userdb ldap.
Timo Sirainen <tss@iki.fi>
parents:
1086
diff
changeset
|
32 DEF(SET_STR, scope), |
|
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
33 DEF(SET_STR, base), |
| 1282 | 34 DEF(SET_INT, ldap_version), |
|
1136
ad6343bd4479
Separate user and pass attrs/filters in config file
Timo Sirainen <tss@iki.fi>
parents:
1135
diff
changeset
|
35 DEF(SET_STR, user_attrs), |
|
ad6343bd4479
Separate user and pass attrs/filters in config file
Timo Sirainen <tss@iki.fi>
parents:
1135
diff
changeset
|
36 DEF(SET_STR, user_filter), |
|
ad6343bd4479
Separate user and pass attrs/filters in config file
Timo Sirainen <tss@iki.fi>
parents:
1135
diff
changeset
|
37 DEF(SET_STR, pass_attrs), |
|
1141
873634a5b472
Added user_global_uid and user_global_gid LDAP settings.
Timo Sirainen <tss@iki.fi>
parents:
1136
diff
changeset
|
38 DEF(SET_STR, pass_filter), |
|
1191
65e48854491d
Added default_pass_scheme to LDAP. Support for more password schemes. Merged
Timo Sirainen <tss@iki.fi>
parents:
1189
diff
changeset
|
39 DEF(SET_STR, default_pass_scheme), |
|
1265
fd2ccb3d67e4
Setting user_global_uid or user_global_gid crashed.
Timo Sirainen <tss@iki.fi>
parents:
1210
diff
changeset
|
40 DEF(SET_INT, user_global_uid), |
|
fd2ccb3d67e4
Setting user_global_uid or user_global_gid crashed.
Timo Sirainen <tss@iki.fi>
parents:
1210
diff
changeset
|
41 DEF(SET_INT, user_global_gid) |
|
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
42 }; |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
43 |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
44 struct ldap_settings default_ldap_settings = { |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
45 MEMBER(hosts) "localhost", |
|
1075
f1401fa7ab03
auth process fixes, LDAP seems to be working (with the kludge define or
Timo Sirainen <tss@iki.fi>
parents:
1062
diff
changeset
|
46 MEMBER(dn) NULL, |
|
f1401fa7ab03
auth process fixes, LDAP seems to be working (with the kludge define or
Timo Sirainen <tss@iki.fi>
parents:
1062
diff
changeset
|
47 MEMBER(dnpass) NULL, |
|
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
48 MEMBER(deref) "never", |
|
1135
81930fff13cf
passdb ldap added. fixes to userdb ldap.
Timo Sirainen <tss@iki.fi>
parents:
1086
diff
changeset
|
49 MEMBER(scope) "subtree", |
|
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
50 MEMBER(base) NULL, |
| 1282 | 51 MEMBER(ldap_version) 2, |
|
1136
ad6343bd4479
Separate user and pass attrs/filters in config file
Timo Sirainen <tss@iki.fi>
parents:
1135
diff
changeset
|
52 MEMBER(user_attrs) NULL, |
|
ad6343bd4479
Separate user and pass attrs/filters in config file
Timo Sirainen <tss@iki.fi>
parents:
1135
diff
changeset
|
53 MEMBER(user_filter) NULL, |
|
ad6343bd4479
Separate user and pass attrs/filters in config file
Timo Sirainen <tss@iki.fi>
parents:
1135
diff
changeset
|
54 MEMBER(pass_attrs) NULL, |
|
1141
873634a5b472
Added user_global_uid and user_global_gid LDAP settings.
Timo Sirainen <tss@iki.fi>
parents:
1136
diff
changeset
|
55 MEMBER(pass_filter) NULL, |
|
1191
65e48854491d
Added default_pass_scheme to LDAP. Support for more password schemes. Merged
Timo Sirainen <tss@iki.fi>
parents:
1189
diff
changeset
|
56 MEMBER(default_pass_scheme) "crypt", |
|
1709
044fdf70f11a
Give better error message if uid/gid not found from ldap and no default was
Timo Sirainen <tss@iki.fi>
parents:
1704
diff
changeset
|
57 MEMBER(user_global_uid) (uid_t)-1, |
|
044fdf70f11a
Give better error message if uid/gid not found from ldap and no default was
Timo Sirainen <tss@iki.fi>
parents:
1704
diff
changeset
|
58 MEMBER(user_global_gid) (gid_t)-1 |
|
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
59 }; |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
60 |
|
1143
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
61 static struct ldap_connection *ldap_connections = NULL; |
|
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
62 |
|
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
63 static int ldap_conn_open(struct ldap_connection *conn); |
| 1182 | 64 static void ldap_conn_close(struct ldap_connection *conn); |
|
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
65 |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
66 static int deref2str(const char *str) |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
67 { |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
68 if (strcasecmp(str, "never") == 0) |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
69 return LDAP_DEREF_NEVER; |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
70 if (strcasecmp(str, "searching") == 0) |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
71 return LDAP_DEREF_SEARCHING; |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
72 if (strcasecmp(str, "finding") == 0) |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
73 return LDAP_DEREF_FINDING; |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
74 if (strcasecmp(str, "always") == 0) |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
75 return LDAP_DEREF_ALWAYS; |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
76 |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
77 i_fatal("LDAP: Unknown deref option '%s'", str); |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
78 } |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
79 |
|
1135
81930fff13cf
passdb ldap added. fixes to userdb ldap.
Timo Sirainen <tss@iki.fi>
parents:
1086
diff
changeset
|
80 static int scope2str(const char *str) |
|
81930fff13cf
passdb ldap added. fixes to userdb ldap.
Timo Sirainen <tss@iki.fi>
parents:
1086
diff
changeset
|
81 { |
|
81930fff13cf
passdb ldap added. fixes to userdb ldap.
Timo Sirainen <tss@iki.fi>
parents:
1086
diff
changeset
|
82 if (strcasecmp(str, "base") == 0) |
|
81930fff13cf
passdb ldap added. fixes to userdb ldap.
Timo Sirainen <tss@iki.fi>
parents:
1086
diff
changeset
|
83 return LDAP_SCOPE_BASE; |
|
81930fff13cf
passdb ldap added. fixes to userdb ldap.
Timo Sirainen <tss@iki.fi>
parents:
1086
diff
changeset
|
84 if (strcasecmp(str, "onelevel") == 0) |
|
81930fff13cf
passdb ldap added. fixes to userdb ldap.
Timo Sirainen <tss@iki.fi>
parents:
1086
diff
changeset
|
85 return LDAP_SCOPE_ONELEVEL; |
|
81930fff13cf
passdb ldap added. fixes to userdb ldap.
Timo Sirainen <tss@iki.fi>
parents:
1086
diff
changeset
|
86 if (strcasecmp(str, "subtree") == 0) |
|
81930fff13cf
passdb ldap added. fixes to userdb ldap.
Timo Sirainen <tss@iki.fi>
parents:
1086
diff
changeset
|
87 return LDAP_SCOPE_SUBTREE; |
|
81930fff13cf
passdb ldap added. fixes to userdb ldap.
Timo Sirainen <tss@iki.fi>
parents:
1086
diff
changeset
|
88 |
|
81930fff13cf
passdb ldap added. fixes to userdb ldap.
Timo Sirainen <tss@iki.fi>
parents:
1086
diff
changeset
|
89 i_fatal("LDAP: Unknown scope option '%s'", str); |
|
81930fff13cf
passdb ldap added. fixes to userdb ldap.
Timo Sirainen <tss@iki.fi>
parents:
1086
diff
changeset
|
90 } |
|
81930fff13cf
passdb ldap added. fixes to userdb ldap.
Timo Sirainen <tss@iki.fi>
parents:
1086
diff
changeset
|
91 |
| 1210 | 92 const char *ldap_get_error(struct ldap_connection *conn) |
|
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
93 { |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
94 int ret, err; |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
95 |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
96 ret = ldap_get_option(conn->ld, LDAP_OPT_ERROR_NUMBER, (void *) &err); |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
97 if (ret != LDAP_SUCCESS) { |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
98 i_error("LDAP: Can't get error number: %s", |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
99 ldap_err2string(ret)); |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
100 return "??"; |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
101 } |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
102 |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
103 return ldap_err2string(err); |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
104 } |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
105 |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
106 void db_ldap_search(struct ldap_connection *conn, const char *base, int scope, |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
107 const char *filter, char **attributes, |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
108 struct ldap_request *request) |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
109 { |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
110 int msgid; |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
111 |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
112 if (!conn->connected) { |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
113 if (!ldap_conn_open(conn)) { |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
114 request->callback(conn, request, NULL); |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
115 return; |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
116 } |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
117 } |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
118 |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
119 msgid = ldap_search(conn->ld, base, scope, filter, attributes, 0); |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
120 if (msgid == -1) { |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
121 i_error("LDAP: ldap_search() failed (filter %s): %s", |
| 1210 | 122 filter, ldap_get_error(conn)); |
|
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
123 request->callback(conn, request, NULL); |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
124 return; |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
125 } |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
126 |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
127 hash_insert(conn->requests, POINTER_CAST(msgid), request); |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
128 } |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
129 |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
130 static void ldap_input(void *context) |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
131 { |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
132 struct ldap_connection *conn = context; |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
133 struct ldap_request *request; |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
134 struct timeval timeout; |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
135 LDAPMessage *res; |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
136 int ret, msgid; |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
137 |
| 1210 | 138 while (conn->ld != NULL) { |
|
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
139 memset(&timeout, 0, sizeof(timeout)); |
|
1181
ac7dbb236b59
Rather than block for two seconds, we can just call ldap_result() again if
Timo Sirainen <tss@iki.fi>
parents:
1143
diff
changeset
|
140 ret = ldap_result(conn->ld, LDAP_RES_ANY, 1, &timeout, &res); |
|
1075
f1401fa7ab03
auth process fixes, LDAP seems to be working (with the kludge define or
Timo Sirainen <tss@iki.fi>
parents:
1062
diff
changeset
|
141 #ifdef OPENLDAP_ASYNC_WORKAROUND |
|
1181
ac7dbb236b59
Rather than block for two seconds, we can just call ldap_result() again if
Timo Sirainen <tss@iki.fi>
parents:
1143
diff
changeset
|
142 if (ret == 0) { |
|
ac7dbb236b59
Rather than block for two seconds, we can just call ldap_result() again if
Timo Sirainen <tss@iki.fi>
parents:
1143
diff
changeset
|
143 /* try again, there may be another in buffer */ |
|
ac7dbb236b59
Rather than block for two seconds, we can just call ldap_result() again if
Timo Sirainen <tss@iki.fi>
parents:
1143
diff
changeset
|
144 ret = ldap_result(conn->ld, LDAP_RES_ANY, 1, |
|
ac7dbb236b59
Rather than block for two seconds, we can just call ldap_result() again if
Timo Sirainen <tss@iki.fi>
parents:
1143
diff
changeset
|
145 &timeout, &res); |
|
ac7dbb236b59
Rather than block for two seconds, we can just call ldap_result() again if
Timo Sirainen <tss@iki.fi>
parents:
1143
diff
changeset
|
146 } |
|
1075
f1401fa7ab03
auth process fixes, LDAP seems to be working (with the kludge define or
Timo Sirainen <tss@iki.fi>
parents:
1062
diff
changeset
|
147 #endif |
|
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
148 if (ret <= 0) { |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
149 if (ret < 0) { |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
150 i_error("LDAP: ldap_result() failed: %s", |
| 1210 | 151 ldap_get_error(conn)); |
| 1182 | 152 /* reconnect */ |
| 153 ldap_conn_close(conn); | |
|
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
154 } |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
155 return; |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
156 } |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
157 |
| 1210 | 158 msgid = ldap_msgid(res); |
| 159 request = hash_lookup(conn->requests, POINTER_CAST(msgid)); | |
| 160 if (request == NULL) { | |
| 161 i_error("LDAP: Reply with unknown msgid %d", | |
| 162 msgid); | |
|
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
163 } else { |
| 1210 | 164 hash_remove(conn->requests, POINTER_CAST(msgid)); |
| 165 request->callback(conn, request, res); | |
| 166 i_free(request); | |
|
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
167 } |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
168 |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
169 ldap_msgfree(res); |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
170 } |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
171 } |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
172 |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
173 static int ldap_conn_open(struct ldap_connection *conn) |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
174 { |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
175 int ret, fd; |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
176 |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
177 if (conn->connected) |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
178 return TRUE; |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
179 |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
180 if (conn->ld == NULL) { |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
181 conn->ld = ldap_init(conn->set.hosts, LDAP_PORT); |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
182 if (conn->ld == NULL) |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
183 i_fatal("LDAP: ldap_init() failed with hosts: %s", |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
184 conn->set.hosts); |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
185 |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
186 ret = ldap_set_option(conn->ld, LDAP_OPT_DEREF, |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
187 (void *) &conn->set.ldap_deref); |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
188 if (ret != LDAP_SUCCESS) { |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
189 i_fatal("LDAP: Can't set deref option: %s", |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
190 ldap_err2string(ret)); |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
191 } |
| 1282 | 192 |
| 193 ret = ldap_set_option(conn->ld, LDAP_OPT_PROTOCOL_VERSION, | |
| 194 (void *) &conn->set.ldap_version); | |
| 195 if (ret != LDAP_OPT_SUCCESS) { | |
| 196 i_fatal("LDAP: Can't set protocol version %u: %s", | |
| 197 conn->set.ldap_version, ldap_err2string(ret)); | |
| 198 } | |
|
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
199 } |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
200 |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
201 /* NOTE: we use blocking connect, we couldn't do anything anyway |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
202 until it's done. */ |
|
1075
f1401fa7ab03
auth process fixes, LDAP seems to be working (with the kludge define or
Timo Sirainen <tss@iki.fi>
parents:
1062
diff
changeset
|
203 ret = ldap_simple_bind_s(conn->ld, conn->set.dn, conn->set.dnpass); |
| 1210 | 204 if (ret == LDAP_SERVER_DOWN) { |
| 205 i_error("LDAP: Can't connect to server: %s", conn->set.hosts); | |
| 206 return FALSE; | |
| 207 } | |
|
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
208 if (ret != LDAP_SUCCESS) { |
| 1210 | 209 i_error("LDAP: ldap_simple_bind_s() failed (dn %s): %s", |
| 210 conn->set.dn == NULL ? "(none)" : conn->set.dn, | |
| 211 ldap_get_error(conn)); | |
|
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
212 return FALSE; |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
213 } |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
214 |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
215 conn->connected = TRUE; |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
216 |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
217 /* register LDAP input to ioloop */ |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
218 ret = ldap_get_option(conn->ld, LDAP_OPT_DESC, (void *) &fd); |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
219 if (ret != LDAP_SUCCESS) { |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
220 i_fatal("LDAP: Can't get connection fd: %s", |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
221 ldap_err2string(ret)); |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
222 } |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
223 |
|
1075
f1401fa7ab03
auth process fixes, LDAP seems to be working (with the kludge define or
Timo Sirainen <tss@iki.fi>
parents:
1062
diff
changeset
|
224 net_set_nonblock(fd, TRUE); |
|
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
225 conn->io = io_add(fd, IO_READ, ldap_input, conn); |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
226 return TRUE; |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
227 } |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
228 |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
229 static void ldap_conn_close(struct ldap_connection *conn) |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
230 { |
|
1897
1e6ed8045f2b
Changed hash_foreach() to iterator.
Timo Sirainen <tss@iki.fi>
parents:
1709
diff
changeset
|
231 struct hash_iterate_context *iter; |
|
1e6ed8045f2b
Changed hash_foreach() to iterator.
Timo Sirainen <tss@iki.fi>
parents:
1709
diff
changeset
|
232 void *key, *value; |
|
1e6ed8045f2b
Changed hash_foreach() to iterator.
Timo Sirainen <tss@iki.fi>
parents:
1709
diff
changeset
|
233 |
|
1e6ed8045f2b
Changed hash_foreach() to iterator.
Timo Sirainen <tss@iki.fi>
parents:
1709
diff
changeset
|
234 iter = hash_iterate_init(conn->requests); |
|
1e6ed8045f2b
Changed hash_foreach() to iterator.
Timo Sirainen <tss@iki.fi>
parents:
1709
diff
changeset
|
235 while (hash_iterate(iter, &key, &value)) { |
|
1e6ed8045f2b
Changed hash_foreach() to iterator.
Timo Sirainen <tss@iki.fi>
parents:
1709
diff
changeset
|
236 struct ldap_request *request = value; |
|
1e6ed8045f2b
Changed hash_foreach() to iterator.
Timo Sirainen <tss@iki.fi>
parents:
1709
diff
changeset
|
237 |
|
1e6ed8045f2b
Changed hash_foreach() to iterator.
Timo Sirainen <tss@iki.fi>
parents:
1709
diff
changeset
|
238 request->callback(conn, request, NULL); |
|
1e6ed8045f2b
Changed hash_foreach() to iterator.
Timo Sirainen <tss@iki.fi>
parents:
1709
diff
changeset
|
239 i_free(request); |
|
1e6ed8045f2b
Changed hash_foreach() to iterator.
Timo Sirainen <tss@iki.fi>
parents:
1709
diff
changeset
|
240 } |
|
1e6ed8045f2b
Changed hash_foreach() to iterator.
Timo Sirainen <tss@iki.fi>
parents:
1709
diff
changeset
|
241 hash_iterate_deinit(iter); |
| 1210 | 242 hash_clear(conn->requests, FALSE); |
| 243 | |
| 244 conn->connected = FALSE; | |
| 245 | |
| 246 if (conn->io != NULL) { | |
|
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
247 io_remove(conn->io); |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
248 conn->io = NULL; |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
249 } |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
250 |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
251 if (conn->ld != NULL) { |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
252 ldap_unbind(conn->ld); |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
253 conn->ld = NULL; |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
254 } |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
255 } |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
256 |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
257 void db_ldap_set_attrs(struct ldap_connection *conn, const char *value, |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
258 unsigned int **attrs, char ***attr_names) |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
259 { |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
260 const char *const *attr; |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
261 unsigned int i, dest, size; |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
262 |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
263 attr = t_strsplit(value, ","); |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
264 if (*attr == NULL || **attr == '\0') |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
265 i_fatal("Missing uid field in attrs"); |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
266 |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
267 for (size = 0; attr[size] != NULL; size++) ; |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
268 |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
269 /* +1 for terminating NULL */ |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
270 *attrs = p_new(conn->pool, unsigned int, size); |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
271 *attr_names = p_new(conn->pool, char *, size + 1); |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
272 for (i = 0, dest = 0; *attr != NULL; i++, attr++) { |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
273 if (**attr != '\0') { |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
274 (*attrs)[dest] = i; |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
275 (*attr_names)[dest] = p_strdup(conn->pool, *attr); |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
276 dest++; |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
277 } |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
278 } |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
279 } |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
280 |
|
1330
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1282
diff
changeset
|
281 #define IS_LDAP_ESCAPED_CHAR(c) \ |
|
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1282
diff
changeset
|
282 ((c) == '*' || (c) == '(' || (c) == ')' || (c) == '\\') |
|
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1282
diff
changeset
|
283 |
|
1189
2cb8e2136283
Escape special chars in username if needed.
Timo Sirainen <tss@iki.fi>
parents:
1182
diff
changeset
|
284 const char *ldap_escape(const char *str) |
|
2cb8e2136283
Escape special chars in username if needed.
Timo Sirainen <tss@iki.fi>
parents:
1182
diff
changeset
|
285 { |
|
2cb8e2136283
Escape special chars in username if needed.
Timo Sirainen <tss@iki.fi>
parents:
1182
diff
changeset
|
286 const char *p; |
|
1330
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1282
diff
changeset
|
287 string_t *ret; |
|
1189
2cb8e2136283
Escape special chars in username if needed.
Timo Sirainen <tss@iki.fi>
parents:
1182
diff
changeset
|
288 |
|
2cb8e2136283
Escape special chars in username if needed.
Timo Sirainen <tss@iki.fi>
parents:
1182
diff
changeset
|
289 for (p = str; *p != '\0'; p++) { |
|
1330
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1282
diff
changeset
|
290 if (IS_LDAP_ESCAPED_CHAR(*p)) |
|
1189
2cb8e2136283
Escape special chars in username if needed.
Timo Sirainen <tss@iki.fi>
parents:
1182
diff
changeset
|
291 break; |
|
2cb8e2136283
Escape special chars in username if needed.
Timo Sirainen <tss@iki.fi>
parents:
1182
diff
changeset
|
292 } |
|
2cb8e2136283
Escape special chars in username if needed.
Timo Sirainen <tss@iki.fi>
parents:
1182
diff
changeset
|
293 |
|
2cb8e2136283
Escape special chars in username if needed.
Timo Sirainen <tss@iki.fi>
parents:
1182
diff
changeset
|
294 if (*p == '\0') |
|
2cb8e2136283
Escape special chars in username if needed.
Timo Sirainen <tss@iki.fi>
parents:
1182
diff
changeset
|
295 return str; |
|
2cb8e2136283
Escape special chars in username if needed.
Timo Sirainen <tss@iki.fi>
parents:
1182
diff
changeset
|
296 |
|
1330
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1282
diff
changeset
|
297 ret = t_str_new((size_t) (p - str) + 64); |
|
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1282
diff
changeset
|
298 str_append_n(ret, str, (size_t) (p - str)); |
|
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1282
diff
changeset
|
299 |
|
1189
2cb8e2136283
Escape special chars in username if needed.
Timo Sirainen <tss@iki.fi>
parents:
1182
diff
changeset
|
300 for (; *p != '\0'; p++) { |
|
1330
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1282
diff
changeset
|
301 if (IS_LDAP_ESCAPED_CHAR(*p)) |
|
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1282
diff
changeset
|
302 str_append_c(ret, '\\'); |
|
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1282
diff
changeset
|
303 str_append_c(ret, *p); |
|
1189
2cb8e2136283
Escape special chars in username if needed.
Timo Sirainen <tss@iki.fi>
parents:
1182
diff
changeset
|
304 } |
|
1330
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1282
diff
changeset
|
305 return str_c(ret); |
|
1189
2cb8e2136283
Escape special chars in username if needed.
Timo Sirainen <tss@iki.fi>
parents:
1182
diff
changeset
|
306 } |
|
2cb8e2136283
Escape special chars in username if needed.
Timo Sirainen <tss@iki.fi>
parents:
1182
diff
changeset
|
307 |
|
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
308 static const char *parse_setting(const char *key, const char *value, |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
309 void *context) |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
310 { |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
311 struct ldap_connection *conn = context; |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
312 |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
313 return parse_setting_from_defs(conn->pool, setting_defs, |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
314 &conn->set, key, value); |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
315 } |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
316 |
|
1143
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
317 static struct ldap_connection *ldap_conn_find(const char *config_path) |
|
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
318 { |
|
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
319 struct ldap_connection *conn; |
|
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
320 |
|
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
321 for (conn = ldap_connections; conn != NULL; conn = conn->next) { |
|
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
322 if (strcmp(conn->config_path, config_path) == 0) |
|
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
323 return conn; |
|
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
324 } |
|
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
325 |
|
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
326 return NULL; |
|
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
327 } |
|
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
328 |
|
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
329 struct ldap_connection *db_ldap_init(const char *config_path) |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
330 { |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
331 struct ldap_connection *conn; |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
332 pool_t pool; |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
333 |
|
1143
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
334 /* see if it already exists */ |
|
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
335 conn = ldap_conn_find(config_path); |
|
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
336 if (conn != NULL) { |
|
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
337 conn->refcount++; |
|
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
338 return conn; |
|
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
339 } |
|
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
340 |
|
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
341 pool = pool_alloconly_create("ldap_connection", 1024); |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
342 conn = p_new(pool, struct ldap_connection, 1); |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
343 conn->pool = pool; |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
344 |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
345 conn->refcount = 1; |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
346 conn->requests = hash_create(default_pool, pool, 0, NULL, NULL); |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
347 |
|
1143
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
348 conn->config_path = p_strdup(pool, config_path); |
|
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
349 conn->set = default_ldap_settings; |
|
1610
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1330
diff
changeset
|
350 if (!settings_read(config_path, NULL, parse_setting, NULL, conn)) |
|
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1330
diff
changeset
|
351 exit(FATAL_DEFAULT); |
|
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
352 |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
353 if (conn->set.base == NULL) |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
354 i_fatal("LDAP: No base given"); |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
355 |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
356 conn->set.ldap_deref = deref2str(conn->set.deref); |
|
1135
81930fff13cf
passdb ldap added. fixes to userdb ldap.
Timo Sirainen <tss@iki.fi>
parents:
1086
diff
changeset
|
357 conn->set.ldap_scope = scope2str(conn->set.scope); |
|
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
358 |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
359 (void)ldap_conn_open(conn); |
|
1143
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
360 |
|
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
361 conn->next = ldap_connections; |
|
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
362 ldap_connections = conn; |
|
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
363 return conn; |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
364 } |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
365 |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
366 void db_ldap_unref(struct ldap_connection *conn) |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
367 { |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
368 if (--conn->refcount > 0) |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
369 return; |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
370 |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
371 ldap_conn_close(conn); |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
372 |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
373 hash_destroy(conn->requests); |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
374 pool_unref(conn->pool); |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
375 } |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
376 |
|
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
377 #endif |