dovecot/original-hg/dovecot-1.2: src/auth/db-ldap.c annotate

annotate src/auth/db-ldap.c @ 4624:5beb1fe35e52 HEAD

"Can't connect to server" message's host was wrong if uris setting was used.

author	Timo Sirainen <tss@iki.fi>
date	Fri, 22 Sep 2006 16:26:45 +0300
parents	ffafc8583e06
children	deccf9e1aebc

rev	line source
4426 b8089cf41c96 Check for sasl.h and sasl/sasl.h existence and use the one that's found. If Timo Sirainen <tss@iki.fi> parents: 4415 diff changeset	1 /* Copyright (C) 2003-2006 Timo Sirainen */
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	2
3474 9096b7957413 Removed direct config.h including. I'm not sure why it was done before, Timo Sirainen <tss@iki.fi> parents: 3306 diff changeset	3 #include "common.h"
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	4
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	5 #if defined(PASSDB_LDAP) \|\| defined(USERDB_LDAP)
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	6
1075 f1401fa7ab03 auth process fixes, LDAP seems to be working (with the kludge define or Timo Sirainen <tss@iki.fi> parents: 1062 diff changeset	7 #include "network.h"
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	8 #include "ioloop.h"
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	9 #include "hash.h"
1189 2cb8e2136283 Escape special chars in username if needed. Timo Sirainen <tss@iki.fi> parents: 1182 diff changeset	10 #include "str.h"
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	11 #include "settings.h"
3502 5e78500f1aee user_global_uid and user_global_gid settings weren't working. Also changed Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	12 #include "userdb.h"
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	13 #include "db-ldap.h"
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	14
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	15 #include <stddef.h>
1610 6850142c4e25 New configuration file code. Some syntax changes, but tries to be somewhat Timo Sirainen <tss@iki.fi> parents: 1330 diff changeset	16 #include <stdlib.h>
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	17
4426 b8089cf41c96 Check for sasl.h and sasl/sasl.h existence and use the one that's found. If Timo Sirainen <tss@iki.fi> parents: 4415 diff changeset	18 #define HAVE_LDAP_SASL
4427 ffafc8583e06 Prefer sasl/sasl.h. Require SASL v2, otherwise disable it. Timo Sirainen <tss@iki.fi> parents: 4426 diff changeset	19 #ifdef HAVE_SASL_SASL_H
ffafc8583e06 Prefer sasl/sasl.h. Require SASL v2, otherwise disable it. Timo Sirainen <tss@iki.fi> parents: 4426 diff changeset	20 # include <sasl/sasl.h>
ffafc8583e06 Prefer sasl/sasl.h. Require SASL v2, otherwise disable it. Timo Sirainen <tss@iki.fi> parents: 4426 diff changeset	21 #elif defined (HAVE_SASL_H)
4426 b8089cf41c96 Check for sasl.h and sasl/sasl.h existence and use the one that's found. If Timo Sirainen <tss@iki.fi> parents: 4415 diff changeset	22 # include <sasl.h>
b8089cf41c96 Check for sasl.h and sasl/sasl.h existence and use the one that's found. If Timo Sirainen <tss@iki.fi> parents: 4415 diff changeset	23 #else
b8089cf41c96 Check for sasl.h and sasl/sasl.h existence and use the one that's found. If Timo Sirainen <tss@iki.fi> parents: 4415 diff changeset	24 # undef HAVE_LDAP_SASL
b8089cf41c96 Check for sasl.h and sasl/sasl.h existence and use the one that's found. If Timo Sirainen <tss@iki.fi> parents: 4415 diff changeset	25 #endif
4427 ffafc8583e06 Prefer sasl/sasl.h. Require SASL v2, otherwise disable it. Timo Sirainen <tss@iki.fi> parents: 4426 diff changeset	26 #if SASL_VERSION_MAJOR < 2
ffafc8583e06 Prefer sasl/sasl.h. Require SASL v2, otherwise disable it. Timo Sirainen <tss@iki.fi> parents: 4426 diff changeset	27 # undef HAVE_LDAP_SASL
ffafc8583e06 Prefer sasl/sasl.h. Require SASL v2, otherwise disable it. Timo Sirainen <tss@iki.fi> parents: 4426 diff changeset	28 #endif
4426 b8089cf41c96 Check for sasl.h and sasl/sasl.h existence and use the one that's found. If Timo Sirainen <tss@iki.fi> parents: 4415 diff changeset	29
1181 ac7dbb236b59 Rather than block for two seconds, we can just call ldap_result() again if Timo Sirainen <tss@iki.fi> parents: 1143 diff changeset	30 /* Older versions may require calling ldap_result() twice */
ac7dbb236b59 Rather than block for two seconds, we can just call ldap_result() again if Timo Sirainen <tss@iki.fi> parents: 1143 diff changeset	31 #if LDAP_VENDOR_VERSION <= 20112
1086 067130d609b7 Define OPENLDAP_ASYNC_WORKAROUND Timo Sirainen <tss@iki.fi> parents: 1075 diff changeset	32 # define OPENLDAP_ASYNC_WORKAROUND
067130d609b7 Define OPENLDAP_ASYNC_WORKAROUND Timo Sirainen <tss@iki.fi> parents: 1075 diff changeset	33 #endif
067130d609b7 Define OPENLDAP_ASYNC_WORKAROUND Timo Sirainen <tss@iki.fi> parents: 1075 diff changeset	34
2325 7613e0f68513 Fixed to compile with Solaris LDAP library Timo Sirainen <tss@iki.fi> parents: 1910 diff changeset	35 /* Solaris LDAP library doesn't have LDAP_OPT_SUCCESS */
7613e0f68513 Fixed to compile with Solaris LDAP library Timo Sirainen <tss@iki.fi> parents: 1910 diff changeset	36 #ifndef LDAP_OPT_SUCCESS
7613e0f68513 Fixed to compile with Solaris LDAP library Timo Sirainen <tss@iki.fi> parents: 1910 diff changeset	37 # define LDAP_OPT_SUCCESS LDAP_SUCCESS
7613e0f68513 Fixed to compile with Solaris LDAP library Timo Sirainen <tss@iki.fi> parents: 1910 diff changeset	38 #endif
7613e0f68513 Fixed to compile with Solaris LDAP library Timo Sirainen <tss@iki.fi> parents: 1910 diff changeset	39
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	40 #define DEF(type, name) \
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	41 { type, #name, offsetof(struct ldap_settings, name) }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	42
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	43 static struct setting_def setting_defs[] = {
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	44 DEF(SET_STR, hosts),
1910 b9005f93be70 Patch by Quentin Garnier: Timo Sirainen <tss@iki.fi> parents: 1897 diff changeset	45 DEF(SET_STR, uris),
1075 f1401fa7ab03 auth process fixes, LDAP seems to be working (with the kludge define or Timo Sirainen <tss@iki.fi> parents: 1062 diff changeset	46 DEF(SET_STR, dn),
f1401fa7ab03 auth process fixes, LDAP seems to be working (with the kludge define or Timo Sirainen <tss@iki.fi> parents: 1062 diff changeset	47 DEF(SET_STR, dnpass),
3771 4b6d962485b9 Added authentication bind support. Patch by J.M. Maurer. Timo Sirainen <tss@iki.fi> parents: 3731 diff changeset	48 DEF(SET_BOOL, auth_bind),
3840 935f12d0d2fe Added fast authbinding and auth_bind_userdn setting. Patch by Geff Timo Sirainen <tss@iki.fi> parents: 3771 diff changeset	49 DEF(SET_STR, auth_bind_userdn),
4415 b91816cd1d16 Added TLS support for LDAP if the library supports it. Timo Sirainen <tss@iki.fi> parents: 4405 diff changeset	50 DEF(SET_BOOL, tls),
4319 31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	51 DEF(SET_BOOL, sasl_bind),
31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	52 DEF(SET_STR, sasl_mech),
31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	53 DEF(SET_STR, sasl_realm),
31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	54 DEF(SET_STR, sasl_authz_id),
31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	55 DEF(SET_STR, sasl_props),
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	56 DEF(SET_STR, deref),
1135 81930fff13cf passdb ldap added. fixes to userdb ldap. Timo Sirainen <tss@iki.fi> parents: 1086 diff changeset	57 DEF(SET_STR, scope),
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	58 DEF(SET_STR, base),
1282 e8894f2c776f Added ldap_version setting. Timo Sirainen <tss@iki.fi> parents: 1265 diff changeset	59 DEF(SET_INT, ldap_version),
1136 ad6343bd4479 Separate user and pass attrs/filters in config file Timo Sirainen <tss@iki.fi> parents: 1135 diff changeset	60 DEF(SET_STR, user_attrs),
ad6343bd4479 Separate user and pass attrs/filters in config file Timo Sirainen <tss@iki.fi> parents: 1135 diff changeset	61 DEF(SET_STR, user_filter),
ad6343bd4479 Separate user and pass attrs/filters in config file Timo Sirainen <tss@iki.fi> parents: 1135 diff changeset	62 DEF(SET_STR, pass_attrs),
1141 873634a5b472 Added user_global_uid and user_global_gid LDAP settings. Timo Sirainen <tss@iki.fi> parents: 1136 diff changeset	63 DEF(SET_STR, pass_filter),
1191 65e48854491d Added default_pass_scheme to LDAP. Support for more password schemes. Merged Timo Sirainen <tss@iki.fi> parents: 1189 diff changeset	64 DEF(SET_STR, default_pass_scheme),
3502 5e78500f1aee user_global_uid and user_global_gid settings weren't working. Also changed Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	65 DEF(SET_STR, user_global_uid),
3913 af15aab60ff1 Settings' default listing wasn't ended properly, which could have caused Timo Sirainen <tss@iki.fi> parents: 3908 diff changeset	66 DEF(SET_STR, user_global_gid),
af15aab60ff1 Settings' default listing wasn't ended properly, which could have caused Timo Sirainen <tss@iki.fi> parents: 3908 diff changeset	67
af15aab60ff1 Settings' default listing wasn't ended properly, which could have caused Timo Sirainen <tss@iki.fi> parents: 3908 diff changeset	68 { 0, NULL, 0 }
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	69 };
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	70
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	71 struct ldap_settings default_ldap_settings = {
1910 b9005f93be70 Patch by Quentin Garnier: Timo Sirainen <tss@iki.fi> parents: 1897 diff changeset	72 MEMBER(hosts) NULL,
b9005f93be70 Patch by Quentin Garnier: Timo Sirainen <tss@iki.fi> parents: 1897 diff changeset	73 MEMBER(uris) NULL,
1075 f1401fa7ab03 auth process fixes, LDAP seems to be working (with the kludge define or Timo Sirainen <tss@iki.fi> parents: 1062 diff changeset	74 MEMBER(dn) NULL,
f1401fa7ab03 auth process fixes, LDAP seems to be working (with the kludge define or Timo Sirainen <tss@iki.fi> parents: 1062 diff changeset	75 MEMBER(dnpass) NULL,
3771 4b6d962485b9 Added authentication bind support. Patch by J.M. Maurer. Timo Sirainen <tss@iki.fi> parents: 3731 diff changeset	76 MEMBER(auth_bind) FALSE,
3840 935f12d0d2fe Added fast authbinding and auth_bind_userdn setting. Patch by Geff Timo Sirainen <tss@iki.fi> parents: 3771 diff changeset	77 MEMBER(auth_bind_userdn) NULL,
4415 b91816cd1d16 Added TLS support for LDAP if the library supports it. Timo Sirainen <tss@iki.fi> parents: 4405 diff changeset	78 MEMBER(tls) FALSE,
4319 31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	79 MEMBER(sasl_bind) FALSE,
31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	80 MEMBER(sasl_mech) NULL,
31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	81 MEMBER(sasl_realm) NULL,
31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	82 MEMBER(sasl_authz_id) NULL,
31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	83 MEMBER(sasl_props) NULL,
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	84 MEMBER(deref) "never",
1135 81930fff13cf passdb ldap added. fixes to userdb ldap. Timo Sirainen <tss@iki.fi> parents: 1086 diff changeset	85 MEMBER(scope) "subtree",
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	86 MEMBER(base) NULL,
1282 e8894f2c776f Added ldap_version setting. Timo Sirainen <tss@iki.fi> parents: 1265 diff changeset	87 MEMBER(ldap_version) 2,
3094 d78e9a31b6d8 Move default filters/attrs to setting defaults rather than check it from Timo Sirainen <tss@iki.fi> parents: 2994 diff changeset	88 MEMBER(user_attrs) "uid,homeDirectory,,,uidNumber,gidNumber",
d78e9a31b6d8 Move default filters/attrs to setting defaults rather than check it from Timo Sirainen <tss@iki.fi> parents: 2994 diff changeset	89 MEMBER(user_filter) "(&(objectClass=posixAccount)(uid=%u))",
d78e9a31b6d8 Move default filters/attrs to setting defaults rather than check it from Timo Sirainen <tss@iki.fi> parents: 2994 diff changeset	90 MEMBER(pass_attrs) "uid,userPassword",
d78e9a31b6d8 Move default filters/attrs to setting defaults rather than check it from Timo Sirainen <tss@iki.fi> parents: 2994 diff changeset	91 MEMBER(pass_filter) "(&(objectClass=posixAccount)(uid=%u))",
1191 65e48854491d Added default_pass_scheme to LDAP. Support for more password schemes. Merged Timo Sirainen <tss@iki.fi> parents: 1189 diff changeset	92 MEMBER(default_pass_scheme) "crypt",
3502 5e78500f1aee user_global_uid and user_global_gid settings weren't working. Also changed Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	93 MEMBER(user_global_uid) "",
5e78500f1aee user_global_uid and user_global_gid settings weren't working. Also changed Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	94 MEMBER(user_global_gid) ""
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	95 };
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	96
1143 50f10a7a3bad Use the same LDAP connection for both userdb and passdb if config_path is Timo Sirainen <tss@iki.fi> parents: 1141 diff changeset	97 static struct ldap_connection *ldap_connections = NULL;
50f10a7a3bad Use the same LDAP connection for both userdb and passdb if config_path is Timo Sirainen <tss@iki.fi> parents: 1141 diff changeset	98
3863 55df57c028d4 Added "bool" type and changed all ints that were used as booleans to bool. Timo Sirainen <tss@iki.fi> parents: 3840 diff changeset	99 static void ldap_conn_close(struct ldap_connection *conn, bool flush_requests);
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	100
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	101 static int deref2str(const char *str)
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	102 {
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	103 if (strcasecmp(str, "never") == 0)
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	104 return LDAP_DEREF_NEVER;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	105 if (strcasecmp(str, "searching") == 0)
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	106 return LDAP_DEREF_SEARCHING;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	107 if (strcasecmp(str, "finding") == 0)
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	108 return LDAP_DEREF_FINDING;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	109 if (strcasecmp(str, "always") == 0)
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	110 return LDAP_DEREF_ALWAYS;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	111
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	112 i_fatal("LDAP: Unknown deref option '%s'", str);
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	113 }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	114
1135 81930fff13cf passdb ldap added. fixes to userdb ldap. Timo Sirainen <tss@iki.fi> parents: 1086 diff changeset	115 static int scope2str(const char *str)
81930fff13cf passdb ldap added. fixes to userdb ldap. Timo Sirainen <tss@iki.fi> parents: 1086 diff changeset	116 {
81930fff13cf passdb ldap added. fixes to userdb ldap. Timo Sirainen <tss@iki.fi> parents: 1086 diff changeset	117 if (strcasecmp(str, "base") == 0)
81930fff13cf passdb ldap added. fixes to userdb ldap. Timo Sirainen <tss@iki.fi> parents: 1086 diff changeset	118 return LDAP_SCOPE_BASE;
81930fff13cf passdb ldap added. fixes to userdb ldap. Timo Sirainen <tss@iki.fi> parents: 1086 diff changeset	119 if (strcasecmp(str, "onelevel") == 0)
81930fff13cf passdb ldap added. fixes to userdb ldap. Timo Sirainen <tss@iki.fi> parents: 1086 diff changeset	120 return LDAP_SCOPE_ONELEVEL;
81930fff13cf passdb ldap added. fixes to userdb ldap. Timo Sirainen <tss@iki.fi> parents: 1086 diff changeset	121 if (strcasecmp(str, "subtree") == 0)
81930fff13cf passdb ldap added. fixes to userdb ldap. Timo Sirainen <tss@iki.fi> parents: 1086 diff changeset	122 return LDAP_SCOPE_SUBTREE;
81930fff13cf passdb ldap added. fixes to userdb ldap. Timo Sirainen <tss@iki.fi> parents: 1086 diff changeset	123
81930fff13cf passdb ldap added. fixes to userdb ldap. Timo Sirainen <tss@iki.fi> parents: 1086 diff changeset	124 i_fatal("LDAP: Unknown scope option '%s'", str);
81930fff13cf passdb ldap added. fixes to userdb ldap. Timo Sirainen <tss@iki.fi> parents: 1086 diff changeset	125 }
81930fff13cf passdb ldap added. fixes to userdb ldap. Timo Sirainen <tss@iki.fi> parents: 1086 diff changeset	126
1210 8e6addbf12b3 minor ldap fixes Timo Sirainen <tss@iki.fi> parents: 1191 diff changeset	127 const char ldap_get_error(struct ldap_connection conn)
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	128 {
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	129 int ret, err;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	130
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	131 ret = ldap_get_option(conn->ld, LDAP_OPT_ERROR_NUMBER, (void *) &err);
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	132 if (ret != LDAP_SUCCESS) {
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	133 i_error("LDAP: Can't get error number: %s",
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	134 ldap_err2string(ret));
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	135 return "??";
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	136 }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	137
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	138 return ldap_err2string(err);
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	139 }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	140
3771 4b6d962485b9 Added authentication bind support. Patch by J.M. Maurer. Timo Sirainen <tss@iki.fi> parents: 3731 diff changeset	141 void db_ldap_search(struct ldap_connection conn, struct ldap_request request,
4b6d962485b9 Added authentication bind support. Patch by J.M. Maurer. Timo Sirainen <tss@iki.fi> parents: 3731 diff changeset	142 int scope)
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	143 {
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	144 int msgid;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	145
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	146 if (!conn->connected) {
2648 cc2e39912eb3 Added preinit() call to userdb/passdbs, which is called before dropping Timo Sirainen <tss@iki.fi> parents: 2325 diff changeset	147 if (!db_ldap_connect(conn)) {
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	148 request->callback(conn, request, NULL);
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	149 return;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	150 }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	151 }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	152
3771 4b6d962485b9 Added authentication bind support. Patch by J.M. Maurer. Timo Sirainen <tss@iki.fi> parents: 3731 diff changeset	153 msgid = ldap_search(conn->ld, request->base, scope,
3731 0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	154 request->filter, request->attributes, 0);
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	155 if (msgid == -1) {
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	156 i_error("LDAP: ldap_search() failed (filter %s): %s",
3731 0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	157 request->filter, ldap_get_error(conn));
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	158 request->callback(conn, request, NULL);
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	159 return;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	160 }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	161
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	162 hash_insert(conn->requests, POINTER_CAST(msgid), request);
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	163 }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	164
3731 0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	165 static void ldap_conn_retry_requests(struct ldap_connection *conn)
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	166 {
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	167 struct hash_table *old_requests;
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	168 struct hash_iterate_context *iter;
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	169 void key, value;
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	170
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	171 i_assert(conn->connected);
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	172
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	173 if (hash_size(conn->requests) == 0)
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	174 return;
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	175
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	176 old_requests = conn->requests;
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	177 conn->requests = hash_create(default_pool, conn->pool, 0, NULL, NULL);
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	178
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	179 iter = hash_iterate_init(old_requests);
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	180 while (hash_iterate(iter, &key, &value)) {
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	181 struct ldap_request *request = value;
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	182
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	183 i_assert(conn->connected);
3771 4b6d962485b9 Added authentication bind support. Patch by J.M. Maurer. Timo Sirainen <tss@iki.fi> parents: 3731 diff changeset	184 db_ldap_search(conn, request, conn->set.ldap_scope);
3731 0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	185 }
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	186 hash_iterate_deinit(iter);
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	187 hash_destroy(old_requests);
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	188 }
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	189
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	190 static void ldap_conn_reconnect(struct ldap_connection *conn)
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	191 {
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	192 ldap_conn_close(conn, FALSE);
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	193
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	194 if (!db_ldap_connect(conn)) {
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	195 /* failed to reconnect. fail all requests. */
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	196 ldap_conn_close(conn, TRUE);
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	197 }
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	198 }
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	199
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	200 static void ldap_input(void *context)
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	201 {
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	202 struct ldap_connection *conn = context;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	203 struct ldap_request *request;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	204 struct timeval timeout;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	205 LDAPMessage *res;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	206 int ret, msgid;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	207
1210 8e6addbf12b3 minor ldap fixes Timo Sirainen <tss@iki.fi> parents: 1191 diff changeset	208 while (conn->ld != NULL) {
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	209 memset(&timeout, 0, sizeof(timeout));
1181 ac7dbb236b59 Rather than block for two seconds, we can just call ldap_result() again if Timo Sirainen <tss@iki.fi> parents: 1143 diff changeset	210 ret = ldap_result(conn->ld, LDAP_RES_ANY, 1, &timeout, &res);
1075 f1401fa7ab03 auth process fixes, LDAP seems to be working (with the kludge define or Timo Sirainen <tss@iki.fi> parents: 1062 diff changeset	211 #ifdef OPENLDAP_ASYNC_WORKAROUND
1181 ac7dbb236b59 Rather than block for two seconds, we can just call ldap_result() again if Timo Sirainen <tss@iki.fi> parents: 1143 diff changeset	212 if (ret == 0) {
ac7dbb236b59 Rather than block for two seconds, we can just call ldap_result() again if Timo Sirainen <tss@iki.fi> parents: 1143 diff changeset	213 /* try again, there may be another in buffer */
ac7dbb236b59 Rather than block for two seconds, we can just call ldap_result() again if Timo Sirainen <tss@iki.fi> parents: 1143 diff changeset	214 ret = ldap_result(conn->ld, LDAP_RES_ANY, 1,
ac7dbb236b59 Rather than block for two seconds, we can just call ldap_result() again if Timo Sirainen <tss@iki.fi> parents: 1143 diff changeset	215 &timeout, &res);
ac7dbb236b59 Rather than block for two seconds, we can just call ldap_result() again if Timo Sirainen <tss@iki.fi> parents: 1143 diff changeset	216 }
1075 f1401fa7ab03 auth process fixes, LDAP seems to be working (with the kludge define or Timo Sirainen <tss@iki.fi> parents: 1062 diff changeset	217 #endif
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	218 if (ret <= 0) {
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	219 if (ret < 0) {
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	220 i_error("LDAP: ldap_result() failed: %s",
1210 8e6addbf12b3 minor ldap fixes Timo Sirainen <tss@iki.fi> parents: 1191 diff changeset	221 ldap_get_error(conn));
3731 0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	222 ldap_conn_reconnect(conn);
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	223 }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	224 return;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	225 }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	226
1210 8e6addbf12b3 minor ldap fixes Timo Sirainen <tss@iki.fi> parents: 1191 diff changeset	227 msgid = ldap_msgid(res);
8e6addbf12b3 minor ldap fixes Timo Sirainen <tss@iki.fi> parents: 1191 diff changeset	228 request = hash_lookup(conn->requests, POINTER_CAST(msgid));
8e6addbf12b3 minor ldap fixes Timo Sirainen <tss@iki.fi> parents: 1191 diff changeset	229 if (request == NULL) {
8e6addbf12b3 minor ldap fixes Timo Sirainen <tss@iki.fi> parents: 1191 diff changeset	230 i_error("LDAP: Reply with unknown msgid %d",
8e6addbf12b3 minor ldap fixes Timo Sirainen <tss@iki.fi> parents: 1191 diff changeset	231 msgid);
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	232 } else {
1210 8e6addbf12b3 minor ldap fixes Timo Sirainen <tss@iki.fi> parents: 1191 diff changeset	233 hash_remove(conn->requests, POINTER_CAST(msgid));
8e6addbf12b3 minor ldap fixes Timo Sirainen <tss@iki.fi> parents: 1191 diff changeset	234 request->callback(conn, request, res);
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	235 }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	236
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	237 ldap_msgfree(res);
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	238 }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	239 }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	240
4426 b8089cf41c96 Check for sasl.h and sasl/sasl.h existence and use the one that's found. If Timo Sirainen <tss@iki.fi> parents: 4415 diff changeset	241 #ifdef HAVE_LDAP_SASL
4405 fe17f63521ea Compiler warning fixes and some coding style cleanups. Timo Sirainen <tss@iki.fi> parents: 4319 diff changeset	242 static int
fe17f63521ea Compiler warning fixes and some coding style cleanups. Timo Sirainen <tss@iki.fi> parents: 4319 diff changeset	243 sasl_interact(LDAP *ld __attr_unused__, unsigned flags __attr_unused__,
fe17f63521ea Compiler warning fixes and some coding style cleanups. Timo Sirainen <tss@iki.fi> parents: 4319 diff changeset	244 void defaults, void interact)
4319 31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	245 {
4426 b8089cf41c96 Check for sasl.h and sasl/sasl.h existence and use the one that's found. If Timo Sirainen <tss@iki.fi> parents: 4415 diff changeset	246 struct ldap_sasl_bind_context *context = defaults;
4319 31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	247 sasl_interact_t *in;
4405 fe17f63521ea Compiler warning fixes and some coding style cleanups. Timo Sirainen <tss@iki.fi> parents: 4319 diff changeset	248 const char *str;
4319 31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	249
4405 fe17f63521ea Compiler warning fixes and some coding style cleanups. Timo Sirainen <tss@iki.fi> parents: 4319 diff changeset	250 for (in = interact; in->id != SASL_CB_LIST_END; in++) {
fe17f63521ea Compiler warning fixes and some coding style cleanups. Timo Sirainen <tss@iki.fi> parents: 4319 diff changeset	251 switch (in->id) {
4319 31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	252 case SASL_CB_GETREALM:
4405 fe17f63521ea Compiler warning fixes and some coding style cleanups. Timo Sirainen <tss@iki.fi> parents: 4319 diff changeset	253 str = context->realm;
4319 31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	254 break;
31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	255 case SASL_CB_AUTHNAME:
4405 fe17f63521ea Compiler warning fixes and some coding style cleanups. Timo Sirainen <tss@iki.fi> parents: 4319 diff changeset	256 str = context->authcid;
4319 31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	257 break;
31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	258 case SASL_CB_USER:
4405 fe17f63521ea Compiler warning fixes and some coding style cleanups. Timo Sirainen <tss@iki.fi> parents: 4319 diff changeset	259 str = context->authzid;
4319 31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	260 break;
31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	261 case SASL_CB_PASS:
4405 fe17f63521ea Compiler warning fixes and some coding style cleanups. Timo Sirainen <tss@iki.fi> parents: 4319 diff changeset	262 str = context->passwd;
fe17f63521ea Compiler warning fixes and some coding style cleanups. Timo Sirainen <tss@iki.fi> parents: 4319 diff changeset	263 break;
fe17f63521ea Compiler warning fixes and some coding style cleanups. Timo Sirainen <tss@iki.fi> parents: 4319 diff changeset	264 default:
fe17f63521ea Compiler warning fixes and some coding style cleanups. Timo Sirainen <tss@iki.fi> parents: 4319 diff changeset	265 str = NULL;
4319 31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	266 break;
31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	267 }
4405 fe17f63521ea Compiler warning fixes and some coding style cleanups. Timo Sirainen <tss@iki.fi> parents: 4319 diff changeset	268 if (str != NULL) {
fe17f63521ea Compiler warning fixes and some coding style cleanups. Timo Sirainen <tss@iki.fi> parents: 4319 diff changeset	269 in->len = strlen(str);
fe17f63521ea Compiler warning fixes and some coding style cleanups. Timo Sirainen <tss@iki.fi> parents: 4319 diff changeset	270 in->result = str;
4319 31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	271 }
31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	272
31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	273 }
31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	274 return LDAP_SUCCESS;
31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	275 }
4426 b8089cf41c96 Check for sasl.h and sasl/sasl.h existence and use the one that's found. If Timo Sirainen <tss@iki.fi> parents: 4415 diff changeset	276 #endif
4319 31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	277
3863 55df57c028d4 Added "bool" type and changed all ints that were used as booleans to bool. Timo Sirainen <tss@iki.fi> parents: 3840 diff changeset	278 bool db_ldap_connect(struct ldap_connection *conn)
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	279 {
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	280 int ret, fd;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	281
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	282 if (conn->connected)
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	283 return TRUE;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	284
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	285 if (conn->ld == NULL) {
1910 b9005f93be70 Patch by Quentin Garnier: Timo Sirainen <tss@iki.fi> parents: 1897 diff changeset	286 if (conn->set.uris != NULL) {
2325 7613e0f68513 Fixed to compile with Solaris LDAP library Timo Sirainen <tss@iki.fi> parents: 1910 diff changeset	287 #ifdef LDAP_HAVE_INITIALIZE
1910 b9005f93be70 Patch by Quentin Garnier: Timo Sirainen <tss@iki.fi> parents: 1897 diff changeset	288 if (ldap_initialize(&conn->ld, conn->set.uris) != LDAP_SUCCESS)
b9005f93be70 Patch by Quentin Garnier: Timo Sirainen <tss@iki.fi> parents: 1897 diff changeset	289 conn->ld = NULL;
2325 7613e0f68513 Fixed to compile with Solaris LDAP library Timo Sirainen <tss@iki.fi> parents: 1910 diff changeset	290 #else
7613e0f68513 Fixed to compile with Solaris LDAP library Timo Sirainen <tss@iki.fi> parents: 1910 diff changeset	291 i_fatal("LDAP: Your LDAP library doesn't support "
7613e0f68513 Fixed to compile with Solaris LDAP library Timo Sirainen <tss@iki.fi> parents: 1910 diff changeset	292 "'uris' setting, use 'hosts' instead.");
7613e0f68513 Fixed to compile with Solaris LDAP library Timo Sirainen <tss@iki.fi> parents: 1910 diff changeset	293 #endif
1910 b9005f93be70 Patch by Quentin Garnier: Timo Sirainen <tss@iki.fi> parents: 1897 diff changeset	294 } else
b9005f93be70 Patch by Quentin Garnier: Timo Sirainen <tss@iki.fi> parents: 1897 diff changeset	295 conn->ld = ldap_init(conn->set.hosts, LDAP_PORT);
b9005f93be70 Patch by Quentin Garnier: Timo Sirainen <tss@iki.fi> parents: 1897 diff changeset	296
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	297 if (conn->ld == NULL)
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	298 i_fatal("LDAP: ldap_init() failed with hosts: %s",
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	299 conn->set.hosts);
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	300
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	301 ret = ldap_set_option(conn->ld, LDAP_OPT_DEREF,
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	302 (void *) &conn->set.ldap_deref);
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	303 if (ret != LDAP_SUCCESS) {
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	304 i_fatal("LDAP: Can't set deref option: %s",
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	305 ldap_err2string(ret));
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	306 }
1282 e8894f2c776f Added ldap_version setting. Timo Sirainen <tss@iki.fi> parents: 1265 diff changeset	307
e8894f2c776f Added ldap_version setting. Timo Sirainen <tss@iki.fi> parents: 1265 diff changeset	308 ret = ldap_set_option(conn->ld, LDAP_OPT_PROTOCOL_VERSION,
e8894f2c776f Added ldap_version setting. Timo Sirainen <tss@iki.fi> parents: 1265 diff changeset	309 (void *) &conn->set.ldap_version);
e8894f2c776f Added ldap_version setting. Timo Sirainen <tss@iki.fi> parents: 1265 diff changeset	310 if (ret != LDAP_OPT_SUCCESS) {
e8894f2c776f Added ldap_version setting. Timo Sirainen <tss@iki.fi> parents: 1265 diff changeset	311 i_fatal("LDAP: Can't set protocol version %u: %s",
e8894f2c776f Added ldap_version setting. Timo Sirainen <tss@iki.fi> parents: 1265 diff changeset	312 conn->set.ldap_version, ldap_err2string(ret));
e8894f2c776f Added ldap_version setting. Timo Sirainen <tss@iki.fi> parents: 1265 diff changeset	313 }
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	314 }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	315
4415 b91816cd1d16 Added TLS support for LDAP if the library supports it. Timo Sirainen <tss@iki.fi> parents: 4405 diff changeset	316 if (conn->set.tls) {
b91816cd1d16 Added TLS support for LDAP if the library supports it. Timo Sirainen <tss@iki.fi> parents: 4405 diff changeset	317 #ifdef LDAP_HAVE_START_TLS_S
b91816cd1d16 Added TLS support for LDAP if the library supports it. Timo Sirainen <tss@iki.fi> parents: 4405 diff changeset	318 ret = ldap_start_tls_s(conn->ld, NULL, NULL);
b91816cd1d16 Added TLS support for LDAP if the library supports it. Timo Sirainen <tss@iki.fi> parents: 4405 diff changeset	319 if (ret != LDAP_SUCCESS) {
b91816cd1d16 Added TLS support for LDAP if the library supports it. Timo Sirainen <tss@iki.fi> parents: 4405 diff changeset	320 i_error("LDAP: ldap_start_tls_s() failed: %s",
b91816cd1d16 Added TLS support for LDAP if the library supports it. Timo Sirainen <tss@iki.fi> parents: 4405 diff changeset	321 ldap_err2string(ret));
b91816cd1d16 Added TLS support for LDAP if the library supports it. Timo Sirainen <tss@iki.fi> parents: 4405 diff changeset	322 return FALSE;
b91816cd1d16 Added TLS support for LDAP if the library supports it. Timo Sirainen <tss@iki.fi> parents: 4405 diff changeset	323 }
b91816cd1d16 Added TLS support for LDAP if the library supports it. Timo Sirainen <tss@iki.fi> parents: 4405 diff changeset	324 #else
b91816cd1d16 Added TLS support for LDAP if the library supports it. Timo Sirainen <tss@iki.fi> parents: 4405 diff changeset	325 i_error("LDAP: Your LDAP library doesn't support TLS");
b91816cd1d16 Added TLS support for LDAP if the library supports it. Timo Sirainen <tss@iki.fi> parents: 4405 diff changeset	326 return FALSE;
b91816cd1d16 Added TLS support for LDAP if the library supports it. Timo Sirainen <tss@iki.fi> parents: 4405 diff changeset	327 #endif
b91816cd1d16 Added TLS support for LDAP if the library supports it. Timo Sirainen <tss@iki.fi> parents: 4405 diff changeset	328 }
b91816cd1d16 Added TLS support for LDAP if the library supports it. Timo Sirainen <tss@iki.fi> parents: 4405 diff changeset	329
3771 4b6d962485b9 Added authentication bind support. Patch by J.M. Maurer. Timo Sirainen <tss@iki.fi> parents: 3731 diff changeset	330 /* FIXME: we shouldn't use blocking bind */
4319 31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	331 if (conn->set.sasl_bind) {
4426 b8089cf41c96 Check for sasl.h and sasl/sasl.h existence and use the one that's found. If Timo Sirainen <tss@iki.fi> parents: 4415 diff changeset	332 #ifdef HAVE_LDAP_SASL
b8089cf41c96 Check for sasl.h and sasl/sasl.h existence and use the one that's found. If Timo Sirainen <tss@iki.fi> parents: 4415 diff changeset	333 struct ldap_sasl_bind_context context;
b8089cf41c96 Check for sasl.h and sasl/sasl.h existence and use the one that's found. If Timo Sirainen <tss@iki.fi> parents: 4415 diff changeset	334
b8089cf41c96 Check for sasl.h and sasl/sasl.h existence and use the one that's found. If Timo Sirainen <tss@iki.fi> parents: 4415 diff changeset	335 memset(&context, 0, sizeof(context));
4319 31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	336 context.authcid = conn->set.dn;
31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	337 context.passwd = conn->set.dnpass;
31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	338 context.realm = conn->set.sasl_realm;
31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	339 context.authzid = conn->set.sasl_authz_id;
31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	340
4405 fe17f63521ea Compiler warning fixes and some coding style cleanups. Timo Sirainen <tss@iki.fi> parents: 4319 diff changeset	341 ret = ldap_sasl_interactive_bind_s(conn->ld, NULL,
fe17f63521ea Compiler warning fixes and some coding style cleanups. Timo Sirainen <tss@iki.fi> parents: 4319 diff changeset	342 conn->set.sasl_mech,
4319 31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	343 NULL, NULL, LDAP_SASL_QUIET,
31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	344 sasl_interact, &context);
4426 b8089cf41c96 Check for sasl.h and sasl/sasl.h existence and use the one that's found. If Timo Sirainen <tss@iki.fi> parents: 4415 diff changeset	345 #else
b8089cf41c96 Check for sasl.h and sasl/sasl.h existence and use the one that's found. If Timo Sirainen <tss@iki.fi> parents: 4415 diff changeset	346 i_fatal("LDAP: sasl_bind=yes but no SASL support compiled in");
b8089cf41c96 Check for sasl.h and sasl/sasl.h existence and use the one that's found. If Timo Sirainen <tss@iki.fi> parents: 4415 diff changeset	347 #endif
4319 31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	348 } else {
4405 fe17f63521ea Compiler warning fixes and some coding style cleanups. Timo Sirainen <tss@iki.fi> parents: 4319 diff changeset	349 ret = ldap_simple_bind_s(conn->ld, conn->set.dn,
fe17f63521ea Compiler warning fixes and some coding style cleanups. Timo Sirainen <tss@iki.fi> parents: 4319 diff changeset	350 conn->set.dnpass);
fe17f63521ea Compiler warning fixes and some coding style cleanups. Timo Sirainen <tss@iki.fi> parents: 4319 diff changeset	351 }
fe17f63521ea Compiler warning fixes and some coding style cleanups. Timo Sirainen <tss@iki.fi> parents: 4319 diff changeset	352 if (ret == LDAP_SERVER_DOWN) {
fe17f63521ea Compiler warning fixes and some coding style cleanups. Timo Sirainen <tss@iki.fi> parents: 4319 diff changeset	353 i_error("LDAP: Can't connect to server: %s",
4624 5beb1fe35e52 "Can't connect to server" message's host was wrong if uris setting was used. Timo Sirainen <tss@iki.fi> parents: 4427 diff changeset	354 conn->set.uris != NULL ?
5beb1fe35e52 "Can't connect to server" message's host was wrong if uris setting was used. Timo Sirainen <tss@iki.fi> parents: 4427 diff changeset	355 conn->set.uris : conn->set.hosts);
4405 fe17f63521ea Compiler warning fixes and some coding style cleanups. Timo Sirainen <tss@iki.fi> parents: 4319 diff changeset	356 return FALSE;
fe17f63521ea Compiler warning fixes and some coding style cleanups. Timo Sirainen <tss@iki.fi> parents: 4319 diff changeset	357 }
fe17f63521ea Compiler warning fixes and some coding style cleanups. Timo Sirainen <tss@iki.fi> parents: 4319 diff changeset	358 if (ret != LDAP_SUCCESS) {
fe17f63521ea Compiler warning fixes and some coding style cleanups. Timo Sirainen <tss@iki.fi> parents: 4319 diff changeset	359 i_error("LDAP: binding failed (dn %s): %s",
fe17f63521ea Compiler warning fixes and some coding style cleanups. Timo Sirainen <tss@iki.fi> parents: 4319 diff changeset	360 conn->set.dn == NULL ? "(none)" : conn->set.dn,
fe17f63521ea Compiler warning fixes and some coding style cleanups. Timo Sirainen <tss@iki.fi> parents: 4319 diff changeset	361 ldap_get_error(conn));
fe17f63521ea Compiler warning fixes and some coding style cleanups. Timo Sirainen <tss@iki.fi> parents: 4319 diff changeset	362 return FALSE;
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	363 }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	364
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	365 conn->connected = TRUE;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	366
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	367 /* register LDAP input to ioloop */
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	368 ret = ldap_get_option(conn->ld, LDAP_OPT_DESC, (void *) &fd);
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	369 if (ret != LDAP_SUCCESS) {
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	370 i_fatal("LDAP: Can't get connection fd: %s",
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	371 ldap_err2string(ret));
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	372 }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	373
1075 f1401fa7ab03 auth process fixes, LDAP seems to be working (with the kludge define or Timo Sirainen <tss@iki.fi> parents: 1062 diff changeset	374 net_set_nonblock(fd, TRUE);
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	375 conn->io = io_add(fd, IO_READ, ldap_input, conn);
3731 0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	376
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	377 /* in case there are requests waiting, retry them */
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	378 ldap_conn_retry_requests(conn);
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	379 return TRUE;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	380 }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	381
3863 55df57c028d4 Added "bool" type and changed all ints that were used as booleans to bool. Timo Sirainen <tss@iki.fi> parents: 3840 diff changeset	382 static void ldap_conn_close(struct ldap_connection *conn, bool flush_requests)
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	383 {
1897 1e6ed8045f2b Changed hash_foreach() to iterator. Timo Sirainen <tss@iki.fi> parents: 1709 diff changeset	384 struct hash_iterate_context *iter;
1e6ed8045f2b Changed hash_foreach() to iterator. Timo Sirainen <tss@iki.fi> parents: 1709 diff changeset	385 void key, value;
1e6ed8045f2b Changed hash_foreach() to iterator. Timo Sirainen <tss@iki.fi> parents: 1709 diff changeset	386
3731 0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	387 if (flush_requests) {
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	388 iter = hash_iterate_init(conn->requests);
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	389 while (hash_iterate(iter, &key, &value)) {
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	390 struct ldap_request *request = value;
1897 1e6ed8045f2b Changed hash_foreach() to iterator. Timo Sirainen <tss@iki.fi> parents: 1709 diff changeset	391
3731 0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	392 request->callback(conn, request, NULL);
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	393 }
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	394 hash_iterate_deinit(iter);
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	395 hash_clear(conn->requests, FALSE);
1897 1e6ed8045f2b Changed hash_foreach() to iterator. Timo Sirainen <tss@iki.fi> parents: 1709 diff changeset	396 }
1210 8e6addbf12b3 minor ldap fixes Timo Sirainen <tss@iki.fi> parents: 1191 diff changeset	397
8e6addbf12b3 minor ldap fixes Timo Sirainen <tss@iki.fi> parents: 1191 diff changeset	398 conn->connected = FALSE;
8e6addbf12b3 minor ldap fixes Timo Sirainen <tss@iki.fi> parents: 1191 diff changeset	399
3879 928229f8b3e6 deinit, unref, destroy, close, free, etc. functions now take a pointer to Timo Sirainen <tss@iki.fi> parents: 3863 diff changeset	400 if (conn->io != NULL)
928229f8b3e6 deinit, unref, destroy, close, free, etc. functions now take a pointer to Timo Sirainen <tss@iki.fi> parents: 3863 diff changeset	401 io_remove(&conn->io);
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	402
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	403 if (conn->ld != NULL) {
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	404 ldap_unbind(conn->ld);
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	405 conn->ld = NULL;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	406 }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	407 }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	408
3158 8849f2e380d1 userdb can now return extra parameters to master. Removed special handling Timo Sirainen <tss@iki.fi> parents: 3094 diff changeset	409 void db_ldap_set_attrs(struct ldap_connection conn, const char attrlist,
3306 aebed9a9edac If both userdb and passdb used LDAP the later one was overriding first one's Timo Sirainen <tss@iki.fi> parents: 3212 diff changeset	410 char **attr_names_r, struct hash_table attr_map,
3158 8849f2e380d1 userdb can now return extra parameters to master. Removed special handling Timo Sirainen <tss@iki.fi> parents: 3094 diff changeset	411 const char *const default_attr_map[])
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	412 {
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	413 const char const attr;
3158 8849f2e380d1 userdb can now return extra parameters to master. Removed special handling Timo Sirainen <tss@iki.fi> parents: 3094 diff changeset	414 char name, value, *p;
8849f2e380d1 userdb can now return extra parameters to master. Removed special handling Timo Sirainen <tss@iki.fi> parents: 3094 diff changeset	415 unsigned int i, size;
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	416
3158 8849f2e380d1 userdb can now return extra parameters to master. Removed special handling Timo Sirainen <tss@iki.fi> parents: 3094 diff changeset	417 if (*attrlist == '\0')
8849f2e380d1 userdb can now return extra parameters to master. Removed special handling Timo Sirainen <tss@iki.fi> parents: 3094 diff changeset	418 return;
8849f2e380d1 userdb can now return extra parameters to master. Removed special handling Timo Sirainen <tss@iki.fi> parents: 3094 diff changeset	419
8849f2e380d1 userdb can now return extra parameters to master. Removed special handling Timo Sirainen <tss@iki.fi> parents: 3094 diff changeset	420 t_push();
8849f2e380d1 userdb can now return extra parameters to master. Removed special handling Timo Sirainen <tss@iki.fi> parents: 3094 diff changeset	421 attr = t_strsplit(attrlist, ",");
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	422
3212 eb840633c9bf LDAP crashfixes. Timo Sirainen <tss@iki.fi> parents: 3161 diff changeset	423 /* @UNSAFE */
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	424 for (size = 0; attr[size] != NULL; size++) ;
3306 aebed9a9edac If both userdb and passdb used LDAP the later one was overriding first one's Timo Sirainen <tss@iki.fi> parents: 3212 diff changeset	425 attr_names_r = p_new(conn->pool, char , size + 1);
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	426
3158 8849f2e380d1 userdb can now return extra parameters to master. Removed special handling Timo Sirainen <tss@iki.fi> parents: 3094 diff changeset	427 for (i = 0; i < size; i++) {
8849f2e380d1 userdb can now return extra parameters to master. Removed special handling Timo Sirainen <tss@iki.fi> parents: 3094 diff changeset	428 p = strchr(attr[i], '=');
8849f2e380d1 userdb can now return extra parameters to master. Removed special handling Timo Sirainen <tss@iki.fi> parents: 3094 diff changeset	429 if (p == NULL) {
8849f2e380d1 userdb can now return extra parameters to master. Removed special handling Timo Sirainen <tss@iki.fi> parents: 3094 diff changeset	430 name = p_strdup(conn->pool, attr[i]);
8849f2e380d1 userdb can now return extra parameters to master. Removed special handling Timo Sirainen <tss@iki.fi> parents: 3094 diff changeset	431 value = *default_attr_map == NULL ? name :
8849f2e380d1 userdb can now return extra parameters to master. Removed special handling Timo Sirainen <tss@iki.fi> parents: 3094 diff changeset	432 p_strdup(conn->pool, *default_attr_map);
8849f2e380d1 userdb can now return extra parameters to master. Removed special handling Timo Sirainen <tss@iki.fi> parents: 3094 diff changeset	433 } else {
8849f2e380d1 userdb can now return extra parameters to master. Removed special handling Timo Sirainen <tss@iki.fi> parents: 3094 diff changeset	434 name = p_strdup_until(conn->pool, attr[i], p);
8849f2e380d1 userdb can now return extra parameters to master. Removed special handling Timo Sirainen <tss@iki.fi> parents: 3094 diff changeset	435 value = p_strdup(conn->pool, p + 1);
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	436 }
3158 8849f2e380d1 userdb can now return extra parameters to master. Removed special handling Timo Sirainen <tss@iki.fi> parents: 3094 diff changeset	437
3306 aebed9a9edac If both userdb and passdb used LDAP the later one was overriding first one's Timo Sirainen <tss@iki.fi> parents: 3212 diff changeset	438 (*attr_names_r)[i] = name;
3158 8849f2e380d1 userdb can now return extra parameters to master. Removed special handling Timo Sirainen <tss@iki.fi> parents: 3094 diff changeset	439 if (*name != '\0')
3306 aebed9a9edac If both userdb and passdb used LDAP the later one was overriding first one's Timo Sirainen <tss@iki.fi> parents: 3212 diff changeset	440 hash_insert(attr_map, name, value);
3158 8849f2e380d1 userdb can now return extra parameters to master. Removed special handling Timo Sirainen <tss@iki.fi> parents: 3094 diff changeset	441
8849f2e380d1 userdb can now return extra parameters to master. Removed special handling Timo Sirainen <tss@iki.fi> parents: 3094 diff changeset	442 if (*default_attr_map != NULL)
8849f2e380d1 userdb can now return extra parameters to master. Removed special handling Timo Sirainen <tss@iki.fi> parents: 3094 diff changeset	443 default_attr_map++;
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	444 }
3158 8849f2e380d1 userdb can now return extra parameters to master. Removed special handling Timo Sirainen <tss@iki.fi> parents: 3094 diff changeset	445 t_pop();
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	446 }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	447
1330 7cde19dbe754 Moved auth_username_chars from db-pgsql to generic for all. Some other Timo Sirainen <tss@iki.fi> parents: 1282 diff changeset	448 #define IS_LDAP_ESCAPED_CHAR(c) \
7cde19dbe754 Moved auth_username_chars from db-pgsql to generic for all. Some other Timo Sirainen <tss@iki.fi> parents: 1282 diff changeset	449 ((c) == '*' \|\| (c) == '(' \|\| (c) == ')' \|\| (c) == '\\')
7cde19dbe754 Moved auth_username_chars from db-pgsql to generic for all. Some other Timo Sirainen <tss@iki.fi> parents: 1282 diff changeset	450
4295 4fc637010202 Escape SQL strings using sql_escape_string(). Fixes the problems with Timo Sirainen <tss@iki.fi> parents: 4180 diff changeset	451 const char ldap_escape(const char str,
4fc637010202 Escape SQL strings using sql_escape_string(). Fixes the problems with Timo Sirainen <tss@iki.fi> parents: 4180 diff changeset	452 const struct auth_request *auth_request __attr_unused__)
1189 2cb8e2136283 Escape special chars in username if needed. Timo Sirainen <tss@iki.fi> parents: 1182 diff changeset	453 {
2cb8e2136283 Escape special chars in username if needed. Timo Sirainen <tss@iki.fi> parents: 1182 diff changeset	454 const char *p;
1330 7cde19dbe754 Moved auth_username_chars from db-pgsql to generic for all. Some other Timo Sirainen <tss@iki.fi> parents: 1282 diff changeset	455 string_t *ret;
1189 2cb8e2136283 Escape special chars in username if needed. Timo Sirainen <tss@iki.fi> parents: 1182 diff changeset	456
2cb8e2136283 Escape special chars in username if needed. Timo Sirainen <tss@iki.fi> parents: 1182 diff changeset	457 for (p = str; *p != '\0'; p++) {
1330 7cde19dbe754 Moved auth_username_chars from db-pgsql to generic for all. Some other Timo Sirainen <tss@iki.fi> parents: 1282 diff changeset	458 if (IS_LDAP_ESCAPED_CHAR(*p))
1189 2cb8e2136283 Escape special chars in username if needed. Timo Sirainen <tss@iki.fi> parents: 1182 diff changeset	459 break;
2cb8e2136283 Escape special chars in username if needed. Timo Sirainen <tss@iki.fi> parents: 1182 diff changeset	460 }
2cb8e2136283 Escape special chars in username if needed. Timo Sirainen <tss@iki.fi> parents: 1182 diff changeset	461
2cb8e2136283 Escape special chars in username if needed. Timo Sirainen <tss@iki.fi> parents: 1182 diff changeset	462 if (*p == '\0')
2cb8e2136283 Escape special chars in username if needed. Timo Sirainen <tss@iki.fi> parents: 1182 diff changeset	463 return str;
2cb8e2136283 Escape special chars in username if needed. Timo Sirainen <tss@iki.fi> parents: 1182 diff changeset	464
1330 7cde19dbe754 Moved auth_username_chars from db-pgsql to generic for all. Some other Timo Sirainen <tss@iki.fi> parents: 1282 diff changeset	465 ret = t_str_new((size_t) (p - str) + 64);
7cde19dbe754 Moved auth_username_chars from db-pgsql to generic for all. Some other Timo Sirainen <tss@iki.fi> parents: 1282 diff changeset	466 str_append_n(ret, str, (size_t) (p - str));
7cde19dbe754 Moved auth_username_chars from db-pgsql to generic for all. Some other Timo Sirainen <tss@iki.fi> parents: 1282 diff changeset	467
1189 2cb8e2136283 Escape special chars in username if needed. Timo Sirainen <tss@iki.fi> parents: 1182 diff changeset	468 for (; *p != '\0'; p++) {
1330 7cde19dbe754 Moved auth_username_chars from db-pgsql to generic for all. Some other Timo Sirainen <tss@iki.fi> parents: 1282 diff changeset	469 if (IS_LDAP_ESCAPED_CHAR(*p))
7cde19dbe754 Moved auth_username_chars from db-pgsql to generic for all. Some other Timo Sirainen <tss@iki.fi> parents: 1282 diff changeset	470 str_append_c(ret, '\\');
7cde19dbe754 Moved auth_username_chars from db-pgsql to generic for all. Some other Timo Sirainen <tss@iki.fi> parents: 1282 diff changeset	471 str_append_c(ret, *p);
1189 2cb8e2136283 Escape special chars in username if needed. Timo Sirainen <tss@iki.fi> parents: 1182 diff changeset	472 }
1330 7cde19dbe754 Moved auth_username_chars from db-pgsql to generic for all. Some other Timo Sirainen <tss@iki.fi> parents: 1282 diff changeset	473 return str_c(ret);
1189 2cb8e2136283 Escape special chars in username if needed. Timo Sirainen <tss@iki.fi> parents: 1182 diff changeset	474 }
2cb8e2136283 Escape special chars in username if needed. Timo Sirainen <tss@iki.fi> parents: 1182 diff changeset	475
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	476 static const char parse_setting(const char key, const char *value,
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	477 void *context)
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	478 {
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	479 struct ldap_connection *conn = context;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	480
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	481 return parse_setting_from_defs(conn->pool, setting_defs,
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	482 &conn->set, key, value);
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	483 }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	484
1143 50f10a7a3bad Use the same LDAP connection for both userdb and passdb if config_path is Timo Sirainen <tss@iki.fi> parents: 1141 diff changeset	485 static struct ldap_connection ldap_conn_find(const char config_path)
50f10a7a3bad Use the same LDAP connection for both userdb and passdb if config_path is Timo Sirainen <tss@iki.fi> parents: 1141 diff changeset	486 {
50f10a7a3bad Use the same LDAP connection for both userdb and passdb if config_path is Timo Sirainen <tss@iki.fi> parents: 1141 diff changeset	487 struct ldap_connection *conn;
50f10a7a3bad Use the same LDAP connection for both userdb and passdb if config_path is Timo Sirainen <tss@iki.fi> parents: 1141 diff changeset	488
50f10a7a3bad Use the same LDAP connection for both userdb and passdb if config_path is Timo Sirainen <tss@iki.fi> parents: 1141 diff changeset	489 for (conn = ldap_connections; conn != NULL; conn = conn->next) {
50f10a7a3bad Use the same LDAP connection for both userdb and passdb if config_path is Timo Sirainen <tss@iki.fi> parents: 1141 diff changeset	490 if (strcmp(conn->config_path, config_path) == 0)
50f10a7a3bad Use the same LDAP connection for both userdb and passdb if config_path is Timo Sirainen <tss@iki.fi> parents: 1141 diff changeset	491 return conn;
50f10a7a3bad Use the same LDAP connection for both userdb and passdb if config_path is Timo Sirainen <tss@iki.fi> parents: 1141 diff changeset	492 }
50f10a7a3bad Use the same LDAP connection for both userdb and passdb if config_path is Timo Sirainen <tss@iki.fi> parents: 1141 diff changeset	493
50f10a7a3bad Use the same LDAP connection for both userdb and passdb if config_path is Timo Sirainen <tss@iki.fi> parents: 1141 diff changeset	494 return NULL;
50f10a7a3bad Use the same LDAP connection for both userdb and passdb if config_path is Timo Sirainen <tss@iki.fi> parents: 1141 diff changeset	495 }
50f10a7a3bad Use the same LDAP connection for both userdb and passdb if config_path is Timo Sirainen <tss@iki.fi> parents: 1141 diff changeset	496
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	497 struct ldap_connection db_ldap_init(const char config_path)
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	498 {
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	499 struct ldap_connection *conn;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	500 pool_t pool;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	501
1143 50f10a7a3bad Use the same LDAP connection for both userdb and passdb if config_path is Timo Sirainen <tss@iki.fi> parents: 1141 diff changeset	502 /* see if it already exists */
50f10a7a3bad Use the same LDAP connection for both userdb and passdb if config_path is Timo Sirainen <tss@iki.fi> parents: 1141 diff changeset	503 conn = ldap_conn_find(config_path);
50f10a7a3bad Use the same LDAP connection for both userdb and passdb if config_path is Timo Sirainen <tss@iki.fi> parents: 1141 diff changeset	504 if (conn != NULL) {
50f10a7a3bad Use the same LDAP connection for both userdb and passdb if config_path is Timo Sirainen <tss@iki.fi> parents: 1141 diff changeset	505 conn->refcount++;
50f10a7a3bad Use the same LDAP connection for both userdb and passdb if config_path is Timo Sirainen <tss@iki.fi> parents: 1141 diff changeset	506 return conn;
50f10a7a3bad Use the same LDAP connection for both userdb and passdb if config_path is Timo Sirainen <tss@iki.fi> parents: 1141 diff changeset	507 }
50f10a7a3bad Use the same LDAP connection for both userdb and passdb if config_path is Timo Sirainen <tss@iki.fi> parents: 1141 diff changeset	508
3908 afe21b6d4b68 Give a clear error message if SQL/LDAP configuration file path was left Timo Sirainen <tss@iki.fi> parents: 3879 diff changeset	509 if (*config_path == '\0')
afe21b6d4b68 Give a clear error message if SQL/LDAP configuration file path was left Timo Sirainen <tss@iki.fi> parents: 3879 diff changeset	510 i_fatal("LDAP: Configuration file path not given");
afe21b6d4b68 Give a clear error message if SQL/LDAP configuration file path was left Timo Sirainen <tss@iki.fi> parents: 3879 diff changeset	511
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	512 pool = pool_alloconly_create("ldap_connection", 1024);
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	513 conn = p_new(pool, struct ldap_connection, 1);
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	514 conn->pool = pool;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	515
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	516 conn->refcount = 1;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	517 conn->requests = hash_create(default_pool, pool, 0, NULL, NULL);
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	518
1143 50f10a7a3bad Use the same LDAP connection for both userdb and passdb if config_path is Timo Sirainen <tss@iki.fi> parents: 1141 diff changeset	519 conn->config_path = p_strdup(pool, config_path);
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	520 conn->set = default_ldap_settings;
1610 6850142c4e25 New configuration file code. Some syntax changes, but tries to be somewhat Timo Sirainen <tss@iki.fi> parents: 1330 diff changeset	521 if (!settings_read(config_path, NULL, parse_setting, NULL, conn))
6850142c4e25 New configuration file code. Some syntax changes, but tries to be somewhat Timo Sirainen <tss@iki.fi> parents: 1330 diff changeset	522 exit(FATAL_DEFAULT);
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	523
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	524 if (conn->set.base == NULL)
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	525 i_fatal("LDAP: No base given");
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	526
4006 0e8f0647504b Check that uris and hosts settings are correct. Timo Sirainen <tss@iki.fi> parents: 3913 diff changeset	527 if (conn->set.uris == NULL && conn->set.hosts == NULL)
0e8f0647504b Check that uris and hosts settings are correct. Timo Sirainen <tss@iki.fi> parents: 3913 diff changeset	528 i_fatal("LDAP: No uris or hosts set");
0e8f0647504b Check that uris and hosts settings are correct. Timo Sirainen <tss@iki.fi> parents: 3913 diff changeset	529 #ifndef LDAP_HAVE_INITIALIZE
4180 92b572fbb88a If LDAP library didn't have ldap_initialize() function, we always complained Timo Sirainen <tss@iki.fi> parents: 4006 diff changeset	530 if (conn->set.uris != NULL) {
4006 0e8f0647504b Check that uris and hosts settings are correct. Timo Sirainen <tss@iki.fi> parents: 3913 diff changeset	531 i_fatal("LDAP: Dovecot compiled without support for LDAP uris "
0e8f0647504b Check that uris and hosts settings are correct. Timo Sirainen <tss@iki.fi> parents: 3913 diff changeset	532 "(ldap_initialize not found)");
0e8f0647504b Check that uris and hosts settings are correct. Timo Sirainen <tss@iki.fi> parents: 3913 diff changeset	533 }
0e8f0647504b Check that uris and hosts settings are correct. Timo Sirainen <tss@iki.fi> parents: 3913 diff changeset	534 #endif
0e8f0647504b Check that uris and hosts settings are correct. Timo Sirainen <tss@iki.fi> parents: 3913 diff changeset	535
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	536 conn->set.ldap_deref = deref2str(conn->set.deref);
3502 5e78500f1aee user_global_uid and user_global_gid settings weren't working. Also changed Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	537 conn->set.ldap_scope = scope2str(conn->set.scope);
5e78500f1aee user_global_uid and user_global_gid settings weren't working. Also changed Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	538
5e78500f1aee user_global_uid and user_global_gid settings weren't working. Also changed Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	539 if (*conn->set.user_global_uid == '\0')
5e78500f1aee user_global_uid and user_global_gid settings weren't working. Also changed Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	540 conn->set.uid = (uid_t)-1;
5e78500f1aee user_global_uid and user_global_gid settings weren't working. Also changed Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	541 else {
5e78500f1aee user_global_uid and user_global_gid settings weren't working. Also changed Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	542 conn->set.uid =
5e78500f1aee user_global_uid and user_global_gid settings weren't working. Also changed Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	543 userdb_parse_uid(NULL, conn->set.user_global_uid);
5e78500f1aee user_global_uid and user_global_gid settings weren't working. Also changed Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	544 if (conn->set.uid == (uid_t)-1) {
5e78500f1aee user_global_uid and user_global_gid settings weren't working. Also changed Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	545 i_fatal("LDAP: Invalid user_global_uid: %s",
5e78500f1aee user_global_uid and user_global_gid settings weren't working. Also changed Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	546 conn->set.user_global_uid);
5e78500f1aee user_global_uid and user_global_gid settings weren't working. Also changed Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	547 }
5e78500f1aee user_global_uid and user_global_gid settings weren't working. Also changed Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	548 }
5e78500f1aee user_global_uid and user_global_gid settings weren't working. Also changed Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	549
5e78500f1aee user_global_uid and user_global_gid settings weren't working. Also changed Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	550 if (*conn->set.user_global_gid == '\0')
5e78500f1aee user_global_uid and user_global_gid settings weren't working. Also changed Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	551 conn->set.gid = (gid_t)-1;
5e78500f1aee user_global_uid and user_global_gid settings weren't working. Also changed Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	552 else {
5e78500f1aee user_global_uid and user_global_gid settings weren't working. Also changed Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	553 conn->set.gid =
5e78500f1aee user_global_uid and user_global_gid settings weren't working. Also changed Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	554 userdb_parse_gid(NULL, conn->set.user_global_gid);
5e78500f1aee user_global_uid and user_global_gid settings weren't working. Also changed Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	555 if (conn->set.gid == (gid_t)-1) {
5e78500f1aee user_global_uid and user_global_gid settings weren't working. Also changed Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	556 i_fatal("LDAP: Invalid user_global_gid: %s",
5e78500f1aee user_global_uid and user_global_gid settings weren't working. Also changed Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	557 conn->set.user_global_gid);
5e78500f1aee user_global_uid and user_global_gid settings weren't working. Also changed Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	558 }
5e78500f1aee user_global_uid and user_global_gid settings weren't working. Also changed Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	559 }
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	560
1143 50f10a7a3bad Use the same LDAP connection for both userdb and passdb if config_path is Timo Sirainen <tss@iki.fi> parents: 1141 diff changeset	561 conn->next = ldap_connections;
50f10a7a3bad Use the same LDAP connection for both userdb and passdb if config_path is Timo Sirainen <tss@iki.fi> parents: 1141 diff changeset	562 ldap_connections = conn;
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	563 return conn;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	564 }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	565
3879 928229f8b3e6 deinit, unref, destroy, close, free, etc. functions now take a pointer to Timo Sirainen <tss@iki.fi> parents: 3863 diff changeset	566 void db_ldap_unref(struct ldap_connection **_conn)
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	567 {
3879 928229f8b3e6 deinit, unref, destroy, close, free, etc. functions now take a pointer to Timo Sirainen <tss@iki.fi> parents: 3863 diff changeset	568 struct ldap_connection conn = _conn;
3657 0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3502 diff changeset	569 struct ldap_connection **p;
0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3502 diff changeset	570
3879 928229f8b3e6 deinit, unref, destroy, close, free, etc. functions now take a pointer to Timo Sirainen <tss@iki.fi> parents: 3863 diff changeset	571 *_conn = NULL;
3657 0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3502 diff changeset	572 i_assert(conn->refcount >= 0);
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	573 if (--conn->refcount > 0)
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	574 return;
3657 0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3502 diff changeset	575
0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3502 diff changeset	576 for (p = &ldap_connections; p != NULL; p = &(p)->next) {
0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3502 diff changeset	577 if (*p == conn) {
0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3502 diff changeset	578 *p = conn->next;
0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3502 diff changeset	579 break;
0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3502 diff changeset	580 }
0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3502 diff changeset	581 }
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	582
3731 0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	583 ldap_conn_close(conn, TRUE);
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	584
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	585 hash_destroy(conn->requests);
3306 aebed9a9edac If both userdb and passdb used LDAP the later one was overriding first one's Timo Sirainen <tss@iki.fi> parents: 3212 diff changeset	586 if (conn->pass_attr_map != NULL)
aebed9a9edac If both userdb and passdb used LDAP the later one was overriding first one's Timo Sirainen <tss@iki.fi> parents: 3212 diff changeset	587 hash_destroy(conn->pass_attr_map);
aebed9a9edac If both userdb and passdb used LDAP the later one was overriding first one's Timo Sirainen <tss@iki.fi> parents: 3212 diff changeset	588 if (conn->user_attr_map != NULL)
aebed9a9edac If both userdb and passdb used LDAP the later one was overriding first one's Timo Sirainen <tss@iki.fi> parents: 3212 diff changeset	589 hash_destroy(conn->user_attr_map);
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	590 pool_unref(conn->pool);
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	591 }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	592
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	593 #endif

Mercurial > dovecot > original-hg > dovecot-1.2

annotate src/auth/db-ldap.c @ 4624:5beb1fe35e52 HEAD