dovecot/original-hg/dovecot-1.2: src/auth/db-ldap.c annotate

annotate src/auth/db-ldap.c @ 6429:65c69a53a7be HEAD

Replaced my Copyright notices. The year range always ends with 2007 now. My name was replaced with "Dovecot authors". In many cases I didn't really even own the copyright, so this is more correct.

author	Timo Sirainen <tss@iki.fi>
date	Sun, 16 Sep 2007 14:34:22 +0300
parents	7cad076906eb
children	ee420f238104

rev	line source
6429 65c69a53a7be Replaced my Copyright notices. The year range always ends with 2007 now. Timo Sirainen <tss@iki.fi> parents: 6428 diff changeset	1 /* Copyright (c) 2003-2007 Dovecot authors, see the included COPYING file */
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	2
3474 9096b7957413 Removed direct config.h including. I'm not sure why it was done before, Timo Sirainen <tss@iki.fi> parents: 3306 diff changeset	3 #include "common.h"
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	4
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	5 #if defined(PASSDB_LDAP) \|\| defined(USERDB_LDAP)
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	6
1075 f1401fa7ab03 auth process fixes, LDAP seems to be working (with the kludge define or Timo Sirainen <tss@iki.fi> parents: 1062 diff changeset	7 #include "network.h"
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	8 #include "ioloop.h"
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	9 #include "hash.h"
1189 2cb8e2136283 Escape special chars in username if needed. Timo Sirainen <tss@iki.fi> parents: 1182 diff changeset	10 #include "str.h"
5884 1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	11 #include "var-expand.h"
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	12 #include "settings.h"
3502 5e78500f1aee user_global_uid and user_global_gid settings weren't working. Also changed Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	13 #include "userdb.h"
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	14 #include "db-ldap.h"
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	15
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	16 #include <stddef.h>
1610 6850142c4e25 New configuration file code. Some syntax changes, but tries to be somewhat Timo Sirainen <tss@iki.fi> parents: 1330 diff changeset	17 #include <stdlib.h>
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	18
4426 b8089cf41c96 Check for sasl.h and sasl/sasl.h existence and use the one that's found. If Timo Sirainen <tss@iki.fi> parents: 4415 diff changeset	19 #define HAVE_LDAP_SASL
4427 ffafc8583e06 Prefer sasl/sasl.h. Require SASL v2, otherwise disable it. Timo Sirainen <tss@iki.fi> parents: 4426 diff changeset	20 #ifdef HAVE_SASL_SASL_H
ffafc8583e06 Prefer sasl/sasl.h. Require SASL v2, otherwise disable it. Timo Sirainen <tss@iki.fi> parents: 4426 diff changeset	21 # include <sasl/sasl.h>
ffafc8583e06 Prefer sasl/sasl.h. Require SASL v2, otherwise disable it. Timo Sirainen <tss@iki.fi> parents: 4426 diff changeset	22 #elif defined (HAVE_SASL_H)
4426 b8089cf41c96 Check for sasl.h and sasl/sasl.h existence and use the one that's found. If Timo Sirainen <tss@iki.fi> parents: 4415 diff changeset	23 # include <sasl.h>
b8089cf41c96 Check for sasl.h and sasl/sasl.h existence and use the one that's found. If Timo Sirainen <tss@iki.fi> parents: 4415 diff changeset	24 #else
b8089cf41c96 Check for sasl.h and sasl/sasl.h existence and use the one that's found. If Timo Sirainen <tss@iki.fi> parents: 4415 diff changeset	25 # undef HAVE_LDAP_SASL
b8089cf41c96 Check for sasl.h and sasl/sasl.h existence and use the one that's found. If Timo Sirainen <tss@iki.fi> parents: 4415 diff changeset	26 #endif
4427 ffafc8583e06 Prefer sasl/sasl.h. Require SASL v2, otherwise disable it. Timo Sirainen <tss@iki.fi> parents: 4426 diff changeset	27 #if SASL_VERSION_MAJOR < 2
ffafc8583e06 Prefer sasl/sasl.h. Require SASL v2, otherwise disable it. Timo Sirainen <tss@iki.fi> parents: 4426 diff changeset	28 # undef HAVE_LDAP_SASL
ffafc8583e06 Prefer sasl/sasl.h. Require SASL v2, otherwise disable it. Timo Sirainen <tss@iki.fi> parents: 4426 diff changeset	29 #endif
4426 b8089cf41c96 Check for sasl.h and sasl/sasl.h existence and use the one that's found. If Timo Sirainen <tss@iki.fi> parents: 4415 diff changeset	30
4806 63ed4f00f6e1 Solaris LDAP compiling fix. Timo Sirainen <tss@iki.fi> parents: 4772 diff changeset	31 #ifndef LDAP_SASL_QUIET
63ed4f00f6e1 Solaris LDAP compiling fix. Timo Sirainen <tss@iki.fi> parents: 4772 diff changeset	32 # define LDAP_SASL_QUIET 0 /* Doesn't exist in Solaris LDAP */
63ed4f00f6e1 Solaris LDAP compiling fix. Timo Sirainen <tss@iki.fi> parents: 4772 diff changeset	33 #endif
63ed4f00f6e1 Solaris LDAP compiling fix. Timo Sirainen <tss@iki.fi> parents: 4772 diff changeset	34
1181 ac7dbb236b59 Rather than block for two seconds, we can just call ldap_result() again if Timo Sirainen <tss@iki.fi> parents: 1143 diff changeset	35 /* Older versions may require calling ldap_result() twice */
ac7dbb236b59 Rather than block for two seconds, we can just call ldap_result() again if Timo Sirainen <tss@iki.fi> parents: 1143 diff changeset	36 #if LDAP_VENDOR_VERSION <= 20112
1086 067130d609b7 Define OPENLDAP_ASYNC_WORKAROUND Timo Sirainen <tss@iki.fi> parents: 1075 diff changeset	37 # define OPENLDAP_ASYNC_WORKAROUND
067130d609b7 Define OPENLDAP_ASYNC_WORKAROUND Timo Sirainen <tss@iki.fi> parents: 1075 diff changeset	38 #endif
067130d609b7 Define OPENLDAP_ASYNC_WORKAROUND Timo Sirainen <tss@iki.fi> parents: 1075 diff changeset	39
2325 7613e0f68513 Fixed to compile with Solaris LDAP library Timo Sirainen <tss@iki.fi> parents: 1910 diff changeset	40 /* Solaris LDAP library doesn't have LDAP_OPT_SUCCESS */
7613e0f68513 Fixed to compile with Solaris LDAP library Timo Sirainen <tss@iki.fi> parents: 1910 diff changeset	41 #ifndef LDAP_OPT_SUCCESS
7613e0f68513 Fixed to compile with Solaris LDAP library Timo Sirainen <tss@iki.fi> parents: 1910 diff changeset	42 # define LDAP_OPT_SUCCESS LDAP_SUCCESS
7613e0f68513 Fixed to compile with Solaris LDAP library Timo Sirainen <tss@iki.fi> parents: 1910 diff changeset	43 #endif
7613e0f68513 Fixed to compile with Solaris LDAP library Timo Sirainen <tss@iki.fi> parents: 1910 diff changeset	44
5884 1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	45 struct db_ldap_result_iterate_context {
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	46 struct ldap_connection *conn;
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	47 LDAPMessage *entry;
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	48 struct auth_request *auth_request;
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	49
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	50 struct hash_table *attr_map;
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	51 struct var_expand_table *var_table;
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	52
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	53 char attr, *vals;
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	54 const char name, value, template, val_1_arr[2];
6149 a744ae38a9e1 Having =key=value in pass_attrs or user_attrs allows returning static Timo Sirainen <tss@iki.fi> parents: 6148 diff changeset	55 const char const static_attrs;
5884 1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	56 BerElement *ber;
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	57
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	58 string_t var, debug;
6144 d779b7220e23 LDAP crashfixes. Based on patch by Katsu Yamamoto. Timo Sirainen <tss@iki.fi> parents: 5884 diff changeset	59 unsigned int value_idx;
5884 1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	60 };
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	61
5474 331337b735c9 Added type checks to setting defines. Timo Sirainen <tss@iki.fi> parents: 5040 diff changeset	62 #define DEF_STR(name) DEF_STRUCT_STR(name, ldap_settings)
331337b735c9 Added type checks to setting defines. Timo Sirainen <tss@iki.fi> parents: 5040 diff changeset	63 #define DEF_INT(name) DEF_STRUCT_INT(name, ldap_settings)
331337b735c9 Added type checks to setting defines. Timo Sirainen <tss@iki.fi> parents: 5040 diff changeset	64 #define DEF_BOOL(name) DEF_STRUCT_BOOL(name, ldap_settings)
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	65
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	66 static struct setting_def setting_defs[] = {
5474 331337b735c9 Added type checks to setting defines. Timo Sirainen <tss@iki.fi> parents: 5040 diff changeset	67 DEF_STR(hosts),
331337b735c9 Added type checks to setting defines. Timo Sirainen <tss@iki.fi> parents: 5040 diff changeset	68 DEF_STR(uris),
331337b735c9 Added type checks to setting defines. Timo Sirainen <tss@iki.fi> parents: 5040 diff changeset	69 DEF_STR(dn),
331337b735c9 Added type checks to setting defines. Timo Sirainen <tss@iki.fi> parents: 5040 diff changeset	70 DEF_STR(dnpass),
331337b735c9 Added type checks to setting defines. Timo Sirainen <tss@iki.fi> parents: 5040 diff changeset	71 DEF_BOOL(auth_bind),
331337b735c9 Added type checks to setting defines. Timo Sirainen <tss@iki.fi> parents: 5040 diff changeset	72 DEF_STR(auth_bind_userdn),
331337b735c9 Added type checks to setting defines. Timo Sirainen <tss@iki.fi> parents: 5040 diff changeset	73 DEF_BOOL(tls),
331337b735c9 Added type checks to setting defines. Timo Sirainen <tss@iki.fi> parents: 5040 diff changeset	74 DEF_BOOL(sasl_bind),
331337b735c9 Added type checks to setting defines. Timo Sirainen <tss@iki.fi> parents: 5040 diff changeset	75 DEF_STR(sasl_mech),
331337b735c9 Added type checks to setting defines. Timo Sirainen <tss@iki.fi> parents: 5040 diff changeset	76 DEF_STR(sasl_realm),
331337b735c9 Added type checks to setting defines. Timo Sirainen <tss@iki.fi> parents: 5040 diff changeset	77 DEF_STR(sasl_authz_id),
331337b735c9 Added type checks to setting defines. Timo Sirainen <tss@iki.fi> parents: 5040 diff changeset	78 DEF_STR(deref),
331337b735c9 Added type checks to setting defines. Timo Sirainen <tss@iki.fi> parents: 5040 diff changeset	79 DEF_STR(scope),
331337b735c9 Added type checks to setting defines. Timo Sirainen <tss@iki.fi> parents: 5040 diff changeset	80 DEF_STR(base),
331337b735c9 Added type checks to setting defines. Timo Sirainen <tss@iki.fi> parents: 5040 diff changeset	81 DEF_INT(ldap_version),
331337b735c9 Added type checks to setting defines. Timo Sirainen <tss@iki.fi> parents: 5040 diff changeset	82 DEF_STR(user_attrs),
331337b735c9 Added type checks to setting defines. Timo Sirainen <tss@iki.fi> parents: 5040 diff changeset	83 DEF_STR(user_filter),
331337b735c9 Added type checks to setting defines. Timo Sirainen <tss@iki.fi> parents: 5040 diff changeset	84 DEF_STR(pass_attrs),
331337b735c9 Added type checks to setting defines. Timo Sirainen <tss@iki.fi> parents: 5040 diff changeset	85 DEF_STR(pass_filter),
331337b735c9 Added type checks to setting defines. Timo Sirainen <tss@iki.fi> parents: 5040 diff changeset	86 DEF_STR(default_pass_scheme),
3913 af15aab60ff1 Settings' default listing wasn't ended properly, which could have caused Timo Sirainen <tss@iki.fi> parents: 3908 diff changeset	87
af15aab60ff1 Settings' default listing wasn't ended properly, which could have caused Timo Sirainen <tss@iki.fi> parents: 3908 diff changeset	88 { 0, NULL, 0 }
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	89 };
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	90
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	91 struct ldap_settings default_ldap_settings = {
1910 b9005f93be70 Patch by Quentin Garnier: Timo Sirainen <tss@iki.fi> parents: 1897 diff changeset	92 MEMBER(hosts) NULL,
b9005f93be70 Patch by Quentin Garnier: Timo Sirainen <tss@iki.fi> parents: 1897 diff changeset	93 MEMBER(uris) NULL,
1075 f1401fa7ab03 auth process fixes, LDAP seems to be working (with the kludge define or Timo Sirainen <tss@iki.fi> parents: 1062 diff changeset	94 MEMBER(dn) NULL,
f1401fa7ab03 auth process fixes, LDAP seems to be working (with the kludge define or Timo Sirainen <tss@iki.fi> parents: 1062 diff changeset	95 MEMBER(dnpass) NULL,
3771 4b6d962485b9 Added authentication bind support. Patch by J.M. Maurer. Timo Sirainen <tss@iki.fi> parents: 3731 diff changeset	96 MEMBER(auth_bind) FALSE,
3840 935f12d0d2fe Added fast authbinding and auth_bind_userdn setting. Patch by Geff Timo Sirainen <tss@iki.fi> parents: 3771 diff changeset	97 MEMBER(auth_bind_userdn) NULL,
4415 b91816cd1d16 Added TLS support for LDAP if the library supports it. Timo Sirainen <tss@iki.fi> parents: 4405 diff changeset	98 MEMBER(tls) FALSE,
4319 31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	99 MEMBER(sasl_bind) FALSE,
31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	100 MEMBER(sasl_mech) NULL,
31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	101 MEMBER(sasl_realm) NULL,
31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	102 MEMBER(sasl_authz_id) NULL,
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	103 MEMBER(deref) "never",
1135 81930fff13cf passdb ldap added. fixes to userdb ldap. Timo Sirainen <tss@iki.fi> parents: 1086 diff changeset	104 MEMBER(scope) "subtree",
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	105 MEMBER(base) NULL,
1282 e8894f2c776f Added ldap_version setting. Timo Sirainen <tss@iki.fi> parents: 1265 diff changeset	106 MEMBER(ldap_version) 2,
6147 45a12a1bd299 Changed default pass_attrs and user_attrs to use the new format. Timo Sirainen <tss@iki.fi> parents: 6144 diff changeset	107 MEMBER(user_attrs) "homeDirectory=home,uidNumber=uid,gidNumber=gid",
3094 d78e9a31b6d8 Move default filters/attrs to setting defaults rather than check it from Timo Sirainen <tss@iki.fi> parents: 2994 diff changeset	108 MEMBER(user_filter) "(&(objectClass=posixAccount)(uid=%u))",
6147 45a12a1bd299 Changed default pass_attrs and user_attrs to use the new format. Timo Sirainen <tss@iki.fi> parents: 6144 diff changeset	109 MEMBER(pass_attrs) "uid=user,userPassword=password",
3094 d78e9a31b6d8 Move default filters/attrs to setting defaults rather than check it from Timo Sirainen <tss@iki.fi> parents: 2994 diff changeset	110 MEMBER(pass_filter) "(&(objectClass=posixAccount)(uid=%u))",
5872 93bd157917ca Changed userdb callback API. Don't require uid/gid to be returned by userdb. Timo Sirainen <tss@iki.fi> parents: 5554 diff changeset	111 MEMBER(default_pass_scheme) "crypt"
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	112 };
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	113
1143 50f10a7a3bad Use the same LDAP connection for both userdb and passdb if config_path is Timo Sirainen <tss@iki.fi> parents: 1141 diff changeset	114 static struct ldap_connection *ldap_connections = NULL;
50f10a7a3bad Use the same LDAP connection for both userdb and passdb if config_path is Timo Sirainen <tss@iki.fi> parents: 1141 diff changeset	115
4741 deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	116 static int db_ldap_bind(struct ldap_connection *conn);
3863 55df57c028d4 Added "bool" type and changed all ints that were used as booleans to bool. Timo Sirainen <tss@iki.fi> parents: 3840 diff changeset	117 static void ldap_conn_close(struct ldap_connection *conn, bool flush_requests);
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	118
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	119 static int deref2str(const char *str)
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	120 {
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	121 if (strcasecmp(str, "never") == 0)
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	122 return LDAP_DEREF_NEVER;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	123 if (strcasecmp(str, "searching") == 0)
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	124 return LDAP_DEREF_SEARCHING;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	125 if (strcasecmp(str, "finding") == 0)
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	126 return LDAP_DEREF_FINDING;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	127 if (strcasecmp(str, "always") == 0)
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	128 return LDAP_DEREF_ALWAYS;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	129
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	130 i_fatal("LDAP: Unknown deref option '%s'", str);
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	131 }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	132
1135 81930fff13cf passdb ldap added. fixes to userdb ldap. Timo Sirainen <tss@iki.fi> parents: 1086 diff changeset	133 static int scope2str(const char *str)
81930fff13cf passdb ldap added. fixes to userdb ldap. Timo Sirainen <tss@iki.fi> parents: 1086 diff changeset	134 {
81930fff13cf passdb ldap added. fixes to userdb ldap. Timo Sirainen <tss@iki.fi> parents: 1086 diff changeset	135 if (strcasecmp(str, "base") == 0)
81930fff13cf passdb ldap added. fixes to userdb ldap. Timo Sirainen <tss@iki.fi> parents: 1086 diff changeset	136 return LDAP_SCOPE_BASE;
81930fff13cf passdb ldap added. fixes to userdb ldap. Timo Sirainen <tss@iki.fi> parents: 1086 diff changeset	137 if (strcasecmp(str, "onelevel") == 0)
81930fff13cf passdb ldap added. fixes to userdb ldap. Timo Sirainen <tss@iki.fi> parents: 1086 diff changeset	138 return LDAP_SCOPE_ONELEVEL;
81930fff13cf passdb ldap added. fixes to userdb ldap. Timo Sirainen <tss@iki.fi> parents: 1086 diff changeset	139 if (strcasecmp(str, "subtree") == 0)
81930fff13cf passdb ldap added. fixes to userdb ldap. Timo Sirainen <tss@iki.fi> parents: 1086 diff changeset	140 return LDAP_SCOPE_SUBTREE;
81930fff13cf passdb ldap added. fixes to userdb ldap. Timo Sirainen <tss@iki.fi> parents: 1086 diff changeset	141
81930fff13cf passdb ldap added. fixes to userdb ldap. Timo Sirainen <tss@iki.fi> parents: 1086 diff changeset	142 i_fatal("LDAP: Unknown scope option '%s'", str);
81930fff13cf passdb ldap added. fixes to userdb ldap. Timo Sirainen <tss@iki.fi> parents: 1086 diff changeset	143 }
81930fff13cf passdb ldap added. fixes to userdb ldap. Timo Sirainen <tss@iki.fi> parents: 1086 diff changeset	144
5006 129aa779a7f8 Last change for making ldap_bind() error handling better was actually Timo Sirainen <tss@iki.fi> parents: 4996 diff changeset	145 static int ldap_get_errno(struct ldap_connection *conn)
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	146 {
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	147 int ret, err;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	148
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	149 ret = ldap_get_option(conn->ld, LDAP_OPT_ERROR_NUMBER, (void *) &err);
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	150 if (ret != LDAP_SUCCESS) {
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	151 i_error("LDAP: Can't get error number: %s",
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	152 ldap_err2string(ret));
6368 a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	153 return LDAP_UNAVAILABLE;
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	154 }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	155
5006 129aa779a7f8 Last change for making ldap_bind() error handling better was actually Timo Sirainen <tss@iki.fi> parents: 4996 diff changeset	156 return err;
129aa779a7f8 Last change for making ldap_bind() error handling better was actually Timo Sirainen <tss@iki.fi> parents: 4996 diff changeset	157 }
129aa779a7f8 Last change for making ldap_bind() error handling better was actually Timo Sirainen <tss@iki.fi> parents: 4996 diff changeset	158
129aa779a7f8 Last change for making ldap_bind() error handling better was actually Timo Sirainen <tss@iki.fi> parents: 4996 diff changeset	159 const char ldap_get_error(struct ldap_connection conn)
129aa779a7f8 Last change for making ldap_bind() error handling better was actually Timo Sirainen <tss@iki.fi> parents: 4996 diff changeset	160 {
129aa779a7f8 Last change for making ldap_bind() error handling better was actually Timo Sirainen <tss@iki.fi> parents: 4996 diff changeset	161 return ldap_err2string(ldap_get_errno(conn));
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	162 }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	163
4772 d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	164 void db_ldap_add_delayed_request(struct ldap_connection *conn,
d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	165 struct ldap_request *request)
d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	166 {
d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	167 request->next = NULL;
d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	168
d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	169 if (conn->delayed_requests_head == NULL)
d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	170 conn->delayed_requests_head = request;
d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	171 else
d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	172 conn->delayed_requests_tail->next = request;
d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	173 conn->delayed_requests_tail = request;
d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	174 }
d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	175
5037 d7198e2682c6 Do ldap_bind() only when there are no requests waiting, and don't do Timo Sirainen <tss@iki.fi> parents: 5006 diff changeset	176 static void db_ldap_handle_next_delayed_request(struct ldap_connection *conn)
d7198e2682c6 Do ldap_bind() only when there are no requests waiting, and don't do Timo Sirainen <tss@iki.fi> parents: 5006 diff changeset	177 {
d7198e2682c6 Do ldap_bind() only when there are no requests waiting, and don't do Timo Sirainen <tss@iki.fi> parents: 5006 diff changeset	178 struct ldap_request *request;
d7198e2682c6 Do ldap_bind() only when there are no requests waiting, and don't do Timo Sirainen <tss@iki.fi> parents: 5006 diff changeset	179
d7198e2682c6 Do ldap_bind() only when there are no requests waiting, and don't do Timo Sirainen <tss@iki.fi> parents: 5006 diff changeset	180 if (conn->delayed_requests_head == NULL)
d7198e2682c6 Do ldap_bind() only when there are no requests waiting, and don't do Timo Sirainen <tss@iki.fi> parents: 5006 diff changeset	181 return;
d7198e2682c6 Do ldap_bind() only when there are no requests waiting, and don't do Timo Sirainen <tss@iki.fi> parents: 5006 diff changeset	182
d7198e2682c6 Do ldap_bind() only when there are no requests waiting, and don't do Timo Sirainen <tss@iki.fi> parents: 5006 diff changeset	183 request = conn->delayed_requests_head;
d7198e2682c6 Do ldap_bind() only when there are no requests waiting, and don't do Timo Sirainen <tss@iki.fi> parents: 5006 diff changeset	184 conn->delayed_requests_head = request->next;
d7198e2682c6 Do ldap_bind() only when there are no requests waiting, and don't do Timo Sirainen <tss@iki.fi> parents: 5006 diff changeset	185 if (conn->delayed_requests_head == NULL)
d7198e2682c6 Do ldap_bind() only when there are no requests waiting, and don't do Timo Sirainen <tss@iki.fi> parents: 5006 diff changeset	186 conn->delayed_requests_tail = NULL;
d7198e2682c6 Do ldap_bind() only when there are no requests waiting, and don't do Timo Sirainen <tss@iki.fi> parents: 5006 diff changeset	187
d7198e2682c6 Do ldap_bind() only when there are no requests waiting, and don't do Timo Sirainen <tss@iki.fi> parents: 5006 diff changeset	188 conn->retrying = TRUE;
d7198e2682c6 Do ldap_bind() only when there are no requests waiting, and don't do Timo Sirainen <tss@iki.fi> parents: 5006 diff changeset	189 if (request->filter == NULL)
d7198e2682c6 Do ldap_bind() only when there are no requests waiting, and don't do Timo Sirainen <tss@iki.fi> parents: 5006 diff changeset	190 request->callback(conn, request, NULL);
d7198e2682c6 Do ldap_bind() only when there are no requests waiting, and don't do Timo Sirainen <tss@iki.fi> parents: 5006 diff changeset	191 else
d7198e2682c6 Do ldap_bind() only when there are no requests waiting, and don't do Timo Sirainen <tss@iki.fi> parents: 5006 diff changeset	192 db_ldap_search(conn, request, conn->set.ldap_scope);
d7198e2682c6 Do ldap_bind() only when there are no requests waiting, and don't do Timo Sirainen <tss@iki.fi> parents: 5006 diff changeset	193 conn->retrying = FALSE;
d7198e2682c6 Do ldap_bind() only when there are no requests waiting, and don't do Timo Sirainen <tss@iki.fi> parents: 5006 diff changeset	194 }
d7198e2682c6 Do ldap_bind() only when there are no requests waiting, and don't do Timo Sirainen <tss@iki.fi> parents: 5006 diff changeset	195
6368 a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	196 static void ldap_conn_reconnect(struct ldap_connection *conn)
a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	197 {
a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	198 ldap_conn_close(conn, FALSE);
a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	199
a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	200 if (db_ldap_connect(conn) < 0) {
a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	201 /* failed to reconnect. fail all requests. */
a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	202 ldap_conn_close(conn, TRUE);
a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	203 }
a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	204 }
a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	205
a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	206 static void ldap_handle_error(struct ldap_connection *conn)
a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	207 {
a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	208 int err = ldap_get_errno(conn);
a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	209
a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	210 switch (err) {
a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	211 case LDAP_SUCCESS:
a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	212 i_unreached();
a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	213 case LDAP_SIZELIMIT_EXCEEDED:
a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	214 case LDAP_TIMELIMIT_EXCEEDED:
a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	215 case LDAP_NO_SUCH_ATTRIBUTE:
a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	216 case LDAP_UNDEFINED_TYPE:
a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	217 case LDAP_INAPPROPRIATE_MATCHING:
a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	218 case LDAP_CONSTRAINT_VIOLATION:
a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	219 case LDAP_TYPE_OR_VALUE_EXISTS:
a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	220 case LDAP_INVALID_SYNTAX:
a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	221 case LDAP_NO_SUCH_OBJECT:
a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	222 case LDAP_ALIAS_PROBLEM:
a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	223 case LDAP_INVALID_DN_SYNTAX:
a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	224 case LDAP_IS_LEAF:
a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	225 case LDAP_ALIAS_DEREF_PROBLEM:
a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	226 case LDAP_FILTER_ERROR:
a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	227 /* invalid input */
a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	228 break;
a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	229 case LDAP_SERVER_DOWN:
a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	230 case LDAP_TIMEOUT:
a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	231 case LDAP_UNAVAILABLE:
a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	232 case LDAP_BUSY:
a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	233 #ifdef LDAP_CONNECT_ERROR
a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	234 case LDAP_CONNECT_ERROR:
a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	235 #endif
a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	236 case LDAP_LOCAL_ERROR:
a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	237 case LDAP_INVALID_CREDENTIALS:
a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	238 default:
a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	239 /* connection problems */
a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	240 ldap_conn_reconnect(conn);
a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	241 break;
a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	242 }
a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	243 }
a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	244
3771 4b6d962485b9 Added authentication bind support. Patch by J.M. Maurer. Timo Sirainen <tss@iki.fi> parents: 3731 diff changeset	245 void db_ldap_search(struct ldap_connection conn, struct ldap_request request,
4b6d962485b9 Added authentication bind support. Patch by J.M. Maurer. Timo Sirainen <tss@iki.fi> parents: 3731 diff changeset	246 int scope)
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	247 {
6368 a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	248 int try, msgid = -1;
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	249
4742 62a5d2c10ecd Crashfixes Timo Sirainen <tss@iki.fi> parents: 4741 diff changeset	250 if (db_ldap_connect(conn) < 0) {
62a5d2c10ecd Crashfixes Timo Sirainen <tss@iki.fi> parents: 4741 diff changeset	251 request->callback(conn, request, NULL);
62a5d2c10ecd Crashfixes Timo Sirainen <tss@iki.fi> parents: 4741 diff changeset	252 return;
4741 deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	253 }
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	254
6368 a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	255 for (try = 0; conn->connected && !conn->binding && try < 2; try++) {
4751 aadf124d273f Fixes Timo Sirainen <tss@iki.fi> parents: 4749 diff changeset	256 if (conn->last_auth_bind) {
aadf124d273f Fixes Timo Sirainen <tss@iki.fi> parents: 4749 diff changeset	257 /* switch back to the default dn before doing the
aadf124d273f Fixes Timo Sirainen <tss@iki.fi> parents: 4749 diff changeset	258 search request. */
aadf124d273f Fixes Timo Sirainen <tss@iki.fi> parents: 4749 diff changeset	259 if (db_ldap_bind(conn) < 0) {
aadf124d273f Fixes Timo Sirainen <tss@iki.fi> parents: 4749 diff changeset	260 request->callback(conn, request, NULL);
aadf124d273f Fixes Timo Sirainen <tss@iki.fi> parents: 4749 diff changeset	261 return;
aadf124d273f Fixes Timo Sirainen <tss@iki.fi> parents: 4749 diff changeset	262 }
6368 a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	263 break;
4751 aadf124d273f Fixes Timo Sirainen <tss@iki.fi> parents: 4749 diff changeset	264 }
aadf124d273f Fixes Timo Sirainen <tss@iki.fi> parents: 4749 diff changeset	265
aadf124d273f Fixes Timo Sirainen <tss@iki.fi> parents: 4749 diff changeset	266 msgid = ldap_search(conn->ld, request->base, scope,
aadf124d273f Fixes Timo Sirainen <tss@iki.fi> parents: 4749 diff changeset	267 request->filter, request->attributes, 0);
6370 b755957098cd And a fix for last LDAP lookup changes. Timo Sirainen <tss@iki.fi> parents: 6369 diff changeset	268 if (msgid != -1)
b755957098cd And a fix for last LDAP lookup changes. Timo Sirainen <tss@iki.fi> parents: 6369 diff changeset	269 break;
b755957098cd And a fix for last LDAP lookup changes. Timo Sirainen <tss@iki.fi> parents: 6369 diff changeset	270
b755957098cd And a fix for last LDAP lookup changes. Timo Sirainen <tss@iki.fi> parents: 6369 diff changeset	271 i_error("LDAP: ldap_search() failed (filter %s): %s",
b755957098cd And a fix for last LDAP lookup changes. Timo Sirainen <tss@iki.fi> parents: 6369 diff changeset	272 request->filter, ldap_get_error(conn));
b755957098cd And a fix for last LDAP lookup changes. Timo Sirainen <tss@iki.fi> parents: 6369 diff changeset	273 ldap_handle_error(conn);
6368 a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	274 }
a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	275
a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	276 if (msgid != -1)
4772 d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	277 hash_insert(conn->requests, POINTER_CAST(msgid), request);
6368 a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	278 else
4772 d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	279 db_ldap_add_delayed_request(conn, request);
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	280 }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	281
3731 0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	282 static void ldap_conn_retry_requests(struct ldap_connection *conn)
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	283 {
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	284 struct hash_table *old_requests;
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	285 struct hash_iterate_context *iter;
4772 d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	286 struct ldap_request request, p, next;
3731 0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	287 void key, value;
4772 d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	288 bool have_hash_binds = FALSE;
3731 0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	289
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	290 i_assert(conn->connected);
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	291
4772 d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	292 if (hash_size(conn->requests) == 0 &&
d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	293 conn->delayed_requests_head == NULL)
3731 0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	294 return;
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	295
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	296 old_requests = conn->requests;
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	297 conn->requests = hash_create(default_pool, conn->pool, 0, NULL, NULL);
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	298
4741 deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	299 conn->retrying = TRUE;
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	300 /* first retry all the search requests */
3731 0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	301 iter = hash_iterate_init(old_requests);
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	302 while (hash_iterate(iter, &key, &value)) {
4772 d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	303 request = value;
3731 0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	304
4741 deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	305 if (request->filter == NULL) {
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	306 /* bind request */
4772 d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	307 have_hash_binds = TRUE;
4741 deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	308 } else {
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	309 i_assert(conn->connected);
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	310 db_ldap_search(conn, request, conn->set.ldap_scope);
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	311 }
3731 0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	312 }
6417 047d0d8bbf0a hash_destroy() and hash_iterate_deinit() now take ** pointer. Timo Sirainen <tss@iki.fi> parents: 6411 diff changeset	313 hash_iterate_deinit(&iter);
4741 deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	314
4772 d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	315 /* then delayed search requests */
d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	316 p = &conn->delayed_requests_head;
d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	317 while (*p != NULL) {
d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	318 request = *p;
d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	319
d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	320 if (request->filter != NULL) {
d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	321 *p = request->next;
d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	322
d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	323 i_assert(conn->connected);
d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	324 db_ldap_search(conn, request, conn->set.ldap_scope);
d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	325 } else {
d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	326 p = &(*p)->next;
d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	327 }
d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	328 }
d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	329
d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	330 if (have_hash_binds && conn->set.auth_bind) {
4741 deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	331 /* next retry all the bind requests. without auth binds the
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	332 only bind request can be the initial connection binding,
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	333 which we don't care to retry. */
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	334 iter = hash_iterate_init(old_requests);
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	335 while (hash_iterate(iter, &key, &value)) {
4772 d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	336 request = value;
4741 deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	337
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	338 if (request->filter == NULL)
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	339 request->callback(conn, request, NULL);
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	340 }
6417 047d0d8bbf0a hash_destroy() and hash_iterate_deinit() now take ** pointer. Timo Sirainen <tss@iki.fi> parents: 6411 diff changeset	341 hash_iterate_deinit(&iter);
4741 deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	342 }
4772 d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	343 if (conn->delayed_requests_head != NULL && conn->set.auth_bind) {
d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	344 request = conn->delayed_requests_head;
d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	345 for (; request != NULL; request = next) {
d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	346 next = request->next;
d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	347
d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	348 i_assert(request->filter == NULL);
d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	349 request->callback(conn, request, NULL);
d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	350 }
6152 58144db52331 Retrying delayed auth binds after LDAP server reconnection assert-crashed. Timo Sirainen <tss@iki.fi> parents: 6149 diff changeset	351 conn->delayed_requests_head = NULL;
4772 d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	352 }
6417 047d0d8bbf0a hash_destroy() and hash_iterate_deinit() now take ** pointer. Timo Sirainen <tss@iki.fi> parents: 6411 diff changeset	353 hash_destroy(&old_requests);
4741 deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	354
4772 d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	355 i_assert(conn->delayed_requests_head == NULL);
d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	356 conn->delayed_requests_tail = NULL;
4741 deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	357 conn->retrying = FALSE;
3731 0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	358 }
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	359
4907 5b4c9b20eba0 Replaced void context from a lot of callbacks with the actual context Timo Sirainen <tss@iki.fi>* parents: 4903 diff changeset	360 static void ldap_input(struct ldap_connection *conn)
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	361 {
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	362 struct ldap_request *request;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	363 struct timeval timeout;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	364 LDAPMessage *res;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	365 int ret, msgid;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	366
5037 d7198e2682c6 Do ldap_bind() only when there are no requests waiting, and don't do Timo Sirainen <tss@iki.fi> parents: 5006 diff changeset	367 for (;;) {
d7198e2682c6 Do ldap_bind() only when there are no requests waiting, and don't do Timo Sirainen <tss@iki.fi> parents: 5006 diff changeset	368 if (conn->ld == NULL)
d7198e2682c6 Do ldap_bind() only when there are no requests waiting, and don't do Timo Sirainen <tss@iki.fi> parents: 5006 diff changeset	369 return;
d7198e2682c6 Do ldap_bind() only when there are no requests waiting, and don't do Timo Sirainen <tss@iki.fi> parents: 5006 diff changeset	370
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	371 memset(&timeout, 0, sizeof(timeout));
1181 ac7dbb236b59 Rather than block for two seconds, we can just call ldap_result() again if Timo Sirainen <tss@iki.fi> parents: 1143 diff changeset	372 ret = ldap_result(conn->ld, LDAP_RES_ANY, 1, &timeout, &res);
1075 f1401fa7ab03 auth process fixes, LDAP seems to be working (with the kludge define or Timo Sirainen <tss@iki.fi> parents: 1062 diff changeset	373 #ifdef OPENLDAP_ASYNC_WORKAROUND
1181 ac7dbb236b59 Rather than block for two seconds, we can just call ldap_result() again if Timo Sirainen <tss@iki.fi> parents: 1143 diff changeset	374 if (ret == 0) {
ac7dbb236b59 Rather than block for two seconds, we can just call ldap_result() again if Timo Sirainen <tss@iki.fi> parents: 1143 diff changeset	375 /* try again, there may be another in buffer */
ac7dbb236b59 Rather than block for two seconds, we can just call ldap_result() again if Timo Sirainen <tss@iki.fi> parents: 1143 diff changeset	376 ret = ldap_result(conn->ld, LDAP_RES_ANY, 1,
ac7dbb236b59 Rather than block for two seconds, we can just call ldap_result() again if Timo Sirainen <tss@iki.fi> parents: 1143 diff changeset	377 &timeout, &res);
ac7dbb236b59 Rather than block for two seconds, we can just call ldap_result() again if Timo Sirainen <tss@iki.fi> parents: 1143 diff changeset	378 }
1075 f1401fa7ab03 auth process fixes, LDAP seems to be working (with the kludge define or Timo Sirainen <tss@iki.fi> parents: 1062 diff changeset	379 #endif
5037 d7198e2682c6 Do ldap_bind() only when there are no requests waiting, and don't do Timo Sirainen <tss@iki.fi> parents: 5006 diff changeset	380 if (ret <= 0)
d7198e2682c6 Do ldap_bind() only when there are no requests waiting, and don't do Timo Sirainen <tss@iki.fi> parents: 5006 diff changeset	381 break;
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	382
1210 8e6addbf12b3 minor ldap fixes Timo Sirainen <tss@iki.fi> parents: 1191 diff changeset	383 msgid = ldap_msgid(res);
8e6addbf12b3 minor ldap fixes Timo Sirainen <tss@iki.fi> parents: 1191 diff changeset	384 request = hash_lookup(conn->requests, POINTER_CAST(msgid));
8e6addbf12b3 minor ldap fixes Timo Sirainen <tss@iki.fi> parents: 1191 diff changeset	385 if (request == NULL) {
8e6addbf12b3 minor ldap fixes Timo Sirainen <tss@iki.fi> parents: 1191 diff changeset	386 i_error("LDAP: Reply with unknown msgid %d",
8e6addbf12b3 minor ldap fixes Timo Sirainen <tss@iki.fi> parents: 1191 diff changeset	387 msgid);
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	388 } else {
1210 8e6addbf12b3 minor ldap fixes Timo Sirainen <tss@iki.fi> parents: 1191 diff changeset	389 hash_remove(conn->requests, POINTER_CAST(msgid));
8e6addbf12b3 minor ldap fixes Timo Sirainen <tss@iki.fi> parents: 1191 diff changeset	390 request->callback(conn, request, res);
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	391 }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	392
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	393 ldap_msgfree(res);
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	394 }
5037 d7198e2682c6 Do ldap_bind() only when there are no requests waiting, and don't do Timo Sirainen <tss@iki.fi> parents: 5006 diff changeset	395
d7198e2682c6 Do ldap_bind() only when there are no requests waiting, and don't do Timo Sirainen <tss@iki.fi> parents: 5006 diff changeset	396 if (ret < 0) {
6368 a930c2ecd73c Reconnect if ldap_search() returns a failure related to connection problems. Timo Sirainen <tss@iki.fi> parents: 6198 diff changeset	397 i_error("LDAP: ldap_result() failed: %s", ldap_get_error(conn));
6369 f7cc3723ad99 Actually reconnect always if ldap_result() fails for any reason. There Timo Sirainen <tss@iki.fi> parents: 6368 diff changeset	398 ldap_conn_reconnect(conn);
5037 d7198e2682c6 Do ldap_bind() only when there are no requests waiting, and don't do Timo Sirainen <tss@iki.fi> parents: 5006 diff changeset	399 } else {
d7198e2682c6 Do ldap_bind() only when there are no requests waiting, and don't do Timo Sirainen <tss@iki.fi> parents: 5006 diff changeset	400 if (!conn->binding)
d7198e2682c6 Do ldap_bind() only when there are no requests waiting, and don't do Timo Sirainen <tss@iki.fi> parents: 5006 diff changeset	401 db_ldap_handle_next_delayed_request(conn);
d7198e2682c6 Do ldap_bind() only when there are no requests waiting, and don't do Timo Sirainen <tss@iki.fi> parents: 5006 diff changeset	402 }
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	403 }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	404
4426 b8089cf41c96 Check for sasl.h and sasl/sasl.h existence and use the one that's found. If Timo Sirainen <tss@iki.fi> parents: 4415 diff changeset	405 #ifdef HAVE_LDAP_SASL
4405 fe17f63521ea Compiler warning fixes and some coding style cleanups. Timo Sirainen <tss@iki.fi> parents: 4319 diff changeset	406 static int
6411 6a64e64fa3a3 Renamed __attr___ to ATTR_. Renamed __attrs_used__ to ATTRS_DEFINED. Timo Sirainen <tss@iki.fi> parents: 6370 diff changeset	407 sasl_interact(LDAP *ld ATTR_UNUSED, unsigned flags ATTR_UNUSED,
4405 fe17f63521ea Compiler warning fixes and some coding style cleanups. Timo Sirainen <tss@iki.fi> parents: 4319 diff changeset	408 void defaults, void interact)
4319 31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	409 {
4426 b8089cf41c96 Check for sasl.h and sasl/sasl.h existence and use the one that's found. If Timo Sirainen <tss@iki.fi> parents: 4415 diff changeset	410 struct ldap_sasl_bind_context *context = defaults;
4319 31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	411 sasl_interact_t *in;
4405 fe17f63521ea Compiler warning fixes and some coding style cleanups. Timo Sirainen <tss@iki.fi> parents: 4319 diff changeset	412 const char *str;
4319 31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	413
4405 fe17f63521ea Compiler warning fixes and some coding style cleanups. Timo Sirainen <tss@iki.fi> parents: 4319 diff changeset	414 for (in = interact; in->id != SASL_CB_LIST_END; in++) {
fe17f63521ea Compiler warning fixes and some coding style cleanups. Timo Sirainen <tss@iki.fi> parents: 4319 diff changeset	415 switch (in->id) {
4319 31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	416 case SASL_CB_GETREALM:
4405 fe17f63521ea Compiler warning fixes and some coding style cleanups. Timo Sirainen <tss@iki.fi> parents: 4319 diff changeset	417 str = context->realm;
4319 31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	418 break;
31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	419 case SASL_CB_AUTHNAME:
4405 fe17f63521ea Compiler warning fixes and some coding style cleanups. Timo Sirainen <tss@iki.fi> parents: 4319 diff changeset	420 str = context->authcid;
4319 31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	421 break;
31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	422 case SASL_CB_USER:
4405 fe17f63521ea Compiler warning fixes and some coding style cleanups. Timo Sirainen <tss@iki.fi> parents: 4319 diff changeset	423 str = context->authzid;
4319 31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	424 break;
31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	425 case SASL_CB_PASS:
4405 fe17f63521ea Compiler warning fixes and some coding style cleanups. Timo Sirainen <tss@iki.fi> parents: 4319 diff changeset	426 str = context->passwd;
fe17f63521ea Compiler warning fixes and some coding style cleanups. Timo Sirainen <tss@iki.fi> parents: 4319 diff changeset	427 break;
fe17f63521ea Compiler warning fixes and some coding style cleanups. Timo Sirainen <tss@iki.fi> parents: 4319 diff changeset	428 default:
fe17f63521ea Compiler warning fixes and some coding style cleanups. Timo Sirainen <tss@iki.fi> parents: 4319 diff changeset	429 str = NULL;
4319 31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	430 break;
31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	431 }
4405 fe17f63521ea Compiler warning fixes and some coding style cleanups. Timo Sirainen <tss@iki.fi> parents: 4319 diff changeset	432 if (str != NULL) {
fe17f63521ea Compiler warning fixes and some coding style cleanups. Timo Sirainen <tss@iki.fi> parents: 4319 diff changeset	433 in->len = strlen(str);
fe17f63521ea Compiler warning fixes and some coding style cleanups. Timo Sirainen <tss@iki.fi> parents: 4319 diff changeset	434 in->result = str;
4319 31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	435 }
31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	436
31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	437 }
31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	438 return LDAP_SUCCESS;
31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	439 }
4426 b8089cf41c96 Check for sasl.h and sasl/sasl.h existence and use the one that's found. If Timo Sirainen <tss@iki.fi> parents: 4415 diff changeset	440 #endif
4319 31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	441
4741 deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	442 static int db_ldap_connect_finish(struct ldap_connection *conn, int ret)
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	443 {
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	444 if (ret == LDAP_SERVER_DOWN) {
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	445 i_error("LDAP: Can't connect to server: %s",
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	446 conn->set.uris != NULL ?
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	447 conn->set.uris : conn->set.hosts);
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	448 return -1;
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	449 }
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	450 if (ret != LDAP_SUCCESS) {
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	451 i_error("LDAP: binding failed (dn %s): %s",
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	452 conn->set.dn == NULL ? "(none)" : conn->set.dn,
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	453 ldap_get_error(conn));
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	454 return -1;
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	455 }
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	456
4751 aadf124d273f Fixes Timo Sirainen <tss@iki.fi> parents: 4749 diff changeset	457 if (!conn->connected) {
aadf124d273f Fixes Timo Sirainen <tss@iki.fi> parents: 4749 diff changeset	458 conn->connected = TRUE;
4741 deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	459
4751 aadf124d273f Fixes Timo Sirainen <tss@iki.fi> parents: 4749 diff changeset	460 /* in case there are requests waiting, retry them */
aadf124d273f Fixes Timo Sirainen <tss@iki.fi> parents: 4749 diff changeset	461 ldap_conn_retry_requests(conn);
aadf124d273f Fixes Timo Sirainen <tss@iki.fi> parents: 4749 diff changeset	462 }
4741 deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	463 return 0;
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	464 }
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	465
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	466 static void db_ldap_bind_callback(struct ldap_connection *conn,
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	467 struct ldap_request *ldap_request,
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	468 LDAPMessage *res)
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	469 {
4741 deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	470 int ret;
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	471
5037 d7198e2682c6 Do ldap_bind() only when there are no requests waiting, and don't do Timo Sirainen <tss@iki.fi> parents: 5006 diff changeset	472 conn->binding = FALSE;
4741 deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	473 conn->connecting = FALSE;
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	474 i_free(ldap_request);
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	475
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	476 if (res == NULL) {
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	477 /* aborted */
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	478 return;
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	479 }
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	480
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	481 ret = ldap_result2error(conn->ld, res, FALSE);
4751 aadf124d273f Fixes Timo Sirainen <tss@iki.fi> parents: 4749 diff changeset	482 if (db_ldap_connect_finish(conn, ret) < 0) {
aadf124d273f Fixes Timo Sirainen <tss@iki.fi> parents: 4749 diff changeset	483 /* lost connection, close it */
aadf124d273f Fixes Timo Sirainen <tss@iki.fi> parents: 4749 diff changeset	484 ldap_conn_close(conn, TRUE);
aadf124d273f Fixes Timo Sirainen <tss@iki.fi> parents: 4749 diff changeset	485 }
4741 deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	486 }
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	487
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	488 static int db_ldap_bind(struct ldap_connection *conn)
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	489 {
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	490 struct ldap_request *ldap_request;
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	491 int msgid;
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	492
5037 d7198e2682c6 Do ldap_bind() only when there are no requests waiting, and don't do Timo Sirainen <tss@iki.fi> parents: 5006 diff changeset	493 i_assert(!conn->binding);
d7198e2682c6 Do ldap_bind() only when there are no requests waiting, and don't do Timo Sirainen <tss@iki.fi> parents: 5006 diff changeset	494
4741 deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	495 ldap_request = i_new(struct ldap_request, 1);
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	496 ldap_request->callback = db_ldap_bind_callback;
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	497 ldap_request->context = conn;
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	498
4996 cfef56a6bf4a If ldap_bind() fails directly, log the "ldap server down" errors more nicely. Timo Sirainen <tss@iki.fi> parents: 4907 diff changeset	499 msgid = ldap_bind(conn->ld, conn->set.dn, conn->set.dnpass,
cfef56a6bf4a If ldap_bind() fails directly, log the "ldap server down" errors more nicely. Timo Sirainen <tss@iki.fi> parents: 4907 diff changeset	500 LDAP_AUTH_SIMPLE);
4741 deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	501 if (msgid == -1) {
5006 129aa779a7f8 Last change for making ldap_bind() error handling better was actually Timo Sirainen <tss@iki.fi> parents: 4996 diff changeset	502 db_ldap_connect_finish(conn, ldap_get_errno(conn));
4742 62a5d2c10ecd Crashfixes Timo Sirainen <tss@iki.fi> parents: 4741 diff changeset	503 i_free(ldap_request);
4741 deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	504 return -1;
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	505 }
4751 aadf124d273f Fixes Timo Sirainen <tss@iki.fi> parents: 4749 diff changeset	506
aadf124d273f Fixes Timo Sirainen <tss@iki.fi> parents: 4749 diff changeset	507 conn->connecting = TRUE;
5037 d7198e2682c6 Do ldap_bind() only when there are no requests waiting, and don't do Timo Sirainen <tss@iki.fi> parents: 5006 diff changeset	508 conn->binding = TRUE;
4741 deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	509 hash_insert(conn->requests, POINTER_CAST(msgid), ldap_request);
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	510
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	511 /* we're binding back to the original DN, not doing an
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	512 authentication bind */
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	513 conn->last_auth_bind = FALSE;
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	514 return 0;
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	515 }
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	516
4742 62a5d2c10ecd Crashfixes Timo Sirainen <tss@iki.fi> parents: 4741 diff changeset	517 static void db_ldap_get_fd(struct ldap_connection *conn)
62a5d2c10ecd Crashfixes Timo Sirainen <tss@iki.fi> parents: 4741 diff changeset	518 {
62a5d2c10ecd Crashfixes Timo Sirainen <tss@iki.fi> parents: 4741 diff changeset	519 int ret;
62a5d2c10ecd Crashfixes Timo Sirainen <tss@iki.fi> parents: 4741 diff changeset	520
62a5d2c10ecd Crashfixes Timo Sirainen <tss@iki.fi> parents: 4741 diff changeset	521 /* get the connection's fd */
62a5d2c10ecd Crashfixes Timo Sirainen <tss@iki.fi> parents: 4741 diff changeset	522 ret = ldap_get_option(conn->ld, LDAP_OPT_DESC, (void *)&conn->fd);
62a5d2c10ecd Crashfixes Timo Sirainen <tss@iki.fi> parents: 4741 diff changeset	523 if (ret != LDAP_SUCCESS) {
62a5d2c10ecd Crashfixes Timo Sirainen <tss@iki.fi> parents: 4741 diff changeset	524 i_fatal("LDAP: Can't get connection fd: %s",
62a5d2c10ecd Crashfixes Timo Sirainen <tss@iki.fi> parents: 4741 diff changeset	525 ldap_err2string(ret));
62a5d2c10ecd Crashfixes Timo Sirainen <tss@iki.fi> parents: 4741 diff changeset	526 }
62a5d2c10ecd Crashfixes Timo Sirainen <tss@iki.fi> parents: 4741 diff changeset	527 i_assert(conn->fd != -1);
62a5d2c10ecd Crashfixes Timo Sirainen <tss@iki.fi> parents: 4741 diff changeset	528 net_set_nonblock(conn->fd, TRUE);
62a5d2c10ecd Crashfixes Timo Sirainen <tss@iki.fi> parents: 4741 diff changeset	529 }
62a5d2c10ecd Crashfixes Timo Sirainen <tss@iki.fi> parents: 4741 diff changeset	530
4741 deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	531 int db_ldap_connect(struct ldap_connection *conn)
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	532 {
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	533 unsigned int ldap_version;
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	534 int ret;
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	535
4742 62a5d2c10ecd Crashfixes Timo Sirainen <tss@iki.fi> parents: 4741 diff changeset	536 if (conn->connected \|\| conn->connecting)
4741 deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	537 return 0;
5037 d7198e2682c6 Do ldap_bind() only when there are no requests waiting, and don't do Timo Sirainen <tss@iki.fi> parents: 5006 diff changeset	538 i_assert(!conn->binding);
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	539
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	540 if (conn->ld == NULL) {
1910 b9005f93be70 Patch by Quentin Garnier: Timo Sirainen <tss@iki.fi> parents: 1897 diff changeset	541 if (conn->set.uris != NULL) {
2325 7613e0f68513 Fixed to compile with Solaris LDAP library Timo Sirainen <tss@iki.fi> parents: 1910 diff changeset	542 #ifdef LDAP_HAVE_INITIALIZE
1910 b9005f93be70 Patch by Quentin Garnier: Timo Sirainen <tss@iki.fi> parents: 1897 diff changeset	543 if (ldap_initialize(&conn->ld, conn->set.uris) != LDAP_SUCCESS)
b9005f93be70 Patch by Quentin Garnier: Timo Sirainen <tss@iki.fi> parents: 1897 diff changeset	544 conn->ld = NULL;
2325 7613e0f68513 Fixed to compile with Solaris LDAP library Timo Sirainen <tss@iki.fi> parents: 1910 diff changeset	545 #else
7613e0f68513 Fixed to compile with Solaris LDAP library Timo Sirainen <tss@iki.fi> parents: 1910 diff changeset	546 i_fatal("LDAP: Your LDAP library doesn't support "
7613e0f68513 Fixed to compile with Solaris LDAP library Timo Sirainen <tss@iki.fi> parents: 1910 diff changeset	547 "'uris' setting, use 'hosts' instead.");
7613e0f68513 Fixed to compile with Solaris LDAP library Timo Sirainen <tss@iki.fi> parents: 1910 diff changeset	548 #endif
1910 b9005f93be70 Patch by Quentin Garnier: Timo Sirainen <tss@iki.fi> parents: 1897 diff changeset	549 } else
b9005f93be70 Patch by Quentin Garnier: Timo Sirainen <tss@iki.fi> parents: 1897 diff changeset	550 conn->ld = ldap_init(conn->set.hosts, LDAP_PORT);
b9005f93be70 Patch by Quentin Garnier: Timo Sirainen <tss@iki.fi> parents: 1897 diff changeset	551
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	552 if (conn->ld == NULL)
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	553 i_fatal("LDAP: ldap_init() failed with hosts: %s",
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	554 conn->set.hosts);
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	555
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	556 ret = ldap_set_option(conn->ld, LDAP_OPT_DEREF,
4741 deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	557 (void *)&conn->set.ldap_deref);
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	558 if (ret != LDAP_SUCCESS) {
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	559 i_fatal("LDAP: Can't set deref option: %s",
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	560 ldap_err2string(ret));
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	561 }
1282 e8894f2c776f Added ldap_version setting. Timo Sirainen <tss@iki.fi> parents: 1265 diff changeset	562
4741 deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	563 /* If SASL binds are used, the protocol version needs to be
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	564 at least 3 */
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	565 ldap_version = conn->set.sasl_bind &&
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	566 conn->set.ldap_version < 3 ? 3 :
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	567 conn->set.ldap_version;
1282 e8894f2c776f Added ldap_version setting. Timo Sirainen <tss@iki.fi> parents: 1265 diff changeset	568 ret = ldap_set_option(conn->ld, LDAP_OPT_PROTOCOL_VERSION,
4741 deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	569 (void *)&ldap_version);
1282 e8894f2c776f Added ldap_version setting. Timo Sirainen <tss@iki.fi> parents: 1265 diff changeset	570 if (ret != LDAP_OPT_SUCCESS) {
e8894f2c776f Added ldap_version setting. Timo Sirainen <tss@iki.fi> parents: 1265 diff changeset	571 i_fatal("LDAP: Can't set protocol version %u: %s",
4741 deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	572 ldap_version, ldap_err2string(ret));
1282 e8894f2c776f Added ldap_version setting. Timo Sirainen <tss@iki.fi> parents: 1265 diff changeset	573 }
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	574 }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	575
4415 b91816cd1d16 Added TLS support for LDAP if the library supports it. Timo Sirainen <tss@iki.fi> parents: 4405 diff changeset	576 if (conn->set.tls) {
b91816cd1d16 Added TLS support for LDAP if the library supports it. Timo Sirainen <tss@iki.fi> parents: 4405 diff changeset	577 #ifdef LDAP_HAVE_START_TLS_S
b91816cd1d16 Added TLS support for LDAP if the library supports it. Timo Sirainen <tss@iki.fi> parents: 4405 diff changeset	578 ret = ldap_start_tls_s(conn->ld, NULL, NULL);
b91816cd1d16 Added TLS support for LDAP if the library supports it. Timo Sirainen <tss@iki.fi> parents: 4405 diff changeset	579 if (ret != LDAP_SUCCESS) {
b91816cd1d16 Added TLS support for LDAP if the library supports it. Timo Sirainen <tss@iki.fi> parents: 4405 diff changeset	580 i_error("LDAP: ldap_start_tls_s() failed: %s",
b91816cd1d16 Added TLS support for LDAP if the library supports it. Timo Sirainen <tss@iki.fi> parents: 4405 diff changeset	581 ldap_err2string(ret));
4741 deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	582 return -1;
4415 b91816cd1d16 Added TLS support for LDAP if the library supports it. Timo Sirainen <tss@iki.fi> parents: 4405 diff changeset	583 }
b91816cd1d16 Added TLS support for LDAP if the library supports it. Timo Sirainen <tss@iki.fi> parents: 4405 diff changeset	584 #else
b91816cd1d16 Added TLS support for LDAP if the library supports it. Timo Sirainen <tss@iki.fi> parents: 4405 diff changeset	585 i_error("LDAP: Your LDAP library doesn't support TLS");
4741 deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	586 return -1;
4415 b91816cd1d16 Added TLS support for LDAP if the library supports it. Timo Sirainen <tss@iki.fi> parents: 4405 diff changeset	587 #endif
b91816cd1d16 Added TLS support for LDAP if the library supports it. Timo Sirainen <tss@iki.fi> parents: 4405 diff changeset	588 }
b91816cd1d16 Added TLS support for LDAP if the library supports it. Timo Sirainen <tss@iki.fi> parents: 4405 diff changeset	589
4319 31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	590 if (conn->set.sasl_bind) {
4426 b8089cf41c96 Check for sasl.h and sasl/sasl.h existence and use the one that's found. If Timo Sirainen <tss@iki.fi> parents: 4415 diff changeset	591 #ifdef HAVE_LDAP_SASL
b8089cf41c96 Check for sasl.h and sasl/sasl.h existence and use the one that's found. If Timo Sirainen <tss@iki.fi> parents: 4415 diff changeset	592 struct ldap_sasl_bind_context context;
b8089cf41c96 Check for sasl.h and sasl/sasl.h existence and use the one that's found. If Timo Sirainen <tss@iki.fi> parents: 4415 diff changeset	593
b8089cf41c96 Check for sasl.h and sasl/sasl.h existence and use the one that's found. If Timo Sirainen <tss@iki.fi> parents: 4415 diff changeset	594 memset(&context, 0, sizeof(context));
4319 31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	595 context.authcid = conn->set.dn;
31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	596 context.passwd = conn->set.dnpass;
31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	597 context.realm = conn->set.sasl_realm;
31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	598 context.authzid = conn->set.sasl_authz_id;
31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	599
4743 8f4eb963446c Cleanup Timo Sirainen <tss@iki.fi> parents: 4742 diff changeset	600 /* There doesn't seem to be a way to do SASL binding
8f4eb963446c Cleanup Timo Sirainen <tss@iki.fi> parents: 4742 diff changeset	601 asynchronously.. */
4405 fe17f63521ea Compiler warning fixes and some coding style cleanups. Timo Sirainen <tss@iki.fi> parents: 4319 diff changeset	602 ret = ldap_sasl_interactive_bind_s(conn->ld, NULL,
fe17f63521ea Compiler warning fixes and some coding style cleanups. Timo Sirainen <tss@iki.fi> parents: 4319 diff changeset	603 conn->set.sasl_mech,
4319 31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	604 NULL, NULL, LDAP_SASL_QUIET,
31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	605 sasl_interact, &context);
4743 8f4eb963446c Cleanup Timo Sirainen <tss@iki.fi> parents: 4742 diff changeset	606 if (db_ldap_connect_finish(conn, ret) < 0)
8f4eb963446c Cleanup Timo Sirainen <tss@iki.fi> parents: 4742 diff changeset	607 return -1;
8f4eb963446c Cleanup Timo Sirainen <tss@iki.fi> parents: 4742 diff changeset	608 db_ldap_get_fd(conn);
4426 b8089cf41c96 Check for sasl.h and sasl/sasl.h existence and use the one that's found. If Timo Sirainen <tss@iki.fi> parents: 4415 diff changeset	609 #else
b8089cf41c96 Check for sasl.h and sasl/sasl.h existence and use the one that's found. If Timo Sirainen <tss@iki.fi> parents: 4415 diff changeset	610 i_fatal("LDAP: sasl_bind=yes but no SASL support compiled in");
b8089cf41c96 Check for sasl.h and sasl/sasl.h existence and use the one that's found. If Timo Sirainen <tss@iki.fi> parents: 4415 diff changeset	611 #endif
4319 31a28cd0b020 Added support for SASL binding. Patch by Geert Jansen Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	612 } else {
4741 deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	613 if (db_ldap_bind(conn) < 0)
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	614 return -1;
4742 62a5d2c10ecd Crashfixes Timo Sirainen <tss@iki.fi> parents: 4741 diff changeset	615 db_ldap_get_fd(conn);
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	616 }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	617
4741 deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	618 conn->io = io_add(conn->fd, IO_READ, ldap_input, conn);
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	619 return 0;
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	620 }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	621
3863 55df57c028d4 Added "bool" type and changed all ints that were used as booleans to bool. Timo Sirainen <tss@iki.fi> parents: 3840 diff changeset	622 static void ldap_conn_close(struct ldap_connection *conn, bool flush_requests)
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	623 {
1897 1e6ed8045f2b Changed hash_foreach() to iterator. Timo Sirainen <tss@iki.fi> parents: 1709 diff changeset	624 struct hash_iterate_context *iter;
4772 d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	625 struct ldap_request request, next;
1897 1e6ed8045f2b Changed hash_foreach() to iterator. Timo Sirainen <tss@iki.fi> parents: 1709 diff changeset	626 void key, value;
1e6ed8045f2b Changed hash_foreach() to iterator. Timo Sirainen <tss@iki.fi> parents: 1709 diff changeset	627
3731 0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	628 if (flush_requests) {
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	629 iter = hash_iterate_init(conn->requests);
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	630 while (hash_iterate(iter, &key, &value)) {
4772 d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	631 request = value;
1897 1e6ed8045f2b Changed hash_foreach() to iterator. Timo Sirainen <tss@iki.fi> parents: 1709 diff changeset	632
3731 0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	633 request->callback(conn, request, NULL);
0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	634 }
6417 047d0d8bbf0a hash_destroy() and hash_iterate_deinit() now take ** pointer. Timo Sirainen <tss@iki.fi> parents: 6411 diff changeset	635 hash_iterate_deinit(&iter);
3731 0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	636 hash_clear(conn->requests, FALSE);
4772 d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	637
d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	638 request = conn->delayed_requests_head;
d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	639 for (; request != NULL; request = next) {
d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	640 next = request->next;
d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	641
d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	642 request->callback(conn, request, NULL);
d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	643 }
d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	644 conn->delayed_requests_head = NULL;
d36a5df3f492 Handle LDAP requests while being disconnected more correctly. Timo Sirainen <tss@iki.fi> parents: 4751 diff changeset	645 conn->delayed_requests_tail = NULL;
1897 1e6ed8045f2b Changed hash_foreach() to iterator. Timo Sirainen <tss@iki.fi> parents: 1709 diff changeset	646 }
1210 8e6addbf12b3 minor ldap fixes Timo Sirainen <tss@iki.fi> parents: 1191 diff changeset	647
8e6addbf12b3 minor ldap fixes Timo Sirainen <tss@iki.fi> parents: 1191 diff changeset	648 conn->connected = FALSE;
5037 d7198e2682c6 Do ldap_bind() only when there are no requests waiting, and don't do Timo Sirainen <tss@iki.fi> parents: 5006 diff changeset	649 conn->binding = FALSE;
1210 8e6addbf12b3 minor ldap fixes Timo Sirainen <tss@iki.fi> parents: 1191 diff changeset	650
3879 928229f8b3e6 deinit, unref, destroy, close, free, etc. functions now take a pointer to Timo Sirainen <tss@iki.fi> parents: 3863 diff changeset	651 if (conn->io != NULL)
928229f8b3e6 deinit, unref, destroy, close, free, etc. functions now take a pointer to Timo Sirainen <tss@iki.fi> parents: 3863 diff changeset	652 io_remove(&conn->io);
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	653
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	654 if (conn->ld != NULL) {
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	655 ldap_unbind(conn->ld);
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	656 conn->ld = NULL;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	657 }
4741 deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	658 conn->fd = -1;
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	659 }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	660
3158 8849f2e380d1 userdb can now return extra parameters to master. Removed special handling Timo Sirainen <tss@iki.fi> parents: 3094 diff changeset	661 void db_ldap_set_attrs(struct ldap_connection conn, const char attrlist,
3306 aebed9a9edac If both userdb and passdb used LDAP the later one was overriding first one's Timo Sirainen <tss@iki.fi> parents: 3212 diff changeset	662 char **attr_names_r, struct hash_table attr_map,
4741 deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	663 const char *skip_attr)
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	664 {
6175 6c3788e03f7e Ignore spaces after commas in user_attrs and pass_attrs. Timo Sirainen <tss@iki.fi> parents: 6152 diff changeset	665 const char const attr, attr_data, p;
6149 a744ae38a9e1 Having =key=value in pass_attrs or user_attrs allows returning static Timo Sirainen <tss@iki.fi> parents: 6148 diff changeset	666 string_t *static_data;
6175 6c3788e03f7e Ignore spaces after commas in user_attrs and pass_attrs. Timo Sirainen <tss@iki.fi> parents: 6152 diff changeset	667 char name, value;
4741 deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	668 unsigned int i, j, size;
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	669
3158 8849f2e380d1 userdb can now return extra parameters to master. Removed special handling Timo Sirainen <tss@iki.fi> parents: 3094 diff changeset	670 if (*attrlist == '\0')
8849f2e380d1 userdb can now return extra parameters to master. Removed special handling Timo Sirainen <tss@iki.fi> parents: 3094 diff changeset	671 return;
8849f2e380d1 userdb can now return extra parameters to master. Removed special handling Timo Sirainen <tss@iki.fi> parents: 3094 diff changeset	672
8849f2e380d1 userdb can now return extra parameters to master. Removed special handling Timo Sirainen <tss@iki.fi> parents: 3094 diff changeset	673 t_push();
8849f2e380d1 userdb can now return extra parameters to master. Removed special handling Timo Sirainen <tss@iki.fi> parents: 3094 diff changeset	674 attr = t_strsplit(attrlist, ",");
6149 a744ae38a9e1 Having =key=value in pass_attrs or user_attrs allows returning static Timo Sirainen <tss@iki.fi> parents: 6148 diff changeset	675 static_data = t_str_new(128);
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	676
3212 eb840633c9bf LDAP crashfixes. Timo Sirainen <tss@iki.fi> parents: 3161 diff changeset	677 /* @UNSAFE */
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	678 for (size = 0; attr[size] != NULL; size++) ;
3306 aebed9a9edac If both userdb and passdb used LDAP the later one was overriding first one's Timo Sirainen <tss@iki.fi> parents: 3212 diff changeset	679 attr_names_r = p_new(conn->pool, char , size + 1);
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	680
4741 deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	681 for (i = j = 0; i < size; i++) {
6175 6c3788e03f7e Ignore spaces after commas in user_attrs and pass_attrs. Timo Sirainen <tss@iki.fi> parents: 6152 diff changeset	682 /* allow spaces here so "foo=1, bar=2" works */
6c3788e03f7e Ignore spaces after commas in user_attrs and pass_attrs. Timo Sirainen <tss@iki.fi> parents: 6152 diff changeset	683 attr_data = attr[i];
6c3788e03f7e Ignore spaces after commas in user_attrs and pass_attrs. Timo Sirainen <tss@iki.fi> parents: 6152 diff changeset	684 while (*attr_data == ' ') attr_data++;
6c3788e03f7e Ignore spaces after commas in user_attrs and pass_attrs. Timo Sirainen <tss@iki.fi> parents: 6152 diff changeset	685
6c3788e03f7e Ignore spaces after commas in user_attrs and pass_attrs. Timo Sirainen <tss@iki.fi> parents: 6152 diff changeset	686 p = strchr(attr_data, '=');
6148 668a768fc8fd Removed deprecated pass_attrs and user_attrs configuration method. Timo Sirainen <tss@iki.fi> parents: 6147 diff changeset	687 if (p == NULL)
6175 6c3788e03f7e Ignore spaces after commas in user_attrs and pass_attrs. Timo Sirainen <tss@iki.fi> parents: 6152 diff changeset	688 name = value = p_strdup(conn->pool, attr_data);
6c3788e03f7e Ignore spaces after commas in user_attrs and pass_attrs. Timo Sirainen <tss@iki.fi> parents: 6152 diff changeset	689 else if (p != attr_data) {
6c3788e03f7e Ignore spaces after commas in user_attrs and pass_attrs. Timo Sirainen <tss@iki.fi> parents: 6152 diff changeset	690 name = p_strdup_until(conn->pool, attr_data, p);
3158 8849f2e380d1 userdb can now return extra parameters to master. Removed special handling Timo Sirainen <tss@iki.fi> parents: 3094 diff changeset	691 value = p_strdup(conn->pool, p + 1);
6149 a744ae38a9e1 Having =key=value in pass_attrs or user_attrs allows returning static Timo Sirainen <tss@iki.fi> parents: 6148 diff changeset	692 } else {
a744ae38a9e1 Having =key=value in pass_attrs or user_attrs allows returning static Timo Sirainen <tss@iki.fi> parents: 6148 diff changeset	693 /* =<static key>=<static value> */
a744ae38a9e1 Having =key=value in pass_attrs or user_attrs allows returning static Timo Sirainen <tss@iki.fi> parents: 6148 diff changeset	694 if (str_len(static_data) > 0)
a744ae38a9e1 Having =key=value in pass_attrs or user_attrs allows returning static Timo Sirainen <tss@iki.fi> parents: 6148 diff changeset	695 str_append_c(static_data, ',');
a744ae38a9e1 Having =key=value in pass_attrs or user_attrs allows returning static Timo Sirainen <tss@iki.fi> parents: 6148 diff changeset	696 str_append(static_data, p + 1);
a744ae38a9e1 Having =key=value in pass_attrs or user_attrs allows returning static Timo Sirainen <tss@iki.fi> parents: 6148 diff changeset	697 continue;
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	698 }
3158 8849f2e380d1 userdb can now return extra parameters to master. Removed special handling Timo Sirainen <tss@iki.fi> parents: 3094 diff changeset	699
4816 8ac2a2d27364 Cleanup: Don't put string literals into non-const pointers. Timo Sirainen <tss@iki.fi> parents: 4806 diff changeset	700 if (*name != '\0' &&
8ac2a2d27364 Cleanup: Don't put string literals into non-const pointers. Timo Sirainen <tss@iki.fi> parents: 4806 diff changeset	701 (skip_attr == NULL \|\| strcmp(skip_attr, value) != 0)) {
3306 aebed9a9edac If both userdb and passdb used LDAP the later one was overriding first one's Timo Sirainen <tss@iki.fi> parents: 3212 diff changeset	702 hash_insert(attr_map, name, value);
4741 deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	703 (*attr_names_r)[j++] = name;
deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	704 }
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	705 }
6149 a744ae38a9e1 Having =key=value in pass_attrs or user_attrs allows returning static Timo Sirainen <tss@iki.fi> parents: 6148 diff changeset	706 if (str_len(static_data) > 0) {
a744ae38a9e1 Having =key=value in pass_attrs or user_attrs allows returning static Timo Sirainen <tss@iki.fi> parents: 6148 diff changeset	707 hash_insert(attr_map, "",
a744ae38a9e1 Having =key=value in pass_attrs or user_attrs allows returning static Timo Sirainen <tss@iki.fi> parents: 6148 diff changeset	708 p_strdup(conn->pool, str_c(static_data)));
a744ae38a9e1 Having =key=value in pass_attrs or user_attrs allows returning static Timo Sirainen <tss@iki.fi> parents: 6148 diff changeset	709 }
3158 8849f2e380d1 userdb can now return extra parameters to master. Removed special handling Timo Sirainen <tss@iki.fi> parents: 3094 diff changeset	710 t_pop();
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	711 }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	712
5884 1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	713 struct var_expand_table *
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	714 db_ldap_value_get_var_expand_table(struct auth_request *auth_request)
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	715 {
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	716 const struct var_expand_table *auth_table;
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	717 struct var_expand_table *table;
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	718 unsigned int count;
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	719
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	720 auth_table = auth_request_get_var_expand_table(auth_request, NULL);
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	721 for (count = 0; auth_table[count].key != '\0'; count++) ;
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	722 count++;
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	723
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	724 table = t_new(struct var_expand_table, count + 1);
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	725 table[0].key = '$';
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	726 memcpy(table + 1, auth_table, sizeof(table) count);
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	727 return table;
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	728 }
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	729
1330 7cde19dbe754 Moved auth_username_chars from db-pgsql to generic for all. Some other Timo Sirainen <tss@iki.fi> parents: 1282 diff changeset	730 #define IS_LDAP_ESCAPED_CHAR(c) \
7cde19dbe754 Moved auth_username_chars from db-pgsql to generic for all. Some other Timo Sirainen <tss@iki.fi> parents: 1282 diff changeset	731 ((c) == '*' \|\| (c) == '(' \|\| (c) == ')' \|\| (c) == '\\')
7cde19dbe754 Moved auth_username_chars from db-pgsql to generic for all. Some other Timo Sirainen <tss@iki.fi> parents: 1282 diff changeset	732
4295 4fc637010202 Escape SQL strings using sql_escape_string(). Fixes the problems with Timo Sirainen <tss@iki.fi> parents: 4180 diff changeset	733 const char ldap_escape(const char str,
6411 6a64e64fa3a3 Renamed __attr___ to ATTR_. Renamed __attrs_used__ to ATTRS_DEFINED. Timo Sirainen <tss@iki.fi> parents: 6370 diff changeset	734 const struct auth_request *auth_request ATTR_UNUSED)
1189 2cb8e2136283 Escape special chars in username if needed. Timo Sirainen <tss@iki.fi> parents: 1182 diff changeset	735 {
2cb8e2136283 Escape special chars in username if needed. Timo Sirainen <tss@iki.fi> parents: 1182 diff changeset	736 const char *p;
1330 7cde19dbe754 Moved auth_username_chars from db-pgsql to generic for all. Some other Timo Sirainen <tss@iki.fi> parents: 1282 diff changeset	737 string_t *ret;
1189 2cb8e2136283 Escape special chars in username if needed. Timo Sirainen <tss@iki.fi> parents: 1182 diff changeset	738
2cb8e2136283 Escape special chars in username if needed. Timo Sirainen <tss@iki.fi> parents: 1182 diff changeset	739 for (p = str; *p != '\0'; p++) {
1330 7cde19dbe754 Moved auth_username_chars from db-pgsql to generic for all. Some other Timo Sirainen <tss@iki.fi> parents: 1282 diff changeset	740 if (IS_LDAP_ESCAPED_CHAR(*p))
1189 2cb8e2136283 Escape special chars in username if needed. Timo Sirainen <tss@iki.fi> parents: 1182 diff changeset	741 break;
2cb8e2136283 Escape special chars in username if needed. Timo Sirainen <tss@iki.fi> parents: 1182 diff changeset	742 }
2cb8e2136283 Escape special chars in username if needed. Timo Sirainen <tss@iki.fi> parents: 1182 diff changeset	743
2cb8e2136283 Escape special chars in username if needed. Timo Sirainen <tss@iki.fi> parents: 1182 diff changeset	744 if (*p == '\0')
2cb8e2136283 Escape special chars in username if needed. Timo Sirainen <tss@iki.fi> parents: 1182 diff changeset	745 return str;
2cb8e2136283 Escape special chars in username if needed. Timo Sirainen <tss@iki.fi> parents: 1182 diff changeset	746
1330 7cde19dbe754 Moved auth_username_chars from db-pgsql to generic for all. Some other Timo Sirainen <tss@iki.fi> parents: 1282 diff changeset	747 ret = t_str_new((size_t) (p - str) + 64);
7cde19dbe754 Moved auth_username_chars from db-pgsql to generic for all. Some other Timo Sirainen <tss@iki.fi> parents: 1282 diff changeset	748 str_append_n(ret, str, (size_t) (p - str));
7cde19dbe754 Moved auth_username_chars from db-pgsql to generic for all. Some other Timo Sirainen <tss@iki.fi> parents: 1282 diff changeset	749
1189 2cb8e2136283 Escape special chars in username if needed. Timo Sirainen <tss@iki.fi> parents: 1182 diff changeset	750 for (; *p != '\0'; p++) {
1330 7cde19dbe754 Moved auth_username_chars from db-pgsql to generic for all. Some other Timo Sirainen <tss@iki.fi> parents: 1282 diff changeset	751 if (IS_LDAP_ESCAPED_CHAR(*p))
7cde19dbe754 Moved auth_username_chars from db-pgsql to generic for all. Some other Timo Sirainen <tss@iki.fi> parents: 1282 diff changeset	752 str_append_c(ret, '\\');
7cde19dbe754 Moved auth_username_chars from db-pgsql to generic for all. Some other Timo Sirainen <tss@iki.fi> parents: 1282 diff changeset	753 str_append_c(ret, *p);
1189 2cb8e2136283 Escape special chars in username if needed. Timo Sirainen <tss@iki.fi> parents: 1182 diff changeset	754 }
1330 7cde19dbe754 Moved auth_username_chars from db-pgsql to generic for all. Some other Timo Sirainen <tss@iki.fi> parents: 1282 diff changeset	755 return str_c(ret);
1189 2cb8e2136283 Escape special chars in username if needed. Timo Sirainen <tss@iki.fi> parents: 1182 diff changeset	756 }
2cb8e2136283 Escape special chars in username if needed. Timo Sirainen <tss@iki.fi> parents: 1182 diff changeset	757
5884 1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	758 struct db_ldap_result_iterate_context *
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	759 db_ldap_result_iterate_init(struct ldap_connection conn, LDAPMessage entry,
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	760 struct auth_request *auth_request,
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	761 struct hash_table *attr_map)
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	762 {
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	763 struct db_ldap_result_iterate_context *ctx;
6149 a744ae38a9e1 Having =key=value in pass_attrs or user_attrs allows returning static Timo Sirainen <tss@iki.fi> parents: 6148 diff changeset	764 const char *static_data;
5884 1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	765
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	766 ctx = t_new(struct db_ldap_result_iterate_context, 1);
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	767 ctx->conn = conn;
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	768 ctx->entry = entry;
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	769 ctx->auth_request = auth_request;
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	770 ctx->attr_map = attr_map;
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	771
6149 a744ae38a9e1 Having =key=value in pass_attrs or user_attrs allows returning static Timo Sirainen <tss@iki.fi> parents: 6148 diff changeset	772 static_data = hash_lookup(attr_map, "");
a744ae38a9e1 Having =key=value in pass_attrs or user_attrs allows returning static Timo Sirainen <tss@iki.fi> parents: 6148 diff changeset	773 if (static_data != NULL)
a744ae38a9e1 Having =key=value in pass_attrs or user_attrs allows returning static Timo Sirainen <tss@iki.fi> parents: 6148 diff changeset	774 ctx->static_attrs = t_strsplit(static_data, ",");
a744ae38a9e1 Having =key=value in pass_attrs or user_attrs allows returning static Timo Sirainen <tss@iki.fi> parents: 6148 diff changeset	775
5884 1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	776 if (auth_request->auth->verbose_debug)
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	777 ctx->debug = t_str_new(256);
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	778
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	779 ctx->attr = ldap_first_attribute(conn->ld, entry, &ctx->ber);
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	780 return ctx;
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	781 }
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	782
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	783 static void
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	784 db_ldap_result_iterate_finish(struct db_ldap_result_iterate_context *ctx)
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	785 {
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	786 if (ctx->debug != NULL && str_len(ctx->debug) > 0) {
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	787 auth_request_log_debug(ctx->auth_request, "ldap",
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	788 "result: %s", str_c(ctx->debug) + 1);
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	789 }
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	790
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	791 ber_free(ctx->ber, 0);
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	792 }
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	793
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	794 static void
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	795 db_ldap_result_change_attr(struct db_ldap_result_iterate_context *ctx)
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	796 {
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	797 ctx->name = hash_lookup(ctx->attr_map, ctx->attr);
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	798
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	799 if (ctx->debug != NULL) {
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	800 str_printfa(ctx->debug, " %s(%s)=", ctx->attr,
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	801 ctx->name != NULL ? ctx->name : "?unknown?");
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	802 }
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	803
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	804 if (ctx->name == NULL \|\| *ctx->name == '\0') {
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	805 ctx->value = NULL;
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	806 return;
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	807 }
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	808
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	809 if (strchr(ctx->name, '%') != NULL &&
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	810 (ctx->template = strchr(ctx->name, '=')) != NULL) {
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	811 /* we want to use variables */
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	812 ctx->name = t_strdup_until(ctx->name, ctx->template);
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	813 ctx->template++;
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	814 if (ctx->var_table == NULL) {
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	815 ctx->var_table = db_ldap_value_get_var_expand_table(
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	816 ctx->auth_request);
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	817 ctx->var = t_str_new(256);
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	818 }
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	819 }
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	820
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	821 ctx->vals = ldap_get_values(ctx->conn->ld, ctx->entry,
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	822 ctx->attr);
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	823 ctx->value = ctx->vals[0];
6144 d779b7220e23 LDAP crashfixes. Based on patch by Katsu Yamamoto. Timo Sirainen <tss@iki.fi> parents: 5884 diff changeset	824 ctx->value_idx = 0;
5884 1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	825 }
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	826
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	827 static void
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	828 db_ldap_result_return_value(struct db_ldap_result_iterate_context *ctx)
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	829 {
6144 d779b7220e23 LDAP crashfixes. Based on patch by Katsu Yamamoto. Timo Sirainen <tss@iki.fi> parents: 5884 diff changeset	830 bool first = ctx->value_idx == 0;
5884 1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	831
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	832 if (ctx->template != NULL) {
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	833 ctx->var_table[0].value = ctx->value;
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	834 str_truncate(ctx->var, 0);
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	835 var_expand(ctx->var, ctx->template, ctx->var_table);
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	836 ctx->value = str_c(ctx->var);
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	837 }
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	838
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	839 if (ctx->debug != NULL) {
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	840 if (!first)
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	841 str_append_c(ctx->debug, '/');
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	842 if (ctx->auth_request->auth->verbose_debug_passwords \|\|
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	843 strcmp(ctx->name, "password") != 0)
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	844 str_append(ctx->debug, ctx->value);
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	845 else
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	846 str_append(ctx->debug, PASSWORD_HIDDEN_STR);
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	847 }
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	848 }
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	849
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	850 static bool db_ldap_result_int_next(struct db_ldap_result_iterate_context *ctx)
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	851 {
6149 a744ae38a9e1 Having =key=value in pass_attrs or user_attrs allows returning static Timo Sirainen <tss@iki.fi> parents: 6148 diff changeset	852 const char *p;
a744ae38a9e1 Having =key=value in pass_attrs or user_attrs allows returning static Timo Sirainen <tss@iki.fi> parents: 6148 diff changeset	853
5884 1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	854 while (ctx->attr != NULL) {
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	855 if (ctx->vals == NULL) {
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	856 /* a new attribute */
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	857 db_ldap_result_change_attr(ctx);
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	858 } else {
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	859 /* continuing existing attribute */
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	860 if (ctx->value != NULL)
6144 d779b7220e23 LDAP crashfixes. Based on patch by Katsu Yamamoto. Timo Sirainen <tss@iki.fi> parents: 5884 diff changeset	861 ctx->value = ctx->vals[++ctx->value_idx];
5884 1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	862 }
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	863
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	864 if (ctx->value != NULL) {
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	865 db_ldap_result_return_value(ctx);
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	866 return TRUE;
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	867 }
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	868
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	869 ldap_value_free(ctx->vals); ctx->vals = NULL;
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	870 ldap_memfree(ctx->attr);
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	871 ctx->attr = ldap_next_attribute(ctx->conn->ld, ctx->entry,
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	872 ctx->ber);
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	873 }
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	874
6149 a744ae38a9e1 Having =key=value in pass_attrs or user_attrs allows returning static Timo Sirainen <tss@iki.fi> parents: 6148 diff changeset	875 if (ctx->static_attrs != NULL && *ctx->static_attrs != NULL) {
a744ae38a9e1 Having =key=value in pass_attrs or user_attrs allows returning static Timo Sirainen <tss@iki.fi> parents: 6148 diff changeset	876 p = strchr(*ctx->static_attrs, '=');
a744ae38a9e1 Having =key=value in pass_attrs or user_attrs allows returning static Timo Sirainen <tss@iki.fi> parents: 6148 diff changeset	877 if (p == NULL) {
a744ae38a9e1 Having =key=value in pass_attrs or user_attrs allows returning static Timo Sirainen <tss@iki.fi> parents: 6148 diff changeset	878 ctx->name = *ctx->static_attrs;
a744ae38a9e1 Having =key=value in pass_attrs or user_attrs allows returning static Timo Sirainen <tss@iki.fi> parents: 6148 diff changeset	879 ctx->value = "";
a744ae38a9e1 Having =key=value in pass_attrs or user_attrs allows returning static Timo Sirainen <tss@iki.fi> parents: 6148 diff changeset	880 } else {
a744ae38a9e1 Having =key=value in pass_attrs or user_attrs allows returning static Timo Sirainen <tss@iki.fi> parents: 6148 diff changeset	881 ctx->name = t_strdup_until(*ctx->static_attrs, p);
a744ae38a9e1 Having =key=value in pass_attrs or user_attrs allows returning static Timo Sirainen <tss@iki.fi> parents: 6148 diff changeset	882 ctx->value = p + 1;
a744ae38a9e1 Having =key=value in pass_attrs or user_attrs allows returning static Timo Sirainen <tss@iki.fi> parents: 6148 diff changeset	883 }
a744ae38a9e1 Having =key=value in pass_attrs or user_attrs allows returning static Timo Sirainen <tss@iki.fi> parents: 6148 diff changeset	884 ctx->static_attrs++;
a744ae38a9e1 Having =key=value in pass_attrs or user_attrs allows returning static Timo Sirainen <tss@iki.fi> parents: 6148 diff changeset	885 return TRUE;
a744ae38a9e1 Having =key=value in pass_attrs or user_attrs allows returning static Timo Sirainen <tss@iki.fi> parents: 6148 diff changeset	886 }
a744ae38a9e1 Having =key=value in pass_attrs or user_attrs allows returning static Timo Sirainen <tss@iki.fi> parents: 6148 diff changeset	887
5884 1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	888 db_ldap_result_iterate_finish(ctx);
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	889 return FALSE;
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	890 }
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	891
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	892 bool db_ldap_result_iterate_next(struct db_ldap_result_iterate_context *ctx,
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	893 const char name_r, const char value_r)
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	894 {
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	895 if (!db_ldap_result_int_next(ctx))
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	896 return FALSE;
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	897
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	898 *name_r = ctx->name;
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	899 *value_r = ctx->value;
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	900 return TRUE;
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	901 }
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	902
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	903 bool db_ldap_result_iterate_next_all(struct db_ldap_result_iterate_context *ctx,
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	904 const char **name_r,
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	905 const char const *values_r)
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	906 {
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	907 if (!db_ldap_result_int_next(ctx))
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	908 return FALSE;
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	909
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	910 if (ctx->template != NULL) {
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	911 /* we can use only one value with templates */
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	912 ctx->val_1_arr[0] = ctx->value;
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	913 *values_r = ctx->val_1_arr;
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	914 } else {
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	915 values_r = (const char const *)ctx->vals;
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	916 }
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	917 ctx->value = NULL;
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	918 *name_r = ctx->name;
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	919 return TRUE;
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	920 }
1c1dee40e495 Moved generic LDAP result iteration to db_ldap. It also supports now Timo Sirainen <tss@iki.fi> parents: 5872 diff changeset	921
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	922 static const char parse_setting(const char key, const char *value,
4907 5b4c9b20eba0 Replaced void context from a lot of callbacks with the actual context Timo Sirainen <tss@iki.fi>* parents: 4903 diff changeset	923 struct ldap_connection *conn)
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	924 {
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	925 return parse_setting_from_defs(conn->pool, setting_defs,
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	926 &conn->set, key, value);
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	927 }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	928
1143 50f10a7a3bad Use the same LDAP connection for both userdb and passdb if config_path is Timo Sirainen <tss@iki.fi> parents: 1141 diff changeset	929 static struct ldap_connection ldap_conn_find(const char config_path)
50f10a7a3bad Use the same LDAP connection for both userdb and passdb if config_path is Timo Sirainen <tss@iki.fi> parents: 1141 diff changeset	930 {
50f10a7a3bad Use the same LDAP connection for both userdb and passdb if config_path is Timo Sirainen <tss@iki.fi> parents: 1141 diff changeset	931 struct ldap_connection *conn;
50f10a7a3bad Use the same LDAP connection for both userdb and passdb if config_path is Timo Sirainen <tss@iki.fi> parents: 1141 diff changeset	932
50f10a7a3bad Use the same LDAP connection for both userdb and passdb if config_path is Timo Sirainen <tss@iki.fi> parents: 1141 diff changeset	933 for (conn = ldap_connections; conn != NULL; conn = conn->next) {
50f10a7a3bad Use the same LDAP connection for both userdb and passdb if config_path is Timo Sirainen <tss@iki.fi> parents: 1141 diff changeset	934 if (strcmp(conn->config_path, config_path) == 0)
50f10a7a3bad Use the same LDAP connection for both userdb and passdb if config_path is Timo Sirainen <tss@iki.fi> parents: 1141 diff changeset	935 return conn;
50f10a7a3bad Use the same LDAP connection for both userdb and passdb if config_path is Timo Sirainen <tss@iki.fi> parents: 1141 diff changeset	936 }
50f10a7a3bad Use the same LDAP connection for both userdb and passdb if config_path is Timo Sirainen <tss@iki.fi> parents: 1141 diff changeset	937
50f10a7a3bad Use the same LDAP connection for both userdb and passdb if config_path is Timo Sirainen <tss@iki.fi> parents: 1141 diff changeset	938 return NULL;
50f10a7a3bad Use the same LDAP connection for both userdb and passdb if config_path is Timo Sirainen <tss@iki.fi> parents: 1141 diff changeset	939 }
50f10a7a3bad Use the same LDAP connection for both userdb and passdb if config_path is Timo Sirainen <tss@iki.fi> parents: 1141 diff changeset	940
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	941 struct ldap_connection db_ldap_init(const char config_path)
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	942 {
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	943 struct ldap_connection *conn;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	944 pool_t pool;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	945
1143 50f10a7a3bad Use the same LDAP connection for both userdb and passdb if config_path is Timo Sirainen <tss@iki.fi> parents: 1141 diff changeset	946 /* see if it already exists */
50f10a7a3bad Use the same LDAP connection for both userdb and passdb if config_path is Timo Sirainen <tss@iki.fi> parents: 1141 diff changeset	947 conn = ldap_conn_find(config_path);
50f10a7a3bad Use the same LDAP connection for both userdb and passdb if config_path is Timo Sirainen <tss@iki.fi> parents: 1141 diff changeset	948 if (conn != NULL) {
50f10a7a3bad Use the same LDAP connection for both userdb and passdb if config_path is Timo Sirainen <tss@iki.fi> parents: 1141 diff changeset	949 conn->refcount++;
50f10a7a3bad Use the same LDAP connection for both userdb and passdb if config_path is Timo Sirainen <tss@iki.fi> parents: 1141 diff changeset	950 return conn;
50f10a7a3bad Use the same LDAP connection for both userdb and passdb if config_path is Timo Sirainen <tss@iki.fi> parents: 1141 diff changeset	951 }
50f10a7a3bad Use the same LDAP connection for both userdb and passdb if config_path is Timo Sirainen <tss@iki.fi> parents: 1141 diff changeset	952
3908 afe21b6d4b68 Give a clear error message if SQL/LDAP configuration file path was left Timo Sirainen <tss@iki.fi> parents: 3879 diff changeset	953 if (*config_path == '\0')
afe21b6d4b68 Give a clear error message if SQL/LDAP configuration file path was left Timo Sirainen <tss@iki.fi> parents: 3879 diff changeset	954 i_fatal("LDAP: Configuration file path not given");
afe21b6d4b68 Give a clear error message if SQL/LDAP configuration file path was left Timo Sirainen <tss@iki.fi> parents: 3879 diff changeset	955
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	956 pool = pool_alloconly_create("ldap_connection", 1024);
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	957 conn = p_new(pool, struct ldap_connection, 1);
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	958 conn->pool = pool;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	959
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	960 conn->refcount = 1;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	961 conn->requests = hash_create(default_pool, pool, 0, NULL, NULL);
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	962
4741 deccf9e1aebc LDAP code changes: If auth binds are used, bind back to the default dn Timo Sirainen <tss@iki.fi> parents: 4624 diff changeset	963 conn->fd = -1;
1143 50f10a7a3bad Use the same LDAP connection for both userdb and passdb if config_path is Timo Sirainen <tss@iki.fi> parents: 1141 diff changeset	964 conn->config_path = p_strdup(pool, config_path);
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	965 conn->set = default_ldap_settings;
4903 204d7edc7cdc Added context parameter type safety checks for most callback APIs. Timo Sirainen <tss@iki.fi> parents: 4816 diff changeset	966 if (!settings_read(config_path, NULL, parse_setting,
204d7edc7cdc Added context parameter type safety checks for most callback APIs. Timo Sirainen <tss@iki.fi> parents: 4816 diff changeset	967 null_settings_section_callback, conn))
1610 6850142c4e25 New configuration file code. Some syntax changes, but tries to be somewhat Timo Sirainen <tss@iki.fi> parents: 1330 diff changeset	968 exit(FATAL_DEFAULT);
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	969
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	970 if (conn->set.base == NULL)
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	971 i_fatal("LDAP: No base given");
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	972
4006 0e8f0647504b Check that uris and hosts settings are correct. Timo Sirainen <tss@iki.fi> parents: 3913 diff changeset	973 if (conn->set.uris == NULL && conn->set.hosts == NULL)
0e8f0647504b Check that uris and hosts settings are correct. Timo Sirainen <tss@iki.fi> parents: 3913 diff changeset	974 i_fatal("LDAP: No uris or hosts set");
0e8f0647504b Check that uris and hosts settings are correct. Timo Sirainen <tss@iki.fi> parents: 3913 diff changeset	975 #ifndef LDAP_HAVE_INITIALIZE
4180 92b572fbb88a If LDAP library didn't have ldap_initialize() function, we always complained Timo Sirainen <tss@iki.fi> parents: 4006 diff changeset	976 if (conn->set.uris != NULL) {
4006 0e8f0647504b Check that uris and hosts settings are correct. Timo Sirainen <tss@iki.fi> parents: 3913 diff changeset	977 i_fatal("LDAP: Dovecot compiled without support for LDAP uris "
0e8f0647504b Check that uris and hosts settings are correct. Timo Sirainen <tss@iki.fi> parents: 3913 diff changeset	978 "(ldap_initialize not found)");
0e8f0647504b Check that uris and hosts settings are correct. Timo Sirainen <tss@iki.fi> parents: 3913 diff changeset	979 }
0e8f0647504b Check that uris and hosts settings are correct. Timo Sirainen <tss@iki.fi> parents: 3913 diff changeset	980 #endif
0e8f0647504b Check that uris and hosts settings are correct. Timo Sirainen <tss@iki.fi> parents: 3913 diff changeset	981
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	982 conn->set.ldap_deref = deref2str(conn->set.deref);
3502 5e78500f1aee user_global_uid and user_global_gid settings weren't working. Also changed Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	983 conn->set.ldap_scope = scope2str(conn->set.scope);
5e78500f1aee user_global_uid and user_global_gid settings weren't working. Also changed Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	984
1143 50f10a7a3bad Use the same LDAP connection for both userdb and passdb if config_path is Timo Sirainen <tss@iki.fi> parents: 1141 diff changeset	985 conn->next = ldap_connections;
50f10a7a3bad Use the same LDAP connection for both userdb and passdb if config_path is Timo Sirainen <tss@iki.fi> parents: 1141 diff changeset	986 ldap_connections = conn;
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	987 return conn;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	988 }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	989
3879 928229f8b3e6 deinit, unref, destroy, close, free, etc. functions now take a pointer to Timo Sirainen <tss@iki.fi> parents: 3863 diff changeset	990 void db_ldap_unref(struct ldap_connection **_conn)
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	991 {
3879 928229f8b3e6 deinit, unref, destroy, close, free, etc. functions now take a pointer to Timo Sirainen <tss@iki.fi> parents: 3863 diff changeset	992 struct ldap_connection conn = _conn;
3657 0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3502 diff changeset	993 struct ldap_connection **p;
0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3502 diff changeset	994
3879 928229f8b3e6 deinit, unref, destroy, close, free, etc. functions now take a pointer to Timo Sirainen <tss@iki.fi> parents: 3863 diff changeset	995 *_conn = NULL;
3657 0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3502 diff changeset	996 i_assert(conn->refcount >= 0);
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	997 if (--conn->refcount > 0)
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	998 return;
3657 0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3502 diff changeset	999
0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3502 diff changeset	1000 for (p = &ldap_connections; p != NULL; p = &(p)->next) {
0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3502 diff changeset	1001 if (*p == conn) {
0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3502 diff changeset	1002 *p = conn->next;
0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3502 diff changeset	1003 break;
0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3502 diff changeset	1004 }
0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3502 diff changeset	1005 }
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	1006
3731 0a7beabfe332 If LDAP lookup fails because connection gets closed, try retrying it again Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	1007 ldap_conn_close(conn, TRUE);
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	1008
6417 047d0d8bbf0a hash_destroy() and hash_iterate_deinit() now take ** pointer. Timo Sirainen <tss@iki.fi> parents: 6411 diff changeset	1009 hash_destroy(&conn->requests);
3306 aebed9a9edac If both userdb and passdb used LDAP the later one was overriding first one's Timo Sirainen <tss@iki.fi> parents: 3212 diff changeset	1010 if (conn->pass_attr_map != NULL)
6417 047d0d8bbf0a hash_destroy() and hash_iterate_deinit() now take ** pointer. Timo Sirainen <tss@iki.fi> parents: 6411 diff changeset	1011 hash_destroy(&conn->pass_attr_map);
3306 aebed9a9edac If both userdb and passdb used LDAP the later one was overriding first one's Timo Sirainen <tss@iki.fi> parents: 3212 diff changeset	1012 if (conn->user_attr_map != NULL)
6417 047d0d8bbf0a hash_destroy() and hash_iterate_deinit() now take ** pointer. Timo Sirainen <tss@iki.fi> parents: 6411 diff changeset	1013 hash_destroy(&conn->user_attr_map);
6428 7cad076906eb pool_unref() now takes ** pointer. Timo Sirainen <tss@iki.fi> parents: 6417 diff changeset	1014 pool_unref(&conn->pool);
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	1015 }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	1016
6198 4f6c4aeafafb --with-ldap=plugin builds LDAP passdb and userdb support as a plugin. Timo Sirainen <tss@iki.fi> parents: 6175 diff changeset	1017 #ifndef BUILTIN_LDAP
4f6c4aeafafb --with-ldap=plugin builds LDAP passdb and userdb support as a plugin. Timo Sirainen <tss@iki.fi> parents: 6175 diff changeset	1018 /* Building a plugin */
4f6c4aeafafb --with-ldap=plugin builds LDAP passdb and userdb support as a plugin. Timo Sirainen <tss@iki.fi> parents: 6175 diff changeset	1019 extern struct passdb_module_interface passdb_ldap;
4f6c4aeafafb --with-ldap=plugin builds LDAP passdb and userdb support as a plugin. Timo Sirainen <tss@iki.fi> parents: 6175 diff changeset	1020 extern struct userdb_module_interface userdb_ldap;
4f6c4aeafafb --with-ldap=plugin builds LDAP passdb and userdb support as a plugin. Timo Sirainen <tss@iki.fi> parents: 6175 diff changeset	1021
4f6c4aeafafb --with-ldap=plugin builds LDAP passdb and userdb support as a plugin. Timo Sirainen <tss@iki.fi> parents: 6175 diff changeset	1022 void authdb_ldap_init(void);
4f6c4aeafafb --with-ldap=plugin builds LDAP passdb and userdb support as a plugin. Timo Sirainen <tss@iki.fi> parents: 6175 diff changeset	1023 void authdb_ldap_deinit(void);
4f6c4aeafafb --with-ldap=plugin builds LDAP passdb and userdb support as a plugin. Timo Sirainen <tss@iki.fi> parents: 6175 diff changeset	1024
4f6c4aeafafb --with-ldap=plugin builds LDAP passdb and userdb support as a plugin. Timo Sirainen <tss@iki.fi> parents: 6175 diff changeset	1025 void authdb_ldap_init(void)
4f6c4aeafafb --with-ldap=plugin builds LDAP passdb and userdb support as a plugin. Timo Sirainen <tss@iki.fi> parents: 6175 diff changeset	1026 {
4f6c4aeafafb --with-ldap=plugin builds LDAP passdb and userdb support as a plugin. Timo Sirainen <tss@iki.fi> parents: 6175 diff changeset	1027 passdb_register_module(&passdb_ldap);
4f6c4aeafafb --with-ldap=plugin builds LDAP passdb and userdb support as a plugin. Timo Sirainen <tss@iki.fi> parents: 6175 diff changeset	1028 userdb_register_module(&userdb_ldap);
4f6c4aeafafb --with-ldap=plugin builds LDAP passdb and userdb support as a plugin. Timo Sirainen <tss@iki.fi> parents: 6175 diff changeset	1029
4f6c4aeafafb --with-ldap=plugin builds LDAP passdb and userdb support as a plugin. Timo Sirainen <tss@iki.fi> parents: 6175 diff changeset	1030 }
4f6c4aeafafb --with-ldap=plugin builds LDAP passdb and userdb support as a plugin. Timo Sirainen <tss@iki.fi> parents: 6175 diff changeset	1031 void authdb_ldap_deinit(void)
4f6c4aeafafb --with-ldap=plugin builds LDAP passdb and userdb support as a plugin. Timo Sirainen <tss@iki.fi> parents: 6175 diff changeset	1032 {
4f6c4aeafafb --with-ldap=plugin builds LDAP passdb and userdb support as a plugin. Timo Sirainen <tss@iki.fi> parents: 6175 diff changeset	1033 passdb_unregister_module(&passdb_ldap);
4f6c4aeafafb --with-ldap=plugin builds LDAP passdb and userdb support as a plugin. Timo Sirainen <tss@iki.fi> parents: 6175 diff changeset	1034 userdb_unregister_module(&userdb_ldap);
4f6c4aeafafb --with-ldap=plugin builds LDAP passdb and userdb support as a plugin. Timo Sirainen <tss@iki.fi> parents: 6175 diff changeset	1035 }
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	1036 #endif
6198 4f6c4aeafafb --with-ldap=plugin builds LDAP passdb and userdb support as a plugin. Timo Sirainen <tss@iki.fi> parents: 6175 diff changeset	1037
4f6c4aeafafb --with-ldap=plugin builds LDAP passdb and userdb support as a plugin. Timo Sirainen <tss@iki.fi> parents: 6175 diff changeset	1038 #endif

Mercurial > dovecot > original-hg > dovecot-1.2

annotate src/auth/db-ldap.c @ 6429:65c69a53a7be HEAD