Mercurial > dovecot > original-hg > dovecot-1.2
annotate src/auth/db-ldap.c @ 6429:65c69a53a7be HEAD
Replaced my Copyright notices. The year range always ends with 2007 now.
My name was replaced with "Dovecot authors". In many cases I didn't really
even own the copyright, so this is more correct.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Sun, 16 Sep 2007 14:34:22 +0300 |
parents | 7cad076906eb |
children | ee420f238104 |
rev | line source |
---|---|
6429
65c69a53a7be
Replaced my Copyright notices. The year range always ends with 2007 now.
Timo Sirainen <tss@iki.fi>
parents:
6428
diff
changeset
|
1 /* Copyright (c) 2003-2007 Dovecot authors, see the included COPYING file */ |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
2 |
3474
9096b7957413
Removed direct config.h including. I'm not sure why it was done before,
Timo Sirainen <tss@iki.fi>
parents:
3306
diff
changeset
|
3 #include "common.h" |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
4 |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
5 #if defined(PASSDB_LDAP) || defined(USERDB_LDAP) |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
6 |
1075
f1401fa7ab03
auth process fixes, LDAP seems to be working (with the kludge define or
Timo Sirainen <tss@iki.fi>
parents:
1062
diff
changeset
|
7 #include "network.h" |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
8 #include "ioloop.h" |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
9 #include "hash.h" |
1189
2cb8e2136283
Escape special chars in username if needed.
Timo Sirainen <tss@iki.fi>
parents:
1182
diff
changeset
|
10 #include "str.h" |
5884
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
11 #include "var-expand.h" |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
12 #include "settings.h" |
3502
5e78500f1aee
user_global_uid and user_global_gid settings weren't working. Also changed
Timo Sirainen <tss@iki.fi>
parents:
3474
diff
changeset
|
13 #include "userdb.h" |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
14 #include "db-ldap.h" |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
15 |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
16 #include <stddef.h> |
1610
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1330
diff
changeset
|
17 #include <stdlib.h> |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
18 |
4426
b8089cf41c96
Check for sasl.h and sasl/sasl.h existence and use the one that's found. If
Timo Sirainen <tss@iki.fi>
parents:
4415
diff
changeset
|
19 #define HAVE_LDAP_SASL |
4427
ffafc8583e06
Prefer sasl/sasl.h. Require SASL v2, otherwise disable it.
Timo Sirainen <tss@iki.fi>
parents:
4426
diff
changeset
|
20 #ifdef HAVE_SASL_SASL_H |
ffafc8583e06
Prefer sasl/sasl.h. Require SASL v2, otherwise disable it.
Timo Sirainen <tss@iki.fi>
parents:
4426
diff
changeset
|
21 # include <sasl/sasl.h> |
ffafc8583e06
Prefer sasl/sasl.h. Require SASL v2, otherwise disable it.
Timo Sirainen <tss@iki.fi>
parents:
4426
diff
changeset
|
22 #elif defined (HAVE_SASL_H) |
4426
b8089cf41c96
Check for sasl.h and sasl/sasl.h existence and use the one that's found. If
Timo Sirainen <tss@iki.fi>
parents:
4415
diff
changeset
|
23 # include <sasl.h> |
b8089cf41c96
Check for sasl.h and sasl/sasl.h existence and use the one that's found. If
Timo Sirainen <tss@iki.fi>
parents:
4415
diff
changeset
|
24 #else |
b8089cf41c96
Check for sasl.h and sasl/sasl.h existence and use the one that's found. If
Timo Sirainen <tss@iki.fi>
parents:
4415
diff
changeset
|
25 # undef HAVE_LDAP_SASL |
b8089cf41c96
Check for sasl.h and sasl/sasl.h existence and use the one that's found. If
Timo Sirainen <tss@iki.fi>
parents:
4415
diff
changeset
|
26 #endif |
4427
ffafc8583e06
Prefer sasl/sasl.h. Require SASL v2, otherwise disable it.
Timo Sirainen <tss@iki.fi>
parents:
4426
diff
changeset
|
27 #if SASL_VERSION_MAJOR < 2 |
ffafc8583e06
Prefer sasl/sasl.h. Require SASL v2, otherwise disable it.
Timo Sirainen <tss@iki.fi>
parents:
4426
diff
changeset
|
28 # undef HAVE_LDAP_SASL |
ffafc8583e06
Prefer sasl/sasl.h. Require SASL v2, otherwise disable it.
Timo Sirainen <tss@iki.fi>
parents:
4426
diff
changeset
|
29 #endif |
4426
b8089cf41c96
Check for sasl.h and sasl/sasl.h existence and use the one that's found. If
Timo Sirainen <tss@iki.fi>
parents:
4415
diff
changeset
|
30 |
4806 | 31 #ifndef LDAP_SASL_QUIET |
32 # define LDAP_SASL_QUIET 0 /* Doesn't exist in Solaris LDAP */ | |
33 #endif | |
34 | |
1181
ac7dbb236b59
Rather than block for two seconds, we can just call ldap_result() again if
Timo Sirainen <tss@iki.fi>
parents:
1143
diff
changeset
|
35 /* Older versions may require calling ldap_result() twice */ |
ac7dbb236b59
Rather than block for two seconds, we can just call ldap_result() again if
Timo Sirainen <tss@iki.fi>
parents:
1143
diff
changeset
|
36 #if LDAP_VENDOR_VERSION <= 20112 |
1086
067130d609b7
Define OPENLDAP_ASYNC_WORKAROUND
Timo Sirainen <tss@iki.fi>
parents:
1075
diff
changeset
|
37 # define OPENLDAP_ASYNC_WORKAROUND |
067130d609b7
Define OPENLDAP_ASYNC_WORKAROUND
Timo Sirainen <tss@iki.fi>
parents:
1075
diff
changeset
|
38 #endif |
067130d609b7
Define OPENLDAP_ASYNC_WORKAROUND
Timo Sirainen <tss@iki.fi>
parents:
1075
diff
changeset
|
39 |
2325
7613e0f68513
Fixed to compile with Solaris LDAP library
Timo Sirainen <tss@iki.fi>
parents:
1910
diff
changeset
|
40 /* Solaris LDAP library doesn't have LDAP_OPT_SUCCESS */ |
7613e0f68513
Fixed to compile with Solaris LDAP library
Timo Sirainen <tss@iki.fi>
parents:
1910
diff
changeset
|
41 #ifndef LDAP_OPT_SUCCESS |
7613e0f68513
Fixed to compile with Solaris LDAP library
Timo Sirainen <tss@iki.fi>
parents:
1910
diff
changeset
|
42 # define LDAP_OPT_SUCCESS LDAP_SUCCESS |
7613e0f68513
Fixed to compile with Solaris LDAP library
Timo Sirainen <tss@iki.fi>
parents:
1910
diff
changeset
|
43 #endif |
7613e0f68513
Fixed to compile with Solaris LDAP library
Timo Sirainen <tss@iki.fi>
parents:
1910
diff
changeset
|
44 |
5884
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
45 struct db_ldap_result_iterate_context { |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
46 struct ldap_connection *conn; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
47 LDAPMessage *entry; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
48 struct auth_request *auth_request; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
49 |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
50 struct hash_table *attr_map; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
51 struct var_expand_table *var_table; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
52 |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
53 char *attr, **vals; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
54 const char *name, *value, *template, *val_1_arr[2]; |
6149
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
55 const char *const *static_attrs; |
5884
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
56 BerElement *ber; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
57 |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
58 string_t *var, *debug; |
6144
d779b7220e23
LDAP crashfixes. Based on patch by Katsu Yamamoto.
Timo Sirainen <tss@iki.fi>
parents:
5884
diff
changeset
|
59 unsigned int value_idx; |
5884
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
60 }; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
61 |
5474
331337b735c9
Added type checks to setting defines.
Timo Sirainen <tss@iki.fi>
parents:
5040
diff
changeset
|
62 #define DEF_STR(name) DEF_STRUCT_STR(name, ldap_settings) |
331337b735c9
Added type checks to setting defines.
Timo Sirainen <tss@iki.fi>
parents:
5040
diff
changeset
|
63 #define DEF_INT(name) DEF_STRUCT_INT(name, ldap_settings) |
331337b735c9
Added type checks to setting defines.
Timo Sirainen <tss@iki.fi>
parents:
5040
diff
changeset
|
64 #define DEF_BOOL(name) DEF_STRUCT_BOOL(name, ldap_settings) |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
65 |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
66 static struct setting_def setting_defs[] = { |
5474
331337b735c9
Added type checks to setting defines.
Timo Sirainen <tss@iki.fi>
parents:
5040
diff
changeset
|
67 DEF_STR(hosts), |
331337b735c9
Added type checks to setting defines.
Timo Sirainen <tss@iki.fi>
parents:
5040
diff
changeset
|
68 DEF_STR(uris), |
331337b735c9
Added type checks to setting defines.
Timo Sirainen <tss@iki.fi>
parents:
5040
diff
changeset
|
69 DEF_STR(dn), |
331337b735c9
Added type checks to setting defines.
Timo Sirainen <tss@iki.fi>
parents:
5040
diff
changeset
|
70 DEF_STR(dnpass), |
331337b735c9
Added type checks to setting defines.
Timo Sirainen <tss@iki.fi>
parents:
5040
diff
changeset
|
71 DEF_BOOL(auth_bind), |
331337b735c9
Added type checks to setting defines.
Timo Sirainen <tss@iki.fi>
parents:
5040
diff
changeset
|
72 DEF_STR(auth_bind_userdn), |
331337b735c9
Added type checks to setting defines.
Timo Sirainen <tss@iki.fi>
parents:
5040
diff
changeset
|
73 DEF_BOOL(tls), |
331337b735c9
Added type checks to setting defines.
Timo Sirainen <tss@iki.fi>
parents:
5040
diff
changeset
|
74 DEF_BOOL(sasl_bind), |
331337b735c9
Added type checks to setting defines.
Timo Sirainen <tss@iki.fi>
parents:
5040
diff
changeset
|
75 DEF_STR(sasl_mech), |
331337b735c9
Added type checks to setting defines.
Timo Sirainen <tss@iki.fi>
parents:
5040
diff
changeset
|
76 DEF_STR(sasl_realm), |
331337b735c9
Added type checks to setting defines.
Timo Sirainen <tss@iki.fi>
parents:
5040
diff
changeset
|
77 DEF_STR(sasl_authz_id), |
331337b735c9
Added type checks to setting defines.
Timo Sirainen <tss@iki.fi>
parents:
5040
diff
changeset
|
78 DEF_STR(deref), |
331337b735c9
Added type checks to setting defines.
Timo Sirainen <tss@iki.fi>
parents:
5040
diff
changeset
|
79 DEF_STR(scope), |
331337b735c9
Added type checks to setting defines.
Timo Sirainen <tss@iki.fi>
parents:
5040
diff
changeset
|
80 DEF_STR(base), |
331337b735c9
Added type checks to setting defines.
Timo Sirainen <tss@iki.fi>
parents:
5040
diff
changeset
|
81 DEF_INT(ldap_version), |
331337b735c9
Added type checks to setting defines.
Timo Sirainen <tss@iki.fi>
parents:
5040
diff
changeset
|
82 DEF_STR(user_attrs), |
331337b735c9
Added type checks to setting defines.
Timo Sirainen <tss@iki.fi>
parents:
5040
diff
changeset
|
83 DEF_STR(user_filter), |
331337b735c9
Added type checks to setting defines.
Timo Sirainen <tss@iki.fi>
parents:
5040
diff
changeset
|
84 DEF_STR(pass_attrs), |
331337b735c9
Added type checks to setting defines.
Timo Sirainen <tss@iki.fi>
parents:
5040
diff
changeset
|
85 DEF_STR(pass_filter), |
331337b735c9
Added type checks to setting defines.
Timo Sirainen <tss@iki.fi>
parents:
5040
diff
changeset
|
86 DEF_STR(default_pass_scheme), |
3913
af15aab60ff1
Settings' default listing wasn't ended properly, which could have caused
Timo Sirainen <tss@iki.fi>
parents:
3908
diff
changeset
|
87 |
af15aab60ff1
Settings' default listing wasn't ended properly, which could have caused
Timo Sirainen <tss@iki.fi>
parents:
3908
diff
changeset
|
88 { 0, NULL, 0 } |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
89 }; |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
90 |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
91 struct ldap_settings default_ldap_settings = { |
1910 | 92 MEMBER(hosts) NULL, |
93 MEMBER(uris) NULL, | |
1075
f1401fa7ab03
auth process fixes, LDAP seems to be working (with the kludge define or
Timo Sirainen <tss@iki.fi>
parents:
1062
diff
changeset
|
94 MEMBER(dn) NULL, |
f1401fa7ab03
auth process fixes, LDAP seems to be working (with the kludge define or
Timo Sirainen <tss@iki.fi>
parents:
1062
diff
changeset
|
95 MEMBER(dnpass) NULL, |
3771
4b6d962485b9
Added authentication bind support. Patch by J.M. Maurer.
Timo Sirainen <tss@iki.fi>
parents:
3731
diff
changeset
|
96 MEMBER(auth_bind) FALSE, |
3840
935f12d0d2fe
Added fast authbinding and auth_bind_userdn setting. Patch by Geff
Timo Sirainen <tss@iki.fi>
parents:
3771
diff
changeset
|
97 MEMBER(auth_bind_userdn) NULL, |
4415
b91816cd1d16
Added TLS support for LDAP if the library supports it.
Timo Sirainen <tss@iki.fi>
parents:
4405
diff
changeset
|
98 MEMBER(tls) FALSE, |
4319
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
99 MEMBER(sasl_bind) FALSE, |
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
100 MEMBER(sasl_mech) NULL, |
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
101 MEMBER(sasl_realm) NULL, |
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
102 MEMBER(sasl_authz_id) NULL, |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
103 MEMBER(deref) "never", |
1135
81930fff13cf
passdb ldap added. fixes to userdb ldap.
Timo Sirainen <tss@iki.fi>
parents:
1086
diff
changeset
|
104 MEMBER(scope) "subtree", |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
105 MEMBER(base) NULL, |
1282 | 106 MEMBER(ldap_version) 2, |
6147
45a12a1bd299
Changed default pass_attrs and user_attrs to use the new format.
Timo Sirainen <tss@iki.fi>
parents:
6144
diff
changeset
|
107 MEMBER(user_attrs) "homeDirectory=home,uidNumber=uid,gidNumber=gid", |
3094
d78e9a31b6d8
Move default filters/attrs to setting defaults rather than check it from
Timo Sirainen <tss@iki.fi>
parents:
2994
diff
changeset
|
108 MEMBER(user_filter) "(&(objectClass=posixAccount)(uid=%u))", |
6147
45a12a1bd299
Changed default pass_attrs and user_attrs to use the new format.
Timo Sirainen <tss@iki.fi>
parents:
6144
diff
changeset
|
109 MEMBER(pass_attrs) "uid=user,userPassword=password", |
3094
d78e9a31b6d8
Move default filters/attrs to setting defaults rather than check it from
Timo Sirainen <tss@iki.fi>
parents:
2994
diff
changeset
|
110 MEMBER(pass_filter) "(&(objectClass=posixAccount)(uid=%u))", |
5872
93bd157917ca
Changed userdb callback API. Don't require uid/gid to be returned by userdb.
Timo Sirainen <tss@iki.fi>
parents:
5554
diff
changeset
|
111 MEMBER(default_pass_scheme) "crypt" |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
112 }; |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
113 |
1143
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
114 static struct ldap_connection *ldap_connections = NULL; |
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
115 |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
116 static int db_ldap_bind(struct ldap_connection *conn); |
3863
55df57c028d4
Added "bool" type and changed all ints that were used as booleans to bool.
Timo Sirainen <tss@iki.fi>
parents:
3840
diff
changeset
|
117 static void ldap_conn_close(struct ldap_connection *conn, bool flush_requests); |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
118 |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
119 static int deref2str(const char *str) |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
120 { |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
121 if (strcasecmp(str, "never") == 0) |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
122 return LDAP_DEREF_NEVER; |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
123 if (strcasecmp(str, "searching") == 0) |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
124 return LDAP_DEREF_SEARCHING; |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
125 if (strcasecmp(str, "finding") == 0) |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
126 return LDAP_DEREF_FINDING; |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
127 if (strcasecmp(str, "always") == 0) |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
128 return LDAP_DEREF_ALWAYS; |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
129 |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
130 i_fatal("LDAP: Unknown deref option '%s'", str); |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
131 } |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
132 |
1135
81930fff13cf
passdb ldap added. fixes to userdb ldap.
Timo Sirainen <tss@iki.fi>
parents:
1086
diff
changeset
|
133 static int scope2str(const char *str) |
81930fff13cf
passdb ldap added. fixes to userdb ldap.
Timo Sirainen <tss@iki.fi>
parents:
1086
diff
changeset
|
134 { |
81930fff13cf
passdb ldap added. fixes to userdb ldap.
Timo Sirainen <tss@iki.fi>
parents:
1086
diff
changeset
|
135 if (strcasecmp(str, "base") == 0) |
81930fff13cf
passdb ldap added. fixes to userdb ldap.
Timo Sirainen <tss@iki.fi>
parents:
1086
diff
changeset
|
136 return LDAP_SCOPE_BASE; |
81930fff13cf
passdb ldap added. fixes to userdb ldap.
Timo Sirainen <tss@iki.fi>
parents:
1086
diff
changeset
|
137 if (strcasecmp(str, "onelevel") == 0) |
81930fff13cf
passdb ldap added. fixes to userdb ldap.
Timo Sirainen <tss@iki.fi>
parents:
1086
diff
changeset
|
138 return LDAP_SCOPE_ONELEVEL; |
81930fff13cf
passdb ldap added. fixes to userdb ldap.
Timo Sirainen <tss@iki.fi>
parents:
1086
diff
changeset
|
139 if (strcasecmp(str, "subtree") == 0) |
81930fff13cf
passdb ldap added. fixes to userdb ldap.
Timo Sirainen <tss@iki.fi>
parents:
1086
diff
changeset
|
140 return LDAP_SCOPE_SUBTREE; |
81930fff13cf
passdb ldap added. fixes to userdb ldap.
Timo Sirainen <tss@iki.fi>
parents:
1086
diff
changeset
|
141 |
81930fff13cf
passdb ldap added. fixes to userdb ldap.
Timo Sirainen <tss@iki.fi>
parents:
1086
diff
changeset
|
142 i_fatal("LDAP: Unknown scope option '%s'", str); |
81930fff13cf
passdb ldap added. fixes to userdb ldap.
Timo Sirainen <tss@iki.fi>
parents:
1086
diff
changeset
|
143 } |
81930fff13cf
passdb ldap added. fixes to userdb ldap.
Timo Sirainen <tss@iki.fi>
parents:
1086
diff
changeset
|
144 |
5006
129aa779a7f8
Last change for making ldap_bind() error handling better was actually
Timo Sirainen <tss@iki.fi>
parents:
4996
diff
changeset
|
145 static int ldap_get_errno(struct ldap_connection *conn) |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
146 { |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
147 int ret, err; |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
148 |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
149 ret = ldap_get_option(conn->ld, LDAP_OPT_ERROR_NUMBER, (void *) &err); |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
150 if (ret != LDAP_SUCCESS) { |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
151 i_error("LDAP: Can't get error number: %s", |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
152 ldap_err2string(ret)); |
6368
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
153 return LDAP_UNAVAILABLE; |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
154 } |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
155 |
5006
129aa779a7f8
Last change for making ldap_bind() error handling better was actually
Timo Sirainen <tss@iki.fi>
parents:
4996
diff
changeset
|
156 return err; |
129aa779a7f8
Last change for making ldap_bind() error handling better was actually
Timo Sirainen <tss@iki.fi>
parents:
4996
diff
changeset
|
157 } |
129aa779a7f8
Last change for making ldap_bind() error handling better was actually
Timo Sirainen <tss@iki.fi>
parents:
4996
diff
changeset
|
158 |
129aa779a7f8
Last change for making ldap_bind() error handling better was actually
Timo Sirainen <tss@iki.fi>
parents:
4996
diff
changeset
|
159 const char *ldap_get_error(struct ldap_connection *conn) |
129aa779a7f8
Last change for making ldap_bind() error handling better was actually
Timo Sirainen <tss@iki.fi>
parents:
4996
diff
changeset
|
160 { |
129aa779a7f8
Last change for making ldap_bind() error handling better was actually
Timo Sirainen <tss@iki.fi>
parents:
4996
diff
changeset
|
161 return ldap_err2string(ldap_get_errno(conn)); |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
162 } |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
163 |
4772
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
164 void db_ldap_add_delayed_request(struct ldap_connection *conn, |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
165 struct ldap_request *request) |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
166 { |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
167 request->next = NULL; |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
168 |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
169 if (conn->delayed_requests_head == NULL) |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
170 conn->delayed_requests_head = request; |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
171 else |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
172 conn->delayed_requests_tail->next = request; |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
173 conn->delayed_requests_tail = request; |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
174 } |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
175 |
5037
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
176 static void db_ldap_handle_next_delayed_request(struct ldap_connection *conn) |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
177 { |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
178 struct ldap_request *request; |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
179 |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
180 if (conn->delayed_requests_head == NULL) |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
181 return; |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
182 |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
183 request = conn->delayed_requests_head; |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
184 conn->delayed_requests_head = request->next; |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
185 if (conn->delayed_requests_head == NULL) |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
186 conn->delayed_requests_tail = NULL; |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
187 |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
188 conn->retrying = TRUE; |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
189 if (request->filter == NULL) |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
190 request->callback(conn, request, NULL); |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
191 else |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
192 db_ldap_search(conn, request, conn->set.ldap_scope); |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
193 conn->retrying = FALSE; |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
194 } |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
195 |
6368
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
196 static void ldap_conn_reconnect(struct ldap_connection *conn) |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
197 { |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
198 ldap_conn_close(conn, FALSE); |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
199 |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
200 if (db_ldap_connect(conn) < 0) { |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
201 /* failed to reconnect. fail all requests. */ |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
202 ldap_conn_close(conn, TRUE); |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
203 } |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
204 } |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
205 |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
206 static void ldap_handle_error(struct ldap_connection *conn) |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
207 { |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
208 int err = ldap_get_errno(conn); |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
209 |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
210 switch (err) { |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
211 case LDAP_SUCCESS: |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
212 i_unreached(); |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
213 case LDAP_SIZELIMIT_EXCEEDED: |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
214 case LDAP_TIMELIMIT_EXCEEDED: |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
215 case LDAP_NO_SUCH_ATTRIBUTE: |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
216 case LDAP_UNDEFINED_TYPE: |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
217 case LDAP_INAPPROPRIATE_MATCHING: |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
218 case LDAP_CONSTRAINT_VIOLATION: |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
219 case LDAP_TYPE_OR_VALUE_EXISTS: |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
220 case LDAP_INVALID_SYNTAX: |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
221 case LDAP_NO_SUCH_OBJECT: |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
222 case LDAP_ALIAS_PROBLEM: |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
223 case LDAP_INVALID_DN_SYNTAX: |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
224 case LDAP_IS_LEAF: |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
225 case LDAP_ALIAS_DEREF_PROBLEM: |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
226 case LDAP_FILTER_ERROR: |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
227 /* invalid input */ |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
228 break; |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
229 case LDAP_SERVER_DOWN: |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
230 case LDAP_TIMEOUT: |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
231 case LDAP_UNAVAILABLE: |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
232 case LDAP_BUSY: |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
233 #ifdef LDAP_CONNECT_ERROR |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
234 case LDAP_CONNECT_ERROR: |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
235 #endif |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
236 case LDAP_LOCAL_ERROR: |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
237 case LDAP_INVALID_CREDENTIALS: |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
238 default: |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
239 /* connection problems */ |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
240 ldap_conn_reconnect(conn); |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
241 break; |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
242 } |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
243 } |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
244 |
3771
4b6d962485b9
Added authentication bind support. Patch by J.M. Maurer.
Timo Sirainen <tss@iki.fi>
parents:
3731
diff
changeset
|
245 void db_ldap_search(struct ldap_connection *conn, struct ldap_request *request, |
4b6d962485b9
Added authentication bind support. Patch by J.M. Maurer.
Timo Sirainen <tss@iki.fi>
parents:
3731
diff
changeset
|
246 int scope) |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
247 { |
6368
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
248 int try, msgid = -1; |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
249 |
4742 | 250 if (db_ldap_connect(conn) < 0) { |
251 request->callback(conn, request, NULL); | |
252 return; | |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
253 } |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
254 |
6368
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
255 for (try = 0; conn->connected && !conn->binding && try < 2; try++) { |
4751 | 256 if (conn->last_auth_bind) { |
257 /* switch back to the default dn before doing the | |
258 search request. */ | |
259 if (db_ldap_bind(conn) < 0) { | |
260 request->callback(conn, request, NULL); | |
261 return; | |
262 } | |
6368
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
263 break; |
4751 | 264 } |
265 | |
266 msgid = ldap_search(conn->ld, request->base, scope, | |
267 request->filter, request->attributes, 0); | |
6370
b755957098cd
And a fix for last LDAP lookup changes.
Timo Sirainen <tss@iki.fi>
parents:
6369
diff
changeset
|
268 if (msgid != -1) |
b755957098cd
And a fix for last LDAP lookup changes.
Timo Sirainen <tss@iki.fi>
parents:
6369
diff
changeset
|
269 break; |
b755957098cd
And a fix for last LDAP lookup changes.
Timo Sirainen <tss@iki.fi>
parents:
6369
diff
changeset
|
270 |
b755957098cd
And a fix for last LDAP lookup changes.
Timo Sirainen <tss@iki.fi>
parents:
6369
diff
changeset
|
271 i_error("LDAP: ldap_search() failed (filter %s): %s", |
b755957098cd
And a fix for last LDAP lookup changes.
Timo Sirainen <tss@iki.fi>
parents:
6369
diff
changeset
|
272 request->filter, ldap_get_error(conn)); |
b755957098cd
And a fix for last LDAP lookup changes.
Timo Sirainen <tss@iki.fi>
parents:
6369
diff
changeset
|
273 ldap_handle_error(conn); |
6368
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
274 } |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
275 |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
276 if (msgid != -1) |
4772
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
277 hash_insert(conn->requests, POINTER_CAST(msgid), request); |
6368
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
278 else |
4772
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
279 db_ldap_add_delayed_request(conn, request); |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
280 } |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
281 |
3731
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
282 static void ldap_conn_retry_requests(struct ldap_connection *conn) |
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
283 { |
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
284 struct hash_table *old_requests; |
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
285 struct hash_iterate_context *iter; |
4772
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
286 struct ldap_request *request, **p, *next; |
3731
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
287 void *key, *value; |
4772
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
288 bool have_hash_binds = FALSE; |
3731
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
289 |
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
290 i_assert(conn->connected); |
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
291 |
4772
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
292 if (hash_size(conn->requests) == 0 && |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
293 conn->delayed_requests_head == NULL) |
3731
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
294 return; |
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
295 |
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
296 old_requests = conn->requests; |
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
297 conn->requests = hash_create(default_pool, conn->pool, 0, NULL, NULL); |
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
298 |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
299 conn->retrying = TRUE; |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
300 /* first retry all the search requests */ |
3731
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
301 iter = hash_iterate_init(old_requests); |
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
302 while (hash_iterate(iter, &key, &value)) { |
4772
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
303 request = value; |
3731
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
304 |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
305 if (request->filter == NULL) { |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
306 /* bind request */ |
4772
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
307 have_hash_binds = TRUE; |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
308 } else { |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
309 i_assert(conn->connected); |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
310 db_ldap_search(conn, request, conn->set.ldap_scope); |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
311 } |
3731
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
312 } |
6417
047d0d8bbf0a
hash_destroy() and hash_iterate_deinit() now take ** pointer.
Timo Sirainen <tss@iki.fi>
parents:
6411
diff
changeset
|
313 hash_iterate_deinit(&iter); |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
314 |
4772
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
315 /* then delayed search requests */ |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
316 p = &conn->delayed_requests_head; |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
317 while (*p != NULL) { |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
318 request = *p; |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
319 |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
320 if (request->filter != NULL) { |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
321 *p = request->next; |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
322 |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
323 i_assert(conn->connected); |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
324 db_ldap_search(conn, request, conn->set.ldap_scope); |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
325 } else { |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
326 p = &(*p)->next; |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
327 } |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
328 } |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
329 |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
330 if (have_hash_binds && conn->set.auth_bind) { |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
331 /* next retry all the bind requests. without auth binds the |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
332 only bind request can be the initial connection binding, |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
333 which we don't care to retry. */ |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
334 iter = hash_iterate_init(old_requests); |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
335 while (hash_iterate(iter, &key, &value)) { |
4772
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
336 request = value; |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
337 |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
338 if (request->filter == NULL) |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
339 request->callback(conn, request, NULL); |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
340 } |
6417
047d0d8bbf0a
hash_destroy() and hash_iterate_deinit() now take ** pointer.
Timo Sirainen <tss@iki.fi>
parents:
6411
diff
changeset
|
341 hash_iterate_deinit(&iter); |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
342 } |
4772
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
343 if (conn->delayed_requests_head != NULL && conn->set.auth_bind) { |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
344 request = conn->delayed_requests_head; |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
345 for (; request != NULL; request = next) { |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
346 next = request->next; |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
347 |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
348 i_assert(request->filter == NULL); |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
349 request->callback(conn, request, NULL); |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
350 } |
6152
58144db52331
Retrying delayed auth binds after LDAP server reconnection assert-crashed.
Timo Sirainen <tss@iki.fi>
parents:
6149
diff
changeset
|
351 conn->delayed_requests_head = NULL; |
4772
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
352 } |
6417
047d0d8bbf0a
hash_destroy() and hash_iterate_deinit() now take ** pointer.
Timo Sirainen <tss@iki.fi>
parents:
6411
diff
changeset
|
353 hash_destroy(&old_requests); |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
354 |
4772
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
355 i_assert(conn->delayed_requests_head == NULL); |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
356 conn->delayed_requests_tail = NULL; |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
357 conn->retrying = FALSE; |
3731
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
358 } |
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
359 |
4907
5b4c9b20eba0
Replaced void *context from a lot of callbacks with the actual context
Timo Sirainen <tss@iki.fi>
parents:
4903
diff
changeset
|
360 static void ldap_input(struct ldap_connection *conn) |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
361 { |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
362 struct ldap_request *request; |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
363 struct timeval timeout; |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
364 LDAPMessage *res; |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
365 int ret, msgid; |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
366 |
5037
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
367 for (;;) { |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
368 if (conn->ld == NULL) |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
369 return; |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
370 |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
371 memset(&timeout, 0, sizeof(timeout)); |
1181
ac7dbb236b59
Rather than block for two seconds, we can just call ldap_result() again if
Timo Sirainen <tss@iki.fi>
parents:
1143
diff
changeset
|
372 ret = ldap_result(conn->ld, LDAP_RES_ANY, 1, &timeout, &res); |
1075
f1401fa7ab03
auth process fixes, LDAP seems to be working (with the kludge define or
Timo Sirainen <tss@iki.fi>
parents:
1062
diff
changeset
|
373 #ifdef OPENLDAP_ASYNC_WORKAROUND |
1181
ac7dbb236b59
Rather than block for two seconds, we can just call ldap_result() again if
Timo Sirainen <tss@iki.fi>
parents:
1143
diff
changeset
|
374 if (ret == 0) { |
ac7dbb236b59
Rather than block for two seconds, we can just call ldap_result() again if
Timo Sirainen <tss@iki.fi>
parents:
1143
diff
changeset
|
375 /* try again, there may be another in buffer */ |
ac7dbb236b59
Rather than block for two seconds, we can just call ldap_result() again if
Timo Sirainen <tss@iki.fi>
parents:
1143
diff
changeset
|
376 ret = ldap_result(conn->ld, LDAP_RES_ANY, 1, |
ac7dbb236b59
Rather than block for two seconds, we can just call ldap_result() again if
Timo Sirainen <tss@iki.fi>
parents:
1143
diff
changeset
|
377 &timeout, &res); |
ac7dbb236b59
Rather than block for two seconds, we can just call ldap_result() again if
Timo Sirainen <tss@iki.fi>
parents:
1143
diff
changeset
|
378 } |
1075
f1401fa7ab03
auth process fixes, LDAP seems to be working (with the kludge define or
Timo Sirainen <tss@iki.fi>
parents:
1062
diff
changeset
|
379 #endif |
5037
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
380 if (ret <= 0) |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
381 break; |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
382 |
1210 | 383 msgid = ldap_msgid(res); |
384 request = hash_lookup(conn->requests, POINTER_CAST(msgid)); | |
385 if (request == NULL) { | |
386 i_error("LDAP: Reply with unknown msgid %d", | |
387 msgid); | |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
388 } else { |
1210 | 389 hash_remove(conn->requests, POINTER_CAST(msgid)); |
390 request->callback(conn, request, res); | |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
391 } |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
392 |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
393 ldap_msgfree(res); |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
394 } |
5037
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
395 |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
396 if (ret < 0) { |
6368
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
397 i_error("LDAP: ldap_result() failed: %s", ldap_get_error(conn)); |
6369
f7cc3723ad99
Actually reconnect always if ldap_result() fails for any reason. There
Timo Sirainen <tss@iki.fi>
parents:
6368
diff
changeset
|
398 ldap_conn_reconnect(conn); |
5037
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
399 } else { |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
400 if (!conn->binding) |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
401 db_ldap_handle_next_delayed_request(conn); |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
402 } |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
403 } |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
404 |
4426
b8089cf41c96
Check for sasl.h and sasl/sasl.h existence and use the one that's found. If
Timo Sirainen <tss@iki.fi>
parents:
4415
diff
changeset
|
405 #ifdef HAVE_LDAP_SASL |
4405
fe17f63521ea
Compiler warning fixes and some coding style cleanups.
Timo Sirainen <tss@iki.fi>
parents:
4319
diff
changeset
|
406 static int |
6411
6a64e64fa3a3
Renamed __attr_*__ to ATTR_*. Renamed __attrs_used__ to ATTRS_DEFINED.
Timo Sirainen <tss@iki.fi>
parents:
6370
diff
changeset
|
407 sasl_interact(LDAP *ld ATTR_UNUSED, unsigned flags ATTR_UNUSED, |
4405
fe17f63521ea
Compiler warning fixes and some coding style cleanups.
Timo Sirainen <tss@iki.fi>
parents:
4319
diff
changeset
|
408 void *defaults, void *interact) |
4319
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
409 { |
4426
b8089cf41c96
Check for sasl.h and sasl/sasl.h existence and use the one that's found. If
Timo Sirainen <tss@iki.fi>
parents:
4415
diff
changeset
|
410 struct ldap_sasl_bind_context *context = defaults; |
4319
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
411 sasl_interact_t *in; |
4405
fe17f63521ea
Compiler warning fixes and some coding style cleanups.
Timo Sirainen <tss@iki.fi>
parents:
4319
diff
changeset
|
412 const char *str; |
4319
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
413 |
4405
fe17f63521ea
Compiler warning fixes and some coding style cleanups.
Timo Sirainen <tss@iki.fi>
parents:
4319
diff
changeset
|
414 for (in = interact; in->id != SASL_CB_LIST_END; in++) { |
fe17f63521ea
Compiler warning fixes and some coding style cleanups.
Timo Sirainen <tss@iki.fi>
parents:
4319
diff
changeset
|
415 switch (in->id) { |
4319
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
416 case SASL_CB_GETREALM: |
4405
fe17f63521ea
Compiler warning fixes and some coding style cleanups.
Timo Sirainen <tss@iki.fi>
parents:
4319
diff
changeset
|
417 str = context->realm; |
4319
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
418 break; |
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
419 case SASL_CB_AUTHNAME: |
4405
fe17f63521ea
Compiler warning fixes and some coding style cleanups.
Timo Sirainen <tss@iki.fi>
parents:
4319
diff
changeset
|
420 str = context->authcid; |
4319
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
421 break; |
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
422 case SASL_CB_USER: |
4405
fe17f63521ea
Compiler warning fixes and some coding style cleanups.
Timo Sirainen <tss@iki.fi>
parents:
4319
diff
changeset
|
423 str = context->authzid; |
4319
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
424 break; |
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
425 case SASL_CB_PASS: |
4405
fe17f63521ea
Compiler warning fixes and some coding style cleanups.
Timo Sirainen <tss@iki.fi>
parents:
4319
diff
changeset
|
426 str = context->passwd; |
fe17f63521ea
Compiler warning fixes and some coding style cleanups.
Timo Sirainen <tss@iki.fi>
parents:
4319
diff
changeset
|
427 break; |
fe17f63521ea
Compiler warning fixes and some coding style cleanups.
Timo Sirainen <tss@iki.fi>
parents:
4319
diff
changeset
|
428 default: |
fe17f63521ea
Compiler warning fixes and some coding style cleanups.
Timo Sirainen <tss@iki.fi>
parents:
4319
diff
changeset
|
429 str = NULL; |
4319
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
430 break; |
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
431 } |
4405
fe17f63521ea
Compiler warning fixes and some coding style cleanups.
Timo Sirainen <tss@iki.fi>
parents:
4319
diff
changeset
|
432 if (str != NULL) { |
fe17f63521ea
Compiler warning fixes and some coding style cleanups.
Timo Sirainen <tss@iki.fi>
parents:
4319
diff
changeset
|
433 in->len = strlen(str); |
fe17f63521ea
Compiler warning fixes and some coding style cleanups.
Timo Sirainen <tss@iki.fi>
parents:
4319
diff
changeset
|
434 in->result = str; |
4319
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
435 } |
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
436 |
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
437 } |
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
438 return LDAP_SUCCESS; |
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
439 } |
4426
b8089cf41c96
Check for sasl.h and sasl/sasl.h existence and use the one that's found. If
Timo Sirainen <tss@iki.fi>
parents:
4415
diff
changeset
|
440 #endif |
4319
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
441 |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
442 static int db_ldap_connect_finish(struct ldap_connection *conn, int ret) |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
443 { |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
444 if (ret == LDAP_SERVER_DOWN) { |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
445 i_error("LDAP: Can't connect to server: %s", |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
446 conn->set.uris != NULL ? |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
447 conn->set.uris : conn->set.hosts); |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
448 return -1; |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
449 } |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
450 if (ret != LDAP_SUCCESS) { |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
451 i_error("LDAP: binding failed (dn %s): %s", |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
452 conn->set.dn == NULL ? "(none)" : conn->set.dn, |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
453 ldap_get_error(conn)); |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
454 return -1; |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
455 } |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
456 |
4751 | 457 if (!conn->connected) { |
458 conn->connected = TRUE; | |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
459 |
4751 | 460 /* in case there are requests waiting, retry them */ |
461 ldap_conn_retry_requests(conn); | |
462 } | |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
463 return 0; |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
464 } |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
465 |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
466 static void db_ldap_bind_callback(struct ldap_connection *conn, |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
467 struct ldap_request *ldap_request, |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
468 LDAPMessage *res) |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
469 { |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
470 int ret; |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
471 |
5037
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
472 conn->binding = FALSE; |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
473 conn->connecting = FALSE; |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
474 i_free(ldap_request); |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
475 |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
476 if (res == NULL) { |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
477 /* aborted */ |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
478 return; |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
479 } |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
480 |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
481 ret = ldap_result2error(conn->ld, res, FALSE); |
4751 | 482 if (db_ldap_connect_finish(conn, ret) < 0) { |
483 /* lost connection, close it */ | |
484 ldap_conn_close(conn, TRUE); | |
485 } | |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
486 } |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
487 |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
488 static int db_ldap_bind(struct ldap_connection *conn) |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
489 { |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
490 struct ldap_request *ldap_request; |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
491 int msgid; |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
492 |
5037
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
493 i_assert(!conn->binding); |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
494 |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
495 ldap_request = i_new(struct ldap_request, 1); |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
496 ldap_request->callback = db_ldap_bind_callback; |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
497 ldap_request->context = conn; |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
498 |
4996
cfef56a6bf4a
If ldap_bind() fails directly, log the "ldap server down" errors more nicely.
Timo Sirainen <tss@iki.fi>
parents:
4907
diff
changeset
|
499 msgid = ldap_bind(conn->ld, conn->set.dn, conn->set.dnpass, |
cfef56a6bf4a
If ldap_bind() fails directly, log the "ldap server down" errors more nicely.
Timo Sirainen <tss@iki.fi>
parents:
4907
diff
changeset
|
500 LDAP_AUTH_SIMPLE); |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
501 if (msgid == -1) { |
5006
129aa779a7f8
Last change for making ldap_bind() error handling better was actually
Timo Sirainen <tss@iki.fi>
parents:
4996
diff
changeset
|
502 db_ldap_connect_finish(conn, ldap_get_errno(conn)); |
4742 | 503 i_free(ldap_request); |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
504 return -1; |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
505 } |
4751 | 506 |
507 conn->connecting = TRUE; | |
5037
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
508 conn->binding = TRUE; |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
509 hash_insert(conn->requests, POINTER_CAST(msgid), ldap_request); |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
510 |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
511 /* we're binding back to the original DN, not doing an |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
512 authentication bind */ |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
513 conn->last_auth_bind = FALSE; |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
514 return 0; |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
515 } |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
516 |
4742 | 517 static void db_ldap_get_fd(struct ldap_connection *conn) |
518 { | |
519 int ret; | |
520 | |
521 /* get the connection's fd */ | |
522 ret = ldap_get_option(conn->ld, LDAP_OPT_DESC, (void *)&conn->fd); | |
523 if (ret != LDAP_SUCCESS) { | |
524 i_fatal("LDAP: Can't get connection fd: %s", | |
525 ldap_err2string(ret)); | |
526 } | |
527 i_assert(conn->fd != -1); | |
528 net_set_nonblock(conn->fd, TRUE); | |
529 } | |
530 | |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
531 int db_ldap_connect(struct ldap_connection *conn) |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
532 { |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
533 unsigned int ldap_version; |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
534 int ret; |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
535 |
4742 | 536 if (conn->connected || conn->connecting) |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
537 return 0; |
5037
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
538 i_assert(!conn->binding); |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
539 |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
540 if (conn->ld == NULL) { |
1910 | 541 if (conn->set.uris != NULL) { |
2325
7613e0f68513
Fixed to compile with Solaris LDAP library
Timo Sirainen <tss@iki.fi>
parents:
1910
diff
changeset
|
542 #ifdef LDAP_HAVE_INITIALIZE |
1910 | 543 if (ldap_initialize(&conn->ld, conn->set.uris) != LDAP_SUCCESS) |
544 conn->ld = NULL; | |
2325
7613e0f68513
Fixed to compile with Solaris LDAP library
Timo Sirainen <tss@iki.fi>
parents:
1910
diff
changeset
|
545 #else |
7613e0f68513
Fixed to compile with Solaris LDAP library
Timo Sirainen <tss@iki.fi>
parents:
1910
diff
changeset
|
546 i_fatal("LDAP: Your LDAP library doesn't support " |
7613e0f68513
Fixed to compile with Solaris LDAP library
Timo Sirainen <tss@iki.fi>
parents:
1910
diff
changeset
|
547 "'uris' setting, use 'hosts' instead."); |
7613e0f68513
Fixed to compile with Solaris LDAP library
Timo Sirainen <tss@iki.fi>
parents:
1910
diff
changeset
|
548 #endif |
1910 | 549 } else |
550 conn->ld = ldap_init(conn->set.hosts, LDAP_PORT); | |
551 | |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
552 if (conn->ld == NULL) |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
553 i_fatal("LDAP: ldap_init() failed with hosts: %s", |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
554 conn->set.hosts); |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
555 |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
556 ret = ldap_set_option(conn->ld, LDAP_OPT_DEREF, |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
557 (void *)&conn->set.ldap_deref); |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
558 if (ret != LDAP_SUCCESS) { |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
559 i_fatal("LDAP: Can't set deref option: %s", |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
560 ldap_err2string(ret)); |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
561 } |
1282 | 562 |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
563 /* If SASL binds are used, the protocol version needs to be |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
564 at least 3 */ |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
565 ldap_version = conn->set.sasl_bind && |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
566 conn->set.ldap_version < 3 ? 3 : |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
567 conn->set.ldap_version; |
1282 | 568 ret = ldap_set_option(conn->ld, LDAP_OPT_PROTOCOL_VERSION, |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
569 (void *)&ldap_version); |
1282 | 570 if (ret != LDAP_OPT_SUCCESS) { |
571 i_fatal("LDAP: Can't set protocol version %u: %s", | |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
572 ldap_version, ldap_err2string(ret)); |
1282 | 573 } |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
574 } |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
575 |
4415
b91816cd1d16
Added TLS support for LDAP if the library supports it.
Timo Sirainen <tss@iki.fi>
parents:
4405
diff
changeset
|
576 if (conn->set.tls) { |
b91816cd1d16
Added TLS support for LDAP if the library supports it.
Timo Sirainen <tss@iki.fi>
parents:
4405
diff
changeset
|
577 #ifdef LDAP_HAVE_START_TLS_S |
b91816cd1d16
Added TLS support for LDAP if the library supports it.
Timo Sirainen <tss@iki.fi>
parents:
4405
diff
changeset
|
578 ret = ldap_start_tls_s(conn->ld, NULL, NULL); |
b91816cd1d16
Added TLS support for LDAP if the library supports it.
Timo Sirainen <tss@iki.fi>
parents:
4405
diff
changeset
|
579 if (ret != LDAP_SUCCESS) { |
b91816cd1d16
Added TLS support for LDAP if the library supports it.
Timo Sirainen <tss@iki.fi>
parents:
4405
diff
changeset
|
580 i_error("LDAP: ldap_start_tls_s() failed: %s", |
b91816cd1d16
Added TLS support for LDAP if the library supports it.
Timo Sirainen <tss@iki.fi>
parents:
4405
diff
changeset
|
581 ldap_err2string(ret)); |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
582 return -1; |
4415
b91816cd1d16
Added TLS support for LDAP if the library supports it.
Timo Sirainen <tss@iki.fi>
parents:
4405
diff
changeset
|
583 } |
b91816cd1d16
Added TLS support for LDAP if the library supports it.
Timo Sirainen <tss@iki.fi>
parents:
4405
diff
changeset
|
584 #else |
b91816cd1d16
Added TLS support for LDAP if the library supports it.
Timo Sirainen <tss@iki.fi>
parents:
4405
diff
changeset
|
585 i_error("LDAP: Your LDAP library doesn't support TLS"); |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
586 return -1; |
4415
b91816cd1d16
Added TLS support for LDAP if the library supports it.
Timo Sirainen <tss@iki.fi>
parents:
4405
diff
changeset
|
587 #endif |
b91816cd1d16
Added TLS support for LDAP if the library supports it.
Timo Sirainen <tss@iki.fi>
parents:
4405
diff
changeset
|
588 } |
b91816cd1d16
Added TLS support for LDAP if the library supports it.
Timo Sirainen <tss@iki.fi>
parents:
4405
diff
changeset
|
589 |
4319
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
590 if (conn->set.sasl_bind) { |
4426
b8089cf41c96
Check for sasl.h and sasl/sasl.h existence and use the one that's found. If
Timo Sirainen <tss@iki.fi>
parents:
4415
diff
changeset
|
591 #ifdef HAVE_LDAP_SASL |
b8089cf41c96
Check for sasl.h and sasl/sasl.h existence and use the one that's found. If
Timo Sirainen <tss@iki.fi>
parents:
4415
diff
changeset
|
592 struct ldap_sasl_bind_context context; |
b8089cf41c96
Check for sasl.h and sasl/sasl.h existence and use the one that's found. If
Timo Sirainen <tss@iki.fi>
parents:
4415
diff
changeset
|
593 |
b8089cf41c96
Check for sasl.h and sasl/sasl.h existence and use the one that's found. If
Timo Sirainen <tss@iki.fi>
parents:
4415
diff
changeset
|
594 memset(&context, 0, sizeof(context)); |
4319
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
595 context.authcid = conn->set.dn; |
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
596 context.passwd = conn->set.dnpass; |
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
597 context.realm = conn->set.sasl_realm; |
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
598 context.authzid = conn->set.sasl_authz_id; |
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
599 |
4743 | 600 /* There doesn't seem to be a way to do SASL binding |
601 asynchronously.. */ | |
4405
fe17f63521ea
Compiler warning fixes and some coding style cleanups.
Timo Sirainen <tss@iki.fi>
parents:
4319
diff
changeset
|
602 ret = ldap_sasl_interactive_bind_s(conn->ld, NULL, |
fe17f63521ea
Compiler warning fixes and some coding style cleanups.
Timo Sirainen <tss@iki.fi>
parents:
4319
diff
changeset
|
603 conn->set.sasl_mech, |
4319
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
604 NULL, NULL, LDAP_SASL_QUIET, |
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
605 sasl_interact, &context); |
4743 | 606 if (db_ldap_connect_finish(conn, ret) < 0) |
607 return -1; | |
608 db_ldap_get_fd(conn); | |
4426
b8089cf41c96
Check for sasl.h and sasl/sasl.h existence and use the one that's found. If
Timo Sirainen <tss@iki.fi>
parents:
4415
diff
changeset
|
609 #else |
b8089cf41c96
Check for sasl.h and sasl/sasl.h existence and use the one that's found. If
Timo Sirainen <tss@iki.fi>
parents:
4415
diff
changeset
|
610 i_fatal("LDAP: sasl_bind=yes but no SASL support compiled in"); |
b8089cf41c96
Check for sasl.h and sasl/sasl.h existence and use the one that's found. If
Timo Sirainen <tss@iki.fi>
parents:
4415
diff
changeset
|
611 #endif |
4319
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
612 } else { |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
613 if (db_ldap_bind(conn) < 0) |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
614 return -1; |
4742 | 615 db_ldap_get_fd(conn); |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
616 } |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
617 |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
618 conn->io = io_add(conn->fd, IO_READ, ldap_input, conn); |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
619 return 0; |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
620 } |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
621 |
3863
55df57c028d4
Added "bool" type and changed all ints that were used as booleans to bool.
Timo Sirainen <tss@iki.fi>
parents:
3840
diff
changeset
|
622 static void ldap_conn_close(struct ldap_connection *conn, bool flush_requests) |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
623 { |
1897
1e6ed8045f2b
Changed hash_foreach() to iterator.
Timo Sirainen <tss@iki.fi>
parents:
1709
diff
changeset
|
624 struct hash_iterate_context *iter; |
4772
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
625 struct ldap_request *request, *next; |
1897
1e6ed8045f2b
Changed hash_foreach() to iterator.
Timo Sirainen <tss@iki.fi>
parents:
1709
diff
changeset
|
626 void *key, *value; |
1e6ed8045f2b
Changed hash_foreach() to iterator.
Timo Sirainen <tss@iki.fi>
parents:
1709
diff
changeset
|
627 |
3731
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
628 if (flush_requests) { |
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
629 iter = hash_iterate_init(conn->requests); |
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
630 while (hash_iterate(iter, &key, &value)) { |
4772
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
631 request = value; |
1897
1e6ed8045f2b
Changed hash_foreach() to iterator.
Timo Sirainen <tss@iki.fi>
parents:
1709
diff
changeset
|
632 |
3731
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
633 request->callback(conn, request, NULL); |
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
634 } |
6417
047d0d8bbf0a
hash_destroy() and hash_iterate_deinit() now take ** pointer.
Timo Sirainen <tss@iki.fi>
parents:
6411
diff
changeset
|
635 hash_iterate_deinit(&iter); |
3731
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
636 hash_clear(conn->requests, FALSE); |
4772
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
637 |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
638 request = conn->delayed_requests_head; |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
639 for (; request != NULL; request = next) { |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
640 next = request->next; |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
641 |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
642 request->callback(conn, request, NULL); |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
643 } |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
644 conn->delayed_requests_head = NULL; |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
645 conn->delayed_requests_tail = NULL; |
1897
1e6ed8045f2b
Changed hash_foreach() to iterator.
Timo Sirainen <tss@iki.fi>
parents:
1709
diff
changeset
|
646 } |
1210 | 647 |
648 conn->connected = FALSE; | |
5037
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
649 conn->binding = FALSE; |
1210 | 650 |
3879
928229f8b3e6
deinit, unref, destroy, close, free, etc. functions now take a pointer to
Timo Sirainen <tss@iki.fi>
parents:
3863
diff
changeset
|
651 if (conn->io != NULL) |
928229f8b3e6
deinit, unref, destroy, close, free, etc. functions now take a pointer to
Timo Sirainen <tss@iki.fi>
parents:
3863
diff
changeset
|
652 io_remove(&conn->io); |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
653 |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
654 if (conn->ld != NULL) { |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
655 ldap_unbind(conn->ld); |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
656 conn->ld = NULL; |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
657 } |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
658 conn->fd = -1; |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
659 } |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
660 |
3158
8849f2e380d1
userdb can now return extra parameters to master. Removed special handling
Timo Sirainen <tss@iki.fi>
parents:
3094
diff
changeset
|
661 void db_ldap_set_attrs(struct ldap_connection *conn, const char *attrlist, |
3306
aebed9a9edac
If both userdb and passdb used LDAP the later one was overriding first one's
Timo Sirainen <tss@iki.fi>
parents:
3212
diff
changeset
|
662 char ***attr_names_r, struct hash_table *attr_map, |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
663 const char *skip_attr) |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
664 { |
6175
6c3788e03f7e
Ignore spaces after commas in user_attrs and pass_attrs.
Timo Sirainen <tss@iki.fi>
parents:
6152
diff
changeset
|
665 const char *const *attr, *attr_data, *p; |
6149
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
666 string_t *static_data; |
6175
6c3788e03f7e
Ignore spaces after commas in user_attrs and pass_attrs.
Timo Sirainen <tss@iki.fi>
parents:
6152
diff
changeset
|
667 char *name, *value; |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
668 unsigned int i, j, size; |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
669 |
3158
8849f2e380d1
userdb can now return extra parameters to master. Removed special handling
Timo Sirainen <tss@iki.fi>
parents:
3094
diff
changeset
|
670 if (*attrlist == '\0') |
8849f2e380d1
userdb can now return extra parameters to master. Removed special handling
Timo Sirainen <tss@iki.fi>
parents:
3094
diff
changeset
|
671 return; |
8849f2e380d1
userdb can now return extra parameters to master. Removed special handling
Timo Sirainen <tss@iki.fi>
parents:
3094
diff
changeset
|
672 |
8849f2e380d1
userdb can now return extra parameters to master. Removed special handling
Timo Sirainen <tss@iki.fi>
parents:
3094
diff
changeset
|
673 t_push(); |
8849f2e380d1
userdb can now return extra parameters to master. Removed special handling
Timo Sirainen <tss@iki.fi>
parents:
3094
diff
changeset
|
674 attr = t_strsplit(attrlist, ","); |
6149
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
675 static_data = t_str_new(128); |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
676 |
3212 | 677 /* @UNSAFE */ |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
678 for (size = 0; attr[size] != NULL; size++) ; |
3306
aebed9a9edac
If both userdb and passdb used LDAP the later one was overriding first one's
Timo Sirainen <tss@iki.fi>
parents:
3212
diff
changeset
|
679 *attr_names_r = p_new(conn->pool, char *, size + 1); |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
680 |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
681 for (i = j = 0; i < size; i++) { |
6175
6c3788e03f7e
Ignore spaces after commas in user_attrs and pass_attrs.
Timo Sirainen <tss@iki.fi>
parents:
6152
diff
changeset
|
682 /* allow spaces here so "foo=1, bar=2" works */ |
6c3788e03f7e
Ignore spaces after commas in user_attrs and pass_attrs.
Timo Sirainen <tss@iki.fi>
parents:
6152
diff
changeset
|
683 attr_data = attr[i]; |
6c3788e03f7e
Ignore spaces after commas in user_attrs and pass_attrs.
Timo Sirainen <tss@iki.fi>
parents:
6152
diff
changeset
|
684 while (*attr_data == ' ') attr_data++; |
6c3788e03f7e
Ignore spaces after commas in user_attrs and pass_attrs.
Timo Sirainen <tss@iki.fi>
parents:
6152
diff
changeset
|
685 |
6c3788e03f7e
Ignore spaces after commas in user_attrs and pass_attrs.
Timo Sirainen <tss@iki.fi>
parents:
6152
diff
changeset
|
686 p = strchr(attr_data, '='); |
6148
668a768fc8fd
Removed deprecated pass_attrs and user_attrs configuration method.
Timo Sirainen <tss@iki.fi>
parents:
6147
diff
changeset
|
687 if (p == NULL) |
6175
6c3788e03f7e
Ignore spaces after commas in user_attrs and pass_attrs.
Timo Sirainen <tss@iki.fi>
parents:
6152
diff
changeset
|
688 name = value = p_strdup(conn->pool, attr_data); |
6c3788e03f7e
Ignore spaces after commas in user_attrs and pass_attrs.
Timo Sirainen <tss@iki.fi>
parents:
6152
diff
changeset
|
689 else if (p != attr_data) { |
6c3788e03f7e
Ignore spaces after commas in user_attrs and pass_attrs.
Timo Sirainen <tss@iki.fi>
parents:
6152
diff
changeset
|
690 name = p_strdup_until(conn->pool, attr_data, p); |
3158
8849f2e380d1
userdb can now return extra parameters to master. Removed special handling
Timo Sirainen <tss@iki.fi>
parents:
3094
diff
changeset
|
691 value = p_strdup(conn->pool, p + 1); |
6149
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
692 } else { |
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
693 /* =<static key>=<static value> */ |
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
694 if (str_len(static_data) > 0) |
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
695 str_append_c(static_data, ','); |
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
696 str_append(static_data, p + 1); |
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
697 continue; |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
698 } |
3158
8849f2e380d1
userdb can now return extra parameters to master. Removed special handling
Timo Sirainen <tss@iki.fi>
parents:
3094
diff
changeset
|
699 |
4816
8ac2a2d27364
Cleanup: Don't put string literals into non-const pointers.
Timo Sirainen <tss@iki.fi>
parents:
4806
diff
changeset
|
700 if (*name != '\0' && |
8ac2a2d27364
Cleanup: Don't put string literals into non-const pointers.
Timo Sirainen <tss@iki.fi>
parents:
4806
diff
changeset
|
701 (skip_attr == NULL || strcmp(skip_attr, value) != 0)) { |
3306
aebed9a9edac
If both userdb and passdb used LDAP the later one was overriding first one's
Timo Sirainen <tss@iki.fi>
parents:
3212
diff
changeset
|
702 hash_insert(attr_map, name, value); |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
703 (*attr_names_r)[j++] = name; |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
704 } |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
705 } |
6149
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
706 if (str_len(static_data) > 0) { |
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
707 hash_insert(attr_map, "", |
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
708 p_strdup(conn->pool, str_c(static_data))); |
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
709 } |
3158
8849f2e380d1
userdb can now return extra parameters to master. Removed special handling
Timo Sirainen <tss@iki.fi>
parents:
3094
diff
changeset
|
710 t_pop(); |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
711 } |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
712 |
5884
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
713 struct var_expand_table * |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
714 db_ldap_value_get_var_expand_table(struct auth_request *auth_request) |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
715 { |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
716 const struct var_expand_table *auth_table; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
717 struct var_expand_table *table; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
718 unsigned int count; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
719 |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
720 auth_table = auth_request_get_var_expand_table(auth_request, NULL); |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
721 for (count = 0; auth_table[count].key != '\0'; count++) ; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
722 count++; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
723 |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
724 table = t_new(struct var_expand_table, count + 1); |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
725 table[0].key = '$'; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
726 memcpy(table + 1, auth_table, sizeof(*table) * count); |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
727 return table; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
728 } |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
729 |
1330
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1282
diff
changeset
|
730 #define IS_LDAP_ESCAPED_CHAR(c) \ |
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1282
diff
changeset
|
731 ((c) == '*' || (c) == '(' || (c) == ')' || (c) == '\\') |
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1282
diff
changeset
|
732 |
4295
4fc637010202
Escape SQL strings using sql_escape_string(). Fixes the problems with
Timo Sirainen <tss@iki.fi>
parents:
4180
diff
changeset
|
733 const char *ldap_escape(const char *str, |
6411
6a64e64fa3a3
Renamed __attr_*__ to ATTR_*. Renamed __attrs_used__ to ATTRS_DEFINED.
Timo Sirainen <tss@iki.fi>
parents:
6370
diff
changeset
|
734 const struct auth_request *auth_request ATTR_UNUSED) |
1189
2cb8e2136283
Escape special chars in username if needed.
Timo Sirainen <tss@iki.fi>
parents:
1182
diff
changeset
|
735 { |
2cb8e2136283
Escape special chars in username if needed.
Timo Sirainen <tss@iki.fi>
parents:
1182
diff
changeset
|
736 const char *p; |
1330
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1282
diff
changeset
|
737 string_t *ret; |
1189
2cb8e2136283
Escape special chars in username if needed.
Timo Sirainen <tss@iki.fi>
parents:
1182
diff
changeset
|
738 |
2cb8e2136283
Escape special chars in username if needed.
Timo Sirainen <tss@iki.fi>
parents:
1182
diff
changeset
|
739 for (p = str; *p != '\0'; p++) { |
1330
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1282
diff
changeset
|
740 if (IS_LDAP_ESCAPED_CHAR(*p)) |
1189
2cb8e2136283
Escape special chars in username if needed.
Timo Sirainen <tss@iki.fi>
parents:
1182
diff
changeset
|
741 break; |
2cb8e2136283
Escape special chars in username if needed.
Timo Sirainen <tss@iki.fi>
parents:
1182
diff
changeset
|
742 } |
2cb8e2136283
Escape special chars in username if needed.
Timo Sirainen <tss@iki.fi>
parents:
1182
diff
changeset
|
743 |
2cb8e2136283
Escape special chars in username if needed.
Timo Sirainen <tss@iki.fi>
parents:
1182
diff
changeset
|
744 if (*p == '\0') |
2cb8e2136283
Escape special chars in username if needed.
Timo Sirainen <tss@iki.fi>
parents:
1182
diff
changeset
|
745 return str; |
2cb8e2136283
Escape special chars in username if needed.
Timo Sirainen <tss@iki.fi>
parents:
1182
diff
changeset
|
746 |
1330
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1282
diff
changeset
|
747 ret = t_str_new((size_t) (p - str) + 64); |
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1282
diff
changeset
|
748 str_append_n(ret, str, (size_t) (p - str)); |
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1282
diff
changeset
|
749 |
1189
2cb8e2136283
Escape special chars in username if needed.
Timo Sirainen <tss@iki.fi>
parents:
1182
diff
changeset
|
750 for (; *p != '\0'; p++) { |
1330
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1282
diff
changeset
|
751 if (IS_LDAP_ESCAPED_CHAR(*p)) |
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1282
diff
changeset
|
752 str_append_c(ret, '\\'); |
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1282
diff
changeset
|
753 str_append_c(ret, *p); |
1189
2cb8e2136283
Escape special chars in username if needed.
Timo Sirainen <tss@iki.fi>
parents:
1182
diff
changeset
|
754 } |
1330
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1282
diff
changeset
|
755 return str_c(ret); |
1189
2cb8e2136283
Escape special chars in username if needed.
Timo Sirainen <tss@iki.fi>
parents:
1182
diff
changeset
|
756 } |
2cb8e2136283
Escape special chars in username if needed.
Timo Sirainen <tss@iki.fi>
parents:
1182
diff
changeset
|
757 |
5884
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
758 struct db_ldap_result_iterate_context * |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
759 db_ldap_result_iterate_init(struct ldap_connection *conn, LDAPMessage *entry, |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
760 struct auth_request *auth_request, |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
761 struct hash_table *attr_map) |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
762 { |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
763 struct db_ldap_result_iterate_context *ctx; |
6149
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
764 const char *static_data; |
5884
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
765 |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
766 ctx = t_new(struct db_ldap_result_iterate_context, 1); |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
767 ctx->conn = conn; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
768 ctx->entry = entry; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
769 ctx->auth_request = auth_request; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
770 ctx->attr_map = attr_map; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
771 |
6149
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
772 static_data = hash_lookup(attr_map, ""); |
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
773 if (static_data != NULL) |
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
774 ctx->static_attrs = t_strsplit(static_data, ","); |
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
775 |
5884
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
776 if (auth_request->auth->verbose_debug) |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
777 ctx->debug = t_str_new(256); |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
778 |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
779 ctx->attr = ldap_first_attribute(conn->ld, entry, &ctx->ber); |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
780 return ctx; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
781 } |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
782 |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
783 static void |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
784 db_ldap_result_iterate_finish(struct db_ldap_result_iterate_context *ctx) |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
785 { |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
786 if (ctx->debug != NULL && str_len(ctx->debug) > 0) { |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
787 auth_request_log_debug(ctx->auth_request, "ldap", |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
788 "result: %s", str_c(ctx->debug) + 1); |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
789 } |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
790 |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
791 ber_free(ctx->ber, 0); |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
792 } |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
793 |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
794 static void |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
795 db_ldap_result_change_attr(struct db_ldap_result_iterate_context *ctx) |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
796 { |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
797 ctx->name = hash_lookup(ctx->attr_map, ctx->attr); |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
798 |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
799 if (ctx->debug != NULL) { |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
800 str_printfa(ctx->debug, " %s(%s)=", ctx->attr, |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
801 ctx->name != NULL ? ctx->name : "?unknown?"); |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
802 } |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
803 |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
804 if (ctx->name == NULL || *ctx->name == '\0') { |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
805 ctx->value = NULL; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
806 return; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
807 } |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
808 |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
809 if (strchr(ctx->name, '%') != NULL && |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
810 (ctx->template = strchr(ctx->name, '=')) != NULL) { |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
811 /* we want to use variables */ |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
812 ctx->name = t_strdup_until(ctx->name, ctx->template); |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
813 ctx->template++; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
814 if (ctx->var_table == NULL) { |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
815 ctx->var_table = db_ldap_value_get_var_expand_table( |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
816 ctx->auth_request); |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
817 ctx->var = t_str_new(256); |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
818 } |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
819 } |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
820 |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
821 ctx->vals = ldap_get_values(ctx->conn->ld, ctx->entry, |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
822 ctx->attr); |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
823 ctx->value = ctx->vals[0]; |
6144
d779b7220e23
LDAP crashfixes. Based on patch by Katsu Yamamoto.
Timo Sirainen <tss@iki.fi>
parents:
5884
diff
changeset
|
824 ctx->value_idx = 0; |
5884
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
825 } |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
826 |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
827 static void |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
828 db_ldap_result_return_value(struct db_ldap_result_iterate_context *ctx) |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
829 { |
6144
d779b7220e23
LDAP crashfixes. Based on patch by Katsu Yamamoto.
Timo Sirainen <tss@iki.fi>
parents:
5884
diff
changeset
|
830 bool first = ctx->value_idx == 0; |
5884
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
831 |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
832 if (ctx->template != NULL) { |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
833 ctx->var_table[0].value = ctx->value; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
834 str_truncate(ctx->var, 0); |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
835 var_expand(ctx->var, ctx->template, ctx->var_table); |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
836 ctx->value = str_c(ctx->var); |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
837 } |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
838 |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
839 if (ctx->debug != NULL) { |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
840 if (!first) |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
841 str_append_c(ctx->debug, '/'); |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
842 if (ctx->auth_request->auth->verbose_debug_passwords || |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
843 strcmp(ctx->name, "password") != 0) |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
844 str_append(ctx->debug, ctx->value); |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
845 else |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
846 str_append(ctx->debug, PASSWORD_HIDDEN_STR); |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
847 } |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
848 } |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
849 |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
850 static bool db_ldap_result_int_next(struct db_ldap_result_iterate_context *ctx) |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
851 { |
6149
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
852 const char *p; |
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
853 |
5884
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
854 while (ctx->attr != NULL) { |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
855 if (ctx->vals == NULL) { |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
856 /* a new attribute */ |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
857 db_ldap_result_change_attr(ctx); |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
858 } else { |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
859 /* continuing existing attribute */ |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
860 if (ctx->value != NULL) |
6144
d779b7220e23
LDAP crashfixes. Based on patch by Katsu Yamamoto.
Timo Sirainen <tss@iki.fi>
parents:
5884
diff
changeset
|
861 ctx->value = ctx->vals[++ctx->value_idx]; |
5884
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
862 } |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
863 |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
864 if (ctx->value != NULL) { |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
865 db_ldap_result_return_value(ctx); |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
866 return TRUE; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
867 } |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
868 |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
869 ldap_value_free(ctx->vals); ctx->vals = NULL; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
870 ldap_memfree(ctx->attr); |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
871 ctx->attr = ldap_next_attribute(ctx->conn->ld, ctx->entry, |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
872 ctx->ber); |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
873 } |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
874 |
6149
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
875 if (ctx->static_attrs != NULL && *ctx->static_attrs != NULL) { |
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
876 p = strchr(*ctx->static_attrs, '='); |
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
877 if (p == NULL) { |
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
878 ctx->name = *ctx->static_attrs; |
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
879 ctx->value = ""; |
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
880 } else { |
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
881 ctx->name = t_strdup_until(*ctx->static_attrs, p); |
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
882 ctx->value = p + 1; |
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
883 } |
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
884 ctx->static_attrs++; |
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
885 return TRUE; |
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
886 } |
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
887 |
5884
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
888 db_ldap_result_iterate_finish(ctx); |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
889 return FALSE; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
890 } |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
891 |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
892 bool db_ldap_result_iterate_next(struct db_ldap_result_iterate_context *ctx, |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
893 const char **name_r, const char **value_r) |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
894 { |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
895 if (!db_ldap_result_int_next(ctx)) |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
896 return FALSE; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
897 |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
898 *name_r = ctx->name; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
899 *value_r = ctx->value; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
900 return TRUE; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
901 } |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
902 |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
903 bool db_ldap_result_iterate_next_all(struct db_ldap_result_iterate_context *ctx, |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
904 const char **name_r, |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
905 const char *const **values_r) |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
906 { |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
907 if (!db_ldap_result_int_next(ctx)) |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
908 return FALSE; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
909 |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
910 if (ctx->template != NULL) { |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
911 /* we can use only one value with templates */ |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
912 ctx->val_1_arr[0] = ctx->value; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
913 *values_r = ctx->val_1_arr; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
914 } else { |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
915 *values_r = (const char *const *)ctx->vals; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
916 } |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
917 ctx->value = NULL; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
918 *name_r = ctx->name; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
919 return TRUE; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
920 } |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
921 |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
922 static const char *parse_setting(const char *key, const char *value, |
4907
5b4c9b20eba0
Replaced void *context from a lot of callbacks with the actual context
Timo Sirainen <tss@iki.fi>
parents:
4903
diff
changeset
|
923 struct ldap_connection *conn) |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
924 { |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
925 return parse_setting_from_defs(conn->pool, setting_defs, |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
926 &conn->set, key, value); |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
927 } |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
928 |
1143
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
929 static struct ldap_connection *ldap_conn_find(const char *config_path) |
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
930 { |
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
931 struct ldap_connection *conn; |
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
932 |
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
933 for (conn = ldap_connections; conn != NULL; conn = conn->next) { |
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
934 if (strcmp(conn->config_path, config_path) == 0) |
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
935 return conn; |
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
936 } |
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
937 |
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
938 return NULL; |
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
939 } |
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
940 |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
941 struct ldap_connection *db_ldap_init(const char *config_path) |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
942 { |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
943 struct ldap_connection *conn; |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
944 pool_t pool; |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
945 |
1143
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
946 /* see if it already exists */ |
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
947 conn = ldap_conn_find(config_path); |
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
948 if (conn != NULL) { |
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
949 conn->refcount++; |
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
950 return conn; |
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
951 } |
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
952 |
3908
afe21b6d4b68
Give a clear error message if SQL/LDAP configuration file path was left
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
953 if (*config_path == '\0') |
afe21b6d4b68
Give a clear error message if SQL/LDAP configuration file path was left
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
954 i_fatal("LDAP: Configuration file path not given"); |
afe21b6d4b68
Give a clear error message if SQL/LDAP configuration file path was left
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
955 |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
956 pool = pool_alloconly_create("ldap_connection", 1024); |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
957 conn = p_new(pool, struct ldap_connection, 1); |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
958 conn->pool = pool; |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
959 |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
960 conn->refcount = 1; |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
961 conn->requests = hash_create(default_pool, pool, 0, NULL, NULL); |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
962 |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
963 conn->fd = -1; |
1143
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
964 conn->config_path = p_strdup(pool, config_path); |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
965 conn->set = default_ldap_settings; |
4903
204d7edc7cdc
Added context parameter type safety checks for most callback APIs.
Timo Sirainen <tss@iki.fi>
parents:
4816
diff
changeset
|
966 if (!settings_read(config_path, NULL, parse_setting, |
204d7edc7cdc
Added context parameter type safety checks for most callback APIs.
Timo Sirainen <tss@iki.fi>
parents:
4816
diff
changeset
|
967 null_settings_section_callback, conn)) |
1610
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1330
diff
changeset
|
968 exit(FATAL_DEFAULT); |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
969 |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
970 if (conn->set.base == NULL) |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
971 i_fatal("LDAP: No base given"); |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
972 |
4006
0e8f0647504b
Check that uris and hosts settings are correct.
Timo Sirainen <tss@iki.fi>
parents:
3913
diff
changeset
|
973 if (conn->set.uris == NULL && conn->set.hosts == NULL) |
0e8f0647504b
Check that uris and hosts settings are correct.
Timo Sirainen <tss@iki.fi>
parents:
3913
diff
changeset
|
974 i_fatal("LDAP: No uris or hosts set"); |
0e8f0647504b
Check that uris and hosts settings are correct.
Timo Sirainen <tss@iki.fi>
parents:
3913
diff
changeset
|
975 #ifndef LDAP_HAVE_INITIALIZE |
4180
92b572fbb88a
If LDAP library didn't have ldap_initialize() function, we always complained
Timo Sirainen <tss@iki.fi>
parents:
4006
diff
changeset
|
976 if (conn->set.uris != NULL) { |
4006
0e8f0647504b
Check that uris and hosts settings are correct.
Timo Sirainen <tss@iki.fi>
parents:
3913
diff
changeset
|
977 i_fatal("LDAP: Dovecot compiled without support for LDAP uris " |
0e8f0647504b
Check that uris and hosts settings are correct.
Timo Sirainen <tss@iki.fi>
parents:
3913
diff
changeset
|
978 "(ldap_initialize not found)"); |
0e8f0647504b
Check that uris and hosts settings are correct.
Timo Sirainen <tss@iki.fi>
parents:
3913
diff
changeset
|
979 } |
0e8f0647504b
Check that uris and hosts settings are correct.
Timo Sirainen <tss@iki.fi>
parents:
3913
diff
changeset
|
980 #endif |
0e8f0647504b
Check that uris and hosts settings are correct.
Timo Sirainen <tss@iki.fi>
parents:
3913
diff
changeset
|
981 |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
982 conn->set.ldap_deref = deref2str(conn->set.deref); |
3502
5e78500f1aee
user_global_uid and user_global_gid settings weren't working. Also changed
Timo Sirainen <tss@iki.fi>
parents:
3474
diff
changeset
|
983 conn->set.ldap_scope = scope2str(conn->set.scope); |
5e78500f1aee
user_global_uid and user_global_gid settings weren't working. Also changed
Timo Sirainen <tss@iki.fi>
parents:
3474
diff
changeset
|
984 |
1143
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
985 conn->next = ldap_connections; |
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
986 ldap_connections = conn; |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
987 return conn; |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
988 } |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
989 |
3879
928229f8b3e6
deinit, unref, destroy, close, free, etc. functions now take a pointer to
Timo Sirainen <tss@iki.fi>
parents:
3863
diff
changeset
|
990 void db_ldap_unref(struct ldap_connection **_conn) |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
991 { |
3879
928229f8b3e6
deinit, unref, destroy, close, free, etc. functions now take a pointer to
Timo Sirainen <tss@iki.fi>
parents:
3863
diff
changeset
|
992 struct ldap_connection *conn = *_conn; |
3657
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3502
diff
changeset
|
993 struct ldap_connection **p; |
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3502
diff
changeset
|
994 |
3879
928229f8b3e6
deinit, unref, destroy, close, free, etc. functions now take a pointer to
Timo Sirainen <tss@iki.fi>
parents:
3863
diff
changeset
|
995 *_conn = NULL; |
3657
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3502
diff
changeset
|
996 i_assert(conn->refcount >= 0); |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
997 if (--conn->refcount > 0) |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
998 return; |
3657
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3502
diff
changeset
|
999 |
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3502
diff
changeset
|
1000 for (p = &ldap_connections; *p != NULL; p = &(*p)->next) { |
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3502
diff
changeset
|
1001 if (*p == conn) { |
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3502
diff
changeset
|
1002 *p = conn->next; |
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3502
diff
changeset
|
1003 break; |
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3502
diff
changeset
|
1004 } |
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3502
diff
changeset
|
1005 } |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
1006 |
3731
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
1007 ldap_conn_close(conn, TRUE); |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
1008 |
6417
047d0d8bbf0a
hash_destroy() and hash_iterate_deinit() now take ** pointer.
Timo Sirainen <tss@iki.fi>
parents:
6411
diff
changeset
|
1009 hash_destroy(&conn->requests); |
3306
aebed9a9edac
If both userdb and passdb used LDAP the later one was overriding first one's
Timo Sirainen <tss@iki.fi>
parents:
3212
diff
changeset
|
1010 if (conn->pass_attr_map != NULL) |
6417
047d0d8bbf0a
hash_destroy() and hash_iterate_deinit() now take ** pointer.
Timo Sirainen <tss@iki.fi>
parents:
6411
diff
changeset
|
1011 hash_destroy(&conn->pass_attr_map); |
3306
aebed9a9edac
If both userdb and passdb used LDAP the later one was overriding first one's
Timo Sirainen <tss@iki.fi>
parents:
3212
diff
changeset
|
1012 if (conn->user_attr_map != NULL) |
6417
047d0d8bbf0a
hash_destroy() and hash_iterate_deinit() now take ** pointer.
Timo Sirainen <tss@iki.fi>
parents:
6411
diff
changeset
|
1013 hash_destroy(&conn->user_attr_map); |
6428
7cad076906eb
pool_unref() now takes ** pointer.
Timo Sirainen <tss@iki.fi>
parents:
6417
diff
changeset
|
1014 pool_unref(&conn->pool); |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
1015 } |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
1016 |
6198
4f6c4aeafafb
--with-ldap=plugin builds LDAP passdb and userdb support as a plugin.
Timo Sirainen <tss@iki.fi>
parents:
6175
diff
changeset
|
1017 #ifndef BUILTIN_LDAP |
4f6c4aeafafb
--with-ldap=plugin builds LDAP passdb and userdb support as a plugin.
Timo Sirainen <tss@iki.fi>
parents:
6175
diff
changeset
|
1018 /* Building a plugin */ |
4f6c4aeafafb
--with-ldap=plugin builds LDAP passdb and userdb support as a plugin.
Timo Sirainen <tss@iki.fi>
parents:
6175
diff
changeset
|
1019 extern struct passdb_module_interface passdb_ldap; |
4f6c4aeafafb
--with-ldap=plugin builds LDAP passdb and userdb support as a plugin.
Timo Sirainen <tss@iki.fi>
parents:
6175
diff
changeset
|
1020 extern struct userdb_module_interface userdb_ldap; |
4f6c4aeafafb
--with-ldap=plugin builds LDAP passdb and userdb support as a plugin.
Timo Sirainen <tss@iki.fi>
parents:
6175
diff
changeset
|
1021 |
4f6c4aeafafb
--with-ldap=plugin builds LDAP passdb and userdb support as a plugin.
Timo Sirainen <tss@iki.fi>
parents:
6175
diff
changeset
|
1022 void authdb_ldap_init(void); |
4f6c4aeafafb
--with-ldap=plugin builds LDAP passdb and userdb support as a plugin.
Timo Sirainen <tss@iki.fi>
parents:
6175
diff
changeset
|
1023 void authdb_ldap_deinit(void); |
4f6c4aeafafb
--with-ldap=plugin builds LDAP passdb and userdb support as a plugin.
Timo Sirainen <tss@iki.fi>
parents:
6175
diff
changeset
|
1024 |
4f6c4aeafafb
--with-ldap=plugin builds LDAP passdb and userdb support as a plugin.
Timo Sirainen <tss@iki.fi>
parents:
6175
diff
changeset
|
1025 void authdb_ldap_init(void) |
4f6c4aeafafb
--with-ldap=plugin builds LDAP passdb and userdb support as a plugin.
Timo Sirainen <tss@iki.fi>
parents:
6175
diff
changeset
|
1026 { |
4f6c4aeafafb
--with-ldap=plugin builds LDAP passdb and userdb support as a plugin.
Timo Sirainen <tss@iki.fi>
parents:
6175
diff
changeset
|
1027 passdb_register_module(&passdb_ldap); |
4f6c4aeafafb
--with-ldap=plugin builds LDAP passdb and userdb support as a plugin.
Timo Sirainen <tss@iki.fi>
parents:
6175
diff
changeset
|
1028 userdb_register_module(&userdb_ldap); |
4f6c4aeafafb
--with-ldap=plugin builds LDAP passdb and userdb support as a plugin.
Timo Sirainen <tss@iki.fi>
parents:
6175
diff
changeset
|
1029 |
4f6c4aeafafb
--with-ldap=plugin builds LDAP passdb and userdb support as a plugin.
Timo Sirainen <tss@iki.fi>
parents:
6175
diff
changeset
|
1030 } |
4f6c4aeafafb
--with-ldap=plugin builds LDAP passdb and userdb support as a plugin.
Timo Sirainen <tss@iki.fi>
parents:
6175
diff
changeset
|
1031 void authdb_ldap_deinit(void) |
4f6c4aeafafb
--with-ldap=plugin builds LDAP passdb and userdb support as a plugin.
Timo Sirainen <tss@iki.fi>
parents:
6175
diff
changeset
|
1032 { |
4f6c4aeafafb
--with-ldap=plugin builds LDAP passdb and userdb support as a plugin.
Timo Sirainen <tss@iki.fi>
parents:
6175
diff
changeset
|
1033 passdb_unregister_module(&passdb_ldap); |
4f6c4aeafafb
--with-ldap=plugin builds LDAP passdb and userdb support as a plugin.
Timo Sirainen <tss@iki.fi>
parents:
6175
diff
changeset
|
1034 userdb_unregister_module(&userdb_ldap); |
4f6c4aeafafb
--with-ldap=plugin builds LDAP passdb and userdb support as a plugin.
Timo Sirainen <tss@iki.fi>
parents:
6175
diff
changeset
|
1035 } |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
1036 #endif |
6198
4f6c4aeafafb
--with-ldap=plugin builds LDAP passdb and userdb support as a plugin.
Timo Sirainen <tss@iki.fi>
parents:
6175
diff
changeset
|
1037 |
4f6c4aeafafb
--with-ldap=plugin builds LDAP passdb and userdb support as a plugin.
Timo Sirainen <tss@iki.fi>
parents:
6175
diff
changeset
|
1038 #endif |