Mercurial > dovecot > original-hg > dovecot-1.2
annotate src/auth/db-ldap.c @ 6369:f7cc3723ad99 HEAD
Actually reconnect always if ldap_result() fails for any reason. There
really aren't any other choices.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Mon, 10 Sep 2007 09:27:14 +0300 |
parents | a930c2ecd73c |
children | b755957098cd |
rev | line source |
---|---|
4426
b8089cf41c96
Check for sasl.h and sasl/sasl.h existence and use the one that's found. If
Timo Sirainen <tss@iki.fi>
parents:
4415
diff
changeset
|
1 /* Copyright (C) 2003-2006 Timo Sirainen */ |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
2 |
3474
9096b7957413
Removed direct config.h including. I'm not sure why it was done before,
Timo Sirainen <tss@iki.fi>
parents:
3306
diff
changeset
|
3 #include "common.h" |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
4 |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
5 #if defined(PASSDB_LDAP) || defined(USERDB_LDAP) |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
6 |
1075
f1401fa7ab03
auth process fixes, LDAP seems to be working (with the kludge define or
Timo Sirainen <tss@iki.fi>
parents:
1062
diff
changeset
|
7 #include "network.h" |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
8 #include "ioloop.h" |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
9 #include "hash.h" |
1189
2cb8e2136283
Escape special chars in username if needed.
Timo Sirainen <tss@iki.fi>
parents:
1182
diff
changeset
|
10 #include "str.h" |
5884
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
11 #include "var-expand.h" |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
12 #include "settings.h" |
3502
5e78500f1aee
user_global_uid and user_global_gid settings weren't working. Also changed
Timo Sirainen <tss@iki.fi>
parents:
3474
diff
changeset
|
13 #include "userdb.h" |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
14 #include "db-ldap.h" |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
15 |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
16 #include <stddef.h> |
1610
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1330
diff
changeset
|
17 #include <stdlib.h> |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
18 |
4426
b8089cf41c96
Check for sasl.h and sasl/sasl.h existence and use the one that's found. If
Timo Sirainen <tss@iki.fi>
parents:
4415
diff
changeset
|
19 #define HAVE_LDAP_SASL |
4427
ffafc8583e06
Prefer sasl/sasl.h. Require SASL v2, otherwise disable it.
Timo Sirainen <tss@iki.fi>
parents:
4426
diff
changeset
|
20 #ifdef HAVE_SASL_SASL_H |
ffafc8583e06
Prefer sasl/sasl.h. Require SASL v2, otherwise disable it.
Timo Sirainen <tss@iki.fi>
parents:
4426
diff
changeset
|
21 # include <sasl/sasl.h> |
ffafc8583e06
Prefer sasl/sasl.h. Require SASL v2, otherwise disable it.
Timo Sirainen <tss@iki.fi>
parents:
4426
diff
changeset
|
22 #elif defined (HAVE_SASL_H) |
4426
b8089cf41c96
Check for sasl.h and sasl/sasl.h existence and use the one that's found. If
Timo Sirainen <tss@iki.fi>
parents:
4415
diff
changeset
|
23 # include <sasl.h> |
b8089cf41c96
Check for sasl.h and sasl/sasl.h existence and use the one that's found. If
Timo Sirainen <tss@iki.fi>
parents:
4415
diff
changeset
|
24 #else |
b8089cf41c96
Check for sasl.h and sasl/sasl.h existence and use the one that's found. If
Timo Sirainen <tss@iki.fi>
parents:
4415
diff
changeset
|
25 # undef HAVE_LDAP_SASL |
b8089cf41c96
Check for sasl.h and sasl/sasl.h existence and use the one that's found. If
Timo Sirainen <tss@iki.fi>
parents:
4415
diff
changeset
|
26 #endif |
4427
ffafc8583e06
Prefer sasl/sasl.h. Require SASL v2, otherwise disable it.
Timo Sirainen <tss@iki.fi>
parents:
4426
diff
changeset
|
27 #if SASL_VERSION_MAJOR < 2 |
ffafc8583e06
Prefer sasl/sasl.h. Require SASL v2, otherwise disable it.
Timo Sirainen <tss@iki.fi>
parents:
4426
diff
changeset
|
28 # undef HAVE_LDAP_SASL |
ffafc8583e06
Prefer sasl/sasl.h. Require SASL v2, otherwise disable it.
Timo Sirainen <tss@iki.fi>
parents:
4426
diff
changeset
|
29 #endif |
4426
b8089cf41c96
Check for sasl.h and sasl/sasl.h existence and use the one that's found. If
Timo Sirainen <tss@iki.fi>
parents:
4415
diff
changeset
|
30 |
4806 | 31 #ifndef LDAP_SASL_QUIET |
32 # define LDAP_SASL_QUIET 0 /* Doesn't exist in Solaris LDAP */ | |
33 #endif | |
34 | |
1181
ac7dbb236b59
Rather than block for two seconds, we can just call ldap_result() again if
Timo Sirainen <tss@iki.fi>
parents:
1143
diff
changeset
|
35 /* Older versions may require calling ldap_result() twice */ |
ac7dbb236b59
Rather than block for two seconds, we can just call ldap_result() again if
Timo Sirainen <tss@iki.fi>
parents:
1143
diff
changeset
|
36 #if LDAP_VENDOR_VERSION <= 20112 |
1086
067130d609b7
Define OPENLDAP_ASYNC_WORKAROUND
Timo Sirainen <tss@iki.fi>
parents:
1075
diff
changeset
|
37 # define OPENLDAP_ASYNC_WORKAROUND |
067130d609b7
Define OPENLDAP_ASYNC_WORKAROUND
Timo Sirainen <tss@iki.fi>
parents:
1075
diff
changeset
|
38 #endif |
067130d609b7
Define OPENLDAP_ASYNC_WORKAROUND
Timo Sirainen <tss@iki.fi>
parents:
1075
diff
changeset
|
39 |
2325
7613e0f68513
Fixed to compile with Solaris LDAP library
Timo Sirainen <tss@iki.fi>
parents:
1910
diff
changeset
|
40 /* Solaris LDAP library doesn't have LDAP_OPT_SUCCESS */ |
7613e0f68513
Fixed to compile with Solaris LDAP library
Timo Sirainen <tss@iki.fi>
parents:
1910
diff
changeset
|
41 #ifndef LDAP_OPT_SUCCESS |
7613e0f68513
Fixed to compile with Solaris LDAP library
Timo Sirainen <tss@iki.fi>
parents:
1910
diff
changeset
|
42 # define LDAP_OPT_SUCCESS LDAP_SUCCESS |
7613e0f68513
Fixed to compile with Solaris LDAP library
Timo Sirainen <tss@iki.fi>
parents:
1910
diff
changeset
|
43 #endif |
7613e0f68513
Fixed to compile with Solaris LDAP library
Timo Sirainen <tss@iki.fi>
parents:
1910
diff
changeset
|
44 |
5884
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
45 struct db_ldap_result_iterate_context { |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
46 struct ldap_connection *conn; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
47 LDAPMessage *entry; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
48 struct auth_request *auth_request; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
49 |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
50 struct hash_table *attr_map; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
51 struct var_expand_table *var_table; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
52 |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
53 char *attr, **vals; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
54 const char *name, *value, *template, *val_1_arr[2]; |
6149
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
55 const char *const *static_attrs; |
5884
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
56 BerElement *ber; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
57 |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
58 string_t *var, *debug; |
6144
d779b7220e23
LDAP crashfixes. Based on patch by Katsu Yamamoto.
Timo Sirainen <tss@iki.fi>
parents:
5884
diff
changeset
|
59 unsigned int value_idx; |
5884
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
60 }; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
61 |
5474
331337b735c9
Added type checks to setting defines.
Timo Sirainen <tss@iki.fi>
parents:
5040
diff
changeset
|
62 #define DEF_STR(name) DEF_STRUCT_STR(name, ldap_settings) |
331337b735c9
Added type checks to setting defines.
Timo Sirainen <tss@iki.fi>
parents:
5040
diff
changeset
|
63 #define DEF_INT(name) DEF_STRUCT_INT(name, ldap_settings) |
331337b735c9
Added type checks to setting defines.
Timo Sirainen <tss@iki.fi>
parents:
5040
diff
changeset
|
64 #define DEF_BOOL(name) DEF_STRUCT_BOOL(name, ldap_settings) |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
65 |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
66 static struct setting_def setting_defs[] = { |
5474
331337b735c9
Added type checks to setting defines.
Timo Sirainen <tss@iki.fi>
parents:
5040
diff
changeset
|
67 DEF_STR(hosts), |
331337b735c9
Added type checks to setting defines.
Timo Sirainen <tss@iki.fi>
parents:
5040
diff
changeset
|
68 DEF_STR(uris), |
331337b735c9
Added type checks to setting defines.
Timo Sirainen <tss@iki.fi>
parents:
5040
diff
changeset
|
69 DEF_STR(dn), |
331337b735c9
Added type checks to setting defines.
Timo Sirainen <tss@iki.fi>
parents:
5040
diff
changeset
|
70 DEF_STR(dnpass), |
331337b735c9
Added type checks to setting defines.
Timo Sirainen <tss@iki.fi>
parents:
5040
diff
changeset
|
71 DEF_BOOL(auth_bind), |
331337b735c9
Added type checks to setting defines.
Timo Sirainen <tss@iki.fi>
parents:
5040
diff
changeset
|
72 DEF_STR(auth_bind_userdn), |
331337b735c9
Added type checks to setting defines.
Timo Sirainen <tss@iki.fi>
parents:
5040
diff
changeset
|
73 DEF_BOOL(tls), |
331337b735c9
Added type checks to setting defines.
Timo Sirainen <tss@iki.fi>
parents:
5040
diff
changeset
|
74 DEF_BOOL(sasl_bind), |
331337b735c9
Added type checks to setting defines.
Timo Sirainen <tss@iki.fi>
parents:
5040
diff
changeset
|
75 DEF_STR(sasl_mech), |
331337b735c9
Added type checks to setting defines.
Timo Sirainen <tss@iki.fi>
parents:
5040
diff
changeset
|
76 DEF_STR(sasl_realm), |
331337b735c9
Added type checks to setting defines.
Timo Sirainen <tss@iki.fi>
parents:
5040
diff
changeset
|
77 DEF_STR(sasl_authz_id), |
331337b735c9
Added type checks to setting defines.
Timo Sirainen <tss@iki.fi>
parents:
5040
diff
changeset
|
78 DEF_STR(deref), |
331337b735c9
Added type checks to setting defines.
Timo Sirainen <tss@iki.fi>
parents:
5040
diff
changeset
|
79 DEF_STR(scope), |
331337b735c9
Added type checks to setting defines.
Timo Sirainen <tss@iki.fi>
parents:
5040
diff
changeset
|
80 DEF_STR(base), |
331337b735c9
Added type checks to setting defines.
Timo Sirainen <tss@iki.fi>
parents:
5040
diff
changeset
|
81 DEF_INT(ldap_version), |
331337b735c9
Added type checks to setting defines.
Timo Sirainen <tss@iki.fi>
parents:
5040
diff
changeset
|
82 DEF_STR(user_attrs), |
331337b735c9
Added type checks to setting defines.
Timo Sirainen <tss@iki.fi>
parents:
5040
diff
changeset
|
83 DEF_STR(user_filter), |
331337b735c9
Added type checks to setting defines.
Timo Sirainen <tss@iki.fi>
parents:
5040
diff
changeset
|
84 DEF_STR(pass_attrs), |
331337b735c9
Added type checks to setting defines.
Timo Sirainen <tss@iki.fi>
parents:
5040
diff
changeset
|
85 DEF_STR(pass_filter), |
331337b735c9
Added type checks to setting defines.
Timo Sirainen <tss@iki.fi>
parents:
5040
diff
changeset
|
86 DEF_STR(default_pass_scheme), |
3913
af15aab60ff1
Settings' default listing wasn't ended properly, which could have caused
Timo Sirainen <tss@iki.fi>
parents:
3908
diff
changeset
|
87 |
af15aab60ff1
Settings' default listing wasn't ended properly, which could have caused
Timo Sirainen <tss@iki.fi>
parents:
3908
diff
changeset
|
88 { 0, NULL, 0 } |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
89 }; |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
90 |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
91 struct ldap_settings default_ldap_settings = { |
1910 | 92 MEMBER(hosts) NULL, |
93 MEMBER(uris) NULL, | |
1075
f1401fa7ab03
auth process fixes, LDAP seems to be working (with the kludge define or
Timo Sirainen <tss@iki.fi>
parents:
1062
diff
changeset
|
94 MEMBER(dn) NULL, |
f1401fa7ab03
auth process fixes, LDAP seems to be working (with the kludge define or
Timo Sirainen <tss@iki.fi>
parents:
1062
diff
changeset
|
95 MEMBER(dnpass) NULL, |
3771
4b6d962485b9
Added authentication bind support. Patch by J.M. Maurer.
Timo Sirainen <tss@iki.fi>
parents:
3731
diff
changeset
|
96 MEMBER(auth_bind) FALSE, |
3840
935f12d0d2fe
Added fast authbinding and auth_bind_userdn setting. Patch by Geff
Timo Sirainen <tss@iki.fi>
parents:
3771
diff
changeset
|
97 MEMBER(auth_bind_userdn) NULL, |
4415
b91816cd1d16
Added TLS support for LDAP if the library supports it.
Timo Sirainen <tss@iki.fi>
parents:
4405
diff
changeset
|
98 MEMBER(tls) FALSE, |
4319
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
99 MEMBER(sasl_bind) FALSE, |
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
100 MEMBER(sasl_mech) NULL, |
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
101 MEMBER(sasl_realm) NULL, |
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
102 MEMBER(sasl_authz_id) NULL, |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
103 MEMBER(deref) "never", |
1135
81930fff13cf
passdb ldap added. fixes to userdb ldap.
Timo Sirainen <tss@iki.fi>
parents:
1086
diff
changeset
|
104 MEMBER(scope) "subtree", |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
105 MEMBER(base) NULL, |
1282 | 106 MEMBER(ldap_version) 2, |
6147
45a12a1bd299
Changed default pass_attrs and user_attrs to use the new format.
Timo Sirainen <tss@iki.fi>
parents:
6144
diff
changeset
|
107 MEMBER(user_attrs) "homeDirectory=home,uidNumber=uid,gidNumber=gid", |
3094
d78e9a31b6d8
Move default filters/attrs to setting defaults rather than check it from
Timo Sirainen <tss@iki.fi>
parents:
2994
diff
changeset
|
108 MEMBER(user_filter) "(&(objectClass=posixAccount)(uid=%u))", |
6147
45a12a1bd299
Changed default pass_attrs and user_attrs to use the new format.
Timo Sirainen <tss@iki.fi>
parents:
6144
diff
changeset
|
109 MEMBER(pass_attrs) "uid=user,userPassword=password", |
3094
d78e9a31b6d8
Move default filters/attrs to setting defaults rather than check it from
Timo Sirainen <tss@iki.fi>
parents:
2994
diff
changeset
|
110 MEMBER(pass_filter) "(&(objectClass=posixAccount)(uid=%u))", |
5872
93bd157917ca
Changed userdb callback API. Don't require uid/gid to be returned by userdb.
Timo Sirainen <tss@iki.fi>
parents:
5554
diff
changeset
|
111 MEMBER(default_pass_scheme) "crypt" |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
112 }; |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
113 |
1143
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
114 static struct ldap_connection *ldap_connections = NULL; |
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
115 |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
116 static int db_ldap_bind(struct ldap_connection *conn); |
3863
55df57c028d4
Added "bool" type and changed all ints that were used as booleans to bool.
Timo Sirainen <tss@iki.fi>
parents:
3840
diff
changeset
|
117 static void ldap_conn_close(struct ldap_connection *conn, bool flush_requests); |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
118 |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
119 static int deref2str(const char *str) |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
120 { |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
121 if (strcasecmp(str, "never") == 0) |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
122 return LDAP_DEREF_NEVER; |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
123 if (strcasecmp(str, "searching") == 0) |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
124 return LDAP_DEREF_SEARCHING; |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
125 if (strcasecmp(str, "finding") == 0) |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
126 return LDAP_DEREF_FINDING; |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
127 if (strcasecmp(str, "always") == 0) |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
128 return LDAP_DEREF_ALWAYS; |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
129 |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
130 i_fatal("LDAP: Unknown deref option '%s'", str); |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
131 } |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
132 |
1135
81930fff13cf
passdb ldap added. fixes to userdb ldap.
Timo Sirainen <tss@iki.fi>
parents:
1086
diff
changeset
|
133 static int scope2str(const char *str) |
81930fff13cf
passdb ldap added. fixes to userdb ldap.
Timo Sirainen <tss@iki.fi>
parents:
1086
diff
changeset
|
134 { |
81930fff13cf
passdb ldap added. fixes to userdb ldap.
Timo Sirainen <tss@iki.fi>
parents:
1086
diff
changeset
|
135 if (strcasecmp(str, "base") == 0) |
81930fff13cf
passdb ldap added. fixes to userdb ldap.
Timo Sirainen <tss@iki.fi>
parents:
1086
diff
changeset
|
136 return LDAP_SCOPE_BASE; |
81930fff13cf
passdb ldap added. fixes to userdb ldap.
Timo Sirainen <tss@iki.fi>
parents:
1086
diff
changeset
|
137 if (strcasecmp(str, "onelevel") == 0) |
81930fff13cf
passdb ldap added. fixes to userdb ldap.
Timo Sirainen <tss@iki.fi>
parents:
1086
diff
changeset
|
138 return LDAP_SCOPE_ONELEVEL; |
81930fff13cf
passdb ldap added. fixes to userdb ldap.
Timo Sirainen <tss@iki.fi>
parents:
1086
diff
changeset
|
139 if (strcasecmp(str, "subtree") == 0) |
81930fff13cf
passdb ldap added. fixes to userdb ldap.
Timo Sirainen <tss@iki.fi>
parents:
1086
diff
changeset
|
140 return LDAP_SCOPE_SUBTREE; |
81930fff13cf
passdb ldap added. fixes to userdb ldap.
Timo Sirainen <tss@iki.fi>
parents:
1086
diff
changeset
|
141 |
81930fff13cf
passdb ldap added. fixes to userdb ldap.
Timo Sirainen <tss@iki.fi>
parents:
1086
diff
changeset
|
142 i_fatal("LDAP: Unknown scope option '%s'", str); |
81930fff13cf
passdb ldap added. fixes to userdb ldap.
Timo Sirainen <tss@iki.fi>
parents:
1086
diff
changeset
|
143 } |
81930fff13cf
passdb ldap added. fixes to userdb ldap.
Timo Sirainen <tss@iki.fi>
parents:
1086
diff
changeset
|
144 |
5006
129aa779a7f8
Last change for making ldap_bind() error handling better was actually
Timo Sirainen <tss@iki.fi>
parents:
4996
diff
changeset
|
145 static int ldap_get_errno(struct ldap_connection *conn) |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
146 { |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
147 int ret, err; |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
148 |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
149 ret = ldap_get_option(conn->ld, LDAP_OPT_ERROR_NUMBER, (void *) &err); |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
150 if (ret != LDAP_SUCCESS) { |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
151 i_error("LDAP: Can't get error number: %s", |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
152 ldap_err2string(ret)); |
6368
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
153 return LDAP_UNAVAILABLE; |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
154 } |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
155 |
5006
129aa779a7f8
Last change for making ldap_bind() error handling better was actually
Timo Sirainen <tss@iki.fi>
parents:
4996
diff
changeset
|
156 return err; |
129aa779a7f8
Last change for making ldap_bind() error handling better was actually
Timo Sirainen <tss@iki.fi>
parents:
4996
diff
changeset
|
157 } |
129aa779a7f8
Last change for making ldap_bind() error handling better was actually
Timo Sirainen <tss@iki.fi>
parents:
4996
diff
changeset
|
158 |
129aa779a7f8
Last change for making ldap_bind() error handling better was actually
Timo Sirainen <tss@iki.fi>
parents:
4996
diff
changeset
|
159 const char *ldap_get_error(struct ldap_connection *conn) |
129aa779a7f8
Last change for making ldap_bind() error handling better was actually
Timo Sirainen <tss@iki.fi>
parents:
4996
diff
changeset
|
160 { |
129aa779a7f8
Last change for making ldap_bind() error handling better was actually
Timo Sirainen <tss@iki.fi>
parents:
4996
diff
changeset
|
161 return ldap_err2string(ldap_get_errno(conn)); |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
162 } |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
163 |
4772
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
164 void db_ldap_add_delayed_request(struct ldap_connection *conn, |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
165 struct ldap_request *request) |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
166 { |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
167 request->next = NULL; |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
168 |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
169 if (conn->delayed_requests_head == NULL) |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
170 conn->delayed_requests_head = request; |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
171 else |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
172 conn->delayed_requests_tail->next = request; |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
173 conn->delayed_requests_tail = request; |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
174 } |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
175 |
5037
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
176 static void db_ldap_handle_next_delayed_request(struct ldap_connection *conn) |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
177 { |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
178 struct ldap_request *request; |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
179 |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
180 if (conn->delayed_requests_head == NULL) |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
181 return; |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
182 |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
183 request = conn->delayed_requests_head; |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
184 conn->delayed_requests_head = request->next; |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
185 if (conn->delayed_requests_head == NULL) |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
186 conn->delayed_requests_tail = NULL; |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
187 |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
188 conn->retrying = TRUE; |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
189 if (request->filter == NULL) |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
190 request->callback(conn, request, NULL); |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
191 else |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
192 db_ldap_search(conn, request, conn->set.ldap_scope); |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
193 conn->retrying = FALSE; |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
194 } |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
195 |
6368
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
196 static void ldap_conn_reconnect(struct ldap_connection *conn) |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
197 { |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
198 ldap_conn_close(conn, FALSE); |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
199 |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
200 if (db_ldap_connect(conn) < 0) { |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
201 /* failed to reconnect. fail all requests. */ |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
202 ldap_conn_close(conn, TRUE); |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
203 } |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
204 } |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
205 |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
206 static void ldap_handle_error(struct ldap_connection *conn) |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
207 { |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
208 int err = ldap_get_errno(conn); |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
209 |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
210 switch (err) { |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
211 case LDAP_SUCCESS: |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
212 i_unreached(); |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
213 case LDAP_SIZELIMIT_EXCEEDED: |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
214 case LDAP_TIMELIMIT_EXCEEDED: |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
215 case LDAP_NO_SUCH_ATTRIBUTE: |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
216 case LDAP_UNDEFINED_TYPE: |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
217 case LDAP_INAPPROPRIATE_MATCHING: |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
218 case LDAP_CONSTRAINT_VIOLATION: |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
219 case LDAP_TYPE_OR_VALUE_EXISTS: |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
220 case LDAP_INVALID_SYNTAX: |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
221 case LDAP_NO_SUCH_OBJECT: |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
222 case LDAP_ALIAS_PROBLEM: |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
223 case LDAP_INVALID_DN_SYNTAX: |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
224 case LDAP_IS_LEAF: |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
225 case LDAP_ALIAS_DEREF_PROBLEM: |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
226 case LDAP_FILTER_ERROR: |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
227 /* invalid input */ |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
228 break; |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
229 case LDAP_SERVER_DOWN: |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
230 case LDAP_TIMEOUT: |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
231 case LDAP_UNAVAILABLE: |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
232 case LDAP_BUSY: |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
233 #ifdef LDAP_CONNECT_ERROR |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
234 case LDAP_CONNECT_ERROR: |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
235 #endif |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
236 case LDAP_LOCAL_ERROR: |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
237 case LDAP_INVALID_CREDENTIALS: |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
238 default: |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
239 /* connection problems */ |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
240 ldap_conn_reconnect(conn); |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
241 break; |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
242 } |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
243 } |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
244 |
3771
4b6d962485b9
Added authentication bind support. Patch by J.M. Maurer.
Timo Sirainen <tss@iki.fi>
parents:
3731
diff
changeset
|
245 void db_ldap_search(struct ldap_connection *conn, struct ldap_request *request, |
4b6d962485b9
Added authentication bind support. Patch by J.M. Maurer.
Timo Sirainen <tss@iki.fi>
parents:
3731
diff
changeset
|
246 int scope) |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
247 { |
6368
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
248 int try, msgid = -1; |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
249 |
4742 | 250 if (db_ldap_connect(conn) < 0) { |
251 request->callback(conn, request, NULL); | |
252 return; | |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
253 } |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
254 |
6368
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
255 for (try = 0; conn->connected && !conn->binding && try < 2; try++) { |
4751 | 256 if (conn->last_auth_bind) { |
257 /* switch back to the default dn before doing the | |
258 search request. */ | |
259 if (db_ldap_bind(conn) < 0) { | |
260 request->callback(conn, request, NULL); | |
261 return; | |
262 } | |
6368
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
263 break; |
4751 | 264 } |
265 | |
266 msgid = ldap_search(conn->ld, request->base, scope, | |
267 request->filter, request->attributes, 0); | |
268 if (msgid == -1) { | |
269 i_error("LDAP: ldap_search() failed (filter %s): %s", | |
270 request->filter, ldap_get_error(conn)); | |
6368
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
271 ldap_handle_error(conn); |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
272 } |
6368
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
273 } |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
274 |
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
275 if (msgid != -1) |
4772
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
276 hash_insert(conn->requests, POINTER_CAST(msgid), request); |
6368
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
277 else |
4772
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
278 db_ldap_add_delayed_request(conn, request); |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
279 } |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
280 |
3731
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
281 static void ldap_conn_retry_requests(struct ldap_connection *conn) |
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
282 { |
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
283 struct hash_table *old_requests; |
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
284 struct hash_iterate_context *iter; |
4772
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
285 struct ldap_request *request, **p, *next; |
3731
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
286 void *key, *value; |
4772
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
287 bool have_hash_binds = FALSE; |
3731
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
288 |
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
289 i_assert(conn->connected); |
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
290 |
4772
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
291 if (hash_size(conn->requests) == 0 && |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
292 conn->delayed_requests_head == NULL) |
3731
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
293 return; |
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
294 |
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
295 old_requests = conn->requests; |
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
296 conn->requests = hash_create(default_pool, conn->pool, 0, NULL, NULL); |
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
297 |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
298 conn->retrying = TRUE; |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
299 /* first retry all the search requests */ |
3731
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
300 iter = hash_iterate_init(old_requests); |
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
301 while (hash_iterate(iter, &key, &value)) { |
4772
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
302 request = value; |
3731
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
303 |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
304 if (request->filter == NULL) { |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
305 /* bind request */ |
4772
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
306 have_hash_binds = TRUE; |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
307 } else { |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
308 i_assert(conn->connected); |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
309 db_ldap_search(conn, request, conn->set.ldap_scope); |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
310 } |
3731
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
311 } |
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
312 hash_iterate_deinit(iter); |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
313 |
4772
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
314 /* then delayed search requests */ |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
315 p = &conn->delayed_requests_head; |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
316 while (*p != NULL) { |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
317 request = *p; |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
318 |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
319 if (request->filter != NULL) { |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
320 *p = request->next; |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
321 |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
322 i_assert(conn->connected); |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
323 db_ldap_search(conn, request, conn->set.ldap_scope); |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
324 } else { |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
325 p = &(*p)->next; |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
326 } |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
327 } |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
328 |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
329 if (have_hash_binds && conn->set.auth_bind) { |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
330 /* next retry all the bind requests. without auth binds the |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
331 only bind request can be the initial connection binding, |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
332 which we don't care to retry. */ |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
333 iter = hash_iterate_init(old_requests); |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
334 while (hash_iterate(iter, &key, &value)) { |
4772
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
335 request = value; |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
336 |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
337 if (request->filter == NULL) |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
338 request->callback(conn, request, NULL); |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
339 } |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
340 hash_iterate_deinit(iter); |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
341 } |
4772
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
342 if (conn->delayed_requests_head != NULL && conn->set.auth_bind) { |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
343 request = conn->delayed_requests_head; |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
344 for (; request != NULL; request = next) { |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
345 next = request->next; |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
346 |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
347 i_assert(request->filter == NULL); |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
348 request->callback(conn, request, NULL); |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
349 } |
6152
58144db52331
Retrying delayed auth binds after LDAP server reconnection assert-crashed.
Timo Sirainen <tss@iki.fi>
parents:
6149
diff
changeset
|
350 conn->delayed_requests_head = NULL; |
4772
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
351 } |
3731
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
352 hash_destroy(old_requests); |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
353 |
4772
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
354 i_assert(conn->delayed_requests_head == NULL); |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
355 conn->delayed_requests_tail = NULL; |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
356 conn->retrying = FALSE; |
3731
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
357 } |
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
358 |
4907
5b4c9b20eba0
Replaced void *context from a lot of callbacks with the actual context
Timo Sirainen <tss@iki.fi>
parents:
4903
diff
changeset
|
359 static void ldap_input(struct ldap_connection *conn) |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
360 { |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
361 struct ldap_request *request; |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
362 struct timeval timeout; |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
363 LDAPMessage *res; |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
364 int ret, msgid; |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
365 |
5037
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
366 for (;;) { |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
367 if (conn->ld == NULL) |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
368 return; |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
369 |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
370 memset(&timeout, 0, sizeof(timeout)); |
1181
ac7dbb236b59
Rather than block for two seconds, we can just call ldap_result() again if
Timo Sirainen <tss@iki.fi>
parents:
1143
diff
changeset
|
371 ret = ldap_result(conn->ld, LDAP_RES_ANY, 1, &timeout, &res); |
1075
f1401fa7ab03
auth process fixes, LDAP seems to be working (with the kludge define or
Timo Sirainen <tss@iki.fi>
parents:
1062
diff
changeset
|
372 #ifdef OPENLDAP_ASYNC_WORKAROUND |
1181
ac7dbb236b59
Rather than block for two seconds, we can just call ldap_result() again if
Timo Sirainen <tss@iki.fi>
parents:
1143
diff
changeset
|
373 if (ret == 0) { |
ac7dbb236b59
Rather than block for two seconds, we can just call ldap_result() again if
Timo Sirainen <tss@iki.fi>
parents:
1143
diff
changeset
|
374 /* try again, there may be another in buffer */ |
ac7dbb236b59
Rather than block for two seconds, we can just call ldap_result() again if
Timo Sirainen <tss@iki.fi>
parents:
1143
diff
changeset
|
375 ret = ldap_result(conn->ld, LDAP_RES_ANY, 1, |
ac7dbb236b59
Rather than block for two seconds, we can just call ldap_result() again if
Timo Sirainen <tss@iki.fi>
parents:
1143
diff
changeset
|
376 &timeout, &res); |
ac7dbb236b59
Rather than block for two seconds, we can just call ldap_result() again if
Timo Sirainen <tss@iki.fi>
parents:
1143
diff
changeset
|
377 } |
1075
f1401fa7ab03
auth process fixes, LDAP seems to be working (with the kludge define or
Timo Sirainen <tss@iki.fi>
parents:
1062
diff
changeset
|
378 #endif |
5037
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
379 if (ret <= 0) |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
380 break; |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
381 |
1210 | 382 msgid = ldap_msgid(res); |
383 request = hash_lookup(conn->requests, POINTER_CAST(msgid)); | |
384 if (request == NULL) { | |
385 i_error("LDAP: Reply with unknown msgid %d", | |
386 msgid); | |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
387 } else { |
1210 | 388 hash_remove(conn->requests, POINTER_CAST(msgid)); |
389 request->callback(conn, request, res); | |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
390 } |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
391 |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
392 ldap_msgfree(res); |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
393 } |
5037
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
394 |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
395 if (ret < 0) { |
6368
a930c2ecd73c
Reconnect if ldap_search() returns a failure related to connection problems.
Timo Sirainen <tss@iki.fi>
parents:
6198
diff
changeset
|
396 i_error("LDAP: ldap_result() failed: %s", ldap_get_error(conn)); |
6369
f7cc3723ad99
Actually reconnect always if ldap_result() fails for any reason. There
Timo Sirainen <tss@iki.fi>
parents:
6368
diff
changeset
|
397 ldap_conn_reconnect(conn); |
5037
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
398 } else { |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
399 if (!conn->binding) |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
400 db_ldap_handle_next_delayed_request(conn); |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
401 } |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
402 } |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
403 |
4426
b8089cf41c96
Check for sasl.h and sasl/sasl.h existence and use the one that's found. If
Timo Sirainen <tss@iki.fi>
parents:
4415
diff
changeset
|
404 #ifdef HAVE_LDAP_SASL |
4405
fe17f63521ea
Compiler warning fixes and some coding style cleanups.
Timo Sirainen <tss@iki.fi>
parents:
4319
diff
changeset
|
405 static int |
fe17f63521ea
Compiler warning fixes and some coding style cleanups.
Timo Sirainen <tss@iki.fi>
parents:
4319
diff
changeset
|
406 sasl_interact(LDAP *ld __attr_unused__, unsigned flags __attr_unused__, |
fe17f63521ea
Compiler warning fixes and some coding style cleanups.
Timo Sirainen <tss@iki.fi>
parents:
4319
diff
changeset
|
407 void *defaults, void *interact) |
4319
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
408 { |
4426
b8089cf41c96
Check for sasl.h and sasl/sasl.h existence and use the one that's found. If
Timo Sirainen <tss@iki.fi>
parents:
4415
diff
changeset
|
409 struct ldap_sasl_bind_context *context = defaults; |
4319
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
410 sasl_interact_t *in; |
4405
fe17f63521ea
Compiler warning fixes and some coding style cleanups.
Timo Sirainen <tss@iki.fi>
parents:
4319
diff
changeset
|
411 const char *str; |
4319
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
412 |
4405
fe17f63521ea
Compiler warning fixes and some coding style cleanups.
Timo Sirainen <tss@iki.fi>
parents:
4319
diff
changeset
|
413 for (in = interact; in->id != SASL_CB_LIST_END; in++) { |
fe17f63521ea
Compiler warning fixes and some coding style cleanups.
Timo Sirainen <tss@iki.fi>
parents:
4319
diff
changeset
|
414 switch (in->id) { |
4319
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
415 case SASL_CB_GETREALM: |
4405
fe17f63521ea
Compiler warning fixes and some coding style cleanups.
Timo Sirainen <tss@iki.fi>
parents:
4319
diff
changeset
|
416 str = context->realm; |
4319
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
417 break; |
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
418 case SASL_CB_AUTHNAME: |
4405
fe17f63521ea
Compiler warning fixes and some coding style cleanups.
Timo Sirainen <tss@iki.fi>
parents:
4319
diff
changeset
|
419 str = context->authcid; |
4319
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
420 break; |
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
421 case SASL_CB_USER: |
4405
fe17f63521ea
Compiler warning fixes and some coding style cleanups.
Timo Sirainen <tss@iki.fi>
parents:
4319
diff
changeset
|
422 str = context->authzid; |
4319
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
423 break; |
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
424 case SASL_CB_PASS: |
4405
fe17f63521ea
Compiler warning fixes and some coding style cleanups.
Timo Sirainen <tss@iki.fi>
parents:
4319
diff
changeset
|
425 str = context->passwd; |
fe17f63521ea
Compiler warning fixes and some coding style cleanups.
Timo Sirainen <tss@iki.fi>
parents:
4319
diff
changeset
|
426 break; |
fe17f63521ea
Compiler warning fixes and some coding style cleanups.
Timo Sirainen <tss@iki.fi>
parents:
4319
diff
changeset
|
427 default: |
fe17f63521ea
Compiler warning fixes and some coding style cleanups.
Timo Sirainen <tss@iki.fi>
parents:
4319
diff
changeset
|
428 str = NULL; |
4319
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
429 break; |
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
430 } |
4405
fe17f63521ea
Compiler warning fixes and some coding style cleanups.
Timo Sirainen <tss@iki.fi>
parents:
4319
diff
changeset
|
431 if (str != NULL) { |
fe17f63521ea
Compiler warning fixes and some coding style cleanups.
Timo Sirainen <tss@iki.fi>
parents:
4319
diff
changeset
|
432 in->len = strlen(str); |
fe17f63521ea
Compiler warning fixes and some coding style cleanups.
Timo Sirainen <tss@iki.fi>
parents:
4319
diff
changeset
|
433 in->result = str; |
4319
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
434 } |
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
435 |
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
436 } |
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
437 return LDAP_SUCCESS; |
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
438 } |
4426
b8089cf41c96
Check for sasl.h and sasl/sasl.h existence and use the one that's found. If
Timo Sirainen <tss@iki.fi>
parents:
4415
diff
changeset
|
439 #endif |
4319
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
440 |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
441 static int db_ldap_connect_finish(struct ldap_connection *conn, int ret) |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
442 { |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
443 if (ret == LDAP_SERVER_DOWN) { |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
444 i_error("LDAP: Can't connect to server: %s", |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
445 conn->set.uris != NULL ? |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
446 conn->set.uris : conn->set.hosts); |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
447 return -1; |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
448 } |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
449 if (ret != LDAP_SUCCESS) { |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
450 i_error("LDAP: binding failed (dn %s): %s", |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
451 conn->set.dn == NULL ? "(none)" : conn->set.dn, |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
452 ldap_get_error(conn)); |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
453 return -1; |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
454 } |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
455 |
4751 | 456 if (!conn->connected) { |
457 conn->connected = TRUE; | |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
458 |
4751 | 459 /* in case there are requests waiting, retry them */ |
460 ldap_conn_retry_requests(conn); | |
461 } | |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
462 return 0; |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
463 } |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
464 |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
465 static void db_ldap_bind_callback(struct ldap_connection *conn, |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
466 struct ldap_request *ldap_request, |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
467 LDAPMessage *res) |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
468 { |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
469 int ret; |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
470 |
5037
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
471 conn->binding = FALSE; |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
472 conn->connecting = FALSE; |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
473 i_free(ldap_request); |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
474 |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
475 if (res == NULL) { |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
476 /* aborted */ |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
477 return; |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
478 } |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
479 |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
480 ret = ldap_result2error(conn->ld, res, FALSE); |
4751 | 481 if (db_ldap_connect_finish(conn, ret) < 0) { |
482 /* lost connection, close it */ | |
483 ldap_conn_close(conn, TRUE); | |
484 } | |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
485 } |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
486 |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
487 static int db_ldap_bind(struct ldap_connection *conn) |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
488 { |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
489 struct ldap_request *ldap_request; |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
490 int msgid; |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
491 |
5037
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
492 i_assert(!conn->binding); |
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
493 |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
494 ldap_request = i_new(struct ldap_request, 1); |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
495 ldap_request->callback = db_ldap_bind_callback; |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
496 ldap_request->context = conn; |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
497 |
4996
cfef56a6bf4a
If ldap_bind() fails directly, log the "ldap server down" errors more nicely.
Timo Sirainen <tss@iki.fi>
parents:
4907
diff
changeset
|
498 msgid = ldap_bind(conn->ld, conn->set.dn, conn->set.dnpass, |
cfef56a6bf4a
If ldap_bind() fails directly, log the "ldap server down" errors more nicely.
Timo Sirainen <tss@iki.fi>
parents:
4907
diff
changeset
|
499 LDAP_AUTH_SIMPLE); |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
500 if (msgid == -1) { |
5006
129aa779a7f8
Last change for making ldap_bind() error handling better was actually
Timo Sirainen <tss@iki.fi>
parents:
4996
diff
changeset
|
501 db_ldap_connect_finish(conn, ldap_get_errno(conn)); |
4742 | 502 i_free(ldap_request); |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
503 return -1; |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
504 } |
4751 | 505 |
506 conn->connecting = TRUE; | |
5037
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
507 conn->binding = TRUE; |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
508 hash_insert(conn->requests, POINTER_CAST(msgid), ldap_request); |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
509 |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
510 /* we're binding back to the original DN, not doing an |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
511 authentication bind */ |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
512 conn->last_auth_bind = FALSE; |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
513 return 0; |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
514 } |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
515 |
4742 | 516 static void db_ldap_get_fd(struct ldap_connection *conn) |
517 { | |
518 int ret; | |
519 | |
520 /* get the connection's fd */ | |
521 ret = ldap_get_option(conn->ld, LDAP_OPT_DESC, (void *)&conn->fd); | |
522 if (ret != LDAP_SUCCESS) { | |
523 i_fatal("LDAP: Can't get connection fd: %s", | |
524 ldap_err2string(ret)); | |
525 } | |
526 i_assert(conn->fd != -1); | |
527 net_set_nonblock(conn->fd, TRUE); | |
528 } | |
529 | |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
530 int db_ldap_connect(struct ldap_connection *conn) |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
531 { |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
532 unsigned int ldap_version; |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
533 int ret; |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
534 |
4742 | 535 if (conn->connected || conn->connecting) |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
536 return 0; |
5037
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
537 i_assert(!conn->binding); |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
538 |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
539 if (conn->ld == NULL) { |
1910 | 540 if (conn->set.uris != NULL) { |
2325
7613e0f68513
Fixed to compile with Solaris LDAP library
Timo Sirainen <tss@iki.fi>
parents:
1910
diff
changeset
|
541 #ifdef LDAP_HAVE_INITIALIZE |
1910 | 542 if (ldap_initialize(&conn->ld, conn->set.uris) != LDAP_SUCCESS) |
543 conn->ld = NULL; | |
2325
7613e0f68513
Fixed to compile with Solaris LDAP library
Timo Sirainen <tss@iki.fi>
parents:
1910
diff
changeset
|
544 #else |
7613e0f68513
Fixed to compile with Solaris LDAP library
Timo Sirainen <tss@iki.fi>
parents:
1910
diff
changeset
|
545 i_fatal("LDAP: Your LDAP library doesn't support " |
7613e0f68513
Fixed to compile with Solaris LDAP library
Timo Sirainen <tss@iki.fi>
parents:
1910
diff
changeset
|
546 "'uris' setting, use 'hosts' instead."); |
7613e0f68513
Fixed to compile with Solaris LDAP library
Timo Sirainen <tss@iki.fi>
parents:
1910
diff
changeset
|
547 #endif |
1910 | 548 } else |
549 conn->ld = ldap_init(conn->set.hosts, LDAP_PORT); | |
550 | |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
551 if (conn->ld == NULL) |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
552 i_fatal("LDAP: ldap_init() failed with hosts: %s", |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
553 conn->set.hosts); |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
554 |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
555 ret = ldap_set_option(conn->ld, LDAP_OPT_DEREF, |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
556 (void *)&conn->set.ldap_deref); |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
557 if (ret != LDAP_SUCCESS) { |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
558 i_fatal("LDAP: Can't set deref option: %s", |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
559 ldap_err2string(ret)); |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
560 } |
1282 | 561 |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
562 /* If SASL binds are used, the protocol version needs to be |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
563 at least 3 */ |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
564 ldap_version = conn->set.sasl_bind && |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
565 conn->set.ldap_version < 3 ? 3 : |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
566 conn->set.ldap_version; |
1282 | 567 ret = ldap_set_option(conn->ld, LDAP_OPT_PROTOCOL_VERSION, |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
568 (void *)&ldap_version); |
1282 | 569 if (ret != LDAP_OPT_SUCCESS) { |
570 i_fatal("LDAP: Can't set protocol version %u: %s", | |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
571 ldap_version, ldap_err2string(ret)); |
1282 | 572 } |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
573 } |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
574 |
4415
b91816cd1d16
Added TLS support for LDAP if the library supports it.
Timo Sirainen <tss@iki.fi>
parents:
4405
diff
changeset
|
575 if (conn->set.tls) { |
b91816cd1d16
Added TLS support for LDAP if the library supports it.
Timo Sirainen <tss@iki.fi>
parents:
4405
diff
changeset
|
576 #ifdef LDAP_HAVE_START_TLS_S |
b91816cd1d16
Added TLS support for LDAP if the library supports it.
Timo Sirainen <tss@iki.fi>
parents:
4405
diff
changeset
|
577 ret = ldap_start_tls_s(conn->ld, NULL, NULL); |
b91816cd1d16
Added TLS support for LDAP if the library supports it.
Timo Sirainen <tss@iki.fi>
parents:
4405
diff
changeset
|
578 if (ret != LDAP_SUCCESS) { |
b91816cd1d16
Added TLS support for LDAP if the library supports it.
Timo Sirainen <tss@iki.fi>
parents:
4405
diff
changeset
|
579 i_error("LDAP: ldap_start_tls_s() failed: %s", |
b91816cd1d16
Added TLS support for LDAP if the library supports it.
Timo Sirainen <tss@iki.fi>
parents:
4405
diff
changeset
|
580 ldap_err2string(ret)); |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
581 return -1; |
4415
b91816cd1d16
Added TLS support for LDAP if the library supports it.
Timo Sirainen <tss@iki.fi>
parents:
4405
diff
changeset
|
582 } |
b91816cd1d16
Added TLS support for LDAP if the library supports it.
Timo Sirainen <tss@iki.fi>
parents:
4405
diff
changeset
|
583 #else |
b91816cd1d16
Added TLS support for LDAP if the library supports it.
Timo Sirainen <tss@iki.fi>
parents:
4405
diff
changeset
|
584 i_error("LDAP: Your LDAP library doesn't support TLS"); |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
585 return -1; |
4415
b91816cd1d16
Added TLS support for LDAP if the library supports it.
Timo Sirainen <tss@iki.fi>
parents:
4405
diff
changeset
|
586 #endif |
b91816cd1d16
Added TLS support for LDAP if the library supports it.
Timo Sirainen <tss@iki.fi>
parents:
4405
diff
changeset
|
587 } |
b91816cd1d16
Added TLS support for LDAP if the library supports it.
Timo Sirainen <tss@iki.fi>
parents:
4405
diff
changeset
|
588 |
4319
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
589 if (conn->set.sasl_bind) { |
4426
b8089cf41c96
Check for sasl.h and sasl/sasl.h existence and use the one that's found. If
Timo Sirainen <tss@iki.fi>
parents:
4415
diff
changeset
|
590 #ifdef HAVE_LDAP_SASL |
b8089cf41c96
Check for sasl.h and sasl/sasl.h existence and use the one that's found. If
Timo Sirainen <tss@iki.fi>
parents:
4415
diff
changeset
|
591 struct ldap_sasl_bind_context context; |
b8089cf41c96
Check for sasl.h and sasl/sasl.h existence and use the one that's found. If
Timo Sirainen <tss@iki.fi>
parents:
4415
diff
changeset
|
592 |
b8089cf41c96
Check for sasl.h and sasl/sasl.h existence and use the one that's found. If
Timo Sirainen <tss@iki.fi>
parents:
4415
diff
changeset
|
593 memset(&context, 0, sizeof(context)); |
4319
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
594 context.authcid = conn->set.dn; |
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
595 context.passwd = conn->set.dnpass; |
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
596 context.realm = conn->set.sasl_realm; |
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
597 context.authzid = conn->set.sasl_authz_id; |
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
598 |
4743 | 599 /* There doesn't seem to be a way to do SASL binding |
600 asynchronously.. */ | |
4405
fe17f63521ea
Compiler warning fixes and some coding style cleanups.
Timo Sirainen <tss@iki.fi>
parents:
4319
diff
changeset
|
601 ret = ldap_sasl_interactive_bind_s(conn->ld, NULL, |
fe17f63521ea
Compiler warning fixes and some coding style cleanups.
Timo Sirainen <tss@iki.fi>
parents:
4319
diff
changeset
|
602 conn->set.sasl_mech, |
4319
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
603 NULL, NULL, LDAP_SASL_QUIET, |
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
604 sasl_interact, &context); |
4743 | 605 if (db_ldap_connect_finish(conn, ret) < 0) |
606 return -1; | |
607 db_ldap_get_fd(conn); | |
4426
b8089cf41c96
Check for sasl.h and sasl/sasl.h existence and use the one that's found. If
Timo Sirainen <tss@iki.fi>
parents:
4415
diff
changeset
|
608 #else |
b8089cf41c96
Check for sasl.h and sasl/sasl.h existence and use the one that's found. If
Timo Sirainen <tss@iki.fi>
parents:
4415
diff
changeset
|
609 i_fatal("LDAP: sasl_bind=yes but no SASL support compiled in"); |
b8089cf41c96
Check for sasl.h and sasl/sasl.h existence and use the one that's found. If
Timo Sirainen <tss@iki.fi>
parents:
4415
diff
changeset
|
610 #endif |
4319
31a28cd0b020
Added support for SASL binding. Patch by Geert Jansen
Timo Sirainen <tss@iki.fi>
parents:
4295
diff
changeset
|
611 } else { |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
612 if (db_ldap_bind(conn) < 0) |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
613 return -1; |
4742 | 614 db_ldap_get_fd(conn); |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
615 } |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
616 |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
617 conn->io = io_add(conn->fd, IO_READ, ldap_input, conn); |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
618 return 0; |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
619 } |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
620 |
3863
55df57c028d4
Added "bool" type and changed all ints that were used as booleans to bool.
Timo Sirainen <tss@iki.fi>
parents:
3840
diff
changeset
|
621 static void ldap_conn_close(struct ldap_connection *conn, bool flush_requests) |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
622 { |
1897
1e6ed8045f2b
Changed hash_foreach() to iterator.
Timo Sirainen <tss@iki.fi>
parents:
1709
diff
changeset
|
623 struct hash_iterate_context *iter; |
4772
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
624 struct ldap_request *request, *next; |
1897
1e6ed8045f2b
Changed hash_foreach() to iterator.
Timo Sirainen <tss@iki.fi>
parents:
1709
diff
changeset
|
625 void *key, *value; |
1e6ed8045f2b
Changed hash_foreach() to iterator.
Timo Sirainen <tss@iki.fi>
parents:
1709
diff
changeset
|
626 |
3731
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
627 if (flush_requests) { |
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
628 iter = hash_iterate_init(conn->requests); |
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
629 while (hash_iterate(iter, &key, &value)) { |
4772
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
630 request = value; |
1897
1e6ed8045f2b
Changed hash_foreach() to iterator.
Timo Sirainen <tss@iki.fi>
parents:
1709
diff
changeset
|
631 |
3731
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
632 request->callback(conn, request, NULL); |
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
633 } |
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
634 hash_iterate_deinit(iter); |
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
635 hash_clear(conn->requests, FALSE); |
4772
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
636 |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
637 request = conn->delayed_requests_head; |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
638 for (; request != NULL; request = next) { |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
639 next = request->next; |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
640 |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
641 request->callback(conn, request, NULL); |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
642 } |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
643 conn->delayed_requests_head = NULL; |
d36a5df3f492
Handle LDAP requests while being disconnected more correctly.
Timo Sirainen <tss@iki.fi>
parents:
4751
diff
changeset
|
644 conn->delayed_requests_tail = NULL; |
1897
1e6ed8045f2b
Changed hash_foreach() to iterator.
Timo Sirainen <tss@iki.fi>
parents:
1709
diff
changeset
|
645 } |
1210 | 646 |
647 conn->connected = FALSE; | |
5037
d7198e2682c6
Do ldap_bind() only when there are no requests waiting, and don't do
Timo Sirainen <tss@iki.fi>
parents:
5006
diff
changeset
|
648 conn->binding = FALSE; |
1210 | 649 |
3879
928229f8b3e6
deinit, unref, destroy, close, free, etc. functions now take a pointer to
Timo Sirainen <tss@iki.fi>
parents:
3863
diff
changeset
|
650 if (conn->io != NULL) |
928229f8b3e6
deinit, unref, destroy, close, free, etc. functions now take a pointer to
Timo Sirainen <tss@iki.fi>
parents:
3863
diff
changeset
|
651 io_remove(&conn->io); |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
652 |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
653 if (conn->ld != NULL) { |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
654 ldap_unbind(conn->ld); |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
655 conn->ld = NULL; |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
656 } |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
657 conn->fd = -1; |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
658 } |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
659 |
3158
8849f2e380d1
userdb can now return extra parameters to master. Removed special handling
Timo Sirainen <tss@iki.fi>
parents:
3094
diff
changeset
|
660 void db_ldap_set_attrs(struct ldap_connection *conn, const char *attrlist, |
3306
aebed9a9edac
If both userdb and passdb used LDAP the later one was overriding first one's
Timo Sirainen <tss@iki.fi>
parents:
3212
diff
changeset
|
661 char ***attr_names_r, struct hash_table *attr_map, |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
662 const char *skip_attr) |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
663 { |
6175
6c3788e03f7e
Ignore spaces after commas in user_attrs and pass_attrs.
Timo Sirainen <tss@iki.fi>
parents:
6152
diff
changeset
|
664 const char *const *attr, *attr_data, *p; |
6149
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
665 string_t *static_data; |
6175
6c3788e03f7e
Ignore spaces after commas in user_attrs and pass_attrs.
Timo Sirainen <tss@iki.fi>
parents:
6152
diff
changeset
|
666 char *name, *value; |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
667 unsigned int i, j, size; |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
668 |
3158
8849f2e380d1
userdb can now return extra parameters to master. Removed special handling
Timo Sirainen <tss@iki.fi>
parents:
3094
diff
changeset
|
669 if (*attrlist == '\0') |
8849f2e380d1
userdb can now return extra parameters to master. Removed special handling
Timo Sirainen <tss@iki.fi>
parents:
3094
diff
changeset
|
670 return; |
8849f2e380d1
userdb can now return extra parameters to master. Removed special handling
Timo Sirainen <tss@iki.fi>
parents:
3094
diff
changeset
|
671 |
8849f2e380d1
userdb can now return extra parameters to master. Removed special handling
Timo Sirainen <tss@iki.fi>
parents:
3094
diff
changeset
|
672 t_push(); |
8849f2e380d1
userdb can now return extra parameters to master. Removed special handling
Timo Sirainen <tss@iki.fi>
parents:
3094
diff
changeset
|
673 attr = t_strsplit(attrlist, ","); |
6149
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
674 static_data = t_str_new(128); |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
675 |
3212 | 676 /* @UNSAFE */ |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
677 for (size = 0; attr[size] != NULL; size++) ; |
3306
aebed9a9edac
If both userdb and passdb used LDAP the later one was overriding first one's
Timo Sirainen <tss@iki.fi>
parents:
3212
diff
changeset
|
678 *attr_names_r = p_new(conn->pool, char *, size + 1); |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
679 |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
680 for (i = j = 0; i < size; i++) { |
6175
6c3788e03f7e
Ignore spaces after commas in user_attrs and pass_attrs.
Timo Sirainen <tss@iki.fi>
parents:
6152
diff
changeset
|
681 /* allow spaces here so "foo=1, bar=2" works */ |
6c3788e03f7e
Ignore spaces after commas in user_attrs and pass_attrs.
Timo Sirainen <tss@iki.fi>
parents:
6152
diff
changeset
|
682 attr_data = attr[i]; |
6c3788e03f7e
Ignore spaces after commas in user_attrs and pass_attrs.
Timo Sirainen <tss@iki.fi>
parents:
6152
diff
changeset
|
683 while (*attr_data == ' ') attr_data++; |
6c3788e03f7e
Ignore spaces after commas in user_attrs and pass_attrs.
Timo Sirainen <tss@iki.fi>
parents:
6152
diff
changeset
|
684 |
6c3788e03f7e
Ignore spaces after commas in user_attrs and pass_attrs.
Timo Sirainen <tss@iki.fi>
parents:
6152
diff
changeset
|
685 p = strchr(attr_data, '='); |
6148
668a768fc8fd
Removed deprecated pass_attrs and user_attrs configuration method.
Timo Sirainen <tss@iki.fi>
parents:
6147
diff
changeset
|
686 if (p == NULL) |
6175
6c3788e03f7e
Ignore spaces after commas in user_attrs and pass_attrs.
Timo Sirainen <tss@iki.fi>
parents:
6152
diff
changeset
|
687 name = value = p_strdup(conn->pool, attr_data); |
6c3788e03f7e
Ignore spaces after commas in user_attrs and pass_attrs.
Timo Sirainen <tss@iki.fi>
parents:
6152
diff
changeset
|
688 else if (p != attr_data) { |
6c3788e03f7e
Ignore spaces after commas in user_attrs and pass_attrs.
Timo Sirainen <tss@iki.fi>
parents:
6152
diff
changeset
|
689 name = p_strdup_until(conn->pool, attr_data, p); |
3158
8849f2e380d1
userdb can now return extra parameters to master. Removed special handling
Timo Sirainen <tss@iki.fi>
parents:
3094
diff
changeset
|
690 value = p_strdup(conn->pool, p + 1); |
6149
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
691 } else { |
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
692 /* =<static key>=<static value> */ |
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
693 if (str_len(static_data) > 0) |
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
694 str_append_c(static_data, ','); |
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
695 str_append(static_data, p + 1); |
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
696 continue; |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
697 } |
3158
8849f2e380d1
userdb can now return extra parameters to master. Removed special handling
Timo Sirainen <tss@iki.fi>
parents:
3094
diff
changeset
|
698 |
4816
8ac2a2d27364
Cleanup: Don't put string literals into non-const pointers.
Timo Sirainen <tss@iki.fi>
parents:
4806
diff
changeset
|
699 if (*name != '\0' && |
8ac2a2d27364
Cleanup: Don't put string literals into non-const pointers.
Timo Sirainen <tss@iki.fi>
parents:
4806
diff
changeset
|
700 (skip_attr == NULL || strcmp(skip_attr, value) != 0)) { |
3306
aebed9a9edac
If both userdb and passdb used LDAP the later one was overriding first one's
Timo Sirainen <tss@iki.fi>
parents:
3212
diff
changeset
|
701 hash_insert(attr_map, name, value); |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
702 (*attr_names_r)[j++] = name; |
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
703 } |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
704 } |
6149
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
705 if (str_len(static_data) > 0) { |
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
706 hash_insert(attr_map, "", |
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
707 p_strdup(conn->pool, str_c(static_data))); |
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
708 } |
3158
8849f2e380d1
userdb can now return extra parameters to master. Removed special handling
Timo Sirainen <tss@iki.fi>
parents:
3094
diff
changeset
|
709 t_pop(); |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
710 } |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
711 |
5884
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
712 struct var_expand_table * |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
713 db_ldap_value_get_var_expand_table(struct auth_request *auth_request) |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
714 { |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
715 const struct var_expand_table *auth_table; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
716 struct var_expand_table *table; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
717 unsigned int count; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
718 |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
719 auth_table = auth_request_get_var_expand_table(auth_request, NULL); |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
720 for (count = 0; auth_table[count].key != '\0'; count++) ; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
721 count++; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
722 |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
723 table = t_new(struct var_expand_table, count + 1); |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
724 table[0].key = '$'; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
725 memcpy(table + 1, auth_table, sizeof(*table) * count); |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
726 return table; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
727 } |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
728 |
1330
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1282
diff
changeset
|
729 #define IS_LDAP_ESCAPED_CHAR(c) \ |
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1282
diff
changeset
|
730 ((c) == '*' || (c) == '(' || (c) == ')' || (c) == '\\') |
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1282
diff
changeset
|
731 |
4295
4fc637010202
Escape SQL strings using sql_escape_string(). Fixes the problems with
Timo Sirainen <tss@iki.fi>
parents:
4180
diff
changeset
|
732 const char *ldap_escape(const char *str, |
4fc637010202
Escape SQL strings using sql_escape_string(). Fixes the problems with
Timo Sirainen <tss@iki.fi>
parents:
4180
diff
changeset
|
733 const struct auth_request *auth_request __attr_unused__) |
1189
2cb8e2136283
Escape special chars in username if needed.
Timo Sirainen <tss@iki.fi>
parents:
1182
diff
changeset
|
734 { |
2cb8e2136283
Escape special chars in username if needed.
Timo Sirainen <tss@iki.fi>
parents:
1182
diff
changeset
|
735 const char *p; |
1330
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1282
diff
changeset
|
736 string_t *ret; |
1189
2cb8e2136283
Escape special chars in username if needed.
Timo Sirainen <tss@iki.fi>
parents:
1182
diff
changeset
|
737 |
2cb8e2136283
Escape special chars in username if needed.
Timo Sirainen <tss@iki.fi>
parents:
1182
diff
changeset
|
738 for (p = str; *p != '\0'; p++) { |
1330
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1282
diff
changeset
|
739 if (IS_LDAP_ESCAPED_CHAR(*p)) |
1189
2cb8e2136283
Escape special chars in username if needed.
Timo Sirainen <tss@iki.fi>
parents:
1182
diff
changeset
|
740 break; |
2cb8e2136283
Escape special chars in username if needed.
Timo Sirainen <tss@iki.fi>
parents:
1182
diff
changeset
|
741 } |
2cb8e2136283
Escape special chars in username if needed.
Timo Sirainen <tss@iki.fi>
parents:
1182
diff
changeset
|
742 |
2cb8e2136283
Escape special chars in username if needed.
Timo Sirainen <tss@iki.fi>
parents:
1182
diff
changeset
|
743 if (*p == '\0') |
2cb8e2136283
Escape special chars in username if needed.
Timo Sirainen <tss@iki.fi>
parents:
1182
diff
changeset
|
744 return str; |
2cb8e2136283
Escape special chars in username if needed.
Timo Sirainen <tss@iki.fi>
parents:
1182
diff
changeset
|
745 |
1330
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1282
diff
changeset
|
746 ret = t_str_new((size_t) (p - str) + 64); |
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1282
diff
changeset
|
747 str_append_n(ret, str, (size_t) (p - str)); |
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1282
diff
changeset
|
748 |
1189
2cb8e2136283
Escape special chars in username if needed.
Timo Sirainen <tss@iki.fi>
parents:
1182
diff
changeset
|
749 for (; *p != '\0'; p++) { |
1330
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1282
diff
changeset
|
750 if (IS_LDAP_ESCAPED_CHAR(*p)) |
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1282
diff
changeset
|
751 str_append_c(ret, '\\'); |
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1282
diff
changeset
|
752 str_append_c(ret, *p); |
1189
2cb8e2136283
Escape special chars in username if needed.
Timo Sirainen <tss@iki.fi>
parents:
1182
diff
changeset
|
753 } |
1330
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1282
diff
changeset
|
754 return str_c(ret); |
1189
2cb8e2136283
Escape special chars in username if needed.
Timo Sirainen <tss@iki.fi>
parents:
1182
diff
changeset
|
755 } |
2cb8e2136283
Escape special chars in username if needed.
Timo Sirainen <tss@iki.fi>
parents:
1182
diff
changeset
|
756 |
5884
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
757 struct db_ldap_result_iterate_context * |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
758 db_ldap_result_iterate_init(struct ldap_connection *conn, LDAPMessage *entry, |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
759 struct auth_request *auth_request, |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
760 struct hash_table *attr_map) |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
761 { |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
762 struct db_ldap_result_iterate_context *ctx; |
6149
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
763 const char *static_data; |
5884
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
764 |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
765 ctx = t_new(struct db_ldap_result_iterate_context, 1); |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
766 ctx->conn = conn; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
767 ctx->entry = entry; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
768 ctx->auth_request = auth_request; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
769 ctx->attr_map = attr_map; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
770 |
6149
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
771 static_data = hash_lookup(attr_map, ""); |
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
772 if (static_data != NULL) |
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
773 ctx->static_attrs = t_strsplit(static_data, ","); |
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
774 |
5884
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
775 if (auth_request->auth->verbose_debug) |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
776 ctx->debug = t_str_new(256); |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
777 |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
778 ctx->attr = ldap_first_attribute(conn->ld, entry, &ctx->ber); |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
779 return ctx; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
780 } |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
781 |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
782 static void |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
783 db_ldap_result_iterate_finish(struct db_ldap_result_iterate_context *ctx) |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
784 { |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
785 if (ctx->debug != NULL && str_len(ctx->debug) > 0) { |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
786 auth_request_log_debug(ctx->auth_request, "ldap", |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
787 "result: %s", str_c(ctx->debug) + 1); |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
788 } |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
789 |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
790 ber_free(ctx->ber, 0); |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
791 } |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
792 |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
793 static void |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
794 db_ldap_result_change_attr(struct db_ldap_result_iterate_context *ctx) |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
795 { |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
796 ctx->name = hash_lookup(ctx->attr_map, ctx->attr); |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
797 |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
798 if (ctx->debug != NULL) { |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
799 str_printfa(ctx->debug, " %s(%s)=", ctx->attr, |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
800 ctx->name != NULL ? ctx->name : "?unknown?"); |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
801 } |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
802 |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
803 if (ctx->name == NULL || *ctx->name == '\0') { |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
804 ctx->value = NULL; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
805 return; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
806 } |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
807 |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
808 if (strchr(ctx->name, '%') != NULL && |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
809 (ctx->template = strchr(ctx->name, '=')) != NULL) { |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
810 /* we want to use variables */ |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
811 ctx->name = t_strdup_until(ctx->name, ctx->template); |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
812 ctx->template++; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
813 if (ctx->var_table == NULL) { |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
814 ctx->var_table = db_ldap_value_get_var_expand_table( |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
815 ctx->auth_request); |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
816 ctx->var = t_str_new(256); |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
817 } |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
818 } |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
819 |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
820 ctx->vals = ldap_get_values(ctx->conn->ld, ctx->entry, |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
821 ctx->attr); |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
822 ctx->value = ctx->vals[0]; |
6144
d779b7220e23
LDAP crashfixes. Based on patch by Katsu Yamamoto.
Timo Sirainen <tss@iki.fi>
parents:
5884
diff
changeset
|
823 ctx->value_idx = 0; |
5884
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
824 } |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
825 |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
826 static void |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
827 db_ldap_result_return_value(struct db_ldap_result_iterate_context *ctx) |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
828 { |
6144
d779b7220e23
LDAP crashfixes. Based on patch by Katsu Yamamoto.
Timo Sirainen <tss@iki.fi>
parents:
5884
diff
changeset
|
829 bool first = ctx->value_idx == 0; |
5884
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
830 |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
831 if (ctx->template != NULL) { |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
832 ctx->var_table[0].value = ctx->value; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
833 str_truncate(ctx->var, 0); |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
834 var_expand(ctx->var, ctx->template, ctx->var_table); |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
835 ctx->value = str_c(ctx->var); |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
836 } |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
837 |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
838 if (ctx->debug != NULL) { |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
839 if (!first) |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
840 str_append_c(ctx->debug, '/'); |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
841 if (ctx->auth_request->auth->verbose_debug_passwords || |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
842 strcmp(ctx->name, "password") != 0) |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
843 str_append(ctx->debug, ctx->value); |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
844 else |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
845 str_append(ctx->debug, PASSWORD_HIDDEN_STR); |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
846 } |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
847 } |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
848 |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
849 static bool db_ldap_result_int_next(struct db_ldap_result_iterate_context *ctx) |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
850 { |
6149
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
851 const char *p; |
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
852 |
5884
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
853 while (ctx->attr != NULL) { |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
854 if (ctx->vals == NULL) { |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
855 /* a new attribute */ |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
856 db_ldap_result_change_attr(ctx); |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
857 } else { |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
858 /* continuing existing attribute */ |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
859 if (ctx->value != NULL) |
6144
d779b7220e23
LDAP crashfixes. Based on patch by Katsu Yamamoto.
Timo Sirainen <tss@iki.fi>
parents:
5884
diff
changeset
|
860 ctx->value = ctx->vals[++ctx->value_idx]; |
5884
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
861 } |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
862 |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
863 if (ctx->value != NULL) { |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
864 db_ldap_result_return_value(ctx); |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
865 return TRUE; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
866 } |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
867 |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
868 ldap_value_free(ctx->vals); ctx->vals = NULL; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
869 ldap_memfree(ctx->attr); |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
870 ctx->attr = ldap_next_attribute(ctx->conn->ld, ctx->entry, |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
871 ctx->ber); |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
872 } |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
873 |
6149
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
874 if (ctx->static_attrs != NULL && *ctx->static_attrs != NULL) { |
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
875 p = strchr(*ctx->static_attrs, '='); |
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
876 if (p == NULL) { |
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
877 ctx->name = *ctx->static_attrs; |
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
878 ctx->value = ""; |
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
879 } else { |
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
880 ctx->name = t_strdup_until(*ctx->static_attrs, p); |
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
881 ctx->value = p + 1; |
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
882 } |
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
883 ctx->static_attrs++; |
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
884 return TRUE; |
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
885 } |
a744ae38a9e1
Having =key=value in pass_attrs or user_attrs allows returning static
Timo Sirainen <tss@iki.fi>
parents:
6148
diff
changeset
|
886 |
5884
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
887 db_ldap_result_iterate_finish(ctx); |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
888 return FALSE; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
889 } |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
890 |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
891 bool db_ldap_result_iterate_next(struct db_ldap_result_iterate_context *ctx, |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
892 const char **name_r, const char **value_r) |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
893 { |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
894 if (!db_ldap_result_int_next(ctx)) |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
895 return FALSE; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
896 |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
897 *name_r = ctx->name; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
898 *value_r = ctx->value; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
899 return TRUE; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
900 } |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
901 |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
902 bool db_ldap_result_iterate_next_all(struct db_ldap_result_iterate_context *ctx, |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
903 const char **name_r, |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
904 const char *const **values_r) |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
905 { |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
906 if (!db_ldap_result_int_next(ctx)) |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
907 return FALSE; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
908 |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
909 if (ctx->template != NULL) { |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
910 /* we can use only one value with templates */ |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
911 ctx->val_1_arr[0] = ctx->value; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
912 *values_r = ctx->val_1_arr; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
913 } else { |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
914 *values_r = (const char *const *)ctx->vals; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
915 } |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
916 ctx->value = NULL; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
917 *name_r = ctx->name; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
918 return TRUE; |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
919 } |
1c1dee40e495
Moved generic LDAP result iteration to db_ldap. It also supports now
Timo Sirainen <tss@iki.fi>
parents:
5872
diff
changeset
|
920 |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
921 static const char *parse_setting(const char *key, const char *value, |
4907
5b4c9b20eba0
Replaced void *context from a lot of callbacks with the actual context
Timo Sirainen <tss@iki.fi>
parents:
4903
diff
changeset
|
922 struct ldap_connection *conn) |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
923 { |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
924 return parse_setting_from_defs(conn->pool, setting_defs, |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
925 &conn->set, key, value); |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
926 } |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
927 |
1143
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
928 static struct ldap_connection *ldap_conn_find(const char *config_path) |
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
929 { |
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
930 struct ldap_connection *conn; |
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
931 |
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
932 for (conn = ldap_connections; conn != NULL; conn = conn->next) { |
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
933 if (strcmp(conn->config_path, config_path) == 0) |
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
934 return conn; |
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
935 } |
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
936 |
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
937 return NULL; |
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
938 } |
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
939 |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
940 struct ldap_connection *db_ldap_init(const char *config_path) |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
941 { |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
942 struct ldap_connection *conn; |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
943 pool_t pool; |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
944 |
1143
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
945 /* see if it already exists */ |
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
946 conn = ldap_conn_find(config_path); |
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
947 if (conn != NULL) { |
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
948 conn->refcount++; |
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
949 return conn; |
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
950 } |
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
951 |
3908
afe21b6d4b68
Give a clear error message if SQL/LDAP configuration file path was left
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
952 if (*config_path == '\0') |
afe21b6d4b68
Give a clear error message if SQL/LDAP configuration file path was left
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
953 i_fatal("LDAP: Configuration file path not given"); |
afe21b6d4b68
Give a clear error message if SQL/LDAP configuration file path was left
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
954 |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
955 pool = pool_alloconly_create("ldap_connection", 1024); |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
956 conn = p_new(pool, struct ldap_connection, 1); |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
957 conn->pool = pool; |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
958 |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
959 conn->refcount = 1; |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
960 conn->requests = hash_create(default_pool, pool, 0, NULL, NULL); |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
961 |
4741
deccf9e1aebc
LDAP code changes: If auth binds are used, bind back to the default dn
Timo Sirainen <tss@iki.fi>
parents:
4624
diff
changeset
|
962 conn->fd = -1; |
1143
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
963 conn->config_path = p_strdup(pool, config_path); |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
964 conn->set = default_ldap_settings; |
4903
204d7edc7cdc
Added context parameter type safety checks for most callback APIs.
Timo Sirainen <tss@iki.fi>
parents:
4816
diff
changeset
|
965 if (!settings_read(config_path, NULL, parse_setting, |
204d7edc7cdc
Added context parameter type safety checks for most callback APIs.
Timo Sirainen <tss@iki.fi>
parents:
4816
diff
changeset
|
966 null_settings_section_callback, conn)) |
1610
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1330
diff
changeset
|
967 exit(FATAL_DEFAULT); |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
968 |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
969 if (conn->set.base == NULL) |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
970 i_fatal("LDAP: No base given"); |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
971 |
4006
0e8f0647504b
Check that uris and hosts settings are correct.
Timo Sirainen <tss@iki.fi>
parents:
3913
diff
changeset
|
972 if (conn->set.uris == NULL && conn->set.hosts == NULL) |
0e8f0647504b
Check that uris and hosts settings are correct.
Timo Sirainen <tss@iki.fi>
parents:
3913
diff
changeset
|
973 i_fatal("LDAP: No uris or hosts set"); |
0e8f0647504b
Check that uris and hosts settings are correct.
Timo Sirainen <tss@iki.fi>
parents:
3913
diff
changeset
|
974 #ifndef LDAP_HAVE_INITIALIZE |
4180
92b572fbb88a
If LDAP library didn't have ldap_initialize() function, we always complained
Timo Sirainen <tss@iki.fi>
parents:
4006
diff
changeset
|
975 if (conn->set.uris != NULL) { |
4006
0e8f0647504b
Check that uris and hosts settings are correct.
Timo Sirainen <tss@iki.fi>
parents:
3913
diff
changeset
|
976 i_fatal("LDAP: Dovecot compiled without support for LDAP uris " |
0e8f0647504b
Check that uris and hosts settings are correct.
Timo Sirainen <tss@iki.fi>
parents:
3913
diff
changeset
|
977 "(ldap_initialize not found)"); |
0e8f0647504b
Check that uris and hosts settings are correct.
Timo Sirainen <tss@iki.fi>
parents:
3913
diff
changeset
|
978 } |
0e8f0647504b
Check that uris and hosts settings are correct.
Timo Sirainen <tss@iki.fi>
parents:
3913
diff
changeset
|
979 #endif |
0e8f0647504b
Check that uris and hosts settings are correct.
Timo Sirainen <tss@iki.fi>
parents:
3913
diff
changeset
|
980 |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
981 conn->set.ldap_deref = deref2str(conn->set.deref); |
3502
5e78500f1aee
user_global_uid and user_global_gid settings weren't working. Also changed
Timo Sirainen <tss@iki.fi>
parents:
3474
diff
changeset
|
982 conn->set.ldap_scope = scope2str(conn->set.scope); |
5e78500f1aee
user_global_uid and user_global_gid settings weren't working. Also changed
Timo Sirainen <tss@iki.fi>
parents:
3474
diff
changeset
|
983 |
1143
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
984 conn->next = ldap_connections; |
50f10a7a3bad
Use the same LDAP connection for both userdb and passdb if config_path is
Timo Sirainen <tss@iki.fi>
parents:
1141
diff
changeset
|
985 ldap_connections = conn; |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
986 return conn; |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
987 } |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
988 |
3879
928229f8b3e6
deinit, unref, destroy, close, free, etc. functions now take a pointer to
Timo Sirainen <tss@iki.fi>
parents:
3863
diff
changeset
|
989 void db_ldap_unref(struct ldap_connection **_conn) |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
990 { |
3879
928229f8b3e6
deinit, unref, destroy, close, free, etc. functions now take a pointer to
Timo Sirainen <tss@iki.fi>
parents:
3863
diff
changeset
|
991 struct ldap_connection *conn = *_conn; |
3657
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3502
diff
changeset
|
992 struct ldap_connection **p; |
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3502
diff
changeset
|
993 |
3879
928229f8b3e6
deinit, unref, destroy, close, free, etc. functions now take a pointer to
Timo Sirainen <tss@iki.fi>
parents:
3863
diff
changeset
|
994 *_conn = NULL; |
3657
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3502
diff
changeset
|
995 i_assert(conn->refcount >= 0); |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
996 if (--conn->refcount > 0) |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
997 return; |
3657
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3502
diff
changeset
|
998 |
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3502
diff
changeset
|
999 for (p = &ldap_connections; *p != NULL; p = &(*p)->next) { |
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3502
diff
changeset
|
1000 if (*p == conn) { |
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3502
diff
changeset
|
1001 *p = conn->next; |
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3502
diff
changeset
|
1002 break; |
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3502
diff
changeset
|
1003 } |
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3502
diff
changeset
|
1004 } |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
1005 |
3731
0a7beabfe332
If LDAP lookup fails because connection gets closed, try retrying it again
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
1006 ldap_conn_close(conn, TRUE); |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
1007 |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
1008 hash_destroy(conn->requests); |
3306
aebed9a9edac
If both userdb and passdb used LDAP the later one was overriding first one's
Timo Sirainen <tss@iki.fi>
parents:
3212
diff
changeset
|
1009 if (conn->pass_attr_map != NULL) |
aebed9a9edac
If both userdb and passdb used LDAP the later one was overriding first one's
Timo Sirainen <tss@iki.fi>
parents:
3212
diff
changeset
|
1010 hash_destroy(conn->pass_attr_map); |
aebed9a9edac
If both userdb and passdb used LDAP the later one was overriding first one's
Timo Sirainen <tss@iki.fi>
parents:
3212
diff
changeset
|
1011 if (conn->user_attr_map != NULL) |
aebed9a9edac
If both userdb and passdb used LDAP the later one was overriding first one's
Timo Sirainen <tss@iki.fi>
parents:
3212
diff
changeset
|
1012 hash_destroy(conn->user_attr_map); |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
1013 pool_unref(conn->pool); |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
1014 } |
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
1015 |
6198
4f6c4aeafafb
--with-ldap=plugin builds LDAP passdb and userdb support as a plugin.
Timo Sirainen <tss@iki.fi>
parents:
6175
diff
changeset
|
1016 #ifndef BUILTIN_LDAP |
4f6c4aeafafb
--with-ldap=plugin builds LDAP passdb and userdb support as a plugin.
Timo Sirainen <tss@iki.fi>
parents:
6175
diff
changeset
|
1017 /* Building a plugin */ |
4f6c4aeafafb
--with-ldap=plugin builds LDAP passdb and userdb support as a plugin.
Timo Sirainen <tss@iki.fi>
parents:
6175
diff
changeset
|
1018 extern struct passdb_module_interface passdb_ldap; |
4f6c4aeafafb
--with-ldap=plugin builds LDAP passdb and userdb support as a plugin.
Timo Sirainen <tss@iki.fi>
parents:
6175
diff
changeset
|
1019 extern struct userdb_module_interface userdb_ldap; |
4f6c4aeafafb
--with-ldap=plugin builds LDAP passdb and userdb support as a plugin.
Timo Sirainen <tss@iki.fi>
parents:
6175
diff
changeset
|
1020 |
4f6c4aeafafb
--with-ldap=plugin builds LDAP passdb and userdb support as a plugin.
Timo Sirainen <tss@iki.fi>
parents:
6175
diff
changeset
|
1021 void authdb_ldap_init(void); |
4f6c4aeafafb
--with-ldap=plugin builds LDAP passdb and userdb support as a plugin.
Timo Sirainen <tss@iki.fi>
parents:
6175
diff
changeset
|
1022 void authdb_ldap_deinit(void); |
4f6c4aeafafb
--with-ldap=plugin builds LDAP passdb and userdb support as a plugin.
Timo Sirainen <tss@iki.fi>
parents:
6175
diff
changeset
|
1023 |
4f6c4aeafafb
--with-ldap=plugin builds LDAP passdb and userdb support as a plugin.
Timo Sirainen <tss@iki.fi>
parents:
6175
diff
changeset
|
1024 void authdb_ldap_init(void) |
4f6c4aeafafb
--with-ldap=plugin builds LDAP passdb and userdb support as a plugin.
Timo Sirainen <tss@iki.fi>
parents:
6175
diff
changeset
|
1025 { |
4f6c4aeafafb
--with-ldap=plugin builds LDAP passdb and userdb support as a plugin.
Timo Sirainen <tss@iki.fi>
parents:
6175
diff
changeset
|
1026 passdb_register_module(&passdb_ldap); |
4f6c4aeafafb
--with-ldap=plugin builds LDAP passdb and userdb support as a plugin.
Timo Sirainen <tss@iki.fi>
parents:
6175
diff
changeset
|
1027 userdb_register_module(&userdb_ldap); |
4f6c4aeafafb
--with-ldap=plugin builds LDAP passdb and userdb support as a plugin.
Timo Sirainen <tss@iki.fi>
parents:
6175
diff
changeset
|
1028 |
4f6c4aeafafb
--with-ldap=plugin builds LDAP passdb and userdb support as a plugin.
Timo Sirainen <tss@iki.fi>
parents:
6175
diff
changeset
|
1029 } |
4f6c4aeafafb
--with-ldap=plugin builds LDAP passdb and userdb support as a plugin.
Timo Sirainen <tss@iki.fi>
parents:
6175
diff
changeset
|
1030 void authdb_ldap_deinit(void) |
4f6c4aeafafb
--with-ldap=plugin builds LDAP passdb and userdb support as a plugin.
Timo Sirainen <tss@iki.fi>
parents:
6175
diff
changeset
|
1031 { |
4f6c4aeafafb
--with-ldap=plugin builds LDAP passdb and userdb support as a plugin.
Timo Sirainen <tss@iki.fi>
parents:
6175
diff
changeset
|
1032 passdb_unregister_module(&passdb_ldap); |
4f6c4aeafafb
--with-ldap=plugin builds LDAP passdb and userdb support as a plugin.
Timo Sirainen <tss@iki.fi>
parents:
6175
diff
changeset
|
1033 userdb_unregister_module(&userdb_ldap); |
4f6c4aeafafb
--with-ldap=plugin builds LDAP passdb and userdb support as a plugin.
Timo Sirainen <tss@iki.fi>
parents:
6175
diff
changeset
|
1034 } |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
1035 #endif |
6198
4f6c4aeafafb
--with-ldap=plugin builds LDAP passdb and userdb support as a plugin.
Timo Sirainen <tss@iki.fi>
parents:
6175
diff
changeset
|
1036 |
4f6c4aeafafb
--with-ldap=plugin builds LDAP passdb and userdb support as a plugin.
Timo Sirainen <tss@iki.fi>
parents:
6175
diff
changeset
|
1037 #endif |