webserver: comparison src/server/daemon/ldap

-:4d038bc6f86e
+:73e80eb953f5
 authdb->authdb.name = pool_strdup(cfg->pool, name);
 if(!authdb->authdb.name) {
 return NULL;
 }
 authdb->authdb.get_user = ldap_get_user;
-authdb->authdb.use_cache = 1;
+authdb->authdb.use_cache = 0; // TODO: enable caching when cache actually works
 // initialize default ldap config
 cxstring dirtype = serverconfig_object_directive_value(node, cx_str("DirectoryType"));
 LDAPConfig *default_config;
 if(!dirtype.ptr) {
 // TODO: create resource pool
 } else {
 authdb->config.resource = resource.ptr;
 }
+if(!basedn.ptr) {
+log_ereport(LOG_FAILURE, "ldap authdb %s: basedn is required", name);
+return NULL;
+}
+authdb->config.basedn = basedn.ptr;
 // initialize group cache
 authdb->groups.first = NULL;
 authdb->groups.last = NULL;
 authdb->groups.map = cxHashMapCreate(cfg->a, 32);
 if(!authdb->groups.map) {
 return NULL;
 }
+log_ereport(LOG_INFORM, "create authdb name=%s type=ldap resource=%s", name, resource.ptr);
 return (AuthDB*) authdb;
 }
 LDAP* get_ldap_session(Session *sn, Request *rq, LDAPAuthDB *authdb) {
 // get the user dn
 // TODO: use config for filter
 // TODO: use asprintf
 char filter[128];
-int s = snprintf(filter, 127, "uid=%s", username);
+snprintf(filter, 128, "(uid=%s)", username);
-filter[s] = 0;
 LDAPMessage *result;
 struct timeval timeout;
 timeout.tv_sec = 8;
 timeout.tv_usec = 0;
 NULL,        // client controls
 &timeout,
 1,           // size limit
 &result);
 if (r != LDAP_SUCCESS) {
-ws_ldap_close(ld);
+//ws_ldap_close(ld);
-fprintf(stderr, "ldap_search_ext_s failed\n");
+log_ereport(LOG_FAILURE, "ldap_get_user: search failed: %s", ldap_err2string(r));
 return NULL;
 }
 LDAPMessage *msg = ldap_first_entry(ld, result);
 if (msg) {
 return (User*)user;
 }
 }
-ws_ldap_close(ld);
+//ws_ldap_close(ld);
 return NULL;
 }
 LDAPGroup* ldap_get_group(Session *sn, Request *rq, LDAPAuthDB *authdb, const char *group) {
 printf("ldap_get_group: %s\n", group);
 NULL,        // client controls
 &timeout,
 1,           // size limit
 &result);
 if (r != LDAP_SUCCESS) {
-ws_ldap_close(ld);
+//ws_ldap_close(ld);
 fprintf(stderr, "ldap_search_ext_s failed\n");
 return NULL;
 }
 if(attribute) {
 ldap_memfree(attribute);
 }
 }
-ws_ldap_close(ld);
+//ws_ldap_close(ld);
 return wsgroup;
 }
 int ldap_user_verify_password(User *u, const char *password) {
 LDAPUser *user = (LDAPUser*)u;
 void ldap_user_free(User *u) {
 LDAPUser *user = (LDAPUser*)u;
 ldap_memfree(user->userdn);
 // TODO: use connection pool
-ws_ldap_close(user->ldap);
+//ws_ldap_close(user->ldap);
 free(user);
 }

comparison: src/server/daemon/ldap_auth.c

src/server/daemon/ldap_auth.c

Mercurial > hg > webserver / file comparison

comparison: src/server/daemon/ldap_auth.c

src/server/daemon/ldap_auth.c