Tue, 09 Jul 2013 20:56:01 +0200
replaced usage of deprecated openldap functions
--- a/src/server/daemon/configmanager.c Tue Jul 09 17:16:26 2013 +0200 +++ b/src/server/daemon/configmanager.c Tue Jul 09 20:56:01 2013 +0200 @@ -126,7 +126,9 @@ config = current_config; } - *set_cfg = config; + if(set_cfg) { + *set_cfg = config; + } ServerConfiguration *old_conf = NULL; if(current_config != config) { old_conf = current_config;
--- a/src/server/daemon/ldap_auth.c Tue Jul 09 17:16:26 2013 +0200 +++ b/src/server/daemon/ldap_auth.c Tue Jul 09 20:56:01 2013 +0200 @@ -26,6 +26,10 @@ * POSSIBILITY OF SUCH DAMAGE. */ +#ifdef __gnu_linux__ +#define _GNU_SOURCE +#endif + #include <stdio.h> #include <stdlib.h> #include <string.h> @@ -33,7 +37,7 @@ #include "ldap_auth.h" AuthDB* create_ldap_authdb(char *name, LDAPConfig *conf) { - LDAPAuthDB *authdb = malloc(sizeof (LDAPAuthDB)); + LDAPAuthDB *authdb = malloc(sizeof(LDAPAuthDB)); authdb->authdb.name = strdup(name); authdb->authdb.get_user = ldap_get_user; authdb->authdb.use_cache = 1; @@ -53,17 +57,40 @@ LDAPAuthDB *authdb = (LDAPAuthDB*) db; LDAPConfig *config = &authdb->config; - LDAP *ld = ldap_init(config->hostname, config->port); + LDAP *ld = NULL; +#ifdef LINUX + char *ldap_uri = NULL; + asprintf(&ldap_uri, "ldap://%s:%d", config->hostname, config->port); + if(ldap_initialize(&ld, ldap_uri)) { + fprintf(stderr, "ldap_initialize failed\n"); + } +#else + ld = ldap_init(config->hostname, config->port); +#endif if (ld == NULL) { fprintf(stderr, "ldap_init failed\n"); return NULL; } - int ldapv = 3; + + int ldapv = LDAP_VERSION3; ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &ldapv); - int r = ldap_simple_bind_s(ld, config->binddn, config->bindpw); + //int r = ldap_simple_bind_s(ld, config->binddn, config->bindpw); + struct berval cred; + cred.bv_val = config->bindpw; + cred.bv_len = strlen(config->bindpw); + struct berval *server_cred; + int r = ldap_sasl_bind_s( + ld, + config->binddn, + LDAP_SASL_SIMPLE, + &cred, + NULL, + NULL, + &server_cred); if (r != LDAP_SUCCESS) { - ldap_unbind(ld); + //ldap_unbind(ld); + ldap_unbind_ext_s(ld, NULL, NULL); fprintf(stderr, "ldap_simple_bind_s failed: %s\n", ldap_err2string(r)); return NULL; } @@ -76,17 +103,25 @@ filter[s] = 0; LDAPMessage *result; - r = ldap_search_s( + struct timeval timeout; + timeout.tv_sec = 8; + timeout.tv_usec = 0; + r = ldap_search_ext_s( ld, config->basedn, LDAP_SCOPE_SUBTREE, filter, NULL, 0, + NULL, // server controls + NULL, // client controls + &timeout, + 1, // size limit &result); if (r != LDAP_SUCCESS) { - ldap_unbind(ld); - fprintf(stderr, "ldap_search_s failed\n"); + //ldap_unbind(ld); + ldap_unbind_ext_s(ld, NULL, NULL); + fprintf(stderr, "ldap_search_ext_s failed\n"); return NULL; } @@ -112,14 +147,26 @@ } } - ldap_unbind(ld); + ldap_unbind_ext_s(ld, NULL, NULL); return NULL; } int ldap_user_verify_password(User *u, char *password) { LDAPUser *user = (LDAPUser*)u; - int r = ldap_simple_bind_s(user->ldap, user->userdn, password); + //int r = ldap_simple_bind_s(user->ldap, user->userdn, password); + struct berval cred; + cred.bv_val = password; + cred.bv_len = strlen(password); + struct berval *server_cred; + int r = ldap_sasl_bind_s( + user->ldap, + user->userdn, + LDAP_SASL_SIMPLE, + &cred, + NULL, + NULL, + &server_cred); if(r == LDAP_SUCCESS) { printf("ldap password ok\n"); return 1; @@ -138,6 +185,7 @@ LDAPUser *user = (LDAPUser*)u; ldap_memfree(user->userdn); // TODO: use connection pool - ldap_unbind(user->ldap); + //ldap_unbind(user->ldap); + ldap_unbind_ext_s(user->ldap, NULL, NULL); free(user); }
--- a/src/server/daemon/main.c Tue Jul 09 17:16:26 2013 +0200 +++ b/src/server/daemon/main.c Tue Jul 09 20:56:01 2013 +0200 @@ -60,8 +60,8 @@ */ void sig_usr1_reload(int sig) { log_ereport(LOG_INFORM, "sig reload"); - - if(cfgmgr_load_config() != 0) { + + if(cfgmgr_load_config(NULL) != 0) { log_ereport(LOG_FAILURE, "cannot reload config"); } // start newly created listeners