replaced usage of deprecated openldap functions

Tue, 09 Jul 2013 20:56:01 +0200

author
Olaf Wintermann <olaf.wintermann@gmail.com>
date
Tue, 09 Jul 2013 20:56:01 +0200
changeset 86
49bb6c8ceb2b
parent 85
b62e77d8e80c
child 87
bdec069d2239

replaced usage of deprecated openldap functions

src/server/daemon/configmanager.c file | annotate | diff | comparison | revisions
src/server/daemon/ldap_auth.c file | annotate | diff | comparison | revisions
src/server/daemon/main.c file | annotate | diff | comparison | revisions
--- a/src/server/daemon/configmanager.c	Tue Jul 09 17:16:26 2013 +0200
+++ b/src/server/daemon/configmanager.c	Tue Jul 09 20:56:01 2013 +0200
@@ -126,7 +126,9 @@
         config = current_config;
     }
     
-    *set_cfg = config;
+    if(set_cfg) {
+         *set_cfg = config;
+    }
     ServerConfiguration *old_conf = NULL;
     if(current_config != config) {
         old_conf = current_config;
--- a/src/server/daemon/ldap_auth.c	Tue Jul 09 17:16:26 2013 +0200
+++ b/src/server/daemon/ldap_auth.c	Tue Jul 09 20:56:01 2013 +0200
@@ -26,6 +26,10 @@
  * POSSIBILITY OF SUCH DAMAGE.
  */
 
+#ifdef __gnu_linux__
+#define _GNU_SOURCE
+#endif
+
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
@@ -33,7 +37,7 @@
 #include "ldap_auth.h"
 
 AuthDB* create_ldap_authdb(char *name, LDAPConfig *conf) {
-    LDAPAuthDB *authdb = malloc(sizeof (LDAPAuthDB));
+    LDAPAuthDB *authdb = malloc(sizeof(LDAPAuthDB));
     authdb->authdb.name = strdup(name);
     authdb->authdb.get_user = ldap_get_user;
     authdb->authdb.use_cache = 1;
@@ -53,17 +57,40 @@
     LDAPAuthDB *authdb = (LDAPAuthDB*) db;
     LDAPConfig *config = &authdb->config;
 
-    LDAP *ld = ldap_init(config->hostname, config->port);
+    LDAP *ld = NULL;
+#ifdef LINUX
+    char *ldap_uri = NULL;
+    asprintf(&ldap_uri, "ldap://%s:%d", config->hostname, config->port);
+    if(ldap_initialize(&ld, ldap_uri)) {
+        fprintf(stderr, "ldap_initialize failed\n");
+    }
+#else
+    ld = ldap_init(config->hostname, config->port);
+#endif
     if (ld == NULL) {
         fprintf(stderr, "ldap_init failed\n");
         return NULL;
     }
-    int ldapv = 3;
+    
+    int ldapv = LDAP_VERSION3;
     ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &ldapv);
 
-    int r = ldap_simple_bind_s(ld, config->binddn, config->bindpw);
+    //int r = ldap_simple_bind_s(ld, config->binddn, config->bindpw);
+    struct berval cred;
+    cred.bv_val = config->bindpw;
+    cred.bv_len = strlen(config->bindpw);
+    struct berval *server_cred;
+    int r = ldap_sasl_bind_s(
+            ld,
+            config->binddn,
+            LDAP_SASL_SIMPLE,
+            &cred,
+            NULL,
+            NULL,
+            &server_cred);
     if (r != LDAP_SUCCESS) {
-        ldap_unbind(ld);
+        //ldap_unbind(ld);
+        ldap_unbind_ext_s(ld, NULL, NULL);
         fprintf(stderr, "ldap_simple_bind_s failed: %s\n", ldap_err2string(r));
         return NULL;
     }
@@ -76,17 +103,25 @@
     filter[s] = 0;
 
     LDAPMessage *result;
-    r = ldap_search_s(
+    struct timeval timeout;
+    timeout.tv_sec = 8;
+    timeout.tv_usec = 0;
+    r = ldap_search_ext_s(
             ld,
             config->basedn,
             LDAP_SCOPE_SUBTREE,
             filter,
             NULL,
             0,
+            NULL,        // server controls
+            NULL,        // client controls
+            &timeout,
+            1,           // size limit
             &result);
     if (r != LDAP_SUCCESS) {
-        ldap_unbind(ld);
-        fprintf(stderr, "ldap_search_s failed\n");
+        //ldap_unbind(ld);
+        ldap_unbind_ext_s(ld, NULL, NULL);
+        fprintf(stderr, "ldap_search_ext_s failed\n");
         return NULL;
     }
 
@@ -112,14 +147,26 @@
         }
     }
 
-    ldap_unbind(ld);
+    ldap_unbind_ext_s(ld, NULL, NULL);
     return NULL;
 }
 
 int ldap_user_verify_password(User *u, char *password) {
     LDAPUser *user = (LDAPUser*)u;
     
-    int r = ldap_simple_bind_s(user->ldap, user->userdn, password);
+    //int r = ldap_simple_bind_s(user->ldap, user->userdn, password);
+    struct berval cred;
+    cred.bv_val = password;
+    cred.bv_len = strlen(password);
+    struct berval *server_cred;
+    int r = ldap_sasl_bind_s(
+            user->ldap,
+            user->userdn,
+            LDAP_SASL_SIMPLE,
+            &cred,
+            NULL,
+            NULL,
+            &server_cred);
     if(r == LDAP_SUCCESS) {
         printf("ldap password ok\n");
         return 1;
@@ -138,6 +185,7 @@
     LDAPUser *user = (LDAPUser*)u;
     ldap_memfree(user->userdn);
     // TODO: use connection pool
-    ldap_unbind(user->ldap);
+    //ldap_unbind(user->ldap);
+    ldap_unbind_ext_s(user->ldap, NULL, NULL);
     free(user);
 }
--- a/src/server/daemon/main.c	Tue Jul 09 17:16:26 2013 +0200
+++ b/src/server/daemon/main.c	Tue Jul 09 20:56:01 2013 +0200
@@ -60,8 +60,8 @@
  */
 void sig_usr1_reload(int sig) {
     log_ereport(LOG_INFORM, "sig reload");
-
-    if(cfgmgr_load_config() != 0) {
+    
+    if(cfgmgr_load_config(NULL) != 0) {
         log_ereport(LOG_FAILURE, "cannot reload config");
     }
     // start newly created listeners

mercurial