# HG changeset patch # User Olaf Wintermann # Date 1678534668 -3600 # Node ID 72848970541afa2620a4943304368e620868a2b6 # Parent 9b20b8f3582b9a53c2cafe36f7439f0d698b7f46 add bind parameters to ldap resource pool diff -r 9b20b8f3582b -r 72848970541a src/server/daemon/ldap_resource.c --- a/src/server/daemon/ldap_resource.c Sat Mar 11 11:56:55 2023 +0100 +++ b/src/server/daemon/ldap_resource.c Sat Mar 11 12:37:48 2023 +0100 @@ -120,6 +120,9 @@ char *ldap_uri = pblock_findval("Uri", pb); char *host = pblock_findval("Host", pb); char *port = pblock_findval("Port", pb); + char *binddn = pblock_findval("Binddn", pb); + char *bindpw = pblock_findval("Bindpw", pb); + char *bind = pblock_findval("Bind", pb); if(!ldap_uri || !host) { log_ereport(LOG_MISCONFIG, "Resource pool %s: No host or ldap uri specified", rpname); @@ -155,6 +158,9 @@ ldap_pool->ldap_uri = ldap_uri; ldap_pool->host = host; ldap_pool->port = (int)port_i; + ldap_pool->binddn = binddn; + ldap_pool->bindpw = bindpw; + ldap_pool->bind = util_getboolean(bind, ldap_pool->binddn != NULL); return ldap_pool; } @@ -180,6 +186,15 @@ return NULL; } + if(respool->bind) { + struct berval *server_cred; + if(ldap_resource_bind(respool, ldap, &server_cred) != LDAP_SUCCESS) { + log_ereport(LOG_FAILURE, "Resource pool %s: bind failed", respool->name); + ws_ldap_close(ldap); + return NULL; + } + } + LDAPResource *res = pool_malloc(respool->pool, sizeof(LDAPResource)); if(!res) { ws_ldap_close(ldap); @@ -187,6 +202,7 @@ return NULL; } res->ldap = ldap; + res->res_pool = respool; return res; } @@ -211,3 +227,22 @@ void * ldap_resourcepool_getresourcedata(LDAPResource *res) { return res->ldap; } + + +int ldap_resource_bind(LDAPResourcePool *respool, LDAP *ldap, struct berval **server_cred) { + if(!respool->binddn) { + return -1; + } + + struct berval cred; + cred.bv_val = respool->bindpw; + cred.bv_len = strlen(cred.bv_val); + return ldap_sasl_bind_s( + ldap, + respool->binddn, + LDAP_SASL_SIMPLE, + &cred, + NULL, + NULL, + server_cred); +} diff -r 9b20b8f3582b -r 72848970541a src/server/daemon/ldap_resource.h --- a/src/server/daemon/ldap_resource.h Sat Mar 11 11:56:55 2023 +0100 +++ b/src/server/daemon/ldap_resource.h Sat Mar 11 12:37:48 2023 +0100 @@ -77,11 +77,27 @@ */ int port; + /* + * admin binddn + */ + char *binddn; + + /* + * admin bindpw + */ + char *bindpw; + + /* + * bind every LDAP session to binddn + */ + WSBool bind; + } LDAPResourcePool; typedef struct LDAPResource { LDAP *ldap; + LDAPResourcePool *res_pool; } LDAPResource; ResourceType* ldap_get_resource_type(void); @@ -110,6 +126,9 @@ void * ldap_resourcepool_getresourcedata(LDAPResource *res); +int ldap_resource_bind(LDAPResourcePool *respool, LDAP *ldap, struct berval **server_cred); + + #ifdef __cplusplus }