return (0);
}
- if ((CC->user.axlevel >= AxAideU)
- || (CC->room.QRroomaide == CC->user.usernum)) {
+ if ((CC->user.axlevel >= AxAideU) || (CC->room.QRroomaide == CC->user.usernum)) {
return (1);
} else {
return (0);
/*
- * getuserbyuid() - get user by system uid (for PAM mode authentication)
- * returns 0 if user was found
- *
- * WARNING: don't use this function unless you absolutely have to. It does
- * a sequential search and therefore is computationally expensive.
- *
- * FIXME: build an index, dummy.
+ * getuserbyuid() Get user by system uid (for PAM mode authentication)
+ * Returns 0 if user was found
+ * This now uses an extauth index.
*/
int getuserbyuid(struct ctdluser *usbuf, uid_t number)
{
- struct cdbdata *cdbus;
+ struct cdbdata *cdbextauth;
+ long usernum = 0;
+ StrBuf *claimed_id;
+
+ claimed_id = NewStrBuf();
+ StrBufPrintf(claimed_id, "uid:%d", number);
+ cdbextauth = cdb_fetch(CDB_EXTAUTH, ChrPtr(claimed_id), StrLength(claimed_id));
+ FreeStrBuf(&claimed_id);
+ if (cdbextauth == NULL) {
+ return(-1);
+ }
- cdb_rewind(CDB_USERS);
+ memcpy(&usernum, cdbextauth->ptr, sizeof(long));
+ cdb_free(cdbextauth);
- while (cdbus = cdb_next_item(CDB_USERS), cdbus != NULL) {
- memset(usbuf, 0, sizeof(struct ctdluser));
- memcpy(usbuf, cdbus->ptr,
- ((cdbus->len > sizeof(struct ctdluser)) ?
- sizeof(struct ctdluser) : cdbus->len));
- cdb_free(cdbus);
- if (usbuf->uid == number) {
- cdb_close_cursor(CDB_USERS);
- return (0);
- }
+ if (!CtdlGetUserByNumber(usbuf, usernum)) {
+ return(0);
}
- return (-1);
+
+ return(-1);
}
* If not found, make one attempt to create it.
*/
found_user = getuserbyuid(&CC->user, pd.pw_uid);
- syslog(LOG_DEBUG, "user_ops: found it: uid=%ld, gecos=%s here: %d", (long)pd.pw_uid, pd.pw_gecos, found_user);
if (found_user != 0) {
- create_user(username, 0);
+ create_user(username, CREATE_USER_DO_NOT_BECOME_USER, pd.pw_uid);
found_user = getuserbyuid(&CC->user, pd.pw_uid);
}
+ syslog(LOG_DEBUG, "user_ops: found it: uid=%ld, gecos=%s here: %d", (long)pd.pw_uid, pd.pw_gecos, found_user);
}
char ldap_cn[256];
char ldap_dn[256];
- found_user = CtdlTryUserLDAP(username, ldap_dn, sizeof ldap_dn, ldap_cn, sizeof ldap_cn, &ldap_uid, 0);
+ found_user = CtdlTryUserLDAP(username, ldap_dn, sizeof ldap_dn, ldap_cn, sizeof ldap_cn, &ldap_uid);
if (found_user != 0) {
return login_not_found;
}
found_user = getuserbyuid(&CC->user, ldap_uid);
if (found_user != 0) {
- create_user(username, 0);
+ create_user(ldap_cn, CREATE_USER_DO_NOT_BECOME_USER, ldap_uid);
found_user = getuserbyuid(&CC->user, ldap_uid);
}
/* First, try to log in as if the supplied name is a display name */
found_user = CtdlGetUser(&CC->user, username);
- /* If that didn't work, try to log in as if the supplied name
- * is an e-mail address
- */
+ /* If that didn't work, try to log in as if the supplied name * is an e-mail address */
if (found_user != 0) {
valid = validate_recipients(username, NULL, 0);
if (valid != NULL) {
* If we are using LDAP authentication, extract the user's email addresses from the directory.
* FIXME make this a site configurable setting
*/
- #ifdef HAVE_LDAP
- if ((CtdlGetConfigInt("c_auth_mode") == AUTHMODE_LDAP) || (CtdlGetConfigInt("c_auth_mode") == AUTHMODE_LDAP_AD)) {
- char new_emailaddrs[512];
+#ifdef HAVE_LDAP
+ if ((CtdlGetConfigInt("c_auth_mode") == AUTHMODE_LDAP) || (CtdlGetConfigInt("c_auth_mode") == AUTHMODE_LDAP_AD)) {
+ char new_emailaddrs[512];
+ if (CtdlGetConfigInt("c_ldap_sync_email_addrs") > 0) {
if (extract_email_addresses_from_ldap(CCC->ldap_dn, new_emailaddrs) == 0) {
- strcpy(CCC->user.emailaddrs, new_emailaddrs);
+ CtdlSetEmailAddressesForUser(CCC->user.fullname, new_emailaddrs);
}
}
- #endif
+ }
+#endif
/*
* No email address for user? Make one up.
CtdlPutUser(usbuf);
cdb_store(CDB_USERSBYNUMBER, &usbuf->usernum, sizeof(long), usbuf->fullname, strlen(usbuf->fullname)+1);
+ /* If non-native auth, index by uid */
+ if ((usbuf->uid > 0) && (usbuf->uid != NATIVE_AUTH_UID)) {
+ StrBuf *claimed_id = NewStrBuf();
+ StrBufPrintf(claimed_id, "uid:%d", usbuf->uid);
+ attach_extauth(usbuf, claimed_id);
+ FreeStrBuf(&claimed_id);
+ }
+
return 0;
}
* create_user() - back end processing to create a new user
*
* Set 'newusername' to the desired account name.
- * Set 'become_user' to nonzero if this is self-service account creation and we want
- * to actually log in as the user we just created, otherwise set it to 0.
+ * Set 'become_user' to CREATE_USER_BECOME_USER if this is self-service account creation and we want to
+ * actually log in as the user we just created, otherwise set it to CREATE_USER_DO_NOT_BECOME_USER
+ * Set 'uid' to some uid_t value to associate the account with an external auth user, or (-1) for native auth
*/
-int create_user(const char *newusername, int become_user)
+int create_user(char *username, int become_user, uid_t uid)
{
struct ctdluser usbuf;
struct ctdlroom qrbuf;
- char username[256];
char mailboxname[ROOMNAMELEN];
char buf[SIZ];
int retval;
- uid_t uid = (-1);
- safestrncpy(username, newusername, sizeof username);
strproc(username);
-
- if (CtdlGetConfigInt("c_auth_mode") == AUTHMODE_HOST) {
-
- /* host auth mode */
-
- struct passwd pd;
- struct passwd *tempPwdPtr;
- char pwdbuffer[SIZ];
-
-#ifdef HAVE_GETPWNAM_R
-#ifdef SOLARIS_GETPWUID
- tempPwdPtr = getpwnam_r(username, &pd, pwdbuffer, sizeof(pwdbuffer));
-#else // SOLARIS_GETPWUID
- getpwnam_r(username, &pd, pwdbuffer, sizeof pwdbuffer, &tempPwdPtr);
-#endif // SOLARIS_GETPWUID
-#else // HAVE_GETPWNAM_R
- tempPwdPtr = NULL;
-#endif // HAVE_GETPWNAM_R
- if (tempPwdPtr != NULL) {
- extract_token(username, pd.pw_gecos, 0, ',', sizeof username);
- uid = pd.pw_uid;
- if (IsEmptyStr (username))
- {
- safestrncpy(username, pd.pw_name, sizeof username);
- }
- }
- else {
- return (ERROR + NO_SUCH_USER);
- }
+ if ((retval = internal_create_user(username, &usbuf, uid)) != 0) {
+ return retval;
}
-#ifdef HAVE_LDAP
- if ((CtdlGetConfigInt("c_auth_mode") == AUTHMODE_LDAP) || (CtdlGetConfigInt("c_auth_mode") == AUTHMODE_LDAP_AD)) {
- if (CtdlTryUserLDAP(username, NULL, 0, username, sizeof username, &uid, 0) != 0) {
- return(ERROR + NO_SUCH_USER);
- }
- }
-#endif /* HAVE_LDAP */
-
- if ((retval = internal_create_user(username, &usbuf, uid)) != 0)
- return retval;
-
/*
* Give the user a private mailbox and a configuration room.
* Make the latter an invisible system room.
* creating a user, instead of doing self-service account creation
*/
- if (become_user) {
+ if (become_user == CREATE_USER_BECOME_USER) {
/* Now become the user we just created */
memcpy(&CC->user, &usbuf, sizeof(struct ctdluser));
safestrncpy(CC->curr_user, username, sizeof CC->curr_user);