* Continued integrating ldap auth

diff --git a/citadel/citadel_ldap.h b/citadel/citadel_ldap.h
index 0009c0093fad5a794a0aac5295cb9b17418830c1..e39b9e611833dd7cfd6fe1ce3612e673f7f40c44 100644 (file)
--- a/citadel/citadel_ldap.h
+++ b/citadel/citadel_ldap.h
@@ -9,5 +9,5 @@
 #define BIND_PW                NULL                    /* put pw here for authenticated bind */
 #define SEARCH_STRING  "(&(objectclass=posixAccount)(uid=%s))"
 
-int CtdlTryUserLDAP(char *username, char *found_dn, int found_dn_size, char *fullname, int fullname_size);
+int CtdlTryUserLDAP(char *username, char *found_dn, int found_dn_size, char *fullname, int fullname_size, int *found_uid);
 int CtdlTryPasswordLDAP(char *user_dn, char *password);

diff --git a/citadel/ldap.c b/citadel/ldap.c
index 10eb31b51ce4c7f52e6ea8ad3b4e7a8f42ff548e..4ece8527b6e31876ddc1a16ee33a8811246c1d4e 100644 (file)
--- a/citadel/ldap.c
+++ b/citadel/ldap.c
@@ -5,7 +5,6 @@
 
 int ldap_version = 3;
 
-#ifdef HAVE_LDAP
 
 #include "sysdep.h"
 #include <errno.h>
@@ -54,11 +53,16 @@ int ldap_version = 3;
 #include "threads.h"
 #include "citadel_ldap.h"
 
+#ifdef HAVE_LDAP
+
 #define LDAP_DEPRECATED 1      /* Needed to suppress misleading warnings */
 
 #include <ldap.h>
 
-int CtdlTryUserLDAP(char *username, char *found_dn, int found_dn_size, char *fullname, int fullname_size)
+int CtdlTryUserLDAP(char *username,
+               char *found_dn, int found_dn_size,
+               char *fullname, int fullname_size,
+               int *uid)
 {
        LDAP *ldserver = NULL;
        int i;
@@ -138,6 +142,9 @@ int CtdlTryUserLDAP(char *username, char *found_dn, int found_dn_size, char *ful
                if (values) {
                        if (values[0]) {
                                CtdlLogPrintf(CTDL_DEBUG, "uidNumber = %s\n", values[0]);
+                               if (uid != NULL) {
+                                       *uid = atoi(values[0]);
+                               }
                        }
                        ldap_value_free(values);
                }
@@ -172,7 +179,7 @@ int CtdlTryUserLDAP(char *username, char *found_dn, int found_dn_size, char *ful
 int CtdlTryPasswordLDAP(char *user_dn, char *password)
 {
        LDAP *ldserver = NULL;
-       int i;
+       int i = (-1);
 
        ldserver = ldap_init(CTDL_LDAP_HOST, CTDL_LDAP_PORT);
        if (ldserver) {
@@ -187,7 +194,11 @@ int CtdlTryPasswordLDAP(char *user_dn, char *password)
                ldap_unbind(ldserver);
        }
 
-       return((i == LDAP_SUCCESS) ? 0 : 1);
+       if (i == LDAP_SUCCESS) {
+               return(0);
+       }
+
+       return(1);
 }
 
 

diff --git a/citadel/user_ops.c b/citadel/user_ops.c
index b574fbd02fde850c39447eb2a9c5211f814d7faf..099ca517ff90ada84ae5cd39de5d06d7acb0191d 100644 (file)
--- a/citadel/user_ops.c
+++ b/citadel/user_ops.c
@@ -544,8 +544,29 @@ int CtdlLoginExistingUser(char *authname, char *trythisname)
 
 #ifdef HAVE_LDAP
        else if (config.c_auth_mode == AUTHMODE_LDAP) {
+       
+               /* LDAP auth mode */
+
+               int ldap_uid;
+               char ldap_cn[256];
+               char ldap_dn[256];
+
+               found_user = CtdlTryUserLDAP(username, ldap_dn, sizeof ldap_dn, ldap_cn, sizeof ldap_cn, &ldap_uid);
+               if (found_user != 0) {
+                       return login_not_found;
+               }
+
+               found_user = getuserbyuid(&CC->user, ldap_uid);
+               if (found_user != 0) {
+                       create_user(ldap_cn, 0);
+                       found_user = getuserbyuid(&CC->user, ldap_uid);
+               }
+
+               if (found_user == 0) {
+                       if (CC->ldap_dn != NULL) free(CC->ldap_dn);
+                       CC->ldap_dn = strdup(ldap_dn);
+               }
 
-               /* LDAP auth mode FIXME_LDAP */
        }
 #endif
 
@@ -871,7 +892,14 @@ int CtdlTryPassword(char *password)
 #ifdef HAVE_LDAP
        else if (config.c_auth_mode == AUTHMODE_LDAP) {
 
-               /* LDAP auth mode FIXME_LDAP */
+               /* LDAP auth mode */
+
+               if ((CC->ldap_dn) && (!CtdlTryPasswordLDAP(CC->ldap_dn, password))) {
+                       code = 0;
+               }
+               else {
+                       code = (-1);
+               }
        }
 #endif