From: Art Cancro Date: Sun, 5 Nov 2017 23:02:22 +0000 (-0500) Subject: more moving towards ldap sync ... lots of refactoring X-Git-Tag: v939~501 X-Git-Url: https://code.citadel.org/?p=citadel.git;a=commitdiff_plain;h=1cf98031e3530393ec5fb753567bf496c6277ab3 more moving towards ldap sync ... lots of refactoring --- diff --git a/citadel/citadel_ldap.h b/citadel/citadel_ldap.h index a8e03292f..b1305b83c 100644 --- a/citadel/citadel_ldap.h +++ b/citadel/citadel_ldap.h @@ -12,7 +12,7 @@ * GNU General Public License for more details. */ -int CtdlTryUserLDAP(char *username, char *found_dn, int found_dn_size, char *fullname, int fullname_size, uid_t *found_uid, int lookup_based_on_uid); +int CtdlTryUserLDAP(char *username, char *found_dn, int found_dn_size, char *fullname, int fullname_size, uid_t *found_uid); int CtdlTryPasswordLDAP(char *user_dn, const char *password); int Ctdl_LDAP_to_vCard(char *ldap_dn, struct vCard *v); int extract_email_addresses_from_ldap(char *ldap_dn, char *emailaddrs); diff --git a/citadel/ldap.c b/citadel/ldap.c index 53e481679..dfa52cfc1 100644 --- a/citadel/ldap.c +++ b/citadel/ldap.c @@ -59,7 +59,6 @@ void derive_fullname_from_ldap_result(char *fullname, int fullname_size, LDAP *l ldap_value_free(values); } } - syslog(LOG_DEBUG, "\033[31mldap: display name: <%s> \033[0m", fullname); } @@ -90,13 +89,10 @@ uid_t derive_uid_from_ldap(LDAP *ldserver, LDAPMessage *entry) } } - syslog(LOG_DEBUG, "\033[31mldap: uid: <%d> \033[0m", uid); return(uid); } - - /* * Wrapper function for ldap_initialize() that consistently fills in the correct fields */ @@ -123,7 +119,7 @@ int ctdl_ldap_initialize(LDAP **ld) { int CtdlTryUserLDAP(char *username, char *found_dn, int found_dn_size, char *fullname, int fullname_size, - uid_t *uid, int lookup_based_on_username) + uid_t *uid) { LDAP *ldserver = NULL; int i; @@ -158,18 +154,11 @@ int CtdlTryUserLDAP(char *username, tv.tv_usec = 0; if (CtdlGetConfigInt("c_auth_mode") == AUTHMODE_LDAP_AD) { - if (lookup_based_on_username != 0) - snprintf(searchstring, sizeof(searchstring), "(displayName=%s)",username); - else - snprintf(searchstring, sizeof(searchstring), "(sAMAccountName=%s)", username); + snprintf(searchstring, sizeof(searchstring), "(sAMAccountName=%s)", username); } else { - if (lookup_based_on_username != 0) { - snprintf(searchstring, sizeof(searchstring), "(cn=%s)",username); - } - else { - snprintf(searchstring, sizeof(searchstring), "(&(objectclass=posixAccount)(uid=%s))", username); - } + snprintf(searchstring, sizeof(searchstring), "(&(objectclass=posixAccount)(cn=%s))", username); + // snprintf(searchstring, sizeof(searchstring), "(&(objectclass=posixAccount)(uid=%s))", username); } syslog(LOG_DEBUG, "ldap: search: %s", searchstring); @@ -208,12 +197,7 @@ int CtdlTryUserLDAP(char *username, } derive_fullname_from_ldap_result(fullname, fullname_size, ldserver, search_result); - - /* If we know the username is the CN/displayName, we already set the uid*/ - // FIXME old skool crap , fix this - if (lookup_based_on_username == 0) { - *uid = derive_uid_from_ldap(ldserver, search_result); - } + *uid = derive_uid_from_ldap(ldserver, search_result); } /* free the results */ @@ -538,13 +522,12 @@ int extract_email_addresses_from_ldap(char *ldap_dn, char *emailaddrs) entry = ldap_first_entry(ldserver, search_result); if (entry) { syslog(LOG_DEBUG, "ldap: search got user details"); - mail=ldap_get_values(ldserver, search_result, "mail"); + mail = ldap_get_values(ldserver, search_result, "mail"); if (mail) { int q; for (q=0; q 512) { syslog(LOG_ERR, "ldap: can't fit all email addresses into user record"); } diff --git a/citadel/modules/vcard/serv_vcard.c b/citadel/modules/vcard/serv_vcard.c index 25e584fbb..f3624bdc4 100644 --- a/citadel/modules/vcard/serv_vcard.c +++ b/citadel/modules/vcard/serv_vcard.c @@ -798,7 +798,11 @@ void vcard_newuser(struct ctdluser *usbuf) { int found_user; char ldap_cn[512]; char ldap_dn[512]; - found_user = CtdlTryUserLDAP(usbuf->fullname, ldap_dn, sizeof ldap_dn, ldap_cn, sizeof ldap_cn, &usbuf->uid, 1); + +syslog(LOG_DEBUG, "\033[31m FIXME BORK BORK BORK try lookup by uid , or maybe dn?\033[0m"); + + + found_user = CtdlTryUserLDAP(usbuf->fullname, ldap_dn, sizeof ldap_dn, ldap_cn, sizeof ldap_cn, &usbuf->uid); if (found_user == 0) { if (Ctdl_LDAP_to_vCard(ldap_dn, v)) { /* Allow global address book and internet directory update without login long enough to write this. */ diff --git a/citadel/user_ops.c b/citadel/user_ops.c index b69bb33b5..bfd2660b6 100644 --- a/citadel/user_ops.c +++ b/citadel/user_ops.c @@ -367,8 +367,7 @@ int is_room_aide(void) return (0); } - if ((CC->user.axlevel >= AxAideU) - || (CC->room.QRroomaide == CC->user.usernum)) { + if ((CC->user.axlevel >= AxAideU) || (CC->room.QRroomaide == CC->user.usernum)) { return (1); } else { return (0); @@ -568,14 +567,14 @@ int CtdlLoginExistingUser(char *authname, const char *trythisname) char ldap_cn[256]; char ldap_dn[256]; - found_user = CtdlTryUserLDAP(username, ldap_dn, sizeof ldap_dn, ldap_cn, sizeof ldap_cn, &ldap_uid, 0); + found_user = CtdlTryUserLDAP(username, ldap_dn, sizeof ldap_dn, ldap_cn, sizeof ldap_cn, &ldap_uid); if (found_user != 0) { return login_not_found; } found_user = getuserbyuid(&CC->user, ldap_uid); if (found_user != 0) { - create_user(username, CREATE_USER_DO_NOT_BECOME_USER, ldap_uid); + create_user(ldap_cn, CREATE_USER_DO_NOT_BECOME_USER, ldap_uid); found_user = getuserbyuid(&CC->user, ldap_uid); } @@ -1049,9 +1048,10 @@ int create_user(char *username, int become_user, uid_t uid) int retval; strproc(username); - if ((retval = internal_create_user(username, &usbuf, uid)) != 0) + if ((retval = internal_create_user(username, &usbuf, uid)) != 0) { return retval; - + } + /* * Give the user a private mailbox and a configuration room. * Make the latter an invisible system room. diff --git a/citadel/utils/setup.c b/citadel/utils/setup.c index ce99e8f02..e95b30167 100644 --- a/citadel/utils/setup.c +++ b/citadel/utils/setup.c @@ -1,7 +1,7 @@ /* * Citadel setup utility * - * Copyright (c) 1987-2016 by the citadel.org team + * Copyright (c) 1987-2017 by the citadel.org team * * This program is open source software; you can redistribute it and/or * modify it under the terms of the GNU General Public License version 3. @@ -1235,29 +1235,33 @@ int main(int argc, char *argv[]) /* * Create the administrator account. It's ok if the command fails if this user already exists. */ - progress(activity, 1, 5); - snprintf(buf, sizeof buf, "CREU %s|%s", admin_name, admin_pass); - serv_puts(buf); - progress(activity, 2, 5); - serv_gets(buf); + if (getconf_int("c_auth_mode") == AUTHMODE_NATIVE) { + progress(activity, 1, 5); + snprintf(buf, sizeof buf, "CREU %s|%s", admin_name, admin_pass); + serv_puts(buf); + progress(activity, 2, 5); + serv_gets(buf); + } progress(activity, 3, 5); /* * Assign the desired password and access level to the administrator account. */ - snprintf(buf, sizeof buf, "AGUP %s", admin_name); - serv_puts(buf); - progress(activity, 4, 5); - serv_gets(buf); - if (buf[0] == '2') { - int admin_flags = extract_int(&buf[4], 2); - int admin_times_called = extract_int(&buf[4], 3); - int admin_msgs_posted = extract_int(&buf[4], 4); - snprintf(buf, sizeof buf, "ASUP %s|%s|%d|%d|%d|6", - admin_name, admin_pass, admin_flags, admin_times_called, admin_msgs_posted - ); + if (getconf_int("c_auth_mode") == AUTHMODE_NATIVE) { + snprintf(buf, sizeof buf, "AGUP %s", admin_name); serv_puts(buf); + progress(activity, 4, 5); serv_gets(buf); + if (buf[0] == '2') { + int admin_flags = extract_int(&buf[4], 2); + int admin_times_called = extract_int(&buf[4], 3); + int admin_msgs_posted = extract_int(&buf[4], 4); + snprintf(buf, sizeof buf, "ASUP %s|%s|%d|%d|%d|6", + admin_name, admin_pass, admin_flags, admin_times_called, admin_msgs_posted + ); + serv_puts(buf); + serv_gets(buf); + } } progress(activity, 5, 5);