From 572e013dfa09ec04b047eb256b3139bca41037a4 Mon Sep 17 00:00:00 2001 From: Art Cancro Date: Wed, 8 Apr 2009 19:25:53 +0000 Subject: [PATCH] * Continued integrating ldap auth --- citadel/citadel_ldap.h | 2 +- citadel/ldap.c | 19 +++++++++++++++---- citadel/user_ops.c | 32 ++++++++++++++++++++++++++++++-- 3 files changed, 46 insertions(+), 7 deletions(-) diff --git a/citadel/citadel_ldap.h b/citadel/citadel_ldap.h index 0009c0093..e39b9e611 100644 --- a/citadel/citadel_ldap.h +++ b/citadel/citadel_ldap.h @@ -9,5 +9,5 @@ #define BIND_PW NULL /* put pw here for authenticated bind */ #define SEARCH_STRING "(&(objectclass=posixAccount)(uid=%s))" -int CtdlTryUserLDAP(char *username, char *found_dn, int found_dn_size, char *fullname, int fullname_size); +int CtdlTryUserLDAP(char *username, char *found_dn, int found_dn_size, char *fullname, int fullname_size, int *found_uid); int CtdlTryPasswordLDAP(char *user_dn, char *password); diff --git a/citadel/ldap.c b/citadel/ldap.c index 10eb31b51..4ece8527b 100644 --- a/citadel/ldap.c +++ b/citadel/ldap.c @@ -5,7 +5,6 @@ int ldap_version = 3; -#ifdef HAVE_LDAP #include "sysdep.h" #include @@ -54,11 +53,16 @@ int ldap_version = 3; #include "threads.h" #include "citadel_ldap.h" +#ifdef HAVE_LDAP + #define LDAP_DEPRECATED 1 /* Needed to suppress misleading warnings */ #include -int CtdlTryUserLDAP(char *username, char *found_dn, int found_dn_size, char *fullname, int fullname_size) +int CtdlTryUserLDAP(char *username, + char *found_dn, int found_dn_size, + char *fullname, int fullname_size, + int *uid) { LDAP *ldserver = NULL; int i; @@ -138,6 +142,9 @@ int CtdlTryUserLDAP(char *username, char *found_dn, int found_dn_size, char *ful if (values) { if (values[0]) { CtdlLogPrintf(CTDL_DEBUG, "uidNumber = %s\n", values[0]); + if (uid != NULL) { + *uid = atoi(values[0]); + } } ldap_value_free(values); } @@ -172,7 +179,7 @@ int CtdlTryUserLDAP(char *username, char *found_dn, int found_dn_size, char *ful int CtdlTryPasswordLDAP(char *user_dn, char *password) { LDAP *ldserver = NULL; - int i; + int i = (-1); ldserver = ldap_init(CTDL_LDAP_HOST, CTDL_LDAP_PORT); if (ldserver) { @@ -187,7 +194,11 @@ int CtdlTryPasswordLDAP(char *user_dn, char *password) ldap_unbind(ldserver); } - return((i == LDAP_SUCCESS) ? 0 : 1); + if (i == LDAP_SUCCESS) { + return(0); + } + + return(1); } diff --git a/citadel/user_ops.c b/citadel/user_ops.c index b574fbd02..099ca517f 100644 --- a/citadel/user_ops.c +++ b/citadel/user_ops.c @@ -544,8 +544,29 @@ int CtdlLoginExistingUser(char *authname, char *trythisname) #ifdef HAVE_LDAP else if (config.c_auth_mode == AUTHMODE_LDAP) { + + /* LDAP auth mode */ + + int ldap_uid; + char ldap_cn[256]; + char ldap_dn[256]; + + found_user = CtdlTryUserLDAP(username, ldap_dn, sizeof ldap_dn, ldap_cn, sizeof ldap_cn, &ldap_uid); + if (found_user != 0) { + return login_not_found; + } + + found_user = getuserbyuid(&CC->user, ldap_uid); + if (found_user != 0) { + create_user(ldap_cn, 0); + found_user = getuserbyuid(&CC->user, ldap_uid); + } + + if (found_user == 0) { + if (CC->ldap_dn != NULL) free(CC->ldap_dn); + CC->ldap_dn = strdup(ldap_dn); + } - /* LDAP auth mode FIXME_LDAP */ } #endif @@ -871,7 +892,14 @@ int CtdlTryPassword(char *password) #ifdef HAVE_LDAP else if (config.c_auth_mode == AUTHMODE_LDAP) { - /* LDAP auth mode FIXME_LDAP */ + /* LDAP auth mode */ + + if ((CC->ldap_dn) && (!CtdlTryPasswordLDAP(CC->ldap_dn, password))) { + code = 0; + } + else { + code = (-1); + } } #endif -- 2.30.2