Feature #1248 » lighttpd-ldap-deref.patch
| lighttpd-1.4.16_patched/src/mod_auth.c 2007-08-18 04:50:17.000000000 +0300 | ||
|---|---|---|
|
buffer_free(s->auth_ldap_bindpw);
|
||
|
buffer_free(s->auth_ldap_filter);
|
||
|
buffer_free(s->auth_ldap_cafile);
|
||
|
buffer_free(s->auth_ldap_deref_conf);
|
||
|
#ifdef USE_LDAP
|
||
|
|
||
|
buffer_free(s->ldap_filter_pre);
|
||
|
buffer_free(s->ldap_filter_post);
|
||
|
|
||
|
if (s->ldap) ldap_unbind_s(s->ldap);
|
||
|
#endif
|
||
| ... | ... | |
|
PATCH(auth_ldap_cafile);
|
||
|
PATCH(auth_ldap_starttls);
|
||
|
PATCH(auth_ldap_allow_empty_pw);
|
||
|
PATCH(auth_ldap_deref_conf);
|
||
|
|
||
|
#ifdef USE_LDAP
|
||
|
PATCH(ldap);
|
||
|
PATCH(ldap_filter_pre);
|
||
|
PATCH(ldap_filter_post);
|
||
|
PATCH(auth_ldap_deref);
|
||
|
#endif
|
||
|
/* skip the first, the global context */
|
||
| ... | ... | |
|
PATCH(auth_ldap_starttls);
|
||
|
} else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.ldap.allow-empty-pw"))) {
|
||
|
PATCH(auth_ldap_allow_empty_pw);
|
||
|
} else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.ldap.deref"))) {
|
||
|
PATCH(auth_ldap_deref_conf);
|
||
|
#ifdef USE_LDAP
|
||
|
PATCH(auth_ldap_deref);
|
||
|
#endif
|
||
|
}
|
||
|
}
|
||
|
}
|
||
| ... | ... | |
|
{ "auth.backend.ldap.bind-dn", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION },
|
||
|
{ "auth.backend.ldap.bind-pw", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 10 */
|
||
|
{ "auth.backend.ldap.allow-empty-pw", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION },
|
||
|
{ "auth.backend.ldap.deref", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION },
|
||
|
{ "auth.backend.htdigest.userfile", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION },
|
||
|
{ "auth.backend.htpasswd.userfile", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION },
|
||
|
{ "auth.debug", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 13 */
|
||
|
{ "auth.debug", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 15 */
|
||
|
{ NULL, NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET }
|
||
|
};
|
||
| ... | ... | |
|
s->auth_ldap_bindpw = buffer_init();
|
||
|
s->auth_ldap_filter = buffer_init();
|
||
|
s->auth_ldap_cafile = buffer_init();
|
||
|
s->auth_ldap_deref_conf = buffer_init();
|
||
|
s->auth_ldap_starttls = 0;
|
||
|
s->auth_debug = 0;
|
||
| ... | ... | |
|
s->ldap_filter_pre = buffer_init();
|
||
|
s->ldap_filter_post = buffer_init();
|
||
|
s->ldap = NULL;
|
||
|
s->auth_ldap_deref = 0;
|
||
|
#endif
|
||
|
cv[0].destination = s->auth_backend_conf;
|
||
| ... | ... | |
|
cv[9].destination = s->auth_ldap_binddn;
|
||
|
cv[10].destination = s->auth_ldap_bindpw;
|
||
|
cv[11].destination = &(s->auth_ldap_allow_empty_pw);
|
||
|
cv[12].destination = s->auth_htdigest_userfile;
|
||
|
cv[13].destination = s->auth_htpasswd_userfile;
|
||
|
cv[14].destination = &(s->auth_debug);
|
||
|
cv[12].destination = s->auth_ldap_deref_conf;
|
||
|
cv[13].destination = s->auth_htdigest_userfile;
|
||
|
cv[14].destination = s->auth_htpasswd_userfile;
|
||
|
cv[15].destination = &(s->auth_debug);
|
||
|
p->config_storage[i] = s;
|
||
|
ca = ((data_config *)srv->config_context->data[i])->value;
|
||
| ... | ... | |
|
return HANDLER_ERROR;
|
||
|
}
|
||
|
|
||
|
if (s->auth_ldap_deref_conf->used) {
|
||
|
if (0 == strcmp(s->auth_ldap_deref_conf->ptr, "always")) {
|
||
|
s->auth_ldap_deref = LDAP_DEREF_ALWAYS;
|
||
|
} else if (0 == strcmp(s->auth_ldap_deref_conf->ptr, "never")) {
|
||
|
s->auth_ldap_deref = LDAP_DEREF_NEVER;
|
||
|
} else if (0 == strcmp(s->auth_ldap_deref_conf->ptr, "search")) {
|
||
|
s->auth_ldap_deref = LDAP_DEREF_SEARCHING;
|
||
|
} else if (0 == strcmp(s->auth_ldap_deref_conf->ptr, "find")) {
|
||
|
s->auth_ldap_deref = LDAP_DEREF_FINDING;
|
||
|
} else {
|
||
|
log_error_write(srv, __FILE__, __LINE__, "s", "ldap: option auth.backend.ldap.deref has to be one of 'always', 'never', 'search' or 'find'.");
|
||
|
|
||
|
return HANDLER_ERROR;
|
||
|
}
|
||
|
}
|
||
|
ret = LDAP_VERSION3;
|
||
|
if (LDAP_OPT_SUCCESS != (ret = ldap_set_option(s->ldap, LDAP_OPT_PROTOCOL_VERSION, &ret))) {
|
||
|
-- lighttpd-1.4.16/src/http_auth.c 2007-06-15 19:22:30.000000000 +0300
|
||
|
++ lighttpd-1.4.16_patched/src/http_auth.c 2007-08-18 16:45:51.000000000 +0300
|
||
| ... | ... | |
|
/* 2. */
|
||
|
|
||
|
/* Set dereference option */
|
||
|
if (LDAP_OPT_SUCCESS != (ret = ldap_set_option(p->conf.ldap, LDAP_OPT_DEREF, &p->conf.auth_ldap_deref))) {
|
||
|
log_error_write(srv, __FILE__, __LINE__, "ss", "ldap:", ldap_err2string(ret));
|
||
|
if (p->conf.ldap != NULL)
|
||
|
ldap_unbind_s(p->conf.ldap);
|
||
|
return -1;
|
||
|
}
|
||
|
if (p->conf.ldap == NULL ||
|
||
|
LDAP_SUCCESS != (ret = ldap_search_s(p->conf.ldap, p->conf.auth_ldap_basedn->ptr, LDAP_SCOPE_SUBTREE, p->ldap_filter->ptr, attrs, 0, &lm))) {
|
||
|
if (auth_ldap_init(srv, &p->conf) != HANDLER_GO_ON)
|
||
|
-- lighttpd-1.4.16/src/http_auth.h 2007-01-14 11:40:02.000000000 +0200
|
||
|
++ lighttpd-1.4.16_patched/src/http_auth.h 2007-08-18 02:54:42.000000000 +0300
|
||
| ... | ... | |
|
buffer *auth_ldap_cafile;
|
||
|
unsigned short auth_ldap_starttls;
|
||
|
unsigned short auth_ldap_allow_empty_pw;
|
||
|
buffer *auth_ldap_deref_conf;
|
||
|
unsigned short auth_debug;
|
||
| ... | ... | |
|
buffer *ldap_filter_pre;
|
||
|
buffer *ldap_filter_post;
|
||
|
unsigned short auth_ldap_deref;
|
||
|
#endif
|
||
|
} mod_auth_plugin_config;
|
||
- « Previous
- 1
- 2
- 3
- 4
- Next »