Use "uri" directive (instead of "server") to specify server. Add "bin

ddn" and "bindpw" directives for supporting group lookups.
2024-12-15 03:01:09 +08:00 · 2000-06-05 04:59:26 +00:00 · 2000-06-05 04:59:26 +00:00 · 3d599d1bd3
commit 3d599d1bd3
parent 96c61ea465
4 changed files with 56 additions and 14 deletions
--- a/servers/slapd/back-ldap/back-ldap.h
+++ b/servers/slapd/back-ldap/back-ldap.h
@ -40,9 +40,10 @@ struct ldapconn {
 };

 struct ldapinfo {
-	char *host;
-	int port;
+	char *url;
 	char *suffix;
+	char *binddn;
+	char *bindpw;
 	ldap_pvt_thread_mutex_t		conn_mutex;
 	struct ldapconn *lcs;
 };
--- a/servers/slapd/back-ldap/bind.c
+++ b/servers/slapd/back-ldap/bind.c
@ -74,8 +74,7 @@ ldap_back_getconn(struct ldapinfo *li, Connection *conn, Operation *op)

 	/* Looks like we didn't get a bind. Open a new session... */
 	if (!lc) {
-		ld = ldap_init(li->host, li->port);
-		if (!ld) {
+		if (ldap_initialize(&ld, li->url) != LDAP_SUCCESS) {
 			send_ldap_result( conn, op, LDAP_OTHER,
 				NULL, "ldap_init failed", NULL, NULL );
 			return( NULL );
--- a/servers/slapd/back-ldap/config.c
+++ b/servers/slapd/back-ldap/config.c
@ -42,7 +42,6 @@ ldap_back_db_config(
 )
 {
 	struct ldapinfo	*li = (struct ldapinfo *) be->be_private;
-	char *port;

 	if ( li == NULL ) {
 		fprintf( stderr, "%s: line %d: ldap backend info is null!\n",
@ -50,7 +49,7 @@ ldap_back_db_config(
 		return( 1 );
 	}

-	/* server address to query */
+	/* server address to query (depricated, use "uri" directive) */
 	if ( strcasecmp( argv[0], "server" ) == 0 ) {
 		if (argc != 2) {
 			fprintf( stderr,
@ -58,12 +57,47 @@ ldap_back_db_config(
 			    fname, lineno );
 			return( 1 );
 		}
-		port=strchr(argv[1],':');
-		if (port) {
-			*port++ = '\0';
-			li->port = atoi(port);
+		if (li->url != NULL)
+			ch_free(li->url);
+		li->url = ch_calloc(strlen(argv[1]) + 9, sizeof(char));
+		if (li->url != NULL) {
+			strcpy(li->url, "ldap://");
+			strcat(li->url, argv[1]);
+			strcat(li->url, "/");
 		}
-		li->host = ch_strdup(argv[1]);
+
+	/* URI of server to query (preferred over "server" directive) */
+	} else if ( strcasecmp( argv[0], "uri" ) == 0 ) {
+		if (argc != 2) {
+			fprintf( stderr,
+	"%s: line %d: missing address in \"uri <address>\" line\n",
+			    fname, lineno );
+			return( 1 );
+		}
+		if (li->url != NULL)
+			ch_free(li->url);
+		li->url = ch_strdup(argv[1]);
+
+	/* name to use for ldap_back_group */
+	} else if ( strcasecmp( argv[0], "binddn" ) == 0 ) {
+		if (argc != 2) {
+			fprintf( stderr,
+	"%s: line %d: missing name in \"binddn <name>\" line\n",
+			    fname, lineno );
+			return( 1 );
+		}
+		li->binddn = ch_strdup(argv[1]);
+
+	/* password to use for ldap_back_group */
+	} else if ( strcasecmp( argv[0], "bindpw" ) == 0 ) {
+		if (argc != 2) {
+			fprintf( stderr,
+	"%s: line %d: missing password in \"bindpw <password>\" line\n",
+			    fname, lineno );
+			return( 1 );
+		}
+		li->bindpw = ch_strdup(argv[1]);
+
 	/* anything else */
 	} else {
 		fprintf( stderr,
--- a/servers/slapd/back-ldap/init.c
+++ b/servers/slapd/back-ldap/init.c
@ -112,9 +112,17 @@ ldap_back_db_destroy(

 	if (be->be_private) {
 		li = (struct ldapinfo *)be->be_private;
-		if (li->host) {
-			free(li->host);
-			li->host = NULL;
+		if (li->url) {
+			free(li->url);
+			li->url = NULL;
+		}
+		if (li->binddn) {
+			free(li->binddn);
+			li->binddn = NULL;
+		}
+		if (li->bindpw) {
+			free(li->bindpw);
+			li->bindpw = NULL;
 		}
 		ldap_pvt_thread_mutex_destroy( &li->conn_mutex );
 	}