ptloader setup
Igor Brezac
igor at ipass.net
Wed Dec 22 11:59:45 EST 2004
On Wed, 22 Dec 2004, Mike O'Rourke wrote:
>> Index: ldap.c
>> ===================================================================
>> RCS file: /cvs/src/cyrus/ptclient/ldap.c,v
>> retrieving revision 1.7
>> diff -u -r1.7 ldap.c
>> --- ldap.c 24 Jun 2004 19:28:39 -0000 1.7
>> +++ ldap.c 21 Dec 2004 15:38:49 -0000
>
> Thanks, Igor.
>
> Neither of these patches would apply (using "patch -p0 <
> ptclient_patch" on SuSE 9.1). They were both roundly rejected, so I
> applied them manually.
>
> The first would go as far as a successful (according to the ldap
> server) ldap bind (using the ldap_bind_dn) and there was no other
> activity on the ldap server. Here is the imapd.log for an attempted
> login:
>
> Dec 21 10:51:35 server12 master[20440]: about to exec
> /usr/cyrus/bin/imapd
> Dec 21 10:51:35 server12 imap[20440]: executed
> Dec 21 10:51:35 server12 imap[20440]: accepted connection
> Dec 21 10:51:35 server12 imap[20440]: ptload(): pinging ptloader
> Dec 21 10:51:35 server12 ptloader[20218]: accepted connection
> Dec 21 10:51:35 server12 imap[20440]: ptload(): bad response from
> ptloader server: identifier not found
> Dec 21 10:51:35 server12 imap[20440]: badlogin: server11.mydom.com
> [192.168.7.11] plaintext test1 at testdom.mydom.com invalid user
> Dec 21 10:52:36 server12 master[20215]: process 20440 exited, status 0
>
> The second patch would not even compile, complaining about some
> undeclared variables in the patched area (perhaps I did not apply the
> patch properly, although I did it three times and checked it each
> time):
>
> ldap.c: In function `ptsmodule_get_dn':
> ldap.c:835: error: `filter' undeclared (first use in this function)
> ldap.c:835: error: (Each undeclared identifier is reported only once
> ldap.c:835: error: for each function it appears in.)
> ldap.c:839: error: `base' undeclared (first use in this function)
> ldap.c:843: error: `attrs' undeclared (first use in this function)
> ldap.c:843: error: `res' undeclared (first use in this function)
> ldap.c:855: error: `entry' undeclared (first use in this function)
>
> Should the patch apply against ldap.c in the 2.2.10 distribution, or do
> I need to grab the CVS? Should I simply invest the time to learn, setup
> and use ldap_sasl?
My bad. The first patch is not good and the second patch is incomplete.
This patch is trivial; I am using a newer version of ldap.c than the one
in cvs and I thought that I could just fix the original code without
testing. Wrong... To make things worse, I pasted the patch in my email
client which probably corrupted the patch.
Ok, the attached patch should apply and compile without errors. Please
report what you find.
--
Igor
-------------- next part --------------
Index: ldap.c
===================================================================
RCS file: /cvs/src/cyrus/ptclient/ldap.c,v
retrieving revision 1.7
diff -u -r1.7 ldap.c
--- ldap.c 24 Jun 2004 19:28:39 -0000 1.7
+++ ldap.c 22 Dec 2004 16:35:02 -0000
@@ -783,14 +783,13 @@
LDAPControl c;
LDAPControl *ctrl[2];
char *authzid;
-#else
+#endif
char *base = NULL, *filter = NULL;
char *attrs[] = {NULL};
LDAPMessage *res;
LDAPMessage *entry;
char *attr, **vals;
BerElement *ber;
-#endif
*ret = NULL;
@@ -799,64 +798,66 @@
#if LDAP_VENDOR_VERSION >= 20125
- authzid = xmalloc(size + sizeof("u:"));
- if (authzid == NULL)
- return PTSM_NOMEM;
-
- strcpy(authzid, "u:");
- strcpy(authzid+2, canon_id);
- c.ldctl_oid = LDAP_CONTROL_PROXY_AUTHZ;
- c.ldctl_value.bv_val = authzid;
- c.ldctl_value.bv_len = size + 2;
- c.ldctl_iscritical = 1;
-
- ctrl[0] = &c;
- ctrl[1] = NULL;
- rc = ldap_whoami_s(ptsm->ld, &dn, ctrl, NULL);
- free(authzid);
- if ( rc != LDAP_SUCCESS || !dn ) {
- if (rc == LDAP_SERVER_DOWN) {
- ldap_unbind(ptsm->ld);
- ptsm->ld = NULL;
- return PTSM_RETRY;
+ if (ptsm->sasl) {
+ authzid = xmalloc(size + sizeof("u:"));
+ if (authzid == NULL)
+ return PTSM_NOMEM;
+
+ strcpy(authzid, "u:");
+ strcpy(authzid+2, canon_id);
+ c.ldctl_oid = LDAP_CONTROL_PROXY_AUTHZ;
+ c.ldctl_value.bv_val = authzid;
+ c.ldctl_value.bv_len = size + 2;
+ c.ldctl_iscritical = 1;
+
+ ctrl[0] = &c;
+ ctrl[1] = NULL;
+ rc = ldap_whoami_s(ptsm->ld, &dn, ctrl, NULL);
+ free(authzid);
+ if ( rc != LDAP_SUCCESS || !dn ) {
+ if (rc == LDAP_SERVER_DOWN) {
+ ldap_unbind(ptsm->ld);
+ ptsm->ld = NULL;
+ return PTSM_RETRY;
+ }
+ return PTSM_FAIL;
}
- return PTSM_FAIL;
- }
- if ( dn->bv_val &&
- !strncmp(dn->bv_val, "dn:", 3) )
- *ret = strdup(dn->bv_val+3);
- ber_bvfree(dn);
-
-#else
-
- rc = ptsmodule_expand_tokens(ptsm->filter, canon_id, NULL, &filter);
- if (rc != PTSM_OK)
- return rc;
-
- rc = ptsmodule_expand_tokens(ptsm->base, canon_id, NULL, &base);
- if (rc != PTSM_OK)
- return rc;
-
- rc = ldap_search_st(ptsm->ld, base, ptsm->scope, filter, attrs, 0, &(ptsm->timeout), &res);
- free(filter);
- free(base);
- if (rc != LDAP_SUCCESS) {
- if (rc == LDAP_SERVER_DOWN) {
- ldap_unbind(ptsm->ld);
- ptsm->ld = NULL;
- return PTSM_RETRY;
- }
- return PTSM_FAIL;
- }
+ if ( dn->bv_val &&
+ !strncmp(dn->bv_val, "dn:", 3) )
+ *ret = strdup(dn->bv_val+3);
+ ber_bvfree(dn);
+ } else
+
+#endif
- if ( (entry = ldap_first_entry(ptsm->ld, res)) != NULL )
- *ret = ldap_get_dn(ptsm->ld, entry);
+ {
+ rc = ptsmodule_expand_tokens(ptsm->filter, canon_id, NULL, &filter);
+ if (rc != PTSM_OK)
+ return rc;
+
+ rc = ptsmodule_expand_tokens(ptsm->base, canon_id, NULL, &base);
+ if (rc != PTSM_OK)
+ return rc;
+
+ rc = ldap_search_st(ptsm->ld, base, ptsm->scope, filter, attrs, 0, &(ptsm->timeout), &res);
+ free(filter);
+ free(base);
+ if (rc != LDAP_SUCCESS) {
+ if (rc == LDAP_SERVER_DOWN) {
+ ldap_unbind(ptsm->ld);
+ ptsm->ld = NULL;
+ return PTSM_RETRY;
+ }
+ return PTSM_FAIL;
+ }
- ldap_msgfree(res);
- res = NULL;
+ if ( (entry = ldap_first_entry(ptsm->ld, res)) != NULL )
+ *ret = ldap_get_dn(ptsm->ld, entry);
-#endif
+ ldap_msgfree(res);
+ res = NULL;
+ }
return (*ret ? PTSM_OK : PTSM_FAIL);
}
More information about the Info-cyrus
mailing list