X-Git-Url: https://git.hcoop.net/hcoop/debian/courier-authlib.git/blobdiff_plain/8d138742ae268344f406cb75d79aa6bf853f9d87..b0322a8536f3cab76471c98122fe1df75bb7c387:/authldaplib.c diff --git a/authldaplib.c b/authldaplib.c index 26ba8ac..39b0245 100644 --- a/authldaplib.c +++ b/authldaplib.c @@ -21,8 +21,8 @@ * * You should have received a copy of the GNU General Public License * along with this program; see the file COPYING. If not, write to - * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, - * Boston, MA 02111-1307, USA. + * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor + * Boston, MA 02110-1301, USA. */ /* @@ -262,6 +262,7 @@ struct ldap_info gid_t gid; int timeout; int authbind; + int initbind; int deref; int protocol_version; int tls; @@ -469,6 +470,12 @@ static int authldap_read_config(struct ldap_info *ldap) if (p) sscanf(p,"%d",&ldap->authbind); + if (!read_env("LDAP_INITBIND", &p, "", 0, "1")) + return (0); + + if (p) + sscanf(p,"%d",&ldap->initbind); + if (!read_env("LDAP_BASEDN",&ldap->basedn, "You need to specify a basedn in config file",1,NULL)) return 0; @@ -999,40 +1006,44 @@ int ldrc; /* Set dereferencing mode */ if (ldaperror(ldrc = ldap_set_option(my_ldap_fp, LDAP_OPT_DEREF, (void *) & my_ldap.deref)) != LDAP_SUCCESS) - { + { const char *s=ldap_err2string(ldrc); err("ldap_set_option(DEREF) failed: %s", s); authldapclose(); ldapconnfailure(); return (-1); - } + } #endif - /* Bind to server */ - if (courier_authdebug_login_level >= 2) - { - DPRINTF("binding to LDAP server as DN '%s', password '%s'", - my_ldap.binddn ? my_ldap.binddn : "", - my_ldap.bindpw ? my_ldap.bindpw : ""); - } - else - { - DPRINTF("binding to LDAP server as DN '%s'", - my_ldap.binddn ? my_ldap.binddn : ""); - } - - if (ldaperror(ldrc = l_simple_bind_s(my_ldap_fp, - my_ldap.binddn, - my_ldap.bindpw)) != LDAP_SUCCESS) - { - const char *s=ldap_err2string(ldrc); - - err("ldap_simple_bind_s failed: %s", s); - authldapclose(); - ldapconnfailure(); - return (-1); - } + if(my_ldap.initbind) + { + /* Bind to server */ + if (courier_authdebug_login_level >= 2) + { + DPRINTF("binding to LDAP server as DN '%s', password '%s'", + my_ldap.binddn ? my_ldap.binddn : "", + my_ldap.bindpw ? my_ldap.bindpw : ""); + } + else + { + DPRINTF("binding to LDAP server as DN '%s'", + my_ldap.binddn ? my_ldap.binddn : ""); + } + + if (ldaperror(ldrc = l_simple_bind_s(my_ldap_fp, + my_ldap.binddn, + my_ldap.bindpw)) + != LDAP_SUCCESS) + { + const char *s=ldap_err2string(ldrc); + + err("ldap_simple_bind_s failed: %s", s); + authldapclose(); + ldapconnfailure(); + return (-1); + } + } return (0); } @@ -1136,7 +1147,7 @@ static int auth_ldap_do2(const char *service, char *v; const char *aname; - if (ldapopen()) return (1); + if (ldapopen()) return (-1); if (my_ldap.emailmap[0] == 0 || strchr(user, '@') == NULL) return (auth_ldap_do3(service, my_ldap.mail, @@ -1853,7 +1864,11 @@ void auth_ldap_enumerate( void(*cb_func)(const char *name, int i, j; int msgid; - if (ldapopen()) return; + if (ldapopen()) + { + (*cb_func)(NULL, 0, 0, NULL, NULL, NULL, void_arg); + return; + } read_env("LDAP_MAIL", &attributes[0], "", 0, "mail"); read_env("LDAP_UID", &attributes[1], "", 0, 0);