Author: yann@pleiades.fr.eu.org --- pkg.orig/src/http_auth.c +++ pkg/src/http_auth.c @@ -738,17 +738,17 @@ return -1; /* build filter */ - buffer_copy_string_buffer(p->ldap_filter, p->conf.ldap_filter_pre); + buffer_copy_string_buffer(p->ldap_filter, p->conf.ldap->ldap_filter_pre); buffer_append_string_buffer(p->ldap_filter, username); - buffer_append_string_buffer(p->ldap_filter, p->conf.ldap_filter_post); + buffer_append_string_buffer(p->ldap_filter, p->conf.ldap->ldap_filter_post); /* 2. */ - if (p->conf.ldap == NULL || - LDAP_SUCCESS != (ret = ldap_search_s(p->conf.ldap, p->conf.auth_ldap_basedn->ptr, LDAP_SCOPE_SUBTREE, p->ldap_filter->ptr, attrs, 0, &lm))) { + if (p->conf.ldap->ldap == NULL || + LDAP_SUCCESS != (ret = ldap_search_s(p->conf.ldap->ldap, p->conf.auth_ldap_basedn->ptr, LDAP_SCOPE_SUBTREE, p->ldap_filter->ptr, attrs, 0, &lm))) { if (auth_ldap_init(srv, &p->conf) != HANDLER_GO_ON) return -1; - if (LDAP_SUCCESS != (ret = ldap_search_s(p->conf.ldap, p->conf.auth_ldap_basedn->ptr, LDAP_SCOPE_SUBTREE, p->ldap_filter->ptr, attrs, 0, &lm))) { + if (LDAP_SUCCESS != (ret = ldap_search_s(p->conf.ldap->ldap, p->conf.auth_ldap_basedn->ptr, LDAP_SCOPE_SUBTREE, p->ldap_filter->ptr, attrs, 0, &lm))) { log_error_write(srv, __FILE__, __LINE__, "sssb", "ldap:", ldap_err2string(ret), "filter:", p->ldap_filter); @@ -757,7 +757,7 @@ } } - if (NULL == (first = ldap_first_entry(p->conf.ldap, lm))) { + if (NULL == (first = ldap_first_entry(p->conf.ldap->ldap, lm))) { log_error_write(srv, __FILE__, __LINE__, "s", "ldap ..."); ldap_msgfree(lm); @@ -765,7 +765,7 @@ return -1; } - if (NULL == (dn = ldap_get_dn(p->conf.ldap, first))) { + if (NULL == (dn = ldap_get_dn(p->conf.ldap->ldap, first))) { log_error_write(srv, __FILE__, __LINE__, "s", "ldap ..."); ldap_msgfree(lm); --- pkg.orig/src/http_auth.h +++ pkg/src/http_auth.h @@ -17,6 +17,15 @@ AUTH_BACKEND_HTDIGEST } auth_backend_t; +#ifdef USE_LDAP +typedef struct { + LDAP *ldap; + + buffer *ldap_filter_pre; + buffer *ldap_filter_post; +} ldap_plugin_config; +#endif + typedef struct { /* auth */ array *auth_require; @@ -44,13 +53,12 @@ auth_backend_t auth_backend; #ifdef USE_LDAP - LDAP *ldap; - - buffer *ldap_filter_pre; - buffer *ldap_filter_post; + ldap_plugin_config *ldap; #endif } mod_auth_plugin_config; + + typedef struct { PLUGIN_DATA; buffer *tmp_buf; --- pkg.orig/src/mod_auth.c +++ pkg/src/mod_auth.c @@ -77,10 +77,11 @@ buffer_free(s->auth_ldap_cafile); #ifdef USE_LDAP - buffer_free(s->ldap_filter_pre); - buffer_free(s->ldap_filter_post); + buffer_free(s->ldap->ldap_filter_pre); + buffer_free(s->ldap->ldap_filter_post); - if (s->ldap) ldap_unbind_s(s->ldap); + if (s->ldap->ldap) ldap_unbind_s(s->ldap->ldap); + free (s->ldap); #endif free(s); @@ -116,8 +117,6 @@ PATCH(auth_ldap_allow_empty_pw); #ifdef USE_LDAP PATCH(ldap); - PATCH(ldap_filter_pre); - PATCH(ldap_filter_post); #endif /* skip the first, the global context */ @@ -150,8 +149,6 @@ PATCH(auth_ldap_hostname); #ifdef USE_LDAP PATCH(ldap); - PATCH(ldap_filter_pre); - PATCH(ldap_filter_post); #endif } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.ldap.base-dn"))) { PATCH(auth_ldap_basedn); @@ -349,9 +346,10 @@ s->auth_require = array_init(); #ifdef USE_LDAP - s->ldap_filter_pre = buffer_init(); - s->ldap_filter_post = buffer_init(); - s->ldap = NULL; + s->ldap = malloc (sizeof(ldap_plugin_config)); + s->ldap->ldap_filter_pre = buffer_init(); + s->ldap->ldap_filter_post = buffer_init(); + s->ldap->ldap = NULL; #endif cv[0].destination = s->auth_backend_conf; @@ -539,19 +537,19 @@ return HANDLER_ERROR; } - buffer_copy_string_len(s->ldap_filter_pre, s->auth_ldap_filter->ptr, dollar - s->auth_ldap_filter->ptr); - buffer_copy_string(s->ldap_filter_post, dollar+1); + buffer_copy_string_len(s->ldap->ldap_filter_pre, s->auth_ldap_filter->ptr, dollar - s->auth_ldap_filter->ptr); + buffer_copy_string(s->ldap->ldap_filter_post, dollar+1); } if (s->auth_ldap_hostname->used) { - if (NULL == (s->ldap = ldap_init(s->auth_ldap_hostname->ptr, LDAP_PORT))) { + if (NULL == (s->ldap->ldap = ldap_init(s->auth_ldap_hostname->ptr, LDAP_PORT))) { log_error_write(srv, __FILE__, __LINE__, "ss", "ldap ...", strerror(errno)); return HANDLER_ERROR; } ret = LDAP_VERSION3; - if (LDAP_OPT_SUCCESS != (ret = ldap_set_option(s->ldap, LDAP_OPT_PROTOCOL_VERSION, &ret))) { + if (LDAP_OPT_SUCCESS != (ret = ldap_set_option(s->ldap->ldap, LDAP_OPT_PROTOCOL_VERSION, &ret))) { log_error_write(srv, __FILE__, __LINE__, "ss", "ldap:", ldap_err2string(ret)); return HANDLER_ERROR; @@ -570,7 +568,7 @@ } } - if (LDAP_OPT_SUCCESS != (ret = ldap_start_tls_s(s->ldap, NULL, NULL))) { + if (LDAP_OPT_SUCCESS != (ret = ldap_start_tls_s(s->ldap->ldap, NULL, NULL))) { log_error_write(srv, __FILE__, __LINE__, "ss", "ldap startTLS failed:", ldap_err2string(ret)); return HANDLER_ERROR; @@ -580,13 +578,13 @@ /* 1. */ if (s->auth_ldap_binddn->used) { - if (LDAP_SUCCESS != (ret = ldap_simple_bind_s(s->ldap, s->auth_ldap_binddn->ptr, s->auth_ldap_bindpw->ptr))) { + if (LDAP_SUCCESS != (ret = ldap_simple_bind_s(s->ldap->ldap, s->auth_ldap_binddn->ptr, s->auth_ldap_bindpw->ptr))) { log_error_write(srv, __FILE__, __LINE__, "ss", "ldap:", ldap_err2string(ret)); return HANDLER_ERROR; } } else { - if (LDAP_SUCCESS != (ret = ldap_simple_bind_s(s->ldap, NULL, NULL))) { + if (LDAP_SUCCESS != (ret = ldap_simple_bind_s(s->ldap->ldap, NULL, NULL))) { log_error_write(srv, __FILE__, __LINE__, "ss", "ldap:", ldap_err2string(ret)); return HANDLER_ERROR;