Author: yann@pleiades.fr.eu.org
--- pkg.orig/src/http_auth.c
+++ pkg/src/http_auth.c
@@ -738,17 +738,17 @@
return -1;
/* build filter */
- buffer_copy_string_buffer(p->ldap_filter, p->conf.ldap_filter_pre);
+ buffer_copy_string_buffer(p->ldap_filter, p->conf.ldap->ldap_filter_pre);
buffer_append_string_buffer(p->ldap_filter, username);
- buffer_append_string_buffer(p->ldap_filter, p->conf.ldap_filter_post);
+ buffer_append_string_buffer(p->ldap_filter, p->conf.ldap->ldap_filter_post);
/* 2. */
- if (p->conf.ldap == NULL ||
- LDAP_SUCCESS != (ret = ldap_search_s(p->conf.ldap, p->conf.auth_ldap_basedn->ptr, LDAP_SCOPE_SUBTREE, p->ldap_filter->ptr, attrs, 0, &lm))) {
+ if (p->conf.ldap->ldap == NULL ||
+ LDAP_SUCCESS != (ret = ldap_search_s(p->conf.ldap->ldap, p->conf.auth_ldap_basedn->ptr, LDAP_SCOPE_SUBTREE, p->ldap_filter->ptr, attrs, 0, &lm))) {
if (auth_ldap_init(srv, &p->conf) != HANDLER_GO_ON)
return -1;
- if (LDAP_SUCCESS != (ret = ldap_search_s(p->conf.ldap, p->conf.auth_ldap_basedn->ptr, LDAP_SCOPE_SUBTREE, p->ldap_filter->ptr, attrs, 0, &lm))) {
+ if (LDAP_SUCCESS != (ret = ldap_search_s(p->conf.ldap->ldap, p->conf.auth_ldap_basedn->ptr, LDAP_SCOPE_SUBTREE, p->ldap_filter->ptr, attrs, 0, &lm))) {
log_error_write(srv, __FILE__, __LINE__, "sssb",
"ldap:", ldap_err2string(ret), "filter:", p->ldap_filter);
@@ -757,7 +757,7 @@
}
}
- if (NULL == (first = ldap_first_entry(p->conf.ldap, lm))) {
+ if (NULL == (first = ldap_first_entry(p->conf.ldap->ldap, lm))) {
log_error_write(srv, __FILE__, __LINE__, "s", "ldap ...");
ldap_msgfree(lm);
@@ -765,7 +765,7 @@
return -1;
}
- if (NULL == (dn = ldap_get_dn(p->conf.ldap, first))) {
+ if (NULL == (dn = ldap_get_dn(p->conf.ldap->ldap, first))) {
log_error_write(srv, __FILE__, __LINE__, "s", "ldap ...");
ldap_msgfree(lm);
--- pkg.orig/src/http_auth.h
+++ pkg/src/http_auth.h
@@ -17,6 +17,15 @@
AUTH_BACKEND_HTDIGEST
} auth_backend_t;
+#ifdef USE_LDAP
+typedef struct {
+ LDAP *ldap;
+
+ buffer *ldap_filter_pre;
+ buffer *ldap_filter_post;
+} ldap_plugin_config;
+#endif
+
typedef struct {
/* auth */
array *auth_require;
@@ -44,13 +53,12 @@
auth_backend_t auth_backend;
#ifdef USE_LDAP
- LDAP *ldap;
-
- buffer *ldap_filter_pre;
- buffer *ldap_filter_post;
+ ldap_plugin_config *ldap;
#endif
} mod_auth_plugin_config;
+
+
typedef struct {
PLUGIN_DATA;
buffer *tmp_buf;
--- pkg.orig/src/mod_auth.c
+++ pkg/src/mod_auth.c
@@ -77,10 +77,11 @@
buffer_free(s->auth_ldap_cafile);
#ifdef USE_LDAP
- buffer_free(s->ldap_filter_pre);
- buffer_free(s->ldap_filter_post);
+ buffer_free(s->ldap->ldap_filter_pre);
+ buffer_free(s->ldap->ldap_filter_post);
- if (s->ldap) ldap_unbind_s(s->ldap);
+ if (s->ldap->ldap) ldap_unbind_s(s->ldap->ldap);
+ free (s->ldap);
#endif
free(s);
@@ -116,8 +117,6 @@
PATCH(auth_ldap_allow_empty_pw);
#ifdef USE_LDAP
PATCH(ldap);
- PATCH(ldap_filter_pre);
- PATCH(ldap_filter_post);
#endif
/* skip the first, the global context */
@@ -150,8 +149,6 @@
PATCH(auth_ldap_hostname);
#ifdef USE_LDAP
PATCH(ldap);
- PATCH(ldap_filter_pre);
- PATCH(ldap_filter_post);
#endif
} else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.ldap.base-dn"))) {
PATCH(auth_ldap_basedn);
@@ -349,9 +346,10 @@
s->auth_require = array_init();
#ifdef USE_LDAP
- s->ldap_filter_pre = buffer_init();
- s->ldap_filter_post = buffer_init();
- s->ldap = NULL;
+ s->ldap = malloc (sizeof(ldap_plugin_config));
+ s->ldap->ldap_filter_pre = buffer_init();
+ s->ldap->ldap_filter_post = buffer_init();
+ s->ldap->ldap = NULL;
#endif
cv[0].destination = s->auth_backend_conf;
@@ -539,19 +537,19 @@
return HANDLER_ERROR;
}
- buffer_copy_string_len(s->ldap_filter_pre, s->auth_ldap_filter->ptr, dollar - s->auth_ldap_filter->ptr);
- buffer_copy_string(s->ldap_filter_post, dollar+1);
+ buffer_copy_string_len(s->ldap->ldap_filter_pre, s->auth_ldap_filter->ptr, dollar - s->auth_ldap_filter->ptr);
+ buffer_copy_string(s->ldap->ldap_filter_post, dollar+1);
}
if (s->auth_ldap_hostname->used) {
- if (NULL == (s->ldap = ldap_init(s->auth_ldap_hostname->ptr, LDAP_PORT))) {
+ if (NULL == (s->ldap->ldap = ldap_init(s->auth_ldap_hostname->ptr, LDAP_PORT))) {
log_error_write(srv, __FILE__, __LINE__, "ss", "ldap ...", strerror(errno));
return HANDLER_ERROR;
}
ret = LDAP_VERSION3;
- if (LDAP_OPT_SUCCESS != (ret = ldap_set_option(s->ldap, LDAP_OPT_PROTOCOL_VERSION, &ret))) {
+ if (LDAP_OPT_SUCCESS != (ret = ldap_set_option(s->ldap->ldap, LDAP_OPT_PROTOCOL_VERSION, &ret))) {
log_error_write(srv, __FILE__, __LINE__, "ss", "ldap:", ldap_err2string(ret));
return HANDLER_ERROR;
@@ -570,7 +568,7 @@
}
}
- if (LDAP_OPT_SUCCESS != (ret = ldap_start_tls_s(s->ldap, NULL, NULL))) {
+ if (LDAP_OPT_SUCCESS != (ret = ldap_start_tls_s(s->ldap->ldap, NULL, NULL))) {
log_error_write(srv, __FILE__, __LINE__, "ss", "ldap startTLS failed:", ldap_err2string(ret));
return HANDLER_ERROR;
@@ -580,13 +578,13 @@
/* 1. */
if (s->auth_ldap_binddn->used) {
- if (LDAP_SUCCESS != (ret = ldap_simple_bind_s(s->ldap, s->auth_ldap_binddn->ptr, s->auth_ldap_bindpw->ptr))) {
+ if (LDAP_SUCCESS != (ret = ldap_simple_bind_s(s->ldap->ldap, s->auth_ldap_binddn->ptr, s->auth_ldap_bindpw->ptr))) {
log_error_write(srv, __FILE__, __LINE__, "ss", "ldap:", ldap_err2string(ret));
return HANDLER_ERROR;
}
} else {
- if (LDAP_SUCCESS != (ret = ldap_simple_bind_s(s->ldap, NULL, NULL))) {
+ if (LDAP_SUCCESS != (ret = ldap_simple_bind_s(s->ldap->ldap, NULL, NULL))) {
log_error_write(srv, __FILE__, __LINE__, "ss", "ldap:", ldap_err2string(ret));
return HANDLER_ERROR;
