lighttpd
/
lighttpd1.4
2
0
Fork 0
Code Issues Releases Wiki Activity

[mod_authn_ldap] replace use of deprecated funcs 

[mod_authn_ldap,mod_vhostdb_ldap]
replace use of deprecated funcs
remove -DLDAP_DEPRECATED
This commit is contained in:
Glenn Strauss 2017-11-05 18:50:25 -05:00
parent 5a5ce3dc75
commit fdc4c324c4
7 changed files with 78 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
SConstruct
View File

@ -531,7 +531,6 @@ if 1:
fail("Couldn't find lber")
autoconf.env.Append(
CPPFLAGS = [
'-DLDAP_DEPRECATED=1',
'-DHAVE_LDAP_H', '-DHAVE_LIBLDAP',
'-DHAVE_LBER_H', '-DHAVE_LIBLBER',
],

3
configure.ac
View File

@ -362,13 +362,12 @@ AC_ARG_WITH([ldap],
AC_MSG_RESULT([$WITH_LDAP])
if test "$WITH_LDAP" != no; then
AC_CHECK_LIB([ldap], [ldap_bind],
AC_CHECK_LIB([ldap], [ldap_sasl_bind_s],
[AC_CHECK_HEADERS([ldap.h],
[
LDAP_LIB=-lldap
AC_DEFINE([HAVE_LIBLDAP], [1], [libldap])
AC_DEFINE([HAVE_LDAP_H], [1])
AC_DEFINE([LDAP_DEPRECATED], [1], [Using deprecated ldap api])
],
[AC_MSG_ERROR([ldap headers not found, install them or build without --with-ldap])]
)],

1
src/CMakeLists.txt
View File

@ -451,7 +451,6 @@ if(WITH_LDAP)
check_library_exists(ldap ldap_bind "" HAVE_LIBLDAP)
check_include_files(lber.h HAVE_LBER_H)
check_library_exists(lber ber_printf "" HAVE_LIBLBER)
set(LDAP_DEPRECATED 1) # Using deprecated ldap api
else()
unset(HAVE_LDAP_H)
unset(HAVE_LIBLDAP)

1
src/config.h.cmake
View File

@ -64,7 +64,6 @@
#cmakedefine HAVE_LIBLDAP
#cmakedefine HAVE_LBER_H
#cmakedefine HAVE_LIBLBER
#cmakedefine LDAP_DEPRECATED 1
/* XML */
#cmakedefine HAVE_LIBXML_H

4
src/meson.build
View File

@ -297,11 +297,10 @@ libldap = []
liblber = []
if get_option('with_ldap')
libldap = [ compiler.find_library('ldap') ]
if not(compiler.has_function('ldap_bind',
if not(compiler.has_function('ldap_sasl_bind_s',
args: defs,
dependencies: libldap,
prefix: '''
#define LDAP_DEPRECATED 1
#include <ldap.h>
'''
))
@ -315,7 +314,6 @@ if get_option('with_ldap')
endif
conf_data.set('HAVE_LBER_H', true)
conf_data.set('HAVE_LIBLBER', true)
conf_data.set('LDAP_DEPRECATED', 1, comment: 'Using deprecated ldap api')
endif
libev = []

50
src/mod_authn_ldap.c
View File

@ -1,6 +1,5 @@
#include "first.h"
#define USE_LDAP
#include <ldap.h>
#include "server.h"
@ -83,6 +82,39 @@ FREE_FUNC(mod_authn_ldap_free) {
return HANDLER_GO_ON;
}
/*(copied from mod_vhostdb_ldap.c)*/
static void mod_authn_add_scheme (server *srv, buffer *host)
{
if (!buffer_string_is_empty(host)) {
/* reformat hostname(s) as LDAP URIs (scheme://host:port) */
static const char *schemes[] = {
"ldap://", "ldaps://", "ldapi://", "cldap://"
};
char *b, *e = host->ptr;
buffer_string_set_length(srv->tmp_buf, 0);
while (*(b = e)) {
unsigned int j;
while (*b==' '||*b=='\t'||*b=='\r'||*b=='\n'||*b==',') ++b;
if (*b == '\0') break;
e = b;
while (*e!=' '&&*e!='\t'&&*e!='\r'&&*e!='\n'&&*e!=','&&*e!='\0')
++e;
if (!buffer_string_is_empty(srv->tmp_buf))
buffer_append_string_len(srv->tmp_buf, CONST_STR_LEN(","));
for (j = 0; j < sizeof(schemes)/sizeof(char *); ++j) {
if (0 == strncasecmp(b, schemes[j], strlen(schemes[j]))) {
break;
}
}
if (j == sizeof(schemes)/sizeof(char *))
buffer_append_string_len(srv->tmp_buf,
CONST_STR_LEN("ldap://"));
buffer_append_string_len(srv->tmp_buf, b, (size_t)(e - b));
}
buffer_copy_buffer(host, srv->tmp_buf);
}
}
SETDEFAULTS_FUNC(mod_authn_ldap_set_defaults) {
plugin_data *p = p_d;
size_t i;
@ -144,6 +176,8 @@ config_values_t cv[] = {
}
}
}
mod_authn_add_scheme(srv, s->auth_ldap_hostname);
}
return HANDLER_GO_ON;
@ -354,10 +388,9 @@ static LDAP * mod_authn_ldap_host_init(server *srv, plugin_config *s) {
if (buffer_string_is_empty(s->auth_ldap_hostname)) return NULL;
ld = ldap_init(s->auth_ldap_hostname->ptr, LDAP_PORT);
if (NULL == ld) {
log_error_write(srv, __FILE__, __LINE__, "sss", "ldap:", "ldap_init():",
strerror(errno));
if (LDAP_SUCCESS != ldap_initialize(&ld, s->auth_ldap_hostname->ptr)) {
log_error_write(srv, __FILE__, __LINE__, "sss", "ldap:",
"ldap_initialize():", strerror(errno));
return NULL;
}
@ -396,7 +429,6 @@ static LDAP * mod_authn_ldap_host_init(server *srv, plugin_config *s) {
}
static int mod_authn_ldap_bind(server *srv, LDAP *ld, const char *dn, const char *pw) {
#if 0
struct berval creds;
int ret;
@ -414,12 +446,6 @@ static int mod_authn_ldap_bind(server *srv, LDAP *ld, const char *dn, const char
if (ret != LDAP_SUCCESS) {
mod_authn_ldap_err(srv, __FILE__, __LINE__, "ldap_sasl_bind_s()", ret);
}
#else
int ret = ldap_simple_bind_s(ld, dn, pw);
if (ret != LDAP_SUCCESS) {
mod_authn_ldap_err(srv, __FILE__, __LINE__, "ldap_simple_bind_s()",ret);
}
#endif
return ret;
}

49
src/mod_vhostdb_ldap.c
View File

@ -47,6 +47,39 @@ static void mod_vhostdb_dbconf_free (void *vdata)
free(dbconf);
}
/*(copied from mod_authn_ldap.c)*/
static void mod_vhostdb_dbconf_add_scheme (server *srv, buffer *host)
{
if (!buffer_string_is_empty(host)) {
/* reformat hostname(s) as LDAP URIs (scheme://host:port) */
static const char *schemes[] = {
"ldap://", "ldaps://", "ldapi://", "cldap://"
};
char *b, *e = host->ptr;
buffer_string_set_length(srv->tmp_buf, 0);
while (*(b = e)) {
unsigned int j;
while (*b==' '||*b=='\t'||*b=='\r'||*b=='\n'||*b==',') ++b;
if (*b == '\0') break;
e = b;
while (*e!=' '&&*e!='\t'&&*e!='\r'&&*e!='\n'&&*e!=','&&*e!='\0')
++e;
if (!buffer_string_is_empty(srv->tmp_buf))
buffer_append_string_len(srv->tmp_buf, CONST_STR_LEN(","));
for (j = 0; j < sizeof(schemes)/sizeof(char *); ++j) {
if (0 == strncasecmp(b, schemes[j], strlen(schemes[j]))) {
break;
}
}
if (j == sizeof(schemes)/sizeof(char *))
buffer_append_string_len(srv->tmp_buf,
CONST_STR_LEN("ldap://"));
buffer_append_string_len(srv->tmp_buf, b, (size_t)(e - b));
}
buffer_copy_buffer(host, srv->tmp_buf);
}
}
static int mod_vhostdb_dbconf_setup (server *srv, array *opts, void **vdata)
{
buffer *filter = NULL;
@ -62,6 +95,7 @@ static int mod_vhostdb_dbconf_setup (server *srv, array *opts, void **vdata)
} else if (buffer_is_equal_caseless_string(ds->key, CONST_STR_LEN("attr"))) {
if (!buffer_string_is_empty(ds->value)) attr = ds->value->ptr;
} else if (buffer_is_equal_caseless_string(ds->key, CONST_STR_LEN("host"))) {
mod_vhostdb_dbconf_add_scheme(srv, ds->value);
host = ds->value->ptr;
} else if (buffer_is_equal_caseless_string(ds->key, CONST_STR_LEN("base-dn"))) {
if (!buffer_string_is_empty(ds->value)) basedn = ds->value->ptr;
@ -206,10 +240,10 @@ static LDAP * mod_authn_ldap_host_init(server *srv, vhostdb_config *s) {
LDAP *ld;
int ret;
ld = ldap_init(s->host, LDAP_PORT);
if (NULL == ld) {
log_error_write(srv, __FILE__, __LINE__, "sss", "ldap:", "ldap_init():",
strerror(errno));
ret = ldap_initialize(&ld, s->host);
if (LDAP_SUCCESS != ret) {
log_error_write(srv, __FILE__, __LINE__, "sss", "ldap:",
"ldap_initialize():", strerror(errno));
return NULL;
}
@ -247,7 +281,6 @@ static LDAP * mod_authn_ldap_host_init(server *srv, vhostdb_config *s) {
}
static int mod_authn_ldap_bind(server *srv, LDAP *ld, const char *dn, const char *pw) {
#if 0
struct berval creds;
int ret;
@ -265,12 +298,6 @@ static int mod_authn_ldap_bind(server *srv, LDAP *ld, const char *dn, const char
if (ret != LDAP_SUCCESS) {
mod_authn_ldap_err(srv, __FILE__, __LINE__, "ldap_sasl_bind_s()", ret);
}
#else
int ret = ldap_simple_bind_s(ld, dn, pw);
if (ret != LDAP_SUCCESS) {
mod_authn_ldap_err(srv, __FILE__, __LINE__, "ldap_simple_bind_s()",ret);
}
#endif
return ret;
}