nss-pam-ldapd commit: r1318 - nss-pam-ldapd/nslcd
[
Date Prev][
Date Next]
[
Thread Prev][
Thread Next]
nss-pam-ldapd commit: r1318 - nss-pam-ldapd/nslcd
- From: Commits of the nss-pam-ldapd project <nss-pam-ldapd-commits [at] lists.arthurdejong.org>
- To: nss-pam-ldapd-commits [at] lists.arthurdejong.org
- Reply-to: nss-pam-ldapd-users [at] lists.arthurdejong.org
- Subject: nss-pam-ldapd commit: r1318 - nss-pam-ldapd/nslcd
- Date: Fri, 3 Dec 2010 17:16:40 +0100 (CET)
Author: arthur
Date: Fri Dec 3 17:16:39 2010
New Revision: 1318
URL: http://arthurdejong.org/viewvc/nss-pam-ldapd?view=rev&revision=1318
Log:
in try_bind(), perform the search ourselves instead of using lookup_dn2uid() to
also be able to match administrator DNs (thanks to Thaddeus J. Kollar for
spotting this)
Modified:
nss-pam-ldapd/nslcd/pam.c
Modified: nss-pam-ldapd/nslcd/pam.c
==============================================================================
--- nss-pam-ldapd/nslcd/pam.c Fri Dec 3 17:03:16 2010 (r1317)
+++ nss-pam-ldapd/nslcd/pam.c Fri Dec 3 17:16:39 2010 (r1318)
@@ -47,7 +47,9 @@
static int try_bind(const char *userdn,const char *password)
{
MYLDAP_SESSION *session;
- char buffer[256];
+ MYLDAP_SEARCH *search;
+ MYLDAP_ENTRY *entry;
+ static const char *attrs[2];
int rc;
/* set up a new connection */
session=myldap_create_session();
@@ -56,8 +58,25 @@
/* set up credentials for the session */
myldap_set_credentials(session,userdn,password);
/* perform search for own object (just to do any kind of search) */
- if
((lookup_dn2uid(session,userdn,&rc,buffer,sizeof(buffer))==NULL)&&(rc==LDAP_SUCCESS))
- rc=LDAP_LOCAL_ERROR; /* fall back to any error in case function failed
with success */
+ attrs[0]="dn";
+ attrs[1]=NULL;
+
search=myldap_search(session,userdn,LDAP_SCOPE_BASE,"(objectClass=*)",attrs,&rc);
+ if ((search==NULL)||(rc!=LDAP_SUCCESS))
+ {
+ if (rc==LDAP_SUCCESS)
+ rc=LDAP_LOCAL_ERROR;
+ log_log(LOG_WARNING,"lookup of %s failed: %s",userdn,ldap_err2string(rc));
+ }
+ else
+ {
+ entry=myldap_get_entry(search,&rc);
+ if ((entry==NULL)||(rc!=LDAP_SUCCESS))
+ {
+ if (rc==LDAP_SUCCESS)
+ rc=LDAP_NO_RESULTS_RETURNED;
+ log_log(LOG_WARNING,"lookup of %s failed:
%s",userdn,ldap_err2string(rc));
+ }
+ }
/* close the session */
myldap_session_close(session);
/* return results */
--
To unsubscribe send an email to
nss-pam-ldapd-commits-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-commits
- nss-pam-ldapd commit: r1318 - nss-pam-ldapd/nslcd,
Commits of the nss-pam-ldapd project
