lists.arthurdejong.org
RSS feed

nss-pam-ldapd commit: r1513 - in nss-pam-ldapd: . man nslcd

[Date Prev][Date Next] [Thread Prev][Thread Next]

nss-pam-ldapd commit: r1513 - in nss-pam-ldapd: . man nslcd



Author: arthur
Date: Wed Aug 24 20:51:55 2011
New Revision: 1513
URL: http://arthurdejong.org/viewvc/nss-pam-ldapd?view=rev&revision=1513

Log:
support querying DNS SRV records from a different domain than the current one 
(based on a patch by James M. Leddy)

Modified:
   nss-pam-ldapd/AUTHORS
   nss-pam-ldapd/man/nslcd.conf.5.xml
   nss-pam-ldapd/nslcd/cfg.c

Modified: nss-pam-ldapd/AUTHORS
==============================================================================
--- nss-pam-ldapd/AUTHORS       Tue Aug 23 22:03:12 2011        (r1512)
+++ nss-pam-ldapd/AUTHORS       Wed Aug 24 20:51:55 2011        (r1513)
@@ -109,3 +109,4 @@
 Slavko <linux@slavino.sk>
 Joe Hansen <joedalton2@yahoo.dk>
 Denis Doria <denisdoria@gmail.com>
+James M. Leddy <james.leddy@redhat.com>

Modified: nss-pam-ldapd/man/nslcd.conf.5.xml
==============================================================================
--- nss-pam-ldapd/man/nslcd.conf.5.xml  Tue Aug 23 22:03:12 2011        (r1512)
+++ nss-pam-ldapd/man/nslcd.conf.5.xml  Wed Aug 24 20:51:55 2011        (r1513)
@@ -127,9 +127,14 @@
        <acronym>LDAP</acronym> over <acronym>TCP</acronym>,
        <acronym>ICP</acronym> or <acronym>SSL</acronym> respectively (if
        supported by the <acronym>LDAP</acronym> library).
+      </para>
+      <para>
        Alternatively, the value <literal>DNS</literal> may be
        used to try to lookup the server using <acronym>DNS</acronym>
        <acronym>SRV</acronym> records.
+       By default the current domain is used but another domain can
+       be queried by using the
+       <literal>DNS:</literal><replaceable>DOMAIN</replaceable> syntax.
       </para>
       <para>
        When using the ldapi scheme, %2f should be used to escape slashes

Modified: nss-pam-ldapd/nslcd/cfg.c
==============================================================================
--- nss-pam-ldapd/nslcd/cfg.c   Tue Aug 23 22:03:12 2011        (r1512)
+++ nss-pam-ldapd/nslcd/cfg.c   Wed Aug 24 20:51:55 2011        (r1513)
@@ -184,13 +184,13 @@
 
 /* add URIs by doing DNS queries for SRV records */
 static void add_uris_from_dns(const char *filename,int lnr,
-                              struct ldap_config *cfg)
+                              struct ldap_config *cfg,
+                              const char *domain)
 {
   int rc;
-  const char *domain;
   char *hostlist=NULL,*nxt;
   char buf[HOST_NAME_MAX+sizeof("ldap://")];
-  domain=cfg_getdomainname(filename,lnr);
+  log_log(LOG_DEBUG,"query %s for SVN records",domain);
   rc=ldap_domain2hostlist(domain,&hostlist);
   /* FIXME: have better error handling */
   if ((hostlist==NULL)||(*hostlist=='\0'))
@@ -856,7 +856,16 @@
         if (strcasecmp(token,"dns")==0)
         {
 #ifdef HAVE_LDAP_DOMAIN2HOSTLIST
-          add_uris_from_dns(filename,lnr,cfg);
+          add_uris_from_dns(filename,lnr,cfg,cfg_getdomainname(filename,lnr));
+#else /* not HAVE_LDAP_DOMAIN2HOSTLIST */
+          log_log(LOG_ERR,"%s:%d: value %s not supported on 
platform",filename,lnr,token);
+          exit(EXIT_FAILURE);
+#endif /* not HAVE_LDAP_DOMAIN2HOSTLIST */
+        }
+        else if (strncasecmp(token,"dns:",4)==0)
+        {
+#ifdef HAVE_LDAP_DOMAIN2HOSTLIST
+          add_uris_from_dns(filename,lnr,cfg,strdup(token+sizeof("dns")));
 #else /* not HAVE_LDAP_DOMAIN2HOSTLIST */
           log_log(LOG_ERR,"%s:%d: value %s not supported on 
platform",filename,lnr,token);
           exit(EXIT_FAILURE);
-- 
To unsubscribe send an email to
nss-pam-ldapd-commits-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-commits