mirror of
https://git.openldap.org/openldap/openldap.git
synced 2025-12-24 00:29:35 -05:00
Add sasl-host option and treat sasl-realm as global only
(ie: not backend specific).
This commit is contained in:
Kurt Zeilenga
parent
a484698daa
commit
a60438c1ce
4 changed files with 30 additions and 16 deletions
|
|
@ -400,9 +400,6 @@ backend_db_init(
|
|||
/* assign a default depth limit for alias deref */
|
||||
be->be_max_deref_depth = SLAPD_DEFAULT_MAXDEREFDEPTH;
|
||||
|
||||
be->be_realm = global_realm != NULL
|
||||
? ch_strdup( global_realm ) : NULL;
|
||||
|
||||
if(bi->bi_db_init) {
|
||||
rc = bi->bi_db_init( be );
|
||||
}
|
||||
|
|
|
|||
|
|
@ -32,6 +32,7 @@ slap_ssf_set_t global_ssf_set;
|
|||
char *replogfile;
|
||||
int global_lastmod = ON;
|
||||
int global_idletimeout = 0;
|
||||
char *global_host = NULL;
|
||||
char *global_realm = NULL;
|
||||
char *ldap_srvtab = "";
|
||||
char *default_passwd_hash;
|
||||
|
|
@ -225,6 +226,25 @@ read_config( const char *fname )
|
|||
default_passwd_hash = ch_strdup( cargv[1] );
|
||||
}
|
||||
|
||||
/* set SASL host */
|
||||
} else if ( strcasecmp( cargv[0], "sasl-host" ) == 0 ) {
|
||||
if ( cargc < 2 ) {
|
||||
Debug( LDAP_DEBUG_ANY,
|
||||
"%s: line %d: missing host in \"sasl-host <host>\" line\n",
|
||||
fname, lineno, 0 );
|
||||
return( 1 );
|
||||
}
|
||||
|
||||
if ( global_host != NULL ) {
|
||||
Debug( LDAP_DEBUG_ANY,
|
||||
"%s: line %d: already set sasl-host!\n",
|
||||
fname, lineno, 0 );
|
||||
return 1;
|
||||
|
||||
} else {
|
||||
global_host = ch_strdup( cargv[1] );
|
||||
}
|
||||
|
||||
/* set SASL realm */
|
||||
} else if ( strcasecmp( cargv[0], "sasl-realm" ) == 0 ) {
|
||||
if ( cargc < 2 ) {
|
||||
|
|
@ -233,12 +253,10 @@ read_config( const char *fname )
|
|||
fname, lineno, 0 );
|
||||
return( 1 );
|
||||
}
|
||||
if ( be != NULL ) {
|
||||
be->be_realm = ch_strdup( cargv[1] );
|
||||
|
||||
} else if ( global_realm != NULL ) {
|
||||
if ( global_realm != NULL ) {
|
||||
Debug( LDAP_DEBUG_ANY,
|
||||
"%s: line %d: already set global realm!\n",
|
||||
"%s: line %d: already set sasl-realm!\n",
|
||||
fname, lineno, 0 );
|
||||
return 1;
|
||||
|
||||
|
|
|
|||
|
|
@ -767,6 +767,7 @@ LDAP_SLAPD_F (slap_access_t) global_default_access;
|
|||
LDAP_SLAPD_F (int) global_lastmod;
|
||||
LDAP_SLAPD_F (int) global_idletimeout;
|
||||
LDAP_SLAPD_F (int) global_schemacheck;
|
||||
LDAP_SLAPD_F (char) *global_host;
|
||||
LDAP_SLAPD_F (char) *global_realm;
|
||||
LDAP_SLAPD_F (char) *default_passwd_hash;
|
||||
LDAP_SLAPD_F (int) lber_debug;
|
||||
|
|
|
|||
|
|
@ -25,7 +25,6 @@
|
|||
#include <lutil.h>
|
||||
#endif
|
||||
|
||||
static char *sasl_host = NULL;
|
||||
static sasl_security_properties_t sasl_secprops;
|
||||
|
||||
|
||||
|
|
@ -195,13 +194,8 @@ int slap_sasl_init( void )
|
|||
return -1;
|
||||
}
|
||||
|
||||
if( sasl_host == NULL ) {
|
||||
sasl_host = ldap_pvt_get_fqdn( NULL );
|
||||
}
|
||||
|
||||
Debug( LDAP_DEBUG_TRACE,
|
||||
"slap_sasl_init: %s initialized!\n",
|
||||
sasl_host, 0, 0 );
|
||||
Debug( LDAP_DEBUG_TRACE, "slap_sasl_init: initialized!\n",
|
||||
0, 0, 0 );
|
||||
|
||||
/* default security properties */
|
||||
memset( &sasl_secprops, '\0', sizeof(sasl_secprops) );
|
||||
|
|
@ -259,8 +253,12 @@ int slap_sasl_open( Connection *conn )
|
|||
session_callbacks[2].proc = NULL;
|
||||
session_callbacks[2].context = NULL;
|
||||
|
||||
if( global_host == NULL ) {
|
||||
global_host = ldap_pvt_get_fqdn( NULL );
|
||||
}
|
||||
|
||||
/* create new SASL context */
|
||||
sc = sasl_server_new( "ldap", sasl_host, global_realm,
|
||||
sc = sasl_server_new( "ldap", global_host, global_realm,
|
||||
session_callbacks, SASL_SECURITY_LAYER, &ctx );
|
||||
|
||||
if( sc != SASL_OK ) {
|
||||
|
|
|
|||
Loading…
Reference in a new issue