projects
/
freeradius.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Fix parameter passing issue. closes bug #105
[freeradius.git]
/
src
/
modules
/
rlm_ldap
/
rlm_ldap.c
diff --git
a/src/modules/rlm_ldap/rlm_ldap.c
b/src/modules/rlm_ldap/rlm_ldap.c
index
cb4343c
..
fabe118
100644
(file)
--- a/
src/modules/rlm_ldap/rlm_ldap.c
+++ b/
src/modules/rlm_ldap/rlm_ldap.c
@@
-391,6
+391,18
@@
static inline void ldap_release_conn(int i, ldap_instance *inst)
pthread_mutex_unlock(&(conns[i].mutex));
}
pthread_mutex_unlock(&(conns[i].mutex));
}
+#ifdef NOVELL
+static inline void ldap_release_apc_conn(int i, ldap_instance *inst)
+
+{
+ LDAP_CONN *conns = inst->apc_conns;
+
+ DEBUG(" [%s] ldap_release_conn: Release Id: %d", inst->xlat_name, i);
+ conns[i].locked = 0;
+ pthread_mutex_unlock(&(conns[i].mutex));
+}
+#endif
+
/*************************************************************************
*
* Function: rlm_ldap_instantiate
/*************************************************************************
*
* Function: rlm_ldap_instantiate
@@
-1640,7
+1652,7
@@
static int ldap_authorize(void *instance, REQUEST * request)
if ((vp_auth_opt = paircreate(auth_opt_attr, PW_TYPE_STRING)) == NULL){
radlog(L_ERR, " [%s] Could not allocate memory. Aborting.", inst->xlat_name);
ldap_msgfree(result);
if ((vp_auth_opt = paircreate(auth_opt_attr, PW_TYPE_STRING)) == NULL){
radlog(L_ERR, " [%s] Could not allocate memory. Aborting.", inst->xlat_name);
ldap_msgfree(result);
- ldap_release_conn(conn_id, inst
->conns
);
+ ldap_release_conn(conn_id, inst);
}
strcpy(vp_auth_opt->vp_strvalue, auth_option[0]);
vp_auth_opt->length = strlen(auth_option[0]);
}
strcpy(vp_auth_opt->vp_strvalue, auth_option[0]);
vp_auth_opt->length = strlen(auth_option[0]);
@@
-1707,7
+1719,9
@@
static int ldap_authorize(void *instance, REQUEST * request)
*/
if (debug_flag > 1) {
if (!pairfind(request->config_items, PW_CLEARTEXT_PASSWORD, 0) &&
*/
if (debug_flag > 1) {
if (!pairfind(request->config_items, PW_CLEARTEXT_PASSWORD, 0) &&
- !pairfind(request->config_items, PW_USER_PASSWORD, 0)) {
+ !pairfind(request->config_items, PW_USER_PASSWORD, 0) &&
+ !pairfind(request->config_items, PW_PASSWORD_WITH_HEADER, 0) &&
+ !pairfind(request->config_items, PW_CRYPT_PASSWORD, 0)) {
DEBUG("WARNING: No \"known good\" password was found in LDAP. Are you sure that the user is configured correctly?");
}
}
DEBUG("WARNING: No \"known good\" password was found in LDAP. Are you sure that the user is configured correctly?");
}
}
@@
-1869,7
+1883,7
@@
static int ldap_authenticate(void *instance, REQUEST * request)
LDAP_CONN *conn1;
int auth_state = -1;
char *challenge = NULL;
LDAP_CONN *conn1;
int auth_state = -1;
char *challenge = NULL;
-
int
challenge_len = MAX_CHALLENGE_LEN;
+
size_t
challenge_len = MAX_CHALLENGE_LEN;
char *state = NULL;
dattr = dict_attrbyname("eDir-APC");
char *state = NULL;
dattr = dict_attrbyname("eDir-APC");
@@
-2143,7
+2157,7
@@
static int ldap_postauth(void *instance, REQUEST * request)
}
vp_apc->vp_strvalue[0] = '3';
}
vp_apc->vp_strvalue[0] = '3';
- ldap_release_
conn(conn_id, inst->apc_conns
);
+ ldap_release_
apc_conn(conn_id, inst
);
return RLM_MODULE_REJECT;
}
conn->bound = 1;
return RLM_MODULE_REJECT;
}
conn->bound = 1;
@@
-2160,11
+2174,11
@@
static int ldap_postauth(void *instance, REQUEST * request)
ldap_memfree((void *)error_msg);
}
vp_apc->vp_strvalue[0] = '3';
ldap_memfree((void *)error_msg);
}
vp_apc->vp_strvalue[0] = '3';
- ldap_release_
conn(conn_id, inst->apc_conns
);
+ ldap_release_
apc_conn(conn_id, inst
);
return RLM_MODULE_REJECT;
}
vp_apc->vp_strvalue[0] = '3';
return RLM_MODULE_REJECT;
}
vp_apc->vp_strvalue[0] = '3';
- ldap_release_
conn(conn_id, inst->apc_conns
);
+ ldap_release_
apc_conn(conn_id, inst
);
return RLM_MODULE_OK;
}
}
return RLM_MODULE_OK;
}
}
@@
-2476,6
+2490,14
@@
static LDAP *ldap_connect(void *instance, const char *dn, const char *password,
}
break;
}
break;
+ case LDAP_CONSTRAINT_VIOLATION:
+ DEBUG("rlm_ldap: Bind failed with constraint violation");
+ *result = RLM_MODULE_REJECT;
+ if(err != NULL){
+ ldap_get_option(ld, LDAP_OPT_ERROR_STRING, err);
+ }
+ break;
+
default:
if (inst->is_url) {
radlog(L_ERR," [%s] %s bind to %s failed %s", inst->xlat_name,
default:
if (inst->is_url) {
radlog(L_ERR," [%s] %s bind to %s failed %s", inst->xlat_name,