From 2ab03a13b0cf3d124489d7f502493ea4b14a0d2c Mon Sep 17 00:00:00 2001 From: pam Date: Fri, 13 Apr 2001 13:27:04 +0000 Subject: [PATCH] Small fixes to configure and configure.in to detect SSL on FreeBSD Changes to rlm_ldap to check whenever request contains _both_ username and password --- src/modules/rlm_ldap/configure | 1003 +++++++++++++++++++++++++++++-------- src/modules/rlm_ldap/configure.in | 2 +- src/modules/rlm_ldap/rlm_ldap.c | 37 +- 3 files changed, 822 insertions(+), 220 deletions(-) diff --git a/src/modules/rlm_ldap/configure b/src/modules/rlm_ldap/configure index 1757e3d..26ee3e4 100755 --- a/src/modules/rlm_ldap/configure +++ b/src/modules/rlm_ldap/configure @@ -521,342 +521,928 @@ else fi -# From configure.in Revision: 1.2 +# From configure.in Revision: 1.4 +fail= +SMART_LIBS= +SMART_CLFAGS= if test x$with_rlm_ldap != xno; then - echo $ac_n "checking for pthread_create in -lpthread""... $ac_c" 1>&6 -echo "configure:531: checking for pthread_create in -lpthread" >&5 -ac_lib_var=`echo pthread'_'pthread_create | sed 'y%./+-%__p_%'` -if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - ac_save_LIBS="$LIBS" -LIBS="-lpthread $LIBS" -cat > conftest.$ac_ext <&6 +echo "configure:537: checking for lber.h" >&5 + +smart_include= +smart_include_dir= + old_CFLAGS="$CFLAGS" + cat > conftest.$ac_ext < int main() { -pthread_create() + int a = 1; ; return 0; } EOF -if { (eval echo configure:550: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:551: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=yes" + smart_include=" " else echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=no" + smart_include= fi rm -f conftest* -LIBS="$ac_save_LIBS" + if test "x$smart_include" = "x"; then + + +if test "x$LOCATE" != "x"; then + DIRS= + file=lber.h + + for x in `${LOCATE} $file 2>/dev/null`; do + base=`echo $x | sed "s%/${file}%%"` + if test "x$x" = "x$base"; then + continue; + fi + + dir=`${DIRNAME} $x 2>/dev/null` + exclude=`echo ${dir} | ${GREP} /home` + if test "x$exclude" != "x"; then + continue + fi + + already=`echo \$smart_include_dir ${DIRS} | ${GREP} ${dir}` + if test "x$already" = "x"; then + DIRS="$DIRS $dir" + fi + done fi -if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then - echo "$ac_t""yes" 1>&6 - ldap_libs="${ldap_ldflags} -lpthread" -else - echo "$ac_t""no" 1>&6 - fail=$fail" libpthread" - -fi + +eval "smart_include_dir=\"\$smart_include_dir $DIRS\"" - for headertofind in lber.h ldap.h; do - echo $ac_n "checking for ${headertofind}""... $ac_c" 1>&6 -echo "configure:575: checking for ${headertofind}" >&5 + for try in $smart_include_dir /usr/local/include/ /opt/include; do + CFLAGS="$old_CFLAGS -I$try" - # try no additional header first - cat > conftest.$ac_ext < conftest.$ac_ext < +#include int main() { - int a = 1; + int a = 1; ; return 0; } EOF -if { (eval echo configure:586: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:602: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* - LDAP_INCLUDE=" " + smart_include="-I$try" else echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -rf conftest* - LDAP_INCLUDE= - + smart_include= fi rm -f conftest* - if test x${LDAP_INCLUDE} != x; then - old_CFLAGS=${CFLAGS} - for try in /usr/local/include $ldap_include_dir; do - CFLAGS="${old_CFLAGS} -I$try" - cat > conftest.$ac_ext <&6 + eval "ac_cv_header_$ac_safe=yes" + CFLAGS="$old_CFLAGS $smart_include" + SMART_CFLAGS="$SMART_CFLAGS $smart_include" + else + echo "$ac_t""no" 1>&6 +fi + + + +ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` +echo $ac_n "checking for ldap.h""... $ac_c" 1>&6 +echo "configure:633: checking for ldap.h" >&5 + +smart_include= +smart_include_dir= + + old_CFLAGS="$CFLAGS" + cat > conftest.$ac_ext < +#include int main() { - int a = 1; + int a = 1; ; return 0; } EOF -if { (eval echo configure:610: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:647: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* - LDAP_INCLUDE="-I$try" + smart_include=" " else echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -rf conftest* - LDAP_INCLUDE= - + smart_include= fi rm -f conftest* - if test x${LDAP_INCLUDE} != x; then - break - fi - done - CFLAGS=${old_CFLAGS} - fi - if test x${LDAP_INCLUDE} = x; then - fail="$fail ${headertofind}" - headersuggestion="Use --with-ldap-include-dir= to specify header path." - echo "$ac_t""no" 1>&6 - else - echo "$ac_t""yes" 1>&6 - ldap_cflags="${ldap_cflags} ${LDAP_INCLUDE}" - fi - done + if test "x$smart_include" = "x"; then + - if test x$ldap_lib_dir != x; then - ldap_ldflags="${add_ldap_ldflag} ${ldap_ldflags}" - add_ldap_ldflag="-L${ldap_lib_dir}" - fi +if test "x$LOCATE" != "x"; then + DIRS= + file=ldap.h - echo $ac_n "checking for ldap_initialize in -lldap_r""... $ac_c" 1>&6 -echo "configure:644: checking for ldap_initialize in -lldap_r" >&5 -ac_lib_var=`echo ldap_r'_'ldap_initialize | sed 'y%./+-%__p_%'` -if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - ac_save_LIBS="$LIBS" -LIBS="-lldap_r ${add_ldap_ldflag} -lpthread $LIBS" -cat > conftest.$ac_ext </dev/null`; do + base=`echo $x | sed "s%/${file}%%"` + if test "x$x" = "x$base"; then + continue; + fi + + dir=`${DIRNAME} $x 2>/dev/null` + exclude=`echo ${dir} | ${GREP} /home` + if test "x$exclude" != "x"; then + continue + fi + + already=`echo \$smart_include_dir ${DIRS} | ${GREP} ${dir}` + if test "x$already" = "x"; then + DIRS="$DIRS $dir" + fi + done +fi +eval "smart_include_dir=\"\$smart_include_dir $DIRS\"" + + + for try in $smart_include_dir /usr/local/include/ /opt/include; do + CFLAGS="$old_CFLAGS -I$try" + + cat > conftest.$ac_ext < int main() { -ldap_initialize() + int a = 1; ; return 0; } EOF -if { (eval echo configure:663: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:698: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=yes" + smart_include="-I$try" else echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=no" + smart_include= fi rm -f conftest* -LIBS="$ac_save_LIBS" + if test "x$smart_include" != "x"; then + break; + fi + done + CFLAGS="$old_CFLAGS" + fi + + if test "x$smart_include" != "x"; then + echo "$ac_t""yes" 1>&6 + eval "ac_cv_header_$ac_safe=yes" + CFLAGS="$old_CFLAGS $smart_include" + SMART_CFLAGS="$SMART_CFLAGS $smart_include" + else + echo "$ac_t""no" 1>&6 fi -if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then - echo "$ac_t""yes" 1>&6 - ldap_ldflags="${ldap_ldflags} -lldap_r" + + + +echo $ac_n "checking for sasl_encode in -lsasl""... $ac_c" 1>&6 +echo "configure:728: checking for sasl_encode in -lsasl" >&5 + +smart_lib= +smart_lib_dir= + + old_LIBS="$LIBS" + LIBS="$LIBS -lsasl" + cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + smart_lib="-lsasl" else - echo "$ac_t""no" 1>&6 - - fail="$fail libldap_r" - libsuggestion="Use --with-ldap-lib-dir= to specify lib path." - + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 fi +rm -f conftest* + if test "x$smart_lib" = "x"; then + - echo $ac_n "checking for ber_init in -llber""... $ac_c" 1>&6 -echo "configure:689: checking for ber_init in -llber" >&5 -ac_lib_var=`echo lber'_'ber_init | sed 'y%./+-%__p_%'` -if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - ac_save_LIBS="$LIBS" -LIBS="-llber ${add_ldap_ldflag} $LIBS" -cat > conftest.$ac_ext </dev/null`; do + base=`echo $x | sed "s%/${file}%%"` + if test "x$x" = "x$base"; then + continue; + fi + + dir=`${DIRNAME} $x 2>/dev/null` + exclude=`echo ${dir} | ${GREP} /home` + if test "x$exclude" != "x"; then + continue + fi + + already=`echo \$smart_lib_dir ${DIRS} | ${GREP} ${dir}` + if test "x$already" = "x"; then + DIRS="$DIRS $dir" + fi + done +fi + +eval "smart_lib_dir=\"\$smart_lib_dir $DIRS\"" + + + +if test "x$LOCATE" != "x"; then + DIRS= + file=libsasl.a + + for x in `${LOCATE} $file 2>/dev/null`; do + base=`echo $x | sed "s%/${file}%%"` + if test "x$x" = "x$base"; then + continue; + fi + + dir=`${DIRNAME} $x 2>/dev/null` + exclude=`echo ${dir} | ${GREP} /home` + if test "x$exclude" != "x"; then + continue + fi + + already=`echo \$smart_lib_dir ${DIRS} | ${GREP} ${dir}` + if test "x$already" = "x"; then + DIRS="$DIRS $dir" + fi + done +fi + +eval "smart_lib_dir=\"\$smart_lib_dir $DIRS\"" + + + for try in $smart_lib_dir /usr/local/lib/ /opt/lib; do + LIBS="$old_LIBS -L$try -lsasl" + cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:819: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=yes" + smart_lib="-L$try -lsasl" else echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=no" fi rm -f conftest* -LIBS="$ac_save_LIBS" + if test "x$smart_lib" != "x"; then + break; + fi + done + LIBS="$old_LIBS" + fi + if test "x$smart_lib" != "x"; then + echo "$ac_t""yes" 1>&6 + eval "ac_cv_lib_sasl_sasl_encode=yes" + LIBS="$old_LIBS $smart_lib" + SMART_LIBS="$SMART_LIBS $smart_lib" + else + echo "$ac_t""no" 1>&6 fi -if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then - echo "$ac_t""yes" 1>&6 - ldap_ldflags="${ldap_ldflags} -llber" + + + +echo $ac_n "checking for DH_new in -lcrypto""... $ac_c" 1>&6 +echo "configure:846: checking for DH_new in -lcrypto" >&5 + +smart_lib= +smart_lib_dir= + + old_LIBS="$LIBS" + LIBS="$LIBS -lcrypto" + cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + smart_lib="-lcrypto" else - echo "$ac_t""no" 1>&6 - - fail="$fail liblber" - libsuggestion="Use --with-ldap-lib-dir= to specify lib path." - + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 fi +rm -f conftest* + if test "x$smart_lib" = "x"; then + - echo $ac_n "checking for sasl_encode in -lsasl""... $ac_c" 1>&6 -echo "configure:734: checking for sasl_encode in -lsasl" >&5 -ac_lib_var=`echo sasl'_'sasl_encode | sed 'y%./+-%__p_%'` -if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - ac_save_LIBS="$LIBS" -LIBS="-lsasl ${add_ldap_ldflag} $LIBS" -cat > conftest.$ac_ext </dev/null`; do + base=`echo $x | sed "s%/${file}%%"` + if test "x$x" = "x$base"; then + continue; + fi + + dir=`${DIRNAME} $x 2>/dev/null` + exclude=`echo ${dir} | ${GREP} /home` + if test "x$exclude" != "x"; then + continue + fi + + already=`echo \$smart_lib_dir ${DIRS} | ${GREP} ${dir}` + if test "x$already" = "x"; then + DIRS="$DIRS $dir" + fi + done +fi + +eval "smart_lib_dir=\"\$smart_lib_dir $DIRS\"" + + + +if test "x$LOCATE" != "x"; then + DIRS= + file=libcrypto.a + + for x in `${LOCATE} $file 2>/dev/null`; do + base=`echo $x | sed "s%/${file}%%"` + if test "x$x" = "x$base"; then + continue; + fi + + dir=`${DIRNAME} $x 2>/dev/null` + exclude=`echo ${dir} | ${GREP} /home` + if test "x$exclude" != "x"; then + continue + fi + + already=`echo \$smart_lib_dir ${DIRS} | ${GREP} ${dir}` + if test "x$already" = "x"; then + DIRS="$DIRS $dir" + fi + done +fi + +eval "smart_lib_dir=\"\$smart_lib_dir $DIRS\"" + + for try in $smart_lib_dir /usr/local/lib/ /opt/lib; do + LIBS="$old_LIBS -L$try -lcrypto" + + cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:937: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=yes" + smart_lib="-L$try -lcrypto" else echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=no" fi rm -f conftest* -LIBS="$ac_save_LIBS" + if test "x$smart_lib" != "x"; then + break; + fi + done + LIBS="$old_LIBS" + fi + if test "x$smart_lib" != "x"; then + echo "$ac_t""yes" 1>&6 + eval "ac_cv_lib_crypto_DH_new=yes" + LIBS="$old_LIBS $smart_lib" + SMART_LIBS="$SMART_LIBS $smart_lib" + else + echo "$ac_t""no" 1>&6 fi -if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then - echo "$ac_t""yes" 1>&6 - ldap_ldflags="${ldap_ldflags} -lsasl" + + + +echo $ac_n "checking for SSL_new in -lssl""... $ac_c" 1>&6 +echo "configure:964: checking for SSL_new in -lssl" >&5 + +smart_lib= +smart_lib_dir= + + old_LIBS="$LIBS" + LIBS="$LIBS -lssl" + cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + smart_lib="-lssl" else - echo "$ac_t""no" 1>&6 - + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 fi +rm -f conftest* + if test "x$smart_lib" = "x"; then + + +if test "x$LOCATE" != "x"; then + DIRS= + file=libssl.so + + for x in `${LOCATE} $file 2>/dev/null`; do + base=`echo $x | sed "s%/${file}%%"` + if test "x$x" = "x$base"; then + continue; + fi + + dir=`${DIRNAME} $x 2>/dev/null` + exclude=`echo ${dir} | ${GREP} /home` + if test "x$exclude" != "x"; then + continue + fi + + already=`echo \$smart_lib_dir ${DIRS} | ${GREP} ${dir}` + if test "x$already" = "x"; then + DIRS="$DIRS $dir" + fi + done +fi + +eval "smart_lib_dir=\"\$smart_lib_dir $DIRS\"" + + + +if test "x$LOCATE" != "x"; then + DIRS= + file=libssl.a + + for x in `${LOCATE} $file 2>/dev/null`; do + base=`echo $x | sed "s%/${file}%%"` + if test "x$x" = "x$base"; then + continue; + fi + + dir=`${DIRNAME} $x 2>/dev/null` + exclude=`echo ${dir} | ${GREP} /home` + if test "x$exclude" != "x"; then + continue + fi + + already=`echo \$smart_lib_dir ${DIRS} | ${GREP} ${dir}` + if test "x$already" = "x"; then + DIRS="$DIRS $dir" + fi + done +fi + +eval "smart_lib_dir=\"\$smart_lib_dir $DIRS\"" - echo $ac_n "checking for SSL_new in -lssl""... $ac_c" 1>&6 -echo "configure:776: checking for SSL_new in -lssl" >&5 -ac_lib_var=`echo ssl'_'SSL_new | sed 'y%./+-%__p_%'` -if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - ac_save_LIBS="$LIBS" -LIBS="-lssl ${add_ldap_ldflag} $LIBS" -cat > conftest.$ac_ext < conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:1055: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=yes" + smart_lib="-L$try -lssl" else echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=no" fi rm -f conftest* -LIBS="$ac_save_LIBS" + if test "x$smart_lib" != "x"; then + break; + fi + done + LIBS="$old_LIBS" + fi + if test "x$smart_lib" != "x"; then + echo "$ac_t""yes" 1>&6 + eval "ac_cv_lib_ssl_SSL_new=yes" + LIBS="$old_LIBS $smart_lib" + SMART_LIBS="$SMART_LIBS $smart_lib" + else + echo "$ac_t""no" 1>&6 fi -if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then - echo "$ac_t""yes" 1>&6 - ldap_ldflags="${ldap_ldflags} -lssl" + + + + +echo $ac_n "checking for ber_init in -llber""... $ac_c" 1>&6 +echo "configure:1083: checking for ber_init in -llber" >&5 + +smart_lib= +smart_lib_dir= + + old_LIBS="$LIBS" + LIBS="$LIBS -llber" + cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + smart_lib="-llber" else - echo "$ac_t""no" 1>&6 - - fail="$fail libssl" - libsuggestion="Use --with-ldap-lib-dir= to specify lib path." - + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 +fi +rm -f conftest* + + if test "x$smart_lib" = "x"; then + + +if test "x$LOCATE" != "x"; then + DIRS= + file=liblber.so + + for x in `${LOCATE} $file 2>/dev/null`; do + base=`echo $x | sed "s%/${file}%%"` + if test "x$x" = "x$base"; then + continue; + fi + + dir=`${DIRNAME} $x 2>/dev/null` + exclude=`echo ${dir} | ${GREP} /home` + if test "x$exclude" != "x"; then + continue + fi + + already=`echo \$smart_lib_dir ${DIRS} | ${GREP} ${dir}` + if test "x$already" = "x"; then + DIRS="$DIRS $dir" + fi + done +fi + +eval "smart_lib_dir=\"\$smart_lib_dir $DIRS\"" + + + +if test "x$LOCATE" != "x"; then + DIRS= + file=liblber.a + + for x in `${LOCATE} $file 2>/dev/null`; do + base=`echo $x | sed "s%/${file}%%"` + if test "x$x" = "x$base"; then + continue; + fi + + dir=`${DIRNAME} $x 2>/dev/null` + exclude=`echo ${dir} | ${GREP} /home` + if test "x$exclude" != "x"; then + continue + fi + + already=`echo \$smart_lib_dir ${DIRS} | ${GREP} ${dir}` + if test "x$already" = "x"; then + DIRS="$DIRS $dir" + fi + done fi +eval "smart_lib_dir=\"\$smart_lib_dir $DIRS\"" + - echo $ac_n "checking for DH_new in -lcrypto""... $ac_c" 1>&6 -echo "configure:821: checking for DH_new in -lcrypto" >&5 -ac_lib_var=`echo crypto'_'DH_new | sed 'y%./+-%__p_%'` -if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 + for try in $smart_lib_dir /usr/local/lib/ /opt/lib; do + LIBS="$old_LIBS -L$try -llber" + + cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + smart_lib="-L$try -llber" else - ac_save_LIBS="$LIBS" -LIBS="-lcrypto ${add_ldap_ldflag} $LIBS" -cat > conftest.$ac_ext <&5 + cat conftest.$ac_ext >&5 +fi +rm -f conftest* + if test "x$smart_lib" != "x"; then + break; + fi + done + LIBS="$old_LIBS" + fi + + if test "x$smart_lib" != "x"; then + echo "$ac_t""yes" 1>&6 + eval "ac_cv_lib_lber_ber_init=yes" + LIBS="$old_LIBS $smart_lib" + SMART_LIBS="$SMART_LIBS $smart_lib" + else + echo "$ac_t""no" 1>&6 +fi + + if test "x$ac_cv_lib_lber_ber_init" != "xyes"; then + fail="$fail liblber" + else + if test "x$ac_cv_header_pthread_h" = "xyes"; then + + +echo $ac_n "checking for ldap_initialize in -lldap_r""... $ac_c" 1>&6 +echo "configure:1205: checking for ldap_initialize in -lldap_r" >&5 + +smart_lib= +smart_lib_dir= + + old_LIBS="$LIBS" + LIBS="$LIBS -lldap_r" + cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + smart_lib="-lldap_r" +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 +fi +rm -f conftest* + if test "x$smart_lib" = "x"; then + + +if test "x$LOCATE" != "x"; then + DIRS= + file=libldap_r.so + + for x in `${LOCATE} $file 2>/dev/null`; do + base=`echo $x | sed "s%/${file}%%"` + if test "x$x" = "x$base"; then + continue; + fi + + dir=`${DIRNAME} $x 2>/dev/null` + exclude=`echo ${dir} | ${GREP} /home` + if test "x$exclude" != "x"; then + continue + fi + + already=`echo \$smart_lib_dir ${DIRS} | ${GREP} ${dir}` + if test "x$already" = "x"; then + DIRS="$DIRS $dir" + fi + done +fi + +eval "smart_lib_dir=\"\$smart_lib_dir $DIRS\"" + + + +if test "x$LOCATE" != "x"; then + DIRS= + file=libldap_r.a + + for x in `${LOCATE} $file 2>/dev/null`; do + base=`echo $x | sed "s%/${file}%%"` + if test "x$x" = "x$base"; then + continue; + fi + + dir=`${DIRNAME} $x 2>/dev/null` + exclude=`echo ${dir} | ${GREP} /home` + if test "x$exclude" != "x"; then + continue + fi + + already=`echo \$smart_lib_dir ${DIRS} | ${GREP} ${dir}` + if test "x$already" = "x"; then + DIRS="$DIRS $dir" + fi + done +fi + +eval "smart_lib_dir=\"\$smart_lib_dir $DIRS\"" + + + for try in $smart_lib_dir /usr/local/lib/ /opt/lib; do + LIBS="$old_LIBS -L$try -lldap_r" + + cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:1296: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=yes" + smart_lib="-L$try -lldap_r" else echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 +fi +rm -f conftest* + if test "x$smart_lib" != "x"; then + break; + fi + done + LIBS="$old_LIBS" + fi + + if test "x$smart_lib" != "x"; then + echo "$ac_t""yes" 1>&6 + eval "ac_cv_lib_ldap_r_ldap_initialize=yes" + LIBS="$old_LIBS $smart_lib" + SMART_LIBS="$SMART_LIBS $smart_lib" + else + echo "$ac_t""no" 1>&6 +fi + + if test "x$ac_cv_lib_ldap_r_ldap_initialize" != "xyes"; then + fail="$fail libldap_r" + fi + else + + +echo $ac_n "checking for ldap_initialize in -lldap""... $ac_c" 1>&6 +echo "configure:1327: checking for ldap_initialize in -lldap" >&5 + +smart_lib= +smart_lib_dir= + + old_LIBS="$LIBS" + LIBS="$LIBS -lldap" + cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=no" + smart_lib="-lldap" +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 fi rm -f conftest* -LIBS="$ac_save_LIBS" + if test "x$smart_lib" = "x"; then + + +if test "x$LOCATE" != "x"; then + DIRS= + file=libldap.so + + for x in `${LOCATE} $file 2>/dev/null`; do + base=`echo $x | sed "s%/${file}%%"` + if test "x$x" = "x$base"; then + continue; + fi + + dir=`${DIRNAME} $x 2>/dev/null` + exclude=`echo ${dir} | ${GREP} /home` + if test "x$exclude" != "x"; then + continue + fi + + already=`echo \$smart_lib_dir ${DIRS} | ${GREP} ${dir}` + if test "x$already" = "x"; then + DIRS="$DIRS $dir" + fi + done fi -if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then - echo "$ac_t""yes" 1>&6 - ldap_ldflags="${ldap_ldflags} -lcrypto" + +eval "smart_lib_dir=\"\$smart_lib_dir $DIRS\"" + + + +if test "x$LOCATE" != "x"; then + DIRS= + file=libldap.a + + for x in `${LOCATE} $file 2>/dev/null`; do + base=`echo $x | sed "s%/${file}%%"` + if test "x$x" = "x$base"; then + continue; + fi + + dir=`${DIRNAME} $x 2>/dev/null` + exclude=`echo ${dir} | ${GREP} /home` + if test "x$exclude" != "x"; then + continue + fi + + already=`echo \$smart_lib_dir ${DIRS} | ${GREP} ${dir}` + if test "x$already" = "x"; then + DIRS="$DIRS $dir" + fi + done +fi + +eval "smart_lib_dir=\"\$smart_lib_dir $DIRS\"" + + + for try in $smart_lib_dir /usr/local/lib/ /opt/lib; do + LIBS="$old_LIBS -L$try -lldap" + + cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + smart_lib="-L$try -lldap" else - echo "$ac_t""no" 1>&6 - + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 fi +rm -f conftest* + if test "x$smart_lib" != "x"; then + break; + fi + done + LIBS="$old_LIBS" + fi + if test "x$smart_lib" != "x"; then + echo "$ac_t""yes" 1>&6 + eval "ac_cv_lib_ldap_ldap_initialize=yes" + LIBS="$old_LIBS $smart_lib" + SMART_LIBS="$SMART_LIBS $smart_lib" + else + echo "$ac_t""no" 1>&6 +fi + + if test "x$ac_cv_lib_ldap_r_ldap_initialize" != "xyes"; then + fail="$fail libldap_r" + fi + fi + fi targetname=rlm_ldap else @@ -880,7 +1466,8 @@ if test x"$fail" != x""; then fi fi - +ldap_cflags=$SMART_CFLAGS +ldap_ldflags=$SMART_LIBS diff --git a/src/modules/rlm_ldap/configure.in b/src/modules/rlm_ldap/configure.in index 16aa217..f7e748c 100644 --- a/src/modules/rlm_ldap/configure.in +++ b/src/modules/rlm_ldap/configure.in @@ -10,8 +10,8 @@ if test x$with_[]modname != xno; then AC_SMART_CHECK_INCLUDE(lber.h) AC_SMART_CHECK_INCLUDE(ldap.h) AC_SMART_CHECK_LIB(sasl, sasl_encode) - AC_SMART_CHECK_LIB(ssl, SSL_new) AC_SMART_CHECK_LIB(crypto, DH_new) + AC_SMART_CHECK_LIB(ssl, SSL_new) AC_SMART_CHECK_LIB(lber, ber_init) if test "x$ac_cv_lib_lber_ber_init" != "xyes"; then diff --git a/src/modules/rlm_ldap/rlm_ldap.c b/src/modules/rlm_ldap/rlm_ldap.c index a5ee93c..d2add29 100644 --- a/src/modules/rlm_ldap/rlm_ldap.c +++ b/src/modules/rlm_ldap/rlm_ldap.c @@ -272,6 +272,10 @@ perform_search(void *instance, char *search_basedn, int scope, char *filter, cha if (!inst->bound) { DEBUG2("rlm_ldap: attempting LDAP reconnection"); + if (inst->ld){ + DEBUG2("rlm_ldap: closing existing LDAP connection"); + ldap_unbind_s(inst->ld); + } if ((inst->ld = ldap_connect(instance, inst->login, inst->password, 0, &res)) == NULL) { radlog(L_ERR, "rlm_ldap: (re)connection attempt failed"); return (RLM_MODULE_FAIL); @@ -281,9 +285,7 @@ perform_search(void *instance, char *search_basedn, int scope, char *filter, cha DEBUG2("rlm_ldap: performing search in %s, with filter %s", search_basedn, filter); msgid = ldap_search(inst->ld, search_basedn, scope, filter, attrs, 0); if (msgid == -1) { - radlog(L_ERR, "rlm_ldap: ldap_search() API failed\n"); - if(inst->ld) - ldap_unbind(inst->ld); + radlog(L_ERR, "rlm_ldap: ldap_search() failed\n"); inst->bound = 0; return (RLM_MODULE_FAIL); } @@ -293,8 +295,6 @@ perform_search(void *instance, char *search_basedn, int scope, char *filter, cha ldap_perror(inst->ld, "rlm_ldap: ldap_result()"); radlog(L_ERR, "rlm_ldap: ldap_result() failed - %s\n", strerror(errno)); ldap_msgfree(*result); - if(inst->ld) - ldap_unbind(inst->ld); inst->bound = 0; return (RLM_MODULE_FAIL); } @@ -309,8 +309,6 @@ perform_search(void *instance, char *search_basedn, int scope, char *filter, cha default: DEBUG("rlm_ldap: ldap_search() failed"); ldap_msgfree(*result); - if(inst->ld) - ldap_unbind(inst->ld); inst->bound = 0; return (RLM_MODULE_FAIL); } @@ -342,10 +340,15 @@ ldap_authorize(void *instance, REQUEST * request) VALUE_PAIR **check_pairs, **reply_pairs; char **vals; + DEBUG("rlm_ldap: - authorize"); + + if(!request->username){ + radlog(L_AUTH, "rlm_ldap: Attribute \"User-Name\" is required for authentication.\n"); + return RLM_MODULE_INVALID; + } + check_pairs = &request->config_items; reply_pairs = &request->reply->vps; - - DEBUG("rlm_ldap: - authorize"); name = request->username->strvalue; /* @@ -458,10 +461,22 @@ ldap_authenticate(void *instance, REQUEST * request) * Ensure that we're being passed a plain-text password, and not * anything else. */ - if (request->password->attribute != PW_PASSWORD) { - radlog(L_AUTH, "rlm_ldap: Attribute \"Password\" is required for authentication. Cannot use \"%s\".", request->password->name); + + if(!request->username){ + radlog(L_AUTH, "rlm_ldap: Attribute \"User-Name\" is required for authentication.\n"); + return RLM_MODULE_INVALID; + } + + if (!request->password){ + radlog(L_AUTH, "rlm_ldap: Attribute \"Password\" is required for authentication."); return RLM_MODULE_INVALID; } + + if(request->password->attribute != PW_PASSWORD) { + radlog(L_AUTH, "rlm_ldap: Attribute \"Password\" is required for authentication. Cannot use \"%s\".", request->password->name); + return RLM_MODULE_INVALID; + } + name = request->username->strvalue; passwd = request->password->strvalue; -- 2.1.4