diff options
| author | Arthur de Jong <arthur@arthurdejong.org> | 2007-07-26 16:00:59 +0000 |
|---|---|---|
| committer | Arthur de Jong <arthur@arthurdejong.org> | 2007-07-26 16:00:59 +0000 |
| commit | 0f64fdb18864f3211844742029c5b94c5b6c48c2 (patch) | |
| tree | 4dae6f35148cfa061f314eca1b23a2231a6a18bc | |
| parent | e89ff82e87617f17091212a512f11666b931623a (diff) | |
get rid of default and override attribute value mappings and remove host and port configuration options
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@330 ef36b2f9-881f-0410-afb5-c4e39611909c
| -rw-r--r-- | nslcd/cfg.c | 94 | ||||
| -rw-r--r-- | nslcd/cfg.h | 21 | ||||
| -rw-r--r-- | nslcd/ldap-nss.c | 297 | ||||
| -rw-r--r-- | nslcd/ldap-nss.h | 45 | ||||
| -rw-r--r-- | nslcd/ldap-schema.c | 2 |
5 files changed, 33 insertions, 426 deletions
diff --git a/nslcd/cfg.c b/nslcd/cfg.c index 40eeed4..d26ab55 100644 --- a/nslcd/cfg.c +++ b/nslcd/cfg.c @@ -37,6 +37,7 @@ #include "util.h" #include "log.h" #include "ldap-schema.h" +#include "cfg.h" struct ldap_config *nslcd_cfg=NULL; @@ -55,12 +56,8 @@ struct ldap_config *nslcd_cfg=NULL; #define NSS_LDAP_KEY_MAP_ATTRIBUTE "nss_map_attribute" #define NSS_LDAP_KEY_MAP_OBJECTCLASS "nss_map_objectclass" -#define NSS_LDAP_KEY_SET_OVERRIDE "nss_override_attribute_value" -#define NSS_LDAP_KEY_SET_DEFAULT "nss_default_attribute_value" -#define NSS_LDAP_KEY_HOST "host" #define NSS_LDAP_KEY_SCOPE "scope" #define NSS_LDAP_KEY_BASE "base" -#define NSS_LDAP_KEY_PORT "port" #define NSS_LDAP_KEY_BINDDN "binddn" #define NSS_LDAP_KEY_BINDPW "bindpw" #define NSS_LDAP_KEY_USESASL "use_sasl" @@ -83,7 +80,6 @@ struct ldap_config *nslcd_cfg=NULL; #ifdef CONFIGURE_KRB5_CCNAME #define NSS_LDAP_KEY_KRB5_CCNAME "krb5_ccname" #endif /* CONFIGURE_KRB5_CCNAME */ -#define NSS_LDAP_KEY_LOGDIR "logdir" #define NSS_LDAP_KEY_DEBUG "debug" #define NSS_LDAP_KEY_PAGESIZE "pagesize" #define NSS_LDAP_KEY_INITGROUPS "nss_initgroups" @@ -153,7 +149,6 @@ static enum nss_status _nss_ldap_init_config(struct ldap_config *result) result->ldc_idle_timelimit = 0; result->ldc_reconnect_pol = LP_RECONNECT_HARD_OPEN; result->ldc_sasl_secprops = NULL; - result->ldc_logdir = NULL; result->ldc_debug = 0; result->ldc_pagesize = LDAP_PAGESIZE; #ifdef CONFIGURE_KRB5_CCNAME @@ -225,35 +220,6 @@ _nss_ldap_add_uri (struct ldap_config *result, const char *uri, } static enum nss_status -do_add_hosts (struct ldap_config *result, char *hosts, - char **buffer, size_t *buflen) -{ - /* Add a space separated list of hosts */ - char *p; - enum nss_status status = NSS_STATUS_SUCCESS; - - for (p = hosts; p != NULL; ) - { - char b[NSS_LDAP_CONFIG_BUFSIZ]; - char *q = strchr (p, ' '); - - if (q != NULL) - *q = '\0'; - - snprintf (b, sizeof(b), "ldap://%s", p); - - status = _nss_ldap_add_uri (result, b, buffer, buflen); - - p = (q != NULL) ? ++q : NULL; - - if (status != NSS_STATUS_SUCCESS) - break; - } - - return status; -} - -static enum nss_status do_add_uris (struct ldap_config *result, char *uris, char **buffer, size_t *buflen) { @@ -300,8 +266,6 @@ static enum ldap_map_selector _nss_ldap_str2selector(const char *key) sel = LM_RPC; else if (!strcasecmp (key, MP_ethers)) sel = LM_ETHERS; - else if (!strcasecmp (key, MP_netmasks)) - sel = LM_NETMASKS; else if (!strcasecmp (key, MP_aliases)) sel = LM_ALIASES; else if (!strcasecmp (key, MP_netgroup)) @@ -339,8 +303,6 @@ static enum nss_status _nss_ldap_map_put( config->ldc_shadow_type=LS_RFC2307_SHADOW; else if (strcasecmp (to,"pwdLastSet")==0) config->ldc_shadow_type=LS_AD_SHADOW; - else - config->ldc_shadow_type=LS_OTHER_SHADOW; } } assert(sel <= LM_NONE); @@ -348,18 +310,6 @@ static enum nss_status _nss_ldap_map_put( assert(map!=NULL); if (dict_put(map,from,to)) return NSS_STATUS_TRYAGAIN; - if (type==MAP_ATTRIBUTE) - { - map = config->ldc_maps[sel][MAP_ATTRIBUTE_REVERSE]; - if (dict_put(map,to,from)) - return NSS_STATUS_TRYAGAIN; - } - else if (type==MAP_OBJECTCLASS) - { - map = config->ldc_maps[sel][MAP_OBJECTCLASS_REVERSE]; - if (dict_put(map,to,from)) - return NSS_STATUS_TRYAGAIN; - } return NSS_STATUS_SUCCESS; } @@ -541,7 +491,6 @@ static enum nss_status _nss_ldap_readconfig(struct ldap_config ** presult, char char b[NSS_LDAP_CONFIG_BUFSIZ]; enum nss_status status = NSS_STATUS_SUCCESS; struct ldap_config *result; - struct stat statbuf; if (bytesleft (*buffer, *buflen, struct ldap_config *) < sizeof (struct ldap_config)) { @@ -564,11 +513,6 @@ static enum nss_status _nss_ldap_readconfig(struct ldap_config ** presult, char return NSS_STATUS_UNAVAIL; } - if (fstat(fileno (fp), &statbuf) == 0) - result->ldc_mtime = statbuf.st_mtime; - else - result->ldc_mtime = 0; - while (fgets (b, sizeof (b), fp) != NULL) { char *k, *v; @@ -619,12 +563,6 @@ static enum nss_status _nss_ldap_readconfig(struct ldap_config ** presult, char break; } - if (!strcasecmp (k, NSS_LDAP_KEY_HOST)) - { - status = do_add_hosts (result, v, buffer, buflen); - if (status != NSS_STATUS_SUCCESS) - break; - } else if (!strcasecmp (k, NSS_LDAP_KEY_URI)) { status = do_add_uris (result, v, buffer, buflen); @@ -705,10 +643,6 @@ static enum nss_status _nss_ldap_readconfig(struct ldap_config ** presult, char result->ldc_deref = LDAP_DEREF_ALWAYS; } } - else if (!strcasecmp (k, NSS_LDAP_KEY_PORT)) - { - result->ldc_port = atoi (v); - } else if (!strcasecmp (k, NSS_LDAP_KEY_SSL)) { if (!strcasecmp (v, "on") || !strcasecmp (v, "yes") @@ -785,10 +719,6 @@ static enum nss_status _nss_ldap_readconfig(struct ldap_config ** presult, char { t = &result->ldc_sasl_secprops; } - else if (!strcasecmp (k, NSS_LDAP_KEY_LOGDIR)) - { - t = &result->ldc_logdir; - } else if (!strcasecmp (k, NSS_LDAP_KEY_DEBUG)) { result->ldc_debug = atoi (v); @@ -850,16 +780,6 @@ static enum nss_status _nss_ldap_readconfig(struct ldap_config ** presult, char { do_parse_map_statement (result, v, MAP_OBJECTCLASS); } - else if (!strncasecmp (k, NSS_LDAP_KEY_SET_OVERRIDE, - strlen (NSS_LDAP_KEY_SET_OVERRIDE))) - { - do_parse_map_statement (result, v, MAP_OVERRIDE); - } - else if (!strncasecmp (k, NSS_LDAP_KEY_SET_DEFAULT, - strlen (NSS_LDAP_KEY_SET_DEFAULT))) - { - do_parse_map_statement (result, v, MAP_DEFAULT); - } else if (!strcasecmp (k, NSS_LDAP_KEY_INITGROUPS)) { if (!strcasecmp (v, "backlink")) @@ -981,18 +901,6 @@ static enum nss_status _nss_ldap_readconfig(struct ldap_config ** presult, char } } - if (result->ldc_port == 0) - { - if (result->ldc_ssl_on == SSL_LDAPS) - { - result->ldc_port = LDAPS_PORT; - } - else - { - result->ldc_port = LDAP_PORT; - } - } - if (result->ldc_uris[0] == NULL) { status = NSS_STATUS_NOTFOUND; diff --git a/nslcd/cfg.h b/nslcd/cfg.h index 95b4d09..7473464 100644 --- a/nslcd/cfg.h +++ b/nslcd/cfg.h @@ -47,12 +47,23 @@ enum ldap_reconnect_policy LP_RECONNECT_SOFT }; +enum ldap_userpassword_selector +{ + LU_RFC2307_USERPASSWORD, + LU_RFC3112_AUTHPASSWORD, + LU_OTHER_PASSWORD +}; + +enum ldap_shadow_selector +{ + LS_RFC2307_SHADOW, + LS_AD_SHADOW +}; + struct ldap_config { /* NULL terminated list of URIs */ char *ldc_uris[NSS_LDAP_CONFIG_URI_MAX + 1]; - /* default port, if not specified in URI */ - int ldc_port; /* base DN, eg. dc=gnu,dc=org */ char *ldc_base; /* scope for searches */ @@ -114,8 +125,6 @@ struct ldap_config int ldc_reconnect_maxconntries; /* sasl security */ char *ldc_sasl_secprops; - /* directory for debug files */ - char *ldc_logdir; /* LDAP debug level */ int ldc_debug; int ldc_pagesize; @@ -124,7 +133,7 @@ struct ldap_config char *ldc_krb5_ccname; #endif /* CONFIGURE_KRB5_CCNAME */ /* attribute/objectclass maps relative to this config */ - DICT *ldc_maps[LM_NONE + 1][6]; /* must match MAP_MAX */ + DICT *ldc_maps[LM_NONE + 1][MAP_MAX]; /* is userPassword "userPassword" or not? ie. do we need {crypt} to be stripped */ enum ldap_userpassword_selector ldc_password_type; /* Use active directory time offsets? */ @@ -132,8 +141,6 @@ struct ldap_config /* attribute table for ldap search requensts */ const char **ldc_attrtab[LM_NONE + 1]; unsigned int ldc_flags; - /* last modification time */ - time_t ldc_mtime; char **ldc_initgroups_ignoreusers; }; diff --git a/nslcd/ldap-nss.c b/nslcd/ldap-nss.c index 48ebec9..76dd9b8 100644 --- a/nslcd/ldap-nss.c +++ b/nslcd/ldap-nss.c @@ -80,6 +80,7 @@ #include "common.h" #include "log.h" #include "ldap-schema.h" +#include "cfg.h" #include "attmap.h" /* how many messages to retrieve results for */ @@ -115,18 +116,10 @@ static int __sigaction_retval = -1; static void (*__sigpipe_handler) (int) = SIG_DFL; #endif /* HAVE_SIGACTION */ -static const char *_nss_ldap_map_ov (const char *attribute); -static const char *_nss_ldap_map_df (const char *attribute); -static const char *_nss_ldap_locate_userpassword (char **vals); - /* * Global LDAP session. */ -static struct ldap_session __session = { NULL, 0, LS_UNINITIALIZED }; - -#ifdef LBER_OPT_LOG_PRINT_FILE -static FILE *__debugfile; -#endif /* LBER_OPT_LOG_PRINT_FILE */ +static struct ldap_session __session = { NULL, 0, LS_UNINITIALIZED, 0 }; #ifdef HAVE_LDAPSSL_CLIENT_INIT static int __ssl_initialized = 0; @@ -714,7 +707,7 @@ do_close (void) } static enum nss_status -do_init_session (LDAP ** ld, const char *uri, int defport) +do_init_session (LDAP ** ld, const char *uri) { int rc; int ldaps; @@ -731,14 +724,6 @@ do_init_session (LDAP ** ld, const char *uri, int defport) } #ifdef HAVE_LDAP_INITIALIZE - if (p == NULL && - ((ldaps && defport != LDAPS_PORT) || (!ldaps && defport != LDAP_PORT))) - { - /* No port specified in URI and non-default port specified */ - snprintf (uribuf, sizeof (uribuf), "%s:%d", uri, defport); - uri = uribuf; - } - rc = ldap_initialize (ld, uri); #else if (strncasecmp (uri, "ldap://", sizeof ("ldap://") - 1) != 0) @@ -841,21 +826,6 @@ do_init (void) #ifdef HAVE_LDAP_SET_OPTION if (nslcd_cfg->ldc_debug) { -#ifdef LBER_OPT_LOG_PRINT_FILE - if (nslcd_cfg->ldc_logdir && !__debugfile) - { - char namebuf[PATH_MAX]; - - snprintf (namebuf, sizeof (namebuf), "%s/ldap.%d", nslcd_cfg->ldc_logdir, - (int) getpid ()); - __debugfile = fopen (namebuf, "a"); - - if (__debugfile != NULL) - { - ber_set_option (NULL, LBER_OPT_LOG_PRINT_FILE, __debugfile); - } - } -#endif /* LBER_OPT_LOG_PRINT_FILE */ #ifdef LBER_OPT_DEBUG_LEVEL if (nslcd_cfg->ldc_debug) { @@ -889,8 +859,7 @@ do_init (void) assert (nslcd_cfg->ldc_uris[__session.ls_current_uri] != NULL); stat = do_init_session (&__session.ls_conn, - nslcd_cfg->ldc_uris[__session.ls_current_uri], - nslcd_cfg->ldc_port); + nslcd_cfg->ldc_uris[__session.ls_current_uri]); if (stat != NSS_STATUS_SUCCESS) { log_log(LOG_DEBUG,"<== do_init (failed to initialize LDAP session)"); @@ -1464,7 +1433,6 @@ _nss_ldap_ent_context_release (struct ent_context * ctx) */ static enum nss_status do_aggregate_filter (const char **values, - enum ldap_args_types type, const char *filterprot, char *bufptr, size_t buflen) { const char **valueP; @@ -1472,7 +1440,7 @@ do_aggregate_filter (const char **values, assert (buflen > sizeof ("(|)")); bufptr[0] = '('; - bufptr[1] = (type == LA_TYPE_STRING_LIST_AND) ? '&' : '|'; + bufptr[1] = '|'; bufptr += 2; buflen -= 2; @@ -1525,7 +1493,7 @@ do_filter (const struct ldap_args *args, const char *filterprot, *dynamicUserBuf = NULL; - if (args != NULL && args->la_type != LA_TYPE_NONE) + if (args != NULL) { /* choose what to use for temporary storage */ @@ -1577,11 +1545,9 @@ do_filter (const struct ldap_args *args, const char *filterprot, args->la_arg1.la_number, buf1); break; case LA_TYPE_STRING_LIST_OR: - case LA_TYPE_STRING_LIST_AND: do { stat = do_aggregate_filter (args->la_arg1.la_string_list, - args->la_type, filterprot, filterBufP, filterSiz); if (stat == NSS_STATUS_TRYAGAIN) { @@ -2795,27 +2761,6 @@ _nss_ldap_assign_attrval (LDAPMessage * e, { char **vals; int vallen; - const char *ovr, *def; - - ovr = _nss_ldap_map_ov(attr); - if (ovr != NULL) - { - vallen = strlen (ovr); - if (*buflen < (size_t) (vallen + 1)) - { - return NSS_STATUS_TRYAGAIN; - } - - *valptr = *buffer; - - strncpy (*valptr, ovr, vallen); - (*valptr)[vallen] = '\0'; - - *buffer += vallen + 1; - *buflen -= vallen + 1; - - return NSS_STATUS_SUCCESS; - } if (__session.ls_conn == NULL) { @@ -2825,29 +2770,7 @@ _nss_ldap_assign_attrval (LDAPMessage * e, vals=ldap_get_values(__session.ls_conn,e,attr); if (vals == NULL) { - def = _nss_ldap_map_df(attr); - if (def != NULL) - { - vallen = strlen (def); - if (*buflen < (size_t) (vallen + 1)) - { - return NSS_STATUS_TRYAGAIN; - } - - *valptr = *buffer; - - strncpy (*valptr, def, vallen); - (*valptr)[vallen] = '\0'; - - *buffer += vallen + 1; - *buflen -= vallen + 1; - - return NSS_STATUS_SUCCESS; - } - else - { - return NSS_STATUS_NOTFOUND; - } + return NSS_STATUS_NOTFOUND; } vallen = strlen (*vals); @@ -2870,8 +2793,7 @@ _nss_ldap_assign_attrval (LDAPMessage * e, return NSS_STATUS_SUCCESS; } -const char * -_nss_ldap_locate_userpassword (char **vals) +static const char *_nss_ldap_locate_userpassword (char **vals) { const char *token = NULL; size_t token_length = 0; @@ -3019,26 +2941,6 @@ _nss_ldap_map_oc (enum ldap_map_selector sel, const char *objectclass) return (stat == NSS_STATUS_SUCCESS) ? mapped : objectclass; } -const char * -_nss_ldap_map_ov (const char *attribute) -{ - const char *value = NULL; - - _nss_ldap_map_get (LM_NONE, MAP_OVERRIDE, attribute, &value); - - return value; -} - -const char * -_nss_ldap_map_df (const char *attribute) -{ - const char *value = NULL; - - _nss_ldap_map_get (LM_NONE, MAP_DEFAULT, attribute, &value); - - return value; -} - static enum nss_status _nss_ldap_map_get (enum ldap_map_selector sel, enum ldap_map_type type, @@ -3073,186 +2975,3 @@ struct ldap_proxy_bind_args char *binddn; const char *bindpw; }; - -#if LDAP_SET_REBIND_PROC_ARGS < 3 -static struct ldap_proxy_bind_args __proxy_args = { NULL, NULL }; -#endif - -#if defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000) -#if LDAP_SET_REBIND_PROC_ARGS == 3 -static int -do_proxy_rebind (LDAP * ld, LDAP_CONST char *url, ber_tag_t request, - ber_int_t msgid, void *arg) -#else -static int -do_proxy_rebind (LDAP * ld, LDAP_CONST char *url, int request, - ber_int_t msgid) -#endif -{ - int timelimit; -#if LDAP_SET_REBIND_PROC_ARGS == 3 - struct ldap_proxy_bind_args *who = (struct ldap_proxy_bind_args *) arg; -#else - struct ldap_proxy_bind_args *who = &__proxy_args; -#endif - - timelimit = nslcd_cfg->ldc_bind_timelimit; - - return do_bind (ld, timelimit, who->binddn, who->bindpw, 0); -} -#else -#if LDAP_SET_REBIND_PROC_ARGS == 3 -static int -do_proxy_rebind (LDAP * ld, char **whop, char **credp, int *methodp, - int freeit, void *arg) -#elif LDAP_SET_REBIND_PROC_ARGS == 2 -static int -do_proxy_rebind (LDAP * ld, char **whop, char **credp, int *methodp, - int freeit) -#endif -{ -#if LDAP_SET_REBIND_PROC_ARGS == 3 - struct ldap_proxy_bind_args *who = (struct ldap_proxy_bind_args *) arg; -#else - struct ldap_proxy_bind_args *who = &__proxy_args; -#endif - if (freeit) - { - if (*whop != NULL) - free (*whop); - if (*credp != NULL) - free (*credp); - } - - *whop = who->binddn ? strdup (who->binddn) : NULL; - *credp = who->bindpw ? strdup (who->bindpw) : NULL; - - *methodp = LDAP_AUTH_SIMPLE; - - return LDAP_SUCCESS; -} -#endif - -static enum nss_status -_nss_ldap_proxy_bind (const char *user, const char *password) -{ - struct ldap_args args; - LDAPMessage *res, *e; - enum nss_status stat; - int rc; -#if LDAP_SET_REBIND_PROC_ARGS == 3 - struct ldap_proxy_bind_args proxy_args_buf; - struct ldap_proxy_bind_args *proxy_args = &proxy_args_buf; -#else - struct ldap_proxy_bind_args *proxy_args = &__proxy_args; -#endif - - log_log(LOG_DEBUG,"==> _nss_ldap_proxy_bind"); - - LA_INIT (args); - LA_TYPE (args) = LA_TYPE_STRING; - LA_STRING (args) = user; - - /* - * Binding with an empty password will always work, so don't let - * the user in if they try that. - */ - if (password == NULL || password[0] == '\0') - { - log_log(LOG_DEBUG,"<== _nss_ldap_proxy_bind (empty password not permitted)"); - /* XXX overload */ - return NSS_STATUS_TRYAGAIN; - } - - _nss_ldap_enter (); - - stat = _nss_ldap_search_s (&args, _nss_ldap_filt_getpwnam, - LM_PASSWD, NULL, 1, &res); - if (stat == NSS_STATUS_SUCCESS) - { - e = _nss_ldap_first_entry (res); - if (e != NULL) - { - proxy_args->binddn = _nss_ldap_get_dn (e); - proxy_args->bindpw = password; - - if (proxy_args->binddn != NULL) - { - /* Use our special rebind procedure. */ -#if LDAP_SET_REBIND_PROC_ARGS == 3 - ldap_set_rebind_proc (__session.ls_conn, do_proxy_rebind, NULL); -#elif LDAP_SET_REBIND_PROC_ARGS == 2 - ldap_set_rebind_proc (__session.ls_conn, do_proxy_rebind); -#endif - - log_log(LOG_DEBUG,":== _nss_ldap_proxy_bind: %s", proxy_args->binddn); - - rc = do_bind (__session.ls_conn, - nslcd_cfg->ldc_bind_timelimit, - proxy_args->binddn, proxy_args->bindpw, 0); - switch (rc) - { - case LDAP_INVALID_CREDENTIALS: - /* XXX overload */ - stat = NSS_STATUS_TRYAGAIN; - break; - case LDAP_NO_SUCH_OBJECT: - stat = NSS_STATUS_NOTFOUND; - break; - case LDAP_SUCCESS: - stat = NSS_STATUS_SUCCESS; - break; - default: - stat = NSS_STATUS_UNAVAIL; - break; - } - /* - * Close the connection, don't want to continue - * being bound as this user or using this rebind proc. - */ - do_close (); - ldap_memfree (proxy_args->binddn); - } - else - { - stat = NSS_STATUS_NOTFOUND; - } - proxy_args->binddn = NULL; - proxy_args->bindpw = NULL; - } - else - { - stat = NSS_STATUS_NOTFOUND; - } - ldap_msgfree (res); - } - - _nss_ldap_leave (); - - log_log(LOG_DEBUG,"<== _nss_ldap_proxy_bind"); - - return stat; -} - -static const char ** -_nss_ldap_get_attributes (enum ldap_map_selector sel) -{ - const char **attrs = NULL; - - log_log(LOG_DEBUG,"==> _nss_ldap_get_attributes"); - - if (sel < LM_NONE) - { - if (do_init () != NSS_STATUS_SUCCESS) - { - log_log(LOG_DEBUG,"<== _nss_ldap_get_attributes (init failed)"); - return NULL; - } - - attrs = nslcd_cfg->ldc_attrtab[sel]; - } - - log_log(LOG_DEBUG,"<== _nss_ldap_get_attributes"); - - return attrs; -} diff --git a/nslcd/ldap-nss.h b/nslcd/ldap-nss.h index 5a86eb5..28c9c59 100644 --- a/nslcd/ldap-nss.h +++ b/nslcd/ldap-nss.h @@ -52,10 +52,6 @@ #define LDAP_FILT_MAXSIZ 1024 #endif /* not LDAP_FILT_MAXSIZ */ -#ifndef LDAPS_PORT -#define LDAPS_PORT 636 -#endif /* not LDAPS_PORT */ - #ifdef __GNUC__ #define alignof(ptr) __alignof__(ptr) #elif defined(HAVE_ALIGNOF_H) @@ -88,27 +84,11 @@ enum ldap_map_selector LM_PROTOCOLS, LM_RPC, LM_ETHERS, - LM_NETMASKS, - LM_BOOTPARAMS, LM_ALIASES, LM_NETGROUP, LM_NONE }; -enum ldap_userpassword_selector -{ - LU_RFC2307_USERPASSWORD, - LU_RFC3112_AUTHPASSWORD, - LU_OTHER_PASSWORD -}; - -enum ldap_shadow_selector -{ - LS_RFC2307_SHADOW, - LS_AD_SHADOW, - LS_OTHER_SHADOW -}; - /* * POSIX profile information (not used yet) * see draft-joslin-config-schema-00.txt @@ -125,13 +105,6 @@ struct ldap_service_search_descriptor struct ldap_service_search_descriptor *lsd_next; }; -#include "cfg.h" - -#if defined(__GLIBC__) && __GLIBC_MINOR__ > 1 -#else -#define ss_family sa_family -#endif /* __GLIBC__ */ - enum ldap_session_state { LS_UNINITIALIZED = -1, @@ -162,20 +135,14 @@ enum ldap_args_types LA_TYPE_STRING_AND_STRING, LA_TYPE_NUMBER_AND_STRING, LA_TYPE_TRIPLE, - LA_TYPE_STRING_LIST_OR, - LA_TYPE_STRING_LIST_AND, - LA_TYPE_NONE + LA_TYPE_STRING_LIST_OR }; enum ldap_map_type { MAP_ATTRIBUTE = 0, MAP_OBJECTCLASS, - MAP_OVERRIDE, - MAP_DEFAULT, - MAP_ATTRIBUTE_REVERSE, - MAP_OBJECTCLASS_REVERSE, /* XXX not used yet? */ - MAP_MAX = MAP_OBJECTCLASS_REVERSE + MAP_MAX = MAP_OBJECTCLASS }; struct ldap_args @@ -225,7 +192,7 @@ struct ldap_args * or per-subsystem/per-thread, depending on the OS). State is the state * of a particular lookup, and is only concerned with resolving and enumerating * services. State is represented as instances of struct ldap_state; context as - * instances of struct ent_context. The latter contains the former. + * instances of struct ent_context. The context contains the state. */ struct ldap_state { @@ -333,6 +300,12 @@ enum nss_status _nss_ldap_search_s (const struct ldap_args * args, /* IN */ int sizelimit, /* IN */ LDAPMessage ** res /* OUT */ ); + +int _nss_ldap_searchbyname( + struct ldap_args *args,const char *filterprot, + enum ldap_map_selector sel,TFILE *fp,NEWparser_t parser); + + /* * Emulate X.500 read operation. */ diff --git a/nslcd/ldap-schema.c b/nslcd/ldap-schema.c index e1be662..e4ba186 100644 --- a/nslcd/ldap-schema.c +++ b/nslcd/ldap-schema.c @@ -46,6 +46,7 @@ #include "ldap-schema.h" #include "util.h" #include "attmap.h" +#include "cfg.h" /* max number of attributes per object class */ #define ATTRTAB_SIZE 15 @@ -407,7 +408,6 @@ _nss_ldap_init_attributes (const char ***attrtab) init_proto_attributes (&attrtab[LM_PROTOCOLS]); init_rpc_attributes (&attrtab[LM_RPC]); init_ethers_attributes (&attrtab[LM_ETHERS]); - init_network_attributes (&attrtab[LM_NETMASKS]); init_alias_attributes (&attrtab[LM_ALIASES]); init_netgrp_attributes (&attrtab[LM_NETGROUP]); |