diff options
| author | Arthur de Jong <arthur@arthurdejong.org> | 2009-05-24 08:56:33 +0000 |
|---|---|---|
| committer | Arthur de Jong <arthur@arthurdejong.org> | 2009-05-24 08:56:33 +0000 |
| commit | 6bdd24fe2857258515496a6eedd7ee8650144582 (patch) | |
| tree | f6a37aa31062c567f528d13a0eafa6c2dd22c7d8 | |
| parent | d50fe928bb5526892f091f0ff287ec449b9b66be (diff) | |
support multiple search bases, partially based on a patch by Leigh Wedding <lwedding@bigpond.com>
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@892 ef36b2f9-881f-0410-afb5-c4e39611909c
| -rw-r--r-- | AUTHORS | 1 | ||||
| -rw-r--r-- | nslcd/alias.c | 12 | ||||
| -rw-r--r-- | nslcd/attmap.c | 46 | ||||
| -rw-r--r-- | nslcd/cfg.c | 44 | ||||
| -rw-r--r-- | nslcd/cfg.h | 5 | ||||
| -rw-r--r-- | nslcd/common.h | 21 | ||||
| -rw-r--r-- | nslcd/ether.c | 12 | ||||
| -rw-r--r-- | nslcd/group.c | 12 | ||||
| -rw-r--r-- | nslcd/host.c | 12 | ||||
| -rw-r--r-- | nslcd/netgroup.c | 12 | ||||
| -rw-r--r-- | nslcd/network.c | 12 | ||||
| -rw-r--r-- | nslcd/passwd.c | 29 | ||||
| -rw-r--r-- | nslcd/protocol.c | 12 | ||||
| -rw-r--r-- | nslcd/rpc.c | 12 | ||||
| -rw-r--r-- | nslcd/service.c | 12 | ||||
| -rw-r--r-- | nslcd/shadow.c | 12 | ||||
| -rw-r--r-- | tests/test_cfg.c | 8 | ||||
| -rw-r--r-- | tests/test_myldap.c | 16 |
18 files changed, 169 insertions, 121 deletions
@@ -75,3 +75,4 @@ Bart Cornelis <cobaco@skolelinux.no> Rudy Godoy GuillĂ©n <rudy@debian.org> Petter Reinholdtsen <pere@hungry.com> Dan White <dwhite@olp.net> +Leigh Wedding <lwedding@bigpond.com> diff --git a/nslcd/alias.c b/nslcd/alias.c index c59af95..ab44e57 100644 --- a/nslcd/alias.c +++ b/nslcd/alias.c @@ -5,7 +5,7 @@ Copyright (C) 1997-2005 Luke Howard Copyright (C) 2006 West Consulting - Copyright (C) 2006, 2007 Arthur de Jong + Copyright (C) 2006, 2007, 2009 Arthur de Jong This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public @@ -44,7 +44,7 @@ */ /* the search base for searches */ -const char *alias_base = NULL; +const char *alias_bases[NSS_LDAP_CONFIG_MAX_BASES] = { NULL }; /* the search scope for searches */ int alias_scope = LDAP_SCOPE_DEFAULT; @@ -77,9 +77,11 @@ static int mkfilter_alias_byname(const char *name, static void alias_init(void) { - /* set up base */ - if (alias_base==NULL) - alias_base=nslcd_cfg->ldc_base; + int i; + /* set up search bases */ + if (alias_bases[0]==NULL) + for (i=0;i<NSS_LDAP_CONFIG_MAX_BASES;i++) + alias_bases[i]=nslcd_cfg->ldc_bases[i]; /* set up scope */ if (alias_scope==LDAP_SCOPE_DEFAULT) alias_scope=nslcd_cfg->ldc_scope; diff --git a/nslcd/attmap.c b/nslcd/attmap.c index 22a84c3..9115c06 100644 --- a/nslcd/attmap.c +++ b/nslcd/attmap.c @@ -2,7 +2,7 @@ attmap.c - attribute mapping values and functions This file is part of the nss-ldapd library. - Copyright (C) 2007, 2008 Arthur de Jong + Copyright (C) 2007, 2008, 2009 Arthur de Jong This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public @@ -30,33 +30,33 @@ const char *attmap_objectClass = "objectClass"; /* these are the bases that are defined per database */ -extern const char *alias_base; -extern const char *ether_base; -extern const char *group_base; -extern const char *host_base; -extern const char *netgroup_base; -extern const char *network_base; -extern const char *passwd_base; -extern const char *protocol_base; -extern const char *rpc_base; -extern const char *service_base; -extern const char *shadow_base; +extern const char *alias_bases[]; +extern const char *ether_bases[]; +extern const char *group_bases[]; +extern const char *host_bases[]; +extern const char *netgroup_bases[]; +extern const char *network_bases[]; +extern const char *passwd_bases[]; +extern const char *protocol_bases[]; +extern const char *rpc_bases[]; +extern const char *service_bases[]; +extern const char *shadow_bases[]; const char **base_get_var(enum ldap_map_selector map) { switch (map) { - case LM_ALIASES: return &alias_base; - case LM_ETHERS: return ðer_base; - case LM_GROUP: return &group_base; - case LM_HOSTS: return &host_base; - case LM_NETGROUP: return &netgroup_base; - case LM_NETWORKS: return &network_base; - case LM_PASSWD: return &passwd_base; - case LM_PROTOCOLS: return &protocol_base; - case LM_RPC: return &rpc_base; - case LM_SERVICES: return &service_base; - case LM_SHADOW: return &shadow_base; + case LM_ALIASES: return alias_bases; + case LM_ETHERS: return ether_bases; + case LM_GROUP: return group_bases; + case LM_HOSTS: return host_bases; + case LM_NETGROUP: return netgroup_bases; + case LM_NETWORKS: return network_bases; + case LM_PASSWD: return passwd_bases; + case LM_PROTOCOLS: return protocol_bases; + case LM_RPC: return rpc_bases; + case LM_SERVICES: return service_bases; + case LM_SHADOW: return shadow_bases; case LM_NONE: default: return NULL; } diff --git a/nslcd/cfg.c b/nslcd/cfg.c index 786fbf4..a193ffe 100644 --- a/nslcd/cfg.c +++ b/nslcd/cfg.c @@ -96,7 +96,8 @@ static void cfg_defaults(struct ldap_config *cfg) cfg->ldc_sasl_mech=NULL; cfg->ldc_sasl_realm=NULL; cfg->ldc_usesasl=0; - cfg->ldc_base=NULL; + for (i=0;i<NSS_LDAP_CONFIG_MAX_BASES;i++) + cfg->ldc_bases[i]=NULL; cfg->ldc_scope=LDAP_SCOPE_SUBTREE; cfg->ldc_deref=LDAP_DEREF_NEVER; cfg->ldc_referrals=1; @@ -549,25 +550,34 @@ static void set_base(const char *filename,int lnr, exit(EXIT_FAILURE); #endif /* not HAVE_LDAP_DOMAIN2DN */ } - /* check if the value will be changed */ - if ((*var==NULL)||(strcmp(*var,value)!=0)) - { - /* Note: we have a memory leak here if a single mapping is changed - multiple times in one config (deemed not a problem) */ - *var=xstrdup(value); - } + /* set the new value */ + *var=xstrdup(value); } static void parse_base_statement(const char *filename,int lnr, const char *keyword,char *line, struct ldap_config *cfg) { - const char **var; - var=base_get_var(get_map(&line)); - if (var==NULL) - var=(const char **)&(cfg->ldc_base); - check_argumentcount(filename,lnr,keyword,(line!=NULL)&&(*line!='\0')); - set_base(filename,lnr,line,var); + const char **bases; + int i; + /* get the list of bases to update */ + bases=base_get_var(get_map(&line)); + if (bases==NULL) + bases=cfg->ldc_bases; + /* find the spot in the list of bases */ + for (i=0;i<NSS_LDAP_CONFIG_MAX_BASES;i++) + { + if (bases[i]==NULL) + { + check_argumentcount(filename,lnr,keyword,(line!=NULL)&&(*line!='\0')); + set_base(filename,lnr,line,&bases[i]); + return; + } + } + /* no free spot found */ + log_log(LOG_ERR,"%s:%d: maximum number of base options per map (%d) exceeded", + filename,lnr,NSS_LDAP_CONFIG_MAX_BASES); + exit(EXIT_FAILURE); } static void parse_scope_statement(const char *filename,int lnr, @@ -1033,11 +1043,11 @@ void cfg_init(const char *fname) /* TODO: check that if some tls options are set the ssl option should be set to on (just warn) */ #endif /* LDAP_OPT_X_TLS */ /* if basedn is not yet set, get if from the rootDSE */ - if (nslcd_cfg->ldc_base==NULL) - nslcd_cfg->ldc_base=get_base_from_rootdse(); + if (nslcd_cfg->ldc_bases[0]==NULL) + nslcd_cfg->ldc_bases[0]=get_base_from_rootdse(); /* TODO: handle the case gracefully when no LDAP server is available yet */ /* see if we have a valid basedn */ - if ((nslcd_cfg->ldc_base==NULL)||(nslcd_cfg->ldc_base[0]=='\0')) + if ((nslcd_cfg->ldc_bases[0]==NULL)||(nslcd_cfg->ldc_bases[0][0]=='\0')) { log_log(LOG_ERR,"no base defined in config and couldn't get one from server"); exit(EXIT_FAILURE); diff --git a/nslcd/cfg.h b/nslcd/cfg.h index 48aea36..79eef20 100644 --- a/nslcd/cfg.h +++ b/nslcd/cfg.h @@ -39,6 +39,9 @@ /* maximum number of URIs */ #define NSS_LDAP_CONFIG_URI_MAX 31 +/* maximum number of 'passwd base's */ +#define NSS_LDAP_CONFIG_MAX_BASES 7 + enum ldap_ssl_options { SSL_OFF, @@ -101,7 +104,7 @@ struct ldap_config /* do we use sasl when binding? */ int ldc_usesasl; /* base DN, eg. dc=gnu,dc=org */ - char *ldc_base; + const char *ldc_bases[NSS_LDAP_CONFIG_MAX_BASES]; /* scope for searches */ int ldc_scope; /* dereference aliases/links */ diff --git a/nslcd/common.h b/nslcd/common.h index 8d91a2c..3503e59 100644 --- a/nslcd/common.h +++ b/nslcd/common.h @@ -3,7 +3,7 @@ This file is part of the nss-ldapd library. Copyright (C) 2006 West Consulting - Copyright (C) 2006, 2007, 2008 Arthur de Jong + Copyright (C) 2006, 2007, 2008, 2009 Arthur de Jong This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public @@ -126,7 +126,8 @@ int nslcd_shadow_all(TFILE *fp,MYLDAP_SESSION *session); int32_t tmpint32; \ MYLDAP_SEARCH *search; \ MYLDAP_ENTRY *entry; \ - int rc; \ + const char *base; \ + int rc,i; \ /* read request parameters */ \ readfn; \ /* log call */ \ @@ -142,14 +143,18 @@ int nslcd_shadow_all(TFILE *fp,MYLDAP_SESSION *session); } \ /* build the list of attributes */ \ db##_init(); \ - /* do the LDAP search */ \ - if ((search=myldap_search(session,db##_base,db##_scope,filter,db##_attrs))==NULL) \ - return -1; \ - /* go over results */ \ - while ((entry=myldap_get_entry(search,&rc))!=NULL) \ + /* perform a search for each search base */ \ + for (i=0; (base=db##_bases[i])!=NULL; i++) \ { \ - if (writefn) \ + /* do the LDAP search */ \ + if ((search=myldap_search(session,base,db##_scope,filter,db##_attrs))==NULL) \ return -1; \ + /* go over results */ \ + while ((entry=myldap_get_entry(search,&rc))!=NULL) \ + { \ + if (writefn) \ + return -1; \ + } \ } \ /* write the final result code */ \ if (rc==LDAP_SUCCESS) \ diff --git a/nslcd/ether.c b/nslcd/ether.c index 7133719..c3ff43d 100644 --- a/nslcd/ether.c +++ b/nslcd/ether.c @@ -5,7 +5,7 @@ Copyright (C) 1997-2005 Luke Howard Copyright (C) 2006 West Consulting - Copyright (C) 2006, 2007 Arthur de Jong + Copyright (C) 2006, 2007, 2009 Arthur de Jong This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public @@ -46,7 +46,7 @@ */ /* the search base for searches */ -const char *ether_base = NULL; +const char *ether_bases[NSS_LDAP_CONFIG_MAX_BASES] = { NULL }; /* the search scope for searches */ int ether_scope = LDAP_SCOPE_DEFAULT; @@ -96,9 +96,11 @@ static int mkfilter_ether_byether(const struct ether_addr *addr, static void ether_init(void) { - /* set up base */ - if (ether_base==NULL) - ether_base=nslcd_cfg->ldc_base; + int i; + /* set up search bases */ + if (ether_bases[0]==NULL) + for (i=0;i<NSS_LDAP_CONFIG_MAX_BASES;i++) + ether_bases[i]=nslcd_cfg->ldc_bases[i]; /* set up scope */ if (ether_scope==LDAP_SCOPE_DEFAULT) ether_scope=nslcd_cfg->ldc_scope; diff --git a/nslcd/group.c b/nslcd/group.c index 686a1d5..8f681eb 100644 --- a/nslcd/group.c +++ b/nslcd/group.c @@ -5,7 +5,7 @@ Copyright (C) 1997-2006 Luke Howard Copyright (C) 2006 West Consulting - Copyright (C) 2006, 2007, 2008 Arthur de Jong + Copyright (C) 2006, 2007, 2008, 2009 Arthur de Jong This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public @@ -52,7 +52,7 @@ */ /* the search base for searches */ -const char *group_base = NULL; +const char *group_bases[NSS_LDAP_CONFIG_MAX_BASES] = { NULL }; /* the search scope for searches */ int group_scope = LDAP_SCOPE_DEFAULT; @@ -126,9 +126,11 @@ static int mkfilter_group_bymember(MYLDAP_SESSION *session, static void group_init(void) { - /* set up base */ - if (group_base==NULL) - group_base=nslcd_cfg->ldc_base; + int i; + /* set up search bases */ + if (group_bases[0]==NULL) + for (i=0;i<NSS_LDAP_CONFIG_MAX_BASES;i++) + group_bases[i]=nslcd_cfg->ldc_bases[i]; /* set up scope */ if (group_scope==LDAP_SCOPE_DEFAULT) group_scope=nslcd_cfg->ldc_scope; diff --git a/nslcd/host.c b/nslcd/host.c index d7eba7a..fdd327b 100644 --- a/nslcd/host.c +++ b/nslcd/host.c @@ -5,7 +5,7 @@ Copyright (C) 1997-2005 Luke Howard Copyright (C) 2006 West Consulting - Copyright (C) 2006, 2007 Arthur de Jong + Copyright (C) 2006, 2007, 2009 Arthur de Jong This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public @@ -47,7 +47,7 @@ */ /* the search base for searches */ -const char *host_base = NULL; +const char *host_bases[NSS_LDAP_CONFIG_MAX_BASES] = { NULL }; /* the search scope for searches */ int host_scope = LDAP_SCOPE_DEFAULT; @@ -94,9 +94,11 @@ static int mkfilter_host_byaddr(const char *name, static void host_init(void) { - /* set up base */ - if (host_base==NULL) - host_base=nslcd_cfg->ldc_base; + int i; + /* set up search bases */ + if (host_bases[0]==NULL) + for (i=0;i<NSS_LDAP_CONFIG_MAX_BASES;i++) + host_bases[i]=nslcd_cfg->ldc_bases[i]; /* set up scope */ if (host_scope==LDAP_SCOPE_DEFAULT) host_scope=nslcd_cfg->ldc_scope; diff --git a/nslcd/netgroup.c b/nslcd/netgroup.c index 8f380a8..5d80c81 100644 --- a/nslcd/netgroup.c +++ b/nslcd/netgroup.c @@ -5,7 +5,7 @@ Copyright (C) 1997-2005 Luke Howard Copyright (C) 2006 West Consulting - Copyright (C) 2006, 2007 Arthur de Jong + Copyright (C) 2006, 2007, 2009 Arthur de Jong This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public @@ -46,7 +46,7 @@ */ /* the search base for searches */ -const char *netgroup_base = NULL; +const char *netgroup_bases[NSS_LDAP_CONFIG_MAX_BASES] = { NULL }; /* the search scope for searches */ int netgroup_scope = LDAP_SCOPE_DEFAULT; @@ -78,9 +78,11 @@ static int mkfilter_netgroup_byname(const char *name, static void netgroup_init(void) { - /* set up base */ - if (netgroup_base==NULL) - netgroup_base=nslcd_cfg->ldc_base; + int i; + /* set up search bases */ + if (netgroup_bases[0]==NULL) + for (i=0;i<NSS_LDAP_CONFIG_MAX_BASES;i++) + netgroup_bases[i]=nslcd_cfg->ldc_bases[i]; /* set up scope */ if (netgroup_scope==LDAP_SCOPE_DEFAULT) netgroup_scope=nslcd_cfg->ldc_scope; diff --git a/nslcd/network.c b/nslcd/network.c index f5e7a44..60eaa6c 100644 --- a/nslcd/network.c +++ b/nslcd/network.c @@ -5,7 +5,7 @@ Copyright (C) 1997-2005 Luke Howard Copyright (C) 2006 West Consulting - Copyright (C) 2006, 2007 Arthur de Jong + Copyright (C) 2006, 2007, 2009 Arthur de Jong This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public @@ -45,7 +45,7 @@ */ /* the search base for searches */ -const char *network_base = NULL; +const char *network_bases[NSS_LDAP_CONFIG_MAX_BASES] = { NULL }; /* the search scope for searches */ int network_scope = LDAP_SCOPE_DEFAULT; @@ -93,9 +93,11 @@ static int mkfilter_network_byaddr(const char *name, static void network_init(void) { - /* set up base */ - if (network_base==NULL) - network_base=nslcd_cfg->ldc_base; + int i; + /* set up search bases */ + if (network_bases[0]==NULL) + for (i=0;i<NSS_LDAP_CONFIG_MAX_BASES;i++) + network_bases[i]=nslcd_cfg->ldc_bases[i]; /* set up scope */ if (network_scope==LDAP_SCOPE_DEFAULT) network_scope=nslcd_cfg->ldc_scope; diff --git a/nslcd/passwd.c b/nslcd/passwd.c index a8cc603..b934257 100644 --- a/nslcd/passwd.c +++ b/nslcd/passwd.c @@ -46,7 +46,7 @@ */ /* the search base for searches */ -const char *passwd_base = NULL; +const char *passwd_bases[NSS_LDAP_CONFIG_MAX_BASES] = { NULL }; /* the search scope for searches */ int passwd_scope = LDAP_SCOPE_DEFAULT; @@ -108,9 +108,11 @@ static int mkfilter_passwd_byuid(uid_t uid, static void passwd_init(void) { - /* set up base */ - if (passwd_base==NULL) - passwd_base=nslcd_cfg->ldc_base; + int i; + /* set up search bases */ + if (passwd_bases[0]==NULL) + for (i=0;i<NSS_LDAP_CONFIG_MAX_BASES;i++) + passwd_bases[i]=nslcd_cfg->ldc_bases[i]; /* set up scope */ if (passwd_scope==LDAP_SCOPE_DEFAULT) passwd_scope=nslcd_cfg->ldc_scope; @@ -242,8 +244,10 @@ char *dn2uid(MYLDAP_SESSION *session,const char *dn,char *buf,size_t buflen) char *uid2dn(MYLDAP_SESSION *session,const char *uid,char *buf,size_t buflen) { - MYLDAP_SEARCH *search; - MYLDAP_ENTRY *entry; + MYLDAP_SEARCH *search=NULL; + MYLDAP_ENTRY *entry=NULL; + const char *base; + int i; static const char *attrs[1]; int rc; const char *dn; @@ -257,10 +261,15 @@ char *uid2dn(MYLDAP_SESSION *session,const char *uid,char *buf,size_t buflen) passwd_init(); /* we have to look up the entry */ mkfilter_passwd_byname(uid,filter,sizeof(filter)); - search=myldap_search(session,passwd_base,passwd_scope,filter,attrs); - if (search==NULL) - return NULL; - entry=myldap_get_entry(search,&rc); + for (i=0;(i<NSS_LDAP_CONFIG_MAX_BASES)&&((base=passwd_bases[i])!=NULL);i++) + { + search=myldap_search(session,base,passwd_scope,filter,attrs); + if (search==NULL) + return NULL; + entry=myldap_get_entry(search,&rc); + if (entry!=NULL) + break; + } if (entry==NULL) return NULL; /* get DN */ diff --git a/nslcd/protocol.c b/nslcd/protocol.c index f83f423..9ea56f8 100644 --- a/nslcd/protocol.c +++ b/nslcd/protocol.c @@ -5,7 +5,7 @@ Copyright (C) 1997-2005 Luke Howard Copyright (C) 2006 West Consulting - Copyright (C) 2006, 2007 Arthur de Jong + Copyright (C) 2006, 2007, 2009 Arthur de Jong This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public @@ -44,7 +44,7 @@ */ /* the search base for searches */ -const char *protocol_base = NULL; +const char *protocol_bases[NSS_LDAP_CONFIG_MAX_BASES] = { NULL }; /* the search scope for searches */ int protocol_scope = LDAP_SCOPE_DEFAULT; @@ -86,9 +86,11 @@ static int mkfilter_protocol_bynumber(int protocol, static void protocol_init(void) { - /* set up base */ - if (protocol_base==NULL) - protocol_base=nslcd_cfg->ldc_base; + int i; + /* set up search bases */ + if (protocol_bases[0]==NULL) + for (i=0;i<NSS_LDAP_CONFIG_MAX_BASES;i++) + protocol_bases[i]=nslcd_cfg->ldc_bases[i]; /* set up scope */ if (protocol_scope==LDAP_SCOPE_DEFAULT) protocol_scope=nslcd_cfg->ldc_scope; diff --git a/nslcd/rpc.c b/nslcd/rpc.c index 3dc99d2..aa9fb0d 100644 --- a/nslcd/rpc.c +++ b/nslcd/rpc.c @@ -5,7 +5,7 @@ Copyright (C) 1997-2005 Luke Howard Copyright (C) 2006 West Consulting - Copyright (C) 2006, 2007 Arthur de Jong + Copyright (C) 2006, 2007, 2009 Arthur de Jong This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public @@ -46,7 +46,7 @@ */ /* the search base for searches */ -const char *rpc_base = NULL; +const char *rpc_bases[NSS_LDAP_CONFIG_MAX_BASES] = { NULL }; /* the search scope for searches */ int rpc_scope = LDAP_SCOPE_DEFAULT; @@ -86,9 +86,11 @@ static int mkfilter_rpc_bynumber(int number, static void rpc_init(void) { - /* set up base */ - if (rpc_base==NULL) - rpc_base=nslcd_cfg->ldc_base; + int i; + /* set up search bases */ + if (rpc_bases[0]==NULL) + for (i=0;i<NSS_LDAP_CONFIG_MAX_BASES;i++) + rpc_bases[i]=nslcd_cfg->ldc_bases[i]; /* set up scope */ if (rpc_scope==LDAP_SCOPE_DEFAULT) rpc_scope=nslcd_cfg->ldc_scope; diff --git a/nslcd/service.c b/nslcd/service.c index 845ff50..3403179 100644 --- a/nslcd/service.c +++ b/nslcd/service.c @@ -5,7 +5,7 @@ Copyright (C) 1997-2005 Luke Howard Copyright (C) 2006 West Consulting - Copyright (C) 2006, 2007 Arthur de Jong + Copyright (C) 2006, 2007, 2009 Arthur de Jong This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public @@ -46,7 +46,7 @@ */ /* the search base for searches */ -const char *service_base = NULL; +const char *service_bases[NSS_LDAP_CONFIG_MAX_BASES] = { NULL }; /* the search scope for searches */ int service_scope = LDAP_SCOPE_DEFAULT; @@ -112,9 +112,11 @@ static int mkfilter_service_bynumber(int number, static void service_init(void) { - /* set up base */ - if (service_base==NULL) - service_base=nslcd_cfg->ldc_base; + int i; + /* set up search bases */ + if (service_bases[0]==NULL) + for (i=0;i<NSS_LDAP_CONFIG_MAX_BASES;i++) + service_bases[i]=nslcd_cfg->ldc_bases[i]; /* set up scope */ if (service_scope==LDAP_SCOPE_DEFAULT) service_scope=nslcd_cfg->ldc_scope; diff --git a/nslcd/shadow.c b/nslcd/shadow.c index a8392f9..a381306 100644 --- a/nslcd/shadow.c +++ b/nslcd/shadow.c @@ -5,7 +5,7 @@ Copyright (C) 1997-2005 Luke Howard Copyright (C) 2006 West Consulting - Copyright (C) 2006, 2007, 2008 Arthur de Jong + Copyright (C) 2006, 2007, 2008, 2009 Arthur de Jong This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public @@ -44,7 +44,7 @@ */ /* the search base for searches */ -const char *shadow_base = NULL; +const char *shadow_bases[NSS_LDAP_CONFIG_MAX_BASES] = { NULL }; /* the search scope for searches */ int shadow_scope = LDAP_SCOPE_DEFAULT; @@ -92,9 +92,11 @@ static int mkfilter_shadow_byname(const char *name, static void shadow_init(void) { - /* set up base */ - if (shadow_base==NULL) - shadow_base=nslcd_cfg->ldc_base; + int i; + /* set up search bases */ + if (shadow_bases[0]==NULL) + for (i=0;i<NSS_LDAP_CONFIG_MAX_BASES;i++) + shadow_bases[i]=nslcd_cfg->ldc_bases[i]; /* set up scope */ if (shadow_scope==LDAP_SCOPE_DEFAULT) shadow_scope=nslcd_cfg->ldc_scope; diff --git a/tests/test_cfg.c b/tests/test_cfg.c index 76688ee..ce16a48 100644 --- a/tests/test_cfg.c +++ b/tests/test_cfg.c @@ -2,7 +2,7 @@ test_cfg.c - simple test for the cfg module This file is part of the nss-ldapd library. - Copyright (C) 2007 Arthur de Jong + Copyright (C) 2007, 2009 Arthur de Jong This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public @@ -189,7 +189,7 @@ static void test_tokenize(void) assertstreq(str,"simple line"); } -extern const char *passwd_base; +extern const char *passwd_bases[]; extern const char *group_filter; extern int passwd_scope; @@ -221,8 +221,8 @@ static void test_read(void) assertstreq(cfg.ldc_uris[1].uri,"ldap:///"); assertstreq(cfg.ldc_uris[2].uri,"ldaps://127.0.0.1/"); assert(cfg.ldc_uris[3].uri==NULL); - assertstreq(cfg.ldc_base,"dc=test, dc=tld"); - assertstreq(passwd_base,"ou=Some People,dc=test,dc=tld"); + assertstreq(cfg.ldc_bases[0],"dc=test, dc=tld"); + assertstreq(passwd_bases[0],"ou=Some People,dc=test,dc=tld"); assertstreq(attmap_passwd_uid,"sAMAccountName"); assertstreq(group_filter,"(&(objeclClass=posixGroup)(gid=1*))"); assert(passwd_scope==LDAP_SCOPE_ONELEVEL); diff --git a/tests/test_myldap.c b/tests/test_myldap.c index 21fbae6..23ac574 100644 --- a/tests/test_myldap.c +++ b/tests/test_myldap.c @@ -66,7 +66,7 @@ static void test_search(void) assert(session!=NULL); /* perform search */ printf("test_myldap: test_search(): doing search...\n"); - search=myldap_search(session,nslcd_cfg->ldc_base, + search=myldap_search(session,nslcd_cfg->ldc_bases[0], LDAP_SCOPE_SUBTREE, "(objectclass=posixAccount)", attrs); @@ -83,7 +83,7 @@ static void test_search(void) printf("test_myldap: test_search(): %d entries returned: %s\n",i,ldap_err2string(rc)); /* perform another search */ printf("test_myldap: test_search(): doing search...\n"); - search=myldap_search(session,nslcd_cfg->ldc_base, + search=myldap_search(session,nslcd_cfg->ldc_bases[0], LDAP_SCOPE_SUBTREE, "(objectclass=posixGroup)", attrs); @@ -116,7 +116,7 @@ static void test_get(void) assert(session!=NULL); /* perform search */ printf("test_myldap: test_get(): doing search...\n"); - search1=myldap_search(session,nslcd_cfg->ldc_base, + search1=myldap_search(session,nslcd_cfg->ldc_bases[0], LDAP_SCOPE_SUBTREE, "(&(|(objectClass=posixGroup)(objectClass=groupOfUniqueNames))(cn=testgroup2))", attrs1); @@ -163,7 +163,7 @@ static void test_get_values(void) session=myldap_create_session(); assert(session!=NULL); /* perform search */ - search=myldap_search(session,nslcd_cfg->ldc_base, + search=myldap_search(session,nslcd_cfg->ldc_bases[0], LDAP_SCOPE_SUBTREE, "(&(objectClass=posixAccount)(uid=*))", attrs); @@ -253,7 +253,7 @@ static void test_two_searches(void) session=myldap_create_session(); assert(session!=NULL); /* perform search1 */ - search1=myldap_search(session,nslcd_cfg->ldc_base, + search1=myldap_search(session,nslcd_cfg->ldc_bases[0], LDAP_SCOPE_SUBTREE, "(&(objectClass=posixAccount)(uid=*))", attrs); @@ -266,7 +266,7 @@ static void test_two_searches(void) assert((vals!=NULL)&&(vals[0]!=NULL)); printf("test_myldap: test_two_searches(): [search1] cn=%s\n",vals[0]); /* start a second search */ - search2=myldap_search(session,nslcd_cfg->ldc_base, + search2=myldap_search(session,nslcd_cfg->ldc_bases[0], LDAP_SCOPE_SUBTREE, "(&(objectclass=posixGroup)(gidNumber=*))", attrs); @@ -312,7 +312,7 @@ static void *worker(void *arg) session=myldap_create_session(); assert(session!=NULL); /* perform search */ - search=myldap_search(session,nslcd_cfg->ldc_base, + search=myldap_search(session,nslcd_cfg->ldc_bases[0], LDAP_SCOPE_SUBTREE, "(objectclass=posixAccount)", attrs); @@ -379,7 +379,7 @@ static void test_connections(void) assert(session!=NULL); /* perform search */ printf("test_myldap: test_connections(): doing search...\n"); - search=myldap_search(session,nslcd_cfg->ldc_base, + search=myldap_search(session,nslcd_cfg->ldc_bases[0], LDAP_SCOPE_SUBTREE, "(objectclass=posixAccount)", attrs); |