]>
Commit | Line | Data |
---|---|---|
50895889 | 1 | /* x3ldap.c - LDAP functionality for x3, by Rubin |
2 | * Copyright 2002-2007 x3 Development Team | |
3 | * | |
4 | * This file is part of x3. | |
5 | * | |
6 | * x3 is free software; you can redistribute it and/or modify | |
7 | * it under the terms of the GNU General Public License as published by | |
8 | * the Free Software Foundation; either version 2 of the License, or | |
9 | * (at your option) any later version. | |
10 | * | |
11 | * This program is distributed in the hope that it will be useful, | |
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
14 | * GNU General Public License for more details. | |
15 | * | |
16 | * You should have received a copy of the GNU General Public License | |
17 | * along with srvx; if not, write to the Free Software Foundation, | |
18 | * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. | |
e166c31b | 19 | * |
e166c31b | 20 | * |
21 | * TODO: | |
22 | * * get queries working in static existance, so i understand how it works | |
23 | * * get ldap enabled in ./configure | |
24 | * * x3.conf settings to enable/configure its use | |
25 | * * generic functions to enable ldap | |
26 | * * nickserv.c work to use said functions. | |
27 | */ | |
28 | ||
29 | #include <stdio.h> | |
30 | #include <stdlib.h> | |
31 | #include <ldap.h> | |
32 | //#include <sys/select.h> | |
33 | ||
34 | #include "conf.h" | |
35 | #include "config.h" | |
36 | #include "global.h" | |
50895889 | 37 | #include "log.h" |
e166c31b | 38 | #include "x3ldap.h" |
39 | ||
40 | #ifdef HAVE_FCNTL_H | |
41 | #include <fcntl.h> | |
42 | #endif | |
43 | #ifdef HAVE_SYS_SELECT_H | |
44 | #include <sys/select.h> | |
45 | #endif | |
46 | #ifdef HAVE_SYS_SOCKET_H | |
47 | #include <sys/socket.h> | |
48 | #endif | |
49 | ||
50 | #ifdef WITH_LDAP | |
51 | ||
52 | /* char dn[] = "uid=%s,ou=Users,dc=afternet,dc=org"; | |
53 | char password[] = "xxxxxxx"; | |
54 | char base[] = "ou=Users,dc=afternet,dc=org"; | |
55 | int ldap_version = 3; | |
56 | */ | |
57 | extern struct nickserv_config nickserv_conf; | |
58 | ||
59 | ||
e166c31b | 60 | LDAP *ld = NULL; |
61 | ||
62 | int ldap_do_init() | |
63 | { | |
64 | /* TODO: check here for all required config options and exit() out if not present */ | |
65 | ld = ldap_init(nickserv_conf.ldap_host, nickserv_conf.ldap_port); | |
66 | if(ld == NULL) { | |
50895889 | 67 | log_module(MAIN_LOG, LOG_ERROR, "LDAP initilization failed!\n"); |
e166c31b | 68 | exit(1); |
69 | } | |
70 | ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &nickserv_conf.ldap_version); | |
50895889 | 71 | log_module(MAIN_LOG, LOG_INFO, "Success! ldap_init() was successfull in connecting to %s port %d\n", nickserv_conf.ldap_host, nickserv_conf.ldap_port ); |
e166c31b | 72 | return true; |
73 | } | |
74 | ||
75 | /* Try to auth someone. If theres problems, try reconnecting | |
76 | * once every 10 seconds for 1 minute. | |
77 | * TODO: move this stuff to config file | |
78 | */ | |
79 | unsigned int ldap_check_auth( char *account, char *pass) | |
80 | { | |
81 | char buff[MAXLEN]; | |
82 | int q; | |
83 | ||
84 | memset(buff, 0, MAXLEN); | |
85 | snprintf(buff, sizeof(buff)-1, nickserv_conf.ldap_dn_fmt /*"uid=%s,ou=Users,dc=afternet,dc=org"*/, account); | |
86 | int n = 0; | |
87 | while(1) { | |
88 | q = ldap_simple_bind_s(ld, buff, pass); | |
89 | if(q == LDAP_SUCCESS) { | |
90 | return true; | |
91 | } | |
92 | else if(q == LDAP_INVALID_CREDENTIALS) { | |
93 | return false; | |
94 | } | |
95 | else { | |
50895889 | 96 | log_module(MAIN_LOG, LOG_ERROR, "Bind failed: %s/****** (%d)\n", buff, q); |
e166c31b | 97 | ldap_perror(ld, "ldap"); |
98 | /* Re-init to re-connect to ldap server if thats the problem */ | |
99 | sleep(10); | |
100 | ldap_do_init(nickserv_conf); | |
101 | } | |
102 | if(n++ > 6) { | |
50895889 | 103 | log_module(MAIN_LOG, LOG_ERROR, "Failing to reconnect to ldap server. Dieing."); |
e166c31b | 104 | exit(1); |
105 | } | |
106 | } | |
50895889 | 107 | log_module(MAIN_LOG, LOG_DEBUG, "bind() successfull! You are bound as %s\n", buff); |
e166c31b | 108 | return true; |
109 | ||
110 | } | |
111 | ||
112 | #ifdef notdef /* not used yet - will be used to pull email etc out of ldap */ | |
113 | LDAPMessage ldap_search_user(char uid) | |
114 | { | |
115 | ||
116 | char filter[] = "cn=admin"; | |
117 | ||
118 | struct timeval timeout; | |
119 | /* | |
120 | Now we do a search; | |
121 | */ | |
122 | timeout.tv_usec = 0; | |
123 | timeout.tv_sec = 5; | |
124 | if( ldap_search_st(ld, base, LDAP_SCOPE_ONELEVEL, filter, NULL, 0, &timeout, &res) != LDAP_SUCCESS) { | |
50895889 | 125 | log_module(MAIN_LOG, LOG_ERROR, "search failed: %s %s\n", base, filter); |
e166c31b | 126 | exit(1); |
127 | } | |
50895889 | 128 | log_module(MAIN_LOG, LOG_DEBUG, "Search successfull! %s %s\n", base, filter); |
129 | log_module(MAIN_LOG, LOG_DEBUG, "Got %d entries\n", ldap_count_entries(ld, res)); | |
e166c31b | 130 | { |
131 | LDAPMessage *entry; | |
132 | char **value; | |
133 | entry = ldap_first_entry(ld, res); | |
134 | value = ldap_get_values(ld, entry, "cn"); | |
50895889 | 135 | log_module(MAIN_LOG, LOG_DEBUG, "cn: %s\n", value[0]); |
e166c31b | 136 | value = ldap_get_values(ld, entry, "description"); |
50895889 | 137 | log_module(MAIN_LOG, LOG_DEBUG, "Description: %s\n", value[0]); |
e166c31b | 138 | value = ldap_get_values(ld, entry, "userPassword"); |
50895889 | 139 | log_module(MAIN_LOG, LOG_DEBUG, "pass: %s\n", value ? value[0] : "error"); |
e166c31b | 140 | } |
141 | /* | |
142 | ldap_result(); | |
143 | ldap_first_entry(); | |
144 | ldap_first_attribute(); | |
145 | for(;;) { | |
146 | ldap_get_values(); | |
147 | ldap_next_attribute(); | |
148 | } | |
149 | ||
150 | ldap_parse_result(); | |
151 | ||
152 | ldap_unbind_ext(); | |
153 | ||
154 | */ | |
155 | /* get errors with ldap_err2string(); */ | |
156 | } | |
157 | ||
158 | #endif | |
159 | ||
160 | void ldap_close() | |
161 | { | |
162 | ldap_unbind(ld); | |
163 | } | |
164 | ||
165 | #endif |