src/x3ldap.c

   1 /* x3ldap.c - LDAP functionality for x3, by Rubin
   2  * Copyright 2002-2007 x3 Development Team
   3  *
   4  * This file is part of x3.
   5  *
   6  * x3 is free software; you can redistribute it and/or modify
   7  * it under the terms of the GNU General Public License as published by
   8  * the Free Software Foundation; either version 2 of the License, or
   9  * (at your option) any later version.
  10  *
  11  * This program is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14  * GNU General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU General Public License
  17  * along with srvx; if not, write to the Free Software Foundation,
  18  * Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA.
  19  *
  20  *
  21  * TODO:
  22  *   * get queries working in static existance, so i understand how it works
  23  *   * get ldap enabled in ./configure
  24  *   * x3.conf settings to enable/configure its use
  25  *   * generic functions to enable ldap
  26  *   * nickserv.c work to use said functions.
  27  */
  28
  29 #include "config.h"
  30 #ifdef WITH_LDAP
  31
  32 #include <stdio.h>
  33 #include <stdlib.h>
  34 #include <ldap.h>
  35 //#include <sys/select.h>
  36
  37 #include "conf.h"
  38 #include "global.h"
  39 #include "log.h"
  40 #include "x3ldap.h"
  41
  42 #ifdef HAVE_FCNTL_H
  43 #include <fcntl.h>
  44 #endif
  45 #ifdef HAVE_SYS_SELECT_H
  46 #include <sys/select.h>
  47 #endif
  48 #ifdef HAVE_SYS_SOCKET_H
  49 #include <sys/socket.h>
  50 #endif
  51
  52
  53 /* char dn[] = "uid=%s,ou=Users,dc=afternet,dc=org";
  54 char password[] = "xxxxxxx";
  55 char base[] = "ou=Users,dc=afternet,dc=org";
  56 int ldap_version = 3;
  57 */
  58 extern struct nickserv_config nickserv_conf;
  59
  60
  61 LDAP *ld = NULL;
  62
  63 int ldap_do_init()
  64 {
  65    if(!nickserv_conf.ldap_enable)
  66      return false;
  67    /* TODO: check here for all required config options and exit() out if not present */
  68    ld = ldap_init(nickserv_conf.ldap_host, nickserv_conf.ldap_port);
  69    if(ld == NULL) {
  70       log_module(MAIN_LOG, LOG_ERROR, "LDAP initilization failed!\n");
  71       exit(1);
  72    }
  73    ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &nickserv_conf.ldap_version);
  74    log_module(MAIN_LOG, LOG_INFO, "Success! ldap_init() was successfull in connecting to %s port %d\n", nickserv_conf.ldap_host, nickserv_conf.ldap_port );
  75    return true;
  76 }
  77
  78 /* Try to auth someone. If theres problems, try reconnecting
  79  * once every 10 seconds for 1 minute.
  80  * TODO: move this stuff to config file
  81  */
  82 unsigned int ldap_check_auth( char *account, char *pass)
  83 {
  84    char buff[MAXLEN];
  85    int q;
  86
  87    if(!nickserv_conf.ldap_enable)
  88      return false;
  89
  90    memset(buff, 0, MAXLEN);
  91    snprintf(buff, sizeof(buff)-1, nickserv_conf.ldap_dn_fmt /*"uid=%s,ou=Users,dc=afternet,dc=org"*/, account);
  92    int n = 0;
  93    while(1) {
  94       q = ldap_simple_bind_s(ld, buff, pass);
  95       if(q == LDAP_SUCCESS) {
  96          return true;
  97       }
  98       else if(q == LDAP_INVALID_CREDENTIALS) {
  99         return false;
 100       }
 101       else {
 102         log_module(MAIN_LOG, LOG_ERROR, "Bind failed: %s/******  (%d)\n", buff, q);
 103         ldap_perror(ld, "ldap");
 104         /* Re-init to re-connect to ldap server if thats the problem */
 105         //sleep(10);
 106         ldap_do_init(nickserv_conf);
 107       }
 108       if(n++ > 1) {
 109          /* TODO: return to the user that this is a connection error and not a problem
 110           * with their password
 111           */
 112          log_module(MAIN_LOG, LOG_ERROR, "Failing to reconnect to ldap server. Auth failing.");
 113          return false;
 114       }
 115    }
 116    log_module(MAIN_LOG, LOG_DEBUG, "bind() successfull! You are bound as %s\n", buff);
 117    return true;
 118
 119 }
 120
 121 #ifdef notdef /* not used yet - will be used to pull email etc out of ldap */
 122 LDAPMessage ldap_search_user(char uid)
 123 {
 124
 125    char filter[] = "cn=admin";
 126
 127    struct timeval timeout;
 128    /*
 129     Now we do a search;
 130     */
 131    timeout.tv_usec = 0;
 132    timeout.tv_sec  = 5;
 133    if( ldap_search_st(ld, base, LDAP_SCOPE_ONELEVEL, filter, NULL, 0, &timeout, &res) != LDAP_SUCCESS) {
 134        log_module(MAIN_LOG, LOG_ERROR, "search failed: %s   %s\n", base, filter);
 135        exit(1);
 136    }
 137    log_module(MAIN_LOG, LOG_DEBUG, "Search successfull!  %s    %s\n", base, filter);
 138    log_module(MAIN_LOG, LOG_DEBUG, "Got %d entries\n", ldap_count_entries(ld, res));
 139    {
 140       LDAPMessage *entry;
 141       char **value;
 142       entry = ldap_first_entry(ld, res);
 143       value = ldap_get_values(ld, entry, "cn");
 144       log_module(MAIN_LOG, LOG_DEBUG, "cn: %s\n", value[0]);
 145       value = ldap_get_values(ld, entry, "description");
 146       log_module(MAIN_LOG, LOG_DEBUG, "Description: %s\n", value[0]);
 147       value = ldap_get_values(ld, entry, "userPassword");
 148       log_module(MAIN_LOG, LOG_DEBUG, "pass: %s\n", value ? value[0] : "error");
 149    }
 150    /*
 151    ldap_result();
 152    ldap_first_entry();
 153    ldap_first_attribute();
 154    for(;;) {
 155       ldap_get_values();
 156       ldap_next_attribute();
 157    }
 158
 159    ldap_parse_result();
 160
 161    ldap_unbind_ext();
 162
 163    */
 164    /* get errors with ldap_err2string(); */
 165 }
 166
 167 #endif
 168
 169 void ldap_close()
 170 {
 171    ldap_unbind(ld);
 172 }
 173
 174 #endif