X-Git-Url: https://jfr.im/git/irc/evilnet/x3.git/blobdiff_plain/35ea100fefeeff959f8b527c4043ecf33b95b896..e2f17d6e4aa6ed0fe70610c5a89b946ee60a8a9d:/src/x3ldap.c diff --git a/src/x3ldap.c b/src/x3ldap.c index 72f61bc..73b139d 100644 --- a/src/x3ldap.c +++ b/src/x3ldap.c @@ -112,7 +112,7 @@ int ldap_do_admin_bind() } -unsigned int ldap_check_auth( char *account, char *pass) +unsigned int ldap_check_auth( const char *account, const char *pass) { char buff[MAXLEN]; @@ -167,7 +167,7 @@ int ldap_search_user(char *account, LDAPMessage **entry) * 0 or 2+ entries are matched, or the proper ldap error * code for other errors. */ -int ldap_get_user_info(char *account, char **email) +int ldap_get_user_info(const char *account, char **email) { int rc; char **value; @@ -314,13 +314,14 @@ char **make_object_vals() if(object_vals) free(object_vals); - object_vals = malloc(sizeof( *object_vals ) * nickserv_conf.ldap_object_classes->used); + object_vals = malloc(sizeof( *object_vals ) * (nickserv_conf.ldap_object_classes->used+1)); for(y = 0; y < nickserv_conf.ldap_object_classes->used; y++) { object_vals[y] = nickserv_conf.ldap_object_classes->list[y]; } object_vals[y] = NULL; return object_vals; + /* NOTE: The return value of this is only good until the next call to it. */ } char *make_password(const char *crypted) @@ -346,15 +347,26 @@ LDAPMod **make_mods_add(const char *account, const char *password, const char *e static char *account_vals[] = { NULL, NULL }; static char *password_vals[] = { NULL, NULL }; static char *email_vals[] = { NULL, NULL }; - int num_mods = 3; + int num_mods = 2; int i; + int mod = 0; /* TODO: take this from nickserv_conf.ldap_add_objects */ LDAPMod **mods; static char **object_vals; + + account_vals[0] = NULL; + account_vals[1] = NULL; + password_vals[0] = NULL; + password_vals[1] = NULL; + email_vals[0] = NULL; + email_vals[1] = NULL; object_vals = make_object_vals(); account_vals[0] = (char *) account; - password_vals[0] = (char *) password; + if (password != NULL) { + password_vals[0] = (char *) password; + num_mods++; + } email_vals[0] = (char *) email; if(!(nickserv_conf.ldap_field_account && *nickserv_conf.ldap_field_account)) @@ -370,26 +382,30 @@ LDAPMod **make_mods_add(const char *account, const char *password, const char *e memset(mods[i], 0, sizeof(LDAPMod)); } - mods[0]->mod_op = LDAP_MOD_ADD; - mods[0]->mod_type = strdup("objectclass"); - mods[0]->mod_values = object_vals; + mods[mod]->mod_op = LDAP_MOD_ADD; + mods[mod]->mod_type = strdup("objectclass"); + mods[mod]->mod_values = object_vals; + mod++; - mods[1]->mod_op = LDAP_MOD_ADD; - mods[1]->mod_type = strdup(nickserv_conf.ldap_field_account); - mods[1]->mod_values = account_vals; + mods[mod]->mod_op = LDAP_MOD_ADD; + mods[mod]->mod_type = strdup(nickserv_conf.ldap_field_account); + mods[mod]->mod_values = account_vals; + mod++; - mods[2]->mod_op = LDAP_MOD_ADD; - mods[2]->mod_type = strdup(nickserv_conf.ldap_field_password); - mods[2]->mod_values = password_vals; + if (password != NULL) { + mods[mod]->mod_op = LDAP_MOD_ADD; + mods[mod]->mod_type = strdup(nickserv_conf.ldap_field_password); + mods[mod]->mod_values = password_vals; + mod++; + } if(nickserv_conf.ldap_field_email && *nickserv_conf.ldap_field_email && email && *email) { - mods[3]->mod_op = LDAP_MOD_ADD; - mods[3]->mod_type = strdup(nickserv_conf.ldap_field_email); - mods[3]->mod_values = email_vals; - mods[4] = NULL; + mods[mod]->mod_op = LDAP_MOD_ADD; + mods[mod]->mod_type = strdup(nickserv_conf.ldap_field_email); + mods[mod]->mod_values = email_vals; + mod++; } - else - mods[3] = NULL; + mods[mod] = NULL; *num_mods_ret = num_mods; return mods; } @@ -406,10 +422,11 @@ int ldap_do_add(const char *account, const char *crypted, const char *email) log_module(MAIN_LOG, LOG_ERROR, "failed to bind as admin"); return rc; } - - passbuf = make_password(crypted); + + if (crypted != NULL) + passbuf = make_password(crypted); snprintf(newdn, MAXLEN-1, nickserv_conf.ldap_dn_fmt, account); - mods = make_mods_add(account, passbuf, email, &num_mods); + mods = make_mods_add(account, (crypted != NULL ? passbuf : crypted), email, &num_mods); if(!mods) { log_module(MAIN_LOG, LOG_ERROR, "Error building mods for ldap_add"); return LDAP_OTHER; @@ -425,7 +442,8 @@ int ldap_do_add(const char *account, const char *crypted, const char *email) free(mods[i]); } free(mods); - free(passbuf); + if (crypted != NULL) + free(passbuf); return rc; } @@ -524,7 +542,7 @@ LDAPMod **make_mods_modify(const char *password, const char *email, int *num_mod * * A level of <0 will be treated as 0 */ -int ldap_do_oslevel(const char *account, int level) +int ldap_do_oslevel(const char *account, int level, int oldlevel) { LDAPMod **mods; static char *oslevel_vals[] = { NULL, NULL }; @@ -540,7 +558,7 @@ int ldap_do_oslevel(const char *account, int level) level = 0; } - snprintf(temp, MAXLEN-1, "%d", level); + snprintf(temp, MAXLEN-1, "%d", (level ? level : oldlevel)); oslevel_vals[0] = (char *) temp; if(!(nickserv_conf.ldap_field_oslevel && *nickserv_conf.ldap_field_oslevel)) @@ -552,7 +570,7 @@ int ldap_do_oslevel(const char *account, int level) mods[0] = (LDAPMod *) malloc(sizeof(LDAPMod)); memset(mods[0], 0, sizeof(LDAPMod)); - mods[0]->mod_op = LDAP_MOD_REPLACE; + mods[0]->mod_op = (level ? LDAP_MOD_REPLACE : LDAP_MOD_DELETE); mods[0]->mod_type = strdup(nickserv_conf.ldap_field_oslevel); mods[0]->mod_values = oslevel_vals; mods[1] = NULL; @@ -704,7 +722,7 @@ int ldap_delfromgroup(char *account, const char *group) void ldap_close() { admin_bind = false; - ldap_unbind(ld); + ldap_unbind_ext(ld, NULL, NULL); } #endif