2007-02-06 Alex Schumann <rubin@afternet.org>
- * src/x3ldap.c: fix compiling problem when non-ldap
+ * src/x3ldap.c: fix compiling problem when non-ldap. Compile fixups
+ and sanity checks.
- * configure.in: Better ldap library handling **oops
+ * configure.in: Better ldap library handling **oops ** helps to
+ actually have -lldap in LIBS...
- * configure: regenerated from above **
+ * configure: regenerated from above ** **
+
+ * x3.conf.example: tweaked ldap settings
+
+ * src/nickserv.h: remove ldap config settings if not compiled in
+
+ * src/nickserv.c: automatiaclly add users who can auth to ldap and get
+ logins working.
2007-02-06 Neil Spierling <sirvulcan@gmail.com>
#! /bin/sh
-# From configure.in Id: configure.in 1902 2007-02-06 04:08:14Z rubin .
+# From configure.in Id: configure.in 1903 2007-02-06 04:23:32Z rubin .
# Guess values for system-dependent variables and create Makefiles.
# Generated by GNU Autoconf 2.60 for X3 1.5.
#
if test "x$withval" != "x"; then
{ echo "$as_me:$LINENO: result: Using include dir $withval to find libtre" >&5
echo "${ECHO_T}Using include dir $withval to find libtre" >&6; }
- CPPFLAGS="-I$withval/include -L$withval/lib"
+ CPPFLAGS="$CPPFLAGS -I$withval/include -L$withval/lib"
LIBS="$LIBS -L$withval/lib"
else
{ echo "$as_me:$LINENO: result: Looking for tre in system and home dirs (${HOME})..." >&5
echo "${ECHO_T}Looking for tre in system and home dirs (${HOME})..." >&6; }
- CPPFLAGS="-I${HOME}/include -L${HOME}/lib"
+ CPPFLAGS="$CPPFLAGS -I${HOME}/include -L${HOME}/lib"
LIBS="$LIBS -L${HOME}/lib"
fi
if test "${ac_cv_header_tre_regex_h+set}" = set; then
if test "x$withval" != "x"; then
{ echo "$as_me:$LINENO: result: Using include dir $withval to find coredumper" >&5
echo "${ECHO_T}Using include dir $withval to find coredumper" >&6; }
- CPPFLAGS="-I$withval/include -L$withval/lib"
+ CPPFLAGS="$CPPFLAGS -I$withval/include -L$withval/lib"
LIBS="$LIBS -L$withval/lib"
else
{ echo "$as_me:$LINENO: result: Looking for coredumper in system and home dirs (${HOME})..." >&5
echo "${ECHO_T}Looking for coredumper in system and home dirs (${HOME})..." >&6; }
- CPPFLAGS="-I${HOME}/include -L${HOME}/lib"
+ CPPFLAGS="$CPPFLAGS -I${HOME}/include -L${HOME}/lib"
LIBS="$LIBS -L${HOME}/lib"
fi
if test "${ac_cv_header_google_coredumper_h+set}" = set; then
echo "${ECHO_T}Looking for ldap in system " >&6; }
fi
-{ echo "$as_me:$LINENO: checking for ldap_init in -lldap" >&5
-echo $ECHO_N "checking for ldap_init in -lldap... $ECHO_C" >&6; }
-if test "${ac_cv_lib_ldap_ldap_init+set}" = set; then
+{ echo "$as_me:$LINENO: checking for ldap_simple_bind_s in -lldap" >&5
+echo $ECHO_N "checking for ldap_simple_bind_s in -lldap... $ECHO_C" >&6; }
+if test "${ac_cv_lib_ldap_ldap_simple_bind_s+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
ac_check_lib_save_LIBS=$LIBS
#ifdef __cplusplus
extern "C"
#endif
-char ldap_init ();
+char ldap_simple_bind_s ();
int
main ()
{
-return ldap_init ();
+return ldap_simple_bind_s ();
;
return 0;
}
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; }; then
- ac_cv_lib_ldap_ldap_init=yes
+ ac_cv_lib_ldap_ldap_simple_bind_s=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
- ac_cv_lib_ldap_ldap_init=no
+ ac_cv_lib_ldap_ldap_simple_bind_s=no
fi
rm -f core conftest.err conftest.$ac_objext \
conftest$ac_exeext conftest.$ac_ext
LIBS=$ac_check_lib_save_LIBS
fi
-{ echo "$as_me:$LINENO: result: $ac_cv_lib_ldap_ldap_init" >&5
-echo "${ECHO_T}$ac_cv_lib_ldap_ldap_init" >&6; }
-if test $ac_cv_lib_ldap_ldap_init = yes; then
+{ echo "$as_me:$LINENO: result: $ac_cv_lib_ldap_ldap_simple_bind_s" >&5
+echo "${ECHO_T}$ac_cv_lib_ldap_ldap_simple_bind_s" >&6; }
+if test $ac_cv_lib_ldap_ldap_simple_bind_s = yes; then
+LIBS="-lldap $LIBS"
for ac_header in ldap.h
do
fi
+{ echo "$as_me:$LINENO: result: $LIBS" >&5
+echo "${ECHO_T}$LIBS" >&6; }
cat >>confdefs.h <<_ACEOF
PATH/lib/libtre.so and PATH/include/tre/regex.h exist.], )
if test "x$withval" != "x"; then
AC_MSG_RESULT(Using include dir $withval to find libtre)
- CPPFLAGS="-I$withval/include -L$withval/lib"
+ CPPFLAGS="$CPPFLAGS -I$withval/include -L$withval/lib"
LIBS="$LIBS -L$withval/lib"
else
AC_MSG_RESULT([Looking for tre in system and home dirs (${HOME})...])
- CPPFLAGS="-I${HOME}/include -L${HOME}/lib"
+ CPPFLAGS="$CPPFLAGS -I${HOME}/include -L${HOME}/lib"
LIBS="$LIBS -L${HOME}/lib"
fi
AC_CHECK_HEADER(tre/regex.h, , [AC_MSG_ERROR([tre/regex.h, the TRE regex headers, were not found. Install tre or use --with-tre=PATH to tell me how to find it, where PATH/include/tre/regex.h exists. For conveniance, just type 'tools/tre_install.sh' now, to install tre in your home directory.])],)
PATH/include/google/coredumper.h exist.], )
if test "x$withval" != "x"; then
AC_MSG_RESULT(Using include dir $withval to find coredumper)
- CPPFLAGS="-I$withval/include -L$withval/lib"
+ CPPFLAGS="$CPPFLAGS -I$withval/include -L$withval/lib"
LIBS="$LIBS -L$withval/lib"
else
AC_MSG_RESULT([Looking for coredumper in system and home dirs (${HOME})...])
- CPPFLAGS="-I${HOME}/include -L${HOME}/lib"
+ CPPFLAGS="$CPPFLAGS -I${HOME}/include -L${HOME}/lib"
LIBS="$LIBS -L${HOME}/lib"
fi
AC_CHECK_HEADER(google/coredumper.h, , [AC_MSG_RESULT([google/coredumper.h, the coredumper headers, were not found. Install coredumper or use --with-coredumper=PATH to tell me how to find it, where PATH/include/google/coredumper.h exists. For conveniance, just type 'tools/core_install.sh' now, to install coredumper in your home directory.])],)
AC_MSG_RESULT([Looking for ldap in system ])
fi
-AC_CHECK_LIB(ldap, ldap_init,
+AC_CHECK_LIB(ldap, ldap_simple_bind_s,
[
+LIBS="-lldap $LIBS"
AC_CHECK_HEADERS(ldap.h,
[
AC_DEFINE(WITH_LDAP, 1, [Define if LDAP libs are linked])
fi
]
)
+AC_MSG_RESULT($LIBS)
AC_DEFINE_UNQUOTED(CODENAME, "${CODENAME}", [Code name for this release])
AC_SUBST(MODULE_OBJS)
#include <tre/regex.h>
#ifdef WITH_LDAP
-#include <ldap.h>
+#include <ldap.h> /* just needed for default LDAP_PORT */
#endif
#define NICKSERV_CONF_NAME "services/nickserv"
#define KEY_NOTE_DATE "date"
#define KEY_LDAP_ENABLE "ldap_enable"
+
+#ifdef WITH_LDAP
#define KEY_LDAP_HOST "ldap_host"
#define KEY_LDAP_PORT "ldap_port"
#define KEY_LDAP_BASE "ldap_base"
#define KEY_LDAP_DN_FMT "ldap_dn_fmt"
#define KEY_LDAP_VERSION "ldap_version"
#define KEY_LDAP_AUTOCREATE "ldap_autocreate"
+#endif
#define NICKSERV_VALID_CHARS "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-_"
struct handle_info *hi;
const char *passwd;
struct userNode *other;
+#ifdef WITH_LDAP
int ldap_result = 0;
+ char *email = NULL;
+#endif
if (user->handle_info) {
reply("NSMSG_ALREADY_AUTHED", user->handle_info->handle);
if (argc == 3) {
#ifdef WITH_LDAP
ldap_result = ldap_check_auth(argv[1], argv[2]);
+ if(ldap_result) {
+ /* pull the users info from ldap:
+ * * email
+ * * name if available
+ * *
+ */
+ }
+
#endif
hi = dict_find(nickserv_handle_dict, argv[1], NULL);
pw_arg = 2;
return 0;
}
if (!hi) {
- if(ldap_result == true) {
+#ifdef WITH_LDAP
+ if(ldap_result == true && nickserv_conf.ldap_autocreate) {
/* user not found, but authed to ldap successfully..
* create the account.
- * TODO: fill this in
*/
- reply("NSMSG_HANDLE_NOT_FOUND");
- return 0;
+ char *mask;
+ if(!(hi = nickserv_register(user, NULL, argv[1], argv[2], 0))) {
+ reply("NSMSG_UNABLE_TO_ADD");
+ return 0; /* couldn't add the user for some reason */
+ }
+ /* Add a *@* mask */
+ if(nickserv_conf.default_hostmask)
+ mask = "*@*";
+ else
+ mask = generate_hostmask(user, GENMASK_OMITNICK|GENMASK_NO_HIDING|GENMASK_ANY_IDENT);
+
+ if(mask) {
+ char* mask_canonicalized = canonicalize_hostmask(strdup(mask));
+ string_list_append(hi->masks, mask_canonicalized);
+ }
+ if(email) {
+ nickserv_set_email_addr(hi, email);
+ }
+ if(nickserv_conf.sync_log)
+ SyncLog("REGISTER %s %s %s %s", hi->handle, hi->passwd, email ? email : "@", user->info);
}
- reply("NSMSG_HANDLE_NOT_FOUND");
- return 0;
+ else {
+#endif
+ reply("NSMSG_HANDLE_NOT_FOUND");
+ return 0;
+#ifdef WITH_LDAP
+ }
+#endif
}
/* Responses from here on look up the language used by the handle they asked about. */
passwd = argv[pw_arg];
str = database_get_data(conf_node, KEY_LDAP_ENABLE, RECDB_QSTRING);
nickserv_conf.ldap_enable = str ? strtoul(str, NULL, 0) : 0;
+#ifndef WITH_LDAP
+ if(nickserv_conf.ldap_enable > 0) {
+ /* ldap is enabled but not compiled in - error out */
+ log_module(MAIN_LOG, LOG_ERROR, "ldap is enabled in config, but not compiled in!");
+ nickserv_conf.ldap_enable = 0;
+ sleep(5);
+ }
+#endif
+#ifdef WITH_LDAP
str = database_get_data(conf_node, KEY_LDAP_HOST, RECDB_QSTRING);
nickserv_conf.ldap_host = str ? str : "";
str = database_get_data(conf_node, KEY_LDAP_PORT, RECDB_QSTRING);
-#ifdef WITH_LDAP
nickserv_conf.ldap_port = str ? strtoul(str, NULL, 0) : LDAP_PORT;
-#else
- nickserv_conf.ldap_port = str ? strtoul(str, NULL, 0) : 0;
-#endif
str = database_get_data(conf_node, KEY_LDAP_BASE, RECDB_QSTRING);
nickserv_conf.ldap_base = str ? str : "";
str = database_get_data(conf_node, KEY_LDAP_AUTOCREATE, RECDB_QSTRING);
nickserv_conf.ldap_autocreate = str ? strtoul(str, NULL, 0) : 0;
+#endif
}
char default_style;
struct string_list *denied_fakehost_words;
unsigned int ldap_enable;
+#ifdef WITH_LDAP
const char *ldap_host;
unsigned int ldap_port;
const char *ldap_base;
const char *ldap_dn_fmt;
unsigned int ldap_version;
unsigned int ldap_autocreate;
+#endif
};
void init_nickserv(const char *nick);
* * nickserv.c work to use said functions.
*/
+#include "config.h"
#ifdef WITH_LDAP
#include <stdio.h>
//#include <sys/select.h>
#include "conf.h"
-#include "config.h"
#include "global.h"
#include "log.h"
#include "x3ldap.h"
int ldap_do_init()
{
+ if(!nickserv_conf.ldap_enable)
+ return false;
/* TODO: check here for all required config options and exit() out if not present */
ld = ldap_init(nickserv_conf.ldap_host, nickserv_conf.ldap_port);
if(ld == NULL) {
char buff[MAXLEN];
int q;
+ if(!nickserv_conf.ldap_enable)
+ return false;
+
memset(buff, 0, MAXLEN);
snprintf(buff, sizeof(buff)-1, nickserv_conf.ldap_dn_fmt /*"uid=%s,ou=Users,dc=afternet,dc=org"*/, account);
int n = 0;
log_module(MAIN_LOG, LOG_ERROR, "Bind failed: %s/****** (%d)\n", buff, q);
ldap_perror(ld, "ldap");
/* Re-init to re-connect to ldap server if thats the problem */
- sleep(10);
+ //sleep(10);
ldap_do_init(nickserv_conf);
}
- if(n++ > 6) {
- log_module(MAIN_LOG, LOG_ERROR, "Failing to reconnect to ldap server. Dieing.");
- exit(1);
+ if(n++ > 1) {
+ /* TODO: return to the user that this is a connection error and not a problem
+ * with their password
+ */
+ log_module(MAIN_LOG, LOG_ERROR, "Failing to reconnect to ldap server. Auth failing.");
+ return false;
}
}
log_module(MAIN_LOG, LOG_DEBUG, "bind() successfull! You are bound as %s\n", buff);
// LDAP stands for light directory access protocol. its what many larger orgs use for central user/password management. Its also the core technology behind windows active directory.
// If you have an ldap server, you can configure X3 to use it instead of saving passwords locally.
//"ldap_enable" "1";
- //"ldap_host" "ldap.yourdomain.com"
- //"ldap_port" "683"
- //"ldap_base" "ou=Users,dc=afternet,dc=org"
- //"ldap_dn_fmt" "uid=%s,ou=Users,dc=afternet,dc=org"
- //"ldap_autocreate" "0"; // automatically create accounts if they exist in ldap but not x3
+ //"ldap_host" "ldap.yourdomain.com";
+ // port defaults to ldap default 389 if left commented
+ //"ldap_port" "389";
+ //"ldap_base" "ou=Users,dc=yournet,dc=org";
+ //"ldap_dn_fmt" "uid=%s,ou=Users,dc=afternet,dc=org";
+ // automatically create accounts if they exist in ldap but not x3
+ //"ldap_autocreate" "1";
};
/*