X-Git-Url: https://arthur.barton.de/cgi-bin/gitweb.cgi?a=blobdiff_plain;f=libatalk%2Facl%2Fldap.c;h=724ac4d5ba8e59d59bf4aa2f73c2cc3450165765;hb=64c01c136e708085840814c92ff7cf829a794317;hp=cc8545b507a6ba01b50d5ce47c7393efe6b241a4;hpb=02b75327c46fd79ad17f6573eebe74b902791ae0;p=netatalk.git

diff --git a/libatalk/acl/ldap.c b/libatalk/acl/ldap.c
index cc8545b5..724ac4d5 100644
--- a/libatalk/acl/ldap.c
+++ b/libatalk/acl/ldap.c
@@ -1,5 +1,4 @@
 /*
-  $Id: ldap.c,v 1.7 2010-04-23 11:37:06 franklahm Exp $
   Copyright (c) 2008,2009 Frank Lahm <franklahm@gmail.com>
 
   This program is free software; you can redistribute it and/or modify
@@ -17,11 +16,14 @@
 #include "config.h"
 #endif /* HAVE_CONFIG_H */
 
+#ifdef HAVE_LDAP
+
 #include <stdio.h>
 #include <stdlib.h>
 #include <sys/time.h>
 #include <string.h>
 #include <errno.h>
+#define LDAP_DEPRECATED 1
 #include <ldap.h>
 
 #include <atalk/logger.h>
@@ -115,7 +117,7 @@ static int ldap_getattr_fromfilter_withbase_scope( const char *searchbase,
     char **attribute_values = NULL;
     struct timeval timeout;
 
-    LOG(log_maxdebug, logtype_afpd,"ldap_getattr_fromfilter_withbase_scope: BEGIN");
+    LOG(log_maxdebug, logtype_afpd,"ldap: BEGIN");
 
     timeout.tv_sec = 3;
     timeout.tv_usec = 0;
@@ -125,17 +127,17 @@ retry:
     ret = 0;
 
     if (ld == NULL) {
-        LOG(log_maxdebug, logtype_default, "ldap_getattr_fromfilter_withbase_scope: LDAP server: \"%s\"",
+        LOG(log_maxdebug, logtype_default, "ldap: server: \"%s\"",
             ldap_server);
         if ((ld = ldap_init(ldap_server, LDAP_PORT)) == NULL ) {
-            LOG(log_error, logtype_default, "ldap_getattr_fromfilter_withbase_scope: ldap_init error: %s",
+            LOG(log_error, logtype_default, "ldap: ldap_init error: %s",
                 strerror(errno));
             return -1;
         }
         if (ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &desired_version) != 0) {
             /* LDAP_OPT_SUCCESS is not in the proposed standard, so we check for 0
                http://tools.ietf.org/id/draft-ietf-ldapext-ldap-c-api-05.txt */
-            LOG(log_error, logtype_default, "ldap_getattr_fromfilter_withbase_scope: ldap_set_option failed!");
+            LOG(log_error, logtype_default, "ldap: ldap_set_option failed!");
             free(ld);
             ld = NULL;
             return -1;
@@ -146,8 +148,8 @@ retry:
     if (!ldapconnected) {
         if (LDAP_AUTH_NONE == ldap_auth_method) {
             if (ldap_bind_s(ld, "", "", LDAP_AUTH_SIMPLE) != LDAP_SUCCESS ) {
-                LOG(log_error, logtype_default, "ldap_getattr_fromfilter_withbase_scope: ldap_bind failed!");
-                LOG(log_error, logtype_default, "ldap_auth_method: \'%d\'", ldap_auth_method);
+                LOG(log_error, logtype_default, "ldap: ldap_bind failed, auth_method: \'%d\'",
+                    ldap_auth_method);
                 free(ld);
                 ld = NULL;
                 return -1;
@@ -156,8 +158,8 @@ retry:
 
         } else if (LDAP_AUTH_SIMPLE == ldap_auth_method) {
             if (ldap_bind_s(ld, ldap_auth_dn, ldap_auth_pw, ldap_auth_method) != LDAP_SUCCESS ) {
-                LOG(log_error, logtype_default, "ldap_getattr_fromfilter_withbase_scope: ldap_bind failed!");
-                LOG(log_error, logtype_default, "ldap_auth_dn: \'%s\', ldap_auth_pw: \'%s\', ldap_auth_method: \'%d\'",
+                LOG(log_error, logtype_default,
+                    "ldap: ldap_bind failed: ldap_auth_dn: \'%s\', ldap_auth_pw: \'%s\', ldap_auth_method: \'%d\'",
                     ldap_auth_dn, ldap_auth_pw, ldap_auth_method);
                 free(ld);
                 ld = NULL;
@@ -166,39 +168,38 @@ retry:
             ldapconnected = 1;
         }
     }
-    /* ldapconnected and ld are now always 1 and != NULL which is important when dealing w. errors*/
 
-    LOG(log_maxdebug, logtype_afpd, "LDAP start search: base: %s, filter: %s, attr: %s",
+    LOG(log_maxdebug, logtype_afpd, "ldap: start search: base: %s, filter: %s, attr: %s",
         searchbase, filter, attributes[0]);
 
     /* start LDAP search */
     ldaperr = ldap_search_st(ld, searchbase, scope, filter, attributes, 0, &timeout, &msg);
-    LOG(log_maxdebug, logtype_default, "ldap_getattr_fromfilter_withbase_scope: ldap_search_st returned: %s, %u",
-        ldap_err2string(ldaperr), ldaperr);
+    LOG(log_maxdebug, logtype_default, "ldap: ldap_search_st returned: %s",
+        ldap_err2string(ldaperr));
     if (ldaperr != LDAP_SUCCESS) {
-        if (retrycount >= 1)
-            LOG(log_error, logtype_default, "ldap_getattr_fromfilter_withbase_scope: ldap_search_st failed: %s", ldap_err2string(ldaperr));
+        LOG(log_error, logtype_default, "ldap: ldap_search_st failed: %s, retrycount: %i",
+            ldap_err2string(ldaperr), retrycount);
         ret = -1;
         goto cleanup;
     }
 
     /* parse search result */
-    LOG(log_maxdebug, logtype_default, "ldap_getuuidfromname: got %d entries from ldap search",
+    LOG(log_maxdebug, logtype_default, "ldap: got %d entries from ldap search",
         ldap_count_entries(ld, msg));
-    if (ldap_count_entries(ld, msg) != 1) {
+    if ((ret = ldap_count_entries(ld, msg)) != 1) {
         ret = 0;
         goto cleanup;
     }
 
     entry = ldap_first_entry(ld, msg);
     if (entry == NULL) {
-        LOG(log_error, logtype_default, "ldap_getattr_fromfilter_withbase_scope: error in ldap_first_entry");
+        LOG(log_error, logtype_default, "ldap: ldap_first_entry error");
         ret = -1;
         goto cleanup;
     }
     attribute_values = ldap_get_values(ld, entry, attributes[0]);
     if (attribute_values == NULL) {
-        LOG(log_error, logtype_default, "ldap_getattr_fromfilter_withbase_scope: error in ldap_get_values");
+        LOG(log_error, logtype_default, "ldap: ldap_get_values error");
         ret = -1;
         goto cleanup;
     }
@@ -248,9 +249,16 @@ cleanup:
  * Interface
  ********************************************************/
 
-/* 
- * returns allocated storage in uuid_string, caller must free it
- * returns 0 on success, -1 on error or not found
+/*! 
+ * Search UUID for name in LDAP
+ *
+ * Caller must free uuid_string when done with it
+ *
+ * @param name        (r) name to search
+ * @param type        (r) type of USER or GROUP
+ * @param uuid_string (w) result as pointer to allocated UUID-string
+ *
+ * @returns 0 on success, -1 on error or not found
  */
 int ldap_getuuidfromname( const char *name, uuidtype_t type, char **uuid_string) {
     int ret;
@@ -259,6 +267,9 @@ int ldap_getuuidfromname( const char *name, uuidtype_t type, char **uuid_string)
     char *attributes[]  = { ldap_uuid_attr, NULL};
     char *ldap_attr;
 
+    if (!ldap_config_valid)
+        return -1;
+
     /* make filter */
     if (type == UUID_GROUP)
         ldap_attr = ldap_group_attr;
@@ -284,13 +295,22 @@ int ldap_getuuidfromname( const char *name, uuidtype_t type, char **uuid_string)
  * LDAP search wrapper
  * returns allocated storage in name, caller must free it
  * returns 0 on success, -1 on error or not found
+ * 
+ * @param uuidstr  (r) uuid to search as ascii string
+ * @param name     (w) return pointer to name as allocated string
+ * @param type     (w) return type: USER or GROUP
+ *
+ * returns 0 on success, -1 on errror
  */
-int ldap_getnamefromuuid( char *uuidstr, char **name, uuidtype_t *type) {
+int ldap_getnamefromuuid( const char *uuidstr, char **name, uuidtype_t *type) {
     int ret;
     int len;
     char filter[256];       /* this should really be enough. we dont want to malloc everything! */
     char *attributes[]  = { NULL, NULL};
 
+    if (!ldap_config_valid)
+        return -1;
+
     /* make filter */
     len = snprintf( filter, 256, "%s=%s", ldap_uuid_attr, uuidstr);
     if (len >= 256 || len == -1) {
@@ -316,3 +336,4 @@ int ldap_getnamefromuuid( char *uuidstr, char **name, uuidtype_t *type) {
 
     return -1;
 }
+#endif  /* HAVE_LDAP */