Imported Debian patch 8.9.3-23debian/8.9.3-23

author: Richard A Nelson (Rick) <cowboy@debian.org> 2000-05-25 17:00:00 -0500
committer: Andreas Beckmann <debian@abeckmann.de> 2012-10-01 19:58:40 +0200
commit: e138436bd1943587e16b03505f8b8cc0307c4211 (patch)
tree: 23d7165ea5ea99bb43ae1568f4b74d5e59a3bddb /debian/patches/patch.ldap.src
parent: 4e2c4cdcd62c4ab1d5e884e8afaa0bbe1b981e42 (diff)
download: sendmail-e138436bd1943587e16b03505f8b8cc0307c4211.tar.gz
1 files changed, 377 insertions, 0 deletions
diff --git a/debian/patches/patch.ldap.src b/debian/patches/patch.ldap.src
new file mode 100644
index 0000000..4b4a4df
--- /dev/null
+++ b/debian/patches/patch.ldap.src
@@ -0,0 +1,377 @@
+Index: ldap_map.h
+===================================================================
+RCS file: /usr/local/src/cvsroot/sendmail.8.9/src/ldap_map.h,v
+retrieving revision 1.1.1.8
+retrieving revision 1.9
+diff -u -r1.1.1.8 -r1.9
+--- ldap_map.h	1999/02/15 19:35:30	1.1.1.8
++++ ldap_map.h	1999/02/15 20:04:06	1.9
+@@ -37,8 +37,8 @@
+ 	/* args for ldap_bind_s */
+ 	LDAP		*ld;
+ 	char		*binddn;
+-	char		*passwd;
+-	int		method;
++	char		*secret;
++	int              method;
+ 
+ 	/* args for ldap_search_st */
+ 	char		*base;
+@@ -55,13 +55,32 @@
+ #define DEFAULT_LDAP_MAP_PORT		LDAP_PORT
+ #define DEFAULT_LDAP_MAP_SCOPE		LDAP_SCOPE_SUBTREE
+ #define DEFAULT_LDAP_MAP_BINDDN		NULL
+-#define DEFAULT_LDAP_MAP_PASSWD		NULL
++#define DEFAULT_LDAP_MAP_SECRET		NULL
+ #define DEFAULT_LDAP_MAP_METHOD		LDAP_AUTH_SIMPLE
+ #define DEFAULT_LDAP_MAP_TIMELIMIT	5
+ #define DEFAULT_LDAP_MAP_DEREF		LDAP_DEREF_NEVER
+ #define DEFAULT_LDAP_MAP_SIZELIMIT	0
+ #define DEFAULT_LDAP_MAP_ATTRSONLY	0
+ #define LDAP_MAP_MAX_FILTER		1024
++
++/* authentication methods available */
++
++#define LDAP_MAP_AUTH_METHOD_MAX 3 
++#define LDAP_MAP_MAX_PASSWD 256
++
++char *ldap_map_auth_methods[] = {
++  "LDAP_AUTH_NONE",    
++  "LDAP_AUTH_SIMPLE",
++  "LDAP_AUTH_KRBV4" 
++} ; 
++
++int ldap_map_auth_methods_code[LDAP_MAP_AUTH_METHOD_MAX] = { 
++  LDAP_AUTH_NONE,
++  LDAP_AUTH_SIMPLE,
++  LDAP_AUTH_KRBV4
++} ; 
++
++
+ #ifdef LDAP_REFERRALS
+ # define DEFAULT_LDAP_MAP_LDAP_OPTIONS	LDAP_OPT_REFERRALS
+ #else /* LDAP_REFERRALS */
+Index: map.c
+===================================================================
+RCS file: /usr/local/src/cvsroot/sendmail.8.9/src/map.c,v
+retrieving revision 1.1.1.11
+retrieving revision 1.20
+diff -u -r1.1.1.11 -r1.20
+--- map.c	1999/02/15 19:35:31	1.1.1.11
++++ map.c	1999/03/30 21:22:41	1.20
+@@ -2621,6 +2621,10 @@
+ #endif
+ 		return FALSE;
+ 	}
++	/* We could call aliaswait here, but it only adds extra
++	   code to the ldap map lookup. The aliaswait "@:@" convention
++	   does not make much sense in the ldap tcp-based model. 
++	   */ 
+ 	return TRUE;
+ }
+ 
+@@ -2647,7 +2651,7 @@
+ 	LDAP_MAP_STRUCT *lmap;
+ 	LDAP *ld;
+ 	register EVENT *ev = NULL;
+-
++	register int bind_result; 
+ 	if (tTd(38, 2))
+ 		printf("ldap_map_start(%s)\n", map->map_mname);
+ 
+@@ -2713,12 +2717,12 @@
+ 	lmap->ld = ld; 
+ 	return TRUE;
+ #else
+-	if (ldap_bind_s(ld, lmap->binddn,lmap->passwd,lmap->method) != LDAP_SUCCESS)
++	if (ldap_bind_s(ld, lmap->binddn,lmap->secret,lmap->method) != LDAP_SUCCESS)
+ 	{
+ 		if (!bitset(MF_OPTIONAL, map->map_mflags))
+ 		{
+-			syserr("421 Cannot bind to map %s in ldap server %s",
+-				map->map_mname, lmap->ldaphost);
++			syserr("421 Cannot bind to map %s in ldap server %s, %s",
++				map->map_mname, lmap->ldaphost,ldap_err2string(bind_result));
+ 		}
+ 	}
+ 	else
+@@ -2727,7 +2731,6 @@
+ 		lmap->ld = ld;
+ 		return TRUE;
+ 	}
+-
+ 	return FALSE;
+ #endif
+ }
+@@ -2811,13 +2814,13 @@
+ {
+ 	LDAP_MAP_STRUCT *lmap = NULL;
+ 	LDAPMessage *entry;
+-	char *vp;
++	char *vp,*vp_tmp;
+ 	auto int vsize;
+ 	char keybuf[MAXNAME + 1];
+ 	char filter[LDAP_MAP_MAX_FILTER + 1];
+ 	char **attr_values = NULL;
+-	char *result;
+-	int name_len;
++	char *result,*tmp;
++	int name_len,val_count,i;
+ 	char *fp, *p, *q;
+ 
+ 	if (tTd(38, 20))
+@@ -2899,39 +2902,88 @@
+ 		}
+ 	}
+ 
++	result = NULL;
++	*statp = EX_NOTFOUND;
++
+ 	entry = ldap_first_entry(lmap->ld,lmap->res);
+ 	if (entry == NULL)
+ 	{
+-	        result = NULL;
+-		*statp = EX_NOTFOUND;
+ 		goto quick_exit;
+ 	}
+ 
+-	/* Need to build the args for map_rewrite here */
+-	attr_values = ldap_get_values(lmap->ld,entry,lmap->attr[0]);
+-	if (attr_values == NULL)
+-	{
+-		/* bad things happened */
+-		result = NULL;
+-		*statp = EX_NOTFOUND;
+-		goto quick_exit;
++	vp = NULL ;
++	
++	/* Cycle through all entries. */ 
++	do { 
++	  /* Need to build the args for map_rewrite here */
++	  attr_values = ldap_get_values(lmap->ld,entry,lmap->attr[0]);
++	  if (attr_values != NULL )
++	    {
++	      *statp = EX_OK;
++
++	      /*
++	       * If there is more that one munge then into 
++	       *  a comma sep string 
++	       */
++	      val_count = ldap_count_values(attr_values) ; 
++	      /* count size */ 
++	      vsize = 0 ; 
++	      for( i = 0 ; i < val_count && attr_values[i] != NULL  ; i++ ) { 
++		vsize += strlen(attr_values[i]) + strlen(", ") ; 
++	      }
++	      vp_tmp = (char * ) malloc(vsize) ;
++	      if ( vp_tmp != NULL ) 
++		{ 
++		  /* first */ 
++		  snprintf(vp_tmp,vsize,"%s",attr_values[0]) ;
++		  tmp = vp_tmp + strlen(vp_tmp);
++		  /*rest */ 
++		  for( i = 1 ; i < (val_count )  && attr_values[i] != NULL ; i++ ) { 
++		    snprintf(tmp,(vsize - strlen(vp_tmp)),", %s",attr_values[i]) ; 
++		    tmp = vp_tmp + strlen(vp_tmp) ; 
++		  }
++		  
++		} else { 
++		  /* Report memory error */ 
++		  if (!bitset(MF_OPTIONAL, map->map_mflags))
++		    {
++		      syserr("Out of memory in ldap_map_lookup");
++		    }	    
++		}
++	    }
++	  if ( vp == NULL ) 
++	    { 
++	      vp = vp_tmp ; 
++	    } else { 
++	      vsize = strlen(vp) + strlen(vp_tmp) + strlen(", ") + 1 ; 
++	      tmp = ( char *) malloc( vsize ) ; 
++	      snprintf(tmp,vsize,"%s, %s",vp,vp_tmp) ; 
++	      /* Free things in correct order. */ 
++	      free ( vp_tmp) ; /* vsize malloc above */ 
++	      vp_tmp = vp ;    /* tmp malloc from previous loop */ 
++	      vp = tmp ; 
++	      free ( vp_tmp ) ; 
++	    }
++	  ldap_value_free(attr_values);
++	  attr_values = NULL ; 
++		
++	} while ( (entry = ldap_next_entry( lmap->ld, entry ) ) != NULL ) ; 
++	
++	if ( *statp == EX_OK ) { 
++	  
++	  vsize = strlen(vp);
++
++	  if (LogLevel > 9)
++	    sm_syslog(LOG_INFO, CurEnv->e_id,
++		      "ldap %.100s => %s",
++		      name, vp);
++	  if (bitset(MF_MATCHONLY, map->map_mflags))
++	    result = map_rewrite(map, name, strlen(name), NULL);
++	  else
++	    result = map_rewrite(map, vp, vsize, av);
++	  free(vp) ; 
++	  
+ 	}
+-
+-	*statp = EX_OK;
+-
+-	/* If there is more that one use the first */
+-	vp = attr_values[0];
+-	vsize = strlen(vp);
+-
+-	if (LogLevel > 9)
+-		sm_syslog(LOG_INFO, CurEnv->e_id,
+-			"ldap %.100s => %s",
+-			name, vp);
+-	if (bitset(MF_MATCHONLY, map->map_mflags))
+-		result = map_rewrite(map, name, strlen(name), NULL);
+-	else
+-		result = map_rewrite(map, vp, vsize, av);
+-
+   quick_exit:
+ 	if (attr_values != NULL)
+ 		ldap_value_free(attr_values);
+@@ -2982,8 +3034,12 @@
+ 	char *args;
+ {
+ 	register char *p = args;
+-	register int done;
++	register int done,i;
+ 	LDAP_MAP_STRUCT *lmap;
++	static char m_tmp[MAXPATHLEN+LDAP_MAP_MAX_PASSWD]; 
++	FILE * sfd ; 
++	int sff = SFF_OPENASROOT|SFF_ROOTOK|SFF_NOWLINK|SFF_NOWWFILES|SFF_NOGWFILES;
++	char *tmp ; 
+ 
+ 	/* We need to alloc an LDAP_MAP_STRUCT struct */
+ 	lmap  = (LDAP_MAP_STRUCT *) xalloc(sizeof(LDAP_MAP_STRUCT));
+@@ -3002,7 +3058,8 @@
+ 
+ 	/* Default char ptrs to NULL */
+ 	lmap->binddn = NULL;
+-	lmap->passwd = NULL;
++       
++	lmap->secret = NULL;
+ 	lmap->base   = NULL;
+ 	lmap->ldaphost = NULL;
+ 
+@@ -3088,7 +3145,9 @@
+ 			break;
+ 
+ 		  case 's':		/* search scope */
+-			if (strncasecmp(++p, "base", 4) == 0)
++		        while (isascii(*++p) && isspace(*p))
++				continue;
++			if (strncasecmp(p, "base", 4) == 0)
+ 			{
+ 				lmap->scope = LDAP_SCOPE_BASE;
+ 			}
+@@ -3142,7 +3201,36 @@
+ 			lmap->timelimit = atoi(p);
+ 			lmap->timeout.tv_sec = lmap->timelimit;
+ 			break;
+-
++		  case 'D':             /* Dn to bind to server as */ 
++		        while (isascii(*++p) && isspace(*p))
++				continue;
++			lmap->binddn = p;
++			break; 
++		  case 'M':             /* Method for binding */ 
++		        while (isascii(*++p) && isspace(*p))
++				continue;
++			/* Need to map ascii method to int here */
++			tmp = p ; 
++			 /* Argh, can't use ldap_map_dequote here */ 
++			if ( *tmp == '"' ) { 
++			  while ( isascii(*++tmp) && isspace(*tmp))
++			    continue;
++			}
++			for(i = 0 ; i < LDAP_MAP_AUTH_METHOD_MAX ; i++ ) {
++			  if ( strncmp(tmp,ldap_map_auth_methods[i],strlen(ldap_map_auth_methods[i])) == 0 ) { 
++			    lmap->method = ldap_map_auth_methods_code[i] ; 
++			  }
++			}
++			 
++			break ; 
++			/* This is a string that is dependent on the
++			 *  method used defined above. 
++			 */ 
++		  case 'S':             /* Secret for binding */ 
++		         while (isascii(*++p) && isspace(*p))
++				continue;
++			lmap->secret = p ; 
++			break ;
+ 		}
+ 
+ 		/* need to account for quoted strings here arggg... */
+@@ -3189,16 +3277,60 @@
+ 		return FALSE;
+ 	}
+ 
+-	if (lmap->binddn != NULL)
+-		lmap->binddn = newstr(ldap_map_dequote(lmap->binddn));
++	if (lmap->binddn != NULL) {
++	  lmap->binddn = newstr(ldap_map_dequote(lmap->binddn));
++	
++	  if ( lmap->secret != NULL ) {
++	    /* need to use method to map secret to passwd string */
++	    switch(lmap->method) 
++	      {
++
++	      case LDAP_AUTH_NONE:  /* Do nothing */ 
++		break; 
++	      case LDAP_AUTH_SIMPLE: /* Secret is the name of a file with
++					the first line as the pwd. */ 
++		
++
++		sfd = safefopen(ldap_map_dequote(lmap->secret),O_RDONLY,0,sff);
++		if ( sfd == NULL ) 
++		  { 
++		    syserr("LDAP map: cannot open secret %s",ldap_map_dequote(lmap->secret));
++		    return FALSE ; 
++		  } else 
++		    { 
++		      lmap->secret = sfgets(m_tmp,LDAP_MAP_MAX_PASSWD,sfd,0,"ldap_map_parseargs") ;
++		      fclose(sfd) ; 
++		      if ( lmap->secret != NULL ) 
++			{ 
++                          /* chomp newline */ 
++			  if (m_tmp[strlen(m_tmp)-1] == '\n')
++			             m_tmp[strlen(m_tmp)-1] = '\0';
++			  
++			  lmap->secret = newstr(m_tmp) ; 
++			}
++		  }
++		break ; 
++	      case LDAP_AUTH_KRBV4:  /* Secret is where the tgt file
++					is stashed */
++		/* We could be paranoid here.. */
++		snprintf(m_tmp,MAXPATHLEN+LDAP_MAP_MAX_PASSWD,"KRBTKFILE=%s",ldap_map_dequote(lmap->secret)); 
++		putenv(m_tmp); 
++		lmap->secret = NULL ; 
++		break ; 
++	      default :             /* Should NEVER get here */ 
++		syserr("LDAP map: Garbage in lmap method" ) ; 
++		return FALSE ; 
++		break ; 
++	      } /* end switch */ 
++	  } 
++	}
+ 	else
+ 		lmap->binddn = DEFAULT_LDAP_MAP_BINDDN;
+-
+ 
+-	if (lmap->passwd != NULL)
+-		lmap->passwd = newstr(ldap_map_dequote(lmap->passwd));
++	if (lmap->secret != NULL)
++		lmap->secret = newstr(ldap_map_dequote(lmap->secret));
+ 	else
+-		lmap->passwd = DEFAULT_LDAP_MAP_PASSWD;
++		lmap->secret = DEFAULT_LDAP_MAP_SECRET;
+ 
+ 	if (lmap->base != NULL)
+ 		lmap->base = newstr(ldap_map_dequote(lmap->base));
author	Richard A Nelson (Rick) <cowboy@debian.org>	2000-05-25 17:00:00 -0500
committer	Andreas Beckmann <debian@abeckmann.de>	2012-10-01 19:58:40 +0200
commit	e138436bd1943587e16b03505f8b8cc0307c4211 (patch)
tree	23d7165ea5ea99bb43ae1568f4b74d5e59a3bddb /debian/patches/patch.ldap.src
parent	4e2c4cdcd62c4ab1d5e884e8afaa0bbe1b981e42 (diff)
download	sendmail-e138436bd1943587e16b03505f8b8cc0307c4211.tar.gz