diff options
Diffstat (limited to 'debian/patches/patch.ldap.src')
| -rw-r--r-- | debian/patches/patch.ldap.src | 377 |
1 files changed, 0 insertions, 377 deletions
diff --git a/debian/patches/patch.ldap.src b/debian/patches/patch.ldap.src deleted file mode 100644 index 4b4a4df..0000000 --- a/debian/patches/patch.ldap.src +++ /dev/null @@ -1,377 +0,0 @@ -Index: ldap_map.h -=================================================================== -RCS file: /usr/local/src/cvsroot/sendmail.8.9/src/ldap_map.h,v -retrieving revision 1.1.1.8 -retrieving revision 1.9 -diff -u -r1.1.1.8 -r1.9 ---- ldap_map.h 1999/02/15 19:35:30 1.1.1.8 -+++ ldap_map.h 1999/02/15 20:04:06 1.9 -@@ -37,8 +37,8 @@ - /* args for ldap_bind_s */ - LDAP *ld; - char *binddn; -- char *passwd; -- int method; -+ char *secret; -+ int method; - - /* args for ldap_search_st */ - char *base; -@@ -55,13 +55,32 @@ - #define DEFAULT_LDAP_MAP_PORT LDAP_PORT - #define DEFAULT_LDAP_MAP_SCOPE LDAP_SCOPE_SUBTREE - #define DEFAULT_LDAP_MAP_BINDDN NULL --#define DEFAULT_LDAP_MAP_PASSWD NULL -+#define DEFAULT_LDAP_MAP_SECRET NULL - #define DEFAULT_LDAP_MAP_METHOD LDAP_AUTH_SIMPLE - #define DEFAULT_LDAP_MAP_TIMELIMIT 5 - #define DEFAULT_LDAP_MAP_DEREF LDAP_DEREF_NEVER - #define DEFAULT_LDAP_MAP_SIZELIMIT 0 - #define DEFAULT_LDAP_MAP_ATTRSONLY 0 - #define LDAP_MAP_MAX_FILTER 1024 -+ -+/* authentication methods available */ -+ -+#define LDAP_MAP_AUTH_METHOD_MAX 3 -+#define LDAP_MAP_MAX_PASSWD 256 -+ -+char *ldap_map_auth_methods[] = { -+ "LDAP_AUTH_NONE", -+ "LDAP_AUTH_SIMPLE", -+ "LDAP_AUTH_KRBV4" -+} ; -+ -+int ldap_map_auth_methods_code[LDAP_MAP_AUTH_METHOD_MAX] = { -+ LDAP_AUTH_NONE, -+ LDAP_AUTH_SIMPLE, -+ LDAP_AUTH_KRBV4 -+} ; -+ -+ - #ifdef LDAP_REFERRALS - # define DEFAULT_LDAP_MAP_LDAP_OPTIONS LDAP_OPT_REFERRALS - #else /* LDAP_REFERRALS */ -Index: map.c -=================================================================== -RCS file: /usr/local/src/cvsroot/sendmail.8.9/src/map.c,v -retrieving revision 1.1.1.11 -retrieving revision 1.20 -diff -u -r1.1.1.11 -r1.20 ---- map.c 1999/02/15 19:35:31 1.1.1.11 -+++ map.c 1999/03/30 21:22:41 1.20 -@@ -2621,6 +2621,10 @@ - #endif - return FALSE; - } -+ /* We could call aliaswait here, but it only adds extra -+ code to the ldap map lookup. The aliaswait "@:@" convention -+ does not make much sense in the ldap tcp-based model. -+ */ - return TRUE; - } - -@@ -2647,7 +2651,7 @@ - LDAP_MAP_STRUCT *lmap; - LDAP *ld; - register EVENT *ev = NULL; -- -+ register int bind_result; - if (tTd(38, 2)) - printf("ldap_map_start(%s)\n", map->map_mname); - -@@ -2713,12 +2717,12 @@ - lmap->ld = ld; - return TRUE; - #else -- if (ldap_bind_s(ld, lmap->binddn,lmap->passwd,lmap->method) != LDAP_SUCCESS) -+ if (ldap_bind_s(ld, lmap->binddn,lmap->secret,lmap->method) != LDAP_SUCCESS) - { - if (!bitset(MF_OPTIONAL, map->map_mflags)) - { -- syserr("421 Cannot bind to map %s in ldap server %s", -- map->map_mname, lmap->ldaphost); -+ syserr("421 Cannot bind to map %s in ldap server %s, %s", -+ map->map_mname, lmap->ldaphost,ldap_err2string(bind_result)); - } - } - else -@@ -2727,7 +2731,6 @@ - lmap->ld = ld; - return TRUE; - } -- - return FALSE; - #endif - } -@@ -2811,13 +2814,13 @@ - { - LDAP_MAP_STRUCT *lmap = NULL; - LDAPMessage *entry; -- char *vp; -+ char *vp,*vp_tmp; - auto int vsize; - char keybuf[MAXNAME + 1]; - char filter[LDAP_MAP_MAX_FILTER + 1]; - char **attr_values = NULL; -- char *result; -- int name_len; -+ char *result,*tmp; -+ int name_len,val_count,i; - char *fp, *p, *q; - - if (tTd(38, 20)) -@@ -2899,39 +2902,88 @@ - } - } - -+ result = NULL; -+ *statp = EX_NOTFOUND; -+ - entry = ldap_first_entry(lmap->ld,lmap->res); - if (entry == NULL) - { -- result = NULL; -- *statp = EX_NOTFOUND; - goto quick_exit; - } - -- /* Need to build the args for map_rewrite here */ -- attr_values = ldap_get_values(lmap->ld,entry,lmap->attr[0]); -- if (attr_values == NULL) -- { -- /* bad things happened */ -- result = NULL; -- *statp = EX_NOTFOUND; -- goto quick_exit; -+ vp = NULL ; -+ -+ /* Cycle through all entries. */ -+ do { -+ /* Need to build the args for map_rewrite here */ -+ attr_values = ldap_get_values(lmap->ld,entry,lmap->attr[0]); -+ if (attr_values != NULL ) -+ { -+ *statp = EX_OK; -+ -+ /* -+ * If there is more that one munge then into -+ * a comma sep string -+ */ -+ val_count = ldap_count_values(attr_values) ; -+ /* count size */ -+ vsize = 0 ; -+ for( i = 0 ; i < val_count && attr_values[i] != NULL ; i++ ) { -+ vsize += strlen(attr_values[i]) + strlen(", ") ; -+ } -+ vp_tmp = (char * ) malloc(vsize) ; -+ if ( vp_tmp != NULL ) -+ { -+ /* first */ -+ snprintf(vp_tmp,vsize,"%s",attr_values[0]) ; -+ tmp = vp_tmp + strlen(vp_tmp); -+ /*rest */ -+ for( i = 1 ; i < (val_count ) && attr_values[i] != NULL ; i++ ) { -+ snprintf(tmp,(vsize - strlen(vp_tmp)),", %s",attr_values[i]) ; -+ tmp = vp_tmp + strlen(vp_tmp) ; -+ } -+ -+ } else { -+ /* Report memory error */ -+ if (!bitset(MF_OPTIONAL, map->map_mflags)) -+ { -+ syserr("Out of memory in ldap_map_lookup"); -+ } -+ } -+ } -+ if ( vp == NULL ) -+ { -+ vp = vp_tmp ; -+ } else { -+ vsize = strlen(vp) + strlen(vp_tmp) + strlen(", ") + 1 ; -+ tmp = ( char *) malloc( vsize ) ; -+ snprintf(tmp,vsize,"%s, %s",vp,vp_tmp) ; -+ /* Free things in correct order. */ -+ free ( vp_tmp) ; /* vsize malloc above */ -+ vp_tmp = vp ; /* tmp malloc from previous loop */ -+ vp = tmp ; -+ free ( vp_tmp ) ; -+ } -+ ldap_value_free(attr_values); -+ attr_values = NULL ; -+ -+ } while ( (entry = ldap_next_entry( lmap->ld, entry ) ) != NULL ) ; -+ -+ if ( *statp == EX_OK ) { -+ -+ vsize = strlen(vp); -+ -+ if (LogLevel > 9) -+ sm_syslog(LOG_INFO, CurEnv->e_id, -+ "ldap %.100s => %s", -+ name, vp); -+ if (bitset(MF_MATCHONLY, map->map_mflags)) -+ result = map_rewrite(map, name, strlen(name), NULL); -+ else -+ result = map_rewrite(map, vp, vsize, av); -+ free(vp) ; -+ - } -- -- *statp = EX_OK; -- -- /* If there is more that one use the first */ -- vp = attr_values[0]; -- vsize = strlen(vp); -- -- if (LogLevel > 9) -- sm_syslog(LOG_INFO, CurEnv->e_id, -- "ldap %.100s => %s", -- name, vp); -- if (bitset(MF_MATCHONLY, map->map_mflags)) -- result = map_rewrite(map, name, strlen(name), NULL); -- else -- result = map_rewrite(map, vp, vsize, av); -- - quick_exit: - if (attr_values != NULL) - ldap_value_free(attr_values); -@@ -2982,8 +3034,12 @@ - char *args; - { - register char *p = args; -- register int done; -+ register int done,i; - LDAP_MAP_STRUCT *lmap; -+ static char m_tmp[MAXPATHLEN+LDAP_MAP_MAX_PASSWD]; -+ FILE * sfd ; -+ int sff = SFF_OPENASROOT|SFF_ROOTOK|SFF_NOWLINK|SFF_NOWWFILES|SFF_NOGWFILES; -+ char *tmp ; - - /* We need to alloc an LDAP_MAP_STRUCT struct */ - lmap = (LDAP_MAP_STRUCT *) xalloc(sizeof(LDAP_MAP_STRUCT)); -@@ -3002,7 +3058,8 @@ - - /* Default char ptrs to NULL */ - lmap->binddn = NULL; -- lmap->passwd = NULL; -+ -+ lmap->secret = NULL; - lmap->base = NULL; - lmap->ldaphost = NULL; - -@@ -3088,7 +3145,9 @@ - break; - - case 's': /* search scope */ -- if (strncasecmp(++p, "base", 4) == 0) -+ while (isascii(*++p) && isspace(*p)) -+ continue; -+ if (strncasecmp(p, "base", 4) == 0) - { - lmap->scope = LDAP_SCOPE_BASE; - } -@@ -3142,7 +3201,36 @@ - lmap->timelimit = atoi(p); - lmap->timeout.tv_sec = lmap->timelimit; - break; -- -+ case 'D': /* Dn to bind to server as */ -+ while (isascii(*++p) && isspace(*p)) -+ continue; -+ lmap->binddn = p; -+ break; -+ case 'M': /* Method for binding */ -+ while (isascii(*++p) && isspace(*p)) -+ continue; -+ /* Need to map ascii method to int here */ -+ tmp = p ; -+ /* Argh, can't use ldap_map_dequote here */ -+ if ( *tmp == '"' ) { -+ while ( isascii(*++tmp) && isspace(*tmp)) -+ continue; -+ } -+ for(i = 0 ; i < LDAP_MAP_AUTH_METHOD_MAX ; i++ ) { -+ if ( strncmp(tmp,ldap_map_auth_methods[i],strlen(ldap_map_auth_methods[i])) == 0 ) { -+ lmap->method = ldap_map_auth_methods_code[i] ; -+ } -+ } -+ -+ break ; -+ /* This is a string that is dependent on the -+ * method used defined above. -+ */ -+ case 'S': /* Secret for binding */ -+ while (isascii(*++p) && isspace(*p)) -+ continue; -+ lmap->secret = p ; -+ break ; - } - - /* need to account for quoted strings here arggg... */ -@@ -3189,16 +3277,60 @@ - return FALSE; - } - -- if (lmap->binddn != NULL) -- lmap->binddn = newstr(ldap_map_dequote(lmap->binddn)); -+ if (lmap->binddn != NULL) { -+ lmap->binddn = newstr(ldap_map_dequote(lmap->binddn)); -+ -+ if ( lmap->secret != NULL ) { -+ /* need to use method to map secret to passwd string */ -+ switch(lmap->method) -+ { -+ -+ case LDAP_AUTH_NONE: /* Do nothing */ -+ break; -+ case LDAP_AUTH_SIMPLE: /* Secret is the name of a file with -+ the first line as the pwd. */ -+ -+ -+ sfd = safefopen(ldap_map_dequote(lmap->secret),O_RDONLY,0,sff); -+ if ( sfd == NULL ) -+ { -+ syserr("LDAP map: cannot open secret %s",ldap_map_dequote(lmap->secret)); -+ return FALSE ; -+ } else -+ { -+ lmap->secret = sfgets(m_tmp,LDAP_MAP_MAX_PASSWD,sfd,0,"ldap_map_parseargs") ; -+ fclose(sfd) ; -+ if ( lmap->secret != NULL ) -+ { -+ /* chomp newline */ -+ if (m_tmp[strlen(m_tmp)-1] == '\n') -+ m_tmp[strlen(m_tmp)-1] = '\0'; -+ -+ lmap->secret = newstr(m_tmp) ; -+ } -+ } -+ break ; -+ case LDAP_AUTH_KRBV4: /* Secret is where the tgt file -+ is stashed */ -+ /* We could be paranoid here.. */ -+ snprintf(m_tmp,MAXPATHLEN+LDAP_MAP_MAX_PASSWD,"KRBTKFILE=%s",ldap_map_dequote(lmap->secret)); -+ putenv(m_tmp); -+ lmap->secret = NULL ; -+ break ; -+ default : /* Should NEVER get here */ -+ syserr("LDAP map: Garbage in lmap method" ) ; -+ return FALSE ; -+ break ; -+ } /* end switch */ -+ } -+ } - else - lmap->binddn = DEFAULT_LDAP_MAP_BINDDN; -- - -- if (lmap->passwd != NULL) -- lmap->passwd = newstr(ldap_map_dequote(lmap->passwd)); -+ if (lmap->secret != NULL) -+ lmap->secret = newstr(ldap_map_dequote(lmap->secret)); - else -- lmap->passwd = DEFAULT_LDAP_MAP_PASSWD; -+ lmap->secret = DEFAULT_LDAP_MAP_SECRET; - - if (lmap->base != NULL) - lmap->base = newstr(ldap_map_dequote(lmap->base)); |