Lines 49-54
Link Here
|
49 |
gid_t HylaFAXServer::faxuid = 0; // reserved fax uid |
49 |
gid_t HylaFAXServer::faxuid = 0; // reserved fax uid |
50 |
#define FAXUID_RESV HylaFAXServer::faxuid // reserved fax uid |
50 |
#define FAXUID_RESV HylaFAXServer::faxuid // reserved fax uid |
51 |
|
51 |
|
|
|
52 |
#ifdef HAVE_LDAP |
53 |
char sIP [ 16 ]; |
54 |
int iPort; |
55 |
int iLDAPVersion; |
56 |
char p_LDAP_Admin_Name [ 255 ]; |
57 |
char p_LDAP_Admin_Passwd [ 255 ]; |
58 |
char p_LDAP_Base [ 1024 ]; |
59 |
#endif // HAVE_LDAP |
60 |
|
61 |
|
62 |
#ifdef HAVE_LDAP |
63 |
/** |
64 |
* read_ldap_config |
65 |
* param pConfig [IN] points to configuration file name |
66 |
* param pIP [OUT] (attribute "LDAPServerIP") points to buffer which will receive LDAP Server IP (buffer must be large enough - there isn't any overrun protection) |
67 |
* param pPort [OUT] (attribute "LDAPServerPort") points to variable which will receive LDAP Server port |
68 |
* param pAdminLogin [OUT] (attribute "LDAPAdminName") points to buffer which will receive LDAP Server Admin Login (buffer must be large enough - there isn't any overrun protection) |
69 |
* param pAdminPassword [OUT] (attribute "LDAPAdminPasswd") points to buffer which will receive LDAP Server Admin Password (buffer must be large enough - there isn't any overrun protection) |
70 |
* param pBase [OUT] (attribute "LDAPBase") points to buffer which will receive LDAP Server Base Node Value (buffer must be large enough - there isn't any overrun protection) |
71 |
* param pVersion [OUT] (attribute "LDAPVersion") points to variable which will receive LDAP Server Version to set |
72 |
* return 0 - no error occured |
73 |
* return -1 - configuration file missing / not found / unable to open |
74 |
* return -2 - at least one of output values were not found in configuration file and not set |
75 |
* configuration line format: <attribute>':'[' ' | '\t']<value> |
76 |
*/ |
77 |
int read_ldap_config(const char* pConfig, char* pIP, int* pPort, char* pAdminLogin, char* pAdminPassword, char* pBase, int* pVersion) |
78 |
{ |
79 |
static bool bRead = false; |
80 |
if (bRead) |
81 |
return 0; |
82 |
|
83 |
int retval; |
84 |
int cnt = 0; |
85 |
char line [ 1024 ]; |
86 |
char* pA, *pB; |
87 |
bool fTrim; |
88 |
|
89 |
uid_t ouid = geteuid(); |
90 |
seteuid( 0 ); |
91 |
|
92 |
FILE* stream = fopen((char*) pConfig, "r"); // open configuration file |
93 |
|
94 |
int err = errno; |
95 |
seteuid(ouid); |
96 |
|
97 |
if (stream == NULL) { |
98 |
return -1; |
99 |
} |
100 |
|
101 |
// Parse configuration file |
102 |
while (!feof(stream)) { |
103 |
if (fgets(line, sizeof(line), stream) == NULL) |
104 |
break; |
105 |
|
106 |
fTrim = false; |
107 |
pA = (char*) line; |
108 |
if ( line[strlen(line)-1] == '\n') |
109 |
line[strlen(line)-1] = 0; |
110 |
|
111 |
int len = strlen(line); |
112 |
for (int i = 0; i < len; i++) { |
113 |
if (fTrim) { |
114 |
if (line[i] == ' ' || line[i] == '\t') { |
115 |
line[ i ] = 0; |
116 |
pB = ((char*) line)+i+1; |
117 |
} else |
118 |
break; |
119 |
} |
120 |
if (line[i] == ':') { |
121 |
line[i] = 0; |
122 |
fTrim = true; |
123 |
pB = ((char*) line)+i+1; |
124 |
} |
125 |
} |
126 |
|
127 |
if (strcmp(pA,"LDAPServerIP") == 0) { |
128 |
strcpy(pIP, pB); |
129 |
cnt++; |
130 |
} |
131 |
if (strcmp(pA, "LDAPServerPort") == 0) { |
132 |
*pPort = atoi(pB); |
133 |
cnt++; |
134 |
} |
135 |
if (strcmp(pA, "LDAPAdminName") == 0) { |
136 |
strcpy(pAdminLogin, pB); |
137 |
cnt++; |
138 |
} |
139 |
if (strcmp(pA, "LDAPAdminPasswd") == 0) { |
140 |
strcpy(pAdminPassword, pB); |
141 |
cnt++; |
142 |
} |
143 |
if (strcmp(pA, "LDAPBase") == 0) { |
144 |
strcpy(pBase, pB); |
145 |
cnt++; |
146 |
} |
147 |
if (strcmp(pA, "LDAPVersion") == 0) { |
148 |
*pVersion = atoi( pB ); |
149 |
cnt++; |
150 |
} |
151 |
} |
152 |
|
153 |
fclose(stream); // close configuration file |
154 |
|
155 |
// end of parsing configuration file |
156 |
if (cnt != 6) |
157 |
return -2; |
158 |
|
159 |
bRead = true; |
160 |
return 0; |
161 |
} |
162 |
#endif // HAVE_LDAP |
163 |
|
164 |
|
165 |
#ifdef HAVE_LDAP |
166 |
bool |
167 |
HylaFAXServer::checkUser(const char* name) |
168 |
{ |
169 |
int err; |
170 |
LDAP* p_LDAPConn; |
171 |
char filter [255]; |
172 |
|
173 |
snprintf(filter, 255, "uid=%s", name); |
174 |
|
175 |
char* pspass; |
176 |
char spass[255]; |
177 |
LDAPMessage* pEntries; |
178 |
bool retval; |
179 |
|
180 |
char ldap_conf_file [1024]; |
181 |
snprintf(ldap_conf_file, 1024, "%s/etc/ldap.conf", FAX_SPOOLDIR); // create string with configuration file path name |
182 |
|
183 |
err = read_ldap_config((const char*) ldap_conf_file, sIP, &iPort, p_LDAP_Admin_Name, p_LDAP_Admin_Passwd, p_LDAP_Base, &iLDAPVersion); |
184 |
if (err == -1) { |
185 |
reply(530, "Configuration file not found"); |
186 |
return false; |
187 |
} |
188 |
if (err == -2) { |
189 |
reply(530, "Configuration file incomplete"); |
190 |
return false; |
191 |
} |
192 |
|
193 |
p_LDAPConn = ldap_init(sIP, iPort); |
194 |
if (p_LDAPConn == NULL) { |
195 |
reply(530, "Unable to connect to LDAP"); |
196 |
return false; |
197 |
} |
198 |
err = ldap_set_option(p_LDAPConn, LDAP_OPT_PROTOCOL_VERSION, (void *) & iLDAPVersion); |
199 |
if (err != LDAP_SUCCESS) { |
200 |
reply(530, "Set Option LDAP error %d: %s", err, ldap_err2string(err)); |
201 |
ldap_unbind_s(p_LDAPConn); |
202 |
return false; |
203 |
} |
204 |
err = ldap_simple_bind_s(p_LDAPConn, p_LDAP_Admin_Name, p_LDAP_Admin_Passwd); |
205 |
if (err != LDAP_SUCCESS) { |
206 |
reply(530, "Bind LDAP error %d: %s", err, ldap_err2string(err)); |
207 |
ldap_unbind_s(p_LDAPConn); |
208 |
return false; |
209 |
} |
210 |
err = ldap_search_s(p_LDAPConn, p_LDAP_Base, LDAP_SCOPE_SUBTREE, filter, NULL, 0, &pEntries); |
211 |
if (err != LDAP_SUCCESS) { |
212 |
reply(530, "Search LDAP error %d: %s", err, ldap_err2string(err)); |
213 |
ldap_unbind_s(p_LDAPConn); |
214 |
return false; |
215 |
} |
216 |
retval = (ldap_first_entry(p_LDAPConn, pEntries) != NULL); |
217 |
ldap_unbind_s(p_LDAPConn); |
218 |
|
219 |
return retval; |
220 |
} |
221 |
#else // HAVE_LDAP is not defined |
222 |
// previous (original) checkUser function version used by non-LDAP authentication |
52 |
bool |
223 |
bool |
53 |
HylaFAXServer::checkUser(const char* name) |
224 |
HylaFAXServer::checkUser(const char* name) |
54 |
{ |
225 |
{ |
Lines 62-67
Link Here
|
62 |
(const char*) userAccessFile, strerror(errno)); |
233 |
(const char*) userAccessFile, strerror(errno)); |
63 |
return (check); |
234 |
return (check); |
64 |
} |
235 |
} |
|
|
236 |
#endif // HAVE_LDAP |
65 |
|
237 |
|
66 |
static bool |
238 |
static bool |
67 |
nextRecord(FILE* db, char line[], u_int size) |
239 |
nextRecord(FILE* db, char line[], u_int size) |