Mailinglist Archive: proxy-suite (18 mails)
| < Previous | Next > |
Re: [proxy-suite] Problem with LDAP reading values
- From: Marius Tomaschewski <mt@xxxxxxx>
- Date: Mon, 12 Aug 2002 10:24:18 +0000 (UTC)
- Message-id: <20020812102814.GC1354@xxxxxxx>
On Wed, Aug 07, 2002 at 06:11:47PM -0400, Jonathan Zuilkowski wrote:
> Hi,
Hi!
Yes, I see the problem in the proxy-suite-1.9 as you
have explained.
> #if defined(HAVE_LIBLDAP)
> /*
> ** If an LDAP server is configured, insist on using it
> */
>
> #################this doesn't seem to work ####################
> //if ((p = config_str(NULL, "LDAPServer", NULL)) != NULL) {
> // int rc = ldap_fetch(ctx, p, who, pwd);
> /*
> ** check if we have to read profile from config...
> */
> // syslog_write(T_DBG, "ldap_fetch returned %d", rc);
> // if(0 != rc) return rc;
> // }
>
> ################I got this from 1.8.2.2 #########################
>
> if ((p = config_str(NULL, "LDAPServer", NULL)) != NULL) {
> int rc;
> if ((rc = ldap_fetch(ctx, p, who, pwd)) != LDAP_SUCCESS) {
> errno = 0;
> syslog_write(T_DBG, "can't read LDAP data "
> "for %s: %.512s",
> ctx->cli_ctrl->peer,
> ldap_err2string(lderr));
> exit(EXIT_FAILURE);
> }
> if (ctx->srv_addr != (u_int32_t) 0) {
> syslog_write(U_INF,
> "reading data for '%s' from LDAP",
> ctx->username);
> return 0; /* LDAP has delivered */
> }
> }
>
> #endif
Yes. This is the bug place.
The fallback to user config from file is broken in 1.9;
the user config is read from file if all needed ldap
fetches succeed...
I'll try to fix it this week (or weekend) - it's needed
to rewrite and test the fallback code.
It can't be done that simple way as in 1.8, because the
user config should be read from file if LDAPAuthDN is
used, but no LDAPBaseDN...
LDAPBaseDN: dn for user config _and_ auth
LDAPAuthDN: dn for auth only
Kind regards,
Marius Tomaschewski <mt@xxxxxxx>
--
SuSE Linux AG, Nürnberg - SuSE Labs, Product Developement
PGP public key available: http://www.suse.de/~mt/mt.pgp
Fprint: EA 1F 92 75 1A F9 82 07 A1 28 DE 7A 32 E8 97 18
> Hi,
Hi!
Yes, I see the problem in the proxy-suite-1.9 as you
have explained.
> #if defined(HAVE_LIBLDAP)
> /*
> ** If an LDAP server is configured, insist on using it
> */
>
> #################this doesn't seem to work ####################
> //if ((p = config_str(NULL, "LDAPServer", NULL)) != NULL) {
> // int rc = ldap_fetch(ctx, p, who, pwd);
> /*
> ** check if we have to read profile from config...
> */
> // syslog_write(T_DBG, "ldap_fetch returned %d", rc);
> // if(0 != rc) return rc;
> // }
>
> ################I got this from 1.8.2.2 #########################
>
> if ((p = config_str(NULL, "LDAPServer", NULL)) != NULL) {
> int rc;
> if ((rc = ldap_fetch(ctx, p, who, pwd)) != LDAP_SUCCESS) {
> errno = 0;
> syslog_write(T_DBG, "can't read LDAP data "
> "for %s: %.512s",
> ctx->cli_ctrl->peer,
> ldap_err2string(lderr));
> exit(EXIT_FAILURE);
> }
> if (ctx->srv_addr != (u_int32_t) 0) {
> syslog_write(U_INF,
> "reading data for '%s' from LDAP",
> ctx->username);
> return 0; /* LDAP has delivered */
> }
> }
>
> #endif
Yes. This is the bug place.
The fallback to user config from file is broken in 1.9;
the user config is read from file if all needed ldap
fetches succeed...
I'll try to fix it this week (or weekend) - it's needed
to rewrite and test the fallback code.
It can't be done that simple way as in 1.8, because the
user config should be read from file if LDAPAuthDN is
used, but no LDAPBaseDN...
LDAPBaseDN: dn for user config _and_ auth
LDAPAuthDN: dn for auth only
Kind regards,
Marius Tomaschewski <mt@xxxxxxx>
--
SuSE Linux AG, Nürnberg - SuSE Labs, Product Developement
PGP public key available: http://www.suse.de/~mt/mt.pgp
Fprint: EA 1F 92 75 1A F9 82 07 A1 28 DE 7A 32 E8 97 18
| < Previous | Next > |