Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. DBMail>
  3. dev
LDAP auth
roel at ic-s
Mar 27, 2003, 3:27 AM
Post #1 of 6 (2072 views)
Permalink
Hi all,

i regret to admit that i have lost pretty much track of the LDAP auth
system :$

What's the status? Is it ready to be included in cvs?

regards roel


_________________________
R.A. Rozendaal
ICT Manager
IC&S
T: +31 30 2322878
F: +31 30 2322305
www.ic-s.nl
Re: LDAP auth [ In reply to ]
rbutler at adiis
Mar 27, 2003, 8:26 AM
Post #2 of 6 (2030 views)
Permalink
On Thu, 2003-03-27 at 04:27, Roel Rozendaal - IC&S wrote:
> Hi all,
>
> i regret to admit that i have lost pretty much track of the LDAP auth
> system :$
>
> What's the status? Is it ready to be included in cvs?
>
> regards roel
>
>
> ______

I think it is/was ready to be committed and once its in there, Myself
and/or Jesse need to update autoconf to work with it.


Ryan
Re: LDAP auth [ In reply to ]
aaron at engr
Mar 30, 2003, 9:41 AM
Post #3 of 6 (2032 views)
Permalink
Just finished a full rewrite, actually ;-) so the ldap sections are
now internally abstracted and a few extra config options specifically with
drop-in Exchange replacement in mind... now supported are external
forwards through a Contact, and distribution groups (naturally, it's
recursive to allow a member of a distribution group to have a forward).
I haven't looked at the qmail-ldap schema in a while, although I'm sure
basic functionality would work just fine, no clue about forwards, etc.

I'm busy right now cleaning up all of the printf()'s I stuck everywhere.
Most will become trace(DEBUG) but a few were just to see the program flow.
There's also a 12 byte leak in auth_adduser, but I can't figure out what's
happening there; I've tried free()'ing everything in sight, but only get
segfaults :-( I guess the good news is that the daemons never call
auth_adduser() so it's practically a moot point.

Thanks for asking, btw! I'll post the new version in a few days!

Aaron


On 27 Mar 2003, Ryan Butler wrote:

> On Thu, 2003-03-27 at 04:27, Roel Rozendaal - IC&S wrote:
> > Hi all,
> >
> > i regret to admit that i have lost pretty much track of the LDAP auth
> > system :$
> >
> > What's the status? Is it ready to be included in cvs?
> >
> > regards roel
> >
> >
> > ______
>
> I think it is/was ready to be committed and once its in there, Myself
> and/or Jesse need to update autoconf to work with it.
>
>
> Ryan
>
>
> _______________________________________________
> Dbmail-dev mailing list
> Dbmail-dev@dbmail.org
> http://twister.fastxs.net/mailman/listinfo/dbmail-dev
>
Re: LDAP auth [ In reply to ]
aaron at engr
Mar 30, 2003, 1:17 PM
Post #4 of 6 (2028 views)
Permalink
Or perhaps a few hours later ;-)

There's still a major todo left, and that's that I wrote the
auth_check_user_ext() function to work really well and nice, but forgot to
take care of auth_check_user(). At this point, I don't understand the
difference, except that one is used by injector.c and the other in pipe.c,
respectively. Is the list returned by auth_check_user() really just the
two lists, userids and forwards, from auth_check_user_ext() concatenated?

If that's the case, let's just delete the auth_check_user() function and
rewrite pipe.c to use _ext()... or to be lazy, do this:

int auth_check_user( const char *address, struct list *userids, int checks )
{
int occurences=0;
int c1, c2 }
int count1, count2;
struct list templist1, templist2;
struct element *tempelem1, *tempelem2;
char tempchar[AUTH_QUERY_SIZE];

list_init( templist1 );
list_init( templist2 );
occurences = auth_check_user_ext( address, templist1, templist2, checks );

tempelem1 = list_getstart( templist1 );
count1 = templist1.total_nodes;
for( c1 = 0; c1 < count1; c1++ )
{
/* _ext() gives us a list of numeric user ids, so convert to char */
snprintf( tempchar, AUTH_QUERY_SIZE, "%llu", tempelem1->data );
list_nodeadd( userids, tempchar );
tempelem1 = tempelem1->nextnode;
}

tempelem2 = list_getstart( templist2 ); count2 =
templist2.total_nodes; for( c2 = 0; c2 < count2; c2++ )
{
list_nodeadd( userids, tempelem2->data );
tempelem2 = tempelem2->nextnode;
} tempelem2 = list_getstart( templist2 );
}

Aaron


On Sun, 30 Mar 2003, Aaron
Stone wrote: count2 = templist2.total_nodes;> Just finished a full
rewrite, actually ;-) so the ldap sections are for( c2 = 0; c2 < count2;
c2++ )> now internally abstracted and a few extra config options
specifically with
{> drop-in Exchange replacement in mind... now supported are external
list_nodeadd( userids, tempelem2->data );> forwards through a Contact,
and distribution groups (naturally, it's
tempelem2 = tempelem2->nextnode;> recursive to allow a member of a
I'm busy right now cleaning up all of the printf()'s I stuck everywhere.
> Most will become trace(DEBUG) but a few were just to see the program flow.
> There's also a 12 byte leak in auth_adduser, but I can't figure out what's
> happening there; I've tried free()'ing everything in sight, but only get
> segfaults :-( I guess the good news is that the daemons never call
> auth_adduser() so it's practically a moot point.
>
> Thanks for asking, btw! I'll post the new version in a few days!
>
> Aaron
>
>
> On 27 Mar 2003, Ryan Butler wrote:
>
> > On Thu, 2003-03-27 at 04:27, Roel Rozendaal - IC&S wrote:
> > > Hi all,
> > >
> > > i regret to admit that i have lost pretty much track of the LDAP auth
> > > system :$
> > >
> > > What's the status? Is it ready to be included in cvs?
> > >
> > > regards roel
> > >
> > >
> > > ______
> >
> > I think it is/was ready to be committed and once its in there, Myself
> > and/or Jesse need to update autoconf to work with it.
> >
> >
> > Ryan
> >
> >
> > _______________________________________________
> > Dbmail-dev mailing list
> > Dbmail-dev@dbmail.org
> > http://twister.fastxs.net/mailman/listinfo/dbmail-dev
> >
>
> _______________________________________________
> Dbmail-dev mailing list
> Dbmail-dev@dbmail.org
> http://twister.fastxs.net/mailman/listinfo/dbmail-dev
>

Attached Files:

Re: LDAP auth [ In reply to ]
roel at ic-s
Mar 31, 2003, 8:23 AM
Post #5 of 6 (2026 views)
Permalink
Great! How do you suggest this will be added to cvs? Adding a 'ldap'
directory seems pretty logical to me :-)

Aaron Stone heeft op zondag, 30 maa 2003 om 22:17 (Europe/Amsterdam)
het volgende geschreven:

> <authldap-snap-2003-03-30.c>

_________________________
R.A. Rozendaal
ICT Manager
IC&S
T: +31 30 2322878
F: +31 30 2322305
www.ic-s.nl
Re: LDAP auth [ In reply to ]
aaron at engr
Mar 31, 2003, 9:18 AM
Post #6 of 6 (2038 views)
Permalink
Hmm, I'm not sure about that. It's likely to be the only file that goes
into that directory, well that and a file to document it :-)

Perhaps a new directory called 'auth' for external auth providers? Each
one provides auth*blah*.c and auth*blah*.txt -- code and documentation.

However, an ldap directory makes the most sense if my next project is to
add an ldap message store ;-) But I think shooting one's self in the foot
would be more productive than that :-P

Oh, btw, about that auth_check_user() vs. auth_check_user_ext() thing...
where am I going with that? Does auth_check_user() really just provide
both lists from auth_check_user_ext() oncatenated, and all ->data=char's?

Aaron


On Mon, 31 Mar 2003, Roel Rozendaal - IC&S wrote:

> Great! How do you suggest this will be added to cvs? Adding a 'ldap'
> directory seems pretty logical to me :-)
>
> Aaron Stone heeft op zondag, 30 maa 2003 om 22:17 (Europe/Amsterdam)
> het volgende geschreven:
>
> > <authldap-snap-2003-03-30.c>
>
> _________________________
> R.A. Rozendaal
> ICT Manager
> IC&S
> T: +31 30 2322878
> F: +31 30 2322305
> www.ic-s.nl
>
> _______________________________________________
> Dbmail-dev mailing list
> Dbmail-dev@dbmail.org
> http://twister.fastxs.net/mailman/listinfo/dbmail-dev
>

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal