|
Ian Kent |
fcacf9 |
diff --git a/modules/lookup_ldap.c b/modules/lookup_ldap.c
|
|
Ian Kent |
fcacf9 |
index 29e26db..0723fd8 100644
|
|
Ian Kent |
fcacf9 |
--- a/modules/lookup_ldap.c
|
|
Ian Kent |
fcacf9 |
+++ b/modules/lookup_ldap.c
|
|
Ian Kent |
fcacf9 |
@@ -261,7 +261,7 @@ static int get_query_dn(unsigned logopt, LDAP *ldap, struct lookup_context *ctxt
|
|
Ian Kent |
fcacf9 |
{
|
|
Ian Kent |
fcacf9 |
char buf[PARSE_MAX_BUF];
|
|
Ian Kent |
fcacf9 |
char *query, *dn, *qdn;
|
|
Ian Kent |
fcacf9 |
- LDAPMessage *result = NULL, *e;
|
|
Ian Kent |
fcacf9 |
+ LDAPMessage *result, *e;
|
|
Ian Kent |
fcacf9 |
struct ldap_searchdn *sdns = NULL;
|
|
Ian Kent |
fcacf9 |
char *attrs[2];
|
|
Ian Kent |
fcacf9 |
struct berval **value;
|
|
Ian Kent |
fcacf9 |
@@ -319,52 +319,71 @@ static int get_query_dn(unsigned logopt, LDAP *ldap, struct lookup_context *ctxt
|
|
Ian Kent |
fcacf9 |
}
|
|
Ian Kent |
fcacf9 |
}
|
|
Ian Kent |
fcacf9 |
|
|
Ian Kent |
fcacf9 |
- if (!ctxt->sdns)
|
|
Ian Kent |
fcacf9 |
+ dn = NULL;
|
|
Ian Kent |
fcacf9 |
+ if (!ctxt->sdns) {
|
|
Ian Kent |
fcacf9 |
rv = ldap_search_s(ldap, ctxt->base,
|
|
Ian Kent |
fcacf9 |
scope, query, attrs, 0, &result);
|
|
Ian Kent |
fcacf9 |
- else {
|
|
Ian Kent |
fcacf9 |
+ if ((rv != LDAP_SUCCESS) || !result) {
|
|
Ian Kent |
fcacf9 |
+ error(logopt,
|
|
Ian Kent |
fcacf9 |
+ MODPREFIX "query failed for %s: %s",
|
|
Ian Kent |
fcacf9 |
+ query, ldap_err2string(rv));
|
|
Ian Kent |
fcacf9 |
+ return 0;
|
|
Ian Kent |
fcacf9 |
+ }
|
|
Ian Kent |
fcacf9 |
+
|
|
Ian Kent |
fcacf9 |
+ e = ldap_first_entry(ldap, result);
|
|
Ian Kent |
fcacf9 |
+ if (e && (value = ldap_get_values_len(ldap, e, key))) {
|
|
Ian Kent |
fcacf9 |
+ ldap_value_free_len(value);
|
|
Ian Kent |
fcacf9 |
+ dn = ldap_get_dn(ldap, e);
|
|
Ian Kent |
fcacf9 |
+ debug(logopt, MODPREFIX "found query dn %s", dn);
|
|
Ian Kent |
fcacf9 |
+ } else {
|
|
Ian Kent |
fcacf9 |
+ debug(logopt,
|
|
Ian Kent |
fcacf9 |
+ MODPREFIX "query succeeded, no matches for %s",
|
|
Ian Kent |
fcacf9 |
+ query);
|
|
Ian Kent |
fcacf9 |
+ ldap_msgfree(result);
|
|
Ian Kent |
fcacf9 |
+ return 0;
|
|
Ian Kent |
fcacf9 |
+ }
|
|
Ian Kent |
fcacf9 |
+ } else {
|
|
Ian Kent |
fcacf9 |
struct ldap_searchdn *this = ctxt->sdns;
|
|
Ian Kent |
fcacf9 |
|
|
Ian Kent |
fcacf9 |
debug(logopt, MODPREFIX "check search base list");
|
|
Ian Kent |
fcacf9 |
|
|
Ian Kent |
fcacf9 |
+ result = NULL;
|
|
Ian Kent |
fcacf9 |
while (this) {
|
|
Ian Kent |
fcacf9 |
rv = ldap_search_s(ldap, this->basedn,
|
|
Ian Kent |
fcacf9 |
scope, query, attrs, 0, &result);
|
|
Ian Kent |
fcacf9 |
-
|
|
Ian Kent |
fcacf9 |
if ((rv == LDAP_SUCCESS) && result) {
|
|
Ian Kent |
fcacf9 |
debug(logopt, MODPREFIX
|
|
Ian Kent |
fcacf9 |
"found search base under %s",
|
|
Ian Kent |
fcacf9 |
this->basedn);
|
|
Ian Kent |
fcacf9 |
- break;
|
|
Ian Kent |
fcacf9 |
+
|
|
Ian Kent |
fcacf9 |
+ e = ldap_first_entry(ldap, result);
|
|
Ian Kent |
fcacf9 |
+ if (e && (value = ldap_get_values_len(ldap, e, key))) {
|
|
Ian Kent |
fcacf9 |
+ ldap_value_free_len(value);
|
|
Ian Kent |
fcacf9 |
+ dn = ldap_get_dn(ldap, e);
|
|
Ian Kent |
fcacf9 |
+ debug(logopt, MODPREFIX "found query dn %s", dn);
|
|
Ian Kent |
fcacf9 |
+ break;
|
|
Ian Kent |
fcacf9 |
+ } else {
|
|
Ian Kent |
fcacf9 |
+ debug(logopt,
|
|
Ian Kent |
fcacf9 |
+ MODPREFIX "query succeeded, no matches for %s",
|
|
Ian Kent |
fcacf9 |
+ query);
|
|
Ian Kent |
fcacf9 |
+ ldap_msgfree(result);
|
|
Ian Kent |
fcacf9 |
+ result = NULL;
|
|
Ian Kent |
fcacf9 |
+ }
|
|
Ian Kent |
fcacf9 |
+ } else {
|
|
Ian Kent |
fcacf9 |
+ error(logopt,
|
|
Ian Kent |
fcacf9 |
+ MODPREFIX "query failed for search dn %s: %s",
|
|
Ian Kent |
fcacf9 |
+ this->basedn, ldap_err2string(rv));
|
|
Ian Kent |
fcacf9 |
}
|
|
Ian Kent |
fcacf9 |
|
|
Ian Kent |
fcacf9 |
this = this->next;
|
|
Ian Kent |
fcacf9 |
-
|
|
Ian Kent |
fcacf9 |
- if (result) {
|
|
Ian Kent |
fcacf9 |
- ldap_msgfree(result);
|
|
Ian Kent |
fcacf9 |
- result = NULL;
|
|
Ian Kent |
fcacf9 |
- }
|
|
Ian Kent |
fcacf9 |
}
|
|
Ian Kent |
fcacf9 |
- }
|
|
Ian Kent |
fcacf9 |
-
|
|
Ian Kent |
fcacf9 |
- if ((rv != LDAP_SUCCESS) || !result) {
|
|
Ian Kent |
fcacf9 |
- error(logopt,
|
|
Ian Kent |
fcacf9 |
- MODPREFIX "query failed for %s: %s",
|
|
Ian Kent |
fcacf9 |
- query, ldap_err2string(rv));
|
|
Ian Kent |
fcacf9 |
- return 0;
|
|
Ian Kent |
fcacf9 |
- }
|
|
Ian Kent |
fcacf9 |
|
|
Ian Kent |
fcacf9 |
- e = ldap_first_entry(ldap, result);
|
|
Ian Kent |
fcacf9 |
- if (e && (value = ldap_get_values_len(ldap, e, key))) {
|
|
Ian Kent |
fcacf9 |
- ldap_value_free_len(value);
|
|
Ian Kent |
fcacf9 |
- dn = ldap_get_dn(ldap, e);
|
|
Ian Kent |
fcacf9 |
- debug(logopt, MODPREFIX "found query dn %s", dn);
|
|
Ian Kent |
fcacf9 |
- } else {
|
|
Ian Kent |
fcacf9 |
- debug(logopt,
|
|
Ian Kent |
fcacf9 |
- MODPREFIX "query succeeded, no matches for %s",
|
|
Ian Kent |
fcacf9 |
- query);
|
|
Ian Kent |
fcacf9 |
- ldap_msgfree(result);
|
|
Ian Kent |
fcacf9 |
- return 0;
|
|
Ian Kent |
fcacf9 |
+ if (!result) {
|
|
Ian Kent |
fcacf9 |
+ ldap_msgfree(result);
|
|
Ian Kent |
fcacf9 |
+ error(logopt,
|
|
Ian Kent |
fcacf9 |
+ MODPREFIX "failed to find query dn under search base dns");
|
|
Ian Kent |
fcacf9 |
+ return 0;
|
|
Ian Kent |
fcacf9 |
+ }
|
|
Ian Kent |
fcacf9 |
}
|
|
Ian Kent |
fcacf9 |
|
|
Ian Kent |
fcacf9 |
qdn = strdup(dn);
|
|
Ian Kent |
fcacf9 |
@@ -1290,8 +1309,12 @@ int lookup_init(const char *mapfmt, int argc, const char *const *argv, void **co
|
|
Ian Kent |
fcacf9 |
validate_uris(uris);
|
|
Ian Kent |
fcacf9 |
if (!list_empty(uris))
|
|
Ian Kent |
fcacf9 |
ctxt->uri = uris;
|
|
Ian Kent |
fcacf9 |
- else
|
|
Ian Kent |
fcacf9 |
+ else {
|
|
Ian Kent |
fcacf9 |
+ error(LOGOPT_ANY,
|
|
Ian Kent |
fcacf9 |
+ "no valid uris found in config list"
|
|
Ian Kent |
fcacf9 |
+ ", using default system config");
|
|
Ian Kent |
fcacf9 |
free(uris);
|
|
Ian Kent |
fcacf9 |
+ }
|
|
Ian Kent |
fcacf9 |
}
|
|
Ian Kent |
fcacf9 |
}
|
|
Ian Kent |
fcacf9 |
|