[prev in list] [next in list] [prev in thread] [next in thread]
List: exmh-users
Subject: authenticated LDAP
From: Mark Scarborough <mscar-list-exmh () cactus ! org>
Date: 2003-02-27 21:48:28
[Download RAW message or body]
This is a multipart MIME message.
Back at the end of December I asked about configuring exmh for authenticated access \
to LDAP. (Here is the original post: \
https://listman.redhat.com/mailman/private/exmh-users/2002-December/005663.html)
I started looking at the problem again today after having been too busy to worry \
about it for the last 2 months.
I was able to patch addr.tcl to add 2 additional preferences and use them for the \
LDAP lookup. (first attachment)
This works for me, but breaks Unauthenticated lookups. Not good.
I have attempted to generalize the patch to work in both cases but I'm having trouble \
getting it to work. As I stated before, I don't know tcl, so I'm just hacking here.
If someone could help me fix up this code, maybe we could get it added to the main \
distribution.
What I attempted to do is to check whether or not the "username" and "password" are \
set - if not, do the original lookup, but if they are, modify the ldap_search command \
to include the additional parameters. I believe I'm having some kind of "variable \
substitution" error such that the new parameters look like strings to the command \
instead of actual parameters. Or something like that.
Any takers?
I'm not on exmh-workers, but if I should move this thread over there I can.
By the way, these patches are on 2.5 - I haven't had a chance to look at the 2.6.x \
release yet. I'm scared to because I use the "Folder Tree" patch from quite a while \
back and it severely broke the only CVS snapshot version I ever tried...
Thanks,
Mark
["exmh.ldap.patch.1" (text/plain)]
--- exmh-2.5/addr.tcl.mscar1 2003-02-27 12:14:26.000000000 -0600
+++ exmh-2.5/addr.tcl 2003-02-27 15:39:10.000000000 -0600
@@ -131,6 +131,20 @@
"LDAP Encoding"
"The character encoding used by the LDAP server."
}
+ {
+ addr_db(ldap_binddn)
+ addressdbLDAPBindDN
+ {}
+ "LDAP Bind DN"
+ "The User information used for authentication to the LDAP server."
+ }
+ {
+ addr_db(ldap_password)
+ addressdbLDAPPassword
+ {}
+ "LDAP Password"
+ "The User password used for authentication to the LDAP server."
+ }
{
addr_db(filter_regexp)
addressdbFilterRegexp
@@ -692,6 +706,8 @@
}
if [catch {set ldap_results [exec ldapsearch -h [string trim $addr_db(ldap_server)] \
-b $addr_db(ldap_searchbase) \
+ -D $addr_db(ldap_binddn) \
+ -w $addr_db(ldap_password) \
"$query" cn mail]} err] {
Exmh_Status "Error executing ldapsearch: $err"
return {}
["exmh.ldap.patch.2" (text/plain)]
--- exmh-2.5/addr.tcl.mscar2 2003-02-27 11:22:57.000000000 -0600
+++ exmh-2.5/addr.tcl 2003-02-27 15:40:47.000000000 -0600
@@ -700,16 +700,26 @@
Exmh_Status "Querying $addr_db(ldap_server) from $addr_db(ldap_searchbase) with $n..."
+ if { ($addr_db(ldap_binddn) == {}) } {
+ set binddn ""
+ } else {
+ set binddn "-D $addr_db(ldap_binddn)"
+ }
+ if { ($addr_db(ldap_password) == {}) } {
+ set password ""
+ } else {
+ set password "-w $addr_db(ldap_password)"
+ }
set query "(|(cn=*$n*)(mail=*$n*)(sn=*$n*)(givenname=*$n*))"
if {[catch {set query "[encoding convertto $addr_db(ldap_encoding) "$query"]"} err]} {
Exmh_Debug "LDAP_Lookup encoding convertto: $err"
}
if [catch {set ldap_results [exec ldapsearch -h [string trim $addr_db(ldap_server)] \
-b $addr_db(ldap_searchbase) \
- -D $addr_db(ldap_binddn) \
- -w $addr_db(ldap_password) \
+ "$binddn" "$password" \
"$query" cn mail]} err] {
Exmh_Status "Error executing ldapsearch: $err"
+ Exmh_Status "Error executing ldapsearch: binddn=$binddn, password=$password"
return {}
}
_______________________________________________
Exmh-users mailing list
Exmh-users@redhat.com
https://listman.redhat.com/mailman/listinfo/exmh-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic