diff --git a/ldapauth.c b/ldapauth.c index 133483e..fc8f713 100644 --- a/ldapauth.c +++ b/ldapauth.c @@ -138,9 +138,8 @@ int ldap_connect(ldap_opt_t * ldap) { return FAILURE; /* Connection Init and setup */ - ldap->ld = ldap_init(ldap->servers, LDAP_PORT); - if (!ldap->ld) { - ldap_perror(ldap->ld, "ldap_init()"); + if (ldap_initialize(&ldap->ld, ldap->servers) != LDAP_SUCCESS || !ldap->ld) { + ldap_perror(ldap->ld, "ldap_initialize()"); return FAILURE; } @@ -165,8 +164,7 @@ int ldap_connect(ldap_opt_t * ldap) { if (ldap->tls == 1) return FAILURE; - ldap->ld = ldap_init(ldap->servers, LDAP_PORT); - if (!ldap->ld) { + if (ldap_initialize(&ldap->ld, ldap->servers) != LDAP_SUCCESS || !ldap->ld) { ldap_perror(ldap->ld, "ldap_init()"); return FAILURE; } @@ -264,62 +262,6 @@ char * ldap_parse_groups(const char * groups) { return buffer; } -/* a bit dirty but leak free */ -char * ldap_parse_servers(const char * servers) { - char * s = NULL; - char * tmp = NULL, *urls[32]; - unsigned int num = 0 , i = 0 , asize = 0; - LDAPURLDesc *urld[32]; - - if (!servers) - return NULL; - - /* local copy of the arg */ - s = strdup(servers); - if (!s) - return NULL; - - /* first separate into URL tokens */ - if ( tokenize(urls, sizeof(urls)/sizeof(*urls), s) < 0) - return NULL; - - i = 0; - while (urls[i]) { - if (! ldap_is_ldap_url(urls[i]) || - (ldap_url_parse(urls[i], &urld[i]) != 0)) { - return NULL; - } - i++; - } - - /* now free(s) */ - free (s); - - /* how much memory do we need */ - num = i; - for (i = 0 ; i < num ; i++) - asize += strlen(urld[i]->lud_host)+11; - - /* alloc */ - s = (char *) calloc( asize+1 , sizeof(char)); - if (!s) { - for (i = 0 ; i < num ; i++) - ldap_free_urldesc(urld[i]); - return NULL; - } - - /* then build the final host string */ - for (i = 0 ; i < num ; i++) { - /* built host part */ - tmp = ldap_build_host(urld[i]->lud_host, urld[i]->lud_port); - strncat(s, tmp, strlen(tmp)); - ldap_free_urldesc(urld[i]); - free(tmp); - } - - return s; -} - void ldap_options_print(ldap_opt_t * ldap) { debug("ldap options:"); debug("servers: %s", ldap->servers); @@ -533,11 +475,7 @@ int ldap_parse_lconf(ldap_opt_t * l) { v[li + 1] = '\0'; if (!strcasecmp (k, "uri")) { - if ((l->servers = ldap_parse_servers(v)) == NULL) { - fatal("error in ldap servers"); - return FAILURE; - } - + l->servers = strdup(v); } else if (!strcasecmp (k, "base")) { s = strchr (v, '?'); diff --git a/ldapauth.h b/ldapauth.h index ba70958..aed93ec 100644 --- a/ldapauth.h +++ b/ldapauth.h @@ -113,7 +113,6 @@ typedef struct ldap_keys { void ldap_close(ldap_opt_t *); int ldap_connect(ldap_opt_t *); char * ldap_parse_groups(const char *); -char * ldap_parse_servers(const char *); void ldap_options_print(ldap_opt_t *); void ldap_options_free(ldap_opt_t *); void ldap_keys_free(ldap_key_t *); diff --git a/servconf.c b/servconf.c index 5119033..8847d32 100644 --- a/servconf.c +++ b/servconf.c @@ -1381,16 +1381,11 @@ process_server_config_line(ServerOptions *options, char *line, intptr = &options->lpk.on; goto parse_flag; case sLdapServers: - /* arg = strdelim(&cp); */ - p = line; - while(*p++); - arg = p; - if (!arg || *arg == '\0') - fatal("%s line %d: missing ldap server",filename,linenum); - arg[strlen(arg)] = '\0'; - if ((options->lpk.servers = ldap_parse_servers(arg)) == NULL) - fatal("%s line %d: error in ldap servers", filename, linenum); - memset(arg,0,strlen(arg)); + arg = strdelim(&cp); + if (!arg || arg[0] == '\0') + fatal("%.200s line %d: At least one Server is needed.", + filename, linenum); + options->lpk.servers = strdup(arg); break; case sLdapUserDN: arg = cp; diff --git a/sshd.c b/sshd.c index 230cff8..9710135 100644 --- a/sshd.c +++ b/sshd.c @@ -1489,7 +1489,7 @@ main(int ac, char **av) } #ifdef WITH_LDAP_PUBKEY - /* ldap_options_print(&options.lpk); */ + ldap_options_print(&options.lpk); /* XXX initialize/check ldap connection and set *LD */ if (options.lpk.on) { if (options.lpk.l_conf && (ldap_parse_lconf(&options.lpk) < 0) )