Package: pure-ftpd-ldap Severity: wishlist Tags: patch Here is a patch I made for choosing how Dereferencing of LDAP aliases is made in pure-ftpd/ldap module. This option was crucial for me and maybe for others, so here is my contribution.
Files patched are : - log_ldap.c / log_ldap.h => added an option LDAPDereference = [never|always|search|find] (default = never) - pureftpd-ldap.conf => added the option (commented) and its description - README.ldap => added a more complete description of the option Patch was against pure-ftpd 1.0.20. Is it possible to forward this patch to upstream ? Thanks, AF. -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable'), (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.11-1-686 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) ------------------------------------------ Faites un voeu et puis Voila ! www.voila.fr
diff -urN pure-ftpd-1.0.20.old/README.LDAP pure-ftpd-1.0.20.new/README.LDAP --- pure-ftpd-1.0.20.old/README.LDAP 2004-02-29 22:49:37.000000000 +0100 +++ pure-ftpd-1.0.20.new/README.LDAP 2005-08-05 16:57:22.000000000 +0200 @@ -94,6 +94,11 @@ - LDAPVersion is the protocol version to use. Version 3 is recommended and needed with OpenLDAP servers. It is the default. +- LDAPDereference if the method for dereferencing LDAP aliases. Should be +one of : never, always, search, or find to specify that aliases are never +dereferenced, always dereferenced, dereferenced when searching, or +dereferenced only when locating the base object for the search. + In fact, the only mandatory keyword is LDAPBaseDN. Other keywords are optional and defaults are ok for local testing. diff -urN pure-ftpd-1.0.20.old/pureftpd-ldap.conf pure-ftpd-1.0.20.new/pureftpd-ldap.conf --- pure-ftpd-1.0.20.old/pureftpd-ldap.conf 2002-10-02 15:47:28.000000000 +0200 +++ pure-ftpd-1.0.20.new/pureftpd-ldap.conf 2005-08-05 16:55:02.000000000 +0200 @@ -62,3 +62,10 @@ # LDAPVersion 3 +# Optional : alias derefencing method. Default : never +# Specify how aliases dereferencing is done. Should be one of : +# never, always, search, or find to specify that aliases are never +# dereferenced, always dereferenced, dereferenced when searching, +# or dereferenced only when locating the base object for the search. + +# LDAPDereference always diff -urN pure-ftpd-1.0.20.old/src/log_ldap.c pure-ftpd-1.0.20.new/src/log_ldap.c --- pure-ftpd-1.0.20.old/src/log_ldap.c 2004-05-15 23:18:33.000000000 +0200 +++ pure-ftpd-1.0.20.new/src/log_ldap.c 2005-08-05 16:51:04.000000000 +0200 @@ -68,6 +68,21 @@ } else { ldap_version = LDAP_DEFAULT_VERSION; } + if (ldap_deref_s != NULL) { + if ( strcasecmp(ldap_deref_s, "always")==0 ) { + ldap_deref=LDAP_DEREF_ALWAYS; + } else if( strcasecmp(ldap_deref_s, "search")==0 ) { + ldap_deref=LDAP_DEREF_SEARCHING; + } else if( strcasecmp(ldap_deref_s, "find" )==0 ) { + ldap_deref=LDAP_DEREF_FINDING; + } else { + ldap_deref=LDAP_DEREF_NEVER; + } + free(ldap_deref_s); + ldap_deref_s = NULL; + } else { + ldap_deref = LDAP_DEREF_NEVER; + } if (default_uid_s != NULL) { default_uid = (uid_t) strtoul(default_uid_s, NULL, 10); free(default_uid_s); @@ -113,6 +128,9 @@ # ifdef LDAP_OPT_PROTOCOL_VERSION int version = ldap_version; # endif +# ifdef LDAP_OPT_DEREF + int deref = ldap_deref; +# endif if (ldap_host == NULL || port < 0) { return NULL; @@ -126,6 +144,14 @@ return NULL; } # endif + +# ifdef LDAP_OPT_DEREF + if (ldap_set_option(ld, LDAP_OPT_DEREF, &deref) != + LDAP_SUCCESS) { + return NULL; + } +# endif + if (ldap_bind_s(ld, root, pwd, LDAP_AUTH_SIMPLE) != LDAP_SUCCESS) { return NULL; } diff -urN pure-ftpd-1.0.20.old/src/log_ldap_p.h pure-ftpd-1.0.20.new/src/log_ldap_p.h --- pure-ftpd-1.0.20.old/src/log_ldap_p.h 2004-02-29 22:49:28.000000000 +0100 +++ pure-ftpd-1.0.20.new/src/log_ldap_p.h 2005-08-05 17:00:58.000000000 +0200 @@ -18,6 +18,8 @@ static char *ldap_homedirectory; static char *ldap_version_s; static int ldap_version; +static char *ldap_deref_s; +static int ldap_deref; static char *default_uid_s; static uid_t default_uid; static char *default_gid_s; @@ -32,6 +34,7 @@ { "LDAPFilter", &ldap_filter}, { "LDAPHomeDir", &ldap_homedirectory }, { "LDAPVersion", &ldap_version_s }, + { "LDAPDereference", &ldap_deref_s }, { "LDAPDefaultUID", &default_uid_s }, { "LDAPDefaultGID", &default_gid_s }, { NULL, NULL }