Timo,
thanks for having a look at my message...
This looks scary, wouldn't it work without it? : request->failed = FALSE;
I simply copied the logic from existing code in the same function.
Also, don't these work already?
any = 0.0.0.0/0
none = 0.0.0.0/32
Or I'm not sure if the 0.0.0.0/0 matches IPv6, maybe that's a problem..
Right, thats one problem as I remember. This is in my ldap.conf:
pass_filter = (uid=%Lu)
pass_attrs = =user=%{ldap:uid}, \
=allow_nets=%{ldap:allownets:ALL}, \
=userdb_uid=%{ldap:uidNumber:1000}, \
=userdb_gid=%{ldap:gidNumber:1000}, \
=userdb_home=%{ldap:homeDirectory:/mail/%Ln}
I have to declare a default value for "allow_nets" for accounts
without specifies LDAP attribute "allownets".
0.0.0.0/0 will work, but the comma fail. Also only an IPv6 is impossible ":"
For this reasons I came up with my patch solution. The other
possibility is to explicit allaw all requests
if the variable networks in
src/auth/auth-request.c/auth_request_validate_networks is empty.
Also I don't really like to use uppercase values, strcasecmp() would
be better I think.
there is no strong need for uppercase.
As I said, the solution may be not optimal.
Andreas