[svn:qpsmtpd] r763 - contrib/vetinari

Tue, 31 Jul 2007 11:38:33 -0700 

Author: vetinari
Date: Tue Jul 31 10:24:37 2007
New Revision: 763

Modified:
   contrib/vetinari/rcpt_ldap

Log:
ldap authentication for the rcpt_ldap plugin (by Guilherme Buonfiglio)

Modified: contrib/vetinari/rcpt_ldap
==============================================================================
--- contrib/vetinari/rcpt_ldap  (original)
+++ contrib/vetinari/rcpt_ldap  Tue Jul 31 10:24:37 2007
@@ -33,6 +33,8 @@
     # set any values that are not already
     $self->{"ldconf"}->{"ldap_host"} ||= "127.0.0.1";
     $self->{"ldconf"}->{"ldap_port"} ||= 389;
+    $self->{"ldconf"}->{"ldap_user"} ||= "";
+    $self->{"ldconf"}->{"ldap_password"} ||= "";
     $self->{"ldconf"}->{"ldap_timeout"} ||= 5;
     $self->{"ldconf"}->{"ldap_rcpt_filter_attr"} ||= "dn";
     $self->{"ldconf"}->{"ldap_rcpt_filter"} ||= 
@@ -48,7 +50,7 @@
 
     my ($self, $transaction, $recipient) = @_;
     my ($ldhost, $ldport, $ldwait, $ldbase, $ldfattr, $ldfilter, $lduserdn, 
-        $ldh, $mesg, $rcpt, $user, $host);
+        $ldh, $mesg, $rcpt, $user, $host, $ldbinddn, $ldbindpw);
 
     unless (&is_rcpthost($self,$recipient->user,$recipient->host)) {
         return (OK) if $self->qp->connection->relay_client;
@@ -59,6 +61,8 @@
     $ldhost = $self->{"ldconf"}->{"ldap_host"};
     $ldport = $self->{"ldconf"}->{"ldap_port"};
     $ldbase = $self->{"ldconf"}->{"ldap_base"};
+    $ldbinddn = $self->{"ldconf"}->{"ldap_user"};
+    $ldbindpw = $self->{"ldconf"}->{"ldap_password"};
 
     # log error here and DECLINE if no baseDN, because a custom 
     # baseDN is required:
@@ -73,6 +77,11 @@
     $ldh = Net::LDAP->new($ldhost, port=>$ldport, timeout=>$ldwait) or
       $self->log(LOGALERT, "ldap_rcpt - error in initial conn") &&
       return (DENYSOFT, "temporary user lookup error");
+    if (($ldbinddn ne "") && ($ldbindpw ne "")) {
+      $ldh->bind($ldbinddn, password => $ldbindpw)  or
+        $self->log(LOGALERT, "ldap_rcpt - error trying to bind with user and 
password") &&
+        return (DENYSOFT, "temporary user lookup error");
+    }
 
     ($rcpt = $recipient->address) =~ s/[()]/\\$1/g;
     ($user = $recipient->user) =~ s/[()]/\\$1/g;     
@@ -202,6 +211,8 @@
 
 - added $user+$mbox support
 
+- ldap authentication (by Guilherme Buonfiglio)
+
 =head1 AUTHOR
 
 Hanno Hecker <[EMAIL PROTECTED]>

Reply via email to