diff options
author | Jakub Hrozek <jhrozek@redhat.com> | 2011-01-03 16:16:57 +0100 |
---|---|---|
committer | Simo Sorce <ssorce@redhat.com> | 2011-01-07 05:00:44 -0500 |
commit | 8a9fdbfb039bf1894cf3b301c8a0f84261ec8c1c (patch) | |
tree | f08d850fd5b68f8bb06a5e92cbbea5fb49b277c0 /ipa-client | |
parent | 21bf175e0c10b087deb10b8e328a6a6bd549c0f9 (diff) | |
download | freeipa-8a9fdbfb039bf1894cf3b301c8a0f84261ec8c1c.tar.gz freeipa-8a9fdbfb039bf1894cf3b301c8a0f84261ec8c1c.tar.xz freeipa-8a9fdbfb039bf1894cf3b301c8a0f84261ec8c1c.zip |
Do not use LDAP_DEPRECATED in plugins
Remove the LDAP_DEPRECATED constant and do not use functions that are
marked as deprecated in recent OpenLDAP releases. Also always define
WITH_{MOZLDAP,OPENLDAP} since there are conditional header includes that
depend on that constant.
https://fedorahosted.org/freeipa/ticket/576
Diffstat (limited to 'ipa-client')
-rw-r--r-- | ipa-client/ipa-client-common.h | 4 | ||||
-rw-r--r-- | ipa-client/ipa-getkeytab.c | 4 | ||||
-rw-r--r-- | ipa-client/ipa-join.c | 31 |
3 files changed, 31 insertions, 8 deletions
diff --git a/ipa-client/ipa-client-common.h b/ipa-client/ipa-client-common.h index 863b805ae..b738fb4a5 100644 --- a/ipa-client/ipa-client-common.h +++ b/ipa-client/ipa-client-common.h @@ -23,6 +23,10 @@ #include <libintl.h> #define _(STRING) gettext(STRING) +#ifndef discard_const +#define discard_const(ptr) ((void *)((uintptr_t)(ptr))) +#endif + int init_gettext(void); #endif /* __IPA_CLIENT_COMMON_H */ diff --git a/ipa-client/ipa-getkeytab.c b/ipa-client/ipa-getkeytab.c index 96747a86b..8f108de4a 100644 --- a/ipa-client/ipa-getkeytab.c +++ b/ipa-client/ipa-getkeytab.c @@ -57,10 +57,6 @@ #define KEYTAB_SET_OID "2.16.840.1.113730.3.8.3.1" #define KEYTAB_RET_OID "2.16.840.1.113730.3.8.3.2" -#ifndef discard_const -#define discard_const(ptr) ((void *)((uintptr_t)(ptr))) -#endif - struct krb_key_salt { krb5_enctype enctype; krb5_int32 salttype; diff --git a/ipa-client/ipa-join.c b/ipa-client/ipa-join.c index 5c3d14022..ff0fed9a4 100644 --- a/ipa-client/ipa-join.c +++ b/ipa-client/ipa-join.c @@ -18,7 +18,6 @@ */ #define _GNU_SOURCE -#define LDAP_DEPRECATED 1 #include <unistd.h> #include <stdlib.h> @@ -178,6 +177,9 @@ connect_ldap(const char *hostname, const char *binddn, const char *bindpw) { int version = LDAP_VERSION3; int ret; int ldapdebug = 0; + char *uri; + struct berval bindpw_bv; + if (debug) { ldapdebug=2; ret = ldap_set_option(NULL, LDAP_OPT_DEBUG_LEVEL, &ldapdebug); @@ -186,7 +188,20 @@ connect_ldap(const char *hostname, const char *binddn, const char *bindpw) { if (ldap_set_option(NULL, LDAP_OPT_X_TLS_CACERTFILE, CAFILE) != LDAP_OPT_SUCCESS) goto fail; - ld = (LDAP *)ldap_init(hostname, 636); + ret = asprintf(&uri, "ldaps://%s:636", hostname); + if (ret == -1) { + fprintf(stderr, _("Out of memory!")); + goto fail; + } + + ret = ldap_initialize(&ld, uri); + free(uri); + if(ret != LDAP_SUCCESS) { + fprintf(stderr, _("Unable to initialize connection to ldap server: %s"), + ldap_err2string(ret)); + goto fail; + } + if (ldap_set_option(ld, LDAP_OPT_X_TLS, &ssl) != LDAP_OPT_SUCCESS) { fprintf(stderr, _("Unable to enable SSL in LDAP\n")); goto fail; @@ -198,7 +213,12 @@ connect_ldap(const char *hostname, const char *binddn, const char *bindpw) { goto fail; } - ret = ldap_bind_s(ld, binddn, bindpw, LDAP_AUTH_SIMPLE); + bindpw_bv.bv_val = discard_const(bindpw); + bindpw_bv.bv_len = strlen(bindpw); + + ret = ldap_sasl_bind_s(ld, binddn, LDAP_SASL_SIMPLE, &bindpw_bv, + NULL, NULL, NULL); + if (ret != LDAP_SUCCESS) { int err; @@ -446,7 +466,10 @@ join_ldap(const char *ipaserver, char *hostname, const char ** binddn, const cha if ((rc = ldap_extended_operation_s(ld, JOIN_OID, &valrequest, NULL, NULL, &oidresult, &valresult)) != LDAP_SUCCESS) { if (!quiet) fprintf(stderr, _("principal not found in host entry\n")); - if (debug) ldap_perror(ld, "ldap_extended_operation_s"); + if (debug) { + fprintf(stderr, "ldap_extended_operation_s failed: %s", + ldap_err2string(rc)); + } rval = 18; goto ldap_done; } |