diff options
author | Noriko Hosoi <nhosoi@redhat.com> | 2007-06-28 16:15:26 +0000 |
---|---|---|
committer | Noriko Hosoi <nhosoi@redhat.com> | 2007-06-28 16:15:26 +0000 |
commit | da39f866049f4416691e77c1aa71a1643fdccbf9 (patch) | |
tree | a752c85eefb0d907b82aa9d165e07e06427fa594 | |
parent | 90b55f89ec52eed449e1122dc05a925ec0fc7ea4 (diff) | |
download | ds-da39f866049f4416691e77c1aa71a1643fdccbf9.tar.gz ds-da39f866049f4416691e77c1aa71a1643fdccbf9.tar.xz ds-da39f866049f4416691e77c1aa71a1643fdccbf9.zip |
Resolves: #244749
Summary: Configure Pass Thru Auth (comment #28)
Descri[tion: 1) removing the dependency on the config_ds
2) ds_newinst always adds "cn=Pass Through Authentication" with the
nsslapd-pluginEnabled value off.
-rw-r--r-- | ldap/admin/src/create_instance.c | 86 | ||||
-rw-r--r-- | ldap/admin/src/create_instance.h | 2 |
2 files changed, 11 insertions, 77 deletions
diff --git a/ldap/admin/src/create_instance.c b/ldap/admin/src/create_instance.c index 55eec872..f5421589 100644 --- a/ldap/admin/src/create_instance.c +++ b/ldap/admin/src/create_instance.c @@ -301,9 +301,7 @@ void set_defaults(char *sroot, char *hn, server_config_s *conf) conf->start_server = "1"; conf->install_full_schema = 1; conf->admin_domain = NULL; - conf->config_ldap_url = NULL; conf->user_ldap_url = NULL; - conf->use_existing_config_ds = 0; conf->use_existing_user_ds = 0; conf->consumerdn = NULL; conf->disable_schema_checking = NULL; @@ -3217,53 +3215,17 @@ char *ds_gen_confs(char *sroot, server_config_s *cf, char *cs_path) fprintf(f, "\n"); #endif - /* enable pass thru authentication */ - if ((cf->use_existing_config_ds && cf->config_ldap_url) || - (cf->use_existing_user_ds && cf->user_ldap_url)) - { - LDAPURLDesc *desc = 0; - char *url = cf->use_existing_config_ds ? cf->config_ldap_url : - cf->user_ldap_url; - if (url && !ldap_url_parse(url, &desc) && desc) - { - char *suffix = desc->lud_dn; - char *service = !strncmp(url, "ldaps:", strlen("ldaps:")) ? - "ldaps" : "ldap"; - if (cf->use_existing_config_ds) - { - suffix = cf->netscaperoot; - } - - suffix = ds_URL_encode(suffix); - fprintf(f, "dn: cn=Pass Through Authentication,cn=plugins,cn=config\n"); - fprintf(f, "objectclass: top\n"); - fprintf(f, "objectclass: nsSlapdPlugin\n"); - fprintf(f, "objectclass: extensibleObject\n"); - fprintf(f, "cn: Pass Through Authentication\n"); - fprintf(f, "nsslapd-pluginpath: %s/libpassthru-plugin%s\n", cf->plugin_dir, shared_lib); - fprintf(f, "nsslapd-plugininitfunc: passthruauth_init\n"); - fprintf(f, "nsslapd-plugintype: preoperation\n"); - fprintf(f, "nsslapd-pluginenabled: on\n"); - fprintf(f, "nsslapd-pluginarg0: %s://%s:%d/%s\n", service, desc->lud_host, desc->lud_port, - suffix); - fprintf(f, "nsslapd-plugin-depends-on-type: database\n"); - fprintf(f, "\n"); - free(suffix); - ldap_free_urldesc(desc); - } - } else { /* just add the config, disabled */ - fprintf(f, "dn: cn=Pass Through Authentication,cn=plugins,cn=config\n"); - fprintf(f, "objectclass: top\n"); - fprintf(f, "objectclass: nsSlapdPlugin\n"); - fprintf(f, "objectclass: extensibleObject\n"); - fprintf(f, "cn: Pass Through Authentication\n"); - fprintf(f, "nsslapd-pluginpath: %s/libpassthru-plugin%s\n", cf->plugin_dir, shared_lib); - fprintf(f, "nsslapd-plugininitfunc: passthruauth_init\n"); - fprintf(f, "nsslapd-plugintype: preoperation\n"); - fprintf(f, "nsslapd-pluginenabled: off\n"); - fprintf(f, "nsslapd-plugin-depends-on-type: database\n"); - fprintf(f, "\n"); - } + fprintf(f, "dn: cn=Pass Through Authentication,cn=plugins,cn=config\n"); + fprintf(f, "objectclass: top\n"); + fprintf(f, "objectclass: nsSlapdPlugin\n"); + fprintf(f, "objectclass: extensibleObject\n"); + fprintf(f, "cn: Pass Through Authentication\n"); + fprintf(f, "nsslapd-pluginpath: %s/libpassthru-plugin%s\n", cf->plugin_dir, shared_lib); + fprintf(f, "nsslapd-plugininitfunc: passthruauth_init\n"); + fprintf(f, "nsslapd-plugintype: preoperation\n"); + fprintf(f, "nsslapd-pluginenabled: off\n"); + fprintf(f, "nsslapd-plugin-depends-on-type: database\n"); + fprintf(f, "\n"); #ifdef ENABLE_PAM_PASSTHRU #if !defined( XP_WIN32 ) @@ -4518,38 +4480,12 @@ int parse_form(server_config_s *cf) cf->admin_domain = ds_a_get_cgi_var("admin_domain", NULL, NULL); - if ((temp = ds_a_get_cgi_var("use_existing_config_ds", NULL, NULL))) { - cf->use_existing_config_ds = atoi(temp); - } else { - cf->use_existing_config_ds = 1; /* there must already be one */ - } - if ((temp = ds_a_get_cgi_var("use_existing_user_ds", NULL, NULL))) { cf->use_existing_user_ds = atoi(temp); } else { cf->use_existing_user_ds = 0; /* we are creating it */ } - temp = ds_a_get_cgi_var("ldap_url", NULL, NULL); - if (temp && !ldap_url_parse(temp, &desc) && desc) - { - char *suffix; - int isSSL; - - if (desc->lud_dn && *desc->lud_dn) { /* use given DN for netscaperoot suffix */ - cf->netscaperoot = strdup(desc->lud_dn); - suffix = cf->netscaperoot; - } else { /* use the default */ - suffix = dn_normalize_convert(strdup(cf->netscaperoot)); - } - /* the config ds connection may require SSL */ - isSSL = !strncmp(temp, "ldaps:", strlen("ldaps:")); - cf->config_ldap_url = PR_smprintf("ldap%s://%s:%d/%s", - (isSSL ? "s" : ""), desc->lud_host, - desc->lud_port, suffix); - ldap_free_urldesc(desc); - } - /* if being called as a CGI, the user_ldap_url will be the directory we're creating */ /* this is the directory we're creating, and we cannot create an ssl diff --git a/ldap/admin/src/create_instance.h b/ldap/admin/src/create_instance.h index 32a4a78c..1e8d2665 100644 --- a/ldap/admin/src/create_instance.h +++ b/ldap/admin/src/create_instance.h @@ -161,10 +161,8 @@ typedef struct { char * start_server; char * admin_domain; - char * config_ldap_url; char * user_ldap_url; int use_existing_user_ds; - int use_existing_config_ds; char * disable_schema_checking; char * install_ldif_file; char *adminport; |