X-Git-Url: https://vcs.fsf.org/?p=exim.git;a=blobdiff_plain;f=src%2Fsrc%2Flookups%2Fldap.c;h=26fdb2ffc7e681ae1414f459db2aaa9dbb7908e3;hp=ac1a8d824237cfc191c33378433fd5abdd05001f;hb=034d99ab7d8d4bf671671e583c32cf7dd322c1c2;hpb=3295e65b6024775749615d87822f3580ecf00c18 diff --git a/src/src/lookups/ldap.c b/src/src/lookups/ldap.c index ac1a8d824..26fdb2ffc 100644 --- a/src/src/lookups/ldap.c +++ b/src/src/lookups/ldap.c @@ -1,10 +1,10 @@ -/* $Cambridge: exim/src/src/lookups/ldap.c,v 1.8 2005/01/13 11:12:12 ph10 Exp $ */ +/* $Cambridge: exim/src/src/lookups/ldap.c,v 1.11 2006/06/27 13:39:01 ph10 Exp $ */ /************************************************* * Exim - an Internet mail transport agent * *************************************************/ -/* Copyright (c) University of Cambridge 1995 - 2005 */ +/* Copyright (c) University of Cambridge 1995 - 2006 */ /* See the file NOTICE for conditions of use and distribution. */ /* Many thanks to Stuart Lynne for contributing the original code for this @@ -31,7 +31,12 @@ static void dummy(int x) { dummy(x-1); } #else -/* Include LDAP headers */ +/* Include LDAP headers. The code below uses some "old" LDAP interfaces that +are deprecated in OpenLDAP. I don't know their status in other LDAP +implementations. LDAP_DEPRECATED causes their prototypes to be defined in +ldap.h. */ + +#define LDAP_DEPRECATED 1 #include #include @@ -395,7 +400,7 @@ if (lcp == NULL) #ifdef LDAP_OPT_NETWORK_TIMEOUT if (tcplimit > 0) ldap_set_option(ld, LDAP_OPT_NETWORK_TIMEOUT, (void *)timeoutptr); - #endif + #endif /* I could not get TLS to work until I set the version to 3. That version seems to be the default nowadays. The RFC is dated 1997, so I would hope @@ -486,7 +491,7 @@ if (!lcp->bound || if ((rc = ldap_result( lcp->ld, msgid, 1, timeoutptr, &result )) <= 0) { *errmsg = string_sprintf("failed to bind the LDAP connection to server " - "%s%s - LDAP error: %s", host, porttext, + "%s%s - LDAP error: %s", host, porttext, rc == -1 ? "result retrieval failed" : "timeout" ); result = NULL; goto RETURN_ERROR; @@ -563,13 +568,13 @@ if (msgid == -1) #if defined LDAP_LIB_SOLARIS || defined LDAP_LIB_OPENLDAP2 int err; ldap_get_option(lcp->ld, LDAP_OPT_ERROR_NUMBER, &err); - *errmsg = string_sprintf("ldap_search failed: %d, %s", err, + *errmsg = string_sprintf("ldap_search failed: %d, %s", err, ldap_err2string(err)); - - #else + + #else *errmsg = string_sprintf("ldap_search failed"); #endif - + goto RETURN_ERROR; } @@ -788,15 +793,15 @@ if (rc == -1 || result == NULL) } /* A return code that isn't -1 doesn't necessarily mean there were no problems -with the search. The message must be an LDAP_RES_SEARCH_RESULT or -LDAP_RES_SEARCH_REFERENCE or else it's something we can't handle. Some versions -of LDAP do not define LDAP_RES_SEARCH_REFERENCE (LDAP v1 is one, it seems). So +with the search. The message must be an LDAP_RES_SEARCH_RESULT or +LDAP_RES_SEARCH_REFERENCE or else it's something we can't handle. Some versions +of LDAP do not define LDAP_RES_SEARCH_REFERENCE (LDAP v1 is one, it seems). So we don't provide that functionality when we can't. :-) */ -if (rc != LDAP_RES_SEARCH_RESULT +if (rc != LDAP_RES_SEARCH_RESULT #ifdef LDAP_RES_SEARCH_REFERENCE && rc != LDAP_RES_SEARCH_REFERENCE -#endif +#endif ) { *errmsg = string_sprintf("ldap_result returned unexpected code %d", rc); @@ -808,14 +813,14 @@ We need to parse the message to find out exactly what's happened. */ #if defined LDAP_LIB_SOLARIS || defined LDAP_LIB_OPENLDAP2 ldap_rc = rc; - ldap_parse_rc = ldap_parse_result(lcp->ld, result, &rc, CSS &matched, + ldap_parse_rc = ldap_parse_result(lcp->ld, result, &rc, CSS &matched, CSS &error2, NULL, NULL, 0); DEBUG(D_lookup) debug_printf("ldap_parse_result: %d\n", ldap_parse_rc); - if (ldap_parse_rc < 0 && + if (ldap_parse_rc < 0 && (ldap_parse_rc != LDAP_NO_RESULTS_RETURNED - #ifdef LDAP_RES_SEARCH_REFERENCE + #ifdef LDAP_RES_SEARCH_REFERENCE || ldap_rc != LDAP_RES_SEARCH_REFERENCE - #endif + #endif )) { *errmsg = string_sprintf("ldap_parse_result failed %d", ldap_parse_rc);