Timo,
thanks for having a look at my message...
This looks scary, wouldn't it work without it? : request->failed = FALSE; I simply copied the logic from existing code in the same function.
Also, don't these work already? any = 0.0.0.0/0 none = 0.0.0.0/32
Or I'm not sure if the 0.0.0.0/0 matches IPv6, maybe that's a problem.. Right, thats one problem as I remember. This is in my ldap.conf:
pass_filter = (uid=%Lu)
pass_attrs = =user=%{ldap:uid},
=allow_nets=%{ldap:allownets:ALL},
=userdb_uid=%{ldap:uidNumber:1000},
=userdb_gid=%{ldap:gidNumber:1000},
=userdb_home=%{ldap:homeDirectory:/mail/%Ln}
I have to declare a default value for "allow_nets" for accounts
without specifies LDAP attribute "allownets".
0.0.0.0/0 will work, but the comma fail. Also only an IPv6 is impossible ":"
For this reasons I came up with my patch solution. The other
possibility is to explicit allaw all requests
if the variable networks in
src/auth/auth-request.c/auth_request_validate_networks is empty.
Also I don't really like to use uppercase values, strcasecmp() would
be better I think. there is no strong need for uppercase.
As I said, the solution may be not optimal.
Andreas