Patch: acl list from ldap must be possible to have multiple values, that combined in one comma separated list
diff to dovecot-2.2.31 hardcoded userdb_acl_groups /as currently not seeing any other fields that need similar way/ in ldap using dynlist - labeledURIObject - some attribute labeledURI :: ldap:///ou=DovecotGroups,dc=DOMAIN,dc=TLD,dc=root?specName?sub?(&(objectclass=posixgroup)(memberuid=XXXXX)) that returns groupnames for each user that he belongs, but as multiple values of same field ... must combine all in one CSV list diff -upbBr src/auth/passdb-ldap.c src/auth/passdb-ldap.c --- src/auth/passdb-ldap.c 2017-06-26 13:29:36.000000000 +0200 +++ src/auth/passdb-ldap.c 2017-08-22 09:56:59.697420441 +0200 @@ -52,13 +52,27 @@ ldap_query_save_result(struct ldap_conne auth_request_set_null_field(auth_request, name); continue; } + if (strcmp(name,"userdb_acl_groups")==0) { + int i = 1; + while (values[i] != NULL) { + strcat(values[0],","); + strcat(values[0],values[i]); + i++; + } + auth_request_log_warning(auth_request,AUTH_SUBSYS_DB, + "Multiple values found for '%s', " + "using combined value '%s'", name, values[0]); + auth_request_set_field(auth_request, name, values[0], + conn->set.default_pass_scheme); + } else { if (values[1] != NULL) { auth_request_log_warning(auth_request, AUTH_SUBSYS_DB, "Multiple values found for '%s', " "using value '%s'", name, values[0]); } auth_request_set_field(auth_request, name, values[0], conn->set.default_pass_scheme); } + } db_ldap_result_iterate_deinit(&ldap_iter); }
On 23.08.2017 09:45, DaLiV wrote:
diff to dovecot-2.2.31 hardcoded userdb_acl_groups /as currently not seeing any other fields that need similar way/ in ldap using dynlist - labeledURIObject - some attribute labeledURI :: ldap:///ou=DovecotGroups,dc=DOMAIN,dc=TLD,dc=root?specName?sub?(&(objectclass=posixgroup)(memberuid=XXXXX)) that returns groupnames for each user that he belongs, but as multiple values of same field ... must combine all in one CSV list
diff -upbBr src/auth/passdb-ldap.c src/auth/passdb-ldap.c --- src/auth/passdb-ldap.c 2017-06-26 13:29:36.000000000 +0200 +++ src/auth/passdb-ldap.c 2017-08-22 09:56:59.697420441 +0200 @@ -52,13 +52,27 @@ ldap_query_save_result(struct ldap_conne auth_request_set_null_field(auth_request, name); continue; } + if (strcmp(name,"userdb_acl_groups")==0) { + int i = 1; + while (values[i] != NULL) { + strcat(values[0],","); + strcat(values[0],values[i]); + i++; + } + auth_request_log_warning(auth_request,AUTH_SUBSYS_DB, + "Multiple values found for '%s', " + "using combined value '%s'", name, values[0]); + auth_request_set_field(auth_request, name, values[0], + conn->set.default_pass_scheme); + } else { if (values[1] != NULL) { auth_request_log_warning(auth_request, AUTH_SUBSYS_DB, "Multiple values found for '%s', " "using value '%s'", name, values[0]); } auth_request_set_field(auth_request, name, values[0], conn->set.default_pass_scheme); } + } db_ldap_result_iterate_deinit(&ldap_iter); }
Can you please open this as a pull request on https://github.com/dovecot/core ? Aki Tuomi Dovecot OY
participants (2)
-
Aki Tuomi
-
DaLiV