Patch: acl list from ldap must be possible to have multiple values, that combined in one comma separated list
DaLiV
dalivtyw at gmail.com
Wed Aug 23 09:45:28 EEST 2017
diff to dovecot-2.2.31
hardcoded userdb_acl_groups /as currently not seeing any other fields that
need similar way/
in ldap using dynlist - labeledURIObject - some attribute
labeledURI ::
ldap:///ou=DovecotGroups,dc=DOMAIN,dc=TLD,dc=root?specName?sub?(&(objectclass=posixgroup)(memberuid=XXXXX))
that returns groupnames for each user that he belongs, but as multiple
values of same field ... must combine all in one CSV list
diff -upbBr src/auth/passdb-ldap.c src/auth/passdb-ldap.c
--- src/auth/passdb-ldap.c 2017-06-26 13:29:36.000000000 +0200
+++ src/auth/passdb-ldap.c 2017-08-22 09:56:59.697420441 +0200
@@ -52,13 +52,27 @@ ldap_query_save_result(struct ldap_conne
auth_request_set_null_field(auth_request, name);
continue;
}
+ if (strcmp(name,"userdb_acl_groups")==0) {
+ int i = 1;
+ while (values[i] != NULL) {
+ strcat(values[0],",");
+ strcat(values[0],values[i]);
+ i++;
+ }
+ auth_request_log_warning(auth_request,AUTH_SUBSYS_DB,
+ "Multiple values found for '%s', "
+ "using combined value '%s'", name,
values[0]);
+ auth_request_set_field(auth_request, name, values[0],
+ conn->set.default_pass_scheme);
+ } else {
if (values[1] != NULL) {
auth_request_log_warning(auth_request,
AUTH_SUBSYS_DB,
"Multiple values found for '%s', "
"using value '%s'", name, values[0]);
}
auth_request_set_field(auth_request, name, values[0],
conn->set.default_pass_scheme);
}
+ }
db_ldap_result_iterate_deinit(&ldap_iter);
}
More information about the dovecot
mailing list