Patch: acl list from ldap must be possible to have multiple values, that combined in one comma separated list
Aki Tuomi
aki.tuomi at dovecot.fi
Wed Aug 23 09:57:23 EEST 2017
On 23.08.2017 09:45, DaLiV wrote:
> diff to dovecot-2.2.31
> hardcoded userdb_acl_groups /as currently not seeing any other fields that
> need similar way/
> in ldap using dynlist - labeledURIObject - some attribute
> labeledURI ::
> ldap:///ou=DovecotGroups,dc=DOMAIN,dc=TLD,dc=root?specName?sub?(&(objectclass=posixgroup)(memberuid=XXXXX))
> that returns groupnames for each user that he belongs, but as multiple
> values of same field ... must combine all in one CSV list
>
>
> diff -upbBr src/auth/passdb-ldap.c src/auth/passdb-ldap.c
> --- src/auth/passdb-ldap.c 2017-06-26 13:29:36.000000000 +0200
> +++ src/auth/passdb-ldap.c 2017-08-22 09:56:59.697420441 +0200
> @@ -52,13 +52,27 @@ ldap_query_save_result(struct ldap_conne
> auth_request_set_null_field(auth_request, name);
> continue;
> }
> + if (strcmp(name,"userdb_acl_groups")==0) {
> + int i = 1;
> + while (values[i] != NULL) {
> + strcat(values[0],",");
> + strcat(values[0],values[i]);
> + i++;
> + }
> + auth_request_log_warning(auth_request,AUTH_SUBSYS_DB,
> + "Multiple values found for '%s', "
> + "using combined value '%s'", name,
> values[0]);
> + auth_request_set_field(auth_request, name, values[0],
> + conn->set.default_pass_scheme);
> + } else {
> if (values[1] != NULL) {
> auth_request_log_warning(auth_request,
> AUTH_SUBSYS_DB,
> "Multiple values found for '%s', "
> "using value '%s'", name, values[0]);
> }
> auth_request_set_field(auth_request, name, values[0],
> conn->set.default_pass_scheme);
> }
> + }
> db_ldap_result_iterate_deinit(&ldap_iter);
> }
Can you please open this as a pull request on
https://github.com/dovecot/core ?
Aki Tuomi
Dovecot OY
More information about the dovecot
mailing list