dovecot-2.1: auth: Log a warning if userdb ldap isn't used, but ...

dovecot at dovecot.org dovecot at dovecot.org
Wed Jan 18 23:44:46 EET 2012 

details:   http://hg.dovecot.org/dovecot-2.1/rev/826ac15f8a13
changeset: 13951:826ac15f8a13
user:      Timo Sirainen <tss at iki.fi>
date:      Wed Jan 18 23:44:40 2012 +0200
description:
auth: Log a warning if userdb ldap isn't used, but user_* or iterate_* aren't defaults.
This is intended to stop people from wondering why their changes don't do
anything.

diffstat:

 src/auth/db-ldap.c     |  36 ++++++++++++++++++++++++++++++++++--
 src/auth/db-ldap.h     |   5 ++++-
 src/auth/passdb-ldap.c |   3 ++-
 src/auth/userdb-ldap.c |   2 +-
 4 files changed, 41 insertions(+), 5 deletions(-)

diffs (144 lines):

diff -r 8822aeae8d82 -r 826ac15f8a13 src/auth/db-ldap.c
--- a/src/auth/db-ldap.c	Wed Jan 18 23:36:13 2012 +0200
+++ b/src/auth/db-ldap.c	Wed Jan 18 23:44:40 2012 +0200
@@ -107,6 +107,7 @@
 	DEF_STR(iterate_attrs),
 	DEF_STR(iterate_filter),
 	DEF_STR(default_pass_scheme),
+	DEF_BOOL(userdb_warning_disable),
 
 	{ 0, NULL, 0 }
 };
@@ -141,7 +142,8 @@
 	.pass_filter = "(&(objectClass=posixAccount)(uid=%u))",
 	.iterate_attrs = "uid=user",
 	.iterate_filter = "(objectClass=posixAccount)",
-	.default_pass_scheme = "crypt"
+	.default_pass_scheme = "crypt",
+	.userdb_warning_disable = FALSE
 };
 
 static struct ldap_connection *ldap_connections = NULL;
@@ -1253,7 +1255,7 @@
 	return NULL;
 }
 
-struct ldap_connection *db_ldap_init(const char *config_path)
+struct ldap_connection *db_ldap_init(const char *config_path, bool userdb)
 {
 	struct ldap_connection *conn;
 	const char *str;
@@ -1262,6 +1264,8 @@
 	/* see if it already exists */
 	conn = ldap_conn_find(config_path);
 	if (conn != NULL) {
+		if (userdb)
+			conn->userdb_used = TRUE;
 		conn->refcount++;
 		return conn;
 	}
@@ -1274,6 +1278,7 @@
 	conn->pool = pool;
 	conn->refcount = 1;
 
+	conn->userdb_used = userdb;
 	conn->conn_state = LDAP_CONN_STATE_DISCONNECTED;
 	conn->default_bind_msgid = -1;
 	conn->fd = -1;
@@ -1348,6 +1353,33 @@
 	pool_unref(&conn->pool);
 }
 
+void db_ldap_check_userdb_warning(struct ldap_connection *conn)
+{
+	const struct ldap_settings *def = &default_ldap_settings;
+	const char *set_name;
+
+	if (worker || conn->userdb_used || conn->set.userdb_warning_disable)
+		return;
+
+	if (strcmp(conn->set.user_attrs, def->user_attrs) != 0)
+		set_name = "user_attrs";
+	else if (strcmp(conn->set.user_filter, def->user_filter) != 0)
+		set_name = "user_filter";
+	else if (strcmp(conn->set.iterate_attrs, def->iterate_attrs) != 0)
+		set_name = "iterate_attrs";
+	else if (strcmp(conn->set.iterate_filter, def->iterate_filter) != 0)
+		set_name = "iterate_filter";
+	else
+		set_name = NULL;
+
+	if (set_name != NULL) {
+		i_warning("ldap: Ignoring changed %s in %s, "
+			  "because userdb ldap not used. "
+			  "(If this is intentional, set userdb_warning_disable=yes)",
+			  set_name, conn->config_path);
+	}
+}
+
 #ifndef BUILTIN_LDAP
 /* Building a plugin */
 extern struct passdb_module_interface passdb_ldap_plugin;
diff -r 8822aeae8d82 -r 826ac15f8a13 src/auth/db-ldap.h
--- a/src/auth/db-ldap.h	Wed Jan 18 23:36:13 2012 +0200
+++ b/src/auth/db-ldap.h	Wed Jan 18 23:44:40 2012 +0200
@@ -63,6 +63,7 @@
 	const char *iterate_filter;
 
 	const char *default_pass_scheme;
+	bool userdb_warning_disable;
 
 	/* ... */
 	int ldap_deref, ldap_scope;
@@ -147,6 +148,7 @@
 
 	char **pass_attr_names, **user_attr_names, **iterate_attr_names;
 	struct hash_table *pass_attr_map, *user_attr_map, *iterate_attr_map;
+	bool userdb_used;
 };
 
 /* Send/queue request */
@@ -157,9 +159,10 @@
 		       char ***attr_names_r, struct hash_table *attr_map,
 		       const char *skip_attr);
 
-struct ldap_connection *db_ldap_init(const char *config_path);
+struct ldap_connection *db_ldap_init(const char *config_path, bool userdb);
 void db_ldap_unref(struct ldap_connection **conn);
 
+void db_ldap_check_userdb_warning(struct ldap_connection *conn);
 int db_ldap_connect(struct ldap_connection *conn);
 
 void db_ldap_enable_input(struct ldap_connection *conn, bool enable);
diff -r 8822aeae8d82 -r 826ac15f8a13 src/auth/passdb-ldap.c
--- a/src/auth/passdb-ldap.c	Wed Jan 18 23:36:13 2012 +0200
+++ b/src/auth/passdb-ldap.c	Wed Jan 18 23:44:40 2012 +0200
@@ -407,7 +407,7 @@
 	struct ldap_connection *conn;
 
 	module = p_new(pool, struct ldap_passdb_module, 1);
-	module->conn = conn = db_ldap_init(args);
+	module->conn = conn = db_ldap_init(args, FALSE);
 	conn->pass_attr_map =
 		hash_table_create(default_pool, conn->pool, 0, strcase_hash,
 				  (hash_cmp_callback_t *)strcasecmp);
@@ -434,6 +434,7 @@
 		/* Credential lookups can't be done with authentication binds */
 		_module->iface.lookup_credentials = NULL;
 	}
+	db_ldap_check_userdb_warning(module->conn);
 }
 
 static void passdb_ldap_deinit(struct passdb_module *_module)
diff -r 8822aeae8d82 -r 826ac15f8a13 src/auth/userdb-ldap.c
--- a/src/auth/userdb-ldap.c	Wed Jan 18 23:36:13 2012 +0200
+++ b/src/auth/userdb-ldap.c	Wed Jan 18 23:44:40 2012 +0200
@@ -260,7 +260,7 @@
 	struct ldap_connection *conn;
 
 	module = p_new(pool, struct ldap_userdb_module, 1);
-	module->conn = conn = db_ldap_init(args);
+	module->conn = conn = db_ldap_init(args, TRUE);
 	conn->user_attr_map =
 		hash_table_create(default_pool, conn->pool, 0, strcase_hash,
 				  (hash_cmp_callback_t *)strcasecmp);

More information about the dovecot-cvs mailing list