dovecot-2.1: auth: Log a warning if userdb ldap isn't used, but ...
dovecot at dovecot.org
dovecot at dovecot.org
Wed Jan 18 23:44:46 EET 2012
details: http://hg.dovecot.org/dovecot-2.1/rev/826ac15f8a13
changeset: 13951:826ac15f8a13
user: Timo Sirainen <tss at iki.fi>
date: Wed Jan 18 23:44:40 2012 +0200
description:
auth: Log a warning if userdb ldap isn't used, but user_* or iterate_* aren't defaults.
This is intended to stop people from wondering why their changes don't do
anything.
diffstat:
src/auth/db-ldap.c | 36 ++++++++++++++++++++++++++++++++++--
src/auth/db-ldap.h | 5 ++++-
src/auth/passdb-ldap.c | 3 ++-
src/auth/userdb-ldap.c | 2 +-
4 files changed, 41 insertions(+), 5 deletions(-)
diffs (144 lines):
diff -r 8822aeae8d82 -r 826ac15f8a13 src/auth/db-ldap.c
--- a/src/auth/db-ldap.c Wed Jan 18 23:36:13 2012 +0200
+++ b/src/auth/db-ldap.c Wed Jan 18 23:44:40 2012 +0200
@@ -107,6 +107,7 @@
DEF_STR(iterate_attrs),
DEF_STR(iterate_filter),
DEF_STR(default_pass_scheme),
+ DEF_BOOL(userdb_warning_disable),
{ 0, NULL, 0 }
};
@@ -141,7 +142,8 @@
.pass_filter = "(&(objectClass=posixAccount)(uid=%u))",
.iterate_attrs = "uid=user",
.iterate_filter = "(objectClass=posixAccount)",
- .default_pass_scheme = "crypt"
+ .default_pass_scheme = "crypt",
+ .userdb_warning_disable = FALSE
};
static struct ldap_connection *ldap_connections = NULL;
@@ -1253,7 +1255,7 @@
return NULL;
}
-struct ldap_connection *db_ldap_init(const char *config_path)
+struct ldap_connection *db_ldap_init(const char *config_path, bool userdb)
{
struct ldap_connection *conn;
const char *str;
@@ -1262,6 +1264,8 @@
/* see if it already exists */
conn = ldap_conn_find(config_path);
if (conn != NULL) {
+ if (userdb)
+ conn->userdb_used = TRUE;
conn->refcount++;
return conn;
}
@@ -1274,6 +1278,7 @@
conn->pool = pool;
conn->refcount = 1;
+ conn->userdb_used = userdb;
conn->conn_state = LDAP_CONN_STATE_DISCONNECTED;
conn->default_bind_msgid = -1;
conn->fd = -1;
@@ -1348,6 +1353,33 @@
pool_unref(&conn->pool);
}
+void db_ldap_check_userdb_warning(struct ldap_connection *conn)
+{
+ const struct ldap_settings *def = &default_ldap_settings;
+ const char *set_name;
+
+ if (worker || conn->userdb_used || conn->set.userdb_warning_disable)
+ return;
+
+ if (strcmp(conn->set.user_attrs, def->user_attrs) != 0)
+ set_name = "user_attrs";
+ else if (strcmp(conn->set.user_filter, def->user_filter) != 0)
+ set_name = "user_filter";
+ else if (strcmp(conn->set.iterate_attrs, def->iterate_attrs) != 0)
+ set_name = "iterate_attrs";
+ else if (strcmp(conn->set.iterate_filter, def->iterate_filter) != 0)
+ set_name = "iterate_filter";
+ else
+ set_name = NULL;
+
+ if (set_name != NULL) {
+ i_warning("ldap: Ignoring changed %s in %s, "
+ "because userdb ldap not used. "
+ "(If this is intentional, set userdb_warning_disable=yes)",
+ set_name, conn->config_path);
+ }
+}
+
#ifndef BUILTIN_LDAP
/* Building a plugin */
extern struct passdb_module_interface passdb_ldap_plugin;
diff -r 8822aeae8d82 -r 826ac15f8a13 src/auth/db-ldap.h
--- a/src/auth/db-ldap.h Wed Jan 18 23:36:13 2012 +0200
+++ b/src/auth/db-ldap.h Wed Jan 18 23:44:40 2012 +0200
@@ -63,6 +63,7 @@
const char *iterate_filter;
const char *default_pass_scheme;
+ bool userdb_warning_disable;
/* ... */
int ldap_deref, ldap_scope;
@@ -147,6 +148,7 @@
char **pass_attr_names, **user_attr_names, **iterate_attr_names;
struct hash_table *pass_attr_map, *user_attr_map, *iterate_attr_map;
+ bool userdb_used;
};
/* Send/queue request */
@@ -157,9 +159,10 @@
char ***attr_names_r, struct hash_table *attr_map,
const char *skip_attr);
-struct ldap_connection *db_ldap_init(const char *config_path);
+struct ldap_connection *db_ldap_init(const char *config_path, bool userdb);
void db_ldap_unref(struct ldap_connection **conn);
+void db_ldap_check_userdb_warning(struct ldap_connection *conn);
int db_ldap_connect(struct ldap_connection *conn);
void db_ldap_enable_input(struct ldap_connection *conn, bool enable);
diff -r 8822aeae8d82 -r 826ac15f8a13 src/auth/passdb-ldap.c
--- a/src/auth/passdb-ldap.c Wed Jan 18 23:36:13 2012 +0200
+++ b/src/auth/passdb-ldap.c Wed Jan 18 23:44:40 2012 +0200
@@ -407,7 +407,7 @@
struct ldap_connection *conn;
module = p_new(pool, struct ldap_passdb_module, 1);
- module->conn = conn = db_ldap_init(args);
+ module->conn = conn = db_ldap_init(args, FALSE);
conn->pass_attr_map =
hash_table_create(default_pool, conn->pool, 0, strcase_hash,
(hash_cmp_callback_t *)strcasecmp);
@@ -434,6 +434,7 @@
/* Credential lookups can't be done with authentication binds */
_module->iface.lookup_credentials = NULL;
}
+ db_ldap_check_userdb_warning(module->conn);
}
static void passdb_ldap_deinit(struct passdb_module *_module)
diff -r 8822aeae8d82 -r 826ac15f8a13 src/auth/userdb-ldap.c
--- a/src/auth/userdb-ldap.c Wed Jan 18 23:36:13 2012 +0200
+++ b/src/auth/userdb-ldap.c Wed Jan 18 23:44:40 2012 +0200
@@ -260,7 +260,7 @@
struct ldap_connection *conn;
module = p_new(pool, struct ldap_userdb_module, 1);
- module->conn = conn = db_ldap_init(args);
+ module->conn = conn = db_ldap_init(args, TRUE);
conn->user_attr_map =
hash_table_create(default_pool, conn->pool, 0, strcase_hash,
(hash_cmp_callback_t *)strcasecmp);
More information about the dovecot-cvs
mailing list