autofs-5.0.7 - fix compilation of lookup_ldap.c without sasl
From: Dustin Polke <DuPol@gmx.de>
See https://bugs.gentoo.org/show_bug.cgi?id=361899 for more info.
Edited by: Ian Kent <raven@themaw.net>
- fix parse_ldap_config() is needed by ldap but previously excluded.
- exclude other references to ctxt->extern_cert and ctxt->extern_key.
- prevent memory leak if present in config but not used.
- remove now unused set_env().
---
CHANGELOG | 1 +
include/lookup_ldap.h | 4 ++--
lib/Makefile | 4 ++++
modules/Makefile | 6 ++++--
modules/lookup_ldap.c | 18 +++++++++++++-----
5 files changed, 24 insertions(+), 9 deletions(-)
--- autofs-5.0.7.orig/CHANGELOG
+++ autofs-5.0.7/CHANGELOG
@@ -82,6 +82,7 @@
- add std vars to program map invocation.
- check for existing offset mount before mounting.
- fix cache readlock not taken on lookup.
+- fix compilation of lookup_ldap.c without sasl.
25/07/2012 autofs-5.0.7
=======================
--- autofs-5.0.7.orig/include/lookup_ldap.h
+++ autofs-5.0.7/include/lookup_ldap.h
@@ -11,6 +11,8 @@
#include <krb5.h>
#endif
+#include <libxml/tree.h>
+
#include "list.h"
#include "dclist.h"
@@ -92,7 +94,6 @@ struct lookup_context {
};
-#ifdef WITH_SASL
#define LDAP_AUTH_CONF_FILE "test"
#define LDAP_TLS_DONT_USE 0
@@ -104,7 +105,6 @@ struct lookup_context {
#define LDAP_AUTH_REQUIRED 0x0002
#define LDAP_AUTH_AUTODETECT 0x0004
#define LDAP_NEED_AUTH (LDAP_AUTH_REQUIRED|LDAP_AUTH_AUTODETECT)
-#endif
#define LDAP_AUTH_USESIMPLE 0x0008
--- autofs-5.0.7.orig/lib/Makefile
+++ autofs-5.0.7/lib/Makefile
@@ -24,6 +24,10 @@ CFLAGS += -I../include -fPIC -D_GNU_SOUR
CFLAGS += -DAUTOFS_MAP_DIR=\"$(autofsmapdir)\"
CFLAGS += -DAUTOFS_CONF_DIR=\"$(autofsconfdir)\"
+ifeq ($(LDAP), 1)
+ CFLAGS += $(XML_FLAGS) $(XML_LIBS)
+endif
+
.PHONY: all install clean
all: autofs.a
--- autofs-5.0.7.orig/modules/Makefile
+++ autofs-5.0.7/modules/Makefile
@@ -45,10 +45,12 @@ endif
ifeq ($(LDAP), 1)
SRCS += lookup_ldap.c
MODS += lookup_ldap.so
+ LDAP_FLAGS += $(XML_FLAGS) -DLDAP_THREAD_SAFE
+ LIBLDAP += $(XML_LIBS)
ifeq ($(SASL), 1)
SASL_OBJ = cyrus-sasl.o cyrus-sasl-extern.o
- LDAP_FLAGS += $(SASL_FLAGS) $(XML_FLAGS) $(KRB5_FLAGS) -DLDAP_THREAD_SAFE
- LIBLDAP += $(LIBSASL) $(XML_LIBS) $(KRB5_LIBS)
+ LDAP_FLAGS += $(SASL_FLAGS) $(KRB5_FLAGS)
+ LIBLDAP += $(LIBSASL) $(KRB5_LIBS)
endif
endif
--- autofs-5.0.7.orig/modules/lookup_ldap.c
+++ autofs-5.0.7/modules/lookup_ldap.c
@@ -66,6 +66,7 @@ struct ldap_search_params {
static int decode_percent_hack(const char *, char **);
+#ifdef WITH_SASL
static int set_env(unsigned logopt, const char *name, const char *val)
{
int ret = setenv(name, val, 1);
@@ -75,6 +76,7 @@ static int set_env(unsigned logopt, cons
}
return 1;
}
+#endif
#ifndef HAVE_LDAP_CREATE_PAGE_CONTROL
int ldap_create_page_control(LDAP *ldap, ber_int_t pagesize,
@@ -183,9 +185,9 @@ int unbind_ldap_connection(unsigned logo
{
int rv;
-#ifdef WITH_SASL
if (ctxt->use_tls == LDAP_TLS_RELEASE)
ctxt->use_tls = LDAP_TLS_INIT;
+#ifdef WITH_SASL
autofs_sasl_unbind(ctxt);
#endif
@@ -243,7 +245,6 @@ LDAP *init_ldap_connection(unsigned logo
info(logopt, MODPREFIX "failed to set connection timeout to %d",
net_timeout.tv_sec);
-#ifdef WITH_SASL
if (ctxt->use_tls) {
if (ctxt->version == 2) {
if (ctxt->tls_required) {
@@ -272,7 +273,6 @@ LDAP *init_ldap_connection(unsigned logo
}
ctxt->use_tls = LDAP_TLS_RELEASE;
}
-#endif
return ldap;
}
@@ -585,10 +585,12 @@ static LDAP *do_connect(unsigned logopt,
{
LDAP *ldap;
+#ifdef WITH_SASL
if (ctxt->extern_cert && ctxt->extern_key) {
set_env(logopt, ENV_LDAPTLS_CERT, ctxt->extern_cert);
set_env(logopt, ENV_LDAPTLS_KEY, ctxt->extern_key);
}
+#endif
ldap = init_ldap_connection(logopt, uri, ctxt);
if (ldap) {
@@ -791,7 +793,6 @@ find_server:
return ldap;
}
-#ifdef WITH_SASL
int get_property(unsigned logopt, xmlNodePtr node, const char *prop, char **value)
{
xmlChar *ret;
@@ -812,6 +813,7 @@ int get_property(unsigned logopt, xmlNod
return 0;
}
+#ifdef WITH_SASL
/*
* For plain text, login and digest-md5 authentication types, we need
* user and password credentials.
@@ -824,6 +826,7 @@ int authtype_requires_creds(const char *
return 1;
return 0;
}
+#endif
/*
* Returns:
@@ -1056,6 +1059,7 @@ auth_fail:
}
} else if (auth_required == LDAP_AUTH_REQUIRED &&
(authtype && !strncmp(authtype, "EXTERNAL", 8))) {
+#ifdef WITH_SASL
ret = get_property(logopt, root, "external_cert", &extern_cert);
ret |= get_property(logopt, root, "external_key", &extern_key);
/*
@@ -1074,6 +1078,7 @@ auth_fail:
if (extern_key)
free(extern_key);
}
+#endif
}
/*
@@ -1094,8 +1099,10 @@ auth_fail:
ctxt->secret = secret;
ctxt->client_princ = client_princ;
ctxt->client_cc = client_cc;
+#ifdef WITH_SASL
ctxt->extern_cert = extern_cert;
ctxt->extern_key = extern_key;
+#endif
debug(logopt, MODPREFIX
"ldap authentication configured with the following options:");
@@ -1127,7 +1134,6 @@ out:
return ret;
}
-#endif
/*
* Take an input string as specified in the master map, and break it
@@ -1390,10 +1396,12 @@ static void free_context(struct lookup_c
defaults_free_searchdns(ctxt->sdns);
if (ctxt->dclist)
free_dclist(ctxt->dclist);
+#ifdef WITH_SASL
if (ctxt->extern_cert)
free(ctxt->extern_cert);
if (ctxt->extern_key)
free(ctxt->extern_key);
+#endif
free(ctxt);
return;