Arthur de Jong

Open Source / Free Software developer

summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorArthur de Jong <arthur@arthurdejong.org>2010-01-24 18:07:11 +0100
committerArthur de Jong <arthur@arthurdejong.org>2010-01-24 18:07:11 +0100
commit39efced57e14b61dcb928283dec09ed67a498f06 (patch)
treeb3cf47505ad2fab5be5cfa1e6a628bc0ce45e544
parentaaf024194b29f48f2336116630be713da90a13bd (diff)
add --with-bindpw-file configure option to enable reading the bindpw option from a file
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1060 ef36b2f9-881f-0410-afb5-c4e39611909c
-rw-r--r--configure.ac11
-rw-r--r--nslcd/cfg.c58
2 files changed, 67 insertions, 2 deletions
diff --git a/configure.ac b/configure.ac
index 3fa3924..9c4ca6e 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2,7 +2,7 @@
#
# Copyright (C) 2006 Luke Howard
# Copyright (C) 2006 West Consulting
-# Copyright (C) 2006, 2007, 2008, 2009 Arthur de Jong
+# Copyright (C) 2006, 2007, 2008, 2009, 2010 Arthur de Jong
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
@@ -169,6 +169,15 @@ AC_ARG_WITH(ldap-conf-file,
AC_DEFINE_UNQUOTED(NSLCD_CONF_PATH,"$NSLCD_CONF_PATH",[Path to nslcd configuration file.])
AC_SUBST(NSLCD_CONF_PATH)
+# check the name of the file with a bindpw value
+AC_ARG_WITH(bindpw-file,
+ AS_HELP_STRING([--with-bindpw-file=PATH],
+ [path to file with value for bindpw @<:@disabled@:>@]),
+ [ NSLCD_BINDPW_PATH="$with_bindpw_file"
+ AC_DEFINE_UNQUOTED(NSLCD_BINDPW_PATH,"$NSLCD_BINDPW_PATH",[Path to bindpw value.])
+ AC_SUBST(NSLCD_BINDPW_PATH)
+ ])
+
# where should the pidfile be written
AC_ARG_WITH(nslcd-pidfile,
AS_HELP_STRING([--with-nslcd-pidfile=PATH],
diff --git a/nslcd/cfg.c b/nslcd/cfg.c
index 61febc9..f587b02 100644
--- a/nslcd/cfg.c
+++ b/nslcd/cfg.c
@@ -699,7 +699,7 @@ static void cfg_read(const char *filename,struct ldap_config *cfg)
exit(EXIT_FAILURE);
}
/* read file and parse lines */
- while (fgets(linebuf,MAX_LINE_LENGTH,fp)!=NULL)
+ while (fgets(linebuf,sizeof(linebuf),fp)!=NULL)
{
lnr++;
line=linebuf;
@@ -984,6 +984,59 @@ static void cfg_read(const char *filename,struct ldap_config *cfg)
fclose(fp);
}
+#ifdef NSLCD_BINDPW_PATH
+static void bindpw_read(const char *filename,struct ldap_config *cfg)
+{
+ FILE *fp;
+ char linebuf[MAX_LINE_LENGTH];
+ int i;
+ /* open config file */
+ errno=0;
+ if ((fp=fopen(filename,"r"))==NULL)
+ {
+ if (errno==ENOENT)
+ {
+ log_log(LOG_DEBUG,"no bindpw file (%s)",filename);
+ return; /* ignore */
+ }
+ else
+ {
+ log_log(LOG_ERR,"cannot open bindpw file (%s): %s",filename,strerror(errno));
+ exit(EXIT_FAILURE);
+ }
+ }
+ /* read the first line */
+ if (fgets(linebuf,sizeof(linebuf),fp)==NULL)
+ {
+ log_log(LOG_ERR,"%s: error reading first line",filename);
+ exit(EXIT_FAILURE);
+ }
+ /* chop the last char off and save the rest as bindpw */
+ i=strlen(linebuf);
+
+ i=(int)strlen(linebuf);
+ if ((i<=0)||(linebuf[i-1]!='\n'))
+ {
+ log_log(LOG_ERR,"%s:1: line too long or missing newline",filename);
+ exit(EXIT_FAILURE);
+ }
+ linebuf[i-1]='\0';
+ if (strlen(linebuf)==0)
+ {
+ log_log(LOG_ERR,"%s:1: the password is empty",filename);
+ exit(EXIT_FAILURE);
+ }
+ cfg->ldc_bindpw=strdup(linebuf);
+ /* check if there is no more data in the file */
+ if (fgets(linebuf,sizeof(linebuf),fp)!=NULL)
+ {
+ log_log(LOG_ERR,"%s:2: there is more than one line in the bindpw file",filename);
+ exit(EXIT_FAILURE);
+ }
+ fclose(fp);
+}
+#endif /* NSLCD_BINDPW_PATH */
+
/* This function tries to get the LDAP search base from the LDAP server.
Note that this returns a string that has been allocated with strdup().
For this to work the myldap module needs enough configuration information
@@ -1055,6 +1108,9 @@ void cfg_init(const char *fname)
cfg_defaults(nslcd_cfg);
/* read configfile */
cfg_read(fname,nslcd_cfg);
+#ifdef NSLCD_BINDPW_PATH
+ bindpw_read(NSLCD_BINDPW_PATH,nslcd_cfg);
+#endif /* NSLCD_BINDPW_PATH */
/* do some sanity checks */
if (nslcd_cfg->ldc_uris[0].uri==NULL)
{