[exim-cvs] Bug 1453: Add SERVERS ldap server list override

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Exim Git Commits Mailing List
Datum:  
To: exim-cvs
Betreff: [exim-cvs] Bug 1453: Add SERVERS ldap server list override
Gitweb: http://git.exim.org/exim.git/commitdiff/deae092e544ecfb3d8a362a260fc00ec01f0883f
Commit:     deae092e544ecfb3d8a362a260fc00ec01f0883f
Parent:     44649fdb169979af3c5a08b10889d1ecee48a469
Author:     Heiko Schlichting <heiko@???>
AuthorDate: Wed Apr 23 07:30:41 2014 -0700
Committer:  Todd Lyons <tlyons@???>
CommitDate: Wed Apr 23 08:11:31 2014 -0700


    Bug 1453: Add SERVERS ldap server list override
---
 doc/doc-docbook/spec.xfpt |    9 +++++++++
 doc/doc-txt/ChangeLog     |    3 +++
 doc/doc-txt/NewStuff      |    4 ++++
 src/src/lookups/ldap.c    |   10 ++++++----
 4 files changed, 22 insertions(+), 4 deletions(-)


diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt
index 3542557..6f0a16f 100644
--- a/doc/doc-docbook/spec.xfpt
+++ b/doc/doc-docbook/spec.xfpt
@@ -7198,6 +7198,7 @@ them. The following names are recognized:
 &`USER       `&  set the DN, for authenticating the LDAP bind
 &`PASS       `&  set the password, likewise
 &`REFERRALS  `&  set the referrals parameter
+&`SERVERS    `&  set alternate server list for this query only
 &`SIZE       `&  set the limit for the number of entries returned
 &`TIME       `&  set the maximum waiting time for a query
 .endd
@@ -7219,6 +7220,14 @@ Netscape SDK; for OpenLDAP no action is taken.
 The TIME parameter (also a number of seconds) is passed to the server to
 set a server-side limit on the time taken to complete a search.


+The SERVERS parameter allows you to specify an alternate list of ldap servers
+to use for an individual lookup. The global ldap_servers option provides a
+default list of ldap servers, and a single lookup can specify a single ldap
+server to use. But when you need to do a lookup with a list of servers that is
+different than the default list (maybe different order, maybe a completely
+different set of servers), the SERVERS parameter allows you to specify this
+alternate list.
+

 Here is an example of an LDAP query in an Exim lookup that uses some of these
 values. This is a single line, folded to fit on the page:
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 6252956..30b27a0 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -87,6 +87,9 @@ JH/13 Fix handling of $tls_cipher et.al. in (non-verify) transport.  Bug 1455.
 JH/14 New options dnssec_request_domains, dnssec_require_domains on the
       dnslookup router (applying to the forward lookup).


+TL/08 Bugzilla 1453: New LDAP "SERVERS=" option allows admin to override list
+      of ldap servers used for a specific lookup.  Patch provided by Heiko
+      Schlichting.


 Exim version 4.82
 -----------------
diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff
index c168cf2..bfbfc71 100644
--- a/doc/doc-txt/NewStuff
+++ b/doc/doc-txt/NewStuff
@@ -32,6 +32,10 @@ Version 4.83
     is split from the encryption operation. The default remains that a failed
     verification cancels the encryption.


+ 6. New SERVERS override of default ldap server list.  In the ACLs, an ldap
+    lookup can now set a list of servers to use that is different from the
+    default list.
+


Version 4.82
------------
diff --git a/src/src/lookups/ldap.c b/src/src/lookups/ldap.c
index 27780db..f77229d 100644
--- a/src/src/lookups/ldap.c
+++ b/src/src/lookups/ldap.c
@@ -1133,6 +1133,7 @@ uschar *url = ldap_url;
uschar *p;
uschar *user = NULL;
uschar *password = NULL;
+uschar *local_servers = NULL;
uschar *server, *list;
uschar buffer[512];

@@ -1161,6 +1162,7 @@ while (strncmpic(url, US"ldap", 4) != 0)
       else if (strncmpic(name, US"TIME=", namelen) == 0) timelimit = Uatoi(value);
       else if (strncmpic(name, US"CONNECT=", namelen) == 0) tcplimit = Uatoi(value);
       else if (strncmpic(name, US"NETTIME=", namelen) == 0) tcplimit = Uatoi(value);
+      else if (strncmpic(name, US"SERVERS=", namelen) == 0) local_servers = value;


       /* Don't know if all LDAP libraries have LDAP_OPT_DEREF */


@@ -1288,16 +1290,16 @@ if (Ustrncmp(p, "://", 3) != 0)

/* No default servers, or URL contains a server name: just one attempt */

-if (eldap_default_servers == NULL || p[3] != '/')
+if ((eldap_default_servers == NULL && local_servers == NULL) || p[3] != '/')
   {
   return perform_ldap_search(url, NULL, 0, search_type, res, errmsg,
     &defer_break, user, password, sizelimit, timelimit, tcplimit, dereference,
     referrals);
   }


-/* Loop through the default servers until OK or FAIL */
-
-list = eldap_default_servers;
+/* Loop through the default servers until OK or FAIL. Use local_servers list
+ * if defined in the lookup, otherwise use the global default list */
+list = (local_servers == NULL) ? eldap_default_servers : local_servers;
while ((server = string_nextinlist(&list, &sep, buffer, sizeof(buffer))) != NULL)
{
int rc;