I made several changes to ldapuserlib.c to allow for uniqueMember instead of memberUid, due to the enforcement of the schema check in GroupOfUniqueNames, changed the default crypt from md5 to standard crypt to allow for squid_ldap_auth, and added a fallback to getenv("HOME") if g_get_home_dir failed. Which it always did on my machine if the .userdrakconfrc file was empty the first time userdrake was ran. You can patch the source with the attached patch by cd'ing into the src directory and issuing patch with -s. I'm a very beginner C programmer and if I've messed this up totally, let me know. Any feedback will be appreciated. Thanks.
-Walt Holman
diff -u2 ./callbacks.c ../../../userdrake-0.5/src/callbacks.c
--- ./callbacks.c 2002-04-25 11:02:57.000000000 -0700
+++ ../../../userdrake-0.5/src/callbacks.c 2003-01-27 13:54:28.000000000 -0800
@@ -138,6 +138,7 @@
const gchar * *parseparam;
FILE * paramfile;
- char * homedir;
+ gchar * homedir = NULL;
char * paramfilefilepath;
+ int charpos;
mode_t mask;
#ifdef DEBUG
@@ -146,13 +147,25 @@
if (!userdrakeconf) return;
homedir = g_get_home_dir();
+ charpos = strncmp(homedir,"/",1);
+ /* If It fails to get a valid directory with g_get_home_dir() then
+ * try to get one using the (hopefully) set environment variables
+ */
+ if (charpos != 0) {
+ homedir = getenv("HOME");
+ }
+
paramfilefilepath = g_strdup_printf("%s/.userdrakerc", homedir);
g_free (homedir);
mask = umask(S_IRWXG|S_IRWXO);
paramfile = fopen(paramfilefilepath, "w");
- g_free(paramfilefilepath);
+ /* Check for successful open. If it didn't open, print the *actual*
+ * path it tried to open instead of ~/
+ */
if (!paramfile) {
- g_warning ("cannot open file : ~/.userdrakerc conf file for writing userdrake
configuration");
- return;
+ g_warning ("cannot open file : %s conf file for writing userdrake
+configuration",paramfilefilepath);
+ g_free(paramfilefilepath);
+ return;
}
+ g_free(paramfilefilepath);
for (parseparam=userdrakeconfbooleanenum;*parseparam;parseparam++)
if (GPOINTER_TO_INT (gtk_object_get_data(userdrakeconf, *parseparam)))
@@ -194,4 +207,5 @@
if (!paramfile) {
/* g_warning ("cannot open file : ~/.userdrakerc conf file for reading userdrake
configuration"); */
+ return
save_userdrake_conf();
paramfile = fopen(paramfilefilepath, "r");
@@ -222,5 +236,5 @@
gtk_object_set_data_full(userdrakeconf, buf, g_strdup(val), g_free);
else
- g_warning ("Unknow parameter in config file %s", buf);
+ g_warning ("Unknown parameter in config file %s", buf);
}
fclose (paramfile);
diff -u2 ./ldapuserlib.c ../../../userdrake-0.5/src/ldapuserlib.c
--- ./ldapuserlib.c 2002-11-19 13:28:08.000000000 -0800
+++ ../../../userdrake-0.5/src/ldapuserlib.c 2003-01-27 11:56:08.000000000 -0800
@@ -140,5 +140,6 @@
if (!g_strcasecmp ("gidNumber", val))
return POSIX_GROUP_GID;
- if (!g_strcasecmp ("memberUid", val))
+// if (!g_strcasecmp ("memberUid", val))
+ if (!g_strcasecmp ("uniqueMember", val))
return POSIX_GROUP_USERS;
return 0;
@@ -547,9 +548,14 @@
char * * users = NULL;
char * search_base;
-
+
LDAPMod attr_obj = {LDAP_MOD_ADD, "objectClass", {objectclass}};
LDAPMod attr_cn = {LDAP_MOD_ADD, "cn", {cn}};
LDAPMod attr_gid = {LDAP_MOD_ADD, "gidNumber", {gid}};
- LDAPMod attr_users = {LDAP_MOD_ADD, "memberUid", {users}};
+/* Changed this entry to allow uniqueMember instead of memberUid
+ * as this is required through the schema check in
+ * GroupOfUniqueNames
+ */
+// LDAPMod attr_users = {LDAP_MOD_ADD, "memberUid", {users}};
+ LDAPMod attr_users = {LDAP_MOD_ADD, "uniqueMember", {users}};
LDAPMod * * attrs = NULL;
@@ -574,6 +580,10 @@
users = (char**) malloc (sizeof(char*)*(++number_user));
number_user = 0;
- G_SLIST_FOREACH(group->listusers, parser) users[number_user++] = g_strdup_printf
("%s",
- ((User)parser->data)->login);
+/* Substitute the users dn instead of login for compatibility
+ * with GroupOfUniqueNames
+ */
+// G_SLIST_FOREACH(group->listusers, parser) users[number_user++] =
+g_strdup_printf ("%s", ((User)parser->data)->login);
+
+ G_SLIST_FOREACH(group->listusers, parser) users[number_user++] = g_strdup_printf
+("uid=%s,ou=People,%s", ((User)parser->data)->login, search_base);
users[number_user]=NULL;
attrs[3]->mod_vals.modv_strvals = users;
@@ -589,5 +599,5 @@
return 0;
}
- g_message ("Cannot add user %s with dn %s : %s", group->name, dn,
ldap_err2string(rc));
+ g_message ("Cannot add user to group %s with dn %s : %s", group->name, dn,
+ldap_err2string(rc));
g_free(dn);
return 1;
@@ -708,5 +718,10 @@
}
rnd[8]='\0';
- snprintf(salt, SALTSIZE, "$1$%s$", rnd);
+/* Changed this to use standard crypt passwords instead of md5
+ * to enable it to work with squid_ldap_auth which doesn't understand md5
+ * I suppose the better thing to do would be to add md5 auth to squid :)
+ */
+// snprintf(salt, SALTSIZE, "$1$%s$", rnd);
+ snprintf(salt, SALTSIZE, "%s", rnd);
salt[SALTSIZE-1]='\0';
#ifdef DEBUG