rpms/autofs/devel autofs-5.0.0_beta6-auth-add-autodetect.patch, NONE, 1.1 autofs-5.0.0_beta6-correct-auto.smb.patch, NONE, 1.1 autofs.spec, 1.119, 1.120
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Fri Jul 7 04:25:05 UTC 2006
Author: ikent
Update of /cvs/dist/rpms/autofs/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv24403
Modified Files:
autofs.spec
Added Files:
autofs-5.0.0_beta6-auth-add-autodetect.patch
autofs-5.0.0_beta6-correct-auto.smb.patch
Log Message:
* Fri Jul 7 2006 Ian Kent <ikent at redhat.com> - 5.0.0_beta6-5
- correct auto.net installed as auto.smb.
- update LDAP auth - add autodectect option.
autofs-5.0.0_beta6-auth-add-autodetect.patch:
CHANGELOG | 1 +
include/lookup_ldap.h | 4 ++++
modules/lookup_ldap.c | 27 ++++++++++++++++++---------
samples/autofs_ldap_auth.conf | 14 ++++++++++----
4 files changed, 33 insertions(+), 13 deletions(-)
--- NEW FILE autofs-5.0.0_beta6-auth-add-autodetect.patch ---
diff --git a/CHANGELOG b/CHANGELOG
index a4a2fd5..b0fc850 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -8,6 +8,7 @@
- correct shutdown log message print.
- correct auth init test when no credentials required.
- correct auto.net installed as auto.smb.
+- update LDAP auth - add autodectect option.
29/6/2006 autofs-5.0.0_beta6
----------------------------
diff --git a/include/lookup_ldap.h b/include/lookup_ldap.h
index ebff193..9cc214a 100644
--- a/include/lookup_ldap.h
+++ b/include/lookup_ldap.h
@@ -55,6 +55,10 @@ #define LDAP_TLS_REQUIRED 1
#define LDAP_TLS_INIT 1
#define LDAP_TLS_RELEASE 2
+#define LDAP_AUTH_NOTREQUIRED 0x0001
+#define LDAP_AUTH_REQUIRED 0x0002
+#define LDAP_AUTH_AUTODETECT 0x0004
+
/* lookup_ldap.c */
LDAP *init_ldap_connection(struct lookup_context *ctxt);
int unbind_ldap_connection(LDAP *ldap, struct lookup_context *ctxt);
diff --git a/modules/lookup_ldap.c b/modules/lookup_ldap.c
index d105e44..ca1258d 100644
--- a/modules/lookup_ldap.c
+++ b/modules/lookup_ldap.c
@@ -184,7 +184,8 @@ #if WITH_SASL
debug(LOGOPT_NONE, "auth_required: %d, sasl_mech %s",
ctxt->auth_required, ctxt->sasl_mech);
- if (ctxt->auth_required || ctxt->sasl_mech) {
+ if (ctxt->sasl_mech ||
+ (ctxt->auth_required & (LDAP_AUTH_REQUIRED|LDAP_AUTH_AUTODETECT))) {
rv = autofs_sasl_bind(ldap, ctxt);
debug(LOGOPT_NONE, MODPREFIX
"autofs_sasl_bind returned %d", rv);
@@ -258,7 +259,8 @@ int authtype_requires_creds(const char *
int parse_ldap_config(struct lookup_context *ctxt)
{
int ret = 0, fallback = 0;
- unsigned int auth_required = 0, tls_required = 0, use_tls = 0;
+ unsigned int auth_required = LDAP_AUTH_NOTREQUIRED;
+ unsigned int tls_required = 0, use_tls = 0;
struct stat st;
xmlDocPtr doc = NULL;
xmlNodePtr root = NULL;
@@ -289,7 +291,7 @@ int parse_ldap_config(struct lookup_cont
ctxt->auth_conf = auth_conf;
ctxt->use_tls = LDAP_TLS_DONT_USE;
ctxt->tls_required = LDAP_TLS_DONT_USE;
- ctxt->auth_required = 0;
+ ctxt->auth_required = LDAP_AUTH_NOTREQUIRED;
ctxt->sasl_mech = NULL;
ctxt->user = NULL;
ctxt->secret = NULL;
@@ -402,17 +404,19 @@ int parse_ldap_config(struct lookup_cont
}
if (!authrequired)
- auth_required = 0;
+ auth_required = LDAP_AUTH_NOTREQUIRED;
else {
if (!strcasecmp(authrequired, "yes"))
- auth_required = 1;
+ auth_required = LDAP_AUTH_REQUIRED;
else if (!strcasecmp(authrequired, "no"))
- auth_required = 0;
+ auth_required = LDAP_AUTH_NOTREQUIRED;
+ else if (!strcasecmp(authrequired, "autodetect"))
+ auth_required = LDAP_AUTH_AUTODETECT;
else {
error(LOGOPT_ANY,
MODPREFIX
"The authrequired property must have value "
- "\"yes\" or \"no\".");
+ "\"yes\", \"no\" or \"autodetect\".");
ret = -1;
goto out;
}
@@ -511,7 +515,7 @@ int auth_init(struct lookup_context *ctx
if (ret)
return -1;
- if (!ctxt->auth_required)
+ if (ctxt->auth_required & LDAP_AUTH_NOTREQUIRED)
return 0;
ldap = init_ldap_connection(ctxt);
@@ -530,6 +534,11 @@ int auth_init(struct lookup_context *ctx
unbind_ldap_connection(ldap, ctxt);
if (ret) {
ctxt->sasl_mech = NULL;
+ if (ctxt->auth_required & LDAP_AUTH_AUTODETECT) {
+ warn(LOGOPT_NONE,
+ "no authentication mechanisms auto detected.");
+ return 0;
+ }
return -1;
}
@@ -880,7 +889,7 @@ #if WITH_SASL
* check by binding to the server temporarily.
*/
ret = auth_init(ctxt);
- if (ret && ctxt->auth_required) {
+ if (ret && (ctxt->auth_required & LDAP_AUTH_REQUIRED)) {
error(LOGOPT_ANY, MODPREFIX
"cannot initialize authentication setup");
free_context(ctxt);
diff --git a/samples/autofs_ldap_auth.conf b/samples/autofs_ldap_auth.conf
index 1b20c09..e10d1ea 100644
--- a/samples/autofs_ldap_auth.conf
+++ b/samples/autofs_ldap_auth.conf
@@ -15,13 +15,19 @@ tlsrequired - This flag tells whether
"yes"
"no"
-authrequired - This is a boolean flag which tells whether an
- authenticated connection to the ldap server is required in order
- to perform ldap queries. If this flag is set to yes, then only
- authenticated connections to the ldap server will be allowed.
+authrequired - This option tells whether an authenticated connection to
+ the ldap server is required in order to perform ldap queries.
+ If this flag is set to yes, then only authenticated connections
+ will be allowed. If it is set to no then authentication is not
+ needed for ldap server connections. Finally, if it is set to
+ autodetect then the ldap server will be queried to establish
+ a suitable authentication mechanism. If no suitable mechanism
+ can be found, connections to the ldap server are made without
+ authentication.
Legal values for this option include:
"yes"
"no"
+ "autodetect"
authtype - This attribute can be used to specify a preferred
authentication mechanism. In normal operations, the
autofs-5.0.0_beta6-correct-auto.smb.patch:
CHANGELOG | 1 +
samples/Makefile | 2 +-
2 files changed, 2 insertions(+), 1 deletion(-)
--- NEW FILE autofs-5.0.0_beta6-correct-auto.smb.patch ---
diff --git a/CHANGELOG b/CHANGELOG
index 1dc3293..a4a2fd5 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -7,6 +7,7 @@
- correct test for existence of auth config file.
- correct shutdown log message print.
- correct auth init test when no credentials required.
+- correct auto.net installed as auto.smb.
29/6/2006 autofs-5.0.0_beta6
----------------------------
diff --git a/samples/Makefile b/samples/Makefile
index d68c7b3..2cd90b1 100644
--- a/samples/Makefile
+++ b/samples/Makefile
@@ -166,7 +166,7 @@ auto.smb:
echo "Found existing backup of sample map \"auto.smb\"." ; \
echo "Installed package sample as \"auto.smb.new\"." ; \
else \
- install -v auto.net -m 755 $(SMB) \
+ install -v auto.smb -m 755 $(SMB) \
$(INSTALLROOT)$(autofsmapdir)/auto.smb ; \
echo "Installed package sample map as \"auto.smb\"." ; \
if test -z "$(SEXISTS)" ; \
Index: autofs.spec
===================================================================
RCS file: /cvs/dist/rpms/autofs/devel/autofs.spec,v
retrieving revision 1.119
retrieving revision 1.120
diff -u -r1.119 -r1.120
--- autofs.spec 5 Jul 2006 10:17:32 -0000 1.119
+++ autofs.spec 7 Jul 2006 04:24:58 -0000 1.120
@@ -4,7 +4,7 @@
Summary: A tool for automatically mounting and unmounting filesystems.
Name: autofs
%define version 5.0.0_beta6
-%define release 4
+%define release 5
Version: %{version}
Release: %{release}
Epoch: 1
@@ -18,6 +18,8 @@
Patch5: autofs-5.0.0_beta6-auth-config-exits.patch
Patch6: autofs-5.0.0_beta6-shutdown-log-message.patch
Patch7: autofs-5.0.0_beta6-check-no-creds-required.patch
+Patch8: autofs-5.0.0_beta6-correct-auto.smb.patch
+Patch9: autofs-5.0.0_beta6-auth-add-autodetect.patch
Buildroot: /var/tmp/autofs-tmp
BuildRequires: autoconf, hesiod-devel, openldap-devel, bison, flex, libxml2-devel, cyrus-sasl-devel, openssl-devel
Prereq: chkconfig
@@ -63,6 +65,8 @@
%patch5 -p1
%patch6 -p1
%patch7 -p1
+%patch8 -p1
+%patch9 -p1
%build
#CFLAGS="$RPM_OPT_FLAGS" ./configure --prefix=/usr --libdir=%{_libdir}
@@ -119,6 +123,10 @@
%{_libdir}/autofs/*
%changelog
+* Fri Jul 7 2006 Ian Kent <ikent at redhat.com> - 5.0.0_beta6-5
+- correct auto.net installed as auto.smb.
+- update LDAP auth - add autodectect option.
+
* Wed Jul 5 2006 Ian Kent <ikent at redhat.com> - 5.0.0_beta6-4
- correct shutdown log message print.
- correct auth init test when no credentials required.
More information about the fedora-cvs-commits
mailing list