diff options
Diffstat (limited to 'src/ejabberd_auth_ldap.erl')
| -rw-r--r-- | src/ejabberd_auth_ldap.erl | 63 |
1 files changed, 44 insertions, 19 deletions
diff --git a/src/ejabberd_auth_ldap.erl b/src/ejabberd_auth_ldap.erl index 45964d669..51b466ef4 100644 --- a/src/ejabberd_auth_ldap.erl +++ b/src/ejabberd_auth_ldap.erl @@ -5,7 +5,7 @@ %%% Created : 12 Dec 2004 by Alexey Shchepin <alexey@process-one.net> %%% %%% -%%% ejabberd, Copyright (C) 2002-2015 ProcessOne +%%% ejabberd, Copyright (C) 2002-2016 ProcessOne %%% %%% This program is free software; you can redistribute it and/or %%% modify it under the terms of the GNU General Public License as @@ -25,6 +25,8 @@ -module(ejabberd_auth_ldap). +-behaviour(ejabberd_config). + -author('alexey@process-one.net'). -behaviour(gen_server). @@ -34,16 +36,15 @@ -export([init/1, handle_info/2, handle_call/3, handle_cast/2, terminate/2, code_change/3]). -%% External exports -export([start/1, stop/1, start_link/1, set_password/3, check_password/4, check_password/6, try_register/3, dirty_get_registered_users/0, get_vh_registered_users/1, - get_vh_registered_users/2, - get_vh_registered_users_number/1, + get_vh_registered_users/2, + get_vh_registered_users_number/1, get_vh_registered_users_number/2, get_password/2, get_password_s/2, is_user_exists/2, remove_user/2, - remove_user/3, store_type/0, - plain_password_required/0]). + remove_user/3, store_type/0, plain_password_required/0, + opt_type/1]). -include("ejabberd.hrl"). -include("logger.hrl"). @@ -119,13 +120,13 @@ check_password(User, AuthzId, Server, Password) -> if AuthzId /= <<>> andalso AuthzId /= User -> false; true -> - if Password == <<"">> -> false; - true -> - case catch check_password_ldap(User, Server, Password) - of - {'EXIT', _} -> false; - Result -> Result - end + if Password == <<"">> -> false; + true -> + case catch check_password_ldap(User, Server, Password) + of + {'EXIT', _} -> false; + Result -> Result + end end end. @@ -231,11 +232,11 @@ get_vh_registered_users_ldap(Server) -> UIDFormat) of {ok, U} -> - case jlib:nodeprep(U) of + case jid:nodeprep(U) of error -> []; LU -> [{LU, - jlib:nameprep(Server)}] + jid:nameprep(Server)}] end; _ -> [] end @@ -364,7 +365,7 @@ parse_options(Host) -> Eldap_ID = jlib:atom_to_binary(gen_mod:get_module_proc(Host, ?MODULE)), Bind_Eldap_ID = jlib:atom_to_binary( gen_mod:get_module_proc(Host, bind_ejabberd_auth_ldap)), - UIDsTemp = eldap_utils:get_opt( + UIDsTemp = gen_mod:get_opt( {ldap_uids, Host}, [], fun(Us) -> lists:map( @@ -379,7 +380,7 @@ parse_options(Host) -> end, [{<<"uid">>, <<"%u">>}]), UIDs = eldap_utils:uids_domain_subst(Host, UIDsTemp), SubFilter = eldap_utils:generate_subfilter(UIDs), - UserFilter = case eldap_utils:get_opt( + UserFilter = case gen_mod:get_opt( {ldap_filter, Host}, [], fun check_filter/1, <<"">>) of <<"">> -> @@ -390,7 +391,7 @@ parse_options(Host) -> SearchFilter = eldap_filter:do_sub(UserFilter, [{<<"%u">>, <<"*">>}]), {DNFilter, DNFilterAttrs} = - eldap_utils:get_opt({ldap_dn_filter, Host}, [], + gen_mod:get_opt({ldap_dn_filter, Host}, [], fun([{DNF, DNFA}]) -> NewDNFA = case DNFA of undefined -> @@ -402,7 +403,7 @@ parse_options(Host) -> NewDNF = check_filter(DNF), {NewDNF, NewDNFA} end, {undefined, []}), - LocalFilter = eldap_utils:get_opt( + LocalFilter = gen_mod:get_opt( {ldap_local_filter, Host}, [], fun(V) -> V end), #state{host = Host, eldap_id = Eldap_ID, bind_eldap_id = Bind_Eldap_ID, @@ -422,3 +423,27 @@ check_filter(F) -> NewF = iolist_to_binary(F), {ok, _} = eldap_filter:parse(NewF), NewF. + +opt_type(ldap_dn_filter) -> + fun ([{DNF, DNFA}]) -> + NewDNFA = case DNFA of + undefined -> []; + _ -> [iolist_to_binary(A) || A <- DNFA] + end, + NewDNF = check_filter(DNF), + {NewDNF, NewDNFA} + end; +opt_type(ldap_filter) -> fun check_filter/1; +opt_type(ldap_local_filter) -> fun (V) -> V end; +opt_type(ldap_uids) -> + fun (Us) -> + lists:map(fun ({U, P}) -> + {iolist_to_binary(U), iolist_to_binary(P)}; + ({U}) -> {iolist_to_binary(U)}; + (U) -> {iolist_to_binary(U)} + end, + lists:flatten(Us)) + end; +opt_type(_) -> + [ldap_dn_filter, ldap_filter, ldap_local_filter, + ldap_uids]. |