[svn:qpsmtpd] r959 - contrib/vetinari

Tue, 09 Dec 2008 11:58:06 -0800 

Author: vetinari
Date: Tue Dec  9 11:57:53 2008
New Revision: 959

Modified:
   contrib/vetinari/rcpt_ldap

Log:
rcpt_ldap - restore ldap authentication ... 

Modified: contrib/vetinari/rcpt_ldap
==============================================================================
--- contrib/vetinari/rcpt_ldap  (original)
+++ contrib/vetinari/rcpt_ldap  Tue Dec  9 11:57:53 2008
@@ -33,6 +33,8 @@
     # set any values that are not already
     $self->{"ldconf"}->{"ldap_host"} ||= "127.0.0.1";
     $self->{"ldconf"}->{"ldap_port"} ||= 389;
+    $self->{"ldconf"}->{"ldap_user"} ||= "";
+    $self->{"ldconf"}->{"ldap_password"} ||= "";
     $self->{"ldconf"}->{"ldap_timeout"} ||= 5;
     $self->{"ldconf"}->{"ldap_rcpt_filter_attr"} ||= "dn";
     $self->{"ldconf"}->{"ldap_rcpt_filter"} ||= 
@@ -48,7 +50,12 @@
 
     my ($self, $transaction, $recipient) = @_;
     my ($ldhost, $ldport, $ldwait, $ldbase, $ldfattr, $ldfilter, $lduserdn, 
-        $ldh, $mesg, $rcpt, $user, $host);
+        $ldh, $mesg, $rcpt, $user, $host, $ldbinddn, $ldbindpw);
+
+    unless (&is_rcpthost($self,$recipient->user,$recipient->host)) {
+         return (OK) if $self->qp->connection->relay_client;
+         return (DECLINED);
+    }
 
     my @ldap_domains = $self->qp->config("ldap_domains");
     if (@ldap_domains) {
@@ -68,6 +75,8 @@
     $ldhost = $self->{"ldconf"}->{"ldap_host"};
     $ldport = $self->{"ldconf"}->{"ldap_port"};
     $ldbase = $self->{"ldconf"}->{"ldap_base"};
+    $ldbinddn = $self->{"ldconf"}->{"ldap_user"};
+    $ldbindpw = $self->{"ldconf"}->{"ldap_password"};
 
     # log error here and DECLINE if no baseDN, because a custom 
     # baseDN is required:
@@ -75,6 +84,13 @@
         $self->log(LOGERROR, "ldap_rcpt - please configure ldap_base") &&
           return (DECLINED, "temporary user lookup error");
     }
+    if (($ldbinddn ne "") && ($ldbindpw ne "")) {
+       $ldh->bind($ldbinddn, password => $ldbindpw)
+       or
+       $self->log(LOGALERT, "ldap_rcpt - error trying to bind with user and 
password") 
+       &&  
+       return (DENYSOFT, "temporary user lookup error");
+    }
     $ldwait     = $self->{"ldconf"}->{'ldap_timeout'};
     $ldfattr    = $self->{"ldconf"}->{'ldap_rcpt_filter_attr'};
 
@@ -215,6 +231,10 @@
 
 - added $user+$mbox support
 
+- ldap authentication (by Guilherme Buonfiglio)
+
+- "ldap_domains" config
+
 =head1 AUTHOR
 
 Hanno Hecker <[EMAIL PROTECTED]>

Reply via email to