summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRobin Burchell <robin+git@viroteck.net>2012-11-28 17:53:44 +0100
committerRobin Burchell <robin+git@viroteck.net>2012-11-29 10:06:55 +0100
commit83a89fc3f61a90275f86981fc32b1daa8e85d1b0 (patch)
treea4672af76182fb527cc1aa971a010400e39ea79e
parent2d2e0469b8ac7c64c9dc22f7074db8fc245e2f13 (diff)
ldapauth: Rework required attributes code to use only one exit path.
This makes the upcoming patch to add optional virtual host support cleaner.
-rw-r--r--src/modules/extra/m_ldapauth.cpp40
1 files changed, 19 insertions, 21 deletions
diff --git a/src/modules/extra/m_ldapauth.cpp b/src/modules/extra/m_ldapauth.cpp
index 2102b7492..f908e7f76 100644
--- a/src/modules/extra/m_ldapauth.cpp
+++ b/src/modules/extra/m_ldapauth.cpp
@@ -263,37 +263,35 @@ public:
return false;
}
- if (requiredattributes.empty())
+ if (!requiredattributes.empty())
{
- ldap_msgfree(msg);
- ldapAuthed.set(user,1);
- return true;
- }
+ bool authed = false;
- bool authed = false;
+ for (std::vector<std::pair<std::string, std::string> >::const_iterator it = requiredattributes.begin(); it != requiredattributes.end(); ++it)
+ {
+ const std::string &attr = it->first;
+ const std::string &val = it->second;
- for (std::vector<std::pair<std::string, std::string> >::const_iterator it = requiredattributes.begin(); it != requiredattributes.end(); ++it)
- {
- const std::string &attr = it->first;
- const std::string &val = it->second;
+ struct berval attr_value;
+ attr_value.bv_val = const_cast<char*>(val.c_str());
+ attr_value.bv_len = val.length();
- struct berval attr_value;
- attr_value.bv_val = const_cast<char*>(val.c_str());
- attr_value.bv_len = val.length();
+ ServerInstance->Logs->Log("m_ldapauth", DEBUG, "LDAP compare: %s=%s", attr.c_str(), val.c_str());
- ServerInstance->Logs->Log("m_ldapauth", DEBUG, "LDAP compare: %s=%s", attr.c_str(), val.c_str());
+ authed = (ldap_compare_ext_s(conn, ldap_get_dn(conn, entry), attr.c_str(), &attr_value, NULL, NULL) == LDAP_COMPARE_TRUE);
- authed = (ldap_compare_ext_s(conn, ldap_get_dn(conn, entry), attr.c_str(), &attr_value, NULL, NULL) == LDAP_COMPARE_TRUE);
+ if (authed)
+ break;
+ }
- if (authed)
- break;
+ if (!authed)
+ {
+ ldap_msgfree(msg);
+ return false;
+ }
}
ldap_msgfree(msg);
-
- if (!authed)
- return false;
-
ldapAuthed.set(user,1);
return true;
}