]> git.netwichtig.de Git - user/henk/code/inspircd.git/blobdiff - src/modules/extra/m_ldapoper.cpp
projects / user / henk / code / inspircd.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Fix inverted return on ldapoper
[user/henk/code/inspircd.git] / src / modules / extra / m_ldapoper.cpp
diff --git a/src/modules/extra/m_ldapoper.cpp b/src/modules/extra/m_ldapoper.cpp
index 43525aa4d5ac2c60232318569998125891de6475..45f03aa8ef6c6df4e5c441c554af1377996583af 100644 (file)
--- a/src/modules/extra/m_ldapoper.cpp
+++ b/src/modules/extra/m_ldapoper.cpp
@@ -2,7 +2,7 @@
  *       | Inspire Internet Relay Chat Daemon |
  *       +------------------------------------+
  *
- *  InspIRCd: (C) 2002-2009 InspIRCd Development Team
+ *  InspIRCd: (C) 2002-2010 InspIRCd Development Team
  * See: http://wiki.inspircd.org/Credits
  *
  * This program is free but copyrighted software; see
@@ -41,9 +41,8 @@ class ModuleLDAPAuth : public Module
        LDAP *conn;
 
 public:
-       ModuleLDAPAuth(InspIRCd* Me)
-       : Module(Me)
-       {
+       ModuleLDAPAuth()
+               {
                conn = NULL;
                Implementation eventlist[] = { I_OnRehash, I_OnPassCompare };
                ServerInstance->Modules->Attach(eventlist, this, 2);
@@ -58,7 +57,7 @@ public:
 
        virtual void OnRehash(User* user)
        {
-               ConfigReader Conf(ServerInstance);
+               ConfigReader Conf;
 
                base                    = Conf.ReadValue("ldapoper", "baserdn", 0);
                ldapserver              = Conf.ReadValue("ldapoper", "server", 0);
@@ -97,22 +96,21 @@ public:
                return true;
        }
 
-       virtual int OnPassCompare(Extensible* ex, const std::string &data, const std::string &input, const std::string &hashtype)
+       virtual ModResult OnPassCompare(Extensible* ex, const std::string &data, const std::string &input, const std::string &hashtype)
        {
-               User* user = dynamic_cast<User*>(ex);
                if (hashtype == "ldap")
                {
-                       if (LookupOper(user, data, input))
-                       {
+                       if (LookupOper(data, input))
                                /* This is an ldap oper and has been found, claim the OPER command */
-                               return 1;
-                       }
+                               return MOD_RES_ALLOW;
+                       else
+                               return MOD_RES_DENY;
                }
                /* We don't know this oper! */
-               return 0;
+               return MOD_RES_PASSTHRU;
        }
 
-       bool LookupOper(User* user, const std::string &what, const std::string &opassword)
+       bool LookupOper(const std::string &what, const std::string &opassword)
        {
                if (conn == NULL)
                        if (!Connect())
@@ -127,10 +125,21 @@ public:
 
                if ((res = ldap_sasl_bind_s(conn, username.c_str(), LDAP_SASL_SIMPLE, &cred, NULL, NULL, NULL)) != LDAP_SUCCESS)
                {
-                       free(authpass);
-                       ldap_unbind_ext(conn, NULL, NULL);
-                       conn = NULL;
-                       return false;
+                       if (res == LDAP_SERVER_DOWN)
+                       {
+                               // Attempt to reconnect if the connection dropped
+                               ServerInstance->SNO->WriteToSnoMask('a', "LDAP server has gone away - reconnecting...");
+                               Connect();
+                               res = ldap_sasl_bind_s(conn, username.c_str(), LDAP_SASL_SIMPLE, &cred, NULL, NULL, NULL);
+                       }
+
+                       if (res != LDAP_SUCCESS)
+                       {
+                               free(authpass);
+                               ldap_unbind_ext(conn, NULL, NULL);
+                               conn = NULL;
+                               return false;
+                       }
                }
                free(authpass);
 
@@ -168,7 +177,7 @@ public:
 
        virtual Version GetVersion()
        {
-               return Version("$Id$", VF_VENDOR, API_VERSION);
+               return Version("Allow/Deny connections based upon answer from LDAP server", VF_VENDOR);
        }
 
 };