eDir Universal password implementation.
Arran Cudbard-Bell
a.cudbardb at freeradius.org
Fri Dec 7 15:59:37 CET 2012
On 7 Dec 2012, at 14:04, Olivier Beytrison <olivier at heliosnet.org> wrote:
> On 07.12.2012 14:21, Alan DeKok wrote:
>> Olivier Beytrison wrote:
>>> What has to be done, and where I need some hints :
>>> - Now that we have the cleartext-password, we're not going in the
>>> ldap_authenticate anymore. In the past with Auth-Type=LDAP it was
>>> possible, but setting Auth-Type=LDAP triggers a module_fail after the
>>> rewrite.
>>
>> What does that mean?
>
> Well I was wrong, if you use only universal password, you don't need to
> got into ldap module during authenticate. But there was the post-auth
> section to enforce edir account policy. Is it ok for you if I implement
> it the same way (in post-auth) by re-using almost the same code as for
> ldap_authenticate ?
>
>>> - add the IFDEF NOVELL around the added code (i can do it that's ok)
>>
>> That's easy to do.
>
> and it's done
>>> - adapt the Makefile in order to compile edir_upwd.c only if configure
>>> has --with-edir (need help on that point)
>>
>> That's easy to do.
>
> Well I'll try to figure it out myself then ;)
The option is already there just add a substituion in Makefile.in and all.mk
for @edir@
https://github.com/FreeRADIUS/freeradius-server/blob/master/src/modules/rlm_ldap/all.mk.in#L7
Would be:
SOURCES := $(TARGETNAME).c @edir@
If it's built --with-edir @edir@ will be expanded to edir_ldapext.c
If --with-edir is passed -DNOVELL_UNIVERSAL_PASSWORD -DNOVELL will also be added to module CFLAGS.
>
>>> - return an error in the debug if universal password is not found, but
>>> do not fail the module (or should I ?)
>>
>> It should return a NOOP.
>
> done
>
> On a side not, because I'm also new to github, how can I sum up all the
> changes in a single commit in order to make the pull request ?
git rebase -i HEAD~<number of commits you want to squash>
Change the start of the commit lines you want to squash to 'f'
Git push --force origin master
then you can just do a pull request for your master branch on the github website.
-Arran
More information about the Freeradius-Devel
mailing list