eDir Universal password implementation.
Olivier Beytrison
olivier at heliosnet.org
Fri Dec 7 17:12:54 CET 2012
On 07.12.2012 16:14, Alan DeKok wrote:
> I've cleaned up the code && pushed it back to the main repository.
> some comments:
>
> - formatting is good. By good, I mean "Alan is almost fanatical about
> formatting".
>
> - similar with variable names, etc. CamelCase is annoying. Hungarian
> notation with type-names is annoying.
>
> - "goto cleanup" is OK, but it should be done early, rather than
> checking for errors:
>
> if (!err...)
>
> That's BAD. Just do "if (err) goto cleanup"
>
> - simplicity is to be desired.
>
> - functions are "static" where possible
>
> - parameters are "char *str, size_t size", not the other way around.
>
> - I squashed all of the changes into one commit, and added the
> "configure" changes, too.
>
> - I didn't make any changes to the main rlm_ldap.c file.
> I'm not sure I'm happy with that code. There may be simpler ways to
> do it.
you mean in the authorize section ? How would your rather do it ?
> - malloc can be avoided for small buffers. (and should be avoided)
>
> Please grab a fresh copy, and see how it works for you.
Alright thanks for those inputs.
I've grabbed a fresh copy. Added @edir@ in all.mk.in for rlm_ldap
Everything compiles fine. Server starts. rlm_ldap loads correctly.
But The server fails to retrieve the universal password! Error code is
-1633 (buf_overflow)
Problem comes from edir.c:220. is MAX_STRING_LEN available ? I need to
gdb this to see the size of buffer ... but weird
On my side, I've implemented post-auth. tested. works like a charm.
Olivier
--
Olivier Beytrison
Network & Security Engineer, HES-SO Fribourg
Mobile: +41 (0)78 619 73 53
Mail: olivier at heliosnet.org
More information about the Freeradius-Devel
mailing list