eDir Universal password implementation.

Olivier Beytrison olivier at heliosnet.org
Fri Dec 7 17:12:54 CET 2012

On 07.12.2012 16:14, Alan DeKok wrote:
>   I've cleaned up the code && pushed it back to the main repository.
> some comments:
> - formatting is good.  By good, I mean "Alan is almost fanatical about
> formatting".
> - similar with variable names, etc.  CamelCase is annoying.  Hungarian
> notation with type-names is annoying.
> - "goto cleanup" is OK, but it should be done early, rather than
> checking for errors:
> 	if (!err...)
>   That's BAD.  Just do "if (err) goto cleanup"
> - simplicity is to be desired.
> - functions are "static" where possible
> - parameters are "char *str, size_t size", not the other way around.
> - I squashed all of the changes into one commit, and added the
>   "configure" changes, too.
> - I didn't make any changes to the main rlm_ldap.c file.
>   I'm not sure I'm happy with that code.  There may be simpler ways to
> do it.

you mean in the authorize section ? How would your rather do it ?

> - malloc can be avoided for small buffers.  (and should be avoided)
>   Please grab a fresh copy, and see how it works for you.
Alright thanks for those inputs.

I've grabbed a fresh copy. Added @edir@ in all.mk.in for rlm_ldap
Everything compiles fine. Server starts. rlm_ldap loads correctly.

But The server fails to retrieve the universal password! Error code is
-1633 (buf_overflow)

Problem comes from edir.c:220. is MAX_STRING_LEN available ? I need to
gdb this to see the size of buffer ... but weird

On my side, I've implemented post-auth. tested. works like a charm.



 Olivier Beytrison
 Network & Security Engineer, HES-SO Fribourg
 Mobile: +41 (0)78 619 73 53
 Mail: olivier at heliosnet.org

More information about the Freeradius-Devel mailing list