LDAP Accounting
Arran Cudbard-Bell
a.cudbardb at freeradius.org
Mon Dec 10 17:06:55 CET 2012
On 10 Dec 2012, at 13:30, Olivier Beytrison <olivier at heliosnet.org> wrote:
> On 10.12.2012 12:52, Arran Cudbard-Bell wrote:
>> Behaviour change for eDir users in 3.0, if you just want to do auth/autz you should remove the call to ldap in post-auth, and set edir_autz = "yes" in the LDAP config.
>>
>> This is more efficient, and frees up Post-Auth for doing accounting stuff.
>
> I'm deploying it and will report the tests results.
>
> on a side note, got two new warning for rlm_ldap.c
>
> src/modules/rlm_ldap/rlm_ldap.c: In function ‘ldap_conn_create’:
> src/modules/rlm_ldap/rlm_ldap.c:563:2: warning: implicit declaration of
> function ‘ldap_int_tls_config’ [-Wimplicit-function-declaration]
Hmm the symbol is present in the library, but there's no signature definition in the headers. This is an OpenLDAP issue.
> src/modules/rlm_ldap/rlm_ldap.c: In function ‘user_modify’:
> src/modules/rlm_ldap/rlm_ldap.c:2248:22: warning: assignment discards
> ‘const’ qualifier from pointer target type [enabled by default]
Stupid lack of const, grrr. OK well, fixed that.
> src/modules/rlm_ldap/rlm_ldap.c: In function ‘ldap_authorize’:
> src/modules/rlm_ldap/rlm_ldap.c:2028:5: warning: ‘user_dn’ may be used
> uninitialized in this function [-Wuninitialized]
Ah quite right, well done GCC.
Pushed fix.
-Arran
More information about the Freeradius-Devel
mailing list