diff options
| author | Robin Burchell <robin+git@viroteck.net> | 2012-11-28 17:53:44 +0100 |
|---|---|---|
| committer | Robin Burchell <robin+git@viroteck.net> | 2012-11-29 10:06:55 +0100 |
| commit | 83a89fc3f61a90275f86981fc32b1daa8e85d1b0 (patch) | |
| tree | a4672af76182fb527cc1aa971a010400e39ea79e /src | |
| parent | 2d2e0469b8ac7c64c9dc22f7074db8fc245e2f13 (diff) | |
ldapauth: Rework required attributes code to use only one exit path.
This makes the upcoming patch to add optional virtual host support cleaner.
Diffstat (limited to 'src')
| -rw-r--r-- | src/modules/extra/m_ldapauth.cpp | 40 |
1 files changed, 19 insertions, 21 deletions
diff --git a/src/modules/extra/m_ldapauth.cpp b/src/modules/extra/m_ldapauth.cpp index 2102b7492..f908e7f76 100644 --- a/src/modules/extra/m_ldapauth.cpp +++ b/src/modules/extra/m_ldapauth.cpp @@ -263,37 +263,35 @@ public: return false; } - if (requiredattributes.empty()) + if (!requiredattributes.empty()) { - ldap_msgfree(msg); - ldapAuthed.set(user,1); - return true; - } + bool authed = false; - bool authed = false; + for (std::vector<std::pair<std::string, std::string> >::const_iterator it = requiredattributes.begin(); it != requiredattributes.end(); ++it) + { + const std::string &attr = it->first; + const std::string &val = it->second; - for (std::vector<std::pair<std::string, std::string> >::const_iterator it = requiredattributes.begin(); it != requiredattributes.end(); ++it) - { - const std::string &attr = it->first; - const std::string &val = it->second; + struct berval attr_value; + attr_value.bv_val = const_cast<char*>(val.c_str()); + attr_value.bv_len = val.length(); - struct berval attr_value; - attr_value.bv_val = const_cast<char*>(val.c_str()); - attr_value.bv_len = val.length(); + ServerInstance->Logs->Log("m_ldapauth", DEBUG, "LDAP compare: %s=%s", attr.c_str(), val.c_str()); - ServerInstance->Logs->Log("m_ldapauth", DEBUG, "LDAP compare: %s=%s", attr.c_str(), val.c_str()); + authed = (ldap_compare_ext_s(conn, ldap_get_dn(conn, entry), attr.c_str(), &attr_value, NULL, NULL) == LDAP_COMPARE_TRUE); - authed = (ldap_compare_ext_s(conn, ldap_get_dn(conn, entry), attr.c_str(), &attr_value, NULL, NULL) == LDAP_COMPARE_TRUE); + if (authed) + break; + } - if (authed) - break; + if (!authed) + { + ldap_msgfree(msg); + return false; + } } ldap_msgfree(msg); - - if (!authed) - return false; - ldapAuthed.set(user,1); return true; } |