From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Ted Zlatanov Newsgroups: gmane.emacs.devel Subject: Re: [PATCH] ldap.el: use auth-source if passwd is not defined in ldap-host-parameters-list Date: Fri, 04 Mar 2011 21:07:38 -0600 Organization: =?utf-8?B?0KLQtdC+0LTQvtGAINCX0LvQsNGC0LDQvdC+0LI=?= @ Cienfuegos Message-ID: <87ipvyz2md.fsf@lifelogs.com> References: <878vwuvciv.fsf@bifteki.lan> NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" X-Trace: dough.gmane.org 1299294484 12642 80.91.229.12 (5 Mar 2011 03:08:04 GMT) X-Complaints-To: usenet@dough.gmane.org NNTP-Posting-Date: Sat, 5 Mar 2011 03:08:04 +0000 (UTC) To: emacs-devel@gnu.org Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Sat Mar 05 04:07:59 2011 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([199.232.76.165]) by lo.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1PvhqZ-0006ZR-4e for ged-emacs-devel@m.gmane.org; Sat, 05 Mar 2011 04:07:59 +0100 Original-Received: from localhost ([127.0.0.1]:56594 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1PvhqY-0006jf-FU for ged-emacs-devel@m.gmane.org; Fri, 04 Mar 2011 22:07:58 -0500 Original-Received: from [140.186.70.92] (port=45426 helo=eggs.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1PvhqS-0006gy-D7 for emacs-devel@gnu.org; Fri, 04 Mar 2011 22:07:54 -0500 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1PvhqR-0004fi-Eb for emacs-devel@gnu.org; Fri, 04 Mar 2011 22:07:52 -0500 Original-Received: from lo.gmane.org ([80.91.229.12]:33812) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1PvhqQ-0004fd-VF for emacs-devel@gnu.org; Fri, 04 Mar 2011 22:07:51 -0500 Original-Received: from list by lo.gmane.org with local (Exim 4.69) (envelope-from ) id 1PvhqP-0006Y0-LW for emacs-devel@gnu.org; Sat, 05 Mar 2011 04:07:49 +0100 Original-Received: from c-67-186-102-106.hsd1.il.comcast.net ([67.186.102.106]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Sat, 05 Mar 2011 04:07:49 +0100 Original-Received: from tzz by c-67-186-102-106.hsd1.il.comcast.net with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Sat, 05 Mar 2011 04:07:49 +0100 X-Injected-Via-Gmane: http://gmane.org/ Original-Lines: 114 Original-X-Complaints-To: usenet@dough.gmane.org X-Gmane-NNTP-Posting-Host: c-67-186-102-106.hsd1.il.comcast.net X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6; d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT= D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx" User-Agent: Gnus/5.110014 (No Gnus v0.14) Emacs/24.0.50 (gnu/linux) Cancel-Lock: sha1:qPcLSiZlYOqzKSFMWrI2zFz+wg0= X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 3) X-Received-From: 80.91.229.12 X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:136782 Archived-At: --=-=-= Content-Type: text/plain On Fri, 04 Mar 2011 22:47:20 +0200 Leonidas Tsampros wrote: LT> Attached you can find a small patch to make ldap.el use auth-source if LT> passwd is not defined in the ldap-host-parameters-list. Cool! I made some changes to it, please let me know what you think: - must pass `auth-source' set to t in the SEARCH-PLIST to activate this functionality (I don't know if you agree) - search for 'port "ldap"' entries in the netrc file (should we default to no port?) - take the password and use it - take "binddn" or "user" tokens for `binddn' - take "base" tokens for `base' so the user can have a netrc line like this machine X user Y password Z base B port ldap I tried to document it to explain all this. If I'm going in the wrong direction, tell me. I don't know ldap.el so well. Ted --=-=-= Content-Type: text/x-diff Content-Disposition: inline; filename=auth-source.ldap.patch === modified file 'lisp/net/ldap.el' --- lisp/net/ldap.el 2011-01-25 04:08:28 +0000 +++ lisp/net/ldap.el 2011-03-05 03:05:46 +0000 @@ -36,6 +36,8 @@ (require 'custom) (eval-when-compile (require 'cl)) +(autoload 'auth-source-search "auth-source") + (defgroup ldap nil "Lightweight Directory Access Protocol." :version "21.1" @@ -480,6 +482,21 @@ "Perform a search on a LDAP server. SEARCH-PLIST is a property list describing the search request. Valid keys in that list are: + + `auth-source', if non-nil, will use `auth-source-search' and +will grab the :host, :secret, :base, and (:user or :binddn) +tokens into the `host', `passwd', `base', and `binddn' parameters +respectively if they are not provided in SEARCH-PLIST. So for +instance *each* of these netrc lines has the same effect if you +ask for the host \"ldapserver:2400\": + + machine ldapserver:2400 login myDN secret myPassword base myBase port ldap + machine ldapserver:2400 binddn myDN secret myPassword port ldap + login myDN secret myPassword base myBase port ldap + +but if you have more than one in your netrc file, only the first +matching one will be used. + `host' is a string naming one or more (blank-separated) LDAP servers to to try to connect to. Each host name may optionally be of the form HOST:PORT. `filter' is a filter string for the search as described in RFC 1558. @@ -500,19 +517,35 @@ its distinguished name DN. The function returns a list of matching entries. Each entry is itself an alist of attribute/value pairs." - (let ((buf (get-buffer-create " *ldap-search*")) + (let* ((buf (get-buffer-create " *ldap-search*")) (bufval (get-buffer-create " *ldap-value*")) (host (or (plist-get search-plist 'host) ldap-default-host)) + ;; find entries with port "ldap" that match the requested host if any + (asfound (when (plist-get search-plist 'auth-source) + (nth 0 (auth-source-search :host (or host t) + :port "ldap" + :create t)))) + ;; if no host was requested, get it from the auth-source entry + (host (or host (plist-get asfound :host))) + ;; get the password from the auth-source + (passwd (or (plist-get search-plist 'passwd) + (plist-get asfound :secret))) + ;; convert the password from a function call if needed + (passwd (if (functionp passwd) (funcall passwd) passwd)) + ;; get the binddn from the search-list or from the + ;; auth-source user or binddn tokens + (binddn (or (plist-get search-plist 'binddn) + (plist-get asfound :user) + (plist-get asfound :binddn))) + (base (or (plist-get search-plist 'base) + (plist-get asfound :base) + ldap-default-base)) (filter (plist-get search-plist 'filter)) (attributes (plist-get search-plist 'attributes)) (attrsonly (plist-get search-plist 'attrsonly)) - (base (or (plist-get search-plist 'base) - ldap-default-base)) (scope (plist-get search-plist 'scope)) - (binddn (plist-get search-plist 'binddn)) (auth (plist-get search-plist 'auth)) - (passwd (plist-get search-plist 'passwd)) (deref (plist-get search-plist 'deref)) (timelimit (plist-get search-plist 'timelimit)) (sizelimit (plist-get search-plist 'sizelimit)) --=-=-=--