File KOLAB_cyrus-imapd-2.3.18_UID.patch of Package cyrus-imapd.3194
Allows login by uid rather than the mail address on the cyrus imapd server [Version: 2.3.9]
Index: cyrus-imapd-2.3.17/configure
===================================================================
--- cyrus-imapd-2.3.17.orig/configure
+++ cyrus-imapd-2.3.17/configure
@@ -10860,7 +10860,7 @@ for flag in ${ldflags} ${default_ldflags
done
IMAP_COM_ERR_LIBS="${COM_ERR_LIBS}"
-IMAP_LIBS="${LIB_SASL} ${LIBS} ${SQL_LIBS}"
+IMAP_LIBS="${LIB_SASL} -lldap -llber ${LIBS} ${SQL_LIBS}"
Index: cyrus-imapd-2.3.17/imap/global.c
===================================================================
--- cyrus-imapd-2.3.17.orig/imap/global.c
+++ cyrus-imapd-2.3.17/imap/global.c
@@ -54,6 +54,9 @@
#include <netinet/in.h>
#include <sys/stat.h>
+#include <ldap.h>
+#include <lber.h>
+
#if HAVE_UNISTD_H
# include <unistd.h>
#endif
@@ -383,6 +386,18 @@ char *canonify_userid(char *user, char *
char *domain = NULL;
int len = strlen(user);
char buf[81];
+ const char *uri;
+ const char *base;
+ const char *binddn;
+ const char *bindpw;
+ struct timeval timeout;
+ char filter[255];
+ LDAP *handle;
+ LDAPMessage *res;
+ LDAPMessage *entry;
+ struct berval** vals;
+
+ int rc;
/* check for domain */
if (config_virtdomains &&
@@ -401,6 +416,49 @@ char *canonify_userid(char *user, char *
}
if (config_virtdomains) {
+ if (config_virtdomains == IMAP_ENUM_VIRTDOMAINS_LDAP) {
+ uri = config_getstring(IMAPOPT_LDAP_URI);
+ base = config_getstring(IMAPOPT_LDAP_BASE);
+ binddn = config_getstring(IMAPOPT_LDAP_BIND_DN);
+ bindpw = config_getstring(IMAPOPT_LDAP_PASSWORD);
+ timeout.tv_sec = config_getint(IMAPOPT_LDAP_TIME_LIMIT);
+ timeout.tv_usec = 0;
+ sprintf(filter, "(uid=%s)", user);
+ rc = ldap_initialize(&handle, uri);
+ if (rc != LDAP_SUCCESS) {
+ syslog(LOG_ERR, "ldap_initialize failed (%s)", uri);
+ } else {
+ rc = ldap_simple_bind_s(handle, binddn, bindpw);
+ if (rc != LDAP_SUCCESS) {
+ syslog(LOG_ERR, "ldap_simple_bind() failed %d (%s)", rc, ldap_err2string(rc));
+ } else {
+ rc = ldap_search_st(handle, base, LDAP_SCOPE_SUBTREE, filter, NULL, 0, &timeout, &res);
+ if (rc != LDAP_SUCCESS) {
+ syslog(LOG_ERR, "ldap_search_st failed %d (%s)", rc, ldap_err2string(rc));
+ } else {
+ if ( (entry = ldap_first_entry(handle, res)) != NULL ) {
+ // read mail attribute from entry
+ if ( (vals = ldap_get_values_len(handle, entry, "mail")) ) {
+ if (memchr(vals[0]->bv_val, '@', vals[0]->bv_len)) {
+ static char buf[81]; /* same size as in auth_canonifyid */
+ int len = ((sizeof(buf) - 1) > vals[0]->bv_len ? vals[0]->bv_len : sizeof(buf) - 1);
+ strncpy( buf, vals[0]->bv_val, len);
+ buf[len] = '\0'; /* make sure it's null-terminated */
+ ldap_value_free_len( vals );
+ ldap_msgfree( res );
+ ldap_unbind_s(handle); /* also frees handle */
+ syslog(LOG_DEBUG, "canonify: '%s'\n", buf);
+ return auth_canonifyid( buf, 0) ;
+ }
+ ldap_value_free_len( vals );
+ }
+ }
+ ldap_msgfree( res );
+ }
+ }
+ ldap_unbind_s(handle); /* also frees handle */
+ }
+ }
if (domain) {
if (config_defdomain && !strcasecmp(config_defdomain, domain+1)) {
*domain = '\0'; /* trim the default domain */
@@ -413,7 +471,7 @@ char *canonify_userid(char *user, char *
user = buf;
}
}
- else if (config_virtdomains != IMAP_ENUM_VIRTDOMAINS_USERID) {
+ else if (config_virtdomains != IMAP_ENUM_VIRTDOMAINS_USERID && config_virtdomains != IMAP_ENUM_VIRTDOMAINS_LDAP) {
socklen_t salen;
int error;
struct sockaddr_storage localaddr;
Index: cyrus-imapd-2.3.17/lib/imapoptions
===================================================================
--- cyrus-imapd-2.3.17.orig/lib/imapoptions
+++ cyrus-imapd-2.3.17/lib/imapoptions
@@ -1265,7 +1265,7 @@ product version in the capabilities */
mailbox hierarchy. The default is to use the netnews separator
character '.'. */
-{ "virtdomains", "off", ENUM("off", "userid", "on") }
+{ "virtdomains", "off", ENUM("off", "userid", "ldap", "on") }
/* Enable virtual domain support. If enabled, the user's domain will
be determined by splitting a fully qualified userid at the last '@'
or '%' symbol. If the userid is unqualified, and the virtdomains
