Overview

File sudo-1.8.2-set_ldap_options.patch of Package sudo.openSUSE_12.1_Update

Index: sudo-1.8.2/plugins/sudoers/ldap.c
===================================================================
--- sudo-1.8.2.orig/plugins/sudoers/ldap.c	2012-06-01 17:09:03.560412194 +0200
+++ sudo-1.8.2/plugins/sudoers/ldap.c	2012-06-01 17:11:53.041400831 +0200
@@ -1800,7 +1800,7 @@ sudo_ldap_sasl_interact(LDAP *ld, unsign
  * Set LDAP options based on the config table.
  */
 static int
-sudo_ldap_set_options(LDAP *ld)
+sudo_ldap_set_options(LDAP *ld, short global)
 {
     struct ldap_config_table *cur;
     int rc;
@@ -1820,6 +1820,13 @@ sudo_ldap_set_options(LDAP *ld)
 	if (cur->opt_val == -1)
 	    continue;
 
+	/* skip connection-specific when setting global options */
+	if (global == TRUE && cur->connected)
+	    continue;
+	/* skip global when setting connection-specific options */
+	if (global == FALSE && !cur->connected)
+	    continue;
+
 	conn = cur->connected ? ld : NULL;
 	switch (cur->type) {
 	case CONF_BOOL:
@@ -1849,6 +1856,33 @@ sudo_ldap_set_options(LDAP *ld)
 	    break;
 	}
     }
+    return(0);
+}
+
+/*
+ * Set global LDAP options
+ */
+static int
+sudo_ldap_set_options_global(void)
+{
+    int rc;
+    rc = sudo_ldap_set_options(NULL, TRUE);
+    if (rc == -1)
+	return(-1);
+    return(0);
+}
+
+/*
+ * Set global LDAP options
+ */
+static int
+sudo_ldap_set_options_connection_specific(ld)
+    LDAP *ld;
+{
+    int rc;
+    rc = sudo_ldap_set_options(ld, FALSE);
+    if (rc == -1)
+	return(-1);
 
 #ifdef LDAP_OPT_TIMEOUT
     /* Convert timeout to a timeval */
@@ -2065,6 +2099,10 @@ sudo_ldap_open(struct sudo_nss *nss)
 	setenv("LDAPNOINIT", "1", TRUE);
     }
 
+    /* Set global LDAP options */
+    if (sudo_ldap_set_options_global() < 0)
+	return -1;
+
     /* Connect to LDAP server */
 #ifdef HAVE_LDAP_INITIALIZE
     if (ldap_conf.uri != NULL) {
@@ -2083,8 +2121,8 @@ sudo_ldap_open(struct sudo_nss *nss)
     if (ldapnoinit)
 	unsetenv("LDAPNOINIT");
 
-    /* Set LDAP options */
-    if (sudo_ldap_set_options(ld) < 0)
+    /* Set connection-specific LDAP options */
+    if (sudo_ldap_set_options_connection_specific(ld) < 0)
 	return -1;
 
     if (ldap_conf.ssl_mode == SUDO_LDAP_STARTTLS) {
openSUSE Build Service is sponsored by
Places