Software /
code /
prosody-modules
Diff
mod_auth_ldap/mod_auth_ldap.lua @ 1611:770236ea9678
mod_auth_ldap: Fix use of ldap_search, and generalize it to support password modification as well.
author | Waqas Hussain <waqas20@gmail.com> |
---|---|
date | Fri, 13 Feb 2015 11:06:06 -0500 |
parent | 1610:062ed39a1805 |
child | 1987:6d7699eda594 |
line wrap: on
line diff
--- a/mod_auth_ldap/mod_auth_ldap.lua Fri Feb 13 10:44:23 2015 -0500 +++ b/mod_auth_ldap/mod_auth_ldap.lua Fri Feb 13 11:06:06 2015 -0500 @@ -19,14 +19,14 @@ local ld = nil; module.unload = function() if ld then pcall(ld, ld.close); end end -function ldap_search_once(args) +function ldap_do_once(method, ...) if ld == nil then local err; ld, err = lualdap.open_simple(ldap_server, ldap_rootdn, ldap_password, ldap_tls); if not ld then return nil, err, "reconnect"; end end - local success, iterator, invariant, initial = pcall(ld.search, ld, args); + local success, iterator, invariant, initial = pcall(ld[method], ld, ...); if not success then ld = nil; return nil, iterator, "search"; end local success, dn, attr = pcall(iterator, invariant, initial); @@ -35,10 +35,10 @@ return dn, attr, "return"; end -function ldap_search(args, retry_count) +function ldap_do(method, retry_count, ...) local dn, attr, where; for i=1,1+retry_count do - dn, attr, where = ldap_search_once(args); + dn, attr, where = ldap_do_once(method, ...); if dn or not(attr) then break; end -- nothing or something found module:log("warn", "LDAP: %s %s (in %s)", tostring(dn), tostring(attr), where); -- otherwise retry @@ -51,7 +51,7 @@ local function get_user(username) module:log("debug", "get_user(%q)", username); - for dn, attr in ldap_search({ + return ldap_do("search", 2, { base = ldap_base; scope = ldap_scope; sizelimit = 1; @@ -59,7 +59,7 @@ user = ldap_filter_escape(username); host = host; }); - }, 3) do return dn, attr; end + }); end local provider = {}; @@ -76,7 +76,7 @@ local dn, attr = get_user(username); if not dn then return nil, attr end if attr.userPassword == password then return true end - return ld:modify(dn, { '=', userPassword = password })(); + return ldap_do("modify", 2, dn, { '=', userPassword = password }); end if ldap_mode == "getpasswd" then