From: Marco Bettini Date: Tue, 19 Mar 2024 13:50:45 +0000 (+0000) Subject: auth: db-ldap - Move validation to settings X-Git-Tag: 2.4.1~775 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=961275fdb54878fdfa4ee1b9f1a4f00e82bf4a83;p=thirdparty%2Fdovecot%2Fcore.git auth: db-ldap - Move validation to settings --- diff --git a/src/auth/db-ldap-settings.c b/src/auth/db-ldap-settings.c index 58e5433918..c945421759 100644 --- a/src/auth/db-ldap-settings.c +++ b/src/auth/db-ldap-settings.c @@ -170,6 +170,49 @@ static bool ldap_setting_check(void *_set, pool_t pool ATTR_UNUSED, } #endif + if (*set->base == '\0') { + *error_r = "No ldap_base given"; + return FALSE; + } + + if (*set->uris == '\0' && *set->hosts == '\0') { + *error_r = "Neither ldap_uris nor ldap_hosts set"; + return FALSE; + } + +#ifndef LDAP_HAVE_INITIALIZE + if (*set->uris != '\0') { + *error_r = "ldap_uris set, but Dovecot compiled without support for LDAP uris " + "(ldap_initialize() not supported by LDAP library)"; + return FALSE; + } +#endif + +#ifndef LDAP_HAVE_START_TLS_S + if (set->starttls) { + *error_r = "ldap_starttls=yes, but your LDAP library doesn't support TLS"; + return FALSE; + } +#endif + +#ifndef HAVE_LDAP_SASL + if (set->sasl_bind) { + *error_r = "ldap_sasl_bind=yes but no SASL support compiled in"; + return FALSE; + } +#endif + + if (set->version < 3) { + if (set->sasl_bind) { + *error_r = "ldap_sasl_bind=yes requires ldap_version=3"; + return FALSE; + } + if (set->starttls) { + *error_r = "ldap_starttls=yes requires ldap_version=3"; + return FALSE; + } + } + return TRUE; } diff --git a/src/auth/db-ldap.c b/src/auth/db-ldap.c index f256f13b71..3aefa56814 100644 --- a/src/auth/db-ldap.c +++ b/src/auth/db-ldap.c @@ -1700,32 +1700,6 @@ struct ldap_connection *db_ldap_init(struct event *event) conn->default_bind_msgid = -1; conn->fd = -1; - if (conn->set->base == NULL) - i_fatal("LDAP: No ldap_base given"); - - if (conn->set->uris == NULL && conn->set->hosts == NULL) - i_fatal("LDAP: Neither ldap_uris nor ldap_hosts set"); -#ifndef LDAP_HAVE_INITIALIZE - if (conn->set->uris != NULL) { - i_fatal("LDAP: ldap_uris set, but Dovecot compiled without support for LDAP uris " - "(ldap_initialize() not supported by LDAP library)"); - } -#endif -#ifndef LDAP_HAVE_START_TLS_S - if (conn->set->starttls) - i_fatal("LDAP: ldap_starttls=yes, but your LDAP library doesn't support TLS"); -#endif -#ifndef HAVE_LDAP_SASL - if (conn->set->sasl_bind) - i_fatal("LDAP: ldap_sasl_bind=yes but no SASL support compiled in"); -#endif - if (conn->set->version < 3) { - if (conn->set->sasl_bind) - i_fatal("LDAP: ldap_sasl_bind=yes requires ldap_version=3"); - if (conn->set->starttls) - i_fatal("LDAP: ldap_starttls=yes requires ldap_version=3"); - } - conn->event = event_create(auth_event); event_set_append_log_prefix(conn->event, "ldap: ");