From: Arran Cudbard-Bell <a.cudbardb@freeradius.org>
Date: Mon, 15 Oct 2012 08:33:38 +0000 (+0100)
Subject: Add option to disable password check
X-Git-Tag: release_2_2_1~256
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9bd94fba2df0ddbb056bc687a85ed7a2595ae32a;p=thirdparty%2Ffreeradius-server.git

Add option to disable password check
---

diff --git a/src/modules/rlm_ldap/rlm_ldap.c b/src/modules/rlm_ldap/rlm_ldap.c
index 9d48264877f..885d25d1ecc 100644
--- a/src/modules/rlm_ldap/rlm_ldap.c
+++ b/src/modules/rlm_ldap/rlm_ldap.c
@@ -140,6 +140,7 @@ typedef struct {
 	int		is_url;
 	int		chase_referrals;
 	int		rebind;
+	int		expect_password;
 	char           *login;
 	char           *password;
 	char           *filter;
@@ -235,6 +236,8 @@ static const CONF_PARSER module_config[] = {
 	 offsetof(ldap_instance,port), NULL, "389"},
 	{"password", PW_TYPE_STRING_PTR,
 	 offsetof(ldap_instance,password), NULL, ""},
+	{"expect_password", PW_TYPE_BOOLEAN,
+	 offsetof(ldap_instance,expect_password), NULL, "yes"},
 	{"identity", PW_TYPE_STRING_PTR,
 	 offsetof(ldap_instance,login), NULL, ""},
 
@@ -1783,7 +1786,7 @@ static int ldap_authorize(void *instance, REQUEST * request)
 	*	More warning messages for people who can't be bothered
 	*	to read the documentation.
 	*/
-       if (debug_flag > 1) {
+       if (inst->expect_password && (debug_flag > 1)) {
 	       if (!pairfind(request->config_items, PW_CLEARTEXT_PASSWORD) &&
 		   !pairfind(request->config_items, PW_NT_PASSWORD) &&
 		   !pairfind(request->config_items, PW_USER_PASSWORD) &&