From 5a3b17d15162790d68b482b837a01b58b9569d60 Mon Sep 17 00:00:00 2001
From: Marco Bettini <marco.bettini@open-xchange.com>
Date: Wed, 27 Mar 2024 10:24:18 +0000
Subject: [PATCH] auth: ldap - Collapse ldap_pass_filter and ldap_user_filter
 into ldap_filter

---
 src/auth/db-ldap-settings.c |  6 ++----
 src/auth/db-ldap-settings.h |  3 +--
 src/auth/passdb-ldap.c      | 16 ++++++++--------
 src/auth/userdb-ldap.c      |  8 ++++----
 4 files changed, 15 insertions(+), 18 deletions(-)

diff --git a/src/auth/db-ldap-settings.c b/src/auth/db-ldap-settings.c
index a3600f8ace..c9bc857ebd 100644
--- a/src/auth/db-ldap-settings.c
+++ b/src/auth/db-ldap-settings.c
@@ -35,8 +35,7 @@ static const struct setting_define ldap_setting_defines[] = {
 	DEF(STR, base),
 	DEF(UINT, version),
 	DEF(STR, debug_level),
-	DEF(STR, user_filter),
-	DEF(STR, pass_filter),
+	DEF(STR, filter),
 	DEF(STRLIST, iterate_attrs),
 	DEF(STR, iterate_filter),
 	SETTING_DEFINE_LIST_END
@@ -58,8 +57,7 @@ static const struct ldap_settings ldap_default_settings = {
 	.base = "",
 	.version = 3,
 	.debug_level = "0",
-	.user_filter = "",
-	.pass_filter = "",
+	.filter = "",
 	.iterate_attrs = ARRAY_INIT,
 	.iterate_filter = "",
 };
diff --git a/src/auth/db-ldap-settings.h b/src/auth/db-ldap-settings.h
index 7028f1f2c8..f6973db45d 100644
--- a/src/auth/db-ldap-settings.h
+++ b/src/auth/db-ldap-settings.h
@@ -20,8 +20,7 @@ struct ldap_settings {
 
 	const char *debug_level;
 
-	const char *user_filter;
-	const char *pass_filter;
+	const char *filter;
 	const char *iterate_filter;
 
 	ARRAY_TYPE(const_string) iterate_attrs;
diff --git a/src/auth/passdb-ldap.c b/src/auth/passdb-ldap.c
index ccaddc6ff1..d2bf79e201 100644
--- a/src/auth/passdb-ldap.c
+++ b/src/auth/passdb-ldap.c
@@ -87,7 +87,7 @@ ldap_lookup_finish(struct auth_request *auth_request,
 		auth_request_db_log_unknown_user(auth_request);
 	} else if (ldap_request->entries > 1) {
 		e_error(authdb_event(auth_request),
-			"pass_filter matched multiple objects, aborting");
+			"ldap_filter matched multiple objects, aborting");
 		passdb_result = PASSDB_RESULT_INTERNAL_FAILURE;
 	} else if (auth_request->passdb_password == NULL &&
 		   ldap_request->require_password &&
@@ -229,7 +229,7 @@ ldap_bind_lookup_dn_fail(struct auth_request *auth_request,
 	} else {
 		i_assert(request->entries > 1);
 		e_error(authdb_event(auth_request),
-			"pass_filter matched multiple objects, aborting");
+			"ldap_filter matched multiple objects, aborting");
 		passdb_result = PASSDB_RESULT_INTERNAL_FAILURE;
 	}
 
@@ -310,11 +310,11 @@ static void ldap_lookup_pass(struct auth_request *auth_request,
 	srequest->base = p_strdup(auth_request->pool, str_c(str));
 
 	str_truncate(str, 0);
-	if (auth_request_var_expand(str, conn->set->pass_filter,
+	if (auth_request_var_expand(str, conn->set->filter,
 				    auth_request, ldap_escape, &error) <= 0) {
 		e_error(authdb_event(auth_request),
-			"Failed to expand pass_filter=%s: %s",
-			conn->set->pass_filter, error);
+			"Failed to expand ldap_filter=%s: %s",
+			conn->set->filter, error);
 		passdb_ldap_request_fail(request, PASSDB_RESULT_INTERNAL_FAILURE);
 		return;
 	}
@@ -356,11 +356,11 @@ static void ldap_bind_lookup_dn(struct auth_request *auth_request,
 	srequest->base = p_strdup(auth_request->pool, str_c(str));
 
 	str_truncate(str, 0);
-	if (auth_request_var_expand(str, conn->set->pass_filter,
+	if (auth_request_var_expand(str, conn->set->filter,
 				    auth_request, ldap_escape, &error) <= 0) {
 		e_error(authdb_event(auth_request),
-			"Failed to expand pass_filter=%s: %s",
-			conn->set->pass_filter, error);
+			"Failed to expand filter=%s: %s",
+			conn->set->filter, error);
 		passdb_ldap_request_fail(request, PASSDB_RESULT_INTERNAL_FAILURE);
 		return;
 	}
diff --git a/src/auth/userdb-ldap.c b/src/auth/userdb-ldap.c
index 5d3ed1832b..8b18dd236f 100644
--- a/src/auth/userdb-ldap.c
+++ b/src/auth/userdb-ldap.c
@@ -78,7 +78,7 @@ userdb_ldap_lookup_finish(struct auth_request *auth_request,
 		auth_request_db_log_unknown_user(auth_request);
 	} else if (urequest->entries > 1) {
 		e_error(authdb_event(auth_request),
-			"user_filter matched multiple objects, aborting");
+			"ldap_filter matched multiple objects, aborting");
 		result = USERDB_RESULT_INTERNAL_FAILURE;
 	} else {
 		result = USERDB_RESULT_OK;
@@ -137,11 +137,11 @@ static void userdb_ldap_lookup(struct auth_request *auth_request,
 	request->request.base = p_strdup(auth_request->pool, str_c(str));
 
 	str_truncate(str, 0);
-	if (auth_request_var_expand(str, conn->set->user_filter, auth_request,
+	if (auth_request_var_expand(str, conn->set->filter, auth_request,
 				    ldap_escape, &error) <= 0) {
 		e_error(authdb_event(auth_request),
-			"Failed to expand user_filter=%s: %s",
-			conn->set->user_filter, error);
+			"Failed to expand ldap_filter=%s: %s",
+			conn->set->filter, error);
 		callback(USERDB_RESULT_INTERNAL_FAILURE, auth_request);
 		return;
 	}
-- 
2.47.3