Commit eebc475d authored by Ted Zlatanov's avatar Ted Zlatanov

Add `auth-source-search' integration for LDAP searches.

* net/ldap.el (ldap-search-internal): Add `auth-source-search'
integration for LDAP parameters.  The host, base, user or binddn,
and secret tokens can be specified in a netrc file, for instance.
This is optional because an `auth-source' parameter must be
specified in the search attributes.
parent 67613d31
2011-03-13 Teodor Zlatanov <tzz@lifelogs.com>
* net/ldap.el (ldap-search-internal): Add `auth-source-search'
integration for LDAP parameters. The host, base, user or binddn,
and secret tokens can be specified in a netrc file, for instance.
This is optional because an `auth-source' parameter must be
specified in the search attributes.
2011-03-13 Juanma Barranquero <lekktu@gmail.com>
* help.el (describe-mode): Link to the mode's definition (bug#8185).
......
......@@ -36,6 +36,8 @@
(require 'custom)
(eval-when-compile (require 'cl))
(autoload 'auth-source-search "auth-source")
(defgroup ldap nil
"Lightweight Directory Access Protocol."
:version "21.1"
......@@ -480,6 +482,22 @@ Additional search parameters can be specified through
"Perform a search on a LDAP server.
SEARCH-PLIST is a property list describing the search request.
Valid keys in that list are:
`auth-source', if non-nil, will use `auth-source-search' and
will grab the :host, :secret, :base, and (:user or :binddn)
tokens into the `host', `passwd', `base', and `binddn' parameters
respectively if they are not provided in SEARCH-PLIST. So for
instance *each* of these netrc lines has the same effect if you
ask for the host \"ldapserver:2400\":
machine ldapserver:2400 login myDN secret myPassword base myBase
machine ldapserver:2400 binddn myDN secret myPassword port ldap
login myDN secret myPassword base myBase
but if you have more than one in your netrc file, only the first
matching one will be used. Note the \"port ldap\" part is NOT
required.
`host' is a string naming one or more (blank-separated) LDAP servers to
to try to connect to. Each host name may optionally be of the form HOST:PORT.
`filter' is a filter string for the search as described in RFC 1558.
......@@ -500,19 +518,34 @@ not their associated values.
its distinguished name DN.
The function returns a list of matching entries. Each entry is itself
an alist of attribute/value pairs."
(let ((buf (get-buffer-create " *ldap-search*"))
(let* ((buf (get-buffer-create " *ldap-search*"))
(bufval (get-buffer-create " *ldap-value*"))
(host (or (plist-get search-plist 'host)
ldap-default-host))
;; find entries with port "ldap" that match the requested host if any
(asfound (when (plist-get search-plist 'auth-source)
(nth 0 (auth-source-search :host (or host t)
:create t))))
;; if no host was requested, get it from the auth-source entry
(host (or host (plist-get asfound :host)))
;; get the password from the auth-source
(passwd (or (plist-get search-plist 'passwd)
(plist-get asfound :secret)))
;; convert the password from a function call if needed
(passwd (if (functionp passwd) (funcall passwd) passwd))
;; get the binddn from the search-list or from the
;; auth-source user or binddn tokens
(binddn (or (plist-get search-plist 'binddn)
(plist-get asfound :user)
(plist-get asfound :binddn)))
(base (or (plist-get search-plist 'base)
(plist-get asfound :base)
ldap-default-base))
(filter (plist-get search-plist 'filter))
(attributes (plist-get search-plist 'attributes))
(attrsonly (plist-get search-plist 'attrsonly))
(base (or (plist-get search-plist 'base)
ldap-default-base))
(scope (plist-get search-plist 'scope))
(binddn (plist-get search-plist 'binddn))
(auth (plist-get search-plist 'auth))
(passwd (plist-get search-plist 'passwd))
(deref (plist-get search-plist 'deref))
(timelimit (plist-get search-plist 'timelimit))
(sizelimit (plist-get search-plist 'sizelimit))
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment