Add simple SASL support. Patch from Michael Raitza <spacefrogg-devel@meterriblecrew.net>.
FossilOrigin-Name: a2230a3b35e535d212a0e1d60f38b36a5d965fa6ef002b5539c68ea27287f990
This commit is contained in:
mahlon@laika.com
parent
b6c9631f9b
commit
648e7850ba
1 changed files with 16 additions and 6 deletions
22
shelldap
22
shelldap
|
|
@ -419,6 +419,7 @@ use warnings;
|
|||
use Term::ReadKey;
|
||||
use Term::Shell;
|
||||
use Digest::MD5;
|
||||
use Authen::SASL;
|
||||
use Net::LDAP qw/
|
||||
LDAP_SUCCESS
|
||||
LDAP_SERVER_DOWN
|
||||
|
|
@ -561,17 +562,24 @@ You may try connecting insecurely, or install the module and try again.\n} if $@
|
|||
}
|
||||
}
|
||||
|
||||
my $sasl;
|
||||
my $sasl_conn;
|
||||
if ($conf->{'mech'}) {
|
||||
my $serv = $conf->{'server'};
|
||||
$serv =~ s!^ldap[si]?://!!;
|
||||
$sasl = Authen::SASL->new(mechanism=>$conf->{'mech'});
|
||||
$sasl_conn = $sasl->client_new('ldap', $serv);
|
||||
}
|
||||
|
||||
# bind as an authenicated dn
|
||||
if ( $conf->{'binddn'} ) {
|
||||
$rv = $ldap->bind(
|
||||
$conf->{'binddn'},
|
||||
password => $conf->{'bindpass'}
|
||||
);
|
||||
}
|
||||
|
||||
password => $conf->{'bindpass'},
|
||||
sasl => $sasl_conn);
|
||||
# bind anonymously
|
||||
else {
|
||||
$rv = $ldap->bind();
|
||||
} else {
|
||||
$rv = $ldap->bind(sasl => $sasl_conn);
|
||||
}
|
||||
|
||||
my $err = $rv->error();
|
||||
|
|
@ -583,6 +591,7 @@ You may try connecting insecurely, or install the module and try again.\n} if $@
|
|||
|
||||
if ( $rv->code() ) {
|
||||
$err .= " (try the --tls flag?)" if $err =~ /confidentiality required/i;
|
||||
$err .= "\n" . $sasl->error() if $sasl;
|
||||
die "LDAP bind error: $err\n";
|
||||
}
|
||||
|
||||
|
|
@ -2188,6 +2197,7 @@ Getopt::Long::GetOptions(
|
|||
'cacheage=i',
|
||||
'promptpass|W',
|
||||
'timeout=i',
|
||||
'mech|Y=s',
|
||||
'tls_cacert=s',
|
||||
'tls_cert=s',
|
||||
'tls_key=s',
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue