apple / cups

Apple CUPS Sources
https://www.cups.org
Apache License 2.0
1.95k stars 464 forks source link

LDAP Browse Improvements #1962

Closed michaelrsweet closed 16 years ago

michaelrsweet commented 18 years ago

Version: 1.4-feature CUPS.org User: krumboeck

This patch improves LDAP Browsing support:

) Try reconnecting to LDAP Server (in case of temporary failures) ) Rebind Connection when update referral is set (only OpenLDAP) ) Only Update when data has changed (to avoid unnecessary LDAP replications) ) Extended LDAP Schema from http://www.cups.org/str.php?L338

Please add the file printer.schema to the cups package.

PS: Maybe someone has an idea how to delete old LDAP entries?

best regards! Bernd

michaelrsweet commented 18 years ago

CUPS.org User: krumboeck

Some example patches and a shell script which show how BrowseTimeout could be handled.

Maybe there should be created a "real" BrowseLDAPForceUpdateInterval.

The shellscript should run as cronjob on the LDAP Server. Maybe we should rewrite it in C (but it shouldn't require a whole cups installation to run).

best regards! Bernd

michaelrsweet commented 18 years ago

CUPS.org User: krumboeck

Another patch:

) Removed hardcoded string "ou=printers" in distinguished name ) Support for multiple servers

LDAP tree for BrowseLDAPDN "ou=browse, ou=cups, o=organization c=country" looks like this:

c=country o=organization ou=cups ou=browse ou=printserver1 cn=printer1 cn=printer2 ou=printserver2 cn=printer1 cn=printer2 cn=printer3 ou=printserver3 cn=printer3 ...

I think all of this features are needed to use ldap in a real production environment. Is it possible to add them in 1.2.4 or at least in any later 1.2.x?

best regards! Bernd

michaelrsweet commented 18 years ago

CUPS.org User: mike

These changes cannot be part of 1.2.x, as they add a new feature to the current code.

That said, 1.3 isn't too far off, so we can assign this to 1.3.x...

michaelrsweet commented 18 years ago

CUPS.org User: krumboeck

Thanks for your answer!

Two (quick) fixes:

cups-1.2.3-ldap-idle.patch: If idletimeout from ldap is less than BrowseInterval the connection time out and browsing doesn't work as expected. Nevertheless the value for idletimeout (in LDAP) should be greater than BrowseInterval!

cups-1.2.3-ldap-startup.patch: LDAP Browsing shouldn't be disabled when ldap server is not reachable at startup. Startup dependencies can only be handled on a local machine, not in large environments.

Sorry for some redundant code segments. I know my coding style is not very elegant.

best regards! Bernd

michaelrsweet commented 17 years ago

CUPS.org User: krumboeck

The changes in cups-1.2.7-ldaprefresh-dirsvc.c.patch and cups-1.2.7-ldapupdates.patch will improve the behavior if ldap server is down.

At least the error log file is more readable now. ;)

regards! Bernd

michaelrsweet commented 17 years ago

CUPS.org User: mike

Can you post a single patch with all of the current changes in it? I'm not sure what to apply here...

michaelrsweet commented 17 years ago

CUPS.org User: krumboeck

Sadly I'm ill (burout syndrom), so every work at the moment is nearly impossible for me.

I uploaded two patches instead of one single file: cups-ldap.patch ... contains any changes except the patch below cups-ldap-redupd.patch ... patch to reduce ldap updates (at least a try)

Two other files are needed: printer.schema ... ldap schema for cups browsing (draft) cups-ldap-cleanup_v2 ... deletes old cups ldap entries (maybe someone could rewrite it in C)

Above patches were created against 1.3svn-r6605. Didn't do any compile or runtime tests, because I don't have the equipment and physical power at the moment.

Sadly the code is not very clean, but I hope it helps for you.

michaelrsweet commented 17 years ago

CUPS.org User: mike

In the interests of getting 1.3 out and not introducing buggy code, I'm going to defer these changes to 1.4 when we can spend more time on this.

Thanks for all your work on this, and get better soon! :)

michaelrsweet commented 17 years ago

CUPS.org User: krumboeck

It's a pity (because the usability of the ldap code in 1.2/1.3 is very limited). But a wise decision.

Maybe someone can help me testing, when I can continue my work? Any good or bad test results are welcome.

michaelrsweet commented 17 years ago

CUPS.org User: pipitas

I'm willing to help you with testing once the patches are in a state that may be applied (or once there is an 'ldap_improvements' branch in CUPS SVN).

But be aware: I'm a beginner in all things LDAP...

michaelrsweet commented 17 years ago

CUPS.org User: krumboeck

Instructions for testers:

Changes:

ToDo:

Have a lot of fun!

michaelrsweet commented 17 years ago

CUPS.org User: krumboeck

Filename of the patch: cups-1.3.0-ldapimp-2.patch Hopefully the last release of this patch.

Please use the above instructions to install this patch.

Changes: ) Deregister LDAP Server ) Some search optimizations

LDAP server configuration: Create an index for the attribute cn, if you have tons of printers.

michaelrsweet commented 17 years ago

CUPS.org User: krumboeck

Patch: cups-1.3.2-ldapimp.patch

Changes:

michaelrsweet commented 16 years ago

CUPS.org User: mike

Fixed in Subversion repository.

michaelrsweet commented 16 years ago

"cups-1.2.3-ldap_dirsvc.patch":

*\ scheduler/dirsvc.c.orig Wed Sep 6 11:10:18 2006 --- scheduler/dirsvc.c Thu Sep 7 08:30:29 2006


* 28,33 ** --- 28,34 ----


* 1015,1020 ** --- 1037,1052 ---- } else {


* 1541,1546 ** --- 1649,1658 ---- cupsdLogMessage(CUPSD_LOG_ERROR, "LDAP search returned error %d: %s", rc, ldap_err2string(rc));


* 1561,1567 ** * Get the required values from this entry... */

! if ((value = ldap_get_values(BrowseLDAPHandle, e, "printerDescription")) == NULL) continue;

--- 1673,1679 ---- * Get the required values from this entry... */

! if ((value = (char **) ldap_get_values(BrowseLDAPHandle, e, "printerDescription")) == NULL) continue;


* 1568,1574 ** strlcpy(info, *value, sizeof(info)); ldap_value_free(value);

! if ((value = ldap_get_values(BrowseLDAPHandle, e, "printerLocation")) == NULL) continue;

--- 1680,1686 ---- strlcpy(info, *value, sizeof(info)); ldap_value_free(value);

! if ((value = (char **) ldap_get_values(BrowseLDAPHandle, e, "printerLocation")) == NULL) continue;


* 1575,1581 ** strlcpy(location, *value, sizeof(location)); ldap_value_free(value);

! if ((value = ldap_get_values(BrowseLDAPHandle, e, "printerMakeAndModel")) == NULL) continue;

--- 1687,1693 ---- strlcpy(location, *value, sizeof(location)); ldap_value_free(value);

! if ((value = (char **) ldap_get_values(BrowseLDAPHandle, e, "printerMakeAndModel")) == NULL) continue;


* 1582,1588 ** strlcpy(make_model, *value, sizeof(make_model)); ldap_value_free(value);

! if ((value = ldap_get_values(BrowseLDAPHandle, e, "printerType")) == NULL) continue;

--- 1694,1700 ---- strlcpy(make_model, *value, sizeof(make_model)); ldap_value_free(value);

! if ((value = (char **) ldap_get_values(BrowseLDAPHandle, e, "printerType")) == NULL) continue;


* 1589,1595 ** type = atoi(*value); ldap_value_free(value);

! if ((value = ldap_get_values(BrowseLDAPHandle, e, "printerURI")) == NULL) continue;

--- 1701,1707 ---- type = atoi(*value); ldap_value_free(value);

! if ((value = (char **) ldap_get_values(BrowseLDAPHandle, e, "printerURI")) == NULL) continue;


* 2684,2690 ** int i; /* Looping var... / LDAPMod mods[7]; / The 7 attributes we will be adding / LDAPMod *pmods[8]; / Pointers to the 7 attributes + NULL / ! LDAPMessage *res; / Search result token _/ char cnvalue[2], / Change records _/ uri[2], info[2], --- 2796,2803 ---- int i; / Looping var... / LDAPMod mods[7]; / The 7 attributes we will be adding / LDAPMod pmods[8]; / Pointers to the 7 attributes + NULL / ! LDAPMessage res, / Search result token / ! e; / Current entry from search / char cnvalue[2], / Change records / uri[2], info[2],


* 2702,2708 ** --- 2815,2829 ---- "cupsPrinter", NULL };

! ldap_search_s(BrowseLDAPHandle, BrowseLDAPDN, LDAP_SCOPE_SUBTREE, filter, (char **)ldap_attrs, 0, &res); cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: Searching \"%s\"", filter);

mods[0].mod_type = "cn";
mods[0].mod_values = cn_value;

--- 2848,2866 ---- snprintf(filter, sizeof(filter), "(&(objectclass=cupsPrinter)(printerURI=%s))", p->uri);

! rc = ldap_search_s(BrowseLDAPHandle, BrowseLDAPDN, LDAP_SCOPE_SUBTREE, filter, (char **)ldap_attrs, 0, &res); cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: Searching \"%s\"", filter);

! cupsdLogMessage(CUPSD_LOG_DEBUG2, ! "send_ldap_browse: Replacing entry...");

! for (i = 0; i < 7; i ++) { ! pmods[i] = mods + i; ! pmods[i]->mod_op = LDAP_MOD_REPLACE; } ! pmods[i] = NULL;

! if ((rc = ldap_modify_s(BrowseLDAPHandle, dn, pmods)) != LDAP_SUCCESS) ! cupsdLogMessage(CUPSD_LOG_ERROR, ! "LDAP modify for %s failed with status %d: %s", ! p->name, rc, ldap_err2string(rc)); } else { --- 2883,2999 ---- if (ldap_count_entries(BrowseLDAPHandle, res) > 0) { / ! * Printer has already been registered, check if ! * modification is required... /

! e = ldap_first_entry(BrowseLDAPHandle, res);

! / ! * Get the required values from this entry... ! _/ ! ! if ((value = (char _) ldap_get_values(BrowseLDAPHandle, e, ! "printerDescription")) == NULL) { ! cupsdLogMessage(CUPSD_LOG_DEBUG, ! "send_ldap_browse: ldap_get printerDescription failed!"); ! old_info[0] = '\0'; } ! else ! { ! strlcpy(old_info, *value, sizeof(old_info)); ! ldap_value_free(value); ! }

! if ((value = (char _) ldap_get_values(BrowseLDAPHandle, e, ! "printerLocation")) == NULL) ! { ! cupsdLogMessage(CUPSD_LOG_DEBUG, ! "send_ldap_browse: ldap_get printerLocation failed!"); ! old_location[0] = '\0'; ! } ! else ! { ! strlcpy(old_location, value, sizeof(old_location)); ! ldap_valuefree(value); ! } ! ! if ((value = (char *) ldap_get_values(BrowseLDAPHandle, e, ! "printerMakeAndModel")) == NULL) ! { ! cupsdLogMessage(CUPSD_LOG_DEBUG, ! "send_ldap_browse: ldap_get printerMakeAndModel failed!"); ! old_make_model[0] = '\0'; ! } ! else ! { ! strlcpy(old_make_model, _value, sizeof(old_make_model)); ! ldap_valuefree(value); ! } ! ! if ((value = (char *) ldap_get_values(BrowseLDAPHandle, e, ! "printerType")) == NULL) ! { ! cupsdLogMessage(CUPSD_LOG_DEBUG, ! "send_ldap_browse: ldap_get printerType failed!"); ! old_type = 0; ! } ! else ! { ! old_type = atoi(_value); ! ldap_valuefree(value); ! } ! ! if ((value = (char *) ldap_get_values(BrowseLDAPHandle, e, ! "printerURI")) == NULL) ! { ! cupsdLogMessage(CUPSD_LOG_DEBUG, ! "send_ldap_browse: ldap_get printerURI failed!"); ! old_uri[0] = '\0'; ! } ! else ! { ! strlcpy(old_uri, _value, sizeof(old_uri)); ! ldap_value_free(value); ! } ! ! if ( ( strcmp(info[0], old_info) == 0 ) ! && ( strcmp(uri[0], old_uri) == 0 ) ! && ( strcmp(location[0], old_location) == 0 ) ! && ( strcmp(make_model[0], old_make_model) == 0 ) ! && ( p->type == old_type )) ! { ! cupsdLogMessage(CUPSD_LOG_DEBUG2, ! "send_ldapbrowse: No update required"); ! } ! else ! { ! ! / ! * Printer has already been registered, modify the current ! * registration... ! */ ! ! cupsdLogMessage(CUPSD_LOG_DEBUG2, ! "send_ldap_browse: Replacing entry..."); ! ! for (i = 0; i < 7; i ++) ! { ! pmods[i] = mods + i; ! pmods[i]->mod_op = LDAP_MOD_REPLACE; ! } ! pmods[i] = NULL; ! ! if ((rc = ldap_modify_s(BrowseLDAPHandle, dn, pmods)) != LDAP_SUCCESS) ! { ! cupsdLogMessage(CUPSD_LOG_ERROR, ! "LDAP modify for %s failed with status %d: %s", ! p->name, rc, ldap_err2string(rc)); ! if ( LDAP_SERVER_DOWN == rc ) ! cupsdReconnectLDAP(); ! } ! } } else {


* 2790,2798 ** --- 3013,3025 ---- pmods[i] = NULL;

  if ((rc = ldap_add_s(BrowseLDAPHandle, dn, pmods)) != LDAP_SUCCESS)
michaelrsweet commented 16 years ago

"cups-1.2.3-ldaptimeout-conf.c.patch":

*\ scheduler/conf.c.orig Fri Sep 8 21:24:30 2006 --- scheduler/conf.c Fri Sep 8 21:27:06 2006


* 95,100 ** --- 95,101 ---- { "BrowseLDAPPassword", &BrowseLDAPPassword, CUPSD_VARTYPE_STRING }, { "BrowseLDAPServer", &BrowseLDAPServer, CUPSD_VARTYPE_STRING }, { "BrowseLDAPCaCertFile", &BrowseLDAPCaCertFile, CUPSD_VARTYPE_STRING },

michaelrsweet commented 16 years ago

"cups-1.2.3-ldaptimeout-dirsvc.h.patch":

*\ scheduler/dirsvc.h.orig Fri Sep 8 21:24:39 2006 --- scheduler/dirsvc.h Fri Sep 8 22:30:00 2006


* 158,163 ** --- 158,167 ---- /* LDAP server to use / *BrowseLDAPCaCertFile VALUE(NULL); / LDAP CA CERT file to use */

michaelrsweet commented 16 years ago

"cups-1.2.3-ldaptimeout-dirsvc.c.patch":

*\ scheduler/dirsvc.c.orig Fri Sep 8 21:24:42 2006 --- scheduler/dirsvc.c Fri Sep 8 22:44:44 2006


* 2968,2978 ** ldap_value_free(value); }

  if ( ( strcmp(info[0], old_info) == 0 )
     && ( strcmp(uri[0], old_uri) == 0 )
     && ( strcmp(location[0], old_location) == 0 )
     && ( strcmp(make_model[0], old_make_model) == 0 )

! && ( p->type == old_type )) { cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: No update required"); --- 2968,2987 ---- ldap_value_free(value); }

michaelrsweet commented 16 years ago

"cups-1.2.3-ldap_multiple.patch":

*\ scheduler/dirsvc.c.orig Mon Sep 11 10:05:12 2006 --- scheduler/dirsvc.c Mon Sep 11 12:50:13 2006


* 46,51 ** --- 46,52 ----


* 2887,2893 ** mods[6].mod_type = "objectClass"; mods[6].mod_values = (char **)objectClass_values;

! snprintf(dn, sizeof(dn), "cn=%s,ou=printers,%s", p->name, BrowseLDAPDN); cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: dn=\"%s\"", dn);

if (ldap_count_entries(BrowseLDAPHandle, res) > 0)

--- 3005,3011 ---- mods[6].mod_type = "objectClass"; mods[6].mod_values = (char **)objectClass_values;

! snprintf(dn, sizeof(dn), "cn=%s, ou=%s, %s", p->name, ServerName, BrowseLDAPDN); cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: dn=\"%s\"", dn);

if (ldap_count_entries(BrowseLDAPHandle, res) > 0)

* 3022,3027 ** --- 3140,3147 ---- * Printer has never been registered, add the current * registration... */

michaelrsweet commented 16 years ago

"cups-1.2.3-ldap-idle.patch":

*\ scheduler/dirsvc.c.orig2 Wed Sep 13 13:52:15 2006 --- scheduler/dirsvc.c Wed Sep 13 14:02:26 2006


* 1655,1669 **

rc = ldap_search_s(BrowseLDAPHandle, BrowseLDAPDN, LDAP_SCOPE_SUBTREE,
                   "(objectclass=cupsPrinter)", (char **)ldap_attrs, 0, &res);

! if (rc != LDAP_SUCCESS) { cupsdLogMessage(CUPSD_LOG_ERROR, "LDAP search returned error %d: %s", rc, ldap_err2string(rc));

! if ( LDAP_SERVER_DOWN == rc ) ! cupsdReconnectLDAP(); ! return; }

--- 1655,1676 ----

rc = ldap_search_s(BrowseLDAPHandle, BrowseLDAPDN, LDAP_SCOPE_SUBTREE,
                   "(objectclass=cupsPrinter)", (char **)ldap_attrs, 0, &res);

! ! if ( LDAP_SERVER_DOWN == rc ) { cupsdLogMessage(CUPSD_LOG_ERROR, "LDAP search returned error %d: %s", rc, ldap_err2string(rc));

! if (rc != LDAP_SUCCESS) ! { ! cupsdLogMessage(CUPSD_LOG_ERROR, ! "LDAP search returned error %d: %s", rc, ! ldap_err2string(rc)); return; }


* 2849,2861 ** filter, (char **)ou_attrs, 0, &res); cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_ou: Searching \"%s\"", filter); if ( rc != LDAP_SUCCESS ) { cupsdLogMessage(CUPSD_LOG_ERROR, "send_ldap_ou: LDAP search failed with status %d: %s",

rc, ldap_err2string(rc));

--- 2856,2876 ---- filter, (char **)ou_attrs, 0, &res); cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_ou: Searching \"%s\"", filter);


* 2980,2992 ** filter, (char **)ldap_attrs, 0, &res); cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: Searching \"%s\"", filter); if ( rc != LDAP_SUCCESS ) { cupsdLogMessage(CUPSD_LOG_ERROR, "send_ldap_browse: LDAP search failed with status %d: %s",

rc, ldap_err2string(rc));

--- 2995,3015 ---- filter, (char **)ldap_attrs, 0, &res); cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: Searching \"%s\"", filter);

michaelrsweet commented 16 years ago

"cups-1.2.3-ldap-startup.patch":

*\ scheduler/dirsvc.c.orig Thu Sep 14 07:29:06 2006 --- scheduler/dirsvc.c Thu Sep 14 08:00:16 2006


* 1069,1078 ** { cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to bind to LDAP server; " ! "disabling LDAP browsing!"); ldap_unbind_ext(BrowseLDAPHandle, NULL, NULL); ! BrowseLocalProtocols &= ~BROWSE_LDAP; ! BrowseRemoteProtocols &= ~BROWSE_LDAP; } } } --- 1069,1077 ---- { cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to bind to LDAP server; " ! "We will try again later!"); ldap_unbind_ext(BrowseLDAPHandle, NULL, NULL); ! BrowseLDAPHandle = NULL; } } }


* 1646,1651 ** --- 1645,1660 ----

/*


* 2834,2839 ** --- 2843,2858 ----

cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_ou: %s\n", ou);

* 2968,2973 ** --- 2987,3002 ----

cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: %s\n", p->name);
michaelrsweet commented 16 years ago

"cups-1.2.7-ldaprefresh-dirsvc.c.patch":

*\ scheduler/dirsvc.c.orig2 2007-01-05 11:12:14.000000000 +0100 --- scheduler/dirsvc.c 2007-01-05 11:14:14.000000000 +0100


* 1656,1661 ** --- 1656,1669 ----

/*


* 1665,1678 ** return; }

- */

- cupsdLogMessage(CUPSD_LOG_DEBUG2, "UpdateLDAPBrowse: %s", ServerName);

- BrowseLDAPRefresh = time(NULL) + BrowseInterval;

rc = ldap_search_s(BrowseLDAPHandle, BrowseLDAPDN, LDAP_SCOPE_SUBTREE,
                   "(objectclass=cupsPrinter)", (char **)ldap_attrs, 0, &res);

--- 1673,1678 ----

michaelrsweet commented 16 years ago

"cups-1.2.7-ldapupdates.patch":

*\ scheduler/dirsvc.h.orig2 2007-01-06 18:13:04.000000000 +0100 --- scheduler/dirsvc.h 2007-01-06 18:15:12.000000000 +0100


* 160,167 ** /* LDAP CA CERT file to use / VAR int BrowseLDAPForceUpdate VALUE(0), / Force update every N-th browse intervals / ! BrowseLDAPIntervalCounter VALUE(30000); / browse interval counter _/

endif /_ HAVE_LDAP */

--- 160,169 ---- /* LDAP CA CERT file to use / VAR int BrowseLDAPForceUpdate VALUE(0), / Force update every N-th browse intervals / ! BrowseLDAPIntervalCounter VALUE(30000), / browse interval counter */

*\ scheduler/dirsvc.c.orig2 2007-01-06 17:52:03.000000000 +0100 --- scheduler/dirsvc.c 2007-01-06 18:53:31.000000000 +0100


* 1691,1698 ** --- 1691,1710 ---- cupsdLogMessage(CUPSD_LOG_ERROR, "LDAP search returned error %d: %s", rc, ldap_err2string(rc));


* 3050,3055 ** --- 3066,3077 ---- cupsdLogMessage(CUPSD_LOG_ERROR, "send_ldap_browse: LDAP search failed with status %d: %s", rc, ldap_err2string(rc));

michaelrsweet commented 16 years ago

"cups-ldap.patch":

diff -ur cups-1.3svn-r6605/scheduler/dirsvc.c cups-1.3svn-r6605-bek/scheduler/dirsvc.c --- cups-1.3svn-r6605/scheduler/dirsvc.c 2007-06-21 20:22:22.000000000 +0200 +++ cups-1.3svn-r6605-bek/scheduler/dirsvc.c 2007-07-11 17:40:18.000000000 +0200 @@ -31,6 +31,7 @@

+#if defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000) +/*

@@ -1398,15 +1506,48 @@

BrowseLDAPRefresh = time(NULL) + BrowseInterval;

@@ -2993,6 +3134,141 @@

ifdef HAVE_OPENLDAP

/*

@@ -3002,7 +3278,8 @@ int i; /* Looping var... / LDAPMod mods[7]; / The 7 attributes we will be adding / LDAPMod *pmods[8]; / Pointers to the 7 attributes + NULL */

@@ -3045,11 +3344,34 @@ snprintf(filter, sizeof(filter), "(&(objectclass=cupsPrinter)(printerURI=%s))", p->uri);

@@ -3108,9 +3525,13 @@ pmods[i] = NULL;

 if ((rc = ldap_add_s(BrowseLDAPHandle, dn, pmods)) != LDAP_SUCCESS)
michaelrsweet commented 16 years ago

"cups-ldap-redupd.patch":

diff -ur cups-1.3svn-r6605-bek/scheduler/conf.c cups-1.3svn-r6605-bek2/scheduler/conf.c --- cups-1.3svn-r6605-bek/scheduler/conf.c 2007-06-04 16:38:43.000000000 +0200 +++ cups-1.3svn-r6605-bek2/scheduler/conf.c 2007-07-11 17:53:33.000000000 +0200 @@ -94,6 +94,7 @@ { "BrowseLDAPDN", &BrowseLDAPDN, CUPSD_VARTYPE_STRING }, { "BrowseLDAPPassword", &BrowseLDAPPassword, CUPSD_VARTYPE_STRING }, { "BrowseLDAPServer", &BrowseLDAPServer, CUPSD_VARTYPE_STRING },

diff -ur cups-1.3svn-r6605-bek/scheduler/dirsvc.h cups-1.3svn-r6605-bek2/scheduler/dirsvc.h --- cups-1.3svn-r6605-bek/scheduler/dirsvc.h 2007-07-11 17:59:36.000000000 +0200 +++ cups-1.3svn-r6605-bek2/scheduler/dirsvc.h 2007-07-11 17:58:45.000000000 +0200 @@ -156,8 +156,12 @@ /* LDAP login password / *BrowseLDAPServer VALUE(NULL), / LDAP server to use / -VAR int BrowseLDAPUpdate VALUE(TRUE); +VAR int BrowseLDAPUpdate VALUE(TRUE), / enables LDAP updates */

michaelrsweet commented 16 years ago

"cups-1.3.0-ldapimp.patch":

*\ config-scripts/cups-ldap.m4 Wed Jul 11 23:46:42 2007 --- ../../BUILD/cups-1.3.0/config-scripts/cups-ldap.m4 Thu Sep 13 11:44:47 2007


* 14,24 ** dnl

AC_ARG_ENABLE(ldap, [ --enable-ldap turn on LDAP support, default=yes]) ! AC_ARG_WITH(openldap-libs, [ --with-openldap-libs set directory for OpenLDAP library], LDFLAGS="-L$withval $LDFLAGS" DSOFLAGS="-L$withval $DSOFLAGS",) ! AC_ARG_WITH(openldap-includes, [ --with-openldap-includes ! set directory for OpenLDAP includes], CFLAGS="-I$withval $CFLAGS" CXXFLAGS="-I$withval $CXXFLAGS" CPPFLAGS="-I$withval $CPPFLAGS",) --- 14,24 ---- dnl

AC_ARG_ENABLE(ldap, [ --enable-ldap turn on LDAP support, default=yes]) ! AC_ARG_WITH(ldap-libs, [ --with-ldap-libs set directory for LDAP library], LDFLAGS="-L$withval $LDFLAGS" DSOFLAGS="-L$withval $DSOFLAGS",) ! AC_ARG_WITH(ldap-includes, [ --with-ldap-includes ! set directory for LDAP includes], CFLAGS="-I$withval $CFLAGS" CXXFLAGS="-I$withval $CXXFLAGS" CPPFLAGS="-I$withval $CPPFLAGS",)


* 26,36 ** LIBLDAP=""

if test x$enable_ldap != xno; then ! AC_CHECK_HEADER(ldap.h, AC_CHECK_LIB(ldap, ldap_initialize, ! AC_DEFINE(HAVE_LDAP) ! AC_DEFINE(HAVE_OPENLDAP) ! LIBLDAP="-lldap")) fi

AC_SUBST(LIBLDAP) --- 26,49 ---- LIBLDAP=""

if test x$enable_ldap != xno; then ! AC_CHECK_HEADER(ldap.h, [ AC_CHECK_LIB(ldap, ldap_initialize, ! AC_DEFINE(HAVE_LDAP) ! AC_DEFINE(HAVE_OPENLDAP) ! LIBLDAP="-lldap" ! AC_CHECK_LIB(ldap, ldap_start_tls, ! AC_DEFINE(HAVE_LDAP_SSL)) ! , ! AC_CHECK_LIB(ldap, ldap_init, ! AC_DEFINE(HAVE_LDAP) ! AC_DEFINE(HAVE_MOZILLA_LDAP) ! LIBLDAP="-lldap" ! AC_CHECK_HEADER(ldap_ssl.h, AC_DEFINE(HAVE_LDAP_SSL_H),,[#include ]) ! AC_CHECK_LIB(ldap, ldapssl_init, ! AC_DEFINE(HAVE_LDAP_SSL))) ! ) ! AC_CHECK_LIB(ldap, ldap_set_rebind_proc, AC_DEFINE(HAVE_LDAP_REBIND_PROC)) ! ]) fi

AC_SUBST(LIBLDAP) *\ config.h.in Wed Aug 1 21:02:47 2007 --- ../../BUILD/cups-1.3.0/config.h.in Thu Sep 13 11:44:47 2007


* 297,302 ** --- 297,306 ----

undef HAVE_LDAP

undef HAVE_OPENLDAP

! #ifdef HAVE_OPENLDAP

ifdef __sun

include

endif /* _sun /

include

! #endif /_ HAVE_OPENLDAP */

/*

! #ifdef HAVE_LDAP

ifdef __sun

include

endif /* _sun /

include

! # ifdef HAVE_LDAP_SSL_H ! # include ! # endif /_ HAVE_LDAP_SSLH / ! #endif /_ HAVE_LDAP */

/*

--- 146,159 ---- /* LDAP search DN / *BrowseLDAPPassword VALUE(NULL), / LDAP login password / ! *BrowseLDAPServer VALUE(NULL); / LDAP server to use / ! VAR int BrowseLDAPUpdate VALUE(TRUE); ! / enables LDAP updates _/ ! # ifdef HAVE_LDAPSSL ! VAR char *BrowseLDAPCACertFile VALUE(NULL); / LDAP CA CERT file to use */

*\ scheduler/dirsvc.c Thu Jul 19 21:09:46 2007 --- ../../BUILD/cups-1.3.0/scheduler/dirsvc.c Thu Sep 13 11:44:48 2007


* 44,49 ** --- 44,58 ----

! #ifdef HAVE_OPENLDAP static const char * const ldap_attrs[] =/* CUPS LDAP attributes */ { "printerDescription", --- 138,144 ---- static void update_polling(void);

! #ifdef HAVE_LDAP static const char * const ldap_attrs[] =/* CUPS LDAP attributes */ { "printerDescription",


* 111,117 ** "printerURI", NULL }; ! #endif /* HAVE_OPENLDAP */

ifdef HAVE_LIBSLP

/ --- 148,154 ---- "printerURI", NULL }; ! #endif /* HAVE_LDAP /

ifdef HAVE_LIBSLP

/*


* 214,219 ** --- 251,261 ---- slp_dereg_printer(p);

endif /* HAVE_LIBSLP */


* 1047,1053 ** BrowseSLPHandle = NULL;

endif /* HAVE_LIBSLP */

! #ifdef HAVE_OPENLDAP if ((BrowseLocalProtocols | BrowseRemoteProtocols) & BROWSE_LDAP) { if (!BrowseLDAPDN) --- 1508,1514 ---- BrowseSLPHandle = NULL;

endif /* HAVE_LIBSLP */

! #ifdef HAVE_LDAP if ((BrowseLocalProtocols | BrowseRemoteProtocols) & BROWSE_LDAP) { if (!BrowseLDAPDN)


* 1059,1142 ** } else { ! /* ! * Open LDAP handle... ! / ! ! int rc; / LDAP API status / ! int version = 3; / LDAP version / ! struct berval bv = {0, ""}; / SASL bind value / ! ! ! / ! * Set the certificate file to use for encrypted LDAP sessions... ! _/ ! ! if (BrowseLDAPCACertFile) ! { ! cupsdLogMessage(CUPSD_LOG_DEBUG, ! "cupsdStartBrowsing: Setting CA certificate file \"%s\"", ! BrowseLDAPCACertFile); ! ! if ((rc = ldap_set_option(NULL, LDAP_OPT_X_TLS_CACERTFILE, ! (void )BrowseLDAPCACertFile)) ! != LDAP_SUCCESS) ! cupsdLogMessage(CUPSD_LOG_ERROR, ! "Unable to set CA certificate file for LDAP " ! "connections: %d - %s", rc, ldaperr2string(rc)); ! } ! ! / ! * LDAP stuff currently only supports ldapi EXTERNAL SASL binds... ! / ! ! if (!BrowseLDAPServer || !strcasecmp(BrowseLDAPServer, "localhost")) ! rc = ldap_initialize(&BrowseLDAPHandle, "ldapi:///"); ! else
! rc = ldap_initialize(&BrowseLDAPHandle, BrowseLDAPServer); ! ! if (rc != LDAP_SUCCESS) ! { ! cupsdLogMessage(CUPSD_LOG_ERROR, ! "Unable to initialize LDAP; disabling LDAP browsing!"); ! BrowseLocalProtocols &= ~BROWSE_LDAP; ! BrowseRemoteProtocols &= ~BROWSE_LDAP; ! } ! else if (ldap_set_option(BrowseLDAPHandle, LDAP_OPT_PROTOCOL_VERSION, ! (const void *)&version) != LDAP_SUCCESS) ! { ! ldap_unbind_ext(BrowseLDAPHandle, NULL, NULL); ! BrowseLDAPHandle = NULL; ! cupsdLogMessage(CUPSD_LOG_ERROR, ! "Unable to set LDAP protocol version; " ! "disabling LDAP browsing!"); ! BrowseLocalProtocols &= ~BROWSE_LDAP; ! BrowseRemoteProtocols &= ~BROWSE_LDAP; ! } ! else ! { ! if (!BrowseLDAPServer || !strcasecmp(BrowseLDAPServer, "localhost")) ! rc = ldap_sasl_bind_s(BrowseLDAPHandle, NULL, "EXTERNAL", &bv, NULL, ! NULL, NULL); ! else ! rc = ldap_bind_s(BrowseLDAPHandle, BrowseLDAPBindDN, ! BrowseLDAPPassword, LDAP_AUTH_SIMPLE); ! ! if (rc != LDAP_SUCCESS) ! { ! cupsdLogMessage(CUPSD_LOG_ERROR, ! "Unable to bind to LDAP server; " ! "disabling LDAP browsing!"); ! ldap_unbind_ext(BrowseLDAPHandle, NULL, NULL); ! BrowseLocalProtocols &= ~BROWSE_LDAP; ! BrowseRemoteProtocols &= ~BROWSE_LDAP; ! } ! } }

  BrowseLDAPRefresh = 0;
}

! #endif /* HAVE_OPENLDAP */

/ * Register the individual printers --- 1520,1532 ---- } else { ! /* Open LDAP handle... / ! BrowseLDAPHandle = ldap_connect(); }

  BrowseLDAPRefresh = 0;
}

! #endif /* HAVE_LDAP */

/ \ Register the individual printers


* 1310,1323 ** }

endif /* HAVE_LIBSLP */

! #ifdef HAVE_OPENLDAP if (((BrowseLocalProtocols | BrowseRemoteProtocols) & BROWSE_LDAP) && BrowseLDAPHandle) { ! ldap_unbind(BrowseLDAPHandle); BrowseLDAPHandle = NULL; } ! #endif /* HAVE_OPENLDAP */ }

--- 1700,1713 ---- }

endif /* HAVE_LIBSLP */

! #ifdef HAVE_LDAP if (((BrowseLocalProtocols | BrowseRemoteProtocols) & BROWSE_LDAP) && BrowseLDAPHandle) { ! ldap_disconnect(BrowseLDAPHandle); BrowseLDAPHandle = NULL; } ! #endif /* HAVE_LDAP */ }


* 1377,1383 **

endif /* HAVE_DNSSD */

! #ifdef HAVE_OPENLDAP /*

! #ifdef HAVE_LDAP /*

! cupsdLogMessage(CUPSD_LOG_DEBUG2, "UpdateLDAPBrowse: %s", ServerName);

! BrowseLDAPRefresh = time(NULL) + BrowseInterval;

! rc = ldap_search_s(BrowseLDAPHandle, BrowseLDAPDN, LDAP_SCOPE_SUBTREE, "(objectclass=cupsPrinter)", (char **)ldap_attrs, 0, &res); if (rc != LDAP_SUCCESS) { ! cupsdLogMessage(CUPSD_LOG_ERROR, ! "LDAP search returned error %d: %s", rc, ! ldap_err2string(rc)); return; }

limit = ldap_count_entries(BrowseLDAPHandle, res);
cupsdLogMessage(CUPSD_LOG_DEBUG2, "LDAP search returned %d entries", limit);
if (limit < 1)
  return;

/ * Loop through the available printers... --- 1788,1852 ---- LDAPMessage res, / LDAP search results _/ e; /_ Current entry from search */

! if (! BrowseLDAPHandle) ! { ! ldap_reconnect(); ! return; ! }

! / ! * Search for cups printers in LDAP directory... ! /

! rc = ldap_search_rec(BrowseLDAPHandle, BrowseLDAPDN, LDAP_SCOPE_SUBTREE, "(objectclass=cupsPrinter)", (char **)ldap_attrs, 0, &res);

! if ((value = ldap_get_values(BrowseLDAPHandle, e, ! "printerDescription")) == NULL) continue;

! strlcpy(info, *value, sizeof(info)); ! ldap_value_free(value); ! ! if ((value = ldap_get_values(BrowseLDAPHandle, e, ! "printerLocation")) == NULL) continue;

! strlcpy(location, *value, sizeof(location)); ! ldap_value_free(value); ! ! if ((value = ldap_get_values(BrowseLDAPHandle, e, ! "printerMakeAndModel")) == NULL) continue;

! strlcpy(make_model, *value, sizeof(make_model)); ! ldap_value_free(value); ! ! if ((value = ldap_get_values(BrowseLDAPHandle, e, ! "printerType")) == NULL) continue;

! type = atoi(*value); ! ldap_value_free(value);

! if ((value = ldap_get_values(BrowseLDAPHandle, e, ! "printerURI")) == NULL) continue;

- ldap_value_free(value);

 /*
  * Process the entry as browse data...
  */

--- 1860,1887 ---- * Get the required values from this entry... */

! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerDescription", info, sizeof(info)) == -1) continue;

! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerLocation", location, sizeof(location)) == -1) continue;

! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerMakeAndModel", make_model, sizeof(make_model)) == -1) continue;

! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerType", type_num, sizeof(type_num)) == -1) continue;

! type = atoi(type_num);

! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerURI", uri, sizeof(uri)) == -1) continue;

 /*
  * Process the entry as browse data...
  */

* 1478,1485 ** location, info, make_model, 0, NULL);

}

} ! #endif /* HAVE_OPENLDAP */

ifdef HAVE_LIBSLP

--- 1891,1900 ---- location, info, make_model, 0, NULL);

}

! #ifdef HAVE_OPENLDAP /*

--- 3415,3756 ---- }

! #ifdef HAVE_LDAP /*


* 3011,3017 ** int i; /* Looping var... / LDAPMod mods[7]; / The 7 attributes we will be adding / LDAPMod *pmods[8]; / Pointers to the 7 attributes + NULL / ! LDAPMessage *res; / Search result token _/ char cnvalue[2], / Change records _/ uri[2], info[2], --- 3760,3767 ---- int i; / Looping var... / LDAPMod mods[7]; / The 7 attributes we will be adding / LDAPMod pmods[8]; / Pointers to the 7 attributes + NULL / ! LDAPMessage res, / Search result token / ! e; / Current entry from search / char cnvalue[2], / Change records / uri[2], info[2],


* 3029,3038 ** "cupsPrinter", NULL };

! cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: %s\n", p->name);

/ * Everything in ldap is * so we fudge around it... */

--- 3779,3815 ---- "cupsPrinter", NULL };

! cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: %s", p->name);

/*


* 3051,3064 ** uri[0] = p->uri; uri[1] = NULL;

snprintf(filter, sizeof(filter),
         "(&(objectclass=cupsPrinter)(printerURI=%s))", p->uri);

! snprintf(dn, sizeof(dn), "cn=%s,ou=printers,%s", p->name, BrowseLDAPDN); cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: dn=\"%s\"", dn);

if (ldap_count_entries(BrowseLDAPHandle, res) > 0)
{
 /*

! * Printer has already been registered, modify the current ! * registration... */

! cupsdLogMessage(CUPSD_LOG_DEBUG2, ! "send_ldap_browse: Replacing entry...");

! for (i = 0; i < 7; i ++) { ! pmods[i] = mods + i; ! pmods[i]->mod_op = LDAP_MOD_REPLACE; } ! pmods[i] = NULL;

! if ((rc = ldap_modify_s(BrowseLDAPHandle, dn, pmods)) != LDAP_SUCCESS) ! cupsdLogMessage(CUPSD_LOG_ERROR, ! "LDAP modify for %s failed with status %d: %s", ! p->name, rc, ldap_err2string(rc)); } else { / * Printer has never been registered, add the current * registration... /

  cupsdLogMessage(CUPSD_LOG_DEBUG2,

! "send_ldap_browse: Adding entry...");

  for (i = 0; i < 7; i ++)
  {

--- 3874,3987 ---- mods[6].mod_type = "objectClass"; mods[6].mod_values = (char **)objectClass_values;

! snprintf(dn, sizeof(dn), "cn=%s, ou=%s, %s", p->name, ServerName, BrowseLDAPDN); cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: dn=\"%s\"", dn);

! e = ldap_first_entry(BrowseLDAPHandle, res);

! / ! * Get the required values from this entry... ! _/ ! ! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerDescription", old_info, sizeof(old_info)) == -1) ! old_info[0] = '\0'; ! ! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerLocation", old_location, sizeof(old_location)) == -1) ! old_info[0] = '\0'; ! ! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerMakeAndModel", old_make_model, sizeof(old_make_model)) == -1) ! old_info[0] = '\0'; ! ! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerType", old_type_string, sizeof(old_type_string)) == -1) ! old_info[0] = '\0'; ! ! old_type = atoi(old_type_string); ! ! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerURI", old_uri, sizeof(old_uri)) == -1) ! oldinfo[0] = '\0'; ! ! / ! * Check if modification is required... ! _/ ! ! if ( ( strcmp(info[0], old_info) == 0 ) ! && ( strcmp(uri[0], old_uri) == 0 ) ! && ( strcmp(location[0], old_location) == 0 ) ! && ( strcmp(make_model[0], old_make_model) == 0 ) ! && ( p->type == oldtype ) ! ) { ! / ! * LDAP entry for the printer exists. ! * Printer has already been registered, ! * no modifications required... ! / ! cupsdLogMessage(CUPSD_LOG_DEBUG2, ! "send_ldap_browse: No updates required for %s", p->name); } ! else ! {

! / ! * LDAP entry for the printer exists. ! * Printer has already been registered, modify the current ! * registration... ! _/ ! ! cupsdLogMessage(CUPSD_LOG_DEBUG2, ! "send_ldap_browse: Replace entry for %s", p->name); ! ! for (i = 0; i < 7; i ++) ! { ! pmods[i] = mods + i; ! pmods[i]->mod_op = LDAP_MOD_REPLACE; ! } ! pmods[i] = NULL; ! ! # if defined(HAVE_OPENLDAP) && LDAP_API_VERSION > 3000 ! if ((rc = ldap_modify_ext_s(BrowseLDAPHandle, dn, pmods, NULL, NULL)) != LDAP_SUCCESS) ! # else ! if ((rc = ldap_modify_s(BrowseLDAPHandle, dn, pmods)) != LDAPSUCCESS) ! # endif / defined(HAVE_OPENLDAP) && LDAP_API_VERSION > 3000 / ! { ! cupsdLogMessage(CUPSD_LOG_ERROR, ! "LDAP modify for %s failed with status %d: %s", ! p->name, rc, ldap_err2string(rc)); ! if ( LDAP_SERVER_DOWN == rc ) ! ldap_reconnect(); ! } ! } ! } else {

michaelrsweet commented 16 years ago

"cups-1.3.0-ldapimp-2.patch":

*\ config-scripts/cups-ldap.m4 Wed Jul 11 23:46:42 2007 --- ../../BUILD/cups-1.3.0/config-scripts/cups-ldap.m4 Mon Sep 17 20:36:46 2007


* 14,24 ** dnl

AC_ARG_ENABLE(ldap, [ --enable-ldap turn on LDAP support, default=yes]) ! AC_ARG_WITH(openldap-libs, [ --with-openldap-libs set directory for OpenLDAP library], LDFLAGS="-L$withval $LDFLAGS" DSOFLAGS="-L$withval $DSOFLAGS",) ! AC_ARG_WITH(openldap-includes, [ --with-openldap-includes ! set directory for OpenLDAP includes], CFLAGS="-I$withval $CFLAGS" CXXFLAGS="-I$withval $CXXFLAGS" CPPFLAGS="-I$withval $CPPFLAGS",) --- 14,24 ---- dnl

AC_ARG_ENABLE(ldap, [ --enable-ldap turn on LDAP support, default=yes]) ! AC_ARG_WITH(ldap-libs, [ --with-ldap-libs set directory for LDAP library], LDFLAGS="-L$withval $LDFLAGS" DSOFLAGS="-L$withval $DSOFLAGS",) ! AC_ARG_WITH(ldap-includes, [ --with-ldap-includes ! set directory for LDAP includes], CFLAGS="-I$withval $CFLAGS" CXXFLAGS="-I$withval $CXXFLAGS" CPPFLAGS="-I$withval $CPPFLAGS",)


* 26,36 ** LIBLDAP=""

if test x$enable_ldap != xno; then ! AC_CHECK_HEADER(ldap.h, AC_CHECK_LIB(ldap, ldap_initialize, ! AC_DEFINE(HAVE_LDAP) ! AC_DEFINE(HAVE_OPENLDAP) ! LIBLDAP="-lldap")) fi

AC_SUBST(LIBLDAP) --- 26,49 ---- LIBLDAP=""

if test x$enable_ldap != xno; then ! AC_CHECK_HEADER(ldap.h, [ AC_CHECK_LIB(ldap, ldap_initialize, ! AC_DEFINE(HAVE_LDAP) ! AC_DEFINE(HAVE_OPENLDAP) ! LIBLDAP="-lldap" ! AC_CHECK_LIB(ldap, ldap_start_tls, ! AC_DEFINE(HAVE_LDAP_SSL)) ! , ! AC_CHECK_LIB(ldap, ldap_init, ! AC_DEFINE(HAVE_LDAP) ! AC_DEFINE(HAVE_MOZILLA_LDAP) ! LIBLDAP="-lldap" ! AC_CHECK_HEADER(ldap_ssl.h, AC_DEFINE(HAVE_LDAP_SSL_H),,[#include ]) ! AC_CHECK_LIB(ldap, ldapssl_init, ! AC_DEFINE(HAVE_LDAP_SSL))) ! ) ! AC_CHECK_LIB(ldap, ldap_set_rebind_proc, AC_DEFINE(HAVE_LDAP_REBIND_PROC)) ! ]) fi

AC_SUBST(LIBLDAP) *\ config.h.in Wed Aug 1 21:02:47 2007 --- ../../BUILD/cups-1.3.0/config.h.in Mon Sep 17 20:36:46 2007


* 297,302 ** --- 297,306 ----

undef HAVE_LDAP

undef HAVE_OPENLDAP

! #ifdef HAVE_OPENLDAP

ifdef __sun

include

endif /* _sun /

include

! #endif /_ HAVE_OPENLDAP */

/*

! #ifdef HAVE_LDAP

ifdef __sun

include

endif /* _sun /

include

! # ifdef HAVE_LDAP_SSL_H ! # include ! # endif /_ HAVE_LDAP_SSLH / ! #endif /_ HAVE_LDAP */

/*

--- 146,159 ---- /* LDAP search DN / *BrowseLDAPPassword VALUE(NULL), / LDAP login password / ! *BrowseLDAPServer VALUE(NULL); / LDAP server to use / ! VAR int BrowseLDAPUpdate VALUE(TRUE); ! / enables LDAP updates _/ ! # ifdef HAVE_LDAPSSL ! VAR char *BrowseLDAPCACertFile VALUE(NULL); / LDAP CA CERT file to use */

*\ scheduler/dirsvc.c Thu Jul 19 21:09:46 2007 --- ../../BUILD/cups-1.3.0/scheduler/dirsvc.c Tue Sep 18 09:05:48 2007


* 44,49 ** --- 44,59 ----

! #ifdef HAVE_OPENLDAP static const char * const ldap_attrs[] =/* CUPS LDAP attributes */ { "printerDescription", --- 140,146 ---- static void update_polling(void);

! #ifdef HAVE_LDAP static const char * const ldap_attrs[] =/* CUPS LDAP attributes */ { "printerDescription",


* 111,117 ** "printerURI", NULL }; ! #endif /* HAVE_OPENLDAP */

ifdef HAVE_LIBSLP

/ --- 150,156 ---- "printerURI", NULL }; ! #endif /* HAVE_LDAP /

ifdef HAVE_LIBSLP

/*


* 214,219 ** --- 253,263 ---- slp_dereg_printer(p);

endif /* HAVE_LIBSLP */


* 1047,1053 ** BrowseSLPHandle = NULL;

endif /* HAVE_LIBSLP */

! #ifdef HAVE_OPENLDAP if ((BrowseLocalProtocols | BrowseRemoteProtocols) & BROWSE_LDAP) { if (!BrowseLDAPDN) --- 1510,1516 ---- BrowseSLPHandle = NULL;

endif /* HAVE_LIBSLP */

! #ifdef HAVE_LDAP if ((BrowseLocalProtocols | BrowseRemoteProtocols) & BROWSE_LDAP) { if (!BrowseLDAPDN)


* 1059,1142 ** } else { ! /* ! * Open LDAP handle... ! / ! ! int rc; / LDAP API status / ! int version = 3; / LDAP version / ! struct berval bv = {0, ""}; / SASL bind value / ! ! ! / ! * Set the certificate file to use for encrypted LDAP sessions... ! _/ ! ! if (BrowseLDAPCACertFile) ! { ! cupsdLogMessage(CUPSD_LOG_DEBUG, ! "cupsdStartBrowsing: Setting CA certificate file \"%s\"", ! BrowseLDAPCACertFile); ! ! if ((rc = ldap_set_option(NULL, LDAP_OPT_X_TLS_CACERTFILE, ! (void )BrowseLDAPCACertFile)) ! != LDAP_SUCCESS) ! cupsdLogMessage(CUPSD_LOG_ERROR, ! "Unable to set CA certificate file for LDAP " ! "connections: %d - %s", rc, ldaperr2string(rc)); ! } ! ! / ! * LDAP stuff currently only supports ldapi EXTERNAL SASL binds... ! / ! ! if (!BrowseLDAPServer || !strcasecmp(BrowseLDAPServer, "localhost")) ! rc = ldap_initialize(&BrowseLDAPHandle, "ldapi:///"); ! else
! rc = ldap_initialize(&BrowseLDAPHandle, BrowseLDAPServer); ! ! if (rc != LDAP_SUCCESS) ! { ! cupsdLogMessage(CUPSD_LOG_ERROR, ! "Unable to initialize LDAP; disabling LDAP browsing!"); ! BrowseLocalProtocols &= ~BROWSE_LDAP; ! BrowseRemoteProtocols &= ~BROWSE_LDAP; ! } ! else if (ldap_set_option(BrowseLDAPHandle, LDAP_OPT_PROTOCOL_VERSION, ! (const void *)&version) != LDAP_SUCCESS) ! { ! ldap_unbind_ext(BrowseLDAPHandle, NULL, NULL); ! BrowseLDAPHandle = NULL; ! cupsdLogMessage(CUPSD_LOG_ERROR, ! "Unable to set LDAP protocol version; " ! "disabling LDAP browsing!"); ! BrowseLocalProtocols &= ~BROWSE_LDAP; ! BrowseRemoteProtocols &= ~BROWSE_LDAP; ! } ! else ! { ! if (!BrowseLDAPServer || !strcasecmp(BrowseLDAPServer, "localhost")) ! rc = ldap_sasl_bind_s(BrowseLDAPHandle, NULL, "EXTERNAL", &bv, NULL, ! NULL, NULL); ! else ! rc = ldap_bind_s(BrowseLDAPHandle, BrowseLDAPBindDN, ! BrowseLDAPPassword, LDAP_AUTH_SIMPLE); ! ! if (rc != LDAP_SUCCESS) ! { ! cupsdLogMessage(CUPSD_LOG_ERROR, ! "Unable to bind to LDAP server; " ! "disabling LDAP browsing!"); ! ldap_unbind_ext(BrowseLDAPHandle, NULL, NULL); ! BrowseLocalProtocols &= ~BROWSE_LDAP; ! BrowseRemoteProtocols &= ~BROWSE_LDAP; ! } ! } }

  BrowseLDAPRefresh = 0;
}

! #endif /* HAVE_OPENLDAP */

/ * Register the individual printers --- 1522,1534 ---- } else { ! /* Open LDAP handle... / ! BrowseLDAPHandle = ldap_connect(); }

  BrowseLDAPRefresh = 0;
}

! #endif /* HAVE_LDAP */

/ \ Register the individual printers


* 1310,1323 ** }

endif /* HAVE_LIBSLP */

! #ifdef HAVE_OPENLDAP if (((BrowseLocalProtocols | BrowseRemoteProtocols) & BROWSE_LDAP) && BrowseLDAPHandle) { ! ldap_unbind(BrowseLDAPHandle); BrowseLDAPHandle = NULL; } ! #endif /* HAVE_OPENLDAP */ }

--- 1702,1716 ---- }

endif /* HAVE_LIBSLP */

! #ifdef HAVE_LDAP if (((BrowseLocalProtocols | BrowseRemoteProtocols) & BROWSE_LDAP) && BrowseLDAPHandle) { ! ldap_dereg_ou(ServerName, BrowseLDAPDN); ! ldap_disconnect(BrowseLDAPHandle); BrowseLDAPHandle = NULL; } ! #endif /* HAVE_LDAP */ }


* 1377,1383 **

endif /* HAVE_DNSSD */

! #ifdef HAVE_OPENLDAP /*

! #ifdef HAVE_LDAP /*

! cupsdLogMessage(CUPSD_LOG_DEBUG2, "UpdateLDAPBrowse: %s", ServerName);

! BrowseLDAPRefresh = time(NULL) + BrowseInterval;

! rc = ldap_search_s(BrowseLDAPHandle, BrowseLDAPDN, LDAP_SCOPE_SUBTREE, ! "(objectclass=cupsPrinter)", (char **)ldap_attrs, 0, &res); if (rc != LDAP_SUCCESS) { ! cupsdLogMessage(CUPSD_LOG_ERROR, ! "LDAP search returned error %d: %s", rc, ! ldap_err2string(rc)); return; }

limit = ldap_count_entries(BrowseLDAPHandle, res);
cupsdLogMessage(CUPSD_LOG_DEBUG2, "LDAP search returned %d entries", limit);
if (limit < 1)
  return;

/ * Loop through the available printers... --- 1791,1855 ---- LDAPMessage res, / LDAP search results _/ e; /_ Current entry from search */

! if (! BrowseLDAPHandle) ! { ! ldap_reconnect(); ! return; ! }

! / ! * Search for cups printers in LDAP directory... ! /

! rc = ldap_search_rec(BrowseLDAPHandle, BrowseLDAPDN, LDAP_SCOPESUBTREE, ! "(objectclass=cupsPrinter)", (char *)ldapattrs, 0, &res); ! ! / ! * If ldap search was successfull then exit function ! * and temporary disable LDAP updates... ! */ ! if (rc != LDAP_SUCCESS) { ! if (BrowseLDAPUpdate && ((rc == LDAP_SERVER_DOWN) || (rc == LDAP_CONNECT_ERROR))) ! { ! BrowseLDAPUpdate = FALSE; ! cupsdLogMessage(CUPSD_LOG_INFO, ! "LDAP update temporary disabled"); ! } return; }

! if ((value = ldap_get_values(BrowseLDAPHandle, e, ! "printerDescription")) == NULL) continue;

! strlcpy(info, *value, sizeof(info)); ! ldap_value_free(value); ! ! if ((value = ldap_get_values(BrowseLDAPHandle, e, ! "printerLocation")) == NULL) continue;

! strlcpy(location, *value, sizeof(location)); ! ldap_value_free(value); ! ! if ((value = ldap_get_values(BrowseLDAPHandle, e, ! "printerMakeAndModel")) == NULL) continue;

! strlcpy(make_model, *value, sizeof(make_model)); ! ldap_value_free(value); ! ! if ((value = ldap_get_values(BrowseLDAPHandle, e, ! "printerType")) == NULL) continue;

! type = atoi(*value); ! ldap_value_free(value);

! if ((value = ldap_get_values(BrowseLDAPHandle, e, ! "printerURI")) == NULL) continue;

- ldap_value_free(value);

 /*
  * Process the entry as browse data...
  */

--- 1863,1890 ---- * Get the required values from this entry... */

! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerDescription", info, sizeof(info)) == -1) continue;

! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerLocation", location, sizeof(location)) == -1) continue;

! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerMakeAndModel", make_model, sizeof(make_model)) == -1) continue;

! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerType", type_num, sizeof(type_num)) == -1) continue;

! type = atoi(type_num);

! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerURI", uri, sizeof(uri)) == -1) continue;

 /*
  * Process the entry as browse data...
  */

* 1478,1485 ** location, info, make_model, 0, NULL);

}

} ! #endif /* HAVE_OPENLDAP */

ifdef HAVE_LIBSLP

--- 1894,1903 ---- location, info, make_model, 0, NULL);

}

! #ifdef HAVE_OPENLDAP /*

--- 3418,3759 ---- }

! #ifdef HAVE_LDAP /*


* 3011,3017 ** int i; /* Looping var... / LDAPMod mods[7]; / The 7 attributes we will be adding / LDAPMod *pmods[8]; / Pointers to the 7 attributes + NULL / ! LDAPMessage *res; / Search result token _/ char cnvalue[2], / Change records _/ uri[2], info[2], --- 3763,3770 ---- int i; / Looping var... / LDAPMod mods[7]; / The 7 attributes we will be adding / LDAPMod pmods[8]; / Pointers to the 7 attributes + NULL / ! LDAPMessage res, / Search result token / ! e; / Current entry from search / char cnvalue[2], / Change records / uri[2], info[2],


* 3020,3026 ** type[2], typestring[255], / String to hold printer-type / filter[256], / Search filter for possible UPDATEs / ! dn[1024]; / DN of the printer we are adding / int rc; / LDAP status _/ static const char * const objectClassvalues[] = { / The 3 objectClass's we use in / --- 3773,3780 ---- *type[2], typestring[255], / String to hold printer-type / filter[256], / Search filter for possible UPDATEs / ! dn[1024], / DN of the printer we are adding _/ ! searchdn[1024]; / DN for searching / int rc; / LDAP status _/ static const char * const objectClassvalues[] = { / The 3 objectClass's we use in */


* 3029,3038 ** "cupsPrinter", NULL };

! cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: %s\n", p->name);

/ * Everything in ldap is * so we fudge around it... */

--- 3783,3819 ---- "cupsPrinter", NULL };

! cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: %s", p->name);

/*


* 3051,3064 ** uri[0] = p->uri; uri[1] = NULL;

snprintf(filter, sizeof(filter),

! "(&(objectclass=cupsPrinter)(printerURI=%s))", p->uri);

! snprintf(dn, sizeof(dn), "cn=%s,ou=printers,%s", p->name, BrowseLDAPDN); ! cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: dn=\"%s\"", dn);

if (ldap_count_entries(BrowseLDAPHandle, res) > 0)
{
 /*

! * Printer has already been registered, modify the current ! * registration... */

! cupsdLogMessage(CUPSD_LOG_DEBUG2, ! "send_ldap_browse: Replacing entry...");

! for (i = 0; i < 7; i ++) { ! pmods[i] = mods + i; ! pmods[i]->mod_op = LDAP_MOD_REPLACE; } ! pmods[i] = NULL;

! if ((rc = ldap_modify_s(BrowseLDAPHandle, dn, pmods)) != LDAP_SUCCESS) ! cupsdLogMessage(CUPSD_LOG_ERROR, ! "LDAP modify for %s failed with status %d: %s", ! p->name, rc, ldap_err2string(rc)); } else { / * Printer has never been registered, add the current * registration... /

  cupsdLogMessage(CUPSD_LOG_DEBUG2,

! "send_ldap_browse: Adding entry...");

  for (i = 0; i < 7; i ++)
  {

--- 3882,3992 ---- mods[6].mod_type = "objectClass"; mods[6].mod_values = (char **)objectClass_values;

! / ! * Check if we need to insert or update the LDAP entry... ! /

if (ldap_count_entries(BrowseLDAPHandle, res) > 0)
{
 /*

! * Printer has already been registered, check if ! * modification is required... */

! e = ldap_first_entry(BrowseLDAPHandle, res);

! / ! * Get the required values from this entry... ! _/ ! ! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerDescription", old_info, sizeof(old_info)) == -1) ! old_info[0] = '\0'; ! ! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerLocation", old_location, sizeof(old_location)) == -1) ! old_info[0] = '\0'; ! ! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerMakeAndModel", old_make_model, sizeof(old_make_model)) == -1) ! old_info[0] = '\0'; ! ! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerType", old_type_string, sizeof(old_type_string)) == -1) ! old_info[0] = '\0'; ! ! old_type = atoi(old_type_string); ! ! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerURI", old_uri, sizeof(old_uri)) == -1) ! oldinfo[0] = '\0'; ! ! / ! * Check if modification is required... ! _/ ! ! if ( ( strcmp(info[0], old_info) == 0 ) ! && ( strcmp(uri[0], old_uri) == 0 ) ! && ( strcmp(location[0], old_location) == 0 ) ! && ( strcmp(make_model[0], old_make_model) == 0 ) ! && ( p->type == oldtype ) ! ) { ! / ! * LDAP entry for the printer exists. ! * Printer has already been registered, ! * no modifications required... ! / ! cupsdLogMessage(CUPSD_LOG_DEBUG2, ! "send_ldap_browse: No updates required for %s", p->name); } ! else ! {

! / ! * LDAP entry for the printer exists. ! * Printer has already been registered, modify the current ! * registration... ! _/ ! ! cupsdLogMessage(CUPSD_LOG_DEBUG2, ! "send_ldap_browse: Replace entry for %s", p->name); ! ! for (i = 0; i < 7; i ++) ! { ! pmods[i] = mods + i; ! pmods[i]->mod_op = LDAP_MOD_REPLACE; ! } ! pmods[i] = NULL; ! ! # if defined(HAVE_OPENLDAP) && LDAP_API_VERSION > 3000 ! if ((rc = ldap_modify_ext_s(BrowseLDAPHandle, dn, pmods, NULL, NULL)) != LDAP_SUCCESS) ! # else ! if ((rc = ldap_modify_s(BrowseLDAPHandle, dn, pmods)) != LDAPSUCCESS) ! # endif / defined(HAVE_OPENLDAP) && LDAP_API_VERSION > 3000 / ! { ! cupsdLogMessage(CUPSD_LOG_ERROR, ! "LDAP modify for %s failed with status %d: %s", ! p->name, rc, ldap_err2string(rc)); ! if ( LDAP_SERVER_DOWN == rc ) ! ldap_reconnect(); ! } ! } ! } else {

michaelrsweet commented 16 years ago

"cups-1.3.2-ldapimp.patch":

*\ config-scripts/cups-ldap.m4 Wed Jul 11 23:46:42 2007 --- ../../BUILD/cups-1.3.2/config-scripts/cups-ldap.m4 Thu Sep 27 11:31:56 2007


* 14,24 ** dnl

AC_ARG_ENABLE(ldap, [ --enable-ldap turn on LDAP support, default=yes]) ! AC_ARG_WITH(openldap-libs, [ --with-openldap-libs set directory for OpenLDAP library], LDFLAGS="-L$withval $LDFLAGS" DSOFLAGS="-L$withval $DSOFLAGS",) ! AC_ARG_WITH(openldap-includes, [ --with-openldap-includes ! set directory for OpenLDAP includes], CFLAGS="-I$withval $CFLAGS" CXXFLAGS="-I$withval $CXXFLAGS" CPPFLAGS="-I$withval $CPPFLAGS",) --- 14,24 ---- dnl

AC_ARG_ENABLE(ldap, [ --enable-ldap turn on LDAP support, default=yes]) ! AC_ARG_WITH(ldap-libs, [ --with-ldap-libs set directory for LDAP library], LDFLAGS="-L$withval $LDFLAGS" DSOFLAGS="-L$withval $DSOFLAGS",) ! AC_ARG_WITH(ldap-includes, [ --with-ldap-includes ! set directory for LDAP includes], CFLAGS="-I$withval $CFLAGS" CXXFLAGS="-I$withval $CXXFLAGS" CPPFLAGS="-I$withval $CPPFLAGS",)


* 26,36 ** LIBLDAP=""

if test x$enable_ldap != xno; then ! AC_CHECK_HEADER(ldap.h, AC_CHECK_LIB(ldap, ldap_initialize, ! AC_DEFINE(HAVE_LDAP) ! AC_DEFINE(HAVE_OPENLDAP) ! LIBLDAP="-lldap")) fi

AC_SUBST(LIBLDAP) --- 26,49 ---- LIBLDAP=""

if test x$enable_ldap != xno; then ! AC_CHECK_HEADER(ldap.h, [ AC_CHECK_LIB(ldap, ldap_initialize, ! AC_DEFINE(HAVE_LDAP) ! AC_DEFINE(HAVE_OPENLDAP) ! LIBLDAP="-lldap" ! AC_CHECK_LIB(ldap, ldap_start_tls, ! AC_DEFINE(HAVE_LDAP_SSL)) ! , ! AC_CHECK_LIB(ldap, ldap_init, ! AC_DEFINE(HAVE_LDAP) ! AC_DEFINE(HAVE_MOZILLA_LDAP) ! LIBLDAP="-lldap" ! AC_CHECK_HEADER(ldap_ssl.h, AC_DEFINE(HAVE_LDAP_SSL_H),,[#include ]) ! AC_CHECK_LIB(ldap, ldapssl_init, ! AC_DEFINE(HAVE_LDAP_SSL))) ! ) ! AC_CHECK_LIB(ldap, ldap_set_rebind_proc, AC_DEFINE(HAVE_LDAP_REBIND_PROC)) ! ]) fi

AC_SUBST(LIBLDAP) *\ config.h.in Wed Aug 29 19:22:26 2007 --- ../../BUILD/cups-1.3.2/config.h.in Thu Sep 27 11:31:56 2007


* 297,302 ** --- 297,306 ----

undef HAVE_LDAP

undef HAVE_OPENLDAP

! #ifdef HAVE_OPENLDAP

ifdef __sun

include

endif /* _sun /

include

! #endif /_ HAVE_OPENLDAP */

/*

! #ifdef HAVE_LDAP

ifdef __sun

include

endif /* _sun /

include

! # ifdef HAVE_LDAP_SSL_H ! # include ! # endif /_ HAVE_LDAP_SSLH / ! #endif /_ HAVE_LDAP */

/*

--- 146,159 ---- /* LDAP search DN / *BrowseLDAPPassword VALUE(NULL), / LDAP login password / ! *BrowseLDAPServer VALUE(NULL); / LDAP server to use / ! VAR int BrowseLDAPUpdate VALUE(TRUE); ! / enables LDAP updates _/ ! # ifdef HAVE_LDAPSSL ! VAR char *BrowseLDAPCACertFile VALUE(NULL); / LDAP CA CERT file to use */

*\ scheduler/dirsvc.c Tue Sep 18 19:51:32 2007 --- ../../BUILD/cups-1.3.2/scheduler/dirsvc.c Thu Sep 27 12:53:59 2007


* 44,49 ** --- 44,59 ----

! #ifdef HAVE_OPENLDAP static const char * const ldap_attrs[] =/* CUPS LDAP attributes */ { "printerDescription", --- 140,146 ---- static void update_polling(void);

! #ifdef HAVE_LDAP static const char * const ldap_attrs[] =/* CUPS LDAP attributes */ { "printerDescription",


* 111,117 ** "printerURI", NULL }; ! #endif /* HAVE_OPENLDAP */

ifdef HAVE_LIBSLP

/ --- 150,156 ---- "printerURI", NULL }; ! #endif /* HAVE_LDAP /

ifdef HAVE_LIBSLP

/*


* 214,219 ** --- 253,263 ---- slp_dereg_printer(p);

endif /* HAVE_LIBSLP */


* 1047,1053 ** BrowseSLPHandle = NULL;

endif /* HAVE_LIBSLP */

! #ifdef HAVE_OPENLDAP if ((BrowseLocalProtocols | BrowseRemoteProtocols) & BROWSE_LDAP) { if (!BrowseLDAPDN) --- 1510,1516 ---- BrowseSLPHandle = NULL;

endif /* HAVE_LIBSLP */

! #ifdef HAVE_LDAP if ((BrowseLocalProtocols | BrowseRemoteProtocols) & BROWSE_LDAP) { if (!BrowseLDAPDN)


* 1059,1142 ** } else { ! /* ! * Open LDAP handle... ! / ! ! int rc; / LDAP API status / ! int version = 3; / LDAP version / ! struct berval bv = {0, ""}; / SASL bind value / ! ! ! / ! * Set the certificate file to use for encrypted LDAP sessions... ! _/ ! ! if (BrowseLDAPCACertFile) ! { ! cupsdLogMessage(CUPSD_LOG_DEBUG, ! "cupsdStartBrowsing: Setting CA certificate file \"%s\"", ! BrowseLDAPCACertFile); ! ! if ((rc = ldap_set_option(NULL, LDAP_OPT_X_TLS_CACERTFILE, ! (void )BrowseLDAPCACertFile)) ! != LDAP_SUCCESS) ! cupsdLogMessage(CUPSD_LOG_ERROR, ! "Unable to set CA certificate file for LDAP " ! "connections: %d - %s", rc, ldaperr2string(rc)); ! } ! ! / ! * LDAP stuff currently only supports ldapi EXTERNAL SASL binds... ! / ! ! if (!BrowseLDAPServer || !strcasecmp(BrowseLDAPServer, "localhost")) ! rc = ldap_initialize(&BrowseLDAPHandle, "ldapi:///"); ! else
! rc = ldap_initialize(&BrowseLDAPHandle, BrowseLDAPServer); ! ! if (rc != LDAP_SUCCESS) ! { ! cupsdLogMessage(CUPSD_LOG_ERROR, ! "Unable to initialize LDAP; disabling LDAP browsing!"); ! BrowseLocalProtocols &= ~BROWSE_LDAP; ! BrowseRemoteProtocols &= ~BROWSE_LDAP; ! } ! else if (ldap_set_option(BrowseLDAPHandle, LDAP_OPT_PROTOCOL_VERSION, ! (const void *)&version) != LDAP_SUCCESS) ! { ! ldap_unbind_ext(BrowseLDAPHandle, NULL, NULL); ! BrowseLDAPHandle = NULL; ! cupsdLogMessage(CUPSD_LOG_ERROR, ! "Unable to set LDAP protocol version; " ! "disabling LDAP browsing!"); ! BrowseLocalProtocols &= ~BROWSE_LDAP; ! BrowseRemoteProtocols &= ~BROWSE_LDAP; ! } ! else ! { ! if (!BrowseLDAPServer || !strcasecmp(BrowseLDAPServer, "localhost")) ! rc = ldap_sasl_bind_s(BrowseLDAPHandle, NULL, "EXTERNAL", &bv, NULL, ! NULL, NULL); ! else ! rc = ldap_bind_s(BrowseLDAPHandle, BrowseLDAPBindDN, ! BrowseLDAPPassword, LDAP_AUTH_SIMPLE); ! ! if (rc != LDAP_SUCCESS) ! { ! cupsdLogMessage(CUPSD_LOG_ERROR, ! "Unable to bind to LDAP server; " ! "disabling LDAP browsing!"); ! ldap_unbind_ext(BrowseLDAPHandle, NULL, NULL); ! BrowseLocalProtocols &= ~BROWSE_LDAP; ! BrowseRemoteProtocols &= ~BROWSE_LDAP; ! } ! } }

  BrowseLDAPRefresh = 0;
}

! #endif /* HAVE_OPENLDAP */

/ * Register the individual printers --- 1522,1534 ---- } else { ! /* Open LDAP handle... / ! BrowseLDAPHandle = ldap_connect(); }

  BrowseLDAPRefresh = 0;
}

! #endif /* HAVE_LDAP */

/ \ Register the individual printers


* 1310,1323 ** }

endif /* HAVE_LIBSLP */

! #ifdef HAVE_OPENLDAP if (((BrowseLocalProtocols | BrowseRemoteProtocols) & BROWSE_LDAP) && BrowseLDAPHandle) { ! ldap_unbind(BrowseLDAPHandle); BrowseLDAPHandle = NULL; } ! #endif /* HAVE_OPENLDAP */ }

--- 1702,1716 ---- }

endif /* HAVE_LIBSLP */

! #ifdef HAVE_LDAP if (((BrowseLocalProtocols | BrowseRemoteProtocols) & BROWSE_LDAP) && BrowseLDAPHandle) { ! ldap_dereg_ou(ServerName, BrowseLDAPDN); ! ldap_disconnect(BrowseLDAPHandle); BrowseLDAPHandle = NULL; } ! #endif /* HAVE_LDAP */ }


* 1377,1383 **

endif /* HAVE_DNSSD */

! #ifdef HAVE_OPENLDAP /*

! #ifdef HAVE_LDAP /*

! cupsdLogMessage(CUPSD_LOG_DEBUG2, "UpdateLDAPBrowse: %s", ServerName);

! BrowseLDAPRefresh = time(NULL) + BrowseInterval;

! rc = ldap_search_s(BrowseLDAPHandle, BrowseLDAPDN, LDAP_SCOPE_SUBTREE, ! "(objectclass=cupsPrinter)", (char **)ldap_attrs, 0, &res); if (rc != LDAP_SUCCESS) { ! cupsdLogMessage(CUPSD_LOG_ERROR, ! "LDAP search returned error %d: %s", rc, ! ldap_err2string(rc)); return; }

limit = ldap_count_entries(BrowseLDAPHandle, res);
cupsdLogMessage(CUPSD_LOG_DEBUG2, "LDAP search returned %d entries", limit);
if (limit < 1)
  return;

/ * Loop through the available printers... --- 1791,1855 ---- LDAPMessage res, / LDAP search results _/ e; /_ Current entry from search */

! if (! BrowseLDAPHandle) ! { ! ldap_reconnect(); ! return; ! }

! / ! * Search for cups printers in LDAP directory... ! /

! rc = ldap_search_rec(BrowseLDAPHandle, BrowseLDAPDN, LDAP_SCOPESUBTREE, ! "(objectclass=cupsPrinter)", (char *)ldapattrs, 0, &res); ! ! / ! * If ldap search was successfull then exit function ! * and temporary disable LDAP updates... ! */ ! if (rc != LDAP_SUCCESS) { ! if (BrowseLDAPUpdate && ((rc == LDAP_SERVER_DOWN) || (rc == LDAP_CONNECT_ERROR))) ! { ! BrowseLDAPUpdate = FALSE; ! cupsdLogMessage(CUPSD_LOG_INFO, ! "LDAP update temporary disabled"); ! } return; }

! if ((value = ldap_get_values(BrowseLDAPHandle, e, ! "printerDescription")) == NULL) continue;

! strlcpy(info, *value, sizeof(info)); ! ldap_value_free(value); ! ! if ((value = ldap_get_values(BrowseLDAPHandle, e, ! "printerLocation")) == NULL) continue;

! strlcpy(location, *value, sizeof(location)); ! ldap_value_free(value); ! ! if ((value = ldap_get_values(BrowseLDAPHandle, e, ! "printerMakeAndModel")) == NULL) continue;

! strlcpy(make_model, *value, sizeof(make_model)); ! ldap_value_free(value); ! ! if ((value = ldap_get_values(BrowseLDAPHandle, e, ! "printerType")) == NULL) continue;

! type = atoi(*value); ! ldap_value_free(value);

! if ((value = ldap_get_values(BrowseLDAPHandle, e, ! "printerURI")) == NULL) continue;

- ldap_value_free(value);

 /*
  * Process the entry as browse data...
  */

--- 1863,1890 ---- * Get the required values from this entry... */

! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerDescription", info, sizeof(info)) == -1) continue;

! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerLocation", location, sizeof(location)) == -1) continue;

! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerMakeAndModel", make_model, sizeof(make_model)) == -1) continue;

! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerType", type_num, sizeof(type_num)) == -1) continue;

! type = atoi(type_num);

! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerURI", uri, sizeof(uri)) == -1) continue;

 /*
  * Process the entry as browse data...
  */

* 1478,1485 ** location, info, make_model, 0, NULL);

}

} ! #endif /* HAVE_OPENLDAP */

ifdef HAVE_LIBSLP

--- 1894,1903 ---- location, info, make_model, 0, NULL);

}

! #ifdef HAVE_OPENLDAP /*

--- 3430,3775 ---- }

! #ifdef HAVE_LDAP /*


* 3023,3029 ** int i; /* Looping var... / LDAPMod mods[7]; / The 7 attributes we will be adding / LDAPMod *pmods[8]; / Pointers to the 7 attributes + NULL / ! LDAPMessage *res; / Search result token _/ char cnvalue[2], / Change records _/ uri[2], info[2], --- 3779,3786 ---- int i; / Looping var... / LDAPMod mods[7]; / The 7 attributes we will be adding / LDAPMod pmods[8]; / Pointers to the 7 attributes + NULL / ! LDAPMessage res, / Search result token / ! e; / Current entry from search / char cnvalue[2], / Change records / uri[2], info[2],


* 3031,3037 ** _makemodel[2], *type[2], typestring[255], / String to hold printer-type */

! cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: %s\n", p->name);

/ * Everything in ldap is * so we fudge around it... */

--- 3797,3833 ---- "cupsPrinter", NULL };

! cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: %s", p->name);

/*


* 3063,3076 ** uri[0] = p->uri; uri[1] = NULL;

! snprintf(filter, sizeof(filter), ! "(&(objectclass=cupsPrinter)(printerURI=%s))", p->uri);

! ldap_search_s(BrowseLDAPHandle, BrowseLDAPDN, LDAP_SCOPE_SUBTREE, ! filter, (char **)ldap_attrs, 0, &res); ! cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: Searching \"%s\"", ! filter);

mods[0].mod_type = "cn";
mods[0].mod_values = cn_value;
mods[1].mod_type = "printerDescription";

--- 3846,3879 ---- uri[0] = p->uri; uri[1] = NULL;

! / ! * Get ldap entry for printer ... ! /

! snprintf(dn, sizeof(dn), "cn=%s, ou=%s, %s", p->name, ServerName, BrowseLDAPDN); ! cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: dn=\"%s\"", dn); ! rc = ldap_search_rec(BrowseLDAPHandle, dn, LDAP_SCOPE_BASE, ! NULL, (char **)ldap_attrs, 0, &res);

! snprintf(dn, sizeof(dn), "cn=%s,ou=printers,%s", p->name, BrowseLDAPDN); ! cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: dn=\"%s\"", dn);

! if (ldap_count_entries(BrowseLDAPHandle, res) > 0) { / ! * Printer has already been registered, modify the current ! * registration... /

! cupsdLogMessage(CUPSD_LOG_DEBUG2, ! "send_ldap_browse: Replacing entry...");

! for (i = 0; i < 7; i ++) { ! pmods[i] = mods + i; ! pmods[i]->mod_op = LDAP_MOD_REPLACE; } ! pmods[i] = NULL;

! if ((rc = ldap_modify_s(BrowseLDAPHandle, dn, pmods)) != LDAP_SUCCESS) ! cupsdLogMessage(CUPSD_LOG_ERROR, ! "LDAP modify for %s failed with status %d: %s", ! p->name, rc, ldap_err2string(rc)); } else { / * Printer has never been registered, add the current * registration... /

  cupsdLogMessage(CUPSD_LOG_DEBUG2,

! "send_ldap_browse: Adding entry...");

  for (i = 0; i < 7; i ++)
  {

--- 3889,3999 ---- mods[6].mod_type = "objectClass"; mods[6].mod_values = (char **)objectClass_values;

! / ! * Check if we need to insert or update the LDAP entry... ! /

! if ((ldap_count_entries(BrowseLDAPHandle, res) > 0) && (rc != LDAP_NO_SUCH_OBJECT)) { / ! * Printer has already been registered, check if ! * modification is required... /

! e = ldap_first_entry(BrowseLDAPHandle, res);

! / ! * Get the required values from this entry... ! _/ ! ! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerDescription", old_info, sizeof(old_info)) == -1) ! old_info[0] = '\0'; ! ! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerLocation", old_location, sizeof(old_location)) == -1) ! old_info[0] = '\0'; ! ! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerMakeAndModel", old_make_model, sizeof(old_make_model)) == -1) ! old_info[0] = '\0'; ! ! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerType", old_type_string, sizeof(old_type_string)) == -1) ! old_info[0] = '\0'; ! ! old_type = atoi(old_type_string); ! ! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerURI", old_uri, sizeof(old_uri)) == -1) ! oldinfo[0] = '\0'; ! ! / ! * Check if modification is required... ! _/ ! ! if ( ( strcmp(info[0], old_info) == 0 ) ! && ( strcmp(uri[0], old_uri) == 0 ) ! && ( strcmp(location[0], old_location) == 0 ) ! && ( strcmp(make_model[0], old_make_model) == 0 ) ! && ( p->type == oldtype ) ! ) { ! / ! * LDAP entry for the printer exists. ! * Printer has already been registered, ! * no modifications required... ! / ! cupsdLogMessage(CUPSD_LOG_DEBUG2, ! "send_ldap_browse: No updates required for %s", p->name); } ! else ! {

! / ! * LDAP entry for the printer exists. ! * Printer has already been registered, modify the current ! * registration... ! _/ ! ! cupsdLogMessage(CUPSD_LOG_DEBUG2, ! "send_ldap_browse: Replace entry for %s", p->name); ! ! for (i = 0; i < 7; i ++) ! { ! pmods[i] = mods + i; ! pmods[i]->mod_op = LDAP_MOD_REPLACE; ! } ! pmods[i] = NULL; ! ! # if defined(HAVE_OPENLDAP) && LDAP_API_VERSION > 3000 ! if ((rc = ldap_modify_ext_s(BrowseLDAPHandle, dn, pmods, NULL, NULL)) != LDAP_SUCCESS) ! # else ! if ((rc = ldap_modify_s(BrowseLDAPHandle, dn, pmods)) != LDAPSUCCESS) ! # endif / defined(HAVE_OPENLDAP) && LDAP_API_VERSION > 3000 / ! { ! cupsdLogMessage(CUPSD_LOG_ERROR, ! "LDAP modify for %s failed with status %d: %s", ! p->name, rc, ldap_err2string(rc)); ! if ( LDAP_SERVER_DOWN == rc ) ! ldap_reconnect(); ! } ! } ! } else {

michaelrsweet commented 16 years ago

"str1962.patch":

Index: config-scripts/cups-ldap.m4

--- config-scripts/cups-ldap.m4 (revision 7797) +++ config-scripts/cups-ldap.m4 (working copy) @@ -14,22 +14,34 @@ dnl

AC_ARG_ENABLE(ldap, [ --enable-ldap turn on LDAP support, default=yes]) -AC_ARG_WITH(openldap-libs, [ --with-openldap-libs set directory for OpenLDAP library], +AC_ARG_WITH(ldap-libs, [ --with-ldap-libs set directory for LDAP library], LDFLAGS="-L$withval $LDFLAGS" DSOFLAGS="-L$withval $DSOFLAGS",) -AC_ARG_WITH(openldap-includes, [ --with-openldap-includes

+

CUPS 1.4BrowseLDAPCACertFile

+ +

Examples

+ +
+BrowseLDAPCACertFile /etc/cups/ssl/certs
+
+ +

Description

+ +

The BrowseLDAPCACertFile directive specifies the SSL certificate +authority file to use for LDAP + SSL. The default is undefined.

+ +

CUPS 1.2BrowseLDAPDN

Examples

Index: man/cupsd.conf.man.in

--- man/cupsd.conf.man.in (revision 7797) +++ man/cupsd.conf.man.in (working copy) @@ -146,6 +146,26 @@ .br Specifies the maximum interval between printer information broadcasts. .TP 5 +BrowseLDAPBindDN +.br +Specifies the LDAP domain name to use when registering printers. +.TP 5 +BrowseLDAPCACertFile +.br +Specifies the SSL certificate authority file to use. +.TP 5 +BrowseLDAPDN +.br +Specifies the LDAP domain name to use when discovering printers. +.TP 5 +BrowseLDAPPassword +.br +Specifies the password to use when accessing the LDAP server. +.TP 5 +BrowseLDAPServer +.br +Specifies the LDAP server to use. +.TP 5 BrowseOrder allow,deny .TP 5 BrowseOrder deny,allow

Index: config.h.in

--- config.h.in (revision 7798) +++ config.h.in (working copy) @@ -307,6 +307,10 @@

undef HAVE_LDAP

undef HAVE_OPENLDAP

+#undef HAVE_MOZILLA_LDAP +#undef HAVE_LDAP_SSL_H +#undef HAVE_LDAP_SSL +#undef HAVE_LDAP_REBIND_PROC

/*

Index: scheduler/dirsvc.c

--- scheduler/dirsvc.c (revision 7797) +++ scheduler/dirsvc.c (working copy) @@ -14,55 +14,6 @@ *

-#ifdef HAVE_OPENLDAP +#ifdef HAVE_LDAP static const char * const ldapattrs[] =/* CUPS LDAP attributes / { "printerDescription", @@ -141,7 +121,7 @@ "printerURI", NULL }; -#endif /_ HAVEOPENLDAP / +#endif /_ HAVE_LDAP */

ifdef HAVE_LIBSLP

/* @@ -224,6 +204,11 @@ slp_dereg_printer(p);

endif /* HAVE_LIBSLP */

+#ifdef HAVE_LDAP

+#ifdef HAVE_LDAP_REBIND_PROC +# if defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000) /*

@@ -1125,7 +1529,7 @@ BrowseSLPHandle = NULL;

endif /* HAVE_LIBSLP */

-#ifdef HAVE_OPENLDAP +#ifdef HAVE_LDAP if ((BrowseLocalProtocols | BrowseRemoteProtocols) & BROWSE_LDAP) { if (!BrowseLDAPDN) @@ -1137,84 +1541,13 @@ } else {

- */

- struct berval bv = {0, ""}; /* SASL bind value */

- */

- BrowseLDAPCACertFile);

- }

- */

- rc = ldap_initialize(&BrowseLDAPHandle, BrowseLDAPServer);

- BrowseLDAPPassword, LDAP_AUTH_SIMPLE);

-#ifdef HAVE_OPENLDAP +#ifdef HAVE_LDAP if (((BrowseLocalProtocols | BrowseRemoteProtocols) & BROWSE_LDAP) && BrowseLDAPHandle) {

-#ifdef HAVE_OPENLDAP +#ifdef HAVE_LDAP /*

- ldap_value_free(value);

- ldap_value_free(value);

- ldap_value_free(value);

- ldap_value_free(value);

/*
 * Process the entry as browse data...
 */

@@ -1646,8 +2003,10 @@ location, info, make_model, 0, NULL);

} +

-#ifdef HAVE_OPENLDAP +#ifdef HAVE_LDAP /*

@@ -3243,7 +3941,8 @@ int i; /* Looping var... / LDAPMod mods[7]; / The 7 attributes we will be adding / LDAPMod *pmods[8]; / Pointers to the 7 attributes + NULL */

@@ -3283,63 +4013,153 @@ uri[0] = p->uri; uri[1] = NULL;

+# if defined(HAVE_OPENLDAP) && LDAP_API_VERSION > 3000

+/*

-#ifdef HAVE_OPENLDAP +#ifdef HAVE_LDAP

ifdef __sun

include

endif /* _sun /

include

-#endif /_ HAVEOPENLDAP / +# ifdef HAVE_LDAP_SSL_H +# include +# endif /_ HAVE_LDAP_SSLH / +#endif /_ HAVE_LDAP */

/*