Closed michaelrsweet closed 16 years ago
CUPS.org User: krumboeck
Some example patches and a shell script which show how BrowseTimeout could be handled.
Maybe there should be created a "real" BrowseLDAPForceUpdateInterval.
The shellscript should run as cronjob on the LDAP Server. Maybe we should rewrite it in C (but it shouldn't require a whole cups installation to run).
best regards! Bernd
CUPS.org User: krumboeck
Another patch:
) Removed hardcoded string "ou=printers" in distinguished name ) Support for multiple servers
LDAP tree for BrowseLDAPDN "ou=browse, ou=cups, o=organization c=country" looks like this:
c=country o=organization ou=cups ou=browse ou=printserver1 cn=printer1 cn=printer2 ou=printserver2 cn=printer1 cn=printer2 cn=printer3 ou=printserver3 cn=printer3 ...
I think all of this features are needed to use ldap in a real production environment. Is it possible to add them in 1.2.4 or at least in any later 1.2.x?
best regards! Bernd
CUPS.org User: mike
These changes cannot be part of 1.2.x, as they add a new feature to the current code.
That said, 1.3 isn't too far off, so we can assign this to 1.3.x...
CUPS.org User: krumboeck
Thanks for your answer!
Two (quick) fixes:
cups-1.2.3-ldap-idle.patch: If idletimeout from ldap is less than BrowseInterval the connection time out and browsing doesn't work as expected. Nevertheless the value for idletimeout (in LDAP) should be greater than BrowseInterval!
cups-1.2.3-ldap-startup.patch: LDAP Browsing shouldn't be disabled when ldap server is not reachable at startup. Startup dependencies can only be handled on a local machine, not in large environments.
Sorry for some redundant code segments. I know my coding style is not very elegant.
best regards! Bernd
CUPS.org User: krumboeck
The changes in cups-1.2.7-ldaprefresh-dirsvc.c.patch and cups-1.2.7-ldapupdates.patch will improve the behavior if ldap server is down.
At least the error log file is more readable now. ;)
regards! Bernd
CUPS.org User: mike
Can you post a single patch with all of the current changes in it? I'm not sure what to apply here...
CUPS.org User: krumboeck
Sadly I'm ill (burout syndrom), so every work at the moment is nearly impossible for me.
I uploaded two patches instead of one single file: cups-ldap.patch ... contains any changes except the patch below cups-ldap-redupd.patch ... patch to reduce ldap updates (at least a try)
Two other files are needed: printer.schema ... ldap schema for cups browsing (draft) cups-ldap-cleanup_v2 ... deletes old cups ldap entries (maybe someone could rewrite it in C)
Above patches were created against 1.3svn-r6605. Didn't do any compile or runtime tests, because I don't have the equipment and physical power at the moment.
Sadly the code is not very clean, but I hope it helps for you.
CUPS.org User: mike
In the interests of getting 1.3 out and not introducing buggy code, I'm going to defer these changes to 1.4 when we can spend more time on this.
Thanks for all your work on this, and get better soon! :)
CUPS.org User: krumboeck
It's a pity (because the usability of the ldap code in 1.2/1.3 is very limited). But a wise decision.
Maybe someone can help me testing, when I can continue my work? Any good or bad test results are welcome.
CUPS.org User: pipitas
I'm willing to help you with testing once the patches are in a state that may be applied (or once there is an 'ldap_improvements' branch in CUPS SVN).
But be aware: I'm a beginner in all things LDAP...
CUPS.org User: krumboeck
Instructions for testers:
Changes:
ToDo:
Have a lot of fun!
CUPS.org User: krumboeck
Filename of the patch: cups-1.3.0-ldapimp-2.patch Hopefully the last release of this patch.
Please use the above instructions to install this patch.
Changes: ) Deregister LDAP Server ) Some search optimizations
LDAP server configuration: Create an index for the attribute cn, if you have tons of printers.
CUPS.org User: krumboeck
Patch: cups-1.3.2-ldapimp.patch
Changes:
CUPS.org User: mike
Fixed in Subversion repository.
"cups-1.2.3-ldap_dirsvc.patch":
*\ scheduler/dirsvc.c.orig Wed Sep 6 11:10:18 2006 --- scheduler/dirsvc.c Thu Sep 7 08:30:29 2006
* 28,33 ** --- 28,34 ----
* 36,41 ** --- 37,43 ----
* 833,839 ** --- 835,861 ---- }
/*
* 1015,1020 ** --- 1037,1052 ---- } else {
if (!BrowseLDAPServer || !strcasecmp(BrowseLDAPServer, "localhost")) rc = ldap_sasl_bind_s(BrowseLDAPHandle, NULL, "EXTERNAL", &bv, NULL, NULL, NULL);
* 1194,1200 ** if (((BrowseLocalProtocols | BrowseRemoteProtocols) & BROWSE_LDAP) && BrowseLDAPHandle) { ! ldap_unbind(BrowseLDAPHandle); BrowseLDAPHandle = NULL; }
--- 1226,1232 ---- if (((BrowseLocalProtocols | BrowseRemoteProtocols) & BROWSE_LDAP) && BrowseLDAPHandle) { ! ldap_unbind_ext_s(BrowseLDAPHandle, NULL, NULL); BrowseLDAPHandle = NULL; }
* 1506,1511 ** --- 1538,1619 ----
/*
* 1541,1546 ** --- 1649,1658 ---- cupsdLogMessage(CUPSD_LOG_ERROR, "LDAP search returned error %d: %s", rc, ldap_err2string(rc));
return; }
* 1561,1567 ** * Get the required values from this entry... */
! if ((value = ldap_get_values(BrowseLDAPHandle, e, "printerDescription")) == NULL) continue;
--- 1673,1679 ---- * Get the required values from this entry... */
! if ((value = (char **) ldap_get_values(BrowseLDAPHandle, e, "printerDescription")) == NULL) continue;
* 1568,1574 ** strlcpy(info, *value, sizeof(info)); ldap_value_free(value);
! if ((value = ldap_get_values(BrowseLDAPHandle, e, "printerLocation")) == NULL) continue;
--- 1680,1686 ---- strlcpy(info, *value, sizeof(info)); ldap_value_free(value);
! if ((value = (char **) ldap_get_values(BrowseLDAPHandle, e, "printerLocation")) == NULL) continue;
* 1575,1581 ** strlcpy(location, *value, sizeof(location)); ldap_value_free(value);
! if ((value = ldap_get_values(BrowseLDAPHandle, e, "printerMakeAndModel")) == NULL) continue;
--- 1687,1693 ---- strlcpy(location, *value, sizeof(location)); ldap_value_free(value);
! if ((value = (char **) ldap_get_values(BrowseLDAPHandle, e, "printerMakeAndModel")) == NULL) continue;
* 1582,1588 ** strlcpy(make_model, *value, sizeof(make_model)); ldap_value_free(value);
! if ((value = ldap_get_values(BrowseLDAPHandle, e, "printerType")) == NULL) continue;
--- 1694,1700 ---- strlcpy(make_model, *value, sizeof(make_model)); ldap_value_free(value);
! if ((value = (char **) ldap_get_values(BrowseLDAPHandle, e, "printerType")) == NULL) continue;
* 1589,1595 ** type = atoi(*value); ldap_value_free(value);
! if ((value = ldap_get_values(BrowseLDAPHandle, e, "printerURI")) == NULL) continue;
--- 1701,1707 ---- type = atoi(*value); ldap_value_free(value);
! if ((value = (char **) ldap_get_values(BrowseLDAPHandle, e, "printerURI")) == NULL) continue;
* 2684,2690 ** int i; /* Looping var... / LDAPMod mods[7]; / The 7 attributes we will be adding / LDAPMod *pmods[8]; / Pointers to the 7 attributes + NULL / ! LDAPMessage *res; / Search result token _/ char cnvalue[2], / Change records _/ uri[2], info[2], --- 2796,2803 ---- int i; / Looping var... / LDAPMod mods[7]; / The 7 attributes we will be adding / LDAPMod pmods[8]; / Pointers to the 7 attributes + NULL / ! LDAPMessage res, / Search result token / ! e; / Current entry from search / char cnvalue[2], / Change records / uri[2], info[2],
* 2702,2708 ** --- 2815,2829 ---- "cupsPrinter", NULL };
cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: %s\n", p->name);
/*
* 2727,2736 ** snprintf(filter, sizeof(filter), "(&(objectclass=cupsPrinter)(printerURI=%s))", p->uri);
! ldap_search_s(BrowseLDAPHandle, BrowseLDAPDN, LDAP_SCOPE_SUBTREE, filter, (char **)ldap_attrs, 0, &res); cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: Searching \"%s\"", filter);
mods[0].mod_type = "cn";
mods[0].mod_values = cn_value;
--- 2848,2866 ---- snprintf(filter, sizeof(filter), "(&(objectclass=cupsPrinter)(printerURI=%s))", p->uri);
! rc = ldap_search_s(BrowseLDAPHandle, BrowseLDAPDN, LDAP_SCOPE_SUBTREE, filter, (char **)ldap_attrs, 0, &res); cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: Searching \"%s\"", filter);
}
mods[0].mod_type = "cn"; mods[0].mod_values = cn_value;
* 2753,2776 ** if (ldap_count_entries(BrowseLDAPHandle, res) > 0) { / ! * Printer has already been registered, modify the current ! * registration... /
! cupsdLogMessage(CUPSD_LOG_DEBUG2, ! "send_ldap_browse: Replacing entry...");
! for (i = 0; i < 7; i ++) { ! pmods[i] = mods + i; ! pmods[i]->mod_op = LDAP_MOD_REPLACE; } ! pmods[i] = NULL;
! if ((rc = ldap_modify_s(BrowseLDAPHandle, dn, pmods)) != LDAP_SUCCESS) ! cupsdLogMessage(CUPSD_LOG_ERROR, ! "LDAP modify for %s failed with status %d: %s", ! p->name, rc, ldap_err2string(rc)); } else { --- 2883,2999 ---- if (ldap_count_entries(BrowseLDAPHandle, res) > 0) { / ! * Printer has already been registered, check if ! * modification is required... /
! e = ldap_first_entry(BrowseLDAPHandle, res);
! / ! * Get the required values from this entry... ! _/ ! ! if ((value = (char _) ldap_get_values(BrowseLDAPHandle, e, ! "printerDescription")) == NULL) { ! cupsdLogMessage(CUPSD_LOG_DEBUG, ! "send_ldap_browse: ldap_get printerDescription failed!"); ! old_info[0] = '\0'; } ! else ! { ! strlcpy(old_info, *value, sizeof(old_info)); ! ldap_value_free(value); ! }
! if ((value = (char _) ldap_get_values(BrowseLDAPHandle, e, ! "printerLocation")) == NULL) ! { ! cupsdLogMessage(CUPSD_LOG_DEBUG, ! "send_ldap_browse: ldap_get printerLocation failed!"); ! old_location[0] = '\0'; ! } ! else ! { ! strlcpy(old_location, value, sizeof(old_location)); ! ldap_valuefree(value); ! } ! ! if ((value = (char *) ldap_get_values(BrowseLDAPHandle, e, ! "printerMakeAndModel")) == NULL) ! { ! cupsdLogMessage(CUPSD_LOG_DEBUG, ! "send_ldap_browse: ldap_get printerMakeAndModel failed!"); ! old_make_model[0] = '\0'; ! } ! else ! { ! strlcpy(old_make_model, _value, sizeof(old_make_model)); ! ldap_valuefree(value); ! } ! ! if ((value = (char *) ldap_get_values(BrowseLDAPHandle, e, ! "printerType")) == NULL) ! { ! cupsdLogMessage(CUPSD_LOG_DEBUG, ! "send_ldap_browse: ldap_get printerType failed!"); ! old_type = 0; ! } ! else ! { ! old_type = atoi(_value); ! ldap_valuefree(value); ! } ! ! if ((value = (char *) ldap_get_values(BrowseLDAPHandle, e, ! "printerURI")) == NULL) ! { ! cupsdLogMessage(CUPSD_LOG_DEBUG, ! "send_ldap_browse: ldap_get printerURI failed!"); ! old_uri[0] = '\0'; ! } ! else ! { ! strlcpy(old_uri, _value, sizeof(old_uri)); ! ldap_value_free(value); ! } ! ! if ( ( strcmp(info[0], old_info) == 0 ) ! && ( strcmp(uri[0], old_uri) == 0 ) ! && ( strcmp(location[0], old_location) == 0 ) ! && ( strcmp(make_model[0], old_make_model) == 0 ) ! && ( p->type == old_type )) ! { ! cupsdLogMessage(CUPSD_LOG_DEBUG2, ! "send_ldapbrowse: No update required"); ! } ! else ! { ! ! / ! * Printer has already been registered, modify the current ! * registration... ! */ ! ! cupsdLogMessage(CUPSD_LOG_DEBUG2, ! "send_ldap_browse: Replacing entry..."); ! ! for (i = 0; i < 7; i ++) ! { ! pmods[i] = mods + i; ! pmods[i]->mod_op = LDAP_MOD_REPLACE; ! } ! pmods[i] = NULL; ! ! if ((rc = ldap_modify_s(BrowseLDAPHandle, dn, pmods)) != LDAP_SUCCESS) ! { ! cupsdLogMessage(CUPSD_LOG_ERROR, ! "LDAP modify for %s failed with status %d: %s", ! p->name, rc, ldap_err2string(rc)); ! if ( LDAP_SERVER_DOWN == rc ) ! cupsdReconnectLDAP(); ! } ! } } else {
* 2790,2798 ** --- 3013,3025 ---- pmods[i] = NULL;
if ((rc = ldap_add_s(BrowseLDAPHandle, dn, pmods)) != LDAP_SUCCESS)
"cups-1.2.3-ldaptimeout-conf.c.patch":
*\ scheduler/conf.c.orig Fri Sep 8 21:24:30 2006 --- scheduler/conf.c Fri Sep 8 21:27:06 2006
* 95,100 ** --- 95,101 ---- { "BrowseLDAPPassword", &BrowseLDAPPassword, CUPSD_VARTYPE_STRING }, { "BrowseLDAPServer", &BrowseLDAPServer, CUPSD_VARTYPE_STRING }, { "BrowseLDAPCaCertFile", &BrowseLDAPCaCertFile, CUPSD_VARTYPE_STRING },
{ "BrowseLocalOptions", &BrowseLocalOptions, CUPSD_VARTYPE_STRING }, { "BrowsePort", &BrowsePort, CUPSD_VARTYPEINTEGER }, ****** *\ 427,432 --- 428,434 ---- cupsdClearString(&BrowseLDAPPassword); cupsdClearString(&BrowseLDAPServer); cupsdClearString(&BrowseLDAPCaCertFile);
BrowseLDAPForceUpdate = 0;
JobHistory = DEFAULT_HISTORY;
"cups-1.2.3-ldaptimeout-dirsvc.h.patch":
*\ scheduler/dirsvc.h.orig Fri Sep 8 21:24:39 2006 --- scheduler/dirsvc.h Fri Sep 8 22:30:00 2006
* 158,163 ** --- 158,167 ---- /* LDAP server to use / *BrowseLDAPCaCertFile VALUE(NULL); / LDAP CA CERT file to use */
"cups-1.2.3-ldaptimeout-dirsvc.c.patch":
*\ scheduler/dirsvc.c.orig Fri Sep 8 21:24:42 2006 --- scheduler/dirsvc.c Fri Sep 8 22:44:44 2006
* 2968,2978 ** ldap_value_free(value); }
if ( ( strcmp(info[0], old_info) == 0 )
&& ( strcmp(uri[0], old_uri) == 0 )
&& ( strcmp(location[0], old_location) == 0 )
&& ( strcmp(make_model[0], old_make_model) == 0 )
! && ( p->type == old_type )) { cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: No update required"); --- 2968,2987 ---- ldap_value_free(value); }
if ( ( strcmp(info[0], old_info) == 0 ) && ( strcmp(uri[0], old_uri) == 0 ) && ( strcmp(location[0], old_location) == 0 ) && ( strcmp(make_model[0], old_make_model) == 0 ) ! && ( p->type == old_type ) ! && ((BrowseLDAPIntervalCounter < BrowseLDAPForceUpdate) ! || (BrowseLDAPForceUpdate == 0) ! ) ! ) { cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: No update required");
* 2984,2989 ** --- 2993,3000 ---- * Printer has already been registered, modify the current * registration... */
BrowseLDAPIntervalCounter=0;
cupsdLogMessage(CUPSD_LOG_DEBUG2,
"send_ldap_browse: Replacing entry...");
"cups-1.2.3-ldap_multiple.patch":
*\ scheduler/dirsvc.c.orig Mon Sep 11 10:05:12 2006 --- scheduler/dirsvc.c Mon Sep 11 12:50:13 2006
* 46,51 ** --- 46,52 ----
slp_attr_callback() - SLP attribute callback
* 2797,2802 ** --- 2798,2920 ----
/*
* 2887,2893 ** mods[6].mod_type = "objectClass"; mods[6].mod_values = (char **)objectClass_values;
! snprintf(dn, sizeof(dn), "cn=%s,ou=printers,%s", p->name, BrowseLDAPDN); cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: dn=\"%s\"", dn);
if (ldap_count_entries(BrowseLDAPHandle, res) > 0)
--- 3005,3011 ---- mods[6].mod_type = "objectClass"; mods[6].mod_values = (char **)objectClass_values;
! snprintf(dn, sizeof(dn), "cn=%s, ou=%s, %s", p->name, ServerName, BrowseLDAPDN); cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: dn=\"%s\"", dn);
if (ldap_count_entries(BrowseLDAPHandle, res) > 0)
* 3022,3027 ** --- 3140,3147 ---- * Printer has never been registered, add the current * registration... */
send_ldap_ou(ServerName, BrowseLDAPDN, "CUPS Server");
cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: Adding entry...");
"cups-1.2.3-ldap-idle.patch":
*\ scheduler/dirsvc.c.orig2 Wed Sep 13 13:52:15 2006 --- scheduler/dirsvc.c Wed Sep 13 14:02:26 2006
* 1655,1669 **
rc = ldap_search_s(BrowseLDAPHandle, BrowseLDAPDN, LDAP_SCOPE_SUBTREE,
"(objectclass=cupsPrinter)", (char **)ldap_attrs, 0, &res);
! if (rc != LDAP_SUCCESS) { cupsdLogMessage(CUPSD_LOG_ERROR, "LDAP search returned error %d: %s", rc, ldap_err2string(rc));
! if ( LDAP_SERVER_DOWN == rc ) ! cupsdReconnectLDAP(); ! return; }
--- 1655,1676 ----
rc = ldap_search_s(BrowseLDAPHandle, BrowseLDAPDN, LDAP_SCOPE_SUBTREE,
"(objectclass=cupsPrinter)", (char **)ldap_attrs, 0, &res);
! ! if ( LDAP_SERVER_DOWN == rc ) { cupsdLogMessage(CUPSD_LOG_ERROR, "LDAP search returned error %d: %s", rc, ldap_err2string(rc));
! if (rc != LDAP_SUCCESS) ! { ! cupsdLogMessage(CUPSD_LOG_ERROR, ! "LDAP search returned error %d: %s", rc, ! ldap_err2string(rc)); return; }
* 2849,2861 ** filter, (char **)ou_attrs, 0, &res); cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_ou: Searching \"%s\"", filter); if ( rc != LDAP_SUCCESS ) { cupsdLogMessage(CUPSD_LOG_ERROR, "send_ldap_ou: LDAP search failed with status %d: %s",
--- 2856,2876 ---- filter, (char **)ou_attrs, 0, &res); cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_ou: Searching \"%s\"", filter);
if ( rc != LDAP_SUCCESS ) { cupsdLogMessage(CUPSD_LOG_ERROR, "send_ldap_ou: LDAP search failed with status %d: %s", rc, ldap_err2string(rc)); return; }
* 2980,2992 ** filter, (char **)ldap_attrs, 0, &res); cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: Searching \"%s\"", filter); if ( rc != LDAP_SUCCESS ) { cupsdLogMessage(CUPSD_LOG_ERROR, "send_ldap_browse: LDAP search failed with status %d: %s",
--- 2995,3015 ---- filter, (char **)ldap_attrs, 0, &res); cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: Searching \"%s\"", filter);
if ( rc != LDAP_SUCCESS ) { cupsdLogMessage(CUPSD_LOG_ERROR, "send_ldap_browse: LDAP search failed with status %d: %s", rc, ldap_err2string(rc)); return; }
"cups-1.2.3-ldap-startup.patch":
*\ scheduler/dirsvc.c.orig Thu Sep 14 07:29:06 2006 --- scheduler/dirsvc.c Thu Sep 14 08:00:16 2006
* 1069,1078 ** { cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to bind to LDAP server; " ! "disabling LDAP browsing!"); ldap_unbind_ext(BrowseLDAPHandle, NULL, NULL); ! BrowseLocalProtocols &= ~BROWSE_LDAP; ! BrowseRemoteProtocols &= ~BROWSE_LDAP; } } } --- 1069,1077 ---- { cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to bind to LDAP server; " ! "We will try again later!"); ldap_unbind_ext(BrowseLDAPHandle, NULL, NULL); ! BrowseLDAPHandle = NULL; } } }
* 1646,1651 ** --- 1645,1660 ----
/*
* 2834,2839 ** --- 2843,2858 ----
cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_ou: %s\n", ou);
snprintf(dn, sizeof(dn), "ou=%s, %s", ou, basedn); cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_ou: dn=\"%s\"", dn);
* 2968,2973 ** --- 2987,3002 ----
cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: %s\n", p->name);
}
/*
"cups-1.2.7-ldaprefresh-dirsvc.c.patch":
*\ scheduler/dirsvc.c.orig2 2007-01-05 11:12:14.000000000 +0100 --- scheduler/dirsvc.c 2007-01-05 11:14:14.000000000 +0100
* 1656,1661 ** --- 1656,1669 ----
/*
* 1665,1678 ** return; }
rc = ldap_search_s(BrowseLDAPHandle, BrowseLDAPDN, LDAP_SCOPE_SUBTREE,
"(objectclass=cupsPrinter)", (char **)ldap_attrs, 0, &res);
--- 1673,1678 ----
"cups-1.2.7-ldapupdates.patch":
*\ scheduler/dirsvc.h.orig2 2007-01-06 18:13:04.000000000 +0100 --- scheduler/dirsvc.h 2007-01-06 18:15:12.000000000 +0100
* 160,167 ** /* LDAP CA CERT file to use / VAR int BrowseLDAPForceUpdate VALUE(0), / Force update every N-th browse intervals / ! BrowseLDAPIntervalCounter VALUE(30000); / browse interval counter _/
--- 160,169 ---- /* LDAP CA CERT file to use / VAR int BrowseLDAPForceUpdate VALUE(0), / Force update every N-th browse intervals / ! BrowseLDAPIntervalCounter VALUE(30000), / browse interval counter */
*\ scheduler/dirsvc.c.orig2 2007-01-06 17:52:03.000000000 +0100 --- scheduler/dirsvc.c 2007-01-06 18:53:31.000000000 +0100
* 1691,1698 ** --- 1691,1710 ---- cupsdLogMessage(CUPSD_LOG_ERROR, "LDAP search returned error %d: %s", rc, ldap_err2string(rc));
}
limit = ldap_count_entries(BrowseLDAPHandle, res); cupsdLogMessage(CUPSD_LOG_DEBUG2, "LDAP search returned %d entries", limit);
* 2996,3001 ** --- 3008,3017 ---- int old_type; /* Printer type */
}
cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: %s\n", p->name);
* 3050,3055 ** --- 3066,3077 ---- cupsdLogMessage(CUPSD_LOG_ERROR, "send_ldap_browse: LDAP search failed with status %d: %s", rc, ldap_err2string(rc));
"cups-ldap.patch":
diff -ur cups-1.3svn-r6605/scheduler/dirsvc.c cups-1.3svn-r6605-bek/scheduler/dirsvc.c --- cups-1.3svn-r6605/scheduler/dirsvc.c 2007-06-21 20:22:22.000000000 +0200 +++ cups-1.3svn-r6605-bek/scheduler/dirsvc.c 2007-07-11 17:40:18.000000000 +0200 @@ -31,6 +31,7 @@
+#if defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000) +/*
+ + if (!BrowseLDAPServer || !strcasecmp(BrowseLDAPServer, "localhost")) rc = ldap_sasl_bind_s(BrowseLDAPHandle, NULL, "EXTERNAL", &bv, NULL, NULL, NULL); @@ -1117,10 +1150,9 @@ { cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to bind to LDAP server; "
ldap_unbind_ext_s(BrowseLDAPHandle, NULL, NULL); BrowseLDAPHandle = NULL; }
@@ -1370,6 +1402,82 @@
/*
+
@@ -1398,15 +1506,48 @@
BrowseLDAPRefresh = time(NULL) + BrowseInterval;
}
limit = ldap_count_entries(BrowseLDAPHandle, res); cupsdLogMessage(CUPSD_LOG_DEBUG2, "LDAP search returned %d entries", limit); @@ -1425,35 +1566,35 @@
if ((value = (char **) ldap_get_values(BrowseLDAPHandle, e, "printerDescription")) == NULL) continue;
strlcpy(info, *value, sizeof(info)); ldap_value_free(value);
if ((value = (char **) ldap_get_values(BrowseLDAPHandle, e, "printerLocation")) == NULL) continue;
strlcpy(location, *value, sizeof(location)); ldap_value_free(value);
if ((value = (char **) ldap_get_values(BrowseLDAPHandle, e, "printerMakeAndModel")) == NULL) continue;
strlcpy(make_model, *value, sizeof(make_model)); ldap_value_free(value);
if ((value = (char **) ldap_get_values(BrowseLDAPHandle, e, "printerType")) == NULL) continue;
type = atoi(*value); ldap_value_free(value);
@@ -2993,6 +3134,141 @@
/*
@@ -3002,7 +3278,8 @@ int i; /* Looping var... / LDAPMod mods[7]; / The 7 attributes we will be adding / LDAPMod *pmods[8]; / Pointers to the 7 attributes + NULL */
}
cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: %s\n", p->name);
/*
@@ -3045,11 +3344,34 @@ snprintf(filter, sizeof(filter), "(&(objectclass=cupsPrinter)(printerURI=%s))", p->uri);
snprintf(dn, sizeof(dn), "cn=%s, ou=%s, %s", p->name, ServerName, BrowseLDAPDN); cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: dn=\"%s\"", dn);
if (ldap_count_entries(BrowseLDAPHandle, res) > 0) { /*
@@ -3108,9 +3525,13 @@ pmods[i] = NULL;
if ((rc = ldap_add_s(BrowseLDAPHandle, dn, pmods)) != LDAP_SUCCESS)
diff -ur cups-1.3svn-r6605/scheduler/dirsvc.h cups-1.3svn-r6605-bek/scheduler/dirsvc.h --- cups-1.3svn-r6605/scheduler/dirsvc.h 2007-03-21 07:39:10.000000000 +0100 +++ cups-1.3svn-r6605-bek/scheduler/dirsvc.h 2007-07-11 17:44:54.000000000 +0200 @@ -154,8 +154,10 @@ / LDAP search DN / BrowseLDAPPassword VALUE(NULL), /_ LDAP login password /
"cups-ldap-redupd.patch":
diff -ur cups-1.3svn-r6605-bek/scheduler/conf.c cups-1.3svn-r6605-bek2/scheduler/conf.c --- cups-1.3svn-r6605-bek/scheduler/conf.c 2007-06-04 16:38:43.000000000 +0200 +++ cups-1.3svn-r6605-bek2/scheduler/conf.c 2007-07-11 17:53:33.000000000 +0200 @@ -94,6 +94,7 @@ { "BrowseLDAPDN", &BrowseLDAPDN, CUPSD_VARTYPE_STRING }, { "BrowseLDAPPassword", &BrowseLDAPPassword, CUPSD_VARTYPE_STRING }, { "BrowseLDAPServer", &BrowseLDAPServer, CUPSD_VARTYPE_STRING },
{ "BrowseLocalOptions", &BrowseLocalOptions, CUPSD_VARTYPE_STRING }, { "BrowsePort", &BrowsePort, CUPSD_VARTYPE_INTEGER }, @@ -564,6 +565,7 @@ cupsdClearString(&BrowseLDAPDN); cupsdClearString(&BrowseLDAPPassword); cupsdClearString(&BrowseLDAPServer);
BrowseLDAPForceUpdate = 0;
JobHistory = DEFAULT_HISTORY; diff -ur cups-1.3svn-r6605-bek/scheduler/dirsvc.c cups-1.3svn-r6605-bek2/scheduler/dirsvc.c --- cups-1.3svn-r6605-bek/scheduler/dirsvc.c 2007-07-11 17:40:18.000000000 +0200 +++ cups-1.3svn-r6605-bek2/scheduler/dirsvc.c 2007-07-11 17:59:08.000000000 +0200 @@ -3468,11 +3468,20 @@ ldap_value_free(value); }
)
{ cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: No update required"); @@ -3485,6 +3494,8 @@
BrowseLDAPIntervalCounter=0;
+ cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: Replacing entry...");
diff -ur cups-1.3svn-r6605-bek/scheduler/dirsvc.h cups-1.3svn-r6605-bek2/scheduler/dirsvc.h --- cups-1.3svn-r6605-bek/scheduler/dirsvc.h 2007-07-11 17:59:36.000000000 +0200 +++ cups-1.3svn-r6605-bek2/scheduler/dirsvc.h 2007-07-11 17:58:45.000000000 +0200 @@ -156,8 +156,12 @@ /* LDAP login password / *BrowseLDAPServer VALUE(NULL), / LDAP server to use / -VAR int BrowseLDAPUpdate VALUE(TRUE); +VAR int BrowseLDAPUpdate VALUE(TRUE), / enables LDAP updates */
"cups-1.3.0-ldapimp.patch":
*\ config-scripts/cups-ldap.m4 Wed Jul 11 23:46:42 2007 --- ../../BUILD/cups-1.3.0/config-scripts/cups-ldap.m4 Thu Sep 13 11:44:47 2007
* 14,24 ** dnl
AC_ARG_ENABLE(ldap, [ --enable-ldap turn on LDAP support, default=yes]) ! AC_ARG_WITH(openldap-libs, [ --with-openldap-libs set directory for OpenLDAP library], LDFLAGS="-L$withval $LDFLAGS" DSOFLAGS="-L$withval $DSOFLAGS",) ! AC_ARG_WITH(openldap-includes, [ --with-openldap-includes ! set directory for OpenLDAP includes], CFLAGS="-I$withval $CFLAGS" CXXFLAGS="-I$withval $CXXFLAGS" CPPFLAGS="-I$withval $CPPFLAGS",) --- 14,24 ---- dnl
AC_ARG_ENABLE(ldap, [ --enable-ldap turn on LDAP support, default=yes]) ! AC_ARG_WITH(ldap-libs, [ --with-ldap-libs set directory for LDAP library], LDFLAGS="-L$withval $LDFLAGS" DSOFLAGS="-L$withval $DSOFLAGS",) ! AC_ARG_WITH(ldap-includes, [ --with-ldap-includes ! set directory for LDAP includes], CFLAGS="-I$withval $CFLAGS" CXXFLAGS="-I$withval $CXXFLAGS" CPPFLAGS="-I$withval $CPPFLAGS",)
* 26,36 ** LIBLDAP=""
if test x$enable_ldap != xno; then ! AC_CHECK_HEADER(ldap.h, AC_CHECK_LIB(ldap, ldap_initialize, ! AC_DEFINE(HAVE_LDAP) ! AC_DEFINE(HAVE_OPENLDAP) ! LIBLDAP="-lldap")) fi
AC_SUBST(LIBLDAP) --- 26,49 ---- LIBLDAP=""
if test x$enable_ldap != xno; then
! AC_CHECK_HEADER(ldap.h, [
AC_CHECK_LIB(ldap, ldap_initialize,
! AC_DEFINE(HAVE_LDAP)
! AC_DEFINE(HAVE_OPENLDAP)
! LIBLDAP="-lldap"
! AC_CHECK_LIB(ldap, ldap_start_tls,
! AC_DEFINE(HAVE_LDAP_SSL))
! ,
! AC_CHECK_LIB(ldap, ldap_init,
! AC_DEFINE(HAVE_LDAP)
! AC_DEFINE(HAVE_MOZILLA_LDAP)
! LIBLDAP="-lldap"
! AC_CHECK_HEADER(ldap_ssl.h, AC_DEFINE(HAVE_LDAP_SSL_H),,[#include
AC_SUBST(LIBLDAP) *\ config.h.in Wed Aug 1 21:02:47 2007 --- ../../BUILD/cups-1.3.0/config.h.in Thu Sep 13 11:44:47 2007
* 297,302 ** --- 297,306 ----
/* *\ scheduler/dirsvc.h Wed Jul 11 23:46:42 2007 --- ../../BUILD/cups-1.3.0/scheduler/dirsvc.h Thu Sep 13 11:44:47 2007
* 22,33 **
! #ifdef HAVE_OPENLDAP
! #endif /_ HAVE_OPENLDAP */
/*
! #ifdef HAVE_LDAP
! # ifdef HAVE_LDAP_SSL_H
! # include
/*
Browse protocols...
* 133,142 **
VAR LDAP BrowseLDAPHandle VALUE(NULL); / Handle to LDAP server */
VAR timet BrowseLDAPRefresh VALUE(0); / Next LDAP refresh time / VAR char BrowseLDAPBindDN VALUE(NULL), --- 136,143 ---- ***** *\ 145,154 /* LDAP search DN / *BrowseLDAPPassword VALUE(NULL), / LDAP login password / ! *BrowseLDAPServer VALUE(NULL), / LDAP server to use / ! *BrowseLDAPCACertFile VALUE(NULL); / LDAP CA CERT file to use _/
--- 146,159 ---- /* LDAP search DN / *BrowseLDAPPassword VALUE(NULL), / LDAP login password / ! *BrowseLDAPServer VALUE(NULL); / LDAP server to use / ! VAR int BrowseLDAPUpdate VALUE(TRUE); ! / enables LDAP updates _/ ! # ifdef HAVE_LDAPSSL ! VAR char *BrowseLDAPCACertFile VALUE(NULL); / LDAP CA CERT file to use */
*\ scheduler/dirsvc.c Thu Jul 19 21:09:46 2007 --- ../../BUILD/cups-1.3.0/scheduler/dirsvc.c Thu Sep 13 11:44:48 2007
* 44,49 ** --- 44,58 ----
* 92,98 ** --- 101,135 ---- static void process_implicit_classes(void); static void send_cups_browse(cupsd_printer_t *p);
static void send_slp_browse(cupsd_printert p); ***** *\ 101,107 static void update_polling(void);
! #ifdef HAVE_OPENLDAP static const char * const ldap_attrs[] =/* CUPS LDAP attributes */ { "printerDescription", --- 138,144 ---- static void update_polling(void);
! #ifdef HAVE_LDAP static const char * const ldap_attrs[] =/* CUPS LDAP attributes */ { "printerDescription",
* 111,117 ** "printerURI", NULL }; ! #endif /* HAVE_OPENLDAP */
/ --- 148,154 ---- "printerURI", NULL }; ! #endif /* HAVE_LDAP /
/*
* 214,219 ** --- 251,261 ---- slp_dereg_printer(p);
if (removeit && (BrowseLocalProtocols & BROWSE_DNSSD)) dnssdDeregisterPrinter(p);
* 918,924 ** --- 960,1385 ---- }
/*
* 1047,1053 ** BrowseSLPHandle = NULL;
! #ifdef HAVE_OPENLDAP if ((BrowseLocalProtocols | BrowseRemoteProtocols) & BROWSE_LDAP) { if (!BrowseLDAPDN) --- 1508,1514 ---- BrowseSLPHandle = NULL;
! #ifdef HAVE_LDAP if ((BrowseLocalProtocols | BrowseRemoteProtocols) & BROWSE_LDAP) { if (!BrowseLDAPDN)
* 1059,1142 **
}
else
{
! /*
! * Open LDAP handle...
! /
!
! int rc; / LDAP API status /
! int version = 3; / LDAP version /
! struct berval bv = {0, ""}; / SASL bind value /
!
!
! /
! * Set the certificate file to use for encrypted LDAP sessions...
! _/
!
! if (BrowseLDAPCACertFile)
! {
! cupsdLogMessage(CUPSD_LOG_DEBUG,
! "cupsdStartBrowsing: Setting CA certificate file \"%s\"",
! BrowseLDAPCACertFile);
!
! if ((rc = ldap_set_option(NULL, LDAP_OPT_X_TLS_CACERTFILE,
! (void )BrowseLDAPCACertFile))
! != LDAP_SUCCESS)
! cupsdLogMessage(CUPSD_LOG_ERROR,
! "Unable to set CA certificate file for LDAP "
! "connections: %d - %s", rc, ldaperr2string(rc));
! }
!
! /
! * LDAP stuff currently only supports ldapi EXTERNAL SASL binds...
! /
!
! if (!BrowseLDAPServer || !strcasecmp(BrowseLDAPServer, "localhost"))
! rc = ldap_initialize(&BrowseLDAPHandle, "ldapi:///");
! else
! rc = ldap_initialize(&BrowseLDAPHandle, BrowseLDAPServer);
!
! if (rc != LDAP_SUCCESS)
! {
! cupsdLogMessage(CUPSD_LOG_ERROR,
! "Unable to initialize LDAP; disabling LDAP browsing!");
! BrowseLocalProtocols &= ~BROWSE_LDAP;
! BrowseRemoteProtocols &= ~BROWSE_LDAP;
! }
! else if (ldap_set_option(BrowseLDAPHandle, LDAP_OPT_PROTOCOL_VERSION,
! (const void *)&version) != LDAP_SUCCESS)
! {
! ldap_unbind_ext(BrowseLDAPHandle, NULL, NULL);
! BrowseLDAPHandle = NULL;
! cupsdLogMessage(CUPSD_LOG_ERROR,
! "Unable to set LDAP protocol version; "
! "disabling LDAP browsing!");
! BrowseLocalProtocols &= ~BROWSE_LDAP;
! BrowseRemoteProtocols &= ~BROWSE_LDAP;
! }
! else
! {
! if (!BrowseLDAPServer || !strcasecmp(BrowseLDAPServer, "localhost"))
! rc = ldap_sasl_bind_s(BrowseLDAPHandle, NULL, "EXTERNAL", &bv, NULL,
! NULL, NULL);
! else
! rc = ldap_bind_s(BrowseLDAPHandle, BrowseLDAPBindDN,
! BrowseLDAPPassword, LDAP_AUTH_SIMPLE);
!
! if (rc != LDAP_SUCCESS)
! {
! cupsdLogMessage(CUPSD_LOG_ERROR,
! "Unable to bind to LDAP server; "
! "disabling LDAP browsing!");
! ldap_unbind_ext(BrowseLDAPHandle, NULL, NULL);
! BrowseLocalProtocols &= ~BROWSE_LDAP;
! BrowseRemoteProtocols &= ~BROWSE_LDAP;
! }
! }
}
BrowseLDAPRefresh = 0;
}
! #endif /* HAVE_OPENLDAP */
/ * Register the individual printers --- 1520,1532 ---- } else { ! /* Open LDAP handle... / ! BrowseLDAPHandle = ldap_connect(); }
BrowseLDAPRefresh = 0;
}
! #endif /* HAVE_LDAP */
/ \ Register the individual printers
* 1310,1323 ** }
! #ifdef HAVE_OPENLDAP if (((BrowseLocalProtocols | BrowseRemoteProtocols) & BROWSE_LDAP) && BrowseLDAPHandle) { ! ldap_unbind(BrowseLDAPHandle); BrowseLDAPHandle = NULL; } ! #endif /* HAVE_OPENLDAP */ }
--- 1700,1713 ---- }
! #ifdef HAVE_LDAP if (((BrowseLocalProtocols | BrowseRemoteProtocols) & BROWSE_LDAP) && BrowseLDAPHandle) { ! ldap_disconnect(BrowseLDAPHandle); BrowseLDAPHandle = NULL; } ! #endif /* HAVE_LDAP */ }
* 1377,1383 **
! #ifdef HAVE_OPENLDAP /*
! #ifdef HAVE_LDAP /*
'cupsdUpdateLDAPBrowse()' - Scan for new printers via LDAP... */
* 1391,1397 ** location[1024], /* Printer location / info[1024], / Printer information _/ makemodel[1024], / Printer make and model _/ ! value; /* Holds the returned data from LDAP / int type; / Printer type / int rc; / LDAP status / int limit; / Size limit / --- 1781,1787 ---- location[1024], / Printer location / info[1024], / Printer information / makemodel[1024], / Printer make and model _/ ! typenum[30]; / Printer type number / int type; / Printer type / int rc; / LDAP status / int limit; / Size limit /
* 1398,1426 ** LDAPMessage res, / LDAP search results / *e; / Current entry from search */
/ ! * Search for printers... /
! cupsdLogMessage(CUPSD_LOG_DEBUG2, "UpdateLDAPBrowse: %s", ServerName);
! BrowseLDAPRefresh = time(NULL) + BrowseInterval;
! rc = ldap_search_s(BrowseLDAPHandle, BrowseLDAPDN, LDAP_SCOPE_SUBTREE, "(objectclass=cupsPrinter)", (char **)ldap_attrs, 0, &res); if (rc != LDAP_SUCCESS) { ! cupsdLogMessage(CUPSD_LOG_ERROR, ! "LDAP search returned error %d: %s", rc, ! ldap_err2string(rc)); return; }
limit = ldap_count_entries(BrowseLDAPHandle, res);
cupsdLogMessage(CUPSD_LOG_DEBUG2, "LDAP search returned %d entries", limit);
if (limit < 1)
return;
/ * Loop through the available printers... --- 1788,1852 ---- LDAPMessage res, / LDAP search results _/ e; /_ Current entry from search */
/ ! * Reconnect if LDAP Handle is invalid... /
! if (! BrowseLDAPHandle) ! { ! ldap_reconnect(); ! return; ! }
! / ! * Search for cups printers in LDAP directory... ! /
! rc = ldap_search_rec(BrowseLDAPHandle, BrowseLDAPDN, LDAP_SCOPE_SUBTREE, "(objectclass=cupsPrinter)", (char **)ldap_attrs, 0, &res);
limit = ldap_count_entries(BrowseLDAPHandle, res); cupsdLogMessage(CUPSD_LOG_DEBUG2, "LDAP search returned %d entries", limit); if (limit < 1)
}
/*
* 1434,1474 **
! if ((value = ldap_get_values(BrowseLDAPHandle, e, ! "printerDescription")) == NULL) continue;
! strlcpy(info, *value, sizeof(info)); ! ldap_value_free(value); ! ! if ((value = ldap_get_values(BrowseLDAPHandle, e, ! "printerLocation")) == NULL) continue;
! strlcpy(location, *value, sizeof(location)); ! ldap_value_free(value); ! ! if ((value = ldap_get_values(BrowseLDAPHandle, e, ! "printerMakeAndModel")) == NULL) continue;
! strlcpy(make_model, *value, sizeof(make_model)); ! ldap_value_free(value); ! ! if ((value = ldap_get_values(BrowseLDAPHandle, e, ! "printerType")) == NULL) continue;
! type = atoi(*value); ! ldap_value_free(value);
! if ((value = ldap_get_values(BrowseLDAPHandle, e, ! "printerURI")) == NULL) continue;
/*
* Process the entry as browse data...
*/
--- 1860,1887 ---- * Get the required values from this entry... */
! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerDescription", info, sizeof(info)) == -1) continue;
! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerLocation", location, sizeof(location)) == -1) continue;
! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerMakeAndModel", make_model, sizeof(make_model)) == -1) continue;
! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerType", type_num, sizeof(type_num)) == -1) continue;
! type = atoi(type_num);
! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerURI", uri, sizeof(uri)) == -1) continue;
/*
* Process the entry as browse data...
*/
* 1478,1485 ** location, info, make_model, 0, NULL);
}
} ! #endif /* HAVE_OPENLDAP */
--- 1891,1900 ---- location, info, make_model, 0, NULL);
}
ldap_freeres(res); } ! #endif /* HAVE_LDAP */
* 3000,3007 ** }
! #ifdef HAVE_OPENLDAP /*
--- 3415,3756 ---- }
! #ifdef HAVE_LDAP /*
* 3011,3017 ** int i; /* Looping var... / LDAPMod mods[7]; / The 7 attributes we will be adding / LDAPMod *pmods[8]; / Pointers to the 7 attributes + NULL / ! LDAPMessage *res; / Search result token _/ char cnvalue[2], / Change records _/ uri[2], info[2], --- 3760,3767 ---- int i; / Looping var... / LDAPMod mods[7]; / The 7 attributes we will be adding / LDAPMod pmods[8]; / Pointers to the 7 attributes + NULL / ! LDAPMessage res, / Search result token / ! e; / Current entry from search / char cnvalue[2], / Change records / uri[2], info[2],
* 3029,3038 ** "cupsPrinter", NULL };
! cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: %s\n", p->name);
/ * Everything in ldap is * so we fudge around it... */
--- 3779,3815 ---- "cupsPrinter", NULL };
! cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: %s", p->name);
/*
* 3051,3064 ** uri[0] = p->uri; uri[1] = NULL;
snprintf(filter, sizeof(filter),
"(&(objectclass=cupsPrinter)(printerURI=%s))", p->uri);
filter, (char **)ldap_attrs, 0, &res);
cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: Searching \"%s\"", filter);
mods[0].mod_type = "cn"; mods[0].mod_values = cn_value; mods[1].mod_type = "printerDescription"; --- 3828,3864 ---- uri[0] = p->uri; uri[1] = NULL;
snprintf(filter, sizeof(filter), "(&(objectclass=cupsPrinter)(printerURI=%s))", p->uri);
cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: Searching \"%s\"", filter);
filter, (char **)ldap_attrs, 0, &res);
mods[0].mod_type = "cn"; mods[0].mod_values = cn_value; mods[1].mod_type = "printerDescription";
* 3074,3113 ** mods[6].mod_type = "objectClass"; mods[6].mod_values = (char **)objectClass_values;
! snprintf(dn, sizeof(dn), "cn=%s,ou=printers,%s", p->name, BrowseLDAPDN); cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: dn=\"%s\"", dn);
if (ldap_count_entries(BrowseLDAPHandle, res) > 0)
{
/*
! * Printer has already been registered, modify the current ! * registration... */
! cupsdLogMessage(CUPSD_LOG_DEBUG2, ! "send_ldap_browse: Replacing entry...");
! for (i = 0; i < 7; i ++) { ! pmods[i] = mods + i; ! pmods[i]->mod_op = LDAP_MOD_REPLACE; } ! pmods[i] = NULL;
! if ((rc = ldap_modify_s(BrowseLDAPHandle, dn, pmods)) != LDAP_SUCCESS) ! cupsdLogMessage(CUPSD_LOG_ERROR, ! "LDAP modify for %s failed with status %d: %s", ! p->name, rc, ldap_err2string(rc)); } else { / * Printer has never been registered, add the current * registration... /
cupsdLogMessage(CUPSD_LOG_DEBUG2,
! "send_ldap_browse: Adding entry...");
for (i = 0; i < 7; i ++)
{
--- 3874,3987 ---- mods[6].mod_type = "objectClass"; mods[6].mod_values = (char **)objectClass_values;
! snprintf(dn, sizeof(dn), "cn=%s, ou=%s, %s", p->name, ServerName, BrowseLDAPDN); cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: dn=\"%s\"", dn);
if (ldap_count_entries(BrowseLDAPHandle, res) > 0) { / ! * Printer has already been registered, check if ! * modification is required... /
! e = ldap_first_entry(BrowseLDAPHandle, res);
! / ! * Get the required values from this entry... ! _/ ! ! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerDescription", old_info, sizeof(old_info)) == -1) ! old_info[0] = '\0'; ! ! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerLocation", old_location, sizeof(old_location)) == -1) ! old_info[0] = '\0'; ! ! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerMakeAndModel", old_make_model, sizeof(old_make_model)) == -1) ! old_info[0] = '\0'; ! ! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerType", old_type_string, sizeof(old_type_string)) == -1) ! old_info[0] = '\0'; ! ! old_type = atoi(old_type_string); ! ! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerURI", old_uri, sizeof(old_uri)) == -1) ! oldinfo[0] = '\0'; ! ! / ! * Check if modification is required... ! _/ ! ! if ( ( strcmp(info[0], old_info) == 0 ) ! && ( strcmp(uri[0], old_uri) == 0 ) ! && ( strcmp(location[0], old_location) == 0 ) ! && ( strcmp(make_model[0], old_make_model) == 0 ) ! && ( p->type == oldtype ) ! ) { ! / ! * LDAP entry for the printer exists. ! * Printer has already been registered, ! * no modifications required... ! / ! cupsdLogMessage(CUPSD_LOG_DEBUG2, ! "send_ldap_browse: No updates required for %s", p->name); } ! else ! {
! / ! * LDAP entry for the printer exists. ! * Printer has already been registered, modify the current ! * registration... ! _/ ! ! cupsdLogMessage(CUPSD_LOG_DEBUG2, ! "send_ldap_browse: Replace entry for %s", p->name); ! ! for (i = 0; i < 7; i ++) ! { ! pmods[i] = mods + i; ! pmods[i]->mod_op = LDAP_MOD_REPLACE; ! } ! pmods[i] = NULL; ! ! # if defined(HAVE_OPENLDAP) && LDAP_API_VERSION > 3000 ! if ((rc = ldap_modify_ext_s(BrowseLDAPHandle, dn, pmods, NULL, NULL)) != LDAP_SUCCESS) ! # else ! if ((rc = ldap_modify_s(BrowseLDAPHandle, dn, pmods)) != LDAPSUCCESS) ! # endif / defined(HAVE_OPENLDAP) && LDAP_API_VERSION > 3000 / ! { ! cupsdLogMessage(CUPSD_LOG_ERROR, ! "LDAP modify for %s failed with status %d: %s", ! p->name, rc, ldap_err2string(rc)); ! if ( LDAP_SERVER_DOWN == rc ) ! ldap_reconnect(); ! } ! } ! } else {
/*
* No LDAP entry exists for the printer.
send_ldap_ou(ServerName, BrowseLDAPDN, "CUPS Server");
cupsdLogMessage(CUPSD_LOG_DEBUG2, ! "send_ldap_browse: Add entry for %s", p->name);
for (i = 0; i < 7; i ++) {
* 3116,3128 ** } pmods[i] = NULL;
if ((rc = ldap_add_s(BrowseLDAPHandle, dn, pmods)) != LDAP_SUCCESS) cupsdLogMessage(CUPSD_LOG_ERROR, "LDAP add for %s failed with status %d: %s", p->name, rc, ldap_err2string(rc)); } } ! #endif /* HAVE_OPENLDAP */
--- 3990,4076 ---- } pmods[i] = NULL;
if ((rc = ldap_add_s(BrowseLDAPHandle, dn, pmods)) != LDAP_SUCCESS)
}
ldap_freeres(res); } ! ! ! / ! * 'ldap_deregprinter()' - Delete printer from directory ! / ! ! static void ! ldap_dereg_printer(cupsd_printer_t p) / I - Printer to deregister / ! { ! char dn[1024]; / DN of the printer / ! int rc; / LDAP status / ! ! cupsdLogMessage(CUPSD_LOG_DEBUG2, "ldap_deregprinter: Remove entry for %s", p->name); ! ! / ! * Reconnect if LDAP Handle is invalid... ! _/ ! ! if (! BrowseLDAPHandle) ! { ! ldapreconnect(); ! return; ! } ! ! / ! * Get dn for printer and delete LDAP entry... ! _/ ! ! snprintf(dn, sizeof(dn), "cn=%s, ou=%s, %s", p->name, ServerName, BrowseLDAPDN); ! cupsdLogMessage(CUPSD_LOG_DEBUG2, "ldap_dereg_printer: dn=\"%s\"", dn); ! ! # if defined(HAVE_OPENLDAP) && LDAP_API_VERSION > 3000 ! if ((rc = ldap_delete_ext_s(BrowseLDAPHandle, dn, NULL, NULL)) != LDAP_SUCCESS) ! # else ! if ((rc = ldap_delete_s(BrowseLDAPHandle, dn)) != LDAPSUCCESS) ! # endif / defined(HAVE_OPENLDAP) && LDAP_APIVERSION > 3000 / ! { ! cupsdLogMessage(CUPSD_LOG_WARN, ! "LDAP delete for %s failed with status %d: %s", ! p->name, rc, ldaperr2string(rc)); ! ! / ! * If we had a connection problem (connection timed out, etc.) ! * we should reconnect and try again to delete the entry... ! _/ ! ! if ((rc == LDAP_SERVER_DOWN) || (rc == LDAP_CONNECT_ERROR)) ! { ! cupsdLogMessage(CUPSD_LOG_INFO, ! "Retry deleting LDAP entry for %s after a reconnect...", p->name); ! ldap_reconnect(); ! # if defined(HAVE_OPENLDAP) && LDAP_API_VERSION > 3000 ! if ((rc = ldap_delete_ext_s(BrowseLDAPHandle, dn, NULL, NULL)) != LDAP_SUCCESS) ! # else ! if ((rc = ldap_delete_s(BrowseLDAPHandle, dn)) != LDAPSUCCESS) ! # endif / defined(HAVE_OPENLDAP) && LDAP_APIVERSION > 3000 / ! cupsdLogMessage(CUPSD_LOG_WARN, ! "LDAP delete for %s failed with status %d: %s", ! p->name, rc, ldaperr2string(rc)); ! } ! ! } ! } ! #endif / HAVE_LDAP */
"cups-1.3.0-ldapimp-2.patch":
*\ config-scripts/cups-ldap.m4 Wed Jul 11 23:46:42 2007 --- ../../BUILD/cups-1.3.0/config-scripts/cups-ldap.m4 Mon Sep 17 20:36:46 2007
* 14,24 ** dnl
AC_ARG_ENABLE(ldap, [ --enable-ldap turn on LDAP support, default=yes]) ! AC_ARG_WITH(openldap-libs, [ --with-openldap-libs set directory for OpenLDAP library], LDFLAGS="-L$withval $LDFLAGS" DSOFLAGS="-L$withval $DSOFLAGS",) ! AC_ARG_WITH(openldap-includes, [ --with-openldap-includes ! set directory for OpenLDAP includes], CFLAGS="-I$withval $CFLAGS" CXXFLAGS="-I$withval $CXXFLAGS" CPPFLAGS="-I$withval $CPPFLAGS",) --- 14,24 ---- dnl
AC_ARG_ENABLE(ldap, [ --enable-ldap turn on LDAP support, default=yes]) ! AC_ARG_WITH(ldap-libs, [ --with-ldap-libs set directory for LDAP library], LDFLAGS="-L$withval $LDFLAGS" DSOFLAGS="-L$withval $DSOFLAGS",) ! AC_ARG_WITH(ldap-includes, [ --with-ldap-includes ! set directory for LDAP includes], CFLAGS="-I$withval $CFLAGS" CXXFLAGS="-I$withval $CXXFLAGS" CPPFLAGS="-I$withval $CPPFLAGS",)
* 26,36 ** LIBLDAP=""
if test x$enable_ldap != xno; then ! AC_CHECK_HEADER(ldap.h, AC_CHECK_LIB(ldap, ldap_initialize, ! AC_DEFINE(HAVE_LDAP) ! AC_DEFINE(HAVE_OPENLDAP) ! LIBLDAP="-lldap")) fi
AC_SUBST(LIBLDAP) --- 26,49 ---- LIBLDAP=""
if test x$enable_ldap != xno; then
! AC_CHECK_HEADER(ldap.h, [
AC_CHECK_LIB(ldap, ldap_initialize,
! AC_DEFINE(HAVE_LDAP)
! AC_DEFINE(HAVE_OPENLDAP)
! LIBLDAP="-lldap"
! AC_CHECK_LIB(ldap, ldap_start_tls,
! AC_DEFINE(HAVE_LDAP_SSL))
! ,
! AC_CHECK_LIB(ldap, ldap_init,
! AC_DEFINE(HAVE_LDAP)
! AC_DEFINE(HAVE_MOZILLA_LDAP)
! LIBLDAP="-lldap"
! AC_CHECK_HEADER(ldap_ssl.h, AC_DEFINE(HAVE_LDAP_SSL_H),,[#include
AC_SUBST(LIBLDAP) *\ config.h.in Wed Aug 1 21:02:47 2007 --- ../../BUILD/cups-1.3.0/config.h.in Mon Sep 17 20:36:46 2007
* 297,302 ** --- 297,306 ----
/* *\ scheduler/dirsvc.h Wed Jul 11 23:46:42 2007 --- ../../BUILD/cups-1.3.0/scheduler/dirsvc.h Tue Sep 18 09:02:12 2007
* 22,33 **
! #ifdef HAVE_OPENLDAP
! #endif /_ HAVE_OPENLDAP */
/*
! #ifdef HAVE_LDAP
! # ifdef HAVE_LDAP_SSL_H
! # include
/*
Browse protocols...
* 133,142 **
VAR LDAP BrowseLDAPHandle VALUE(NULL); / Handle to LDAP server */
VAR timet BrowseLDAPRefresh VALUE(0); / Next LDAP refresh time / VAR char BrowseLDAPBindDN VALUE(NULL), --- 136,143 ---- ***** *\ 145,154 /* LDAP search DN / *BrowseLDAPPassword VALUE(NULL), / LDAP login password / ! *BrowseLDAPServer VALUE(NULL), / LDAP server to use / ! *BrowseLDAPCACertFile VALUE(NULL); / LDAP CA CERT file to use _/
--- 146,159 ---- /* LDAP search DN / *BrowseLDAPPassword VALUE(NULL), / LDAP login password / ! *BrowseLDAPServer VALUE(NULL); / LDAP server to use / ! VAR int BrowseLDAPUpdate VALUE(TRUE); ! / enables LDAP updates _/ ! # ifdef HAVE_LDAPSSL ! VAR char *BrowseLDAPCACertFile VALUE(NULL); / LDAP CA CERT file to use */
*\ scheduler/dirsvc.c Thu Jul 19 21:09:46 2007 --- ../../BUILD/cups-1.3.0/scheduler/dirsvc.c Tue Sep 18 09:05:48 2007
* 44,49 ** --- 44,59 ----
* 92,98 ** --- 102,137 ---- static void process_implicit_classes(void); static void send_cups_browse(cupsd_printer_t *p);
static void send_slp_browse(cupsd_printert p); ***** *\ 101,107 static void update_polling(void);
! #ifdef HAVE_OPENLDAP static const char * const ldap_attrs[] =/* CUPS LDAP attributes */ { "printerDescription", --- 140,146 ---- static void update_polling(void);
! #ifdef HAVE_LDAP static const char * const ldap_attrs[] =/* CUPS LDAP attributes */ { "printerDescription",
* 111,117 ** "printerURI", NULL }; ! #endif /* HAVE_OPENLDAP */
/ --- 150,156 ---- "printerURI", NULL }; ! #endif /* HAVE_LDAP /
/*
* 214,219 ** --- 253,263 ---- slp_dereg_printer(p);
if (removeit && (BrowseLocalProtocols & BROWSE_DNSSD)) dnssdDeregisterPrinter(p);
* 918,924 ** --- 962,1387 ---- }
/*
* 1047,1053 ** BrowseSLPHandle = NULL;
! #ifdef HAVE_OPENLDAP if ((BrowseLocalProtocols | BrowseRemoteProtocols) & BROWSE_LDAP) { if (!BrowseLDAPDN) --- 1510,1516 ---- BrowseSLPHandle = NULL;
! #ifdef HAVE_LDAP if ((BrowseLocalProtocols | BrowseRemoteProtocols) & BROWSE_LDAP) { if (!BrowseLDAPDN)
* 1059,1142 **
}
else
{
! /*
! * Open LDAP handle...
! /
!
! int rc; / LDAP API status /
! int version = 3; / LDAP version /
! struct berval bv = {0, ""}; / SASL bind value /
!
!
! /
! * Set the certificate file to use for encrypted LDAP sessions...
! _/
!
! if (BrowseLDAPCACertFile)
! {
! cupsdLogMessage(CUPSD_LOG_DEBUG,
! "cupsdStartBrowsing: Setting CA certificate file \"%s\"",
! BrowseLDAPCACertFile);
!
! if ((rc = ldap_set_option(NULL, LDAP_OPT_X_TLS_CACERTFILE,
! (void )BrowseLDAPCACertFile))
! != LDAP_SUCCESS)
! cupsdLogMessage(CUPSD_LOG_ERROR,
! "Unable to set CA certificate file for LDAP "
! "connections: %d - %s", rc, ldaperr2string(rc));
! }
!
! /
! * LDAP stuff currently only supports ldapi EXTERNAL SASL binds...
! /
!
! if (!BrowseLDAPServer || !strcasecmp(BrowseLDAPServer, "localhost"))
! rc = ldap_initialize(&BrowseLDAPHandle, "ldapi:///");
! else
! rc = ldap_initialize(&BrowseLDAPHandle, BrowseLDAPServer);
!
! if (rc != LDAP_SUCCESS)
! {
! cupsdLogMessage(CUPSD_LOG_ERROR,
! "Unable to initialize LDAP; disabling LDAP browsing!");
! BrowseLocalProtocols &= ~BROWSE_LDAP;
! BrowseRemoteProtocols &= ~BROWSE_LDAP;
! }
! else if (ldap_set_option(BrowseLDAPHandle, LDAP_OPT_PROTOCOL_VERSION,
! (const void *)&version) != LDAP_SUCCESS)
! {
! ldap_unbind_ext(BrowseLDAPHandle, NULL, NULL);
! BrowseLDAPHandle = NULL;
! cupsdLogMessage(CUPSD_LOG_ERROR,
! "Unable to set LDAP protocol version; "
! "disabling LDAP browsing!");
! BrowseLocalProtocols &= ~BROWSE_LDAP;
! BrowseRemoteProtocols &= ~BROWSE_LDAP;
! }
! else
! {
! if (!BrowseLDAPServer || !strcasecmp(BrowseLDAPServer, "localhost"))
! rc = ldap_sasl_bind_s(BrowseLDAPHandle, NULL, "EXTERNAL", &bv, NULL,
! NULL, NULL);
! else
! rc = ldap_bind_s(BrowseLDAPHandle, BrowseLDAPBindDN,
! BrowseLDAPPassword, LDAP_AUTH_SIMPLE);
!
! if (rc != LDAP_SUCCESS)
! {
! cupsdLogMessage(CUPSD_LOG_ERROR,
! "Unable to bind to LDAP server; "
! "disabling LDAP browsing!");
! ldap_unbind_ext(BrowseLDAPHandle, NULL, NULL);
! BrowseLocalProtocols &= ~BROWSE_LDAP;
! BrowseRemoteProtocols &= ~BROWSE_LDAP;
! }
! }
}
BrowseLDAPRefresh = 0;
}
! #endif /* HAVE_OPENLDAP */
/ * Register the individual printers --- 1522,1534 ---- } else { ! /* Open LDAP handle... / ! BrowseLDAPHandle = ldap_connect(); }
BrowseLDAPRefresh = 0;
}
! #endif /* HAVE_LDAP */
/ \ Register the individual printers
* 1310,1323 ** }
! #ifdef HAVE_OPENLDAP if (((BrowseLocalProtocols | BrowseRemoteProtocols) & BROWSE_LDAP) && BrowseLDAPHandle) { ! ldap_unbind(BrowseLDAPHandle); BrowseLDAPHandle = NULL; } ! #endif /* HAVE_OPENLDAP */ }
--- 1702,1716 ---- }
! #ifdef HAVE_LDAP if (((BrowseLocalProtocols | BrowseRemoteProtocols) & BROWSE_LDAP) && BrowseLDAPHandle) { ! ldap_dereg_ou(ServerName, BrowseLDAPDN); ! ldap_disconnect(BrowseLDAPHandle); BrowseLDAPHandle = NULL; } ! #endif /* HAVE_LDAP */ }
* 1377,1383 **
! #ifdef HAVE_OPENLDAP /*
! #ifdef HAVE_LDAP /*
'cupsdUpdateLDAPBrowse()' - Scan for new printers via LDAP... */
* 1391,1397 ** location[1024], /* Printer location / info[1024], / Printer information _/ makemodel[1024], / Printer make and model _/ ! value; /* Holds the returned data from LDAP / int type; / Printer type / int rc; / LDAP status / int limit; / Size limit / --- 1784,1790 ---- location[1024], / Printer location / info[1024], / Printer information / makemodel[1024], / Printer make and model _/ ! typenum[30]; / Printer type number / int type; / Printer type / int rc; / LDAP status / int limit; / Size limit /
* 1398,1426 ** LDAPMessage res, / LDAP search results / *e; / Current entry from search */
/ ! * Search for printers... /
! cupsdLogMessage(CUPSD_LOG_DEBUG2, "UpdateLDAPBrowse: %s", ServerName);
! BrowseLDAPRefresh = time(NULL) + BrowseInterval;
! rc = ldap_search_s(BrowseLDAPHandle, BrowseLDAPDN, LDAP_SCOPE_SUBTREE, ! "(objectclass=cupsPrinter)", (char **)ldap_attrs, 0, &res); if (rc != LDAP_SUCCESS) { ! cupsdLogMessage(CUPSD_LOG_ERROR, ! "LDAP search returned error %d: %s", rc, ! ldap_err2string(rc)); return; }
limit = ldap_count_entries(BrowseLDAPHandle, res);
cupsdLogMessage(CUPSD_LOG_DEBUG2, "LDAP search returned %d entries", limit);
if (limit < 1)
return;
/ * Loop through the available printers... --- 1791,1855 ---- LDAPMessage res, / LDAP search results _/ e; /_ Current entry from search */
/ ! * Reconnect if LDAP Handle is invalid... /
! if (! BrowseLDAPHandle) ! { ! ldap_reconnect(); ! return; ! }
! / ! * Search for cups printers in LDAP directory... ! /
! rc = ldap_search_rec(BrowseLDAPHandle, BrowseLDAPDN, LDAP_SCOPESUBTREE, ! "(objectclass=cupsPrinter)", (char *)ldapattrs, 0, &res); ! ! / ! * If ldap search was successfull then exit function ! * and temporary disable LDAP updates... ! */ ! if (rc != LDAP_SUCCESS) { ! if (BrowseLDAPUpdate && ((rc == LDAP_SERVER_DOWN) || (rc == LDAP_CONNECT_ERROR))) ! { ! BrowseLDAPUpdate = FALSE; ! cupsdLogMessage(CUPSD_LOG_INFO, ! "LDAP update temporary disabled"); ! } return; }
limit = ldap_count_entries(BrowseLDAPHandle, res); cupsdLogMessage(CUPSD_LOG_DEBUG2, "LDAP search returned %d entries", limit); if (limit < 1)
}
/*
* 1434,1474 **
! if ((value = ldap_get_values(BrowseLDAPHandle, e, ! "printerDescription")) == NULL) continue;
! strlcpy(info, *value, sizeof(info)); ! ldap_value_free(value); ! ! if ((value = ldap_get_values(BrowseLDAPHandle, e, ! "printerLocation")) == NULL) continue;
! strlcpy(location, *value, sizeof(location)); ! ldap_value_free(value); ! ! if ((value = ldap_get_values(BrowseLDAPHandle, e, ! "printerMakeAndModel")) == NULL) continue;
! strlcpy(make_model, *value, sizeof(make_model)); ! ldap_value_free(value); ! ! if ((value = ldap_get_values(BrowseLDAPHandle, e, ! "printerType")) == NULL) continue;
! type = atoi(*value); ! ldap_value_free(value);
! if ((value = ldap_get_values(BrowseLDAPHandle, e, ! "printerURI")) == NULL) continue;
/*
* Process the entry as browse data...
*/
--- 1863,1890 ---- * Get the required values from this entry... */
! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerDescription", info, sizeof(info)) == -1) continue;
! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerLocation", location, sizeof(location)) == -1) continue;
! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerMakeAndModel", make_model, sizeof(make_model)) == -1) continue;
! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerType", type_num, sizeof(type_num)) == -1) continue;
! type = atoi(type_num);
! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerURI", uri, sizeof(uri)) == -1) continue;
/*
* Process the entry as browse data...
*/
* 1478,1485 ** location, info, make_model, 0, NULL);
}
} ! #endif /* HAVE_OPENLDAP */
--- 1894,1903 ---- location, info, make_model, 0, NULL);
}
ldap_freeres(res); } ! #endif /* HAVE_LDAP */
* 3000,3007 ** }
! #ifdef HAVE_OPENLDAP /*
--- 3418,3759 ---- }
! #ifdef HAVE_LDAP /*
* 3011,3017 ** int i; /* Looping var... / LDAPMod mods[7]; / The 7 attributes we will be adding / LDAPMod *pmods[8]; / Pointers to the 7 attributes + NULL / ! LDAPMessage *res; / Search result token _/ char cnvalue[2], / Change records _/ uri[2], info[2], --- 3763,3770 ---- int i; / Looping var... / LDAPMod mods[7]; / The 7 attributes we will be adding / LDAPMod pmods[8]; / Pointers to the 7 attributes + NULL / ! LDAPMessage res, / Search result token / ! e; / Current entry from search / char cnvalue[2], / Change records / uri[2], info[2],
* 3020,3026 ** type[2], typestring[255], / String to hold printer-type / filter[256], / Search filter for possible UPDATEs / ! dn[1024]; / DN of the printer we are adding / int rc; / LDAP status _/ static const char * const objectClassvalues[] = { / The 3 objectClass's we use in / --- 3773,3780 ---- *type[2], typestring[255], / String to hold printer-type / filter[256], / Search filter for possible UPDATEs / ! dn[1024], / DN of the printer we are adding _/ ! searchdn[1024]; / DN for searching / int rc; / LDAP status _/ static const char * const objectClassvalues[] = { / The 3 objectClass's we use in */
* 3029,3038 ** "cupsPrinter", NULL };
! cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: %s\n", p->name);
/ * Everything in ldap is * so we fudge around it... */
--- 3783,3819 ---- "cupsPrinter", NULL };
! cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: %s", p->name);
/*
* 3051,3064 ** uri[0] = p->uri; uri[1] = NULL;
snprintf(filter, sizeof(filter),
! "(&(objectclass=cupsPrinter)(printerURI=%s))", p->uri);
filter, (char **)ldap_attrs, 0, &res);
cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: Searching \"%s\"", filter);
mods[0].mod_type = "cn"; mods[0].mod_values = cn_value; mods[1].mod_type = "printerDescription"; --- 3832,3872 ---- uri[0] = p->uri; uri[1] = NULL;
snprintf(filter, sizeof(filter), ! "(&(objectclass=cupsPrinter)(cn=%s))", p->name);
cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: Searching \"%s\"", filter);
filter, (char **)ldap_attrs, 0, &res);
mods[0].mod_type = "cn"; mods[0].mod_values = cn_value; mods[1].mod_type = "printerDescription";
* 3074,3113 ** mods[6].mod_type = "objectClass"; mods[6].mod_values = (char **)objectClass_values;
! snprintf(dn, sizeof(dn), "cn=%s,ou=printers,%s", p->name, BrowseLDAPDN); ! cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: dn=\"%s\"", dn);
if (ldap_count_entries(BrowseLDAPHandle, res) > 0)
{
/*
! * Printer has already been registered, modify the current ! * registration... */
! cupsdLogMessage(CUPSD_LOG_DEBUG2, ! "send_ldap_browse: Replacing entry...");
! for (i = 0; i < 7; i ++) { ! pmods[i] = mods + i; ! pmods[i]->mod_op = LDAP_MOD_REPLACE; } ! pmods[i] = NULL;
! if ((rc = ldap_modify_s(BrowseLDAPHandle, dn, pmods)) != LDAP_SUCCESS) ! cupsdLogMessage(CUPSD_LOG_ERROR, ! "LDAP modify for %s failed with status %d: %s", ! p->name, rc, ldap_err2string(rc)); } else { / * Printer has never been registered, add the current * registration... /
cupsdLogMessage(CUPSD_LOG_DEBUG2,
! "send_ldap_browse: Adding entry...");
for (i = 0; i < 7; i ++)
{
--- 3882,3992 ---- mods[6].mod_type = "objectClass"; mods[6].mod_values = (char **)objectClass_values;
! / ! * Check if we need to insert or update the LDAP entry... ! /
if (ldap_count_entries(BrowseLDAPHandle, res) > 0)
{
/*
! * Printer has already been registered, check if ! * modification is required... */
! e = ldap_first_entry(BrowseLDAPHandle, res);
! / ! * Get the required values from this entry... ! _/ ! ! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerDescription", old_info, sizeof(old_info)) == -1) ! old_info[0] = '\0'; ! ! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerLocation", old_location, sizeof(old_location)) == -1) ! old_info[0] = '\0'; ! ! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerMakeAndModel", old_make_model, sizeof(old_make_model)) == -1) ! old_info[0] = '\0'; ! ! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerType", old_type_string, sizeof(old_type_string)) == -1) ! old_info[0] = '\0'; ! ! old_type = atoi(old_type_string); ! ! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerURI", old_uri, sizeof(old_uri)) == -1) ! oldinfo[0] = '\0'; ! ! / ! * Check if modification is required... ! _/ ! ! if ( ( strcmp(info[0], old_info) == 0 ) ! && ( strcmp(uri[0], old_uri) == 0 ) ! && ( strcmp(location[0], old_location) == 0 ) ! && ( strcmp(make_model[0], old_make_model) == 0 ) ! && ( p->type == oldtype ) ! ) { ! / ! * LDAP entry for the printer exists. ! * Printer has already been registered, ! * no modifications required... ! / ! cupsdLogMessage(CUPSD_LOG_DEBUG2, ! "send_ldap_browse: No updates required for %s", p->name); } ! else ! {
! / ! * LDAP entry for the printer exists. ! * Printer has already been registered, modify the current ! * registration... ! _/ ! ! cupsdLogMessage(CUPSD_LOG_DEBUG2, ! "send_ldap_browse: Replace entry for %s", p->name); ! ! for (i = 0; i < 7; i ++) ! { ! pmods[i] = mods + i; ! pmods[i]->mod_op = LDAP_MOD_REPLACE; ! } ! pmods[i] = NULL; ! ! # if defined(HAVE_OPENLDAP) && LDAP_API_VERSION > 3000 ! if ((rc = ldap_modify_ext_s(BrowseLDAPHandle, dn, pmods, NULL, NULL)) != LDAP_SUCCESS) ! # else ! if ((rc = ldap_modify_s(BrowseLDAPHandle, dn, pmods)) != LDAPSUCCESS) ! # endif / defined(HAVE_OPENLDAP) && LDAP_API_VERSION > 3000 / ! { ! cupsdLogMessage(CUPSD_LOG_ERROR, ! "LDAP modify for %s failed with status %d: %s", ! p->name, rc, ldap_err2string(rc)); ! if ( LDAP_SERVER_DOWN == rc ) ! ldap_reconnect(); ! } ! } ! } else {
/*
* No LDAP entry exists for the printer.
send_ldap_ou(ServerName, BrowseLDAPDN, "CUPS Server");
cupsdLogMessage(CUPSD_LOG_DEBUG2, ! "send_ldap_browse: Add entry for %s", p->name);
for (i = 0; i < 7; i ++) {
* 3116,3128 ** } pmods[i] = NULL;
if ((rc = ldap_add_s(BrowseLDAPHandle, dn, pmods)) != LDAP_SUCCESS) cupsdLogMessage(CUPSD_LOG_ERROR, "LDAP add for %s failed with status %d: %s", p->name, rc, ldap_err2string(rc)); } } ! #endif /* HAVE_OPENLDAP */
--- 3995,4141 ---- } pmods[i] = NULL;
if ((rc = ldap_add_s(BrowseLDAPHandle, dn, pmods)) != LDAP_SUCCESS)
}
ldap_freeres(res); } ! ! ! / ! * 'ldap_deregprinter()' - Delete printer from directory ! / ! ! static void ! ldap_dereg_printer(cupsd_printer_t p) / I - Printer to deregister / ! { ! char dn[1024]; / DN of the printer / ! int rc; / LDAP status / ! ! cupsdLogMessage(CUPSD_LOG_DEBUG2, "ldap_deregprinter: Remove entry for %s", p->name); ! ! / ! * Reconnect if LDAP Handle is invalid... ! _/ ! ! if (! BrowseLDAPHandle) ! { ! ldapreconnect(); ! return; ! } ! ! / ! * Get dn for printer and delete LDAP entry... ! _/ ! ! snprintf(dn, sizeof(dn), "cn=%s, ou=%s, %s", p->name, ServerName, BrowseLDAPDN); ! cupsdLogMessage(CUPSD_LOG_DEBUG2, "ldap_dereg_printer: dn=\"%s\"", dn); ! ! # if defined(HAVE_OPENLDAP) && LDAP_API_VERSION > 3000 ! if ((rc = ldap_delete_ext_s(BrowseLDAPHandle, dn, NULL, NULL)) != LDAP_SUCCESS) ! # else ! if ((rc = ldap_delete_s(BrowseLDAPHandle, dn)) != LDAPSUCCESS) ! # endif / defined(HAVE_OPENLDAP) && LDAP_APIVERSION > 3000 / ! { ! cupsdLogMessage(CUPSD_LOG_WARN, ! "LDAP delete for %s failed with status %d: %s", ! p->name, rc, ldaperr2string(rc)); ! ! / ! * If we had a connection problem (connection timed out, etc.) ! * we should reconnect and try again to delete the entry... ! _/ ! ! if ((rc == LDAP_SERVER_DOWN) || (rc == LDAP_CONNECT_ERROR)) ! { ! cupsdLogMessage(CUPSD_LOG_INFO, ! "Retry deleting LDAP entry for %s after a reconnect...", p->name); ! ldap_reconnect(); ! # if defined(HAVE_OPENLDAP) && LDAP_API_VERSION > 3000 ! if ((rc = ldap_delete_ext_s(BrowseLDAPHandle, dn, NULL, NULL)) != LDAP_SUCCESS) ! # else ! if ((rc = ldap_delete_s(BrowseLDAPHandle, dn)) != LDAPSUCCESS) ! # endif / defined(HAVE_OPENLDAP) && LDAP_APIVERSION > 3000 / ! cupsdLogMessage(CUPSD_LOG_WARN, ! "LDAP delete for %s failed with status %d: %s", ! p->name, rc, ldap_err2string(rc)); ! } ! ! } ! } ! ! ! static void ! ldap_deregou(char *ou, / I - organizational unit (servername) / ! char *basedn) / I - base dn / ! { ! char dn[1024]; / DN of the printer / ! int rc; / LDAP status _/ ! ! cupsdLogMessage(CUPSD_LOG_DEBUG2, "ldap_deregou: Remove entry for %s", ou); ! ! / ! * Reconnect if LDAP Handle is invalid... ! _/ ! ! if (! BrowseLDAPHandle) ! { ! ldapreconnect(); ! return; ! } ! ! / ! * Get dn for printer and delete LDAP entry... ! _/ ! ! snprintf(dn, sizeof(dn), "ou=%s, %s", ou, basedn); ! cupsdLogMessage(CUPSD_LOG_DEBUG2, "ldap_dereg_ou: dn=\"%s\"", dn); ! ! # if defined(HAVE_OPENLDAP) && LDAP_API_VERSION > 3000 ! if ((rc = ldap_delete_ext_s(BrowseLDAPHandle, dn, NULL, NULL)) != LDAP_SUCCESS) ! # else ! if ((rc = ldap_delete_s(BrowseLDAPHandle, dn)) != LDAPSUCCESS) ! # endif / defined(HAVE_OPENLDAP) && LDAP_APIVERSION > 3000 / ! { ! cupsdLogMessage(CUPSD_LOG_WARN, ! "LDAP delete for %s failed with status %d: %s", ! ou, rc, ldaperr2string(rc)); ! ! / ! * If we had a connection problem (connection timed out, etc.) ! * we should reconnect and try again to delete the entry... ! _/ ! ! if ((rc == LDAP_SERVER_DOWN) || (rc == LDAP_CONNECT_ERROR)) ! { ! cupsdLogMessage(CUPSD_LOG_INFO, ! "Retry deleting LDAP entry for %s after a reconnect...", ou); ! ldap_reconnect(); ! # if defined(HAVE_OPENLDAP) && LDAP_API_VERSION > 3000 ! if ((rc = ldap_delete_ext_s(BrowseLDAPHandle, dn, NULL, NULL)) != LDAP_SUCCESS) ! # else ! if ((rc = ldap_delete_s(BrowseLDAPHandle, dn)) != LDAPSUCCESS) ! # endif / defined(HAVE_OPENLDAP) && LDAP_APIVERSION > 3000 / ! cupsdLogMessage(CUPSD_LOG_WARN, ! "LDAP delete for %s failed with status %d: %s", ! ou, rc, ldaperr2string(rc)); ! } ! ! } ! } ! #endif / HAVE_LDAP */
"cups-1.3.2-ldapimp.patch":
*\ config-scripts/cups-ldap.m4 Wed Jul 11 23:46:42 2007 --- ../../BUILD/cups-1.3.2/config-scripts/cups-ldap.m4 Thu Sep 27 11:31:56 2007
* 14,24 ** dnl
AC_ARG_ENABLE(ldap, [ --enable-ldap turn on LDAP support, default=yes]) ! AC_ARG_WITH(openldap-libs, [ --with-openldap-libs set directory for OpenLDAP library], LDFLAGS="-L$withval $LDFLAGS" DSOFLAGS="-L$withval $DSOFLAGS",) ! AC_ARG_WITH(openldap-includes, [ --with-openldap-includes ! set directory for OpenLDAP includes], CFLAGS="-I$withval $CFLAGS" CXXFLAGS="-I$withval $CXXFLAGS" CPPFLAGS="-I$withval $CPPFLAGS",) --- 14,24 ---- dnl
AC_ARG_ENABLE(ldap, [ --enable-ldap turn on LDAP support, default=yes]) ! AC_ARG_WITH(ldap-libs, [ --with-ldap-libs set directory for LDAP library], LDFLAGS="-L$withval $LDFLAGS" DSOFLAGS="-L$withval $DSOFLAGS",) ! AC_ARG_WITH(ldap-includes, [ --with-ldap-includes ! set directory for LDAP includes], CFLAGS="-I$withval $CFLAGS" CXXFLAGS="-I$withval $CXXFLAGS" CPPFLAGS="-I$withval $CPPFLAGS",)
* 26,36 ** LIBLDAP=""
if test x$enable_ldap != xno; then ! AC_CHECK_HEADER(ldap.h, AC_CHECK_LIB(ldap, ldap_initialize, ! AC_DEFINE(HAVE_LDAP) ! AC_DEFINE(HAVE_OPENLDAP) ! LIBLDAP="-lldap")) fi
AC_SUBST(LIBLDAP) --- 26,49 ---- LIBLDAP=""
if test x$enable_ldap != xno; then
! AC_CHECK_HEADER(ldap.h, [
AC_CHECK_LIB(ldap, ldap_initialize,
! AC_DEFINE(HAVE_LDAP)
! AC_DEFINE(HAVE_OPENLDAP)
! LIBLDAP="-lldap"
! AC_CHECK_LIB(ldap, ldap_start_tls,
! AC_DEFINE(HAVE_LDAP_SSL))
! ,
! AC_CHECK_LIB(ldap, ldap_init,
! AC_DEFINE(HAVE_LDAP)
! AC_DEFINE(HAVE_MOZILLA_LDAP)
! LIBLDAP="-lldap"
! AC_CHECK_HEADER(ldap_ssl.h, AC_DEFINE(HAVE_LDAP_SSL_H),,[#include
AC_SUBST(LIBLDAP) *\ config.h.in Wed Aug 29 19:22:26 2007 --- ../../BUILD/cups-1.3.2/config.h.in Thu Sep 27 11:31:56 2007
* 297,302 ** --- 297,306 ----
/* *\ scheduler/dirsvc.h Wed Jul 11 23:46:42 2007 --- ../../BUILD/cups-1.3.2/scheduler/dirsvc.h Thu Sep 27 11:31:56 2007
* 22,33 **
! #ifdef HAVE_OPENLDAP
! #endif /_ HAVE_OPENLDAP */
/*
! #ifdef HAVE_LDAP
! # ifdef HAVE_LDAP_SSL_H
! # include
/*
Browse protocols...
* 133,142 **
VAR LDAP BrowseLDAPHandle VALUE(NULL); / Handle to LDAP server */
VAR timet BrowseLDAPRefresh VALUE(0); / Next LDAP refresh time / VAR char BrowseLDAPBindDN VALUE(NULL), --- 136,143 ---- ***** *\ 145,154 /* LDAP search DN / *BrowseLDAPPassword VALUE(NULL), / LDAP login password / ! *BrowseLDAPServer VALUE(NULL), / LDAP server to use / ! *BrowseLDAPCACertFile VALUE(NULL); / LDAP CA CERT file to use _/
--- 146,159 ---- /* LDAP search DN / *BrowseLDAPPassword VALUE(NULL), / LDAP login password / ! *BrowseLDAPServer VALUE(NULL); / LDAP server to use / ! VAR int BrowseLDAPUpdate VALUE(TRUE); ! / enables LDAP updates _/ ! # ifdef HAVE_LDAPSSL ! VAR char *BrowseLDAPCACertFile VALUE(NULL); / LDAP CA CERT file to use */
*\ scheduler/dirsvc.c Tue Sep 18 19:51:32 2007 --- ../../BUILD/cups-1.3.2/scheduler/dirsvc.c Thu Sep 27 12:53:59 2007
* 44,49 ** --- 44,59 ----
* 92,98 ** --- 102,137 ---- static void process_implicit_classes(int write_printcap); static void send_cups_browse(cupsd_printer_t p);
static void send_slp_browse(cupsd_printert p); ***** *\ 101,107 static void update_polling(void);
! #ifdef HAVE_OPENLDAP static const char * const ldap_attrs[] =/* CUPS LDAP attributes */ { "printerDescription", --- 140,146 ---- static void update_polling(void);
! #ifdef HAVE_LDAP static const char * const ldap_attrs[] =/* CUPS LDAP attributes */ { "printerDescription",
* 111,117 ** "printerURI", NULL }; ! #endif /* HAVE_OPENLDAP */
/ --- 150,156 ---- "printerURI", NULL }; ! #endif /* HAVE_LDAP /
/*
* 214,219 ** --- 253,263 ---- slp_dereg_printer(p);
if (removeit && (BrowseLocalProtocols & BROWSE_DNSSD)) dnssdDeregisterPrinter(p);
* 918,924 ** --- 962,1387 ---- }
/*
* 1047,1053 ** BrowseSLPHandle = NULL;
! #ifdef HAVE_OPENLDAP if ((BrowseLocalProtocols | BrowseRemoteProtocols) & BROWSE_LDAP) { if (!BrowseLDAPDN) --- 1510,1516 ---- BrowseSLPHandle = NULL;
! #ifdef HAVE_LDAP if ((BrowseLocalProtocols | BrowseRemoteProtocols) & BROWSE_LDAP) { if (!BrowseLDAPDN)
* 1059,1142 **
}
else
{
! /*
! * Open LDAP handle...
! /
!
! int rc; / LDAP API status /
! int version = 3; / LDAP version /
! struct berval bv = {0, ""}; / SASL bind value /
!
!
! /
! * Set the certificate file to use for encrypted LDAP sessions...
! _/
!
! if (BrowseLDAPCACertFile)
! {
! cupsdLogMessage(CUPSD_LOG_DEBUG,
! "cupsdStartBrowsing: Setting CA certificate file \"%s\"",
! BrowseLDAPCACertFile);
!
! if ((rc = ldap_set_option(NULL, LDAP_OPT_X_TLS_CACERTFILE,
! (void )BrowseLDAPCACertFile))
! != LDAP_SUCCESS)
! cupsdLogMessage(CUPSD_LOG_ERROR,
! "Unable to set CA certificate file for LDAP "
! "connections: %d - %s", rc, ldaperr2string(rc));
! }
!
! /
! * LDAP stuff currently only supports ldapi EXTERNAL SASL binds...
! /
!
! if (!BrowseLDAPServer || !strcasecmp(BrowseLDAPServer, "localhost"))
! rc = ldap_initialize(&BrowseLDAPHandle, "ldapi:///");
! else
! rc = ldap_initialize(&BrowseLDAPHandle, BrowseLDAPServer);
!
! if (rc != LDAP_SUCCESS)
! {
! cupsdLogMessage(CUPSD_LOG_ERROR,
! "Unable to initialize LDAP; disabling LDAP browsing!");
! BrowseLocalProtocols &= ~BROWSE_LDAP;
! BrowseRemoteProtocols &= ~BROWSE_LDAP;
! }
! else if (ldap_set_option(BrowseLDAPHandle, LDAP_OPT_PROTOCOL_VERSION,
! (const void *)&version) != LDAP_SUCCESS)
! {
! ldap_unbind_ext(BrowseLDAPHandle, NULL, NULL);
! BrowseLDAPHandle = NULL;
! cupsdLogMessage(CUPSD_LOG_ERROR,
! "Unable to set LDAP protocol version; "
! "disabling LDAP browsing!");
! BrowseLocalProtocols &= ~BROWSE_LDAP;
! BrowseRemoteProtocols &= ~BROWSE_LDAP;
! }
! else
! {
! if (!BrowseLDAPServer || !strcasecmp(BrowseLDAPServer, "localhost"))
! rc = ldap_sasl_bind_s(BrowseLDAPHandle, NULL, "EXTERNAL", &bv, NULL,
! NULL, NULL);
! else
! rc = ldap_bind_s(BrowseLDAPHandle, BrowseLDAPBindDN,
! BrowseLDAPPassword, LDAP_AUTH_SIMPLE);
!
! if (rc != LDAP_SUCCESS)
! {
! cupsdLogMessage(CUPSD_LOG_ERROR,
! "Unable to bind to LDAP server; "
! "disabling LDAP browsing!");
! ldap_unbind_ext(BrowseLDAPHandle, NULL, NULL);
! BrowseLocalProtocols &= ~BROWSE_LDAP;
! BrowseRemoteProtocols &= ~BROWSE_LDAP;
! }
! }
}
BrowseLDAPRefresh = 0;
}
! #endif /* HAVE_OPENLDAP */
/ * Register the individual printers --- 1522,1534 ---- } else { ! /* Open LDAP handle... / ! BrowseLDAPHandle = ldap_connect(); }
BrowseLDAPRefresh = 0;
}
! #endif /* HAVE_LDAP */
/ \ Register the individual printers
* 1310,1323 ** }
! #ifdef HAVE_OPENLDAP if (((BrowseLocalProtocols | BrowseRemoteProtocols) & BROWSE_LDAP) && BrowseLDAPHandle) { ! ldap_unbind(BrowseLDAPHandle); BrowseLDAPHandle = NULL; } ! #endif /* HAVE_OPENLDAP */ }
--- 1702,1716 ---- }
! #ifdef HAVE_LDAP if (((BrowseLocalProtocols | BrowseRemoteProtocols) & BROWSE_LDAP) && BrowseLDAPHandle) { ! ldap_dereg_ou(ServerName, BrowseLDAPDN); ! ldap_disconnect(BrowseLDAPHandle); BrowseLDAPHandle = NULL; } ! #endif /* HAVE_LDAP */ }
* 1377,1383 **
! #ifdef HAVE_OPENLDAP /*
! #ifdef HAVE_LDAP /*
'cupsdUpdateLDAPBrowse()' - Scan for new printers via LDAP... */
* 1391,1397 ** location[1024], /* Printer location / info[1024], / Printer information _/ makemodel[1024], / Printer make and model _/ ! value; /* Holds the returned data from LDAP / int type; / Printer type / int rc; / LDAP status / int limit; / Size limit / --- 1784,1790 ---- location[1024], / Printer location / info[1024], / Printer information / makemodel[1024], / Printer make and model _/ ! typenum[30]; / Printer type number / int type; / Printer type / int rc; / LDAP status / int limit; / Size limit /
* 1398,1426 ** LDAPMessage res, / LDAP search results / *e; / Current entry from search */
/ ! * Search for printers... /
! cupsdLogMessage(CUPSD_LOG_DEBUG2, "UpdateLDAPBrowse: %s", ServerName);
! BrowseLDAPRefresh = time(NULL) + BrowseInterval;
! rc = ldap_search_s(BrowseLDAPHandle, BrowseLDAPDN, LDAP_SCOPE_SUBTREE, ! "(objectclass=cupsPrinter)", (char **)ldap_attrs, 0, &res); if (rc != LDAP_SUCCESS) { ! cupsdLogMessage(CUPSD_LOG_ERROR, ! "LDAP search returned error %d: %s", rc, ! ldap_err2string(rc)); return; }
limit = ldap_count_entries(BrowseLDAPHandle, res);
cupsdLogMessage(CUPSD_LOG_DEBUG2, "LDAP search returned %d entries", limit);
if (limit < 1)
return;
/ * Loop through the available printers... --- 1791,1855 ---- LDAPMessage res, / LDAP search results _/ e; /_ Current entry from search */
/ ! * Reconnect if LDAP Handle is invalid... /
! if (! BrowseLDAPHandle) ! { ! ldap_reconnect(); ! return; ! }
! / ! * Search for cups printers in LDAP directory... ! /
! rc = ldap_search_rec(BrowseLDAPHandle, BrowseLDAPDN, LDAP_SCOPESUBTREE, ! "(objectclass=cupsPrinter)", (char *)ldapattrs, 0, &res); ! ! / ! * If ldap search was successfull then exit function ! * and temporary disable LDAP updates... ! */ ! if (rc != LDAP_SUCCESS) { ! if (BrowseLDAPUpdate && ((rc == LDAP_SERVER_DOWN) || (rc == LDAP_CONNECT_ERROR))) ! { ! BrowseLDAPUpdate = FALSE; ! cupsdLogMessage(CUPSD_LOG_INFO, ! "LDAP update temporary disabled"); ! } return; }
limit = ldap_count_entries(BrowseLDAPHandle, res); cupsdLogMessage(CUPSD_LOG_DEBUG2, "LDAP search returned %d entries", limit); if (limit < 1)
}
/*
* 1434,1474 **
! if ((value = ldap_get_values(BrowseLDAPHandle, e, ! "printerDescription")) == NULL) continue;
! strlcpy(info, *value, sizeof(info)); ! ldap_value_free(value); ! ! if ((value = ldap_get_values(BrowseLDAPHandle, e, ! "printerLocation")) == NULL) continue;
! strlcpy(location, *value, sizeof(location)); ! ldap_value_free(value); ! ! if ((value = ldap_get_values(BrowseLDAPHandle, e, ! "printerMakeAndModel")) == NULL) continue;
! strlcpy(make_model, *value, sizeof(make_model)); ! ldap_value_free(value); ! ! if ((value = ldap_get_values(BrowseLDAPHandle, e, ! "printerType")) == NULL) continue;
! type = atoi(*value); ! ldap_value_free(value);
! if ((value = ldap_get_values(BrowseLDAPHandle, e, ! "printerURI")) == NULL) continue;
/*
* Process the entry as browse data...
*/
--- 1863,1890 ---- * Get the required values from this entry... */
! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerDescription", info, sizeof(info)) == -1) continue;
! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerLocation", location, sizeof(location)) == -1) continue;
! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerMakeAndModel", make_model, sizeof(make_model)) == -1) continue;
! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerType", type_num, sizeof(type_num)) == -1) continue;
! type = atoi(type_num);
! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerURI", uri, sizeof(uri)) == -1) continue;
/*
* Process the entry as browse data...
*/
* 1478,1485 ** location, info, make_model, 0, NULL);
}
} ! #endif /* HAVE_OPENLDAP */
--- 1894,1903 ---- location, info, make_model, 0, NULL);
}
ldap_freeres(res); } ! #endif /* HAVE_LDAP */
* 3012,3019 ** }
! #ifdef HAVE_OPENLDAP /*
--- 3430,3775 ---- }
! #ifdef HAVE_LDAP /*
* 3023,3029 ** int i; /* Looping var... / LDAPMod mods[7]; / The 7 attributes we will be adding / LDAPMod *pmods[8]; / Pointers to the 7 attributes + NULL / ! LDAPMessage *res; / Search result token _/ char cnvalue[2], / Change records _/ uri[2], info[2], --- 3779,3786 ---- int i; / Looping var... / LDAPMod mods[7]; / The 7 attributes we will be adding / LDAPMod pmods[8]; / Pointers to the 7 attributes + NULL / ! LDAPMessage res, / Search result token / ! e; / Current entry from search / char cnvalue[2], / Change records / uri[2], info[2],
* 3031,3037 ** _makemodel[2], *type[2], typestring[255], / String to hold printer-type */
! cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: %s\n", p->name);
/ * Everything in ldap is * so we fudge around it... */
--- 3797,3833 ---- "cupsPrinter", NULL };
! cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: %s", p->name);
/*
* 3063,3076 ** uri[0] = p->uri; uri[1] = NULL;
! snprintf(filter, sizeof(filter), ! "(&(objectclass=cupsPrinter)(printerURI=%s))", p->uri);
! ldap_search_s(BrowseLDAPHandle, BrowseLDAPDN, LDAP_SCOPE_SUBTREE, ! filter, (char **)ldap_attrs, 0, &res); ! cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: Searching \"%s\"", ! filter);
mods[0].mod_type = "cn";
mods[0].mod_values = cn_value;
mods[1].mod_type = "printerDescription";
--- 3846,3879 ---- uri[0] = p->uri; uri[1] = NULL;
! / ! * Get ldap entry for printer ... ! /
! snprintf(dn, sizeof(dn), "cn=%s, ou=%s, %s", p->name, ServerName, BrowseLDAPDN); ! cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: dn=\"%s\"", dn); ! rc = ldap_search_rec(BrowseLDAPHandle, dn, LDAP_SCOPE_BASE, ! NULL, (char **)ldap_attrs, 0, &res);
mods[0].mod_type = "cn"; mods[0].mod_values = cn_value; mods[1].mod_type = "printerDescription";
* 3086,3125 ** mods[6].mod_type = "objectClass"; mods[6].mod_values = (char **)objectClass_values;
! snprintf(dn, sizeof(dn), "cn=%s,ou=printers,%s", p->name, BrowseLDAPDN); ! cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: dn=\"%s\"", dn);
! if (ldap_count_entries(BrowseLDAPHandle, res) > 0) { / ! * Printer has already been registered, modify the current ! * registration... /
! cupsdLogMessage(CUPSD_LOG_DEBUG2, ! "send_ldap_browse: Replacing entry...");
! for (i = 0; i < 7; i ++) { ! pmods[i] = mods + i; ! pmods[i]->mod_op = LDAP_MOD_REPLACE; } ! pmods[i] = NULL;
! if ((rc = ldap_modify_s(BrowseLDAPHandle, dn, pmods)) != LDAP_SUCCESS) ! cupsdLogMessage(CUPSD_LOG_ERROR, ! "LDAP modify for %s failed with status %d: %s", ! p->name, rc, ldap_err2string(rc)); } else { / * Printer has never been registered, add the current * registration... /
cupsdLogMessage(CUPSD_LOG_DEBUG2,
! "send_ldap_browse: Adding entry...");
for (i = 0; i < 7; i ++)
{
--- 3889,3999 ---- mods[6].mod_type = "objectClass"; mods[6].mod_values = (char **)objectClass_values;
! / ! * Check if we need to insert or update the LDAP entry... ! /
! if ((ldap_count_entries(BrowseLDAPHandle, res) > 0) && (rc != LDAP_NO_SUCH_OBJECT)) { / ! * Printer has already been registered, check if ! * modification is required... /
! e = ldap_first_entry(BrowseLDAPHandle, res);
! / ! * Get the required values from this entry... ! _/ ! ! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerDescription", old_info, sizeof(old_info)) == -1) ! old_info[0] = '\0'; ! ! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerLocation", old_location, sizeof(old_location)) == -1) ! old_info[0] = '\0'; ! ! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerMakeAndModel", old_make_model, sizeof(old_make_model)) == -1) ! old_info[0] = '\0'; ! ! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerType", old_type_string, sizeof(old_type_string)) == -1) ! old_info[0] = '\0'; ! ! old_type = atoi(old_type_string); ! ! if (ldap_getval_firststring(BrowseLDAPHandle, e, ! "printerURI", old_uri, sizeof(old_uri)) == -1) ! oldinfo[0] = '\0'; ! ! / ! * Check if modification is required... ! _/ ! ! if ( ( strcmp(info[0], old_info) == 0 ) ! && ( strcmp(uri[0], old_uri) == 0 ) ! && ( strcmp(location[0], old_location) == 0 ) ! && ( strcmp(make_model[0], old_make_model) == 0 ) ! && ( p->type == oldtype ) ! ) { ! / ! * LDAP entry for the printer exists. ! * Printer has already been registered, ! * no modifications required... ! / ! cupsdLogMessage(CUPSD_LOG_DEBUG2, ! "send_ldap_browse: No updates required for %s", p->name); } ! else ! {
! / ! * LDAP entry for the printer exists. ! * Printer has already been registered, modify the current ! * registration... ! _/ ! ! cupsdLogMessage(CUPSD_LOG_DEBUG2, ! "send_ldap_browse: Replace entry for %s", p->name); ! ! for (i = 0; i < 7; i ++) ! { ! pmods[i] = mods + i; ! pmods[i]->mod_op = LDAP_MOD_REPLACE; ! } ! pmods[i] = NULL; ! ! # if defined(HAVE_OPENLDAP) && LDAP_API_VERSION > 3000 ! if ((rc = ldap_modify_ext_s(BrowseLDAPHandle, dn, pmods, NULL, NULL)) != LDAP_SUCCESS) ! # else ! if ((rc = ldap_modify_s(BrowseLDAPHandle, dn, pmods)) != LDAPSUCCESS) ! # endif / defined(HAVE_OPENLDAP) && LDAP_API_VERSION > 3000 / ! { ! cupsdLogMessage(CUPSD_LOG_ERROR, ! "LDAP modify for %s failed with status %d: %s", ! p->name, rc, ldap_err2string(rc)); ! if ( LDAP_SERVER_DOWN == rc ) ! ldap_reconnect(); ! } ! } ! } else {
/*
* No LDAP entry exists for the printer.
send_ldap_ou(ServerName, BrowseLDAPDN, "CUPS Server");
cupsdLogMessage(CUPSD_LOG_DEBUG2, ! "send_ldap_browse: Add entry for %s", p->name);
for (i = 0; i < 7; i ++) {
* 3128,3140 ** } pmods[i] = NULL;
if ((rc = ldap_add_s(BrowseLDAPHandle, dn, pmods)) != LDAP_SUCCESS) cupsdLogMessage(CUPSD_LOG_ERROR, "LDAP add for %s failed with status %d: %s", p->name, rc, ldap_err2string(rc)); } } ! #endif /* HAVE_OPENLDAP */
--- 4002,4148 ---- } pmods[i] = NULL;
if ((rc = ldap_add_s(BrowseLDAPHandle, dn, pmods)) != LDAP_SUCCESS)
}
ldap_freeres(res); } ! ! ! / ! * 'ldap_deregprinter()' - Delete printer from directory ! / ! ! static void ! ldap_dereg_printer(cupsd_printer_t p) / I - Printer to deregister / ! { ! char dn[1024]; / DN of the printer / ! int rc; / LDAP status / ! ! cupsdLogMessage(CUPSD_LOG_DEBUG2, "ldap_deregprinter: Remove entry for %s", p->name); ! ! / ! * Reconnect if LDAP Handle is invalid... ! _/ ! ! if (! BrowseLDAPHandle) ! { ! ldapreconnect(); ! return; ! } ! ! / ! * Get dn for printer and delete LDAP entry... ! _/ ! ! snprintf(dn, sizeof(dn), "cn=%s, ou=%s, %s", p->name, ServerName, BrowseLDAPDN); ! cupsdLogMessage(CUPSD_LOG_DEBUG2, "ldap_dereg_printer: dn=\"%s\"", dn); ! ! # if defined(HAVE_OPENLDAP) && LDAP_API_VERSION > 3000 ! if ((rc = ldap_delete_ext_s(BrowseLDAPHandle, dn, NULL, NULL)) != LDAP_SUCCESS) ! # else ! if ((rc = ldap_delete_s(BrowseLDAPHandle, dn)) != LDAPSUCCESS) ! # endif / defined(HAVE_OPENLDAP) && LDAP_APIVERSION > 3000 / ! { ! cupsdLogMessage(CUPSD_LOG_WARN, ! "LDAP delete for %s failed with status %d: %s", ! p->name, rc, ldaperr2string(rc)); ! ! / ! * If we had a connection problem (connection timed out, etc.) ! * we should reconnect and try again to delete the entry... ! _/ ! ! if ((rc == LDAP_SERVER_DOWN) || (rc == LDAP_CONNECT_ERROR)) ! { ! cupsdLogMessage(CUPSD_LOG_INFO, ! "Retry deleting LDAP entry for %s after a reconnect...", p->name); ! ldap_reconnect(); ! # if defined(HAVE_OPENLDAP) && LDAP_API_VERSION > 3000 ! if ((rc = ldap_delete_ext_s(BrowseLDAPHandle, dn, NULL, NULL)) != LDAP_SUCCESS) ! # else ! if ((rc = ldap_delete_s(BrowseLDAPHandle, dn)) != LDAPSUCCESS) ! # endif / defined(HAVE_OPENLDAP) && LDAP_APIVERSION > 3000 / ! cupsdLogMessage(CUPSD_LOG_WARN, ! "LDAP delete for %s failed with status %d: %s", ! p->name, rc, ldap_err2string(rc)); ! } ! ! } ! } ! ! ! static void ! ldap_deregou(char *ou, / I - organizational unit (servername) / ! char *basedn) / I - base dn / ! { ! char dn[1024]; / DN of the printer / ! int rc; / LDAP status _/ ! ! cupsdLogMessage(CUPSD_LOG_DEBUG2, "ldap_deregou: Remove entry for %s", ou); ! ! / ! * Reconnect if LDAP Handle is invalid... ! _/ ! ! if (! BrowseLDAPHandle) ! { ! ldapreconnect(); ! return; ! } ! ! / ! * Get dn for printer and delete LDAP entry... ! _/ ! ! snprintf(dn, sizeof(dn), "ou=%s, %s", ou, basedn); ! cupsdLogMessage(CUPSD_LOG_DEBUG2, "ldap_dereg_ou: dn=\"%s\"", dn); ! ! # if defined(HAVE_OPENLDAP) && LDAP_API_VERSION > 3000 ! if ((rc = ldap_delete_ext_s(BrowseLDAPHandle, dn, NULL, NULL)) != LDAP_SUCCESS) ! # else ! if ((rc = ldap_delete_s(BrowseLDAPHandle, dn)) != LDAPSUCCESS) ! # endif / defined(HAVE_OPENLDAP) && LDAP_APIVERSION > 3000 / ! { ! cupsdLogMessage(CUPSD_LOG_WARN, ! "LDAP delete for %s failed with status %d: %s", ! ou, rc, ldaperr2string(rc)); ! ! / ! * If we had a connection problem (connection timed out, etc.) ! * we should reconnect and try again to delete the entry... ! _/ ! ! if ((rc == LDAP_SERVER_DOWN) || (rc == LDAP_CONNECT_ERROR)) ! { ! cupsdLogMessage(CUPSD_LOG_INFO, ! "Retry deleting LDAP entry for %s after a reconnect...", ou); ! ldap_reconnect(); ! # if defined(HAVE_OPENLDAP) && LDAP_API_VERSION > 3000 ! if ((rc = ldap_delete_ext_s(BrowseLDAPHandle, dn, NULL, NULL)) != LDAP_SUCCESS) ! # else ! if ((rc = ldap_delete_s(BrowseLDAPHandle, dn)) != LDAPSUCCESS) ! # endif / defined(HAVE_OPENLDAP) && LDAP_APIVERSION > 3000 / ! cupsdLogMessage(CUPSD_LOG_WARN, ! "LDAP delete for %s failed with status %d: %s", ! ou, rc, ldaperr2string(rc)); ! } ! ! } ! } ! #endif / HAVE_LDAP */
"str1962.patch":
--- config-scripts/cups-ldap.m4 (revision 7797) +++ config-scripts/cups-ldap.m4 (working copy) @@ -14,22 +14,34 @@ dnl
AC_ARG_ENABLE(ldap, [ --enable-ldap turn on LDAP support, default=yes]) -AC_ARG_WITH(openldap-libs, [ --with-openldap-libs set directory for OpenLDAP library], +AC_ARG_WITH(ldap-libs, [ --with-ldap-libs set directory for LDAP library], LDFLAGS="-L$withval $LDFLAGS" DSOFLAGS="-L$withval $DSOFLAGS",) -AC_ARG_WITH(openldap-includes, [ --with-openldap-includes
set directory for OpenLDAP includes],
+AC_ARG_WITH(ldap-includes, [ --with-ldap-includes set directory for LDAP includes], CFLAGS="-I$withval $CFLAGS" CPPFLAGS="-I$withval $CPPFLAGS",)
LIBLDAP=""
if test x$enable_ldap != xno; then
]) fi
AC_SUBST(LIBLDAP)
--- doc/help/ref-cupsd-conf.html.in (revision 7797) +++ doc/help/ref-cupsd-conf.html.in (working copy) @@ -474,6 +474,20 @@ default is undefined.
+
+BrowseLDAPCACertFile /etc/cups/ssl/certs ++ +
The BrowseLDAPCACertFile
directive specifies the SSL certificate
+authority file to use for LDAP + SSL. The default is undefined.
--- man/cupsd.conf.man.in (revision 7797) +++ man/cupsd.conf.man.in (working copy) @@ -146,6 +146,26 @@ .br Specifies the maximum interval between printer information broadcasts. .TP 5 +BrowseLDAPBindDN +.br +Specifies the LDAP domain name to use when registering printers. +.TP 5 +BrowseLDAPCACertFile +.br +Specifies the SSL certificate authority file to use. +.TP 5 +BrowseLDAPDN +.br +Specifies the LDAP domain name to use when discovering printers. +.TP 5 +BrowseLDAPPassword +.br +Specifies the password to use when accessing the LDAP server. +.TP 5 +BrowseLDAPServer +.br +Specifies the LDAP server to use. +.TP 5 BrowseOrder allow,deny .TP 5 BrowseOrder deny,allow
--- config.h.in (revision 7798) +++ config.h.in (working copy) @@ -307,6 +307,10 @@
+#undef HAVE_MOZILLA_LDAP +#undef HAVE_LDAP_SSL_H +#undef HAVE_LDAP_SSL +#undef HAVE_LDAP_REBIND_PROC
/*
--- scheduler/dirsvc.c (revision 7797) +++ scheduler/dirsvc.c (working copy) @@ -14,55 +14,6 @@ *
Contents: *
/ @@ -104,7 +55,36 @@ static void process_implicit_classes(void); static void send_cups_browse(cupsd_printer_t p);
+static LDAP ldap_connect(void); +static void ldap_reconnect(void); +static void ldap_disconnect(LDAP ld); +static int ldap_search_rec(LDAP ld, char base, int scope,
static void send_slp_browse(cupsd_printer_t *p); @@ -131,7 +111,7 @@ static void dnssdUpdate(void);
-#ifdef HAVE_OPENLDAP +#ifdef HAVE_LDAP static const char * const ldapattrs[] =/* CUPS LDAP attributes / { "printerDescription", @@ -141,7 +121,7 @@ "printerURI", NULL }; -#endif /_ HAVEOPENLDAP / +#endif /_ HAVE_LDAP */
/* @@ -224,6 +204,11 @@ slp_dereg_printer(p);
+#ifdef HAVE_LDAP
if (removeit && (BrowseLocalProtocols & BROWSE_DNSSD) && DNSSDRef) dnssdDeregisterPrinter(p); @@ -928,7 +913,426 @@ }
+#ifdef HAVE_LDAP_REBIND_PROC +# if defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000) /*
@@ -1125,7 +1529,7 @@ BrowseSLPHandle = NULL;
-#ifdef HAVE_OPENLDAP +#ifdef HAVE_LDAP if ((BrowseLocalProtocols | BrowseRemoteProtocols) & BROWSE_LDAP) { if (!BrowseLDAPDN) @@ -1137,84 +1541,13 @@ } else {
BrowseLDAPHandle = ldap_connect();
}
BrowseLDAPRefresh = 0; } -#endif /* HAVEOPENLDAP / +#endif /_ HAVE_LDAP */
/*
-#ifdef HAVE_OPENLDAP +#ifdef HAVE_LDAP if (((BrowseLocalProtocols | BrowseRemoteProtocols) & BROWSE_LDAP) && BrowseLDAPHandle) {
@@ -1545,7 +1879,7 @@
-#ifdef HAVE_OPENLDAP +#ifdef HAVE_LDAP /*
}
/*
"printerDescription", info, sizeof(info)) == -1)
continue;
"printerLocation", location, sizeof(location)) == -1)
continue;
"printerMakeAndModel", make_model, sizeof(make_model)) == -1)
continue;
"printerType", type_num, sizeof(type_num)) == -1)
continue;
"printerURI", uri, sizeof(uri)) == -1)
continue;
/*
* Process the entry as browse data...
*/
@@ -1646,8 +2003,10 @@ location, info, make_model, 0, NULL);
} +
ldap_freeres(res); } -#endif /* HAVEOPENLDAP / +#endif /_ HAVE_LDAP */
@@ -3232,8 +3591,347 @@ }
-#ifdef HAVE_OPENLDAP +#ifdef HAVE_LDAP /*
@@ -3243,7 +3941,8 @@ int i; /* Looping var... / LDAPMod mods[7]; / The 7 attributes we will be adding / LDAPMod *pmods[8]; / Pointers to the 7 attributes + NULL */
LDAPMessage res; / Search result token */
LDAPMessage res, / Search result token */
e; / Current entry from search _/ char cnvalue[2], / Change records _/ uri[2], info[2], @@ -3251,9 +3950,14 @@ makemodel[2], *type[2], typestring[255], / String to hold printer-type */
filter[256], /* Search filter for possible UPDATEs / dn[1024]; / DN of the printer we are adding / int rc; / LDAP status */
char old_uri[HTTP_MAX_URI], /* Printer URI */
old_location[1024], /* Printer location */
old_info[1024], /* Printer information */
old_make_model[1024], /* Printer make and model */
old_type_string[30]; /* Temporary type number */
int oldtype; /* Printer type / static const char * const objectClassvalues[] = { / The 3 objectClass's we use in / "top", / our LDAP entries */ @@ -3262,9 +3966,35 @@ NULL };
cupsdLogMessage(CUPSD_LOG_DEBUG2, "send_ldap_browse: %s", p->name);
/*
* Exit function if LDAP updates has been disabled...
*/ +
if (!BrowseLDAPUpdate)
{
cupsdLogMessage(CUPSD_LOG_DEBUG2,
"send_ldap_browse: Updates temporary disabled; "
"skipping...");
return;
} +
/*
* Reconnect if LDAP Handle is invalid...
*/ +
if (!BrowseLDAPHandle)
{
cupsdLogMessage(CUPSD_LOG_DEBUG2,
"send_ldap_browse: LDAP Handle is invalid. Try "
"reconnecting...");
ldap_reconnect();
return;
} +
/*
@@ -3283,63 +4013,153 @@ uri[0] = p->uri; uri[1] = NULL;
*/
"send_ldap_browse: Add entry for %s", p->name);
for (i = 0; i < 7; i ++) { @@ -3348,15 +4168,157 @@ } pmods[i] = NULL;
+# if defined(HAVE_OPENLDAP) && LDAP_API_VERSION > 3000
+/*
/_
--- scheduler/dirsvc.h (revision 7797) +++ scheduler/dirsvc.h (working copy) @@ -22,12 +22,15 @@
-#ifdef HAVE_OPENLDAP +#ifdef HAVE_LDAP
-#endif /_ HAVEOPENLDAP /
+# ifdef HAVE_LDAP_SSL_H
+# include
/*
Browse protocols... @@ -150,22 +153,26 @@
-# ifdef HAVE_OPENLDAP VAR LDAP BrowseLDAPHandle VALUE(NULL); / Handle to LDAP server / -# endif / HAVEOPENLDAP / VAR timet BrowseLDAPRefresh VALUE(0); / Next LDAP refresh time / VAR char *BrowseLDAPBindDN VALUE(NULL), / LDAP login DN */
VAR char LPDConfigFile VALUE(NULL), /_ LPD configuration file /
Version: 1.4-feature CUPS.org User: krumboeck
This patch improves LDAP Browsing support:
) Try reconnecting to LDAP Server (in case of temporary failures) ) Rebind Connection when update referral is set (only OpenLDAP) ) Only Update when data has changed (to avoid unnecessary LDAP replications) ) Extended LDAP Schema from http://www.cups.org/str.php?L338
Please add the file printer.schema to the cups package.
PS: Maybe someone has an idea how to delete old LDAP entries?
best regards! Bernd