More work on LDAP integration

diff --git a/spam/config.info b/spam/config.info
index 6e15cef..86911e3 100644 (file)
--- a/spam/config.info
+++ b/spam/config.info
@@ -18,4 +18,6 @@ pass=LDAP or SQL server password,0
 db=SQL database name,3,Not needed
 base=LDAP base DN,3,Not needed
 dbglobal=Tag for global settings in SQL database,3,Default (<tt>@GLOBAL</tt>)
+attr=LDAP attribute for SpamAssassin preferences,3,Default (<tt>spamassassin</tt>)
+uid=LDAP attribute for usernames,3,Default (<tt>uid</tt>)
 addto=Add new directives to,1,1-SQL or LDAP database,0-Configuration file

diff --git a/spam/lang/en b/spam/lang/en
index 5fe0d73..72c6d0d 100644 (file)
--- a/spam/lang/en
+++ b/spam/lang/en
@@ -294,6 +294,13 @@ after_ecmd=After-saving command failed : $1
 connect_emysql=Failed to load the database driver $1
 connect_elogin=Failed to login to the database $1 : $2.
 connect_equery=The database $1 does not contain the preferences table $2
+connect_eldapmod=Perl module $1 needed to communicate with LDAP is not installed or not loadable
+connect_eldap=Failed to connect to LDAP server $1 on port $2
+connect_eldaplogin=Failed to login to LDAP server $1 as $2 : $3
+connect_ebase=LDAP base DN $1 is not valid : $2
+
+eldap=LDAP operation failed : $1
+esql=SQL failed : $1
 
 db_title=SQL and LDAP Databases
 db_header=Configuration storage database options

diff --git a/spam/spam-lib.pl b/spam/spam-lib.pl
index 3621330..35e7dfc 100644 (file)
--- a/spam/spam-lib.pl
+++ b/spam/spam-lib.pl
@@ -1,7 +1,5 @@
 # spam-lib.pl
 # Common functions for parsing and editing the spamassassin config file
-# XXX online help
-# XXX whitelist editing?
 
 do '../web-lib.pl';
 &init_config();
@@ -36,6 +34,8 @@ else {
        $include_config_files = 1;
        $add_to_db = $config{'addto'};
        }
+$ldap_spamassassin_attr = $config{'attr'} || 'spamassassin';
+$ldap_username_attr = $config{'uid'} || 'uid';
 $add_cf = !-d $local_cf ? $local_cf :
          $module_info{'usermin'} ? "$local_cf/user_prefs" :
                                    "$local_cf/local.cf";
@@ -107,7 +107,15 @@ if ($config{'mode'} == 1 || $config{'mode'} == 2) {
        }
 elsif ($config{'mode'} == 3) {
        # From LDAP
-       # XXX
+       local $ldap = &connect_spamassassin_ldap();
+       &error($ldap) if (!ref($ldap));
+       local $rv = $ldap->search(base => $config{'base'},
+                 filter => "($ldap_username_attr=$database_userpref_name)",
+                 );
+       if (!$rv || $rv->code) {
+               &error(&text('eldap', $rv ? $rv->error : "Search failed"));
+               }
+       # XXX get attributes
        }
 
 return \@rv;
@@ -742,7 +750,16 @@ elsif ($config{'mode'} == 1 || $config{'mode'} == 2) {
        }
 elsif ($config{'mode'} == 3) {
        # Connect to LDAP
-       # XXX
+       local $ldap = &connect_spamassassin_ldap();
+       return $ldap if (!ref($ldap));
+       local $rv = $ldap->search(base => $config{'base'},
+                                 filter => "(uid=$remote_user)",
+                                 sizelimit => 1);
+       if (!$rv || $rv->code) {
+               return &text('connect_ebase', "<tt>$config{'base'}</tt>",
+                            $rv ? $rv->error : "Unknown search error");
+               }
+       return undef;
        }
 else {
        return "Unknown config mode $config{'mode'} !";
@@ -764,16 +781,44 @@ use DBI;
 \$drh = DBI->install_driver(\$driver);
 EOF
 if ($@) {
-       return &text('connect_edriver', "DBD::$driver");
+       return &text('connect_edriver', "<tt>DBD::$driver</tt>");
         }
-local $dbistr = &make_dbistr($driver, $config{'db'}, $config{'host'});
+local $dbistr = &make_dbistr($driver, $config{'db'}, $config{'server'});
 local $dbh = $drh->connect($dbistr,
                            $config{'user'}, $config{'pass'}, { });
-$dbh || return &text('connect_elogin', "<tt>$config{'db'}</tt>",$drh->errstr)."\n";
+$dbh || return &text('connect_elogin',
+                    "<tt>$config{'db'}</tt>", $drh->errstr)."\n";
 $connect_spamassasin_db_cache = $dbh;
 return $dbh;
 }
 
+# connect_spamassassin_ldap()
+# Attempts to connect to the configured LDAP DB, and returns the handle on
+# success, or an error message on failure.
+sub connect_spamassassin_ldap
+{
+if (defined($connect_spamassasin_ldap_cache)) {
+       return $connect_spamassasin_ldap_cache;
+       }
+eval "use Net::LDAP";
+if ($@) {
+       return &text('connect_eldapmod', "<tt>Net::LDAP</tt>");
+       }
+local $port = $config{'port'} || 389;
+local $ldap = Net::LDAP->new($config{'server'}, port => $port);
+if (!$ldap) {
+       return &text('connect_eldap', "<tt>$config{'server'}</tt>", $port);
+       }
+local $mesg = $ldap->bind(dn => $config{'user'}, password => $config{'pass'});
+if (!$mesg || $mesg->code) {
+       return &text('connect_eldaplogin', "<tt>$config{'server'}</tt>",
+                    "<tt>$config{'user'}</tt>",
+                    $mesg ? $mesg->error : "Unknown error");
+       }
+$connect_spamassasin_ldap_cache = $ldap;
+return $ldap;
+}
+
 sub make_dbistr
 {
 local ($driver, $db, $host) = @_;
@@ -793,7 +838,5 @@ if ($host) {
 return $rv;
 }
 
-
-
 1;