Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/app-admin/sudo/files/sudo-ldap_timelimit.diff
diff options
context:
space:
mode:
Diffstat (limited to 'app-admin/sudo/files/sudo-ldap_timelimit.diff')
-rw-r--r--app-admin/sudo/files/sudo-ldap_timelimit.diff76
1 files changed, 76 insertions, 0 deletions
diff --git a/app-admin/sudo/files/sudo-ldap_timelimit.diff b/app-admin/sudo/files/sudo-ldap_timelimit.diff
new file mode 100644
index 000000000000..2c13ba4ed4e6
--- /dev/null
+++ b/app-admin/sudo/files/sudo-ldap_timelimit.diff
@@ -0,0 +1,76 @@
+diff -urN sudo-1.6.8p8/ldap.c sudo-1.6.8p8-patched/ldap.c
+--- sudo-1.6.8p8/ldap.c 2004-12-01 03:28:46.000000000 +0000
++++ sudo-1.6.8p8-patched/ldap.c 2005-06-22 08:14:59.000000000 +0000
+@@ -82,6 +82,8 @@
+ char *bindpw;
+ char *base;
+ char *ssl;
++ int bind_timelimit;
++ int timelimit;
+ int tls_checkpeer;
+ char *tls_cacertfile;
+ char *tls_cacertdir;
+@@ -545,6 +547,8 @@
+ else MATCH_S("tls_cert", ldap_conf.tls_certfile)
+ else MATCH_S("tls_key", ldap_conf.tls_keyfile)
+ else MATCH_I("ldap_version", ldap_conf.version)
++ else MATCH_I("bind_timelimit", ldap_conf.bind_timelimit)
++ else MATCH_I("timelimit", ldap_conf.timelimit)
+ else MATCH_S("uri", ldap_conf.uri)
+ else MATCH_S("binddn", ldap_conf.binddn)
+ else MATCH_S("bindpw", ldap_conf.bindpw)
+@@ -566,6 +570,8 @@
+ if (!ldap_conf.version) ldap_conf.version=3;
+ if (!ldap_conf.port) ldap_conf.port=389;
+ if (!ldap_conf.host) ldap_conf.host=estrdup("localhost");
++ if (!ldap_conf.bind_timelimit) ldap_conf.bind_timelimit=30;
++ if (!ldap_conf.timelimit) ldap_conf.timelimit=30;
+
+
+ if (ldap_conf.debug>1) {
+@@ -589,6 +595,10 @@
+ ldap_conf.binddn : "(anonymous)");
+ printf("bindpw %s\n", ldap_conf.bindpw ?
+ ldap_conf.bindpw : "(anonymous)");
++ printf("bind_timelimit %d\n", ldap_conf.bind_timelimit ?
++ ldap_conf.bind_timelimit : 30);
++ printf("timelimit %d\n", ldap_conf.timelimit ?
++ ldap_conf.timelimit : 30);
+ #ifdef HAVE_LDAP_START_TLS_S
+ printf("ssl %s\n", ldap_conf.ssl ?
+ ldap_conf.ssl : "(no)");
+@@ -772,6 +782,34 @@
+ }
+ #endif /* LDAP_OPT_X_TLS_REQUIRE_CERT */
+
++ /* setup timelimit options */
++
++SET_OPTI(LDAP_OPT_TIMELIMIT, "TIMELIMIT", timelimit);
++
++#ifdef LDAP_X_OPT_CONNECT_TIMEOUT
++ int timeout;
++ timeout = ldap_conf.bind_timelimit * 1000;
++
++ SET_OPTI(LDAP_X_OPT_CONNECT_TIMEOUT, "X_OPT_CONNECT_TIMEOUT", timeout);
++#endif
++
++#ifdef LDAP_OPT_NETWORK_TIMEOUT
++ if (ldap_conf.debug>1) fprintf(stderr, "setting bind_timelimit to %d\n", \
++ ldap_conf.bind_timelimit);
++
++ struct timeval tv;
++
++ tv.tv_sec = ldap_conf.bind_timelimit;
++ tv.tv_usec = 0;
++
++ rc = ldap_set_option (ld, LDAP_OPT_NETWORK_TIMEOUT, &tv);
++
++ if (rc != LDAP_OPT_SUCCESS) {
++ fprintf(stderr, "bind_timelimit ldap_set_option failed: %s\n", ldap_err2string(rc));
++ return VALIDATE_ERROR;
++ }
++#endif
++
+ /* attempt connect */
+ #ifdef HAVE_LDAP_INITIALIZE
+ if (ldap_conf.uri) {