Set userPassword field for SASL authentication

This commit is contained in:
Zachary Seguin 2021-05-07 21:54:17 -04:00
parent b5dda1df3d
commit 2a7777b59e
2 changed files with 12 additions and 1 deletions

debian/changelog vendored
View File

@ -1,3 +1,9 @@
ceo (0.7.0-buster1) buster; urgency=medium
* Set userPassword field in LDAP for SASL authentication
-- Zachary Seguin <> Fri, 07 May 2021 21:44:02 -0400
ceo (0.6.0-buster1.2) buster; urgency=medium
* Decrease minimum username length from 3 to 2

View File

@ -146,6 +146,7 @@ static void adduser_spam(Ceo__AddUser *in, Ceo__AddUserResponse *out, char *clie
static int32_t addmember(Ceo__AddUser *in, Ceo__AddUserResponse *out) {
char homedir[1024];
char principal[1024];
char sasl[1024];
int user_stat, group_stat, krb_stat, home_stat, quota_stat;
int id;
@ -163,8 +164,12 @@ static int32_t addmember(Ceo__AddUser *in, Ceo__AddUserResponse *out) {
if ((krb_stat = ceo_del_princ(in->username)))
return response_message(out, EEXIST, "unable to overwrite orphaned kerberos principal %s", in->username);
if (snprintf(sasl, sizeof(sasl), "{SASL}%s",
principal) >= sizeof(sasl))
fatal("sasl overflow");
if ((user_stat = ceo_add_user(in->username, ldap_users_base, "member", in->realname, homedir,
member_shell, id, "program", in->program, NULL)))
member_shell, id, "program", in->program, "userPassword", sasl, NULL)))
return response_message(out, ELDAP, "unable to create ldap account %s", in->username);
response_message(out, 0, "successfully created ldap account");