From 2a7777b59ea11d507a21aa2d3f24e03e49402571 Mon Sep 17 00:00:00 2001 From: Zachary Seguin Date: Fri, 7 May 2021 21:54:17 -0400 Subject: [PATCH] Set userPassword field for SASL authentication --- debian/changelog | 6 ++++++ src/op-adduser.c | 7 ++++++- 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/debian/changelog b/debian/changelog index 01f0f664..47c4c42d 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +ceo (0.7.0-buster1) buster; urgency=medium + + * Set userPassword field in LDAP for SASL authentication + + -- Zachary Seguin Fri, 07 May 2021 21:44:02 -0400 + ceo (0.6.0-buster1.2) buster; urgency=medium * Decrease minimum username length from 3 to 2 diff --git a/src/op-adduser.c b/src/op-adduser.c index 3b0fd82b..87fd3d45 100644 --- a/src/op-adduser.c +++ b/src/op-adduser.c @@ -146,6 +146,7 @@ static void adduser_spam(Ceo__AddUser *in, Ceo__AddUserResponse *out, char *clie static int32_t addmember(Ceo__AddUser *in, Ceo__AddUserResponse *out) { char homedir[1024]; char principal[1024]; + char sasl[1024]; int user_stat, group_stat, krb_stat, home_stat, quota_stat; int id; @@ -163,8 +164,12 @@ static int32_t addmember(Ceo__AddUser *in, Ceo__AddUserResponse *out) { if ((krb_stat = ceo_del_princ(in->username))) return response_message(out, EEXIST, "unable to overwrite orphaned kerberos principal %s", in->username); + if (snprintf(sasl, sizeof(sasl), "{SASL}%s", + principal) >= sizeof(sasl)) + fatal("sasl overflow"); + if ((user_stat = ceo_add_user(in->username, ldap_users_base, "member", in->realname, homedir, - member_shell, id, "program", in->program, NULL))) + member_shell, id, "program", in->program, "userPassword", sasl, NULL))) return response_message(out, ELDAP, "unable to create ldap account %s", in->username); response_message(out, 0, "successfully created ldap account");