Add `auth-source-search' integration for LDAP searches.

* net/ldap.el (ldap-search-internal): Add `auth-source-search' integration for LDAP parameters. The host, base, user or binddn, and secret tokens can be specified in a netrc file, for instance. This is optional because an `auth-source' parameter must be specified in the search attributes.
author: Ted Zlatanov 2011-03-13 17:17:17 -0500
committer: Ted Zlatanov 2011-03-13 17:17:17 -0500
commit: eebc475df54de7ad5c04ef7cddc083c865235540 (patch)
tree: 0b84064a43926776dd8b651f3516ee7732653cb9
parent: 67613d3160cd9e87daabfb036828ceb5325d889b (diff)
download: emacs-eebc475df54de7ad5c04ef7cddc083c865235540.tar.gz
emacs-eebc475df54de7ad5c04ef7cddc083c865235540.zip
2 files changed, 46 insertions, 5 deletions
diff --git a/lisp/ChangeLog b/lisp/ChangeLog
index 1f50ee9ebe6..c74e7cbdb2d 100644
--- a/lisp/ChangeLog
+++ b/lisp/ChangeLog
@@ -1,3 +1,11 @@
+2011-03-13  Teodor Zlatanov  <tzz@lifelogs.com>
+        * net/ldap.el (ldap-search-internal): Add `auth-source-search'
+        integration for LDAP parameters.  The host, base, user or binddn,
+        and secret tokens can be specified in a netrc file, for instance.
+        This is optional because an `auth-source' parameter must be
+        specified in the search attributes.
 2011-03-13  Juanma Barranquero  <lekktu@gmail.com>
        * help.el (describe-mode): Link to the mode's definition (bug#8185).
diff --git a/lisp/net/ldap.el b/lisp/net/ldap.el
index 3ccad277ffb..2caf8dec30f 100644
--- a/lisp/net/ldap.el
+++ b/lisp/net/ldap.el
@@ -36,6 +36,8 @@
 (require 'custom)
 (eval-when-compile (require 'cl))
+(autoload 'auth-source-search "auth-source")
 (defgroup ldap nil
  "Lightweight Directory Access Protocol."
  :version "21.1"
@@ -480,6 +482,22 @@ Additional search parameters can be specified through
  "Perform a search on a LDAP server.
 SEARCH-PLIST is a property list describing the search request.
 Valid keys in that list are:
+  `auth-source', if non-nil, will use `auth-source-search' and
+will grab the :host, :secret, :base, and (:user or :binddn)
+tokens into the `host', `passwd', `base', and `binddn' parameters
+respectively if they are not provided in SEARCH-PLIST.  So for
+instance *each* of these netrc lines has the same effect if you
+ask for the host \"ldapserver:2400\":
+  machine ldapserver:2400 login myDN secret myPassword base myBase
+  machine ldapserver:2400 binddn myDN secret myPassword port ldap
+  login myDN secret myPassword base myBase
+but if you have more than one in your netrc file, only the first
+matching one will be used.  Note the \"port ldap\" part is NOT
+required.
  `host' is a string naming one or more (blank-separated) LDAP servers to
 to try to connect to.  Each host name may optionally be of the form HOST:PORT.
  `filter' is a filter string for the search as described in RFC 1558.
@@ -500,19 +518,34 @@ not their associated values.
 its distinguished name DN.
 The function returns a list of matching entries.  Each entry is itself
 an alist of attribute/value pairs."
-  (let ((buf (get-buffer-create " *ldap-search*"))
+  (let* ((buf (get-buffer-create " *ldap-search*"))
        (bufval (get-buffer-create " *ldap-value*"))
        (host (or (plist-get search-plist 'host)
                  ldap-default-host))
+         ;; find entries with port "ldap" that match the requested host if any
+         (asfound (when (plist-get search-plist 'auth-source)
+                    (nth 0 (auth-source-search :host (or host t)
+                                               :create t))))
+         ;; if no host was requested, get it from the auth-source entry
+         (host (or host (plist-get asfound :host)))
+         ;; get the password from the auth-source
+         (passwd (or (plist-get search-plist 'passwd)
+                     (plist-get asfound :secret)))
+         ;; convert the password from a function call if needed
+         (passwd (if (functionp passwd) (funcall passwd) passwd))
+         ;; get the binddn from the search-list or from the
+         ;; auth-source user or binddn tokens
+         (binddn (or (plist-get search-plist 'binddn)
+                     (plist-get asfound :user)
+                     (plist-get asfound :binddn)))
+         (base (or (plist-get search-plist 'base)
+                   (plist-get asfound :base)
+                   ldap-default-base))
        (filter (plist-get search-plist 'filter))
        (attributes (plist-get search-plist 'attributes))
        (attrsonly (plist-get search-plist 'attrsonly))
-        (base (or (plist-get search-plist 'base)
-                  ldap-default-base))
        (scope (plist-get search-plist 'scope))
-        (binddn (plist-get search-plist 'binddn))
        (auth (plist-get search-plist 'auth))
-        (passwd (plist-get search-plist 'passwd))
        (deref (plist-get search-plist 'deref))
        (timelimit (plist-get search-plist 'timelimit))
        (sizelimit (plist-get search-plist 'sizelimit))
author	Ted Zlatanov	2011-03-13 17:17:17 -0500
committer	Ted Zlatanov	2011-03-13 17:17:17 -0500
commit	eebc475df54de7ad5c04ef7cddc083c865235540 (patch)
tree	0b84064a43926776dd8b651f3516ee7732653cb9
parent	67613d3160cd9e87daabfb036828ceb5325d889b (diff)
download	emacs-eebc475df54de7ad5c04ef7cddc083c865235540.tar.gz emacs-eebc475df54de7ad5c04ef7cddc083c865235540.zip

diff --git a/lisp/ChangeLog b/lisp/ChangeLog index 1f50ee9ebe6..c74e7cbdb2d 100644 --- a/lisp/ChangeLog +++ b/lisp/ChangeLog
@@ -1,3 +1,11 @@
		1	2011-03-13 Teodor Zlatanov <tzz@lifelogs.com>
		2
		3	* net/ldap.el (ldap-search-internal): Add `auth-source-search'
		4	integration for LDAP parameters. The host, base, user or binddn,
		5	and secret tokens can be specified in a netrc file, for instance.
		6	This is optional because an `auth-source' parameter must be
		7	specified in the search attributes.
		8
1	2011-03-13 Juanma Barranquero <lekktu@gmail.com>	9	2011-03-13 Juanma Barranquero <lekktu@gmail.com>
2		10
3	* help.el (describe-mode): Link to the mode's definition (bug#8185).	11	* help.el (describe-mode): Link to the mode's definition (bug#8185).


diff --git a/lisp/net/ldap.el b/lisp/net/ldap.el index 3ccad277ffb..2caf8dec30f 100644 --- a/lisp/net/ldap.el +++ b/lisp/net/ldap.el
@@ -36,6 +36,8 @@
36	(require 'custom)	36	(require 'custom)
37	(eval-when-compile (require 'cl))	37	(eval-when-compile (require 'cl))
38		38
		39	(autoload 'auth-source-search "auth-source")
		40
39	(defgroup ldap nil	41	(defgroup ldap nil
40	"Lightweight Directory Access Protocol."	42	"Lightweight Directory Access Protocol."
41	:version "21.1"	43	:version "21.1"
@@ -480,6 +482,22 @@ Additional search parameters can be specified through
480	"Perform a search on a LDAP server.	482	"Perform a search on a LDAP server.
481	SEARCH-PLIST is a property list describing the search request.	483	SEARCH-PLIST is a property list describing the search request.
482	Valid keys in that list are:	484	Valid keys in that list are:
		485
		486	`auth-source', if non-nil, will use `auth-source-search' and
		487	will grab the :host, :secret, :base, and (:user or :binddn)
		488	tokens into the `host', `passwd', `base', and `binddn' parameters
		489	respectively if they are not provided in SEARCH-PLIST. So for
		490	instance each of these netrc lines has the same effect if you
		491	ask for the host \"ldapserver:2400\":
		492
		493	machine ldapserver:2400 login myDN secret myPassword base myBase
		494	machine ldapserver:2400 binddn myDN secret myPassword port ldap
		495	login myDN secret myPassword base myBase
		496
		497	but if you have more than one in your netrc file, only the first
		498	matching one will be used. Note the \"port ldap\" part is NOT
		499	required.
		500
483	`host' is a string naming one or more (blank-separated) LDAP servers to	501	`host' is a string naming one or more (blank-separated) LDAP servers to
484	to try to connect to. Each host name may optionally be of the form HOST:PORT.	502	to try to connect to. Each host name may optionally be of the form HOST:PORT.
485	`filter' is a filter string for the search as described in RFC 1558.	503	`filter' is a filter string for the search as described in RFC 1558.
@@ -500,19 +518,34 @@ not their associated values.
500	its distinguished name DN.	518	its distinguished name DN.
501	The function returns a list of matching entries. Each entry is itself	519	The function returns a list of matching entries. Each entry is itself
502	an alist of attribute/value pairs."	520	an alist of attribute/value pairs."
503	(let ((buf (get-buffer-create " ldap-search"))	521	(let* ((buf (get-buffer-create " ldap-search"))
504	(bufval (get-buffer-create " ldap-value"))	522	(bufval (get-buffer-create " ldap-value"))
505	(host (or (plist-get search-plist 'host)	523	(host (or (plist-get search-plist 'host)
506	ldap-default-host))	524	ldap-default-host))
		525	;; find entries with port "ldap" that match the requested host if any
		526	(asfound (when (plist-get search-plist 'auth-source)
		527	(nth 0 (auth-source-search :host (or host t)
		528	:create t))))
		529	;; if no host was requested, get it from the auth-source entry
		530	(host (or host (plist-get asfound :host)))
		531	;; get the password from the auth-source
		532	(passwd (or (plist-get search-plist 'passwd)
		533	(plist-get asfound :secret)))
		534	;; convert the password from a function call if needed
		535	(passwd (if (functionp passwd) (funcall passwd) passwd))
		536	;; get the binddn from the search-list or from the
		537	;; auth-source user or binddn tokens
		538	(binddn (or (plist-get search-plist 'binddn)
		539	(plist-get asfound :user)
		540	(plist-get asfound :binddn)))
		541	(base (or (plist-get search-plist 'base)
		542	(plist-get asfound :base)
		543	ldap-default-base))
507	(filter (plist-get search-plist 'filter))	544	(filter (plist-get search-plist 'filter))
508	(attributes (plist-get search-plist 'attributes))	545	(attributes (plist-get search-plist 'attributes))
509	(attrsonly (plist-get search-plist 'attrsonly))	546	(attrsonly (plist-get search-plist 'attrsonly))
510	(base (or (plist-get search-plist 'base)
511	ldap-default-base))
512	(scope (plist-get search-plist 'scope))	547	(scope (plist-get search-plist 'scope))
513	(binddn (plist-get search-plist 'binddn))
514	(auth (plist-get search-plist 'auth))	548	(auth (plist-get search-plist 'auth))
515	(passwd (plist-get search-plist 'passwd))
516	(deref (plist-get search-plist 'deref))	549	(deref (plist-get search-plist 'deref))
517	(timelimit (plist-get search-plist 'timelimit))	550	(timelimit (plist-get search-plist 'timelimit))
518	(sizelimit (plist-get search-plist 'sizelimit))	551	(sizelimit (plist-get search-plist 'sizelimit))