diff --git a/common/seaf-utils.c b/common/seaf-utils.c index f7c50001..0a00b848 100644 --- a/common/seaf-utils.c +++ b/common/seaf-utils.c @@ -64,7 +64,6 @@ typedef struct DBOption { char *user; char *passwd; char *host; - char *unix_socket; char *ca_path; char *charset; char *ccnet_db_name; @@ -83,7 +82,6 @@ db_option_free (DBOption *option) g_free (option->user); g_free (option->passwd); g_free (option->host); - g_free (option->unix_socket); g_free (option->ca_path); g_free (option->charset); g_free (option->ccnet_db_name); @@ -119,7 +117,7 @@ load_db_option_from_env (DBOption *option) option->ccnet_db_name = g_strdup (env_ccnet_db); } else if (!option->ccnet_db_name) { option->ccnet_db_name = g_strdup ("ccnet_db"); - seaf_message ("Failed to read SEAFILE_MYSQL_DB_CCNET_DB_NAME, use ccnet_db by default"); + seaf_message ("Failed to read SEAFILE_MYSQL_DB_CCNET_DB_NAME, use ccnet_db by default"); } if (env_seafile_db) { g_free (option->seafile_db_name); @@ -139,9 +137,6 @@ load_db_option (SeafileSession *session) int ret = 0; DBOption *option = g_new0 (DBOption, 1); - option->unix_socket = seaf_key_file_get_string (session->config, - "database", "unix_socket", NULL); - option->host = seaf_key_file_get_string (session->config, "database", "host", NULL); option->port = g_key_file_get_integer (session->config, "database", "port", &error); @@ -186,19 +181,19 @@ load_db_option (SeafileSession *session) load_db_option_from_env (option); - if (!option->host && !option->unix_socket) { + if (!option->host) { seaf_warning ("DB host not set in config.\n"); ret = -1; goto out; } - if (!option->user && !option->unix_socket) { + if (!option->user) { seaf_warning ("DB user not set in config.\n"); ret = -1; goto out; } - if (!option->passwd && !option->unix_socket) { + if (!option->passwd) { seaf_warning ("DB passwd not set in config.\n"); ret = -1; goto out; @@ -236,7 +231,7 @@ mysql_db_start (SeafileSession *session) } session->db = seaf_db_new_mysql (option->host, option->port, option->user, option->passwd, option->seafile_db_name, - option->unix_socket, option->use_ssl, option->skip_verify, option->ca_path, option->charset, option->max_connections); + NULL, option->use_ssl, option->skip_verify, option->ca_path, option->charset, option->max_connections); if (!session->db) { db_option_free (option); seaf_warning ("Failed to start mysql db.\n"); @@ -376,7 +371,7 @@ ccnet_init_mysql_database (SeafileSession *session) } session->ccnet_db = seaf_db_new_mysql (option->host, option->port, option->user, option->passwd, option->ccnet_db_name, - option->unix_socket, option->use_ssl, option->skip_verify, option->ca_path, option->charset, option->max_connections); + NULL, option->use_ssl, option->skip_verify, option->ca_path, option->charset, option->max_connections); if (!session->ccnet_db) { db_option_free (option); seaf_warning ("Failed to open ccnet database.\n"); diff --git a/common/user-mgr.c b/common/user-mgr.c index 1eb47c48..b7beb6f8 100644 --- a/common/user-mgr.c +++ b/common/user-mgr.c @@ -185,6 +185,50 @@ ccnet_user_manager_set_max_users (CcnetUserManager *manager, gint64 max_users) static int try_load_ldap_settings (CcnetUserManager *manager) { + GKeyFile *config = manager->session->ccnet_config; + manager->ldap_host = ccnet_key_file_get_string (config, "LDAP", "HOST"); + if (!manager->ldap_host) + return 0; + + manager->use_ldap = TRUE; + +#ifdef WIN32 + manager->use_ssl = g_key_file_get_boolean (config, "LDAP", "USE_SSL", NULL); +#endif + + char *base_list = ccnet_key_file_get_string (config, "LDAP", "BASE"); + if (!base_list) { + ccnet_warning ("LDAP: BASE not found in config file.\n"); + return -1; + } + manager->base_list = g_strsplit (base_list, ";", -1); + + manager->filter = ccnet_key_file_get_string (config, "LDAP", "FILTER"); + + manager->user_dn = ccnet_key_file_get_string (config, "LDAP", "USER_DN"); + if (manager->user_dn) { + manager->password = ccnet_key_file_get_string (config, "LDAP", "PASSWORD"); + if (!manager->password) { + ccnet_warning ("LDAP: PASSWORD not found in config file.\n"); + return -1; + } + } + /* Use anonymous if user_dn is not set. */ + + manager->login_attr = ccnet_key_file_get_string (config, "LDAP", "LOGIN_ATTR"); + if (!manager->login_attr) + manager->login_attr = g_strdup("mail"); + + GError *error = NULL; + manager->follow_referrals = g_key_file_get_boolean (config, + "LDAP", "FOLLOW_REFERRALS", + &error); + if (error) { + /* Default is follow referrals. */ + g_clear_error (&error); + manager->follow_referrals = TRUE; + } + return 0; } diff --git a/fileserver/fileserver.go b/fileserver/fileserver.go index 7f1ecf31..70887582 100644 --- a/fileserver/fileserver.go +++ b/fileserver/fileserver.go @@ -98,17 +98,13 @@ func loadCcnetDB() { var dsn string timeout := "&readTimeout=60s" + "&writeTimeout=60s" - if dbOpt.UnixSocket == "" { - if dbOpt.UseTLS && dbOpt.SkipVerify { - dsn = fmt.Sprintf("%s:%s@tcp(%s:%d)/%s?tls=skip-verify%s", dbOpt.User, dbOpt.Password, dbOpt.Host, dbOpt.Port, dbOpt.CcnetDbName, timeout) - } else if dbOpt.UseTLS && !dbOpt.SkipVerify { - registerCA(dbOpt.CaPath) - dsn = fmt.Sprintf("%s:%s@tcp(%s:%d)/%s?tls=custom%s", dbOpt.User, dbOpt.Password, dbOpt.Host, dbOpt.Port, dbOpt.CcnetDbName, timeout) - } else { - dsn = fmt.Sprintf("%s:%s@tcp(%s:%d)/%s?tls=%t%s", dbOpt.User, dbOpt.Password, dbOpt.Host, dbOpt.Port, dbOpt.CcnetDbName, dbOpt.UseTLS, timeout) - } + if dbOpt.UseTLS && dbOpt.SkipVerify { + dsn = fmt.Sprintf("%s:%s@tcp(%s:%d)/%s?tls=skip-verify%s", dbOpt.User, dbOpt.Password, dbOpt.Host, dbOpt.Port, dbOpt.CcnetDbName, timeout) + } else if dbOpt.UseTLS && !dbOpt.SkipVerify { + registerCA(dbOpt.CaPath) + dsn = fmt.Sprintf("%s:%s@tcp(%s:%d)/%s?tls=custom%s", dbOpt.User, dbOpt.Password, dbOpt.Host, dbOpt.Port, dbOpt.CcnetDbName, timeout) } else { - dsn = fmt.Sprintf("%s:%s@unix(%s)/%s?readTimeout=60s&writeTimeout=60s", dbOpt.User, dbOpt.Password, dbOpt.UnixSocket, dbOpt.CcnetDbName) + dsn = fmt.Sprintf("%s:%s@tcp(%s:%d)/%s?tls=%t%s", dbOpt.User, dbOpt.Password, dbOpt.Host, dbOpt.Port, dbOpt.CcnetDbName, dbOpt.UseTLS, timeout) } ccnetDB, err = sql.Open("mysql", dsn) if err != nil { @@ -126,13 +122,13 @@ func loadDBOption() (*DBOption, error) { } dbOpt = loadDBOptionFromEnv(dbOpt) - if dbOpt.Host == "" && dbOpt.UnixSocket == "" { + if dbOpt.Host == "" { return nil, fmt.Errorf("no database host in seafile.conf.") } if dbOpt.User == "" { return nil, fmt.Errorf("no database user in seafile.conf.") } - if dbOpt.UnixSocket == "" && dbOpt.Password == "" { + if dbOpt.Password == "" { return nil, fmt.Errorf("no database password in seafile.conf.") } @@ -146,7 +142,6 @@ type DBOption struct { Port int CcnetDbName string SeafileDbName string - UnixSocket string CaPath string UseTLS bool SkipVerify bool @@ -213,29 +208,21 @@ func loadDBOptionFromFile() (*DBOption, error) { if dbEngine != "mysql" { return nil, fmt.Errorf("unsupported database %s.", dbEngine) } - if key, err = section.GetKey("unix_socket"); err == nil { - dbOpt.UnixSocket = key.String() - } if key, err = section.GetKey("host"); err == nil { dbOpt.Host = key.String() - } else if dbOpt.UnixSocket == "" { - return dbOpt, fmt.Errorf("no database host in seafile.conf.") } // user is required. - if key, err = section.GetKey("user"); err != nil { - return dbOpt, fmt.Errorf("no database user in seafile.conf.") + if key, err = section.GetKey("user"); err == nil { + dbOpt.User = key.String() } - dbOpt.User = key.String() if key, err = section.GetKey("password"); err == nil { dbOpt.Password = key.String() - } else if dbOpt.UnixSocket == "" { - return dbOpt, fmt.Errorf("no database password in seafile.conf.") } - if key, err = section.GetKey("db_name"); err != nil { - return dbOpt, fmt.Errorf("no database db_name in seafile.conf.") + + if key, err = section.GetKey("db_name"); err == nil { + dbOpt.SeafileDbName = key.String() } - dbOpt.SeafileDbName = key.String() port := 3306 if key, err = section.GetKey("port"); err == nil { port, _ = key.Int() @@ -281,17 +268,13 @@ func loadSeafileDB() { var dsn string timeout := "&readTimeout=60s" + "&writeTimeout=60s" - if dbOpt.UnixSocket == "" { - if dbOpt.UseTLS && dbOpt.SkipVerify { - dsn = fmt.Sprintf("%s:%s@tcp(%s:%d)/%s?tls=skip-verify%s", dbOpt.User, dbOpt.Password, dbOpt.Host, dbOpt.Port, dbOpt.SeafileDbName, timeout) - } else if dbOpt.UseTLS && !dbOpt.SkipVerify { - registerCA(dbOpt.CaPath) - dsn = fmt.Sprintf("%s:%s@tcp(%s:%d)/%s?tls=custom%s", dbOpt.User, dbOpt.Password, dbOpt.Host, dbOpt.Port, dbOpt.SeafileDbName, timeout) - } else { - dsn = fmt.Sprintf("%s:%s@tcp(%s:%d)/%s?tls=%t%s", dbOpt.User, dbOpt.Password, dbOpt.Host, dbOpt.Port, dbOpt.SeafileDbName, dbOpt.UseTLS, timeout) - } + if dbOpt.UseTLS && dbOpt.SkipVerify { + dsn = fmt.Sprintf("%s:%s@tcp(%s:%d)/%s?tls=skip-verify%s", dbOpt.User, dbOpt.Password, dbOpt.Host, dbOpt.Port, dbOpt.SeafileDbName, timeout) + } else if dbOpt.UseTLS && !dbOpt.SkipVerify { + registerCA(dbOpt.CaPath) + dsn = fmt.Sprintf("%s:%s@tcp(%s:%d)/%s?tls=custom%s", dbOpt.User, dbOpt.Password, dbOpt.Host, dbOpt.Port, dbOpt.SeafileDbName, timeout) } else { - dsn = fmt.Sprintf("%s:%s@unix(%s)/%s?readTimeout=60s&writeTimeout=60s", dbOpt.User, dbOpt.Password, dbOpt.UnixSocket, dbOpt.SeafileDbName) + dsn = fmt.Sprintf("%s:%s@tcp(%s:%d)/%s?tls=%t%s", dbOpt.User, dbOpt.Password, dbOpt.Host, dbOpt.Port, dbOpt.SeafileDbName, dbOpt.UseTLS, timeout) } seafileDB, err = sql.Open("mysql", dsn)