#
# Patch to hardcode bind information into login-_ldap
# so you don't have to expose it in login.conf
# Can be placed directly into ports (<port-name>/patches) dir 
#
# NOTE: Don't forget to edit {BDN,BPWD} !
#
# Auth: Maxim Bourmistrov, maximATchl.chalmers.se (enATopenbsd.nu)
#

--- login_ldap.c.orig	Thu Aug  4 17:30:24 2005
+++ login_ldap.c	Thu Aug  4 17:38:13 2005
@@ -76,6 +76,8 @@
 #define CAP_LDAP_GSCOPE		"x-ldap-gscope"
 #define CAP_LDAP_NOREFERRALS	"x-ldap-noreferrals" /* bool */
 
+#define BDN	"uid=bind_user,ou=People,dc=site,dc=com"
+#define BPWD	"Password_to_bind_with"	
 int debug = 0;
 int noreferrals = 0;
 
@@ -707,11 +709,14 @@
 	int msgid, rc, parserc;
 	struct timeval timeo;
 	LDAPMessage *res;
+	char *bdn = BDN;
+	char *bpwd = BPWD;
 	char *binddn, *bindpw;
 	char *errmsg = "error";
 
 	if (username == NULL) {
-		binddn = login_getcapstr(lc, CAP_LDAP_BINDDN, NULL, errmsg);
+		binddn = bdn;
+/*		binddn = login_getcapstr(lc, CAP_LDAP_BINDDN, NULL, errmsg); */
 		if (binddn == errmsg) {
 			syslog(LOG_ERR, "couldnt get string for " 
 			    CAP_LDAP_BINDDN);
@@ -723,7 +728,8 @@
 		binddn = username;
 
 	if (password == NULL) {
-		bindpw = login_getcapstr(lc, CAP_LDAP_BINDPW, NULL, errmsg);
+		bindpw = bpwd;
+/*		bindpw = login_getcapstr(lc, CAP_LDAP_BINDPW, NULL, errmsg); */
 		if (bindpw == errmsg) {
 			syslog(LOG_ERR, "couldnt get string for " 
 			    CAP_LDAP_BINDPW);