dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'v2.0' into 1783

Browse Source
This commit is contained in:
Christophe Maudoux 2019-06-23 10:19:13 +02:00
commit 6e029c413f
6 changed files with 25 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
debian/lemonldap-ng-fastcgi-server.install vendored
View File

@ -1,2 +1 @@
/usr/sbin/llng-fastcgi-server
/etc/lemonldap-ng/nginx*

1
debian/lemonldap-ng-handler.install vendored
View File

@ -1,3 +1,4 @@
/etc/lemonldap-ng/nginx*
/etc/lemonldap-ng/handler-apache2.conf
/etc/lemonldap-ng/handler-nginx.conf
/etc/lemonldap-ng/test-apache2.conf

8
fastcgi-server/sbin/llng-fastcgi-server
View File

@ -44,13 +44,13 @@ GetOptions(
);
if ($group) {
my $grp = getgrnam($group) or warn "Can't change uid to $group";
POSIX::setgid($grp);
my $grp = getgrnam($group) or die "Can't change gid to $group";
POSIX::setgid($grp) or die "setgid: $!";
}
if ($user) {
my $uid = getpwnam($user) or warn "Can't change uid to $user";
POSIX::setuid($uid);
my $uid = getpwnam($user) or die "Can't change uid to $user";
POSIX::setuid($uid) or die "setuid: $!";
}
unless ($>) {

5
lemonldap-ng-common/lib/Lemonldap/NG/Common/Apache/Session/Generate/SHA256.pm
View File

@ -10,7 +10,6 @@ package Lemonldap::NG::Common::Apache::Session::Generate::SHA256;
use strict;
use Crypt::URandom;
use Digest::SHA qw(sha256_hex);
our $VERSION = '2.0.2';
@ -24,11 +23,11 @@ sub generate {
eval {
$session->{data}->{_session_id} =
substr( Digest::SHA::sha256_hex( Crypt::URandom::urandom(256) ),
0, $length );
unpack( 'H*', Crypt::URandom::urandom( int( $length / 2 ) ) );
};
if ($@) {
print STDERR "Crypt::URandom::urandom failed: $@\n";
require Digest::SHA;
$session->{data}->{_session_id} =
substr( Digest::SHA::sha256_hex( time() . {} . rand() . $$ ),
0, $length );

25
lemonldap-ng-portal/t/36-Combination.t
View File

@ -5,7 +5,7 @@ use IO::String;
require 't/test-lib.pm';
my $res;
my $maintests = 0;
my $maintests = 3;
my $client;
eval { unlink 't/userdb.db' };
@ -35,7 +35,15 @@ SKIP: {
$client = iniCmb(
'if($env->{HTTP_X} eq "rtyler") then [Dm] and [DB] else if($env->{HTTP_X} eq "dvador") then [DB] else [DB]'
);
expectCookie( try('rtyler') );
my $id = expectCookie( try('rtyler') );
my $res;
ok( $res = $client->_get("/sessions/global/$id"), 'Get session content' );
ok( $res = eval { JSON::from_json( $res->[2]->[0] ) }, ' GET JSON' )
or print STDERR $@;
ok(
( $res->{demo} eq 'rtyler' and $res->{dbi} eq 'rtyler' ),
' Demo and DBI exported variables exist in session'
);
expectCookie( try('dvador') );
expectReject( try('dwho') );
}
@ -66,10 +74,11 @@ sub iniCmb {
if (
my $res = LLNG::Manager::Test->new( {
ini => {
logLevel => 'error',
useSafeJail => 1,
authentication => 'Combination',
userDB => 'Same',
logLevel => 'error',
useSafeJail => 1,
authentication => 'Combination',
userDB => 'Same',
restSessionServer => 1,
combination => $expr,
combModules => {
@ -90,8 +99,8 @@ sub iniCmb {
dbiAuthLoginCol => 'user',
dbiAuthPasswordCol => 'password',
dbiAuthPasswordHash => '',
dbiExportedVars => {},
demoExportedVars => {},
dbiExportedVars => { dbi => 'user' },
demoExportedVars => { demo => 'uid' },
}
}
)

2
lemonldap-ng-portal/t/lmConf-1.json
View File

@ -31,7 +31,7 @@
"LockDirectory": "t/sessions/lock",
"generateModule": "Lemonldap::NG::Common::Apache::Session::Generate::SHA256"
},
"groups": { "su":"$uid eq \"rtyler\"", "test_su": "$uid eq \"rtyler\"", "su_test": "$uid eq \"rtyler\"" },
"groups": { "su":"$uid and $uid eq \"rtyler\"", "test_su": "$uid and $uid eq \"rtyler\"", "su_test": "$uid and $uid eq \"rtyler\"" },
"key": "qwertyui",
"locationRules": {
"auth.example.com" : {