Merge branch 'v2.0' into 1783
This commit is contained in:
commit
6e029c413f
1
debian/lemonldap-ng-fastcgi-server.install
vendored
1
debian/lemonldap-ng-fastcgi-server.install
vendored
|
@ -1,2 +1 @@
|
|||
/usr/sbin/llng-fastcgi-server
|
||||
/etc/lemonldap-ng/nginx*
|
||||
|
|
1
debian/lemonldap-ng-handler.install
vendored
1
debian/lemonldap-ng-handler.install
vendored
|
@ -1,3 +1,4 @@
|
|||
/etc/lemonldap-ng/nginx*
|
||||
/etc/lemonldap-ng/handler-apache2.conf
|
||||
/etc/lemonldap-ng/handler-nginx.conf
|
||||
/etc/lemonldap-ng/test-apache2.conf
|
||||
|
|
|
@ -44,13 +44,13 @@ GetOptions(
|
|||
);
|
||||
|
||||
if ($group) {
|
||||
my $grp = getgrnam($group) or warn "Can't change uid to $group";
|
||||
POSIX::setgid($grp);
|
||||
my $grp = getgrnam($group) or die "Can't change gid to $group";
|
||||
POSIX::setgid($grp) or die "setgid: $!";
|
||||
}
|
||||
|
||||
if ($user) {
|
||||
my $uid = getpwnam($user) or warn "Can't change uid to $user";
|
||||
POSIX::setuid($uid);
|
||||
my $uid = getpwnam($user) or die "Can't change uid to $user";
|
||||
POSIX::setuid($uid) or die "setuid: $!";
|
||||
}
|
||||
|
||||
unless ($>) {
|
||||
|
|
|
@ -10,7 +10,6 @@ package Lemonldap::NG::Common::Apache::Session::Generate::SHA256;
|
|||
|
||||
use strict;
|
||||
use Crypt::URandom;
|
||||
use Digest::SHA qw(sha256_hex);
|
||||
|
||||
our $VERSION = '2.0.2';
|
||||
|
||||
|
@ -24,11 +23,11 @@ sub generate {
|
|||
|
||||
eval {
|
||||
$session->{data}->{_session_id} =
|
||||
substr( Digest::SHA::sha256_hex( Crypt::URandom::urandom(256) ),
|
||||
0, $length );
|
||||
unpack( 'H*', Crypt::URandom::urandom( int( $length / 2 ) ) );
|
||||
};
|
||||
if ($@) {
|
||||
print STDERR "Crypt::URandom::urandom failed: $@\n";
|
||||
require Digest::SHA;
|
||||
$session->{data}->{_session_id} =
|
||||
substr( Digest::SHA::sha256_hex( time() . {} . rand() . $$ ),
|
||||
0, $length );
|
||||
|
|
|
@ -5,7 +5,7 @@ use IO::String;
|
|||
require 't/test-lib.pm';
|
||||
|
||||
my $res;
|
||||
my $maintests = 0;
|
||||
my $maintests = 3;
|
||||
my $client;
|
||||
|
||||
eval { unlink 't/userdb.db' };
|
||||
|
@ -35,7 +35,15 @@ SKIP: {
|
|||
$client = iniCmb(
|
||||
'if($env->{HTTP_X} eq "rtyler") then [Dm] and [DB] else if($env->{HTTP_X} eq "dvador") then [DB] else [DB]'
|
||||
);
|
||||
expectCookie( try('rtyler') );
|
||||
my $id = expectCookie( try('rtyler') );
|
||||
my $res;
|
||||
ok( $res = $client->_get("/sessions/global/$id"), 'Get session content' );
|
||||
ok( $res = eval { JSON::from_json( $res->[2]->[0] ) }, ' GET JSON' )
|
||||
or print STDERR $@;
|
||||
ok(
|
||||
( $res->{demo} eq 'rtyler' and $res->{dbi} eq 'rtyler' ),
|
||||
' Demo and DBI exported variables exist in session'
|
||||
);
|
||||
expectCookie( try('dvador') );
|
||||
expectReject( try('dwho') );
|
||||
}
|
||||
|
@ -66,10 +74,11 @@ sub iniCmb {
|
|||
if (
|
||||
my $res = LLNG::Manager::Test->new( {
|
||||
ini => {
|
||||
logLevel => 'error',
|
||||
useSafeJail => 1,
|
||||
authentication => 'Combination',
|
||||
userDB => 'Same',
|
||||
logLevel => 'error',
|
||||
useSafeJail => 1,
|
||||
authentication => 'Combination',
|
||||
userDB => 'Same',
|
||||
restSessionServer => 1,
|
||||
|
||||
combination => $expr,
|
||||
combModules => {
|
||||
|
@ -90,8 +99,8 @@ sub iniCmb {
|
|||
dbiAuthLoginCol => 'user',
|
||||
dbiAuthPasswordCol => 'password',
|
||||
dbiAuthPasswordHash => '',
|
||||
dbiExportedVars => {},
|
||||
demoExportedVars => {},
|
||||
dbiExportedVars => { dbi => 'user' },
|
||||
demoExportedVars => { demo => 'uid' },
|
||||
}
|
||||
}
|
||||
)
|
||||
|
|
|
@ -31,7 +31,7 @@
|
|||
"LockDirectory": "t/sessions/lock",
|
||||
"generateModule": "Lemonldap::NG::Common::Apache::Session::Generate::SHA256"
|
||||
},
|
||||
"groups": { "su":"$uid eq \"rtyler\"", "test_su": "$uid eq \"rtyler\"", "su_test": "$uid eq \"rtyler\"" },
|
||||
"groups": { "su":"$uid and $uid eq \"rtyler\"", "test_su": "$uid and $uid eq \"rtyler\"", "su_test": "$uid and $uid eq \"rtyler\"" },
|
||||
"key": "qwertyui",
|
||||
"locationRules": {
|
||||
"auth.example.com" : {
|
||||
|
|
Loading…
Reference in New Issue
Block a user