Closes: #113 : Lemonldap::NG is not compatible with the use of a LDAP server using a different encoding than UTF-8 for storing passwords
This commit is contained in:
Xavier Guimard
parent
8b23a63fb3
commit
8139248c15
|
|
@ -309,12 +309,13 @@ sub struct {
|
|||
|
||||
ldapPassword => {
|
||||
_nodes => [
|
||||
qw(ldapPpolicyControl ldapSetPassword ldapChangePasswordAsUser)
|
||||
qw(ldapPpolicyControl ldapSetPassword ldapChangePasswordAsUser ldapPwdEnc)
|
||||
],
|
||||
ldapPpolicyControl => 'bool:/ldapPpolicyControl',
|
||||
ldapSetPassword => 'bool:/ldapSetPassword',
|
||||
ldapChangePasswordAsUser =>
|
||||
'bool:/ldapChangePasswordAsUser',
|
||||
ldapPwdEnc => 'text:/ldapPwdEnc',
|
||||
},
|
||||
|
||||
},
|
||||
|
|
@ -952,6 +953,10 @@ sub testStruct {
|
|||
return 1;
|
||||
},
|
||||
},
|
||||
ldapPwdEnc => {
|
||||
test => qr/^\w[\w\-]*\w$/,
|
||||
msgFail => 'Bad encoding',
|
||||
},
|
||||
ldapPpolicyControl => $boolean,
|
||||
ldapSetPassword => $boolean,
|
||||
ldapChangePasswordAsUser => $boolean,
|
||||
|
|
@ -1261,6 +1266,7 @@ sub defaultConf {
|
|||
issuerDB => 'Null',
|
||||
ldapBase => 'dc=example,dc=com',
|
||||
ldapPort => '389',
|
||||
ldapPwdEnc => 'utf-8',
|
||||
ldapServer => 'localhost',
|
||||
locationRules => { 'test.example.com' => { default => 'accept' }, },
|
||||
managerDn => '',
|
||||
|
|
|
|||
|
|
@ -117,6 +117,7 @@ sub en {
|
|||
ldapPassword => 'Password',
|
||||
ldapPpolicyControl => 'Password policy control',
|
||||
ldapPort => 'Server port',
|
||||
ldapPwdEnc => 'LDAP password encoding',
|
||||
ldapServer => 'Server host',
|
||||
ldapSetPassword => 'Password modify extended operation',
|
||||
logParams => 'Logs',
|
||||
|
|
@ -382,9 +383,10 @@ sub fr {
|
|||
ldapGroupRecursive => 'Recursif',
|
||||
ldapGroups => 'Groupes',
|
||||
ldapParams => 'Paramètres LDAP',
|
||||
ldapPassword => 'Mode de passe',
|
||||
ldapPassword => 'Mot de passe',
|
||||
ldapPpolicyControl => 'Contrôle password policy',
|
||||
ldapPort => 'Port',
|
||||
ldapPwdEnc => 'Encodage des mots de passe LDAP',
|
||||
ldapServer => 'Hôte',
|
||||
ldapSetPassword => 'Opération étendue password modify',
|
||||
logParams => 'Journalisation',
|
||||
|
|
|
|||
|
|
@ -9,6 +9,7 @@ use Net::LDAP; #inherits
|
|||
use Exporter;
|
||||
use base qw(Exporter Net::LDAP);
|
||||
use Lemonldap::NG::Portal::Simple;
|
||||
use Encode;
|
||||
use strict;
|
||||
|
||||
our @EXPORT = qw(ldap);
|
||||
|
|
@ -60,6 +61,9 @@ sub new {
|
|||
}
|
||||
}
|
||||
$self->{portal} = $portal;
|
||||
|
||||
# Setting default LDAP password storage encoding to utf-8
|
||||
$self->{portal}->{ldapPwdEnc} ||= 'utf-8';
|
||||
return $self;
|
||||
}
|
||||
|
||||
|
|
@ -80,6 +84,16 @@ sub bind {
|
|||
$args{password} = $self->{portal}->{managerPassword};
|
||||
}
|
||||
if ( $dn && $args{password} ) {
|
||||
if ( $self->{portal}->{ldapPwdEnc} ne 'utf-8' ) {
|
||||
eval {
|
||||
my $tmp = encode(
|
||||
$self->{portal}->{ldapPwdEnc},
|
||||
decode( 'utf-8', $args{password} )
|
||||
);
|
||||
$args{password} = $tmp;
|
||||
};
|
||||
print STDERR "$@\n" if ($@);
|
||||
}
|
||||
$mesg = $self->SUPER::bind( $dn, %args );
|
||||
}
|
||||
else {
|
||||
|
|
|
|||
|
|
@ -126,7 +126,7 @@ sub error_fr {
|
|||
"Connexion impossible au serveur LDAP",
|
||||
"Erreur anormale du serveur LDAP",
|
||||
"Erreur du module Apache::Session choisi",
|
||||
"Authentification exigée",
|
||||
"Veuillez-vous authentifier",
|
||||
"Certificat invalide",
|
||||
"Échec de l'initialisation de Lasso:Login ou Lasso:Logout",
|
||||
"Échec de la résolution de l'artefact Liberty Alliance",
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user