Closes: #113 : Lemonldap::NG is not compatible with the use of a LDAP server using a different encoding than UTF-8 for storing passwords
This commit is contained in:
parent
8b23a63fb3
commit
8139248c15
@ -309,12 +309,13 @@ sub struct {
|
|||||||
|
|
||||||
ldapPassword => {
|
ldapPassword => {
|
||||||
_nodes => [
|
_nodes => [
|
||||||
qw(ldapPpolicyControl ldapSetPassword ldapChangePasswordAsUser)
|
qw(ldapPpolicyControl ldapSetPassword ldapChangePasswordAsUser ldapPwdEnc)
|
||||||
],
|
],
|
||||||
ldapPpolicyControl => 'bool:/ldapPpolicyControl',
|
ldapPpolicyControl => 'bool:/ldapPpolicyControl',
|
||||||
ldapSetPassword => 'bool:/ldapSetPassword',
|
ldapSetPassword => 'bool:/ldapSetPassword',
|
||||||
ldapChangePasswordAsUser =>
|
ldapChangePasswordAsUser =>
|
||||||
'bool:/ldapChangePasswordAsUser',
|
'bool:/ldapChangePasswordAsUser',
|
||||||
|
ldapPwdEnc => 'text:/ldapPwdEnc',
|
||||||
},
|
},
|
||||||
|
|
||||||
},
|
},
|
||||||
@ -952,6 +953,10 @@ sub testStruct {
|
|||||||
return 1;
|
return 1;
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
ldapPwdEnc => {
|
||||||
|
test => qr/^\w[\w\-]*\w$/,
|
||||||
|
msgFail => 'Bad encoding',
|
||||||
|
},
|
||||||
ldapPpolicyControl => $boolean,
|
ldapPpolicyControl => $boolean,
|
||||||
ldapSetPassword => $boolean,
|
ldapSetPassword => $boolean,
|
||||||
ldapChangePasswordAsUser => $boolean,
|
ldapChangePasswordAsUser => $boolean,
|
||||||
@ -1261,6 +1266,7 @@ sub defaultConf {
|
|||||||
issuerDB => 'Null',
|
issuerDB => 'Null',
|
||||||
ldapBase => 'dc=example,dc=com',
|
ldapBase => 'dc=example,dc=com',
|
||||||
ldapPort => '389',
|
ldapPort => '389',
|
||||||
|
ldapPwdEnc => 'utf-8',
|
||||||
ldapServer => 'localhost',
|
ldapServer => 'localhost',
|
||||||
locationRules => { 'test.example.com' => { default => 'accept' }, },
|
locationRules => { 'test.example.com' => { default => 'accept' }, },
|
||||||
managerDn => '',
|
managerDn => '',
|
||||||
|
@ -117,6 +117,7 @@ sub en {
|
|||||||
ldapPassword => 'Password',
|
ldapPassword => 'Password',
|
||||||
ldapPpolicyControl => 'Password policy control',
|
ldapPpolicyControl => 'Password policy control',
|
||||||
ldapPort => 'Server port',
|
ldapPort => 'Server port',
|
||||||
|
ldapPwdEnc => 'LDAP password encoding',
|
||||||
ldapServer => 'Server host',
|
ldapServer => 'Server host',
|
||||||
ldapSetPassword => 'Password modify extended operation',
|
ldapSetPassword => 'Password modify extended operation',
|
||||||
logParams => 'Logs',
|
logParams => 'Logs',
|
||||||
@ -382,9 +383,10 @@ sub fr {
|
|||||||
ldapGroupRecursive => 'Recursif',
|
ldapGroupRecursive => 'Recursif',
|
||||||
ldapGroups => 'Groupes',
|
ldapGroups => 'Groupes',
|
||||||
ldapParams => 'Paramètres LDAP',
|
ldapParams => 'Paramètres LDAP',
|
||||||
ldapPassword => 'Mode de passe',
|
ldapPassword => 'Mot de passe',
|
||||||
ldapPpolicyControl => 'Contrôle password policy',
|
ldapPpolicyControl => 'Contrôle password policy',
|
||||||
ldapPort => 'Port',
|
ldapPort => 'Port',
|
||||||
|
ldapPwdEnc => 'Encodage des mots de passe LDAP',
|
||||||
ldapServer => 'Hôte',
|
ldapServer => 'Hôte',
|
||||||
ldapSetPassword => 'Opération étendue password modify',
|
ldapSetPassword => 'Opération étendue password modify',
|
||||||
logParams => 'Journalisation',
|
logParams => 'Journalisation',
|
||||||
|
@ -9,6 +9,7 @@ use Net::LDAP; #inherits
|
|||||||
use Exporter;
|
use Exporter;
|
||||||
use base qw(Exporter Net::LDAP);
|
use base qw(Exporter Net::LDAP);
|
||||||
use Lemonldap::NG::Portal::Simple;
|
use Lemonldap::NG::Portal::Simple;
|
||||||
|
use Encode;
|
||||||
use strict;
|
use strict;
|
||||||
|
|
||||||
our @EXPORT = qw(ldap);
|
our @EXPORT = qw(ldap);
|
||||||
@ -60,6 +61,9 @@ sub new {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
$self->{portal} = $portal;
|
$self->{portal} = $portal;
|
||||||
|
|
||||||
|
# Setting default LDAP password storage encoding to utf-8
|
||||||
|
$self->{portal}->{ldapPwdEnc} ||= 'utf-8';
|
||||||
return $self;
|
return $self;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -80,6 +84,16 @@ sub bind {
|
|||||||
$args{password} = $self->{portal}->{managerPassword};
|
$args{password} = $self->{portal}->{managerPassword};
|
||||||
}
|
}
|
||||||
if ( $dn && $args{password} ) {
|
if ( $dn && $args{password} ) {
|
||||||
|
if ( $self->{portal}->{ldapPwdEnc} ne 'utf-8' ) {
|
||||||
|
eval {
|
||||||
|
my $tmp = encode(
|
||||||
|
$self->{portal}->{ldapPwdEnc},
|
||||||
|
decode( 'utf-8', $args{password} )
|
||||||
|
);
|
||||||
|
$args{password} = $tmp;
|
||||||
|
};
|
||||||
|
print STDERR "$@\n" if ($@);
|
||||||
|
}
|
||||||
$mesg = $self->SUPER::bind( $dn, %args );
|
$mesg = $self->SUPER::bind( $dn, %args );
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
|
@ -126,7 +126,7 @@ sub error_fr {
|
|||||||
"Connexion impossible au serveur LDAP",
|
"Connexion impossible au serveur LDAP",
|
||||||
"Erreur anormale du serveur LDAP",
|
"Erreur anormale du serveur LDAP",
|
||||||
"Erreur du module Apache::Session choisi",
|
"Erreur du module Apache::Session choisi",
|
||||||
"Authentification exigée",
|
"Veuillez-vous authentifier",
|
||||||
"Certificat invalide",
|
"Certificat invalide",
|
||||||
"Échec de l'initialisation de Lasso:Login ou Lasso:Logout",
|
"Échec de l'initialisation de Lasso:Login ou Lasso:Logout",
|
||||||
"Échec de la résolution de l'artefact Liberty Alliance",
|
"Échec de la résolution de l'artefact Liberty Alliance",
|
||||||
|
Loading…
Reference in New Issue
Block a user