LEMONLDAP::NG : security bug in Portal/Simple.pm
This commit is contained in:
parent
2df9aed0f9
commit
d739803b92
|
@ -1,8 +1,9 @@
|
||||||
lemonldap-ng (0.8.3) unstable; urgency=low
|
lemonldap-ng (0.8.3) unstable; urgency=high
|
||||||
|
|
||||||
* Syntax errors in configuration are now displayed
|
* Syntax errors in configuration are now displayed
|
||||||
|
* Security fix: authentication could be replayed with another uid
|
||||||
|
|
||||||
-- Xavier Guimard <x.guimard@free.fr> Sat, 23 Jun 2007 21:57:02 +0200
|
-- Xavier Guimard <x.guimard@free.fr> Tue, 03 Jul 2007 20:49:43 +0200
|
||||||
|
|
||||||
lemonldap-ng (0.8.2.4) unstable; urgency=low
|
lemonldap-ng (0.8.2.4) unstable; urgency=low
|
||||||
|
|
||||||
|
|
|
@ -1,5 +1,7 @@
|
||||||
Revision history for Perl extension Lemonldap::NG::Portal.
|
Revision history for Perl extension Lemonldap::NG::Portal.
|
||||||
|
|
||||||
|
0.75 Tue Jul 3 20:42:09 2007
|
||||||
|
- Security fix: authentication could be replayed with another uid
|
||||||
0.741 Tue Jul 3 7:21:16 2007
|
0.741 Tue Jul 3 7:21:16 2007
|
||||||
- Little bug in redirect sub
|
- Little bug in redirect sub
|
||||||
|
|
||||||
|
|
|
@ -2,7 +2,7 @@ package Lemonldap::NG::Portal;
|
||||||
|
|
||||||
print STDERR
|
print STDERR
|
||||||
"See Lemonldap::NG::Portal(3) to know which Lemonldap::NG::Portal::* module to use.";
|
"See Lemonldap::NG::Portal(3) to know which Lemonldap::NG::Portal::* module to use.";
|
||||||
our $VERSION = "0.74";
|
our $VERSION = "0.75";
|
||||||
|
|
||||||
1;
|
1;
|
||||||
|
|
||||||
|
|
|
@ -13,7 +13,7 @@ use CGI::Cookie;
|
||||||
require POSIX;
|
require POSIX;
|
||||||
use Lemonldap::NG::Portal::_i18n;
|
use Lemonldap::NG::Portal::_i18n;
|
||||||
|
|
||||||
our $VERSION = '0.741';
|
our $VERSION = '0.75';
|
||||||
|
|
||||||
our @ISA = qw(CGI Exporter);
|
our @ISA = qw(CGI Exporter);
|
||||||
|
|
||||||
|
@ -131,8 +131,8 @@ sub header {
|
||||||
# CGI.pm overload to add Lemonldap::NG cookie
|
# CGI.pm overload to add Lemonldap::NG cookie
|
||||||
sub redirect {
|
sub redirect {
|
||||||
my $self = shift;
|
my $self = shift;
|
||||||
if ( $self->{cookie} ) {
|
if ( $_[0]->{cookie} ) {
|
||||||
$self->SUPER::redirect( @_, -cookie => $self->{cookie} );
|
$self->SUPER::redirect( @_, -cookie => $_[0]->{cookie} );
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
$self->SUPER::redirect(@_);
|
$self->SUPER::redirect(@_);
|
||||||
|
@ -350,7 +350,6 @@ sub unbind {
|
||||||
# 12. Default authentication: LDAP bind with user credentials
|
# 12. Default authentication: LDAP bind with user credentials
|
||||||
sub authenticate {
|
sub authenticate {
|
||||||
my $self = shift;
|
my $self = shift;
|
||||||
return PE_OK if ( $self->{id} );
|
|
||||||
$self->unbind();
|
$self->unbind();
|
||||||
my $err;
|
my $err;
|
||||||
return $err unless ( ( $err = $self->connectLDAP ) == PE_OK );
|
return $err unless ( ( $err = $self->connectLDAP ) == PE_OK );
|
||||||
|
|
Loading…
Reference in New Issue