auth/ldap: allow placeholder %s for BindDN (#2526)

7 years ago · 6f04ee879c
7 changed files with 13 additions and 8 deletions
--- a/conf/locale/locale_en-US.ini
+++ b/conf/locale/locale_en-US.ini
@ -1099,6 +1099,7 @@ auths.domain = Domain
 auths.host = Host
 auths.port = Port
 auths.bind_dn = Bind DN
 auths.bind_dn_helper = You can use '%s' as placeholder for username, e.g. DOM\%s
 auths.bind_password = Bind Password
 auths.bind_password_helper = Warning: This password is stored in plain text. Do not use a high privileged account.
 auths.user_base = User Search Base
--- a/gogs.go
+++ b/gogs.go
@ -16,7 +16,7 @@ import (
 	"github.com/gogits/gogs/pkg/setting"
 )
-const APP_VER = "0.11.32.1115"
+const APP_VER = "0.11.33.1116"
 func init() {
 	setting.AppVer = APP_VER
--- a/pkg/auth/ldap/ldap.go
+++ b/pkg/auth/ldap/ldap.go
@ -96,13 +96,15 @@ func (ls *Source) sanitizedGroupDN(groupDn string) (string, bool) {
 func (ls *Source) findUserDN(l *ldap.Conn, name string) (string, bool) {
 	log.Trace("Search for LDAP user: %s", name)
-	if ls.BindDN != "" && ls.BindPassword != "" {
+	if len(ls.BindDN) > 0 && len(ls.BindPassword) > 0 {
-		err := l.Bind(ls.BindDN, ls.BindPassword)
+		// Replace placeholders with username
 		bindDN := strings.Replace(ls.BindDN, "%s", name, -1)
 		err := l.Bind(bindDN, ls.BindPassword)
 		if err != nil {
-			log.Trace("LDAP: Failed to bind as BindDN '%s': %v", ls.BindDN, err)
+			log.Trace("LDAP: Failed to bind as BindDN '%s': %v", bindDN, err)
 			return "", false
 		}
-		log.Trace("LDAP: Bound as BindDN: %s", ls.BindDN)
+		log.Trace("LDAP: Bound as BindDN: %s", bindDN)
 	} else {
 		log.Trace("LDAP: Proceeding with anonymous LDAP search")
 	}
--- a/pkg/bindata/bindata.go
+++ b/pkg/bindata/bindata.go
--- a/templates/.VERSION
+++ b/templates/.VERSION
@ -1 +1 @@
-0.11.32.1115
+0.11.33.1116
--- a/templates/admin/auth/edit.tmpl
+++ b/templates/admin/auth/edit.tmpl
@ -50,6 +50,7 @@
 								<div class="field">
 									<label for="bind_dn">{{.i18n.Tr "admin.auths.bind_dn"}}</label>
 									<input id="bind_dn" name="bind_dn" value="{{$cfg.BindDN}}" placeholder="e.g. cn=Search,dc=mydomain,dc=com">
 									<p class="help text red">{{.i18n.Tr "admin.auths.bind_dn_helper"}}</p>
 								</div>
 								<input class="fake" type="password">
 								<div class="field">
--- a/templates/admin/auth/new.tmpl
+++ b/templates/admin/auth/new.tmpl
@ -56,6 +56,7 @@
 							<div class="ldap field {{if not (eq .type 2)}}hide{{end}}">
 								<label for="bind_dn">{{.i18n.Tr "admin.auths.bind_dn"}}</label>
 								<input id="bind_dn" name="bind_dn" value="{{.bind_dn}}" placeholder="e.g. cn=Search,dc=mydomain,dc=com">
 								<p class="help text blue">{{.i18n.Tr "admin.auths.bind_dn_helper"}}</p>
 							</div>
 							<div class="ldap field {{if not (eq .type 2)}}hide{{end}}">
 								<label for="bind_password">{{.i18n.Tr "admin.auths.bind_password"}}</label>