Browse Source

#1554 check adminFilter length before LDAP search

pull/1524/merge
Unknwon 9 years ago
parent
commit
f1adbca0f1
  1. 26
      modules/auth/ldap/ldap.go
  2. 4
      modules/bindata/bindata.go

26
modules/auth/ldap/ldap.go

@ -120,19 +120,21 @@ func (ls Ldapsource) SearchEntry(name, passwd string) (string, string, string, b
sn_attr := sr.Entries[0].GetAttributeValue(ls.AttributeSurname) sn_attr := sr.Entries[0].GetAttributeValue(ls.AttributeSurname)
mail_attr := sr.Entries[0].GetAttributeValue(ls.AttributeMail) mail_attr := sr.Entries[0].GetAttributeValue(ls.AttributeMail)
search = ldap.NewSearchRequest(
userDN, ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false, ls.AdminFilter,
[]string{ls.AttributeName},
nil)
sr, err = l.Search(search)
admin_attr := false admin_attr := false
if err != nil { if len(ls.AdminFilter) > 0 {
log.Error(4, "LDAP Admin Search failed unexpectedly! (%v)", err) search = ldap.NewSearchRequest(
} else if len(sr.Entries) < 1 { userDN, ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false, ls.AdminFilter,
log.Error(4, "LDAP Admin Search failed") []string{ls.AttributeName},
} else { nil)
admin_attr = true
sr, err = l.Search(search)
if err != nil {
log.Error(4, "LDAP Admin Search failed unexpectedly! (%v)", err)
} else if len(sr.Entries) < 1 {
log.Error(4, "LDAP Admin Search failed")
} else {
admin_attr = true
}
} }
return name_attr, sn_attr, mail_attr, admin_attr, true return name_attr, sn_attr, mail_attr, admin_attr, true

4
modules/bindata/bindata.go

File diff suppressed because one or more lines are too long
Loading…
Cancel
Save