* src/ejabberd_auth_ldap.erl: prevent anonymous bind on LDAP
servers as ejabberd is providing other anonymous authentication mechanism (EJAB-190). SVN Revision: 866
This commit is contained in:
parent
485518e0d3
commit
30832319df
|
@ -1,5 +1,3 @@
|
||||||
|
|
||||||
|
|
||||||
2007-06-29 Mickael Remond <mickael.remond@process-one.net>
|
2007-06-29 Mickael Remond <mickael.remond@process-one.net>
|
||||||
|
|
||||||
* src/ejabberd_config.erl: Normalize hostnames in config file. If mixed
|
* src/ejabberd_config.erl: Normalize hostnames in config file. If mixed
|
||||||
|
@ -10,6 +8,12 @@
|
||||||
* src/ejabberd_app.erl: Likewise
|
* src/ejabberd_app.erl: Likewise
|
||||||
* src/ejabberd_sup.erl: Likewise
|
* src/ejabberd_sup.erl: Likewise
|
||||||
|
|
||||||
|
2007-02-19 Mickael Remond <mickael.remond@process-one.net>
|
||||||
|
|
||||||
|
* src/ejabberd_auth_ldap.erl: prevent anonymous bind on LDAP
|
||||||
|
servers as ejabberd is providing other anonymous authentication
|
||||||
|
mechanism (EJAB-190).
|
||||||
|
|
||||||
2007-02-02 Christophe Romain <christophe.romain@process-one.net>
|
2007-02-02 Christophe Romain <christophe.romain@process-one.net>
|
||||||
|
|
||||||
* doc/release_notes_1.1.3.txt: Creation.
|
* doc/release_notes_1.1.3.txt: Creation.
|
||||||
|
|
|
@ -119,13 +119,20 @@ plain_password_required() ->
|
||||||
true.
|
true.
|
||||||
|
|
||||||
check_password(User, Server, Password) ->
|
check_password(User, Server, Password) ->
|
||||||
Proc = gen_mod:get_module_proc(Server, ?MODULE),
|
%% In LDAP spec: empty password means anonymous authentication.
|
||||||
case catch gen_server:call(Proc,
|
%% As ejabberd is providing other anonymous authentication mechanisms
|
||||||
{check_pass, User, Password}, ?REPLY_TIMEOUT) of
|
%% we simply prevent the use of LDAP anonymous authentication.
|
||||||
{'EXIT', _} ->
|
if Password == "" ->
|
||||||
false;
|
false;
|
||||||
Result ->
|
true ->
|
||||||
Result
|
Proc = gen_mod:get_module_proc(Server, ?MODULE),
|
||||||
|
case catch gen_server:call(Proc,
|
||||||
|
{check_pass, User, Password}, ?REPLY_TIMEOUT) of
|
||||||
|
{'EXIT', _} ->
|
||||||
|
false;
|
||||||
|
Result ->
|
||||||
|
Result
|
||||||
|
end
|
||||||
end.
|
end.
|
||||||
|
|
||||||
check_password(User, Server, Password, _StreamID, _Digest) ->
|
check_password(User, Server, Password, _StreamID, _Digest) ->
|
||||||
|
|
Loading…
Reference in New Issue