* src/ejabberd_auth_ldap.erl: prevent anonymous bind on LDAP
servers as ejabberd is providing other anonymous authentication mechanism (EJAB-190). SVN Revision: 866
This commit is contained in:
parent
485518e0d3
commit
30832319df
|
@ -1,5 +1,3 @@
|
|||
|
||||
|
||||
2007-06-29 Mickael Remond <mickael.remond@process-one.net>
|
||||
|
||||
* src/ejabberd_config.erl: Normalize hostnames in config file. If mixed
|
||||
|
@ -10,6 +8,12 @@
|
|||
* src/ejabberd_app.erl: Likewise
|
||||
* src/ejabberd_sup.erl: Likewise
|
||||
|
||||
2007-02-19 Mickael Remond <mickael.remond@process-one.net>
|
||||
|
||||
* src/ejabberd_auth_ldap.erl: prevent anonymous bind on LDAP
|
||||
servers as ejabberd is providing other anonymous authentication
|
||||
mechanism (EJAB-190).
|
||||
|
||||
2007-02-02 Christophe Romain <christophe.romain@process-one.net>
|
||||
|
||||
* doc/release_notes_1.1.3.txt: Creation.
|
||||
|
|
|
@ -119,13 +119,20 @@ plain_password_required() ->
|
|||
true.
|
||||
|
||||
check_password(User, Server, Password) ->
|
||||
Proc = gen_mod:get_module_proc(Server, ?MODULE),
|
||||
case catch gen_server:call(Proc,
|
||||
{check_pass, User, Password}, ?REPLY_TIMEOUT) of
|
||||
{'EXIT', _} ->
|
||||
%% In LDAP spec: empty password means anonymous authentication.
|
||||
%% As ejabberd is providing other anonymous authentication mechanisms
|
||||
%% we simply prevent the use of LDAP anonymous authentication.
|
||||
if Password == "" ->
|
||||
false;
|
||||
Result ->
|
||||
Result
|
||||
true ->
|
||||
Proc = gen_mod:get_module_proc(Server, ?MODULE),
|
||||
case catch gen_server:call(Proc,
|
||||
{check_pass, User, Password}, ?REPLY_TIMEOUT) of
|
||||
{'EXIT', _} ->
|
||||
false;
|
||||
Result ->
|
||||
Result
|
||||
end
|
||||
end.
|
||||
|
||||
check_password(User, Server, Password, _StreamID, _Digest) ->
|
||||
|
|
Loading…
Reference in New Issue