25
1
mirror of https://github.com/processone/ejabberd.git synced 2024-12-08 16:52:59 +01:00

* src/ejabberd_auth_ldap.erl: prevent anonymous bind on LDAP servers

as ejabberd is providing other anonymous authentication mechanism
(EJAB-190).

SVN Revision: 731
This commit is contained in:
Mickaël Rémond 2007-02-19 13:27:18 +00:00
parent 1affdd8dce
commit 90488e5f37
2 changed files with 14 additions and 5 deletions

View File

@ -1,5 +1,9 @@
2007-02-19 Mickael Remond <mickael.remond@process-one.net>
* src/ejabberd_auth_ldap.erl: prevent anonymous bind on LDAP servers
as ejabberd is providing other anonymous authentication mechanism
(EJAB-190).
* src/cyrsasl_plain.erl: bad-auth error code replaced by not-authorized
(EJAB-187).

View File

@ -120,11 +120,16 @@ plain_password_required() ->
true.
check_password(User, Server, Password) ->
case catch check_password_ldap(User, Server, Password) of
{'EXIT', _} ->
false;
Result ->
Result
%% In LDAP spec: empty password means anonymous authentication.
%% As ejabberd is providing other anonymous authentication mechanisms
%% we simply prevent the use of LDAP anonymous authentication.
if Password == "" ->
false;
true ->
case catch check_password_ldap(User, Server, Password) of
{'EXIT', _} -> false;
Result -> Result
end
end.
check_password(User, Server, Password, _StreamID, _Digest) ->