]> err.no Git - sope/commitdiff
projects / sope / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ce4e9f5)
do not use unauthenticated binds
authorhelge <helge@e4a50df8-12e2-0310-a44c-efbce7f8a7e3>
Tue, 8 Mar 2005 11:13:50 +0000 (11:13 +0000)
committerhelge <helge@e4a50df8-12e2-0310-a44c-efbce7f8a7e3>
Tue, 8 Mar 2005 11:13:50 +0000 (11:13 +0000)
git-svn-id: http://svn.opengroupware.org/SOPE/trunk@635 e4a50df8-12e2-0310-a44c-efbce7f8a7e3

sope-ldap/NGLdap/ChangeLog patch | blob | history
sope-ldap/NGLdap/NGLdapConnection.m patch | blob | history
sope-ldap/NGLdap/Version patch | blob | history

diff --git a/sope-ldap/NGLdap/ChangeLog b/sope-ldap/NGLdap/ChangeLog
index b7f47efb8f2d57dcbb49b85463b0f75a172957f4..e7dba7ebf19135ba095a7d1d0676020d9860402f 100644 (file)
--- a/sope-ldap/NGLdap/ChangeLog
+++ b/sope-ldap/NGLdap/ChangeLog
@@ -1,3 +1,8 @@
+2005-03-08  Helge Hess  <helge.hess@opengroupware.org>
+
+       * NGLdapConnection.m: fixed not to do unauthenticated binds (related to
+         OGo bug #957) (v4.5.22)
+
 2004-12-14  Marcus Mueller  <znek@mulle-kybernetik.com>
 
        * NGLdap.xcode: minor fixes and updated
diff --git a/sope-ldap/NGLdap/NGLdapConnection.m b/sope-ldap/NGLdap/NGLdapConnection.m
index a3cefc98530436dda8c67b4a98d2277f898b624f..6634ade955341cc4b8ff24cd809909e67e00b694 100644 (file)
--- a/sope-ldap/NGLdap/NGLdapConnection.m
+++ b/sope-ldap/NGLdap/NGLdapConnection.m
@@ -943,6 +943,11 @@ static void freeMods(LDAPMod **mods) {
   if (LDAPDebugEnabled)
     [self logWithFormat:@"check pwd of login '%@' on %@", _login, _baseDN];
   
+  if ([_pwd length] == 0) {
+    if (LDAPDebugEnabled) [self logWithFormat:@"  no password provided."];
+    return NO;
+  }
+  
   if (self->handle == NULL) {
     if (![self _reinit]) {
       NSLog(@"%s: _reinit failed...:", __PRETTY_FUNCTION__);
@@ -970,8 +975,10 @@ static void freeMods(LDAPMod **mods) {
   */
 
   didBind = NO;
-  NS_DURING
+  NS_DURING {
+    /* Note: beware: do _not_ use empty passwords! (unauthenticated binds) */
     didBind = [self bindWithMethod:@"simple" binddn:strDN credentials:_pwd];
+  }
   NS_HANDLER
     didBind = NO;
   NS_ENDHANDLER;
@@ -999,6 +1006,10 @@ static void freeMods(LDAPMod **mods) {
     NSLog(@"LDAP: check pwd of login '%@' on %@,%i,%@ ...",
           _login, _hostName, _port, _baseDN);
   }
+  if ([_pwd length] == 0) {
+    if (LDAPDebugEnabled) [self logWithFormat:@"  no password provided."];
+    return NO;
+  }
   
   if ((ldap = [[self alloc] initWithHostName:_hostName port:_port]) == nil) {
     if (LDAPDebugEnabled)
diff --git a/sope-ldap/NGLdap/Version b/sope-ldap/NGLdap/Version
index e2af707670ac56a692f1484801146ae305930950..4aced839c96b6e01b8f67c6c66a401f646205305 100644 (file)
--- a/sope-ldap/NGLdap/Version
+++ b/sope-ldap/NGLdap/Version
@@ -2,4 +2,4 @@
 
 MAJOR_VERSION=4
 MINOR_VERSION=5
-SUBMINOR_VERSION:=21
+SUBMINOR_VERSION:=22
Unnamed repository; edit this file to name it for gitweb.