From: helge Date: Tue, 8 Mar 2005 11:13:50 +0000 (+0000) Subject: do not use unauthenticated binds X-Git-Url: https://err.no/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=dc7c4aada429a961341026faecd40418f54ffacd;p=sope do not use unauthenticated binds git-svn-id: http://svn.opengroupware.org/SOPE/trunk@635 e4a50df8-12e2-0310-a44c-efbce7f8a7e3 --- diff --git a/sope-ldap/NGLdap/ChangeLog b/sope-ldap/NGLdap/ChangeLog index b7f47efb..e7dba7eb 100644 --- a/sope-ldap/NGLdap/ChangeLog +++ b/sope-ldap/NGLdap/ChangeLog @@ -1,3 +1,8 @@ +2005-03-08 Helge Hess + + * NGLdapConnection.m: fixed not to do unauthenticated binds (related to + OGo bug #957) (v4.5.22) + 2004-12-14 Marcus Mueller * NGLdap.xcode: minor fixes and updated diff --git a/sope-ldap/NGLdap/NGLdapConnection.m b/sope-ldap/NGLdap/NGLdapConnection.m index a3cefc98..6634ade9 100644 --- a/sope-ldap/NGLdap/NGLdapConnection.m +++ b/sope-ldap/NGLdap/NGLdapConnection.m @@ -943,6 +943,11 @@ static void freeMods(LDAPMod **mods) { if (LDAPDebugEnabled) [self logWithFormat:@"check pwd of login '%@' on %@", _login, _baseDN]; + if ([_pwd length] == 0) { + if (LDAPDebugEnabled) [self logWithFormat:@" no password provided."]; + return NO; + } + if (self->handle == NULL) { if (![self _reinit]) { NSLog(@"%s: _reinit failed...:", __PRETTY_FUNCTION__); @@ -970,8 +975,10 @@ static void freeMods(LDAPMod **mods) { */ didBind = NO; - NS_DURING + NS_DURING { + /* Note: beware: do _not_ use empty passwords! (unauthenticated binds) */ didBind = [self bindWithMethod:@"simple" binddn:strDN credentials:_pwd]; + } NS_HANDLER didBind = NO; NS_ENDHANDLER; @@ -999,6 +1006,10 @@ static void freeMods(LDAPMod **mods) { NSLog(@"LDAP: check pwd of login '%@' on %@,%i,%@ ...", _login, _hostName, _port, _baseDN); } + if ([_pwd length] == 0) { + if (LDAPDebugEnabled) [self logWithFormat:@" no password provided."]; + return NO; + } if ((ldap = [[self alloc] initWithHostName:_hostName port:_port]) == nil) { if (LDAPDebugEnabled) diff --git a/sope-ldap/NGLdap/Version b/sope-ldap/NGLdap/Version index e2af7076..4aced839 100644 --- a/sope-ldap/NGLdap/Version +++ b/sope-ldap/NGLdap/Version @@ -2,4 +2,4 @@ MAJOR_VERSION=4 MINOR_VERSION=5 -SUBMINOR_VERSION:=21 +SUBMINOR_VERSION:=22