nik/davical
1
0
Fork 0
mirror of https://gitlab.com/davical-project/davical.git synced 2026-05-25 02:34:17 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Patch to support Kerberos from Benedikt Elser.

Browse Source
This commit is contained in:
Andrew McMillan 2009-09-26 21:06:20 +12:00
parent a0e02234f5
commit 3fdbd17d3d
1 changed files with 15 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
inc/drivers_ldap.php
View File

@ -152,7 +152,8 @@ class ldapDrivers
* @param string $passwd password to check * @param string $passwd password to check
* @return array Contains selected attributes from all entries corresponding to the given filter * @return array Contains selected attributes from all entries corresponding to the given filter
*/ */
function requestUser( $filter, $attributes=NULL, $passwd) { function requestUser( $filter, $attributes=NULL, $username, $passwd) {
global $c;
$entry=NULL; $entry=NULL;
// We get the DN of the USER // We get the DN of the USER
@ -175,10 +176,19 @@ class ldapDrivers
} }
$dnUser = ldap_get_dn($this->connect, ldap_first_entry($this->connect,$entry)); $dnUser = ldap_get_dn($this->connect, ldap_first_entry($this->connect,$entry));
if ($c->authenticate_hook['config']['i_use_mode_kerberos'] == "i_know_what_i_am_doing") {
dbg_error_log( "LOG", "drivers_ldap : Skipping password Check for user %s which should be the same as %s",$username , $_SERVER["REMOTE_USER"]);
if ($username != $_SERVER["REMOTE_USER"]) {
return false;
}
} else {
if ( !@ldap_bind($this->connect, $dnUser, $passwd) ) { if ( !@ldap_bind($this->connect, $dnUser, $passwd) ) {
dbg_error_log( "LDAP", "drivers_ldap : Failed to bind to user %s using password %s", $dnUser, $passwd ); dbg_error_log( "LDAP", "drivers_ldap : Failed to bind to user %s using password %s", $dnUser, $passwd );
return false; return false;
} }
}
dbg_error_log( "LDAP", "drivers_ldap : Bound to user %s using password %s", $dnUser, $passwd ); dbg_error_log( "LDAP", "drivers_ldap : Bound to user %s using password %s", $dnUser, $passwd );
@ -268,8 +278,7 @@ function LDAP_check($username, $password ){
} }
$filter = "(&$filter_munge(".$mapping["username"]."=$username))"; $filter = "(&$filter_munge(".$mapping["username"]."=$username))";
dbg_error_log( "LDAP", "checking user %s for password %s against LDAP",$username,$password ); $valid = $ldapDriver->requestUser( $filter, $attributes, $username, $password );
$valid = $ldapDriver->requestUser( $filter, $attributes, $password );
// is a valid user or not // is a valid user or not
if ( !$valid ) { if ( !$valid ) {