Browse Source

Adding support for additional chars in LDAP usernames (fixes #1941)

Allowing LDAP entries to use the chracters ' ', '@', '-', '_',
and '.' in the user name attribute.  These characters do not
modify the behavior of the LDAP filter and are common in LDAP
user names.

Signed-off-by: David M. Syzdek <david@syzdek.net>


git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2526 152afb58-edef-0310-8abb-c4023f1b3aa9
svn/tags/lighttpd-1.4.23
Stefan Bühler 13 years ago
parent
commit
5204fd7e6c
  1. 1
      NEWS
  2. 9
      src/http_auth.c

1
NEWS

@ -51,6 +51,7 @@ NEWS
* Fix segfault in mod_expire after failed config parsing (fixes #1992)
* Add ssi.content-type option (default text/html, fixes #615)
* Add support for "real" entropy from /dev/[u]random (fixes #1977)
* Adding support for additional chars in LDAP usernames (fixes #1941)
- 1.4.22 - 2009-03-07
* Fix wrong lua type for CACHE_MISS/CACHE_HIT in mod_cml (fixes #533)

9
src/http_auth.c

@ -728,10 +728,15 @@ static int http_auth_basic_password_compare(server *srv, mod_auth_plugin_data *p
char c = username->ptr[i];
if (!isalpha(c) &&
!isdigit(c)) {
!isdigit(c) &&
(c != ' ') &&
(c != '@') &&
(c != '-') &&
(c != '_') &&
(c != '.') ) {
log_error_write(srv, __FILE__, __LINE__, "sbd",
"ldap: invalid character (a-zA-Z0-9 allowed) in username:", username, i);
"ldap: invalid character (- _.@a-zA-Z0-9 allowed) in username:", username, i);
return -1;
}

Loading…
Cancel
Save