Closed
Bug 105504
Opened 24 years ago
Closed 20 years ago
Bugzilla LDAP does not close connection (CGI::confirm_login())
Categories
(Bugzilla :: Administration, task, P3)
Tracking
()
RESOLVED
INVALID
People
(Reporter: jlaska, Assigned: justdave)
Details
Attachments
(1 file, 1 obsolete file)
|
2.80 KB,
patch
|
bbaetz
:
review-
|
Details | Diff | Splinter Review |
CGI:confirm_login() is not properly implemented to handle LDAP logins. There
are several issues (not sure whether they are ascthetic or not):
1) LDAP connection is never closed
2) LDAP does not properly make use of Param("LDAPmailattribute") when searching
for email address matches.
3) LDAP user bind closes/reconnects when a simpleAuth() call would achieve the
desired user bind
I am attaching a rough patch that I unfortunately had to hand edit to remove
unrelated changes and messages.
|
Reporter | |
Comment 1•24 years ago
|
||
|
Assignee | |
Comment 2•24 years ago
|
||
adding CCs of people who know something about LDAP
|
||
Updated•23 years ago
|
Priority: -- → P3
Target Milestone: --- → Bugzilla 2.18
|
|
Reporter | |
Comment 3•23 years ago
|
||
The simpleAuth portion of this patch should be changed to:
# Now we attempt to bind as the specified user.
my $retcode = $LDAPconn->simpleAuth($userDN,$::FORM{"LDAP_password"});
if ( ($::FORM{"LDAP_password"} eq "") ||
($userDN eq "") ||
($retcode == 0) )
{
... error ....
}
Oops...
|
|
||
Comment 4•23 years ago
|
||
The original patch sorta works in 2.16RC2. It fixes the open/close/open
problem, but it replaces "uid=" with Param("LDAPmailattribuet") on the query
which doesn't work.
I'll upload the patch we are using as an attachment.
|
|
||
Comment 5•23 years ago
|
||
|
|
||
Comment 6•23 years ago
|
||
Comment on attachment 90264 [details] [diff] [review]
Newer patch to 2.16RC2 to fix open/close/open problem.
This patch is reversed, and it needs to be a diff -u, as well. It looks good,
though.
Attachment #90264 -
Flags: review-
|
|
||
Updated•23 years ago
|
Attachment #54113 -
Attachment is obsolete: true
|
|
||
Comment 7•22 years ago
|
||
Isn't this implicitly closed when the scalar ref goes out of scope?
This has all moved to Net::LDAP + Bugzilla/Auth/LDAP.pm in CVS - is this bug
still valid?
|
|
||
Comment 8•21 years ago
|
||
Unloved bugs targetted for 2.18 but untouched since 9-15-2003 are being
retargeted to 2.20
If you plan to act on one immediately, go ahead and pull it back to 2.18.
Target Milestone: Bugzilla 2.18 → Bugzilla 2.20
|
|
||
Comment 9•20 years ago
|
||
No response to comment 7, assuming that bug is now INVALID after the re-write.
Status: NEW → RESOLVED
Closed: 20 years ago
Resolution: --- → INVALID
|
|
Assignee | |
Comment 10•20 years ago
|
||
clearing target of DUPLICATE/WONTFIX/INVALID/WORKSFORME so they'll show up as
untriaged if they get reopened.
Target Milestone: Bugzilla 2.20 → ---
|
||
Updated•12 years ago
|
QA Contact: matty_is_a_geek → default-qa
You need to log in
before you can comment on or make changes to this bug.
Description
•