Bugzilla LDAP does not close connection (CGI::confirm_login())




17 years ago
6 years ago


(Reporter: jlaska, Assigned: justdave)




(1 attachment, 1 obsolete attachment)



17 years ago
CGI:confirm_login() is not properly implemented to handle LDAP logins.  There
are several issues (not sure whether they are ascthetic or not):

1) LDAP connection is never closed
2) LDAP does not properly make use of Param("LDAPmailattribute") when searching
for email address matches.
3) LDAP user bind closes/reconnects when a simpleAuth() call would achieve the
desired user bind

I am attaching a rough patch that I unfortunately had to hand edit to remove
unrelated changes and messages.

Comment 1

17 years ago
Created attachment 54113 [details] [diff] [review]
CGI::confirm_login() - LDAP login fixes
adding CCs of people who know something about LDAP
Priority: -- → P3
Target Milestone: --- → Bugzilla 2.18

Comment 3

17 years ago
The simpleAuth portion of this patch should be changed to:

        # Now we attempt to bind as the specified user.
       my $retcode = $LDAPconn->simpleAuth($userDN,$::FORM{"LDAP_password"});
       if ( ($::FORM{"LDAP_password"} eq "") ||
           ($userDN eq "") ||
           ($retcode == 0)  )
            ... error ....


Comment 4

17 years ago
The original patch sorta works in 2.16RC2.  It fixes the open/close/open
problem, but it replaces "uid=" with Param("LDAPmailattribuet") on the query
which doesn't work.

I'll upload the patch we are using as an attachment.

Comment 5

17 years ago
Created attachment 90264 [details] [diff] [review]
Newer patch to 2.16RC2 to fix open/close/open problem.
Comment on attachment 90264 [details] [diff] [review]
Newer patch to 2.16RC2 to fix open/close/open problem.

This patch is reversed, and it needs to be a diff -u, as well. It looks good,
Attachment #90264 - Flags: review-


17 years ago
Attachment #54113 - Attachment is obsolete: true
Isn't this implicitly closed when the scalar ref goes out of scope?

This has all moved to Net::LDAP + Bugzilla/Auth/LDAP.pm in CVS - is this bug
still valid?

Comment 8

15 years ago
Unloved bugs targetted for 2.18 but untouched since 9-15-2003 are being
retargeted to 2.20
If you plan to act on one immediately, go ahead and pull it back to 2.18.
Target Milestone: Bugzilla 2.18 → Bugzilla 2.20

Comment 9

14 years ago
No response to comment 7, assuming that bug is now INVALID after the re-write.
Last Resolved: 14 years ago
Resolution: --- → INVALID
clearing target of DUPLICATE/WONTFIX/INVALID/WORKSFORME so they'll show up as
untriaged if they get reopened.
Target Milestone: Bugzilla 2.20 → ---
QA Contact: matty_is_a_geek → default-qa
You need to log in before you can comment on or make changes to this bug.