]> git.netwichtig.de Git - user/henk/code/inspircd.git/blobdiff - src/modules/m_ldapauth.cpp
projects / user / henk / code / inspircd.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Replace all abstract usages of his/he/her with they/their/it.
[user/henk/code/inspircd.git] / src / modules / m_ldapauth.cpp
diff --git a/src/modules/m_ldapauth.cpp b/src/modules/m_ldapauth.cpp
index e89ce494981c02ff69fa3296536ec469e57f08f7..b833b93844ee91397c611f52a47d1309a52e0186 100644 (file)
--- a/src/modules/m_ldapauth.cpp
+++ b/src/modules/m_ldapauth.cpp
@@ -64,7 +64,7 @@ class BindInterface : public LDAPInterface
                                while (i < text.length() - 1 && isalpha(text[i + 1]))
                                        ++i;
 
-                               std::string key = text.substr(start, (i - start) + 1);
+                               std::string key(text, start, (i - start) + 1);
                                result.append(replacements[key]);
                        }
                        else
@@ -90,8 +90,8 @@ class BindInterface : public LDAPInterface
                                if (pos == std::string::npos) // malformed
                                        continue;
 
-                               std::string key = dnPart.substr(0, pos);
-                               std::string value = dnPart.substr(pos + 1, dnPart.length() - pos + 1); // +1s to skip the = itself
+                               std::string key(dnPart, 0, pos);
+                               std::string value(dnPart, pos + 1, dnPart.length() - pos + 1); // +1s to skip the = itself
                                dnParts[key] = value;
                        }
 
@@ -307,8 +307,8 @@ class ModuleLDAPAuth : public Module
 public:
        ModuleLDAPAuth()
                : LDAP(this, "LDAP")
-               , ldapAuthed("ldapauth", this)
-               , ldapVhost("ldapauth_vhost", this)
+               , ldapAuthed("ldapauth", ExtensionItem::EXT_USER, this)
+               , ldapVhost("ldapauth_vhost", ExtensionItem::EXT_USER, this)
        {
                me = this;
                authed = &ldapAuthed;
@@ -393,7 +393,7 @@ public:
                if (user->password.empty())
                {
                        if (verbose)
-                               ServerInstance->SNO->WriteToSnoMask('c', "Forbidden connection from %s (No password provided)", user->GetFullRealHost().c_str());
+                               ServerInstance->SNO->WriteToSnoMask('c', "Forbidden connection from %s (no password provided)", user->GetFullRealHost().c_str());
                        ServerInstance->Users->QuitUser(user, killreason);
                        return MOD_RES_DENY;
                }
@@ -401,14 +401,27 @@ public:
                if (!LDAP)
                {
                        if (verbose)
-                               ServerInstance->SNO->WriteToSnoMask('c', "Forbidden connection from %s (Unable to find LDAP provider)", user->GetFullRealHost().c_str());
+                               ServerInstance->SNO->WriteToSnoMask('c', "Forbidden connection from %s (unable to find LDAP provider)", user->GetFullRealHost().c_str());
                        ServerInstance->Users->QuitUser(user, killreason);
                        return MOD_RES_DENY;
                }
 
+               std::string what;
+               std::string::size_type pos = user->password.find(':');
+               if (pos != std::string::npos)
+               {
+                       what = attribute + "=" + user->password.substr(0, pos);
+
+                       // Trim the user: prefix, leaving just 'pass' for later password check
+                       user->password = user->password.substr(pos + 1);
+               }
+               else
+               {
+                       what = attribute + "=" + (useusername ? user->ident : user->nick);
+               }
+
                try
                {
-                       std::string what = attribute + "=" + (useusername ? user->ident : user->nick);
                        LDAP->BindAsManager(new AdminBindInterface(this, LDAP.GetProvider(), user->uuid, base, what));
                }
                catch (LDAPException &ex)
@@ -427,7 +440,7 @@ public:
 
        Version GetVersion() CXX11_OVERRIDE
        {
-               return Version("Allow/Deny connections based upon answer from LDAP server", VF_VENDOR);
+               return Version("Allow/deny connections based upon answers from an LDAP server", VF_VENDOR);
        }
 };