X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fmodules%2Fm_ldapauth.cpp;h=b833b93844ee91397c611f52a47d1309a52e0186;hb=f6b33a8facd6ca200292786c1061782c41cdd278;hp=804f6b82122ed85b7022ce88db180f6e9d7bca71;hpb=8c71a2a6304f0d77aa7738e04a44f366a158cadd;p=user%2Fhenk%2Fcode%2Finspircd.git

diff --git a/src/modules/m_ldapauth.cpp b/src/modules/m_ldapauth.cpp
index 804f6b821..b833b9384 100644
--- a/src/modules/m_ldapauth.cpp
+++ b/src/modules/m_ldapauth.cpp
@@ -64,7 +64,7 @@ class BindInterface : public LDAPInterface
 				while (i < text.length() - 1 && isalpha(text[i + 1]))
 					++i;
 
-				std::string key(start, (i - start) + 1);
+				std::string key(text, start, (i - start) + 1);
 				result.append(replacements[key]);
 			}
 			else
@@ -393,7 +393,7 @@ public:
 		if (user->password.empty())
 		{
 			if (verbose)
-				ServerInstance->SNO->WriteToSnoMask('c', "Forbidden connection from %s (No password provided)", user->GetFullRealHost().c_str());
+				ServerInstance->SNO->WriteToSnoMask('c', "Forbidden connection from %s (no password provided)", user->GetFullRealHost().c_str());
 			ServerInstance->Users->QuitUser(user, killreason);
 			return MOD_RES_DENY;
 		}
@@ -401,14 +401,27 @@ public:
 		if (!LDAP)
 		{
 			if (verbose)
-				ServerInstance->SNO->WriteToSnoMask('c', "Forbidden connection from %s (Unable to find LDAP provider)", user->GetFullRealHost().c_str());
+				ServerInstance->SNO->WriteToSnoMask('c', "Forbidden connection from %s (unable to find LDAP provider)", user->GetFullRealHost().c_str());
 			ServerInstance->Users->QuitUser(user, killreason);
 			return MOD_RES_DENY;
 		}
 
+		std::string what;
+		std::string::size_type pos = user->password.find(':');
+		if (pos != std::string::npos)
+		{
+			what = attribute + "=" + user->password.substr(0, pos);
+
+			// Trim the user: prefix, leaving just 'pass' for later password check
+			user->password = user->password.substr(pos + 1);
+		}
+		else
+		{
+			what = attribute + "=" + (useusername ? user->ident : user->nick);
+		}
+
 		try
 		{
-			std::string what = attribute + "=" + (useusername ? user->ident : user->nick);
 			LDAP->BindAsManager(new AdminBindInterface(this, LDAP.GetProvider(), user->uuid, base, what));
 		}
 		catch (LDAPException &ex)
@@ -427,7 +440,7 @@ public:
 
 	Version GetVersion() CXX11_OVERRIDE
 	{
-		return Version("Allow/Deny connections based upon answer from LDAP server", VF_VENDOR);
+		return Version("Allow/deny connections based upon answers from an LDAP server", VF_VENDOR);
 	}
 };