X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fmodules%2Fm_ldapauth.cpp;h=b833b93844ee91397c611f52a47d1309a52e0186;hb=f6b33a8facd6ca200292786c1061782c41cdd278;hp=e89ce494981c02ff69fa3296536ec469e57f08f7;hpb=f71e6bf9cb41811f18864f5d4eecb26e29d03f25;p=user%2Fhenk%2Fcode%2Finspircd.git diff --git a/src/modules/m_ldapauth.cpp b/src/modules/m_ldapauth.cpp index e89ce4949..b833b9384 100644 --- a/src/modules/m_ldapauth.cpp +++ b/src/modules/m_ldapauth.cpp @@ -64,7 +64,7 @@ class BindInterface : public LDAPInterface while (i < text.length() - 1 && isalpha(text[i + 1])) ++i; - std::string key = text.substr(start, (i - start) + 1); + std::string key(text, start, (i - start) + 1); result.append(replacements[key]); } else @@ -90,8 +90,8 @@ class BindInterface : public LDAPInterface if (pos == std::string::npos) // malformed continue; - std::string key = dnPart.substr(0, pos); - std::string value = dnPart.substr(pos + 1, dnPart.length() - pos + 1); // +1s to skip the = itself + std::string key(dnPart, 0, pos); + std::string value(dnPart, pos + 1, dnPart.length() - pos + 1); // +1s to skip the = itself dnParts[key] = value; } @@ -307,8 +307,8 @@ class ModuleLDAPAuth : public Module public: ModuleLDAPAuth() : LDAP(this, "LDAP") - , ldapAuthed("ldapauth", this) - , ldapVhost("ldapauth_vhost", this) + , ldapAuthed("ldapauth", ExtensionItem::EXT_USER, this) + , ldapVhost("ldapauth_vhost", ExtensionItem::EXT_USER, this) { me = this; authed = &ldapAuthed; @@ -393,7 +393,7 @@ public: if (user->password.empty()) { if (verbose) - ServerInstance->SNO->WriteToSnoMask('c', "Forbidden connection from %s (No password provided)", user->GetFullRealHost().c_str()); + ServerInstance->SNO->WriteToSnoMask('c', "Forbidden connection from %s (no password provided)", user->GetFullRealHost().c_str()); ServerInstance->Users->QuitUser(user, killreason); return MOD_RES_DENY; } @@ -401,14 +401,27 @@ public: if (!LDAP) { if (verbose) - ServerInstance->SNO->WriteToSnoMask('c', "Forbidden connection from %s (Unable to find LDAP provider)", user->GetFullRealHost().c_str()); + ServerInstance->SNO->WriteToSnoMask('c', "Forbidden connection from %s (unable to find LDAP provider)", user->GetFullRealHost().c_str()); ServerInstance->Users->QuitUser(user, killreason); return MOD_RES_DENY; } + std::string what; + std::string::size_type pos = user->password.find(':'); + if (pos != std::string::npos) + { + what = attribute + "=" + user->password.substr(0, pos); + + // Trim the user: prefix, leaving just 'pass' for later password check + user->password = user->password.substr(pos + 1); + } + else + { + what = attribute + "=" + (useusername ? user->ident : user->nick); + } + try { - std::string what = attribute + "=" + (useusername ? user->ident : user->nick); LDAP->BindAsManager(new AdminBindInterface(this, LDAP.GetProvider(), user->uuid, base, what)); } catch (LDAPException &ex) @@ -427,7 +440,7 @@ public: Version GetVersion() CXX11_OVERRIDE { - return Version("Allow/Deny connections based upon answer from LDAP server", VF_VENDOR); + return Version("Allow/deny connections based upon answers from an LDAP server", VF_VENDOR); } };