From 50885d86d281fc799c795e4a18575efded004fcd Mon Sep 17 00:00:00 2001 From: mdtrooper Date: Thu, 17 Jul 2014 16:07:07 +0000 Subject: [PATCH] 2014-07-17 Miguel de Dios * include/auth/ldap.php, include/auth/mysql.php: fixed the parameters with white spaces. INCIDENT: #1063 git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@10342 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f --- pandora_console/ChangeLog | 7 +++++++ pandora_console/include/auth/ldap.php | 27 ++++++++++++++++---------- pandora_console/include/auth/mysql.php | 6 +++++- 3 files changed, 29 insertions(+), 11 deletions(-) diff --git a/pandora_console/ChangeLog b/pandora_console/ChangeLog index 95a6948452..1b8eff6395 100644 --- a/pandora_console/ChangeLog +++ b/pandora_console/ChangeLog @@ -1,3 +1,10 @@ +2014-07-17 Miguel de Dios + + * include/auth/ldap.php, include/auth/mysql.php: fixed the + parameters with white spaces. + + INCIDENT: #1063 + 2014-07-17 Miguel de Dios * include/functions_groups.php: added parameter to avoid the check diff --git a/pandora_console/include/auth/ldap.php b/pandora_console/include/auth/ldap.php index 15fd6be8e0..a157b1ddd7 100644 --- a/pandora_console/include/auth/ldap.php +++ b/pandora_console/include/auth/ldap.php @@ -65,8 +65,11 @@ $config["admin_can_disable_user"] = false; //Not implemented $config["admin_can_make_admin"] = false; //Required and optional keys for this function to work -$req_keys = array ("ldap_server", "ldap_base_dn", "ldap_login_attr", "ldap_admin_group_name", "ldap_admin_group_attr", "ldap_admin_group_type", "ldap_user_filter", "ldap_user_attr"); -$opt_keys = array ("ldap_port", "ldap_start_tls", "ldap_version", "ldap_admin_dn", "ldap_admin_pwd"); +$req_keys = array("ldap_server", "ldap_base_dn", "ldap_login_attr", + "ldap_admin_group_name", "ldap_admin_group_attr", + "ldap_admin_group_type", "ldap_user_filter", "ldap_user_attr"); +$opt_keys = array("ldap_port", "ldap_start_tls", "ldap_version", + "ldap_admin_dn", "ldap_admin_pwd"); global $ldap_cache; //Needs to be globalized because config_process_config () function calls this file first and the variable would be local and subsequently lost $ldap_cache = array (); @@ -76,13 +79,15 @@ $ldap_cache["ds"] = ""; //Put each required key in a variable. foreach ($req_keys as $key) { if (!isset ($config["auth"][$key])) { - user_error ("Required key ".$key." not set", E_USER_ERROR); + user_error("Required key " . $key . " not set", E_USER_ERROR); } } // Convert group name to lower case to prevent problems -$config["auth"]["ldap_admin_group_attr"] = strtolower ($config["auth"]["ldap_admin_group_attr"]); -$config["auth"]["ldap_admin_group_type"] = strtolower ($config["auth"]["ldap_admin_group_type"]); +$config["auth"]["ldap_admin_group_attr"] = + strtolower ($config["auth"]["ldap_admin_group_attr"]); +$config["auth"]["ldap_admin_group_type"] = + strtolower ($config["auth"]["ldap_admin_group_type"]); foreach ($opt_keys as $key) { if (!isset ($config["auth"][$key])) { @@ -122,7 +127,7 @@ function process_user_login ($login, $pass) { return false; } global $config; - + $profile = db_get_value ("id_usuario", "tusuario_perfil", "id_usuario", $login); if ($profile === false && empty ($config["auth"]["create_user_undefined"])) { @@ -311,7 +316,8 @@ function ldap_search_user ($login) { $nick = false; if (ldap_connect_bind ()) { - $sr = @ldap_search ($ldap_cache["ds"], $config["auth"]["ldap_base_dn"], "(&(".$config["auth"]["ldap_login_attr"]."=".$login.")".$config["auth"]["ldap_user_filter"].")", array_values ($config["auth"]["ldap_user_attr"])); + $sr = @ldap_search ($ldap_cache["ds"], + io_safe_output($config["auth"]["ldap_base_dn"]), "(&(".io_safe_output($config["auth"]["ldap_login_attr"])."=".$login.")".io_safe_output($config["auth"]["ldap_user_filter"]).")", array_values ($config["auth"]["ldap_user_attr"])); if (!$sr) { $ldap_cache["error"] .= 'Error searching LDAP server: ' . ldap_error ($ldap_cache["ds"]); @@ -364,7 +370,7 @@ function ldap_valid_login ($login, $password) { return $ret; } - $r = @ldap_bind ($ds, $config["auth"]["ldap_login_attr"]."=".$login.",".$config["auth"]["ldap_base_dn"], $password); + $r = @ldap_bind ($ds, io_safe_output($config["auth"]["ldap_login_attr"])."=".$login.",".io_safe_output($config["auth"]["ldap_base_dn"]), $password); if (!$r) { $ldap_cache["error"] .= 'Invalid login'; } @@ -393,7 +399,8 @@ function ldap_load_user ($login) { $time = get_system_time (); if (ldap_connect_bind ()) { - $sr = ldap_search ($ldap_cache["ds"], $config["auth"]["ldap_base_dn"], "(&(".$config["auth"]["ldap_login_attr"]."=".$login.")".$config["auth"]["ldap_user_filter"].")", array_values ($config["auth"]["ldap_user_attr"])); + $sr = ldap_search ($ldap_cache["ds"], + io_safe_output($config["auth"]["ldap_base_dn"]), "(&(".io_safe_output($config["auth"]["ldap_login_attr"])."=".$login.")".io_safe_output($config["auth"]["ldap_user_filter"]).")", array_values ($config["auth"]["ldap_user_attr"])); if (!$sr) { $ldap_cache["error"] .= 'Error searching LDAP server (load_user): ' . ldap_error( $ldap_cache["ds"] ); @@ -497,7 +504,7 @@ function get_users ($order = false) { $time = get_system_time (); if (ldap_connect_bind ()) { - $sr = @ldap_search ($ldap_cache["ds"], $config["auth"]["ldap_base_dn"], $config["auth"]["ldap_user_filter"], array_values ($config["auth"]["ldap_user_attr"])); + $sr = @ldap_search ($ldap_cache["ds"], io_safe_output($config["auth"]["ldap_base_dn"]), io_safe_output($config["auth"]["ldap_user_filter"]), array_values ($config["auth"]["ldap_user_attr"])); if (!$sr) { $ldap_cache["error"] .= 'Error searching LDAP server (get_users): ' . ldap_error( $ldap_cache["ds"] ); } diff --git a/pandora_console/include/auth/mysql.php b/pandora_console/include/auth/mysql.php index 9a491c6a3b..dca6610b5c 100644 --- a/pandora_console/include/auth/mysql.php +++ b/pandora_console/include/auth/mysql.php @@ -512,7 +512,11 @@ function ldap_process_user_login ($login, $password) { } } - if (strlen($password) == 0 || !@ldap_bind ($ds, $config["ldap_login_attr"]."=".$login.",".$config["ldap_base_dn"], $password)) { + if (strlen($password) == 0 || + !@ldap_bind($ds, + io_safe_output($config["ldap_login_attr"]) . "=" . $login . "," . io_safe_output($config["ldap_base_dn"]), + $password)) { + $config["auth_error"] = 'User not found in database or incorrect password'; @ldap_close ($ds);