allura-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jetm...@apache.org
Subject [3/4] git commit: [#7732] (unrelated) prevent empty LDAP login from proceeding
Date Thu, 16 Oct 2014 09:39:42 GMT
[#7732] (unrelated) prevent empty LDAP login from proceeding


Project: http://git-wip-us.apache.org/repos/asf/allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/allura/commit/3ae70ad5
Tree: http://git-wip-us.apache.org/repos/asf/allura/tree/3ae70ad5
Diff: http://git-wip-us.apache.org/repos/asf/allura/diff/3ae70ad5

Branch: refs/heads/ib/7732
Commit: 3ae70ad5028f82fd7b3a33bb36d2d05bd546fab3
Parents: 49be490
Author: Dave Brondsema <dbrondsema@slashdotmedia.com>
Authored: Fri Oct 3 19:26:32 2014 +0000
Committer: Igor Bondarenko <jetmind2@gmail.com>
Committed: Thu Oct 16 09:18:52 2014 +0000

----------------------------------------------------------------------
 Allura/allura/lib/plugin.py | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/allura/blob/3ae70ad5/Allura/allura/lib/plugin.py
----------------------------------------------------------------------
diff --git a/Allura/allura/lib/plugin.py b/Allura/allura/lib/plugin.py
index f1c9c3c..a2a57b1 100644
--- a/Allura/allura/lib/plugin.py
+++ b/Allura/allura/lib/plugin.py
@@ -430,6 +430,8 @@ def ldap_conn(who=None, cred=None):
 
 def ldap_user_dn(username):
     'return a Distinguished Name for a given username'
+    if not username:
+        raise ValueError('Empty username')
     return 'uid=%s,%s' % (
         ldap.dn.escape_dn_chars(username),
         config['auth.ldap.suffix'])
@@ -569,7 +571,11 @@ class LdapAuthenticationProvider(AuthenticationProvider):
     def _validate_password(self, username, password):
         '''by username'''
         try:
-            con = ldap_conn(ldap_user_dn(username), password)
+            ldap_user = ldap_user_dn(username)
+        except ValueError:
+            return False
+        try:
+            con = ldap_conn(ldap_user, password)
             con.unbind_s()
             return True
         except (ldap.INVALID_CREDENTIALS, ldap.UNWILLING_TO_PERFORM, ldap.NO_SUCH_OBJECT):


Mime
View raw message