diff options
| author | Andreas Gohr <andi@splitbrain.org> | 2013-06-07 13:23:40 +0200 |
|---|---|---|
| committer | Andreas Gohr <andi@splitbrain.org> | 2013-06-07 13:23:40 +0200 |
| commit | e7fbe18945e8d94fd400fd66f36e67174951f290 (patch) | |
| tree | d542b4a0780b535d27bb54a158bea21f45be3e37 /lib | |
| parent | 12d195ab7189878b41dc4d211befafc79ae402a6 (diff) | |
| download | rpg-e7fbe18945e8d94fd400fd66f36e67174951f290.tar.gz rpg-e7fbe18945e8d94fd400fd66f36e67174951f290.tar.bz2 | |
fix ldap deref option FS2798
Do not pass timelimit and deref settings to ldap_search. These values
should be set globally via ldap_set_option() instead (as we do for
deref).
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/plugins/authldap/auth.php | 8 | ||||
| -rw-r--r-- | lib/plugins/authldap/conf/default.php | 1 | ||||
| -rw-r--r-- | lib/plugins/authldap/conf/metadata.php | 1 | ||||
| -rw-r--r-- | lib/plugins/authldap/lang/en/settings.php | 9 |
4 files changed, 14 insertions, 5 deletions
diff --git a/lib/plugins/authldap/auth.php b/lib/plugins/authldap/auth.php index b49aa4792..e43c3f828 100644 --- a/lib/plugins/authldap/auth.php +++ b/lib/plugins/authldap/auth.php @@ -502,23 +502,23 @@ class auth_plugin_authldap extends DokuWiki_Auth_Plugin { * @return resource */ protected function _ldapsearch($link_identifier, $base_dn, $filter, $scope = 'sub', $attributes = null, - $attrsonly = 0, $sizelimit = 0, $timelimit = 0, $deref = LDAP_DEREF_NEVER) { + $attrsonly = 0, $sizelimit = 0) { if(is_null($attributes)) $attributes = array(); if($scope == 'base') { return @ldap_read( $link_identifier, $base_dn, $filter, $attributes, - $attrsonly, $sizelimit, $timelimit, $deref + $attrsonly, $sizelimit ); } elseif($scope == 'one') { return @ldap_list( $link_identifier, $base_dn, $filter, $attributes, - $attrsonly, $sizelimit, $timelimit, $deref + $attrsonly, $sizelimit ); } else { return @ldap_search( $link_identifier, $base_dn, $filter, $attributes, - $attrsonly, $sizelimit, $timelimit, $deref + $attrsonly, $sizelimit ); } } diff --git a/lib/plugins/authldap/conf/default.php b/lib/plugins/authldap/conf/default.php index d530d59c9..2c295eeeb 100644 --- a/lib/plugins/authldap/conf/default.php +++ b/lib/plugins/authldap/conf/default.php @@ -9,6 +9,7 @@ $conf['groupfilter'] = ''; $conf['version'] = 2; $conf['starttls'] = 0; $conf['referrals'] = 0; +$conf['deref'] = 0; $conf['binddn'] = ''; $conf['bindpw'] = ''; //$conf['mapping']['name'] unsupported in config manager diff --git a/lib/plugins/authldap/conf/metadata.php b/lib/plugins/authldap/conf/metadata.php index fc5b2e63c..a3256628c 100644 --- a/lib/plugins/authldap/conf/metadata.php +++ b/lib/plugins/authldap/conf/metadata.php @@ -8,6 +8,7 @@ $meta['groupfilter'] = array('string'); $meta['version'] = array('numeric'); $meta['starttls'] = array('onoff'); $meta['referrals'] = array('onoff'); +$meta['deref'] = array('multichoice','_choices' => array(0,1,2,3)); $meta['binddn'] = array('string'); $meta['bindpw'] = array('password'); //$meta['mapping']['name'] unsupported in config manager diff --git a/lib/plugins/authldap/lang/en/settings.php b/lib/plugins/authldap/lang/en/settings.php index ddedf8ae3..e3f385f99 100644 --- a/lib/plugins/authldap/lang/en/settings.php +++ b/lib/plugins/authldap/lang/en/settings.php @@ -8,9 +8,16 @@ $lang['groupfilter'] = 'LDAP filter to search for groups. Eg. <code>(&(objec $lang['version'] = 'The protocol version to use. You may need to set this to <code>3</code>'; $lang['starttls'] = 'Use TLS connections?'; $lang['referrals'] = 'Shall referrals be followed?'; +$lang['deref'] = 'How to dereference aliases?'; $lang['binddn'] = 'DN of an optional bind user if anonymous bind is not sufficient. Eg. <code>cn=admin, dc=my, dc=home</code>'; $lang['bindpw'] = 'Password of above user'; $lang['userscope'] = 'Limit search scope for user search'; $lang['groupscope'] = 'Limit search scope for group search'; -$lang['groupkey'] = 'Group member ship from any user attribute (instead of standard AD groups) e.g. group from department or telephone number'; +$lang['groupkey'] = 'Group membership from any user attribute (instead of standard AD groups) e.g. group from department or telephone number'; $lang['debug'] = 'Display additional debug information on errors'; + + +$lang['deref_o_0'] = 'LDAP_DEREF_NEVER'; +$lang['deref_o_1'] = 'LDAP_DEREF_SEARCHING'; +$lang['deref_o_2'] = 'LDAP_DEREF_FINDING'; +$lang['deref_o_3'] = 'LDAP_DEREF_ALWAYS';
\ No newline at end of file |