diff options
Diffstat (limited to 'plugins/password/drivers/ldap_simple.php')
-rw-r--r-- | plugins/password/drivers/ldap_simple.php | 35 |
1 files changed, 19 insertions, 16 deletions
diff --git a/plugins/password/drivers/ldap_simple.php b/plugins/password/drivers/ldap_simple.php index 541afa96b..38db9f129 100644 --- a/plugins/password/drivers/ldap_simple.php +++ b/plugins/password/drivers/ldap_simple.php @@ -20,7 +20,7 @@ function password_save($curpass, $passwd) return PASSWORD_CONNECT_ERROR; } - /* Set protocol version */ + /* Set protocol version */ if (!ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, $rcmail->config->get('password_ldap_version'))) { ldap_unbind($ds); return PASSWORD_CONNECT_ERROR; @@ -40,12 +40,12 @@ function password_save($curpass, $passwd) } else { $user_dn = ldap_simple_search_userdn($rcmail, $ds); } - + if (empty($user_dn)) { ldap_unbind($ds); return PASSWORD_CONNECT_ERROR; } - + /* Connection method */ switch ($rcmail->config->get('password_ldap_method')) { case 'admin': @@ -64,27 +64,27 @@ function password_save($curpass, $passwd) ldap_unbind($ds); return PASSWORD_CONNECT_ERROR; } - + /* Crypting new password */ $passwd = ldap_simple_hash_password($passwd, $rcmail->config->get('password_ldap_encodage')); if (!$passwd) { ldap_unbind($ds); return PASSWORD_CRYPT_ERROR; } - + $entree[$rcmail->config->get('password_ldap_pwattr')] = $passwd; /* Updating PasswordLastChange Attribute if desired */ if ($lchattr = $rcmail->config->get('password_ldap_lchattr')) { - $entree[$lchattr] = (int)(time() / 86400) + $entree[$lchattr] = (int)(time() / 86400); } - + if (!ldap_modify($ds, $user_dn, $entree)) { ldap_unbind($ds); return PASSWORD_CONNECT_ERROR; } - + /* All done, no error */ ldap_unbind($ds); return PASSWORD_SUCCESS; @@ -101,34 +101,37 @@ function ldap_simple_search_userdn($rcmail, $ds) if (!ldap_bind($ds, $rcmail->config->get('password_ldap_searchDN'), $rcmail->config->get('password_ldap_searchPW'))) { return false; } - + /* Search for the DN */ if (!$sr = ldap_search($ds, $rcmail->config->get('password_ldap_search_base'), ldap_simple_substitute_vars($rcmail->config->get('password_ldap_search_filter')))) { return false; } - + /* If no or more entries were found, return false */ if (ldap_count_entries($ds, $sr) != 1) { return false; } - + return ldap_get_dn($ds, ldap_first_entry($ds, $sr)); } /** - * Substitute %login, %name and %domain in $str + * Substitute %login, %name, %domain, %dc in $str * See plugin config for details */ function ldap_simple_substitute_vars($str) { $str = str_replace('%login', $_SESSION['username'], $str); $str = str_replace('%l', $_SESSION['username'], $str); - + $parts = explode('@', $_SESSION['username']); + if (count($parts) == 2) { + $dc = 'dc='.strtr($parts[1], array('.' => ',dc=')); // hierarchal domain string + $str = str_replace('%name', $parts[0], $str); - $str = str_replace('%n', $parts[0], $str); - + $str = str_replace('%n', $parts[0], $str); + $str = str_replace('%dc', $dc, $str); $str = str_replace('%domain', $parts[1], $str); $str = str_replace('%d', $parts[1], $str); } @@ -228,6 +231,6 @@ function ldap_simple_random_salt($length) while (strlen($str) < $length) { $str .= substr($possible, (rand() % strlen($possible)), 1); } - + return $str; } |