summaryrefslogtreecommitdiff
path: root/plugins/password/drivers/ldap_simple.php
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/password/drivers/ldap_simple.php')
-rw-r--r--plugins/password/drivers/ldap_simple.php35
1 files changed, 19 insertions, 16 deletions
diff --git a/plugins/password/drivers/ldap_simple.php b/plugins/password/drivers/ldap_simple.php
index 541afa96b..38db9f129 100644
--- a/plugins/password/drivers/ldap_simple.php
+++ b/plugins/password/drivers/ldap_simple.php
@@ -20,7 +20,7 @@ function password_save($curpass, $passwd)
return PASSWORD_CONNECT_ERROR;
}
- /* Set protocol version */
+ /* Set protocol version */
if (!ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, $rcmail->config->get('password_ldap_version'))) {
ldap_unbind($ds);
return PASSWORD_CONNECT_ERROR;
@@ -40,12 +40,12 @@ function password_save($curpass, $passwd)
} else {
$user_dn = ldap_simple_search_userdn($rcmail, $ds);
}
-
+
if (empty($user_dn)) {
ldap_unbind($ds);
return PASSWORD_CONNECT_ERROR;
}
-
+
/* Connection method */
switch ($rcmail->config->get('password_ldap_method')) {
case 'admin':
@@ -64,27 +64,27 @@ function password_save($curpass, $passwd)
ldap_unbind($ds);
return PASSWORD_CONNECT_ERROR;
}
-
+
/* Crypting new password */
$passwd = ldap_simple_hash_password($passwd, $rcmail->config->get('password_ldap_encodage'));
if (!$passwd) {
ldap_unbind($ds);
return PASSWORD_CRYPT_ERROR;
}
-
+
$entree[$rcmail->config->get('password_ldap_pwattr')] = $passwd;
/* Updating PasswordLastChange Attribute if desired */
if ($lchattr = $rcmail->config->get('password_ldap_lchattr')) {
- $entree[$lchattr] = (int)(time() / 86400)
+ $entree[$lchattr] = (int)(time() / 86400);
}
-
+
if (!ldap_modify($ds, $user_dn, $entree)) {
ldap_unbind($ds);
return PASSWORD_CONNECT_ERROR;
}
-
+
/* All done, no error */
ldap_unbind($ds);
return PASSWORD_SUCCESS;
@@ -101,34 +101,37 @@ function ldap_simple_search_userdn($rcmail, $ds)
if (!ldap_bind($ds, $rcmail->config->get('password_ldap_searchDN'), $rcmail->config->get('password_ldap_searchPW'))) {
return false;
}
-
+
/* Search for the DN */
if (!$sr = ldap_search($ds, $rcmail->config->get('password_ldap_search_base'), ldap_simple_substitute_vars($rcmail->config->get('password_ldap_search_filter')))) {
return false;
}
-
+
/* If no or more entries were found, return false */
if (ldap_count_entries($ds, $sr) != 1) {
return false;
}
-
+
return ldap_get_dn($ds, ldap_first_entry($ds, $sr));
}
/**
- * Substitute %login, %name and %domain in $str
+ * Substitute %login, %name, %domain, %dc in $str
* See plugin config for details
*/
function ldap_simple_substitute_vars($str)
{
$str = str_replace('%login', $_SESSION['username'], $str);
$str = str_replace('%l', $_SESSION['username'], $str);
-
+
$parts = explode('@', $_SESSION['username']);
+
if (count($parts) == 2) {
+ $dc = 'dc='.strtr($parts[1], array('.' => ',dc=')); // hierarchal domain string
+
$str = str_replace('%name', $parts[0], $str);
- $str = str_replace('%n', $parts[0], $str);
-
+ $str = str_replace('%n', $parts[0], $str);
+ $str = str_replace('%dc', $dc, $str);
$str = str_replace('%domain', $parts[1], $str);
$str = str_replace('%d', $parts[1], $str);
}
@@ -228,6 +231,6 @@ function ldap_simple_random_salt($length)
while (strlen($str) < $length) {
$str .= substr($possible, (rand() % strlen($possible)), 1);
}
-
+
return $str;
}