Module: check_mk
Branch: master
Commit: 5510a337be9e465114a73de8d2a44d39e5bcfbc9
URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=5510a337be9e46…
Author: Andreas Boesl <ab(a)mathias-kettner.de>
Date: Wed Dec 19 13:54:24 2012 +0100
fix: ldap logins with ',' in distinguished name
---
ChangeLog | 1 +
web/plugins/userdb/ldap.py | 9 ++++++---
2 files changed, 7 insertions(+), 3 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 8de3cbb..0ec8b7a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -63,6 +63,7 @@
* FIX: Reloading of sidebar after activate changes
* FIX: Main Frame without sidebar: reload after activate changes
* FIX: output_format json: handle newlines correctly
+ * FIX: handle ldap logins with ',' in distinguished name
WATO:
* FIX: Fixed generated manual check definitions for checks without items
diff --git a/web/plugins/userdb/ldap.py b/web/plugins/userdb/ldap.py
index 7aa41fb..dbf38c8 100644
--- a/web/plugins/userdb/ldap.py
+++ b/web/plugins/userdb/ldap.py
@@ -232,7 +232,7 @@ def ldap_replace_macros(tmpl):
def ldap_user_id_attr():
return config.ldap_userspec.get('user_id', ldap_attr('user_id'))
-def ldap_get_user_dn(username):
+def ldap_get_user_dn(username, no_escape = False):
# Check wether or not the user exists in the directory
# It's only ok when exactly one entry is found.
# Returns the DN in this case.
@@ -243,7 +243,10 @@ def ldap_get_user_dn(username):
)
if result:
- return result[0][0].replace('\\', '\\\\')
+ if no_escape:
+ return result[0][0]
+ else
+ return result[0][0].replace('\\', '\\\\')
def ldap_get_users(add_filter = None):
columns = [
@@ -516,7 +519,7 @@ def ldap_login(username, password):
ldap_connect()
# Returns None when the user is not found or not uniq, else returns the
# distinguished name of the user as string which is needed for the login.
- user_dn = ldap_get_user_dn(username)
+ user_dn = ldap_get_user_dn(username, True)
if not user_dn:
return None # The user does not exist. Skip this connector.