diff options
| author | Arthur Schiwon <blizzz@owncloud.com> | 2012-05-11 15:42:05 +0200 |
|---|---|---|
| committer | Arthur Schiwon <blizzz@owncloud.com> | 2012-05-11 15:42:57 +0200 |
| commit | 7efa7171e34a39e35cfb44459089fbfcaa4cfdc3 (patch) | |
| tree | 2abdc9c1e85aacabbf520fbaa475db6f8251d05b /apps/user_ldap | |
| parent | 3fd2e0d2cef04699d07e6f6bf5cfec93f6aabfd8 (diff) | |
| download | nextcloud-server-7efa7171e34a39e35cfb44459089fbfcaa4cfdc3.tar.gz nextcloud-server-7efa7171e34a39e35cfb44459089fbfcaa4cfdc3.zip | |
LDAP: wrong assumptions for case (in)sensitivity, implement far better solution
Diffstat (limited to 'apps/user_ldap')
| -rwxr-xr-x | apps/user_ldap/group_ldap.php | 16 | ||||
| -rwxr-xr-x | apps/user_ldap/lib_ldap.php | 15 |
2 files changed, 16 insertions, 15 deletions
diff --git a/apps/user_ldap/group_ldap.php b/apps/user_ldap/group_ldap.php index 34141e51f40..168476a78ec 100755 --- a/apps/user_ldap/group_ldap.php +++ b/apps/user_ldap/group_ldap.php @@ -47,9 +47,8 @@ class OC_GROUP_LDAP extends OC_Group_Backend { return false; } //usually, LDAP attributes are said to be case insensitive. But there are exceptions of course. - $read = ($members = OC_LDAP::readAttribute($dn_group, $this->ldapGroupMemberAssocAttr)) - || ($members = OC_LDAP::readAttribute($dn_group, strtolower($this->ldapGroupMemberAssocAttr))); - if(!$read) { + $members = OC_LDAP::readAttribute($dn_group, $this->ldapGroupMemberAssocAttr); + if(!$members) { return false; } @@ -101,11 +100,6 @@ class OC_GROUP_LDAP extends OC_Group_Backend { $this->ldapGroupMemberAssocAttr.'='.$uid )); $groups = OC_LDAP::fetchListOfGroups($filter, array(OC_LDAP::conf('ldapGroupDisplayName'),'dn')); - if(count($groups) == 0) { - //usually, LDAP attributes are said to be case insensitive. But there are exceptions... So we try it once more - $filter = str_replace($this->ldapGroupMemberAssocAttr, strtolower($this->ldapGroupMemberAssocAttr), $filter); - $groups = OC_LDAP::fetchListOfGroups($filter, array(OC_LDAP::conf('ldapGroupDisplayName'),'dn')); - } $userGroups = OC_LDAP::ownCloudGroupNames($groups); return array_unique($userGroups, SORT_LOCALE_STRING); @@ -121,10 +115,8 @@ class OC_GROUP_LDAP extends OC_Group_Backend { return array(); } - //usually, LDAP attributes are said to be case insensitive. But there are exceptions of course. - $read = ($members = OC_LDAP::readAttribute($groupDN, $this->ldapGroupMemberAssocAttr)) - || ($members = OC_LDAP::readAttribute($groupDN, strtolower($this->ldapGroupMemberAssocAttr))); - if(!$read) { + $members = OC_LDAP::readAttribute($groupDN, $this->ldapGroupMemberAssocAttr); + if(!$members) { return array(); } diff --git a/apps/user_ldap/lib_ldap.php b/apps/user_ldap/lib_ldap.php index 30806a63b08..e8d91d0e037 100755 --- a/apps/user_ldap/lib_ldap.php +++ b/apps/user_ldap/lib_ldap.php @@ -413,7 +413,9 @@ class OC_LDAP { $cr = self::getConnectionResource(); $rr = ldap_read($cr, $dn, 'objectClass=*', array($attr)); $er = ldap_first_entry($cr, $rr); - $result = ldap_get_attributes($cr, $er); + //LDAP attributes are not case sensitive + $result = array_change_key_case(ldap_get_attributes($cr, $er)); + $attr = strtolower($attr); if(isset($result[$attr]) && $result[$attr]['count'] > 0){ $values = array(); @@ -493,8 +495,15 @@ class OC_LDAP { } $i++; } else { - if(isset($item[$attr[0]])) { - $selection[] = $item[$attr[0]]; + //tribute to case insensitivity + if(!is_array($item)) { + continue; + } + $item = array_change_key_case($item); + $key = strtolower($attr[0]); + + if(isset($item[$key])) { + $selection[] = $item[$key]; } } |