Commit d739803b authored by Xavier Guimard's avatar Xavier Guimard

LEMONLDAP::NG : security bug in Portal/Simple.pm

parent 2df9aed0
lemonldap-ng (0.8.3) unstable; urgency=low
lemonldap-ng (0.8.3) unstable; urgency=high
* Syntax errors in configuration are now displayed
* Security fix: authentication could be replayed with another uid
-- Xavier Guimard <x.guimard@free.fr> Sat, 23 Jun 2007 21:57:02 +0200
-- Xavier Guimard <x.guimard@free.fr> Tue, 03 Jul 2007 20:49:43 +0200
lemonldap-ng (0.8.2.4) unstable; urgency=low
......
Revision history for Perl extension Lemonldap::NG::Portal.
0.75 Tue Jul 3 20:42:09 2007
- Security fix: authentication could be replayed with another uid
0.741 Tue Jul 3 7:21:16 2007
- Little bug in redirect sub
......
......@@ -2,7 +2,7 @@ package Lemonldap::NG::Portal;
print STDERR
"See Lemonldap::NG::Portal(3) to know which Lemonldap::NG::Portal::* module to use.";
our $VERSION = "0.74";
our $VERSION = "0.75";
1;
......
......@@ -13,7 +13,7 @@ use CGI::Cookie;
require POSIX;
use Lemonldap::NG::Portal::_i18n;
our $VERSION = '0.741';
our $VERSION = '0.75';
our @ISA = qw(CGI Exporter);
......@@ -131,8 +131,8 @@ sub header {
# CGI.pm overload to add Lemonldap::NG cookie
sub redirect {
my $self = shift;
if ( $self->{cookie} ) {
$self->SUPER::redirect( @_, -cookie => $self->{cookie} );
if ( $_[0]->{cookie} ) {
$self->SUPER::redirect( @_, -cookie => $_[0]->{cookie} );
}
else {
$self->SUPER::redirect(@_);
......@@ -350,7 +350,6 @@ sub unbind {
# 12. Default authentication: LDAP bind with user credentials
sub authenticate {
my $self = shift;
return PE_OK if ( $self->{id} );
$self->unbind();
my $err;
return $err unless ( ( $err = $self->connectLDAP ) == PE_OK );
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment