r68436 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r68435‎ \| r68436 \| r68437 >
Date:	00:41, 23 June 2010
Author:	laner
Status:	deferred
Tags:
Comment:	Fix possible remote_global vulnerabilities, and fix for r68288
Modified paths:	/trunk/extensions/LdapAuthentication/LdapAuthentication.php (modified) (history)

Diff [purge]

Index: trunk/extensions/LdapAuthentication/LdapAuthentication.php
—	—	@@ -36,12 +36,58 @@
37	37	# LdapAuthentication.php
38	38	#
39	39	# Info available at http://www.mediawiki.org/wiki/Extension:LDAP_Authentication
40		~~-# and at http://www.mediawiki.org/wiki/Extension:LDAP_Authentication/Configuration_Examples~~
41		~~-# and at http://www.mediawiki.org/wiki/Extension:LDAP_Authentication/Smartcard_Configuration_Examples~~
42		-#
43	40	# Support is available at http://www.mediawiki.org/wiki/Extension_talk:LDAP_Authentication
44	41	#
45	42
	43	+if ( !defined( 'MEDIAWIKI' ) ) exit;
	44	+
	45	+$wgLDAPDomainNames = array();
	46	+$wgLDAPServerNames = array();
	47	+$wgLDAPUseLocal = false;
	48	+$wgLDAPEncryptionType = array();
	49	+$wgLDAPOptions = array();
	50	+$wgLDAPPort = array();
	51	+$wgLDAPSearchStrings = array();
	52	+$wgLDAPProxyAgent = array();
	53	+$wgLDAPProxyAgentPassword = array();
	54	+$wgLDAPSearchAttributes = array();
	55	+$wgLDAPBaseDNs = array();
	56	+$wgLDAPGroupBaseDNs = array();
	57	+$wgLDAPUserBaseDNs = array();
	58	+$wgLDAPWriterDN = array();
	59	+$wgLDAPWriterPassword = array();
	60	+$wgLDAPWriteLocation = array();
	61	+$wgLDAPAddLDAPUsers = array();
	62	+$wgLDAPUpdateLDAP = array();
	63	+$wgLDAPPasswordHash = array();
	64	+$wgLDAPMailPassword = array();
	65	+$wgLDAPRetrievePrefs = array();
	66	+$wgLDAPPreferences = array();
	67	+$wgLDAPDisableAutoCreate = array();
	68	+$wgLDAPDebug = 0;
	69	+$wgLDAPGroupDN = ""; //Deprecated
	70	+$wgLDAPGroupUseFullDN = array();
	71	+$wgLDAPLowerCaseUsername = array();
	72	+$wgLDAPGroupUseRetrievedUsername = array();
	73	+$wgLDAPGroupObjectclass = array();
	74	+$wgLDAPGroupAttribute = array();
	75	+$wgLDAPGroupNameAttribute = array();
	76	+$wgLDAPGroupsUseMemberOf = array();
	77	+$wgLDAPUseLDAPGroups = array();
	78	+$wgLDAPLocallyManagedGroups = array();
	79	+$wgLDAPGroupsPrevail = array();
	80	+$wgLDAPRequiredGroups = array();
	81	+$wgLDAPExcludedGroups = array();
	82	+$wgLDAPGroupSearchNestedGroups = array();
	83	+$wgLDAPSmartcardDomain = ""; //Deprecated
	84	+$wgLDAPSSLUsername = ""; //Deprecated
	85	+$wgLDAPAuthAttribute = array();
	86	+$wgLDAPAutoAuthUsername = "";
	87	+$wgLDAPAutoAuthDomain = "";
	88	+$wgLDAPUniqueAttribute = array(); //Currently unused
	89	+$wgLDAPUniqueBlockLogin = array(); //Currently unused
	90	+$wgLDAPUniqueRenameUser = array(); //Currently unused
	91	+
46	92	/**
47	93	* Add extension information to Special:Version
48	94	*/
—	—	@@ -402,12 +448,7 @@
403	449	}
404	450
405	451	$template->set( 'usedomain', true );
406		-
407		~~- if ( isset( $wgLDAPMailPassword ) && $wgLDAPMailPassword[$_SESSION['wsDomain']] ) {~~
408		~~- $template->set( 'useemail', true );~~
409		~~- } else {~~
410		~~- $template->set( 'useemail', false );~~
411		~~- }~~
	452	+ $template->set( 'useemail', isset( $wgLDAPMailPassword[$_SESSION['wsDomain']] ) && $wgLDAPMailPassword[$_SESSION['wsDomain']] );
412	453
413	454	$tempDomArr = $wgLDAPDomainNames;
414	455	if ( $wgLDAPUseLocal ) {

Follow-up revisions

Revision	Commit summary	Author	Date
r68501	* Fixed issue with single domains, and non-auto-authentication domains being ...	laner	03:04, 24 June 2010

Past revisions this follows-up on

Revision	Commit summary	Author	Date
r68288	Fix email me a password functionality when $wgLDAPMailPassword is set to true.	laner	20:57, 19 June 2010

Status & tagging log

18:20, 8 September 2010 😂 (talk | contribs) changed the status of r68436 [removed: new added: deferred]