forwarded [EMAIL PROTECTED]
stop
I have received the following bug report for the smbldap-tools 0.9.0 Debian
package, the user says that the system does not change the old password when
using TLS and proposes to add the following lines after the line 346 of
smbldap_tools.pm:
if ($config{ldapTLS} == 1) {
$userLdap-start_tls(
verify = $config{verify},
clientcert = $config{clientcert},
clientkey = $config{clientkey},
cafile = $config{cafile}
);
}
I would have prefered a uniffied diff, as this, without context, is difficult
to verify, and in fact, it seems that the line he is talking about the lines
after the 456, the diff in this case is:
--*-- BEG: diff -u smbldap_tools.pm.orig smbldap_tools.pm --*--
--- smbldap_tools.pm.orig 2005-05-27 00:59:23.0 +0200
+++ smbldap_tools.pm2005-06-16 18:46:41.179433399 +0200
@@ -454,6 +454,14 @@
{
my ($user, $dn, $pass) = @_;
my $userLdap = Net::LDAP-new($config{slaveLDAP}) or die erreur LDAP;
+ if ($config{ldapTLS} == 1) {
+ $userLdap-start_tls(
+ verify = $config{verify},
+ clientcert = $config{clientcert},
+ clientkey = $config{clientkey},
+ cafile = $config{cafile}
+ );
+ }
my $mesg= $userLdap-bind (dn = $dn, password = $pass );
if ($mesg-code eq 0) {
$userLdap-unbind;
--*-- END: diff -u smbldap_tools.pm.orig smbldap_tools.pm --*--
Actually I'm not using TLS, so I have not tested that patch, but it should be
a good idea to apply it or solve the problem in any other way.
Greetings,
Sergio.
El Thu, Jun 16, 2005 at 10:00:05AM +0200, Fernando Pieiro va escriure:
Package: smbldap-tools
Version: 0.9.0-1
A partir de la linea 346 de /usr/share/perl5/smbldap_tools.pm he puesto
las siguientes lneas de cdigo:
if ($config{ldapTLS} == 1) {
$userLdap-start_tls(
verify = $config{verify},
clientcert = $config{clientcert},
clientkey = $config{clientkey},
cafile = $config{cafile}
);
}
Esto corrige el que no se utilizase TLS cuando se comprobaba la
contrasea Unix antigua, lo cual impeda su actualizacin en entornos en
los que el trfico con el servidor LDAP debe ser encriptado.
Saludos
Fernando Pieiro
--
Sergio Talens-Oliag [EMAIL PROTECTED] http://people.debian.org/~sto/
Key fingerprint = 29DF 544F 1BD9 548C 8F15 86EF 6770 052B B8C1 FA69
signature.asc
Description: Digital signature