Package: sympa
Version: 4.1.5-7
Severity: important
When using the cas policy in /etc/sympa/auth.conf with a ldap_bind_dn and a
ldap_bind_password (which means a NOT anonymous bind), WWsympa though try to
bind anonymously, ignoring configuration variables.
This is due to an error in the Auth.pm class.
The bind_dn and bind_password stand for the ldap policy whereas you need to use
ldap_bind_dn and ldap_bind_password for the cas policy.
See my patch enclosed.
Thx.
-- System Information:
Debian Release: testing/unstable
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.15
Locale: LANG=fr_FR, LC_CTYPE=fr_FR (charmap=ISO-8859-1)
Versions of packages sympa depends on:
ii adduser 3.80 Add and remove users and groups
ii debconf [debconf-2.0] 1.4.67 Debian configuration management sy
ii libarchive-zip-perl 1.16-1 Module for manipulation of ZIP arc
ii libc6 2.3.5-8.1 GNU C Library: Shared libraries an
ii libcgi-fast-perl 5.8.7-10 CGI::Fast Perl module
ii libcrypt-ciphersaber-perl 0.61-4 Perl module implementing CipherSab
ii libdbd-mysql-perl 3.0002-2 A Perl5 database interface to the
ii libdbd-pg-perl 1.43-1 a PostgreSQL interface for Perl 5
ii libdbi-perl 1.48-2 Perl5 database interface by Tim Bu
ii libfcgi-perl 0.67-2 FastCGI Perl module
ii libio-stringy-perl 2.110-1 Perl5 modules for IO from scalars
ii libmailtools-perl 1.62-1 Manipulate email in perl programs
ii libmd5-perl 2.03-1 backwards-compatible wrapper for D
ii libmime-perl 5.418-1 Perl5 modules for MIME-compliant m
ii libmsgcat-perl 1.03-3 Locale::Msgcat perl module
ii libnet-ldap-perl 1:0.33-2 A Client interface to LDAP servers
ii mhonarc 2.6.15-1 Mail to HTML converter
ii perl [libmime-base64-perl] 5.8.7-10 Larry Wall's Practical Extraction
ii perl-suid 5.8.7-10 Runs setuid Perl scripts
ii postfix [mail-transport-agent 2.2.4-1 A high-performance mail transport
ii sysklogd [system-log-daemon] 1.4.1-17 System Logging Daemon
Versions of packages sympa recommends:
pn doc-base <none> (no description available)
ii logrotate 3.7.1-2 Log rotation utility
-- debconf information excluded
--
Pierre Pattard
--- /usr/lib/sympa/bin/Auth.pm.orig 2006-01-25 20:16:49.000000000 +0100
+++ /usr/lib/sympa/bin/Auth.pm 2006-01-25 20:23:30.000000000 +0100
@@ -391,7 +391,7 @@
my $cnx;
## Not always anonymous...
- if (defined ($ldap->{'bind_dn'}) && defined ($ldap->{'bind_password'}))
{
+ if (defined ($ldap->{'ldap_bind_dn'}) && defined
($ldap->{'ldap_bind_password'})) {
$cnx = $ldap_anonymous->bind($ldap->{'ldap_bind_dn'}, password
=>$ldap->{'ldap_bind_password'});
}else {
$cnx = $ldap_anonymous->bind;
@@ -414,7 +414,7 @@
my $count = $emails->count();
if ($emails->count() == 0) {
- do_log('notice',"No entry in the Ldap Directory Tree of %s,$host");
+ do_log('notice',"No entry in the Ldap Directory Tree of %s",$host);
$ldap_anonymous->unbind;
last;
}
