https://www.mediawiki.org/wiki/Special:Code/MediaWiki/112471
Revision: 112471
Author: laner
Date: 2012-02-27 05:27:20 +0000 (Mon, 27 Feb 2012)
Log Message:
-----------
Seems getCanonicalName is used to also check page names, which causes nastiness
when anons click redlinks. I want to stab our authentication code for reusing
this function in this way. This fix works around an error by only connecting to
LDAP if the user is also using a valid name. That said, this is a major issue
all around. When a user is logged in, if they click a red link it's going to
cause an LDAP lookup unless memcache is being used and there is a key hit, and
that's stupid.
Modified Paths:
--------------
trunk/extensions/LdapAuthentication/LdapAuthentication.php
Modified: trunk/extensions/LdapAuthentication/LdapAuthentication.php
===================================================================
--- trunk/extensions/LdapAuthentication/LdapAuthentication.php 2012-02-27
05:08:14 UTC (rev 112470)
+++ trunk/extensions/LdapAuthentication/LdapAuthentication.php 2012-02-27
05:27:20 UTC (rev 112471)
@@ -1156,7 +1156,7 @@
$key = wfMemcKey( 'ldapauthentication', 'canonicalname',
$username );
$canonicalname = $username;
if ( $username != '' ) {
- $this->printDebug( "Username isn't empty.",
NONSENSITIVE );
+ $this->printDebug( "Username is: $username",
NONSENSITIVE );
if ( $this->getConf( 'LowercaseUsernameScheme' ) ) {
$canonicalname = strtolower( $canonicalname );
} else {
@@ -1169,7 +1169,7 @@
return
$userInfo["canonicalname"];
}
} else {
- if ( $this->connect() ) {
+ if ( $this->validDomain(
$this->getSessionDomain() ) && $this->connect() ) {
// Try to pull the username
from LDAP. In the case of straight binds,
// try to fetch the username by
search before bind.
$this->userdn =
$this->getUserDN( $username, true );
_______________________________________________
MediaWiki-CVS mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-cvs
