--- Redmine.pm.orig 2008-03-15 21:20:09.760004669 +0100 +++ Redmine.pm 2008-03-17 15:34:52.789384031 +0100 @@ -90,6 +90,7 @@ use DBI; use Digest::SHA1; +use Net::LDAP; use Apache2::Module; use Apache2::Access; @@ -140,7 +141,7 @@ my $dbh = connect_database($r); my $sth = $dbh->prepare( - "SELECT * FROM projects WHERE projects.identifier=? and projects.is_public=true;" + "SELECT * FROM projects WHERE projects.identifier=? and projects.is_public=true;" ); $sth->execute($project_id); @@ -176,17 +177,46 @@ my $pass_digest = Digest::SHA1::sha1_hex($redmine_pass); my $sth = $dbh->prepare( - "SELECT hashed_password FROM members, projects, users WHERE projects.id=members.project_id AND users.id=members.user_id AND users.status=1 AND login=? AND identifier=?;" + "SELECT hashed_password,coalesce(auth_source_id,0) FROM members, projects, users WHERE projects.id=members.project_id AND users.id=members.user_id AND users.status=1 AND login=? AND identifier=?;" ); $sth->execute($redmine_user, $project_id); my $ret; while (my @row = $sth->fetchrow_array) { - if ($row[0] eq $pass_digest) { - $ret = 1; - last; + if ($row[1] eq 0) { + if ($row[0] eq $pass_digest) { + $ret = 1; + last; + } + } else { + my $sthldap = $dbh->prepare( + "SELECT host,port,account,account_password,base_dn,attr_login from auth_sources WHERE id = ?;" + ); + $sthldap->execute($row[1]); + while (my @rowldap = $sthldap->fetchrow_array) { + my $ldap = Net::LDAP->new($rowldap[0], port => $rowldap[1]); + my $res = $rowldap[2] ? $ldap->bind($rowldap[2], password => $rowldap[3]) : $ldap->bind(); + + unless ($res->code) { + my $res = $ldap->search( + base => $rowldap[4], + filter => "(".$rowldap[5]."=".$redmine_user.")", + attrs => ['dn'] + ); + unless ($res->code) { + foreach my $entry ($res->entries) { + my $mesg = $ldap->bind($entry->dn, password => $redmine_pass); + $ret = 1 and last unless $mesg->code; + } + } + } + $res = $ldap->unbind(); + $ldap->disconnect(); + } + $sthldap->finish(); } } + $sth->finish(); $dbh->disconnect(); $ret;