Bug 8148: Prevent local authentification fallback if an invalid LDAP password was...

http://bugs.koha-community.org/show_bug.cgi?id=8148
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Dobrica Pavlinusic <dpavlin@rot13.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>

diff --git a/C4/Auth.pm b/C4/Auth.pm
index ad6d99b..c2faf8d 100644 (file)
--- a/C4/Auth.pm
+++ b/C4/Auth.pm
@@ -1543,6 +1543,7 @@ sub checkpw {
     if ($ldap) {
         $debug and print STDERR "## checkpw - checking LDAP\n";
         my ($retval,$retcard,$retuserid) = checkpw_ldap(@_);    # EXTERNAL AUTH
+        return 0 if $retval == -1;
         ($retval) and return ($retval,$retcard,$retuserid);
     }
 

diff --git a/C4/Auth_with_ldap.pm b/C4/Auth_with_ldap.pm
index 6000e76..4f47f66 100644 (file)
--- a/C4/Auth_with_ldap.pm
+++ b/C4/Auth_with_ldap.pm
@@ -88,7 +88,9 @@ sub search_method {
                  base => $base,
                filter => $filter,
                # attrs => ['*'],
-       ) or die "LDAP search failed to return object.";
+    );
+    die "LDAP search failed to return object : " . $search->error if $search->code;
+
        my $count = $search->count;
        if ($search->code > 0) {
                warn sprintf("LDAP Auth rejected : %s gets %d hits\n", $filter->as_string, $count) . description($search);
@@ -163,7 +165,7 @@ sub checkpw_ldap {
                my $cmpmesg = $db->compare( $userldapentry, attr=>'userpassword', value => $password );
                if ($cmpmesg->code != 6) {
                        warn "LDAP Auth rejected : invalid password for user '$userid'. " . description($cmpmesg);
-                       return 0;
+                       return -1;
                }
        }