security-and-privacy/ldapcherry
security-and-privacy/ldapcherry
1
0
Fork 0
mirror of https://github.com/kakwa/ldapcherry synced 2024-11-22 17:34:21 +01:00
Code Releases Activity

better exception + server side checks for ppolicy

Browse Source
This commit is contained in:
kakwa 2015-07-14 14:05:10 +02:00
parent abb651daa1
commit 3587afcbfa
1 changed files with 9 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
ldapcherry/__init__.py
View File

@ -603,9 +603,12 @@ class LdapCherry(object):
pwd1 = attr + '1' pwd1 = attr + '1'
pwd2 = attr + '2' pwd2 = attr + '2'
if params['attrs'][pwd1] != params['attrs'][pwd2]: if params['attrs'][pwd1] != params['attrs'][pwd2]:
raise Exception() raise PasswordMissMatch()
if not self._checkppolicy(params['attrs'][pwd1])['match']:
raise PPolicyError()
params['attrs'][attr] = params['attrs'][pwd1] params['attrs'][attr] = params['attrs'][pwd1]
if attr in params['attrs']: if attr in params['attrs']:
self.attributes.check_attr(attr, params['attrs'][attr])
backends = self.attributes.get_backends_attributes(attr) backends = self.attributes.get_backends_attributes(attr)
for b in backends: for b in backends:
if b not in badd: if b not in badd:
@ -654,9 +657,12 @@ class LdapCherry(object):
pwd2 = attr + '2' pwd2 = attr + '2'
if pwd1 in params['attrs']: if pwd1 in params['attrs']:
if params['attrs'][pwd1] != params['attrs'][pwd2]: if params['attrs'][pwd1] != params['attrs'][pwd2]:
raise Exception() raise PasswordMissMatch()
if not self._checkppolicy(params['attrs'][pwd1])['match']:
raise PPolicyError()
params['attrs'][attr] = params['attrs'][pwd1] params['attrs'][attr] = params['attrs'][pwd1]
if attr in params['attrs']: if attr in params['attrs']:
self.attributes.check_attr(attr, params['attrs'][attr])
backends = self.attributes.get_backends_attributes(attr) backends = self.attributes.get_backends_attributes(attr)
for b in backends: for b in backends:
if b not in badd: if b not in badd:
@ -801,8 +807,7 @@ class LdapCherry(object):
) )
def _checkppolicy(self, password): def _checkppolicy(self, password):
ret = self.ppolicy.check(password) return self.ppolicy.check(password)
return ret
@cherrypy.expose @cherrypy.expose
def signin(self, url=None): def signin(self, url=None):