Univention Bugzilla – Full Text Bug Listing |
Summary: | Squid only uses ldap/server/name for auth | ||
---|---|---|---|
Product: | UCS | Reporter: | Tim Petersen <petersen> |
Component: | Squid | Assignee: | Philipp Hahn <hahn> |
Status: | CLOSED FIXED | QA Contact: | Janek Walkenhorst <walkenhorst> |
Severity: | normal | ||
Priority: | P5 | CC: | gohmann |
Version: | UCS 4.0 | ||
Target Milestone: | UCS 4.0-1-errata | ||
Hardware: | Other | ||
OS: | Linux | ||
What kind of report is it?: | --- | What type of bug is this?: | --- |
Who will be affected by this bug?: | --- | How will those affected feel about the bug?: | --- |
User Pain: | Enterprise Customer affected?: | ||
School Customer affected?: | ISV affected?: | ||
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | Bug group (optional): | ||
Max CVSS v3 score: |
Description
Tim Petersen
2015-02-10 15:10:23 CET
r58968 | Bug #37752 Squid: Copyright 2015 r58967 | Bug #37752 Squid: Support ldap/server/addition squid3-3.1.20/helpers/basic_auth/LDAP/squid_ldap_auth.c:open_ldap_connection() uses ldap_initialize() if the arguments contain "://", which allows a comma or space separated list of LDAP servers to be specified. Package: univention-squid Version: 8.0.2-2.224.201503131731 Branch: ucs_4.0-0 Scope: errata4.0-1 r58969 | Bug #37752 Squid: Support ldap/server/addition YAML 2015-03-13-univention-squid.yaml QA: ucr set squid/basicauth=yes ldap/server/addition="$(ucr get ldap/master) localhost" univention-install univention-squid strace strace -e connect \ /usr/lib/squid3/squid_ldap_auth \ -b "$(ucr get ldap/base)" \ -D "$(ucr get ldap/hostdn)" \ -W /etc/squid3.secret \ -s sub \ -f '(&(objectClass=organizationalPerson)(uid=%s))' \ -d \ "ldap://$(ucr get ldap/server/name):9" "ldap://$(ucr get ldap/server/name):$(ucr get ldap/server/port)" <<<'Administrator univention' http_proxy=http://Administrator:univention@localhost:3128 \ wget -d -O/dev/null http://www.univention.de/ Tests: OK Code review: OK Advisory: OK |