jakob/ldap-chpw-cgi
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Update index.py

Browse source
This commit is contained in:
Christoph Loesch 2021-04-12 03:04:33 +02:00 committed by GitHub
parent f8bd9411f4
commit ed2b5cc275
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
index.py
View file

@ -8,6 +8,7 @@ ldap_proto = 'ldap://'
ldap_server = 'localhost' ldap_server = 'localhost'
ldap_basedn = 'dc=ldap,dc=freiesnetz,dc=at' ldap_basedn = 'dc=ldap,dc=freiesnetz,dc=at'
ldap_userdn = 'ou=Users' +','+ ldap_basedn ldap_userdn = 'ou=Users' +','+ ldap_basedn
ldap_bind_attr = 'uid'
cgitb.enable(display=0, logdir='logs/') cgitb.enable(display=0, logdir='logs/')
@ -35,7 +36,7 @@ def check_oldpw(accountname, oldpass):
conn = ldap.initialize(ldap_proto+ldap_server) conn = ldap.initialize(ldap_proto+ldap_server)
conn.set_option(ldap.OPT_REFERRALS, 0) conn.set_option(ldap.OPT_REFERRALS, 0)
conn.set_option(ldap.OPT_PROTOCOL_VERSION, 3) conn.set_option(ldap.OPT_PROTOCOL_VERSION, 3)
if conn.simple_bind("uid="+accountname+","+ldap_userdn, oldpass) == True: if conn.simple_bind(ldap_bind_attr+'='+accountname+','+ldap_userdn, oldpass) == True:
return True return True
except ldap.INVALID_CREDENTIALS: except ldap.INVALID_CREDENTIALS:
conn.unbind() conn.unbind()
@ -67,8 +68,8 @@ def main():
conn = ldap.initialize(ldap_proto+ldap_server) conn = ldap.initialize(ldap_proto+ldap_server)
conn.set_option(ldap.OPT_REFERRALS, 0) conn.set_option(ldap.OPT_REFERRALS, 0)
conn.set_option(ldap.OPT_PROTOCOL_VERSION, 3) conn.set_option(ldap.OPT_PROTOCOL_VERSION, 3)
conn.simple_bind(accountname, oldpass) conn.simple_bind(ldap_bind_attr+'='+accountname+','+ldap_userdn, oldpass)
results = conn.search_s(ldap_basedn, ldap.SCOPE_SUBTREE, "(uid="+accountname+")", ["dn"]) results = conn.search_s(ldap_basedn, ldap.SCOPE_SUBTREE, '('+ldap_bind_attr+'='+accountname+')', ['dn'])
conn.unbind() conn.unbind()
for dn in results: for dn in results:
conn = ldap.initialize(ldap_proto+ldap_server) conn = ldap.initialize(ldap_proto+ldap_server)
@ -81,7 +82,7 @@ def main():
conn = ldap.initialize(ldap_proto+ldap_server) conn = ldap.initialize(ldap_proto+ldap_server)
conn.set_option(ldap.OPT_REFERRALS, 0) conn.set_option(ldap.OPT_REFERRALS, 0)
conn.set_option(ldap.OPT_PROTOCOL_VERSION, 3) conn.set_option(ldap.OPT_PROTOCOL_VERSION, 3)
if conn.simple_bind(accountname, newpass) == True: if conn.simple_bind(ldap_bind_attr+'='+accountname+','+ldap_userdn, newpass) == True:
# We did it # We did it
conn.unbind() conn.unbind()
main_content = read_template_file('success.tpl', http_host=http_host) main_content = read_template_file('success.tpl', http_host=http_host)