From 16d56ea7427f8c95771a5f773b4d8b7ea4074fb4 Mon Sep 17 00:00:00 2001
From: David Beitey <david@davidjb.com>
Date: Mon, 23 Mar 2020 15:50:17 +1000
Subject: [PATCH] Revert "Merge pull request #199 from AVENTER-UG/issue_180"

This reverts commit bf64cf217abbe79917f9d44a651c2ecbb82ec993, reversing
changes made to f022103e31e71e70a4bb64cd4c7792fa3f238b4a.

This change isn't right -- it an LDAP setup when `group_attribute_is_dn
on` is enabled, which is what this section of code
(https://github.com/kvspb/nginx-auth-ldap/commit/bf64cf217abbe79917f9d44a651c2ecbb82ec993#diff-c05c0daefb48996cbf510b81002b49bcR2230)
is conditionally targeting.  This original PR #199 changed the underlying
LDAP query (eg `user_val`) from looking up the user's DN as a group
attribute in LDAP (eg set via the `group_attribute` directive in nginx)
to looking up the _group's_ DN, which isn't right and won't work.

This PR reverts the previous change to make this work correctly again.

Fwiw, the originally-referenced issue #180 seems to be a completely
different issue, relating to escaping and parentheses.
---
 ngx_http_auth_ldap_module.c | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/ngx_http_auth_ldap_module.c b/ngx_http_auth_ldap_module.c
index 37d0718..2f4e592 100644
--- a/ngx_http_auth_ldap_module.c
+++ b/ngx_http_auth_ldap_module.c
@@ -2216,7 +2216,6 @@ ngx_http_auth_ldap_check_group(ngx_http_request_t *r, ngx_http_auth_ldap_ctx_t *
     ngx_memcpy(gr, val.data, val.len);
     gr[val.len] = '\0';
     tail_gr = ngx_strchr(gr, ',');
-    
     if (tail_gr == NULL) {
         ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, "http_auth_ldap: Incorrect group DN: \"%s\"", gr);
         ctx->outcome = OUTCOME_ERROR;
@@ -2230,9 +2229,9 @@ ngx_http_auth_ldap_check_group(ngx_http_request_t *r, ngx_http_auth_ldap_ctx_t *
     if (ctx->server->group_attribute_dn == 1) {
         user_val = ngx_pcalloc(
             r->pool,
-            ctx->dn.len + 1);
-        ngx_memcpy(user_val, ctx->dn.data, ctx->dn.len);
-        user_val[ctx->dn.len] = '\0';
+            ctx->user_dn.len + 1);
+        ngx_memcpy(user_val, ctx->user_dn.data, ctx->user_dn.len);
+        user_val[ctx->user_dn.len] = '\0';
     } else {
         user_val = ngx_pcalloc(
             r->pool,