Update ngx_http_auth_ldap_module.c

added a rebind as privileged user in the same function as the user bind to reset the connextion to a usable state
11 years ago · 97a992b700
parent 93cd9f094a
commit 97a992b700
1 changed files with 11 additions and 0 deletions
--- a/ngx_http_auth_ldap_module.c
+++ b/ngx_http_auth_ldap_module.c
@ -1957,6 +1957,17 @@ ngx_http_auth_ldap_check_bind(ngx_http_request_t *r, ngx_http_auth_ldap_ctx_t *c
            ctx->c->msgid);
        ctx->c->state = STATE_BINDING;
        ctx->iteration++;
+        
+	// added by prune - 20140227
+	// we have to rebind THIS SAME connection as admin user or the next search could be
+	// made as non privileged user
+	// see https://github.com/kvspb/nginx-auth-ldap/issues/36
+	// this is quick and dirty patch
+        int rebind_msgid;
+        cred.bv_val = (char *) ctx->server->bind_dn_passwd.data;
+        cred.bv_len = ctx->server->bind_dn_passwd.len;
+        rc = ldap_sasl_bind(ctx->c->ld,(const char *) ctx->server->bind_dn.data, LDAP_SASL_SIMPLE, &cred, NULL, NULL, &rebind_msgid);
+        
        return NGX_AGAIN;
    }