mainnika/nginx-auth-ldap
1
0
Fork 0
mirror of https://github.com/mainnika/nginx-auth-ldap.git synced 2026-05-22 15:53:39 +00:00
Code Issues Packages Projects Releases Wiki Activity
103 Commits 1 Branch 1 Tag
2e3e8a9e147a0446b5097976695fa6cc5cb6f172
Commit Graph

103 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Victor Hahn 2e3e8a9e14 Verify certificate CN/SAN 2016-02-05 17:18:01 +01:00
Victor Hahn acb13cffaf Amend documentation 2015-09-29 13:01:19 +02:00
Victor Hahn 6389f806d5 Expose SSL certificate verification as config option 2015-09-29 12:41:20 +02:00
Victor Hahn 65522703ae Verify remote SSL certificate 2015-09-29 02:19:00 +02:00
Victor Hahn Castell 7802d53f0a Fix typo 2015-09-28 18:39:02 +02:00
Valery Komarov be8ff8eecb Merge pull request #85 from denji/debug 
Added some debug
 2015-06-03 09:31:29 +03:00
Jakub Podeszwik e5ec574249 Added some debug 2015-06-03 04:09:47 +03:00
Valery Komarov 928856aa95 Merge pull request #81 from MarkusMattinen/master 
avoid crashes comparing groups
 2015-05-21 15:52:54 +03:00
Valery Komarov b3f6b86583 Merge pull request #83 from jbq/issue_80 
Fix #80 LDAP connection failures are silently swallowed
 2015-05-21 15:50:02 +03:00
Jean-Baptiste Quenot bd58ee3c75 Fix #80 LDAP connection failures are silently swallowed 2015-05-20 17:48:55 +02:00
Donald Huang febe91256f avoid crashes comparing groups 2015-05-14 10:42:08 +03:00
Valery Komarov 0d6ba9a12e Merge pull request #79 from sonnius/master 
Compile cleanly on FreeBSD
 2015-04-30 13:31:09 +03:00
sonnius dab16a5f62 Compile cleanly on FreeBSD 
Compile cleanly on FreeBSD

FreeBSD 10.1 (tested version) needs the lber during linking.
 2015-04-30 15:23:48 +12:00
Valery Komarov a8b5948e0e Merge pull request #75 from cryptogopher/master 
Checking if ldap_server is defined before auth_ldap_servers.
 2015-03-01 09:51:47 +03:00
cryptogopher 91f951ecd9 Checking if ldap_server is defined before auth_ldap_servers. Getting segfault without this check. 2015-02-28 14:33:10 +01:00
Valery b365771d2a Merge pull request #65 from pweiskircher/master 
Authentication timeout and segmentation fault fix on multiple, concurrent requests being processed at the same time
 2015-01-19 18:07:01 +03:00
Valery 7de94294e6 Merge pull request #66 from amoiseiev/master 
Treating LDAP_NO_SUCH_OBJECT as soft error, updating example.conf
 2015-01-19 17:46:57 +03:00
Valery 8d95546cf2 Merge pull request #68 from lucamilanesio/ldap-configurable-connection-timeout 
Configurable timeouts on a per-LDAP server basis
 2015-01-19 17:45:49 +03:00
Luca Milanesio 8e92526458 Configurable timeouts on a per-LDAP basis 
Enable configure timeouts for LDAP connections and queries
on ldap_server section.

Example config:

ldap_server myldap {
    url ldap://myldap.org/CN=users,CN=accounts,DC=myorg?uid?sub?(objectClass=person);
    connections 10;
    connect_timeout 30s;
    reconnect_timeout 5s;
    bind_timeout 15s;
    request_timeout 20s;
    require valid_user;
}

When timeout settings are not defined, the previous hardcoded values are used as
default : 5s (bind), 10s (connect, reconnect, request).
 2015-01-14 12:51:52 +00:00
Andrii Moiseiev 4b7f989831 replacing tabs with spaces to fix example.conf formating 2015-01-12 14:10:42 -05:00
Andrii Moiseiev c8a1b733c3 replacing tabs with spaces to fix example.conf formating 2015-01-12 14:07:10 -05:00
Andrii Moiseiev a54a7b8971 replacing tabs with spaces to fix example.conf formating 2015-01-12 14:05:37 -05:00
Andrii Moiseiev d1dbca7d0d fixing auth failure issue when CN of user or group doesn't exist 2015-01-12 14:02:44 -05:00
Patrik Weiskircher 95d64f0797 don't return the connection after every LDAP reply. 
This makes the connection more sticky to one request and prevents auth timeouts and lost requests.
 2014-12-23 10:46:20 -05:00
Patrik Weiskircher a471062903 remove quick and dirty hack to rebind to the search user. it has been implemented correctly already. 2014-12-23 10:45:04 -05:00
Patrik Weiskircher 20f279f0f9 Fix requests that were waiting on a LDAP connection getting lost and timing out after 10 seconds. 2014-12-22 12:52:28 -05:00
Valery cc76ecbd33 Merge pull request #58 from nyoxi/master 
Fix: Passed incorrect pointer to SSL handshake handler.
 2014-09-19 21:43:08 +04:00
Tomáš Golembiovský fae9e215c6 Passed incorrect pointer to SSL handshake handler. 2014-09-18 14:16:58 +02:00
Valery 7aa2414c76 Merge pull request #45 from nyoxi/master 
Removed recursion during ssl handshake (should fix #34)
 2014-09-17 21:48:37 +04:00
Valery 8a2e128ba7 Merge pull request #54 from huangsam/patch-1 
config: Fix compilation for Linux
 2014-09-17 21:47:46 +04:00
Samuel Huang eaae4dac6f config: Fix compilation for Linux 
Attempt to resolve https://github.com/kvspb/nginx-auth-ldap/issues/23
 2014-09-08 23:55:23 -07:00
Valery 8f2b5f86f4 Merge pull request #39 from pmenglund/readme 
updated README
 2014-06-09 15:15:45 +04:00
Valery a8a5cd233e Merge pull request #41 from davidjb/master 
Fix authentication for user/group validations - passwords fail to be checked
 2014-06-09 15:13:52 +04:00
Valery 687b0a5af0 Merge pull request #37 from prune998/patch-1 
Update ngx_http_auth_ldap_module.c
 2014-06-09 15:12:55 +04:00
Tomáš Golembiovský 930918b6c9 Fixed compilation without SSL (fixes #22) 2014-05-15 19:56:27 +02:00
Tomáš Golembiovský 5d82c4a6e5 Removed recursion during ssl handshake (should fix #34) 2014-05-15 19:22:26 +02:00
David Beitey 0cc183bedd Fix authentication for user/group validations 
This fixes issue #40.  User passwords should *always* be checked during authentication (except when a user fails to satisfy given requirements).  Previously, the PHASE_CHECK_BIND step of authentication would not check passwords in any LDAP configuration where ``require valid_user`` was not specified (eg using ``require user`` or ``require group``).
 2014-03-19 15:44:20 +10:00
Martin Englund c0a1383220 updated README 2014-03-05 11:04:08 -08:00
Prune 97a992b700 Update ngx_http_auth_ldap_module.c 
added a rebind as privileged user in the same function as the user bind to reset the connextion to a usable state
 2014-02-27 10:18:54 -05:00
Valery 93cd9f094a Merge pull request #31 from nyoxi/master 
Several unrelated fixes
 2014-02-10 06:54:39 +03:00
Tomáš Golembiovský f344b0164d Fixed event handling when SSL is used with something else then epoll 2014-01-28 17:38:49 +01:00
Tomáš Golembiovský 4530170886 Fixed compilation on Solaris 2014-01-28 17:38:49 +01:00
Tomáš Golembiovský 27bc70be13 Fixing authentization process 2014-01-17 14:43:03 +01:00
Tomáš Golembiovský eac8408c82 Allow include directive in ldap block 2014-01-16 18:25:42 +01:00
Valery bb74441c52 Merge pull request #24 from rdnelson/master 
Fixed #21 by rebinding to server's binddn after each bind.
 2013-10-23 00:15:55 -07:00
Valery 5909f47d89 Merge pull request #18 from nyoxi/master 
bugfix: User gets authenticated when satisfy is 'any' and no group matches.
 2013-10-23 00:12:43 -07:00
Robert Nelson 7248c9e257 Fixed #21 by rebinding to server's binddn after each bind. 2013-10-18 15:13:55 -04:00
Tomáš Golembiovský 59ef5fd1df bugfix: User gets authenticated when satisfy is 'any' and no group 
matches.
 2013-09-09 18:50:07 +02:00
Valery ee45bc4898 Merge pull request #17 from yirkha/master 
A few more fixes and SSL support
 2013-09-04 22:36:17 -07:00
Jiri Hruska f4d1da9bb7 Add support for ldaps:// SSL connections 2013-09-04 17:44:06 +02:00