Mirrors/sysPass
2
0
Fork 0
mirror of https://github.com/nuxsmin/sysPass.git synced 2026-03-03 07:04:07 +01:00
Code Issues Packages Projects Releases Wiki Activity

* [MOD] Enforce LDAP schema in ldap_connect function. Skip ldap_connect signature using port because it's deprecated

Browse Source 
* [ADD] LDAP params tests

Signed-off-by: Rubén D <nuxsmin@syspass.org>
This commit is contained in:
Rubén D
2020-03-07 17:49:15 +01:00
parent 749a45fd0a
commit f3e01eee9d
4 changed files with 1027 additions and 371 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
composer.json
View File

@@ -47,7 +47,8 @@
"fabpot/goutte": "~v3.2",
"syspass/extension-installer-plugin": "dev-master",
"syspass/plugin-authenticator": "^2.1-dev",
"nikic/php-parser": " ~v4.1"
"nikic/php-parser": "~v4.1",
"php-mock/php-mock-phpunit": "~2.6"
},
"suggest": {
"syspass/plugin-authenticator": "^2.1",

1218
composer.lock generated
View File

File diff suppressed because it is too large Load Diff

27
lib/SP/Providers/Auth/Ldap/LdapConnection.php
View File

@@ -136,7 +136,7 @@ final class LdapConnection implements LdapConnectionInterface
@ldap_set_option(NULL, LDAP_OPT_DEBUG_LEVEL, 7);
}
$this->ldapHandler = @ldap_connect($this->getServer(), $this->ldapParams->getPort());
$this->ldapHandler = @ldap_connect($this->getServerUri());
// Conexión al servidor LDAP
if (!is_resource($this->ldapHandler)) {
@@ -165,9 +165,9 @@ final class LdapConnection implements LdapConnectionInterface
*/
public function checkParams()
{
if (!$this->ldapParams->getSearchBase()
|| !$this->getServer()
|| !$this->ldapParams->getBindDn()
if (empty($this->ldapParams->getSearchBase())
|| empty($this->getServer())
|| empty($this->ldapParams->getBindDn())
) {
$this->eventDispatcher->notifyEvent('ldap.check.params',
new Event($this, EventMessage::factory()
@@ -197,6 +197,25 @@ final class LdapConnection implements LdapConnectionInterface
return $this;
}
/**
* @inheritDoc
*/
public function getServerUri(): string
{
$server = $this->getServer();
$port = $this->ldapParams->getPort();
if (strpos($server, '://') !== false) {
return $server . ':' . $port;
} elseif ($port === 389 || $port === null) {
return 'ldap://' . $server;
} elseif ($port === 636) {
return 'ldaps://' . $server;
}
return 'ldap://' . $server . ':' . $port;
}
/**
* Connect through TLS
*

150
tests/SP/Providers/Auth/Ldap/LdapConnectionTest.php Normal file
View File

@@ -0,0 +1,150 @@
<?php
/**
* sysPass
*
* @author nuxsmin
* @link https://syspass.org
* @copyright 2012-2020, Rubén Domínguez nuxsmin@$syspass.org
*
* This file is part of sysPass.
*
* sysPass is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* sysPass is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*/
namespace SP\Tests\Providers\Auth\Ldap;
use PHPUnit\Framework\TestCase;
use SP\Core\Events\EventDispatcher;
use SP\Providers\Auth\Ldap\LdapConnection;
use SP\Providers\Auth\Ldap\LdapException;
use SP\Providers\Auth\Ldap\LdapParams;
use SP\Providers\Auth\Ldap\LdapTypeInterface;
/**
* Class LdapConnectionTest
*
* @package SP\Tests\Providers\Auth\Ldap
*/
class LdapConnectionTest extends TestCase
{
/**
* @throws LdapException
*/
public function testCheckParams()
{
$ldapConnection = $this->getLdapConnection();
$ldapConnection->checkParams();
$this->assertTrue(true);
}
/**
* @param LdapParams|null $params
*
* @return LdapConnection
*/
public function getLdapConnection(LdapParams $params = null)
{
$ev = new EventDispatcher();
if ($params === null) {
$params = new LdapParams();
$params->setServer('test.example.com');
$params->setPort(10389);
$params->setBindDn('cn=test,dc=example,dc=com');
$params->setBindPass('testpass');
$params->setGroup('cn=Test Group,ou=Groups,dc=example,dc=con');
$params->setSearchBase('dc=example,dc=com');
$params->setTlsEnabled(true);
$params->setType(LdapTypeInterface::LDAP_STD);
}
return new LdapConnection($params, $ev);
}
/**
* @throws LdapException
*/
public function testCheckParamsNoSearchBase()
{
$ldapConnection = $this->getLdapConnection();
$params = $ldapConnection->getLdapParams();
$params->setSearchBase('');
$this->expectException(LdapException::class);
$ldapConnection->checkParams();
}
/**
* @throws LdapException
*/
public function testCheckParamsNoServer()
{
$ldapConnection = $this->getLdapConnection();
$params = $ldapConnection->getLdapParams();
$params->setServer('');
$this->expectException(LdapException::class);
$ldapConnection->checkParams();
}
/**
* @throws LdapException
*/
public function testCheckParamsNoBindDn()
{
$ldapConnection = $this->getLdapConnection();
$params = $ldapConnection->getLdapParams();
$params->setBindDn('');
$this->expectException(LdapException::class);
$ldapConnection->checkParams();
}
public function testGetServerUri()
{
$ldapConnection = $this->getLdapConnection();
$this->assertEquals('ldap://test.example.com:10389', $ldapConnection->getServerUri());
}
public function testGetServerUriNoSchema()
{
$ldapConnection = $this->getLdapConnection();
$params = $ldapConnection->getLdapParams();
$params->setServer('test.example.com');
$params->setPort(389);
$this->assertEquals('ldap://test.example.com', $ldapConnection->getServerUri());
$params->setPort(10389);
$this->assertEquals('ldap://test.example.com:10389', $ldapConnection->getServerUri());
}
public function testGetServerUriLdaps()
{
$ldapConnection = $this->getLdapConnection();
$params = $ldapConnection->getLdapParams();
$params->setServer('ldaps://test.example.com');
$params->setPort(10636);
$this->assertEquals('ldaps://test.example.com:10636', $ldapConnection->getServerUri());
}
}