mahara-contributors team mailing list archive

[Aaron Wells <1215190@xxxxxxxxxxxxxxxxxx>]

Public bug reported:

This came up from a user asking for help on IRC. They had upgraded their
site from Mahara 1.4 to Mahara 1.5 and found that LDAP authentication
stopped working. Their LDAP "host URL" field was in this format: ldap
://fake-dc1.fake.ac.uk:3268;

In Mahara 1.4, this string would be passed in as the first and only
parameter to ldap_connect().

In Mahara 1.5, the code is "smarter" and notices the final colon before
the port number 3268. It strips this off of the URL, and passes "ldap
://fake-dc1.fake.ac.uk" as the first parameter and "3268" as the second
parameter to ldap_connect().

The problem is, if the first parameter to ldap-connect is in "URL style"
starting with a protocol ldap:// or ldaps://, ldap_connect() IGNORES the
second parameter. And so the port was stripped off, and then ignored,
and the connection didn't work.

Making matters worse, the documentation tells people to put a protocol
header on the front of their "Host URL".

** Affects: mahara
     Importance: Medium
         Status: Triaged

** Affects: mahara/1.6
     Importance: Medium
         Status: Triaged

** Affects: mahara/1.7
     Importance: Medium
         Status: Triaged

** Affects: mahara/1.8
     Importance: Medium
         Status: Triaged


** Tags: ldap

** Also affects: mahara/1.6
   Importance: Undecided
       Status: New

** Also affects: mahara/1.7
   Importance: Undecided
       Status: New

** Also affects: mahara/1.8
   Importance: Undecided
       Status: New

** Changed in: mahara/1.6
       Status: New => Triaged

** Changed in: mahara/1.7
       Status: New => Triaged

** Changed in: mahara/1.8
       Status: New => Triaged

** Changed in: mahara/1.6
   Importance: Undecided => Medium

** Changed in: mahara/1.7
   Importance: Undecided => Medium

** Changed in: mahara/1.8
   Importance: Undecided => Medium

-- 
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
Matching subscriptions: Subscription for all Mahara Contrib members
https://bugs.launchpad.net/bugs/1215190

Title:
  LDAP support for non-standard port LDAP Urls

Status in Mahara ePortfolio:
  Triaged
Status in Mahara 1.6 series:
  Triaged
Status in Mahara 1.7 series:
  Triaged
Status in Mahara 1.8 series:
  Triaged

Bug description:
  This came up from a user asking for help on IRC. They had upgraded
  their site from Mahara 1.4 to Mahara 1.5 and found that LDAP
  authentication stopped working. Their LDAP "host URL" field was in
  this format: ldap://fake-dc1.fake.ac.uk:3268;

  In Mahara 1.4, this string would be passed in as the first and only
  parameter to ldap_connect().

  In Mahara 1.5, the code is "smarter" and notices the final colon
  before the port number 3268. It strips this off of the URL, and passes
  "ldap://fake-dc1.fake.ac.uk"; as the first parameter and "3268" as the
  second parameter to ldap_connect().

  The problem is, if the first parameter to ldap-connect is in "URL
  style" starting with a protocol ldap:// or ldaps://, ldap_connect()
  IGNORES the second parameter. And so the port was stripped off, and
  then ignored, and the connection didn't work.

  Making matters worse, the documentation tells people to put a protocol
  header on the front of their "Host URL".

To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/1215190/+subscriptions