Commit Graph

4 Commits (0dea0fc82ebab1276fd671a7570f627ba3dc3113)

Author SHA1 Message Date
Clément Michaud 82d8e1d57a
[BUGFIX] Fix crash when no emails or groups are retrieved from LDAP. (#651)
* [BUGFIX] Fix crash when no emails or groups are retrieved from LDAP.

If group or email attribute configured by user in configuration is not
found in user object the list of attributes in LDAP search result is empty.
This change introduces a check before accessing the first element of the
list which previously led to out of bound access.

Fixes #647.

* [MISC] Change log level of LDAP connection creation to trace.
2020-02-27 23:21:07 +01:00
Clement Michaud 47b34b4026 Escape special LDAP characters as suggested by OWASP.
https://owasp.org/www-project-cheat-sheets/cheatsheets/LDAP_Injection_Prevention_Cheat_Sheet.html
2020-01-21 09:46:17 +11:00
Amir Zarrinkafsh fabb76754e
Rename org from clems4ever to authelia
Also fix references from config.yml to configuration.yml
2019-12-24 13:14:52 +11:00
Clement Michaud e21da43fd6 Add support for LDAP over TLS. 2019-12-06 21:33:47 +01:00