/usr/share/perl5/Lemonldap/NG/Portal/PasswordDBLDAP.pm is in liblemonldap-ng-portal-perl 1.9.16-2.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 | ##@file
# LDAP password backend file
##@class
# LDAP password backend class
package Lemonldap::NG::Portal::PasswordDBLDAP;
use strict;
use Lemonldap::NG::Portal::Simple;
use Lemonldap::NG::Portal::_LDAP 'ldap'; #link protected ldap
use Lemonldap::NG::Portal::UserDBLDAP; #inherits
#inherits Lemonldap::NG::Portal::_SMTP
our $VERSION = '1.9.1';
*_formateFilter = *Lemonldap::NG::Portal::UserDBLDAP::formateFilter;
*_search = *Lemonldap::NG::Portal::UserDBLDAP::search;
## @apmethod int passwordDBInit()
# Load SMTP functions
# @return Lemonldap::NG::Portal constant
sub passwordDBInit {
my $self = shift;
eval { use base qw(Lemonldap::NG::Portal::_SMTP) };
if ($@) {
$self->lmLog( "Unable to load SMTP functions ($@)", 'error' );
return PE_ERROR;
}
PE_OK;
}
## @apmethod int modifyPassword()
# Modify the password by LDAP mechanism.
# @return Lemonldap::NG::Portal constant
sub modifyPassword {
my $self = shift;
# Exit method if no password change requested
return PE_OK unless ( $self->{newpassword} );
unless ( $self->ldap ) {
return PE_LDAPCONNECTFAILED;
}
# Set the dn unless done before
unless ( $self->{dn} ) {
my $tmp = $self->_subProcess(qw(_formateFilter _search));
return $tmp if ($tmp);
}
$self->lmLog( "Modify password request for " . $self->{dn}, 'debug' );
# Call the modify password method
my $code = $self->ldap->userModifyPassword(
$self->{dn}, $self->{newpassword},
$self->{confirmpassword}, $self->{oldpassword}
);
unless ( $code == PE_PASSWORD_OK ) {
$self->ldap->unbind;
$self->{flags}->{ldapActive} = 0;
return $code;
}
# If password policy and force reset, set reset flag
if ( $self->{ldapPpolicyControl}
and $self->{forceReset}
and $self->{ldapUsePasswordResetAttribute} )
{
my $result = $self->ldap->modify(
$self->{dn},
replace => {
$self->{ldapPasswordResetAttribute} =>
$self->{ldapPasswordResetAttributeValue}
}
);
unless ( $result->code == 0 ) {
$self->lmLog(
"LDAP modify "
. $self->{ldapPasswordResetAttribute}
. " error: "
. $result->code,
'error'
);
$self->ldap->unbind;
$self->{flags}->{ldapActive} = 0;
return PE_LDAPERROR;
}
$self->lmLog(
$self->{ldapPasswordResetAttribute}
. " set to "
. $self->{ldapPasswordResetAttributeValue},
'debug'
);
}
return $code;
}
## @apmethod int passwordDBFinish()
# Unbind.
# @return Lemonldap::NG::Portal constant
sub passwordDBFinish {
my $self = shift;
if ( ref( $self->{ldap} ) && $self->{flags}->{ldapActive} ) {
$self->ldap->unbind();
$self->{flags}->{ldapActive} = 0;
}
PE_OK;
}
1;
|