[koha-commits] main Koha release repository branch master updated. v3.18.00-beta-123-g85c25c6

Git repo owner gitmaster at git.koha-community.org
Thu Nov 27 19:00:10 CET 2014 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "main Koha release repository".

The branch, master has been updated
       via  85c25c619f8684f99c80fe6cf6a5c4885e903b5a (commit)
       via  7b9082a55bc92ec447f2c43fdd3efe61a8bfc84b (commit)
       via  519149a6c795e3f98caedfbbdfc55a15af6e9062 (commit)
       via  4c1f0dcecb67ba4a5bcaaf85f1d3d766cca0771f (commit)
       via  22d3ebdb27515b2fa48c3323b006287fc4edbc3c (commit)
      from  2cb427008db70f86a1d7004a7ad9313c8d8e91f7 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 85c25c619f8684f99c80fe6cf6a5c4885e903b5a
Author: Martin Renvoize <martin.renvoize at ptfs-europe.com>
Date:   Thu Nov 27 15:31:24 2014 +0000

    Bug 9165: (Followup) Tidied code slightly
    
    Minor code tidy to clean up qa script warning.
    
    http://bugs.koha-community.org/show_bug.cgi?id=9165
    Signed-off-by: Julian Maurice <julian.maurice at biblibre.com>
    Signed-off-by: Tomas Cohen Arazi <tomascohen at gmail.com>

commit 7b9082a55bc92ec447f2c43fdd3efe61a8bfc84b
Author: Martin Renvoize <martin.renvoize at ptfs-europe.com>
Date:   Mon Nov 24 16:27:41 2014 +0000

    Bug 9165: (Followup) Clear existing sync
    
    A small enhancement to clear existing synced passowrd should this
    config option be enbled. This followup is related to bug 12831
    
    http://bugs.koha-community.org/show_bug.cgi?id=9165
    Signed-off-by: Robin Sheat <robin at catalyst.net.nz>
    Signed-off-by: Julian Maurice <julian.maurice at biblibre.com>
    Signed-off-by: Tomas Cohen Arazi <tomascohen at gmail.com>

commit 519149a6c795e3f98caedfbbdfc55a15af6e9062
Author: Robin Sheat <robin at catalyst.net.nz>
Date:   Thu Nov 29 14:25:30 2012 +1300

    Bug 9165: Prevent LDAP passwords being stored locally
    
    This adds a configuration option to LDAP that prevents it from storing
    user's passwords in the local database. This is useful when users of
    hosted Koha wish to prevent any form of offsite password storage for
    security reasons.
    
    Notes:
     * if the option is not included in the koha-conf.xml file, then the
       current default behaviour of saving the password locally is retained.
     * this has no impact on passwords that are already in the database.
       They will not be erased.
    
    To use:
     * edit the koha-conf.xml for a system that uses LDAP for
       authentication.
     * in the <ldapserver> configuration, add:
       <update_password>0</update_password>
     * feel a greater sense of security.
    
    To test:
     1) have a Koha system that authenticates using LDAP.
     2) note that when a user logs in, their password is saved (hashed) in
        the database.
     2.5) it is important to note that, for whatever reason, a user's
          password is not stored on a login where their account is created,
          only when they log in after being created. Thus perhaps log in and
          log out a couple of times to be sure.
     3) add the <update_password>0</update_password> option to the
        <ldapserver> section of koha-conf.xml.
     4) login with a new user (or erase the password from the database for
        an existing user) and note that the password field is not populated.
     5) log out and log back in just to be sure, check the password field
        again.
    
    Sponsored-By: National Institute of Water and Atmospheric Research (NIWA)
    Signed-off-by: Martin Renvoize <martin.renvoize at ptfs-europe.com>
    Signed-off-by: Julian Maurice <julian.maurice at biblibre.com>
    Signed-off-by: Tomas Cohen Arazi <tomascohen at gmail.com>

commit 4c1f0dcecb67ba4a5bcaaf85f1d3d766cca0771f
Author: Martin Renvoize <martin.renvoize at ptfs-europe.com>
Date:   Mon Nov 24 16:07:58 2014 +0000

    Bug 12831: Local Only logins with LDAP
    
    Local only logins should continue to function when LDAP is enabled.
    This was not the case after bug 8148 [LDAP Auth should FAIL when ldap
    contains a NEW password].  For this case, we need to diferentiate
    between local accounts and ldap accounts.  This is somewhat challenging
    and thus this patch is only part of the story.
    
    The other half can be achieved with bug 9165
    
    Signed-off-by: Chris Cormack <chris at bigballofwax.co.nz>
    Signed-off-by: Julian Maurice <julian.maurice at biblibre.com>
    Signed-off-by: Tomas Cohen Arazi <tomascohen at gmail.com>

commit 22d3ebdb27515b2fa48c3323b006287fc4edbc3c
Author: Tomas Cohen Arazi <tomascohen at gmail.com>
Date:   Thu Nov 27 14:41:39 2014 -0300

    Bug 12831: (RM followup) regression test
    
    checkpw_ldap should return 0 if it is not an anonymous bind, and authentication
    fails. This is better explained on the bug comments. This is just a regression
    test for the revised functionality.
    
    To test:
    - Run
      $ prove t/db_dependent/Auth_with_ldap.t
    => FAIL: it fails because C4::Auth_with_ldap doesn't match the expected behaviour
    - Apply the bugfix from Martin
    - Run
      $ prove t/db_dependent/Auth_with_ldap.t
    => SUCCESS: tests now pass.
    
    Signed-off-by: Tomas Cohen Arazi <tomascohen at gmail.com>

-----------------------------------------------------------------------

Summary of changes:
 C4/Auth_with_ldap.pm            |   51 ++++++++++++++++++++++++++++++++++++---
 t/db_dependent/Auth_with_ldap.t |   18 +++++++++++++-
 2 files changed, 65 insertions(+), 4 deletions(-)


hooks/post-receive
-- 
main Koha release repository

More information about the koha-commits mailing list