[koha-commits] main Koha release repository branch master updated. v3.18.00-beta-123-g85c25c6
Git repo owner
gitmaster at git.koha-community.org
Thu Nov 27 19:00:10 CET 2014
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "main Koha release repository".
The branch, master has been updated
via 85c25c619f8684f99c80fe6cf6a5c4885e903b5a (commit)
via 7b9082a55bc92ec447f2c43fdd3efe61a8bfc84b (commit)
via 519149a6c795e3f98caedfbbdfc55a15af6e9062 (commit)
via 4c1f0dcecb67ba4a5bcaaf85f1d3d766cca0771f (commit)
via 22d3ebdb27515b2fa48c3323b006287fc4edbc3c (commit)
from 2cb427008db70f86a1d7004a7ad9313c8d8e91f7 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 85c25c619f8684f99c80fe6cf6a5c4885e903b5a
Author: Martin Renvoize <martin.renvoize at ptfs-europe.com>
Date: Thu Nov 27 15:31:24 2014 +0000
Bug 9165: (Followup) Tidied code slightly
Minor code tidy to clean up qa script warning.
http://bugs.koha-community.org/show_bug.cgi?id=9165
Signed-off-by: Julian Maurice <julian.maurice at biblibre.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen at gmail.com>
commit 7b9082a55bc92ec447f2c43fdd3efe61a8bfc84b
Author: Martin Renvoize <martin.renvoize at ptfs-europe.com>
Date: Mon Nov 24 16:27:41 2014 +0000
Bug 9165: (Followup) Clear existing sync
A small enhancement to clear existing synced passowrd should this
config option be enbled. This followup is related to bug 12831
http://bugs.koha-community.org/show_bug.cgi?id=9165
Signed-off-by: Robin Sheat <robin at catalyst.net.nz>
Signed-off-by: Julian Maurice <julian.maurice at biblibre.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen at gmail.com>
commit 519149a6c795e3f98caedfbbdfc55a15af6e9062
Author: Robin Sheat <robin at catalyst.net.nz>
Date: Thu Nov 29 14:25:30 2012 +1300
Bug 9165: Prevent LDAP passwords being stored locally
This adds a configuration option to LDAP that prevents it from storing
user's passwords in the local database. This is useful when users of
hosted Koha wish to prevent any form of offsite password storage for
security reasons.
Notes:
* if the option is not included in the koha-conf.xml file, then the
current default behaviour of saving the password locally is retained.
* this has no impact on passwords that are already in the database.
They will not be erased.
To use:
* edit the koha-conf.xml for a system that uses LDAP for
authentication.
* in the <ldapserver> configuration, add:
<update_password>0</update_password>
* feel a greater sense of security.
To test:
1) have a Koha system that authenticates using LDAP.
2) note that when a user logs in, their password is saved (hashed) in
the database.
2.5) it is important to note that, for whatever reason, a user's
password is not stored on a login where their account is created,
only when they log in after being created. Thus perhaps log in and
log out a couple of times to be sure.
3) add the <update_password>0</update_password> option to the
<ldapserver> section of koha-conf.xml.
4) login with a new user (or erase the password from the database for
an existing user) and note that the password field is not populated.
5) log out and log back in just to be sure, check the password field
again.
Sponsored-By: National Institute of Water and Atmospheric Research (NIWA)
Signed-off-by: Martin Renvoize <martin.renvoize at ptfs-europe.com>
Signed-off-by: Julian Maurice <julian.maurice at biblibre.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen at gmail.com>
commit 4c1f0dcecb67ba4a5bcaaf85f1d3d766cca0771f
Author: Martin Renvoize <martin.renvoize at ptfs-europe.com>
Date: Mon Nov 24 16:07:58 2014 +0000
Bug 12831: Local Only logins with LDAP
Local only logins should continue to function when LDAP is enabled.
This was not the case after bug 8148 [LDAP Auth should FAIL when ldap
contains a NEW password]. For this case, we need to diferentiate
between local accounts and ldap accounts. This is somewhat challenging
and thus this patch is only part of the story.
The other half can be achieved with bug 9165
Signed-off-by: Chris Cormack <chris at bigballofwax.co.nz>
Signed-off-by: Julian Maurice <julian.maurice at biblibre.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen at gmail.com>
commit 22d3ebdb27515b2fa48c3323b006287fc4edbc3c
Author: Tomas Cohen Arazi <tomascohen at gmail.com>
Date: Thu Nov 27 14:41:39 2014 -0300
Bug 12831: (RM followup) regression test
checkpw_ldap should return 0 if it is not an anonymous bind, and authentication
fails. This is better explained on the bug comments. This is just a regression
test for the revised functionality.
To test:
- Run
$ prove t/db_dependent/Auth_with_ldap.t
=> FAIL: it fails because C4::Auth_with_ldap doesn't match the expected behaviour
- Apply the bugfix from Martin
- Run
$ prove t/db_dependent/Auth_with_ldap.t
=> SUCCESS: tests now pass.
Signed-off-by: Tomas Cohen Arazi <tomascohen at gmail.com>
-----------------------------------------------------------------------
Summary of changes:
C4/Auth_with_ldap.pm | 51 ++++++++++++++++++++++++++++++++++++---
t/db_dependent/Auth_with_ldap.t | 18 +++++++++++++-
2 files changed, 65 insertions(+), 4 deletions(-)
hooks/post-receive
--
main Koha release repository
More information about the koha-commits
mailing list