[debian-edu-commits] debian-edu/pkg-team/ 03/06: debian/patches: Add 1002_trim_decrypt.patch. Fix decryption of LDAP master password (which previously got encrypted with gosa-encrypt-password). (Closes: #748065).

[Mike Gabriel]

This is an automated email from the git hooks/post-receive script.

sunweaver pushed a commit to branch master
in repository gosa.

commit 85717540d2c18d5dfe5c70e41133a63f6e0d6904
Author: Mike Gabriel <mike.gabriel at das-netzwerkteam.de>
Date:   Tue Jul 1 14:04:49 2014 +0200

    debian/patches: Add 1002_trim_decrypt.patch. Fix decryption of LDAP master password (which previously got encrypted with gosa-encrypt-password). (Closes: #748065).
---
 debian/patches/1002_trim-decrypt.patch | 29 +++++++++++++++++++++++++++++
 debian/patches/series                  |  1 +
 2 files changed, 30 insertions(+)

diff --git a/debian/patches/1002_trim-decrypt.patch b/debian/patches/1002_trim-decrypt.patch
new file mode 100644
index 0000000..22ed4dc
--- /dev/null
+++ b/debian/patches/1002_trim-decrypt.patch
@@ -0,0 +1,29 @@
+Author: Andreas B. Mundt <andi.mundt at web.de>
+Description: Decryption of LDAP password fails (encrypted with gosa-encrypt-passwords)
+Abstract:
+ The decryption of the LDAP password (which has been encrypted by
+ gosa-encrypt-passwords) seems to fail.
+ .
+ When trying to login at the GOsa web interface, an error regarding the
+ LDAP connection happens ('Error while connecting to LDAP: Could not
+ bind to ... ').
+ .
+ After copying gosa.conf.orig to gosa.conf (with read permissions for
+ group www-data), things work again as expected.
+ .
+ So the decryption of the LDAP password which has been encrypted by
+ running gosa-encrypt-passwords does not seem to work.
+
+Index: gosa-2.7.4+reloaded1/gosa-core/include/functions.inc
+===================================================================
+--- gosa-2.7.4+reloaded1.orig/gosa-core/include/functions.inc
++++ gosa-2.7.4+reloaded1/gosa-core/include/functions.inc
+@@ -3334,7 +3334,7 @@ function cred_decrypt($input,$password)
+   $size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
+   $iv = mcrypt_create_iv($size, MCRYPT_DEV_RANDOM);
+ 
+-  return mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $password, pack("H*", $input), MCRYPT_MODE_ECB, $iv);
++  return trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $password, pack("H*", $input), MCRYPT_MODE_ECB, $iv));
+ }
+ 
+ 
diff --git a/debian/patches/series b/debian/patches/series
index cdeb927..ae9907f 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,6 +1,7 @@
 0001_smarty3.patch
 0002_style-robustness.patch
 1001_fix-mass-ldapimport.patch
+1002_trim-decrypt.patch
 2001_fix-smarty-location.patch
 2002_fix-template-location.patch
 2003_fix-class-mapping.patch

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/debian-edu/pkg-team/gosa.git