fix(ldap): fix license date and some minor problems

2023-08-04 10:44:25 +08:00 · 2023-08-04 10:44:25 +08:00 · 7055eafb91
parent 1b0b15786c
commit 7055eafb91
10 changed files with 18 additions and 19 deletions
--- a/apps/emqx/src/emqx_passwd.erl
+++ b/apps/emqx/src/emqx_passwd.erl
@ -19,7 +19,8 @@
 -export([
    hash/2,
    hash_data/2,
-    check_pass/3
+    check_pass/3,
    compare_secure/2
 ]).
 -export_type([
--- a/apps/emqx_authn/src/emqx_authn_enterprise.erl
+++ b/apps/emqx_authn/src/emqx_authn_enterprise.erl
@ -1,5 +1,5 @@
 %%--------------------------------------------------------------------
-%% Copyright (c) 2022-2023 EMQ Technologies Co., Ltd. All Rights Reserved.
+%% Copyright (c) 2023 EMQ Technologies Co., Ltd. All Rights Reserved.
 %%--------------------------------------------------------------------
 -module(emqx_authn_enterprise).
--- a/apps/emqx_ldap/src/emqx_ldap_authn.erl
+++ b/apps/emqx_ldap/src/emqx_ldap_authn.erl
@ -1,5 +1,5 @@
 %%--------------------------------------------------------------------
-%% Copyright (c) 2022-2023 EMQ Technologies Co., Ltd. All Rights Reserved.
+%% Copyright (c) 2023 EMQ Technologies Co., Ltd. All Rights Reserved.
 %%--------------------------------------------------------------------
 -module(emqx_ldap_authn).
@ -47,7 +47,7 @@ tags() ->
 %% used for config check when the schema module is resolved
 roots() ->
-    [{?CONF_NS, hoconsc:mk(hoconsc:ref(?MODULE, mysql))}].
+    [{?CONF_NS, hoconsc:mk(hoconsc:ref(?MODULE, ldap))}].
 fields(ldap) ->
    [
@ -73,7 +73,7 @@ is_superuser_attribute(desc) -> ?DESC(?FUNCTION_NAME);
 is_superuser_attribute(default) -> <<"isSuperuser">>;
 is_superuser_attribute(_) -> undefined.
-query_timeout(type) -> emqx_schema:duration_ms();
+query_timeout(type) -> emqx_schema:timeout_duration_ms();
 query_timeout(desc) -> ?DESC(?FUNCTION_NAME);
 query_timeout(default) -> <<"5s">>;
 query_timeout(_) -> undefined.
@ -173,7 +173,7 @@ ensure_password(
        undefined ->
            {error, no_password};
        [LDAPPassword | _] ->
-            extract_hash_algorithm(LDAPPassword, Password, fun try_decode_passowrd/4, Entry, State)
+            extract_hash_algorithm(LDAPPassword, Password, fun try_decode_password/4, Entry, State)
    end.
 %% RFC 2307 format password
@ -207,7 +207,7 @@ is_valid_algorithm(HashType, PasswordHash, Password, Entry, State) ->
    end.
 %% this password is in LDIF format which is base64 encoding
-try_decode_passowrd(LDAPPassword, Password, Entry, State) ->
+try_decode_password(LDAPPassword, Password, Entry, State) ->
    case safe_base64_decode(LDAPPassword) of
        {ok, Decode} ->
            extract_hash_algorithm(
@ -279,9 +279,7 @@ hash_password(Algorithm, Salt, suffix, Password) ->
 hash_password(Algorithm, Data) ->
    crypto:hash(Algorithm, Data).
-compare_password(hash, PasswordHash, PasswordHash) ->
+compare_password(hash, LDAPPasswordHash, PasswordHash) ->
-    true;
+    emqx_passwd:compare_secure(LDAPPasswordHash, PasswordHash);
 compare_password(base64, Base64HashData, PasswordHash) ->
-    Base64HashData =:= base64:encode(PasswordHash);
+    emqx_passwd:compare_secure(Base64HashData, base64:encode(PasswordHash)).
 compare_password(_, _, _) ->
    false.
--- a/apps/emqx_ldap/src/emqx_ldap_filter_lexer.xrl
+++ b/apps/emqx_ldap/src/emqx_ldap_filter_lexer.xrl
@ -27,5 +27,5 @@ dn : {token, {dn, TokenLine}}.
 Erlang code.
 %%--------------------------------------------------------------------
-%% Copyright (c) 2022-2023 EMQ Technologies Co., Ltd. All Rights Reserved.
+%% Copyright (c) 2023 EMQ Technologies Co., Ltd. All Rights Reserved.
 %%--------------------------------------------------------------------
--- a/apps/emqx_ldap/src/emqx_ldap_filter_parser.yrl
+++ b/apps/emqx_ldap/src/emqx_ldap_filter_parser.yrl
@ -1,5 +1,5 @@
 Header "%%--------------------------------------------------------------------
-%% Copyright (c) 2022-2023 EMQ Technologies Co., Ltd. All Rights Reserved.
+%% Copyright (c) 2023 EMQ Technologies Co., Ltd. All Rights Reserved.
 %%--------------------------------------------------------------------".
 Nonterminals
--- a/apps/emqx_ldap/test/emqx_ldap_SUITE.erl
+++ b/apps/emqx_ldap/test/emqx_ldap_SUITE.erl
@ -1,5 +1,5 @@
 %%--------------------------------------------------------------------
-%% Copyright (c) 2022-2023 EMQ Technologies Co., Ltd. All Rights Reserved.
+%% Copyright (c) 2023 EMQ Technologies Co., Ltd. All Rights Reserved.
 %%--------------------------------------------------------------------
 -module(emqx_ldap_SUITE).
--- a/apps/emqx_ldap/test/emqx_ldap_authn_SUITE.erl
+++ b/apps/emqx_ldap/test/emqx_ldap_authn_SUITE.erl
@ -1,5 +1,5 @@
 %%--------------------------------------------------------------------
-%% Copyright (c) 2022-2023 EMQ Technologies Co., Ltd. All Rights Reserved.
+%% Copyright (c) 2023 EMQ Technologies Co., Ltd. All Rights Reserved.
 %%--------------------------------------------------------------------
 -module(emqx_ldap_authn_SUITE).
--- a/apps/emqx_ldap/test/emqx_ldap_filter_SUITE.erl
+++ b/apps/emqx_ldap/test/emqx_ldap_filter_SUITE.erl
@ -1,5 +1,5 @@
 %%--------------------------------------------------------------------
-%% Copyright (c) 2022-2023 EMQ Technologies Co., Ltd. All Rights Reserved.
+%% Copyright (c) 2023 EMQ Technologies Co., Ltd. All Rights Reserved.
 %%--------------------------------------------------------------------
 -module(emqx_ldap_filter_SUITE).
--- a/changes/ee/feat-11386.en.md
+++ b/changes/ee/feat-11386.en.md
@ -1 +1 @@
-Integrated the LDAP as a new authenticator.
+Integrated LDAP as a new authenticator.
--- a/rel/i18n/emqx_ldap_authn.hocon
+++ b/rel/i18n/emqx_ldap_authn.hocon
@ -10,7 +10,7 @@ password_attribute.label:
 """Password Attribute"""
 is_superuser_attribute.desc:
-"""Indicates which attribute is used to represent whether the user is a super user."""
+"""Indicates which attribute is used to represent whether the user is a superuser."""
 is_superuser_attribute.label:
 """IsSuperuser Attribute"""
`@ -1 +1 @@`
	`Integrated the LDAP as a new authenticator.`	`Integrated LDAP as a new authenticator.`