[ZendTo] LDAP authentication broken after 6.05-2 upgrade

Etienne Vogt Etienne.Vogt at obspm.fr
Mon Aug 31 18:19:04 BST 2020 

On Mon, 31 Aug 2020, Jules wrote:

> Just release 6.05-3 including this fix.

It seems there's also a missing argument on the call to validUsername()
on line 264 (this time, it's already logged in users who get a blank
page) :

[Mon Aug 31 19:08:12.540959 2020] [php7:error] [pid 1894] [client 
145.238.184.196:33830] PHP Fatal error:  Uncaught ArgumentCountError: Too 
few arguments to function NSSAuthenticator::validUsername(), 2 passed in 
/opt/zendto/lib/NSSLDAPAuthenticator.php on line 264 and exactly 3 
expected in /opt/zendto/lib/NSSAuthenticator.php:124\nStack trace:\n#0 
/opt/zendto/lib/NSSLDAPAuthenticator.php(264): 
NSSAuthenticator->validUsername('vogt', Array)\n#1 
/opt/zendto/lib/NSSMultiAuthenticator.php(130): 
NSSLDAPAuthenticator->validUsername('vogt', Array, '')\n#2 
/opt/zendto/lib/NSSDropbox.php(2221): 
NSSMultiAuthenticator->validUsername('vogt', Array, '')\n#3 
/opt/zendto/lib/NSSDropbox.php(635): NSSDropbox->userFromCookie()\n#4 
/opt/zendto/www/index.php(35): NSSDropbox->__construct(Array)\n#5 {main}\n 
thrown in /opt/zendto/lib/NSSAuthenticator.php on line 124

So here's another fix :

--- /opt/zendto/lib/NSSLDAPAuthenticator.php~	2020-08-31 18:45:11.319698698 +0200
+++ /opt/zendto/lib/NSSLDAPAuthenticator.php	2020-08-31 19:10:59.681265140 +0200
@@ -261,7 +261,7 @@

            //  Chain to the super class for any further properties to be added
            //  to the $response array:
-          parent::validUsername($uname,$response);
+          parent::validUsername($uname,$response,$errormsg);
          }
        }
      } else {


Also, the previous patch to authenticate() gives a PHP warning in the logs :

[Mon Aug 31 19:11:04.883020 2020] [php7:warn] [pid 31231] [client 
145.238.184.196:33866] PHP Warning:  Declaration of 
NSSMultiAuthenticator::authenticate(&$uname, $password, &$response, 
$errormsg) should be compatible with 
NSSAuthenticator::authenticate(&$uname, $password, &$response, 
&$errormessage) in /opt/zendto/lib/NSSMultiAuthenticator.php on line 0

-- 
 		Etienne Vogt (Etienne.Vogt at obspm.fr)
 		Observatoire de Paris-Meudon
 		Service Informatique

More information about the ZendTo mailing list