auth/ldap: allow placeholder %s for BindDN (#2526)

author: Unknwon <u@gogs.io> 2017-11-16 19:32:33 -0500
committer: Unknwon <u@gogs.io> 2017-11-16 19:32:33 -0500
commit: 6f04ee879ca25fd798f85a4c701291adae561a1a (patch)
tree: cc8d06d0fe6022146f9717f647574aff34dcd65c /pkg/auth/ldap
parent: e1e76d3f8823606ae48635e19d4e58cc3bdf163f (diff)
1 files changed, 6 insertions, 4 deletions
diff --git a/pkg/auth/ldap/ldap.go b/pkg/auth/ldap/ldap.go
index 4e0a4665..63b2bc39 100644
--- a/pkg/auth/ldap/ldap.go
+++ b/pkg/auth/ldap/ldap.go
@@ -96,13 +96,15 @@ func (ls *Source) sanitizedGroupDN(groupDn string) (string, bool) {
 
 func (ls *Source) findUserDN(l *ldap.Conn, name string) (string, bool) {
 	log.Trace("Search for LDAP user: %s", name)
-	if ls.BindDN != "" && ls.BindPassword != "" {
-		err := l.Bind(ls.BindDN, ls.BindPassword)
+	if len(ls.BindDN) > 0 && len(ls.BindPassword) > 0 {
+		// Replace placeholders with username
+		bindDN := strings.Replace(ls.BindDN, "%s", name, -1)
+		err := l.Bind(bindDN, ls.BindPassword)
 		if err != nil {
-			log.Trace("LDAP: Failed to bind as BindDN '%s': %v", ls.BindDN, err)
+			log.Trace("LDAP: Failed to bind as BindDN '%s': %v", bindDN, err)
 			return "", false
 		}
-		log.Trace("LDAP: Bound as BindDN: %s", ls.BindDN)
+		log.Trace("LDAP: Bound as BindDN: %s", bindDN)
 	} else {
 		log.Trace("LDAP: Proceeding with anonymous LDAP search")
 	}
author	Unknwon <u@gogs.io>	2017-11-16 19:32:33 -0500
committer	Unknwon <u@gogs.io>	2017-11-16 19:32:33 -0500
commit	6f04ee879ca25fd798f85a4c701291adae561a1a (patch)
tree	cc8d06d0fe6022146f9717f647574aff34dcd65c /pkg/auth/ldap
parent	e1e76d3f8823606ae48635e19d4e58cc3bdf163f (diff)