jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Also auth against mailPasswords in ldapserver.js

Browse Source
This commit is contained in:
Johannes Zellner
2026-02-17 19:37:38 +01:00
parent bfbcbb686d
commit cb5ccd8166
3 changed files with 27 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
src/ldapserver.js
View File

@@ -589,6 +589,7 @@ async function authenticateService(serviceId, dn, req, res, next) {
if (appPasswordError.reason !== BoxError.NOT_FOUND) return next(new ldap.OperationsError(appPasswordError.message));
if (!mailbox || !mailbox.active) return next(new ldap.NoSuchObjectError(dn.toString())); // user auth requires active mailbox
const [verifyError, result] = await safe(verifyMailboxPassword(mailbox, req.credentials || ''));
if (verifyError && verifyError.reason === BoxError.NOT_FOUND) return next(new ldap.NoSuchObjectError(verifyError.message));
if (verifyError && verifyError.reason === BoxError.INVALID_CREDENTIALS) return next(new ldap.InvalidCredentialsError(verifyError.message));