Permalink
Browse files

auth/cas: MDL-25062 CAS authentication plugin does not validate the C…

…AS server certificate

If we enable the server validation but don't specify a certificate file path
flag the error and don't let the user save the settings.
  • Loading branch information...
1 parent b7b3542 commit 064f325bced4a2b4287f30a8d9475bc1c0c1da66 @iarenaza iarenaza committed Nov 18, 2010
Showing with 14 additions and 0 deletions.
  1. +13 −0 auth/cas/auth.php
  2. +1 −0 lang/en_utf8/auth.php
View
13 auth/cas/auth.php
@@ -206,6 +206,19 @@ function connectCAS() {
function config_form($config, $err, $user_fields) {
include 'config.html';
}
+
+ /**
+ * A chance to validate form data, and last chance to
+ * do stuff before it is inserted in config_plugin
+ * @param object object with submitted configuration settings (without system magic quotes)
+ * @param array $err array of error messages
+ */
+ function validate_form(&$form, &$err) {
+ $certificate_path = trim($form->certificate_path);
+ if ($form->certificate_check && empty($certificate_path)) {
+ $err['certificate_path'] = get_string('auth_cas_certificate_path_empty', 'auth');
+ }
+ }
/**
* Returns the URL for changing the user's pw, or empty if the default can
* be used.
View
1 lang/en_utf8/auth.php
@@ -43,6 +43,7 @@
$string['auth_cas_multiauth'] = "Turn this to ''yes'' if you want to have multi-authentication (CAS + other authentication)";
$string['auth_cas_certificate_check'] = "Turn this to ''yes'' if you want to validate the server certificate";
$string['auth_cas_certificate_path'] = "Path of the CA chain file (PEM Format) to validate the server certificate";
+$string['auth_cas_certificate_path_empty'] = "If you turn on Server validation, you need to specify a certificate path";
$string['accesCAS'] = "CAS users";
$string['accesNOCAS'] = "other users";
$string['CASform'] = "Authentication choice";

0 comments on commit 064f325

Please sign in to comment.