Skip to content
Commit ad0ea2cc authored by Arthur Schiwon's avatar Arthur Schiwon Committed by backportbot[bot]
Browse files

fix potential unwarranted memberships in nested groups from LDAP



- the issue was present only when using PHP based resolving of nested
  group members. Normally nested members are common in AD (and Samba4) and
  are resolved per LDAP_MATCHING_RULE_IN_CHAIN by default
- resolving nested members is recursive
- when the cache entry was created it happend for intermediate groups, too,
  containing members from the parent group
- the check was added to only cache the root group with its members
- a runtime cache stores intermediate ldap read results


Signed-off-by: default avatarArthur Schiwon <blizzz@arthur-schiwon.de>
parent 8629ff99
Loading
Loading
Loading
Loading
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment