Add IsUserPassUptodate to see if the password has the right crypto

meskio 4 years ago
parent ce616bf5c5
commit 56866c5c85
Signed by: meskio
GPG Key ID: 52B8F5AC97A2DA86
  1. 18

@ -5,12 +5,13 @@ import (
var searchAttributes = []string{"dn", "uid", "uidNumber", "gidNumber", "loginShell", "homeDirectory", "mail", "authTimestamp", "sdRole", "sdLocked"}
var searchAttributes = []string{"dn", "uid", "uidNumber", "gidNumber", "loginShell", "homeDirectory", "mail", "authTimestamp", "sdRole", "sdLocked", "userPassword"}
//User has the ldap data of the user
type User struct {
@ -35,6 +36,21 @@ func (l Ldap) ValidateUser(user string, pass string) error {
return err
// IsUserPassUptodate will be true if the password for that user in ldap is using the latest crypto
func (l Ldap) IsUserPassUptodate(user string) bool {
conn, err := l.connect()
if err != nil {
return false
defer conn.Close()
entry, err := l.searchUser(user, conn)
if err != nil {
return false
return strings.ToLower(entry.GetAttributeValue("userPassword")[:9]) == "{crypt}$6$"
// ChangePass changes logged in user's password
func (l Ldap) ChangePass(user string, oldpass string, newpass string) error {
if oldpass == "" {