aboutsummaryrefslogtreecommitdiffstats
path: root/lib/Fripost
diff options
context:
space:
mode:
authorGuilhem Moulin <guilhem@fripost.org>2018-09-02 06:00:06 +0200
committerGuilhem Moulin <guilhem@fripost.org>2018-09-02 06:05:34 +0200
commit7b4d5536c9df9673937deb0670b11240c02ce5a1 (patch)
tree2826a4ae0e29772daaa8d9ae3dd8bf1a1ee6af1e /lib/Fripost
parentc721370bc2c7ee369b292ba768cb20a9864a805c (diff)
Fripost::Session: Forget credentials when destroying the session.
Diffstat (limited to 'lib/Fripost')
-rw-r--r--lib/Fripost/Session.pm6
1 files changed, 5 insertions, 1 deletions
diff --git a/lib/Fripost/Session.pm b/lib/Fripost/Session.pm
index 8cf6405..4408cf8 100644
--- a/lib/Fripost/Session.pm
+++ b/lib/Fripost/Session.pm
@@ -103,9 +103,10 @@ sub authenticate($%) {
return $fp;
}
-# authenticate(OPTION => VALUE, ..)
+# destroy(OPTION => VALUE, ..)
# Create a new Fripost object, authenticate (using SASL proxy
# authorization), and delete the entry on the LDAP backend.
+# The object shouldn't be used after using this method.
sub destroy($%) {
my $self = shift;
my %conf = @_;
@@ -117,6 +118,9 @@ sub destroy($%) {
my $r = $fp->{_ldap}->delete($dn);
$fp->croak("LDAP error code %i: %s\n", $r->code, $r->error)
unless $r->code == LDAP_SUCCESS;
+
+ # forget credentials in the object (now a blessed empty hash reference)
+ undef %$self;
}
1;