tyler.durden/icingaweb2
1
0
Fork 0
mirror of https://github.com/Icinga/icingaweb2.git synced 2025-07-21 12:54:26 +02:00
Code Issues Packages Projects Releases Wiki Activity

LdapConnection: Include the normalized hostname in all informational messages

Browse Source 
refs #3639
This commit is contained in:
Johannes Meyer 2019-04-23 10:55:23 +02:00
parent d998bd9894
commit 1d341f9253
1 changed files with 5 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
library/Icinga/Protocol/Ldap/LdapConnection.php
View File

@ -344,11 +344,10 @@ class LdapConnection implements Selectable, Inspectable
$success = @ldap_bind($ds, $this->bindDn, $this->bindPw); $success = @ldap_bind($ds, $this->bindDn, $this->bindPw);
if (! $success) { if (! $success) {
throw new LdapException( throw new LdapException(
'LDAP bind (%s / %s) to %s with default port %s failed: %s', 'LDAP bind (%s / %s) to %s failed: %s',
$this->bindDn, $this->bindDn,
'***' /* $this->bindPw */, '***' /* $this->bindPw */,
$this->hostname, $this->normalizeHostname($this->hostname),
$this->port,
ldap_error($ds) ldap_error($ds)
); );
} }
@ -1240,23 +1239,6 @@ class LdapConnection implements Selectable, Inspectable
// We're checking the level by ourselves to avoid rendering the ldapsearch commandline for nothing // We're checking the level by ourselves to avoid rendering the ldapsearch commandline for nothing
$starttlsParam = $this->encryption === static::STARTTLS ? ' -ZZ' : ''; $starttlsParam = $this->encryption === static::STARTTLS ? ' -ZZ' : '';
$ldapUrls = array();
$defaultScheme = $this->encryption === static::LDAPS ? 'ldaps://' : 'ldap://';
foreach (explode(' ', $this->hostname) as $uri) {
$url = Url::fromPath($uri);
if (! $url->getScheme()) {
$uri = $defaultScheme . $uri . ($this->port ? ':' . $this->port : '');
} else {
if ($url->getPort() === null) {
$url->setPort($this->port);
}
$uri = $url->getAbsoluteUrl();
}
$ldapUrls[] = $uri;
}
$bindParams = ''; $bindParams = '';
if ($this->bound) { if ($this->bound) {
$bindParams = ' -D "' . $this->bindDn . '"' . ($this->bindPw ? ' -W' : ''); $bindParams = ' -D "' . $this->bindDn . '"' . ($this->bindPw ? ' -W' : '');
@ -1275,7 +1257,7 @@ class LdapConnection implements Selectable, Inspectable
Logger::debug("Issueing LDAP search. Use '%s' to reproduce.", sprintf( Logger::debug("Issueing LDAP search. Use '%s' to reproduce.", sprintf(
'ldapsearch -P 3%s -H "%s"%s -b "%s" -s "%s" -z %u -l %u -a "%s"%s%s%s', 'ldapsearch -P 3%s -H "%s"%s -b "%s" -s "%s" -z %u -l %u -a "%s"%s%s%s',
$starttlsParam, $starttlsParam,
implode(' ', $ldapUrls), $this->normalizeHostname($this->hostname),
$bindParams, $bindParams,
$baseDn, $baseDn,
$scope, $scope,
@ -1495,11 +1477,10 @@ class LdapConnection implements Selectable, Inspectable
// Try a bind-command with the given user credentials, this must not fail // Try a bind-command with the given user credentials, this must not fail
$success = @ldap_bind($ds, $this->bindDn, $this->bindPw); $success = @ldap_bind($ds, $this->bindDn, $this->bindPw);
$msg = sprintf( $msg = sprintf(
'LDAP bind (%s / %s) to %s with default port %s', 'LDAP bind (%s / %s) to %s',
$this->bindDn, $this->bindDn,
'***' /* $this->bindPw */, '***' /* $this->bindPw */,
$this->hostname, $this->normalizeHostname($this->hostname)
$this->port
); );
if (! $success) { if (! $success) {
// ldap_error does not return any proper error messages in case of certificate errors. Connecting // ldap_error does not return any proper error messages in case of certificate errors. Connecting