LdapConnection: Add timeout setting with a useful default value

application/forms/Config/Resource/LdapResourceForm.php

@@ -144,6 +144,17 @@ class LdapResourceForm extends Form
             )
         );
 
+        $this->addElement(
+            'number',
+            'timeout',
+            array(
+                'preserveDefault'   => true,
+                'label'             => $this->translate('Timeout'),
+                'description'       => $this->translate('Connection timeout for every LDAP connection'),
+                'value'             => 5 // see LdapConnection::__construct()
+            )
+        );
+
         return $this;
     }
 }

library/Icinga/Protocol/Ldap/LdapConnection.php

@@ -139,6 +139,13 @@ class LdapConnection implements Selectable, Inspectable
      */
     protected $root;
 
+    /**
+     * LDAP_OPT_NETWORK_TIMEOUT for the LDAP connection
+     *
+     * @var int
+     */
+    protected $timeout;
+
     /**
      * The properties and capabilities of the LDAP server
      *
@@ -179,6 +186,7 @@ class LdapConnection implements Selectable, Inspectable
         $this->bindPw = $config->bind_pw;
         $this->rootDn = $config->root_dn;
         $this->port = $config->get('port', 389);
+        $this->timeout = $config->get('timeout', 5);
 
         $this->encryption = $config->encryption;
         if ($this->encryption !== null) {
@@ -1190,6 +1198,9 @@ class LdapConnection implements Selectable, Inspectable
 
         $ds = ldap_connect($hostname, $this->port);
 
+        // Set a proper timeout for each connection
+        ldap_set_option($ds, LDAP_OPT_NETWORK_TIMEOUT, $this->timeout);
+
         // Usage of ldap_rename, setting LDAP_OPT_REFERRALS to 0 or using STARTTLS requires LDAPv3.
         // If this does not work we're probably not in a PHP 5.3+ environment as it is VERY
         // unlikely that the server complains about it by itself prior to a bind request