From 9ce9e0270c14974712b329eec88c3fd4bee29178 Mon Sep 17 00:00:00 2001
From: Eric Lippmann <eric.lippmann@netways.de>
Date: Thu, 2 Apr 2015 10:41:25 +0200
Subject: [PATCH] Fix that LDAP encryption settings have no effect

I renamed the directive for the encryption setting from 'connection' to 'encryption' before releasing Beta3 but
I forgot to change the Connection class accordingly.

fixes #8953
---
 library/Icinga/Protocol/Ldap/Connection.php | 20 ++++++++++++++------
 1 file changed, 14 insertions(+), 6 deletions(-)

diff --git a/library/Icinga/Protocol/Ldap/Connection.php b/library/Icinga/Protocol/Ldap/Connection.php
index e8c06cb5b..687f30e62 100644
--- a/library/Icinga/Protocol/Ldap/Connection.php
+++ b/library/Icinga/Protocol/Ldap/Connection.php
@@ -45,6 +45,13 @@ class Connection
      */
     const LDAPS = 'ldaps';
 
+    /**
+     * Encryption for the connection if any
+     *
+     * @var string|null
+     */
+    protected $encryption;
+
     protected $ds;
     protected $hostname;
     protected $port = 389;
@@ -52,7 +59,6 @@ class Connection
     protected $bind_pw;
     protected $root_dn;
     protected $count;
-    protected $connectionType;
     protected $reqCert = true;
 
     /**
@@ -86,7 +92,10 @@ class Connection
         $this->bind_pw  = $config->bind_pw;
         $this->root_dn  = $config->root_dn;
         $this->port = $config->get('port', $this->port);
-        $this->connectionType = $config->get('connection');
+        $this->encryption = $config->get('encryption');
+        if ($this->encryption !== null) {
+            $this->encryption = strtolower($this->encryption);
+        }
         $this->reqCert = (bool) $config->get('reqcert', $this->reqCert);
     }
 
@@ -481,12 +490,12 @@ class Connection
      */
     protected function prepareNewConnection()
     {
-        if ($this->connectionType === static::STARTTLS || $this->connectionType === static::LDAPS) {
+        if ($this->encryption === static::STARTTLS || $this->encryption === static::LDAPS) {
             $this->prepareTlsEnvironment();
         }
 
         $hostname = $this->hostname;
-        if ($this->connectionType === static::LDAPS) {
+        if ($this->encryption === static::LDAPS) {
             $hostname = 'ldaps://' . $hostname;
         }
 
@@ -499,8 +508,7 @@ class Connection
             Logger::warning('LADP discovery failed, assuming default LDAP settings.');
             $this->capabilities = new Capability(); // create empty default capabilities
         }
-
-        if ($this->connectionType === static::STARTTLS) {
+        if ($this->encryption === static::STARTTLS) {
             $force_tls = false;
             if ($this->capabilities->hasStartTls()) {
                 if (@ldap_start_tls($ds)) {