tyler.durden/icingaweb2
1
0
Fork 0
mirror of https://github.com/Icinga/icingaweb2.git synced 2025-07-30 01:04:09 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix that LDAP encryption settings have no effect

Browse Source 
I renamed the directive for the encryption setting from 'connection' to 'encryption' before releasing Beta3 but
I forgot to change the Connection class accordingly.

fixes #8953
This commit is contained in:
Eric Lippmann 2015-04-02 10:41:25 +02:00
parent 06d9e4113c
commit 9ce9e0270c
1 changed files with 14 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
library/Icinga/Protocol/Ldap/Connection.php
View File

@ -45,6 +45,13 @@ class Connection
*/ */
const LDAPS = 'ldaps'; const LDAPS = 'ldaps';
/**
* Encryption for the connection if any
*
* @var string|null
*/
protected $encryption;
protected $ds; protected $ds;
protected $hostname; protected $hostname;
protected $port = 389; protected $port = 389;
@ -52,7 +59,6 @@ class Connection
protected $bind_pw; protected $bind_pw;
protected $root_dn; protected $root_dn;
protected $count; protected $count;
protected $connectionType;
protected $reqCert = true; protected $reqCert = true;
/** /**
@ -86,7 +92,10 @@ class Connection
$this->bind_pw = $config->bind_pw; $this->bind_pw = $config->bind_pw;
$this->root_dn = $config->root_dn; $this->root_dn = $config->root_dn;
$this->port = $config->get('port', $this->port); $this->port = $config->get('port', $this->port);
$this->connectionType = $config->get('connection'); $this->encryption = $config->get('encryption');
if ($this->encryption !== null) {
$this->encryption = strtolower($this->encryption);
}
$this->reqCert = (bool) $config->get('reqcert', $this->reqCert); $this->reqCert = (bool) $config->get('reqcert', $this->reqCert);
} }
@ -481,12 +490,12 @@ class Connection
*/ */
protected function prepareNewConnection() protected function prepareNewConnection()
{ {
if ($this->connectionType === static::STARTTLS || $this->connectionType === static::LDAPS) { if ($this->encryption === static::STARTTLS || $this->encryption === static::LDAPS) {
$this->prepareTlsEnvironment(); $this->prepareTlsEnvironment();
} }
$hostname = $this->hostname; $hostname = $this->hostname;
if ($this->connectionType === static::LDAPS) { if ($this->encryption === static::LDAPS) {
$hostname = 'ldaps://' . $hostname; $hostname = 'ldaps://' . $hostname;
} }
@ -499,8 +508,7 @@ class Connection
Logger::warning('LADP discovery failed, assuming default LDAP settings.'); Logger::warning('LADP discovery failed, assuming default LDAP settings.');
$this->capabilities = new Capability(); // create empty default capabilities $this->capabilities = new Capability(); // create empty default capabilities
} }
if ($this->encryption === static::STARTTLS) {
if ($this->connectionType === static::STARTTLS) {
$force_tls = false; $force_tls = false;
if ($this->capabilities->hasStartTls()) { if ($this->capabilities->hasStartTls()) {
if (@ldap_start_tls($ds)) { if (@ldap_start_tls($ds)) {