tyler.durden
/
icingaweb2
mirror of https://github.com/Icinga/icingaweb2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #3592 from Icinga/feature/ldap-timeout 

LdapConnection: Add timeout setting with a useful default value
This commit is contained in:
Eric Lippmann 2018-10-16 14:45:02 +02:00 committed by GitHub
parent b3e0b5d587 39f5b5e2cd
commit d00fdf4d19
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 23 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
application/forms/Config/Resource/LdapResourceForm.php
View File

@ -144,6 +144,17 @@ class LdapResourceForm extends Form
)
);
$this->addElement(
'number',
'timeout',
array(
'preserveDefault' => true,
'label' => $this->translate('Timeout'),
'description' => $this->translate('Connection timeout for every LDAP connection'),
'value' => 5 // see LdapConnection::__construct()
)
);
return $this;
}
}

13
library/Icinga/Protocol/Ldap/LdapConnection.php
View File

@ -139,6 +139,13 @@ class LdapConnection implements Selectable, Inspectable
*/
protected $root;
/**
* LDAP_OPT_NETWORK_TIMEOUT for the LDAP connection
*
* @var int
*/
protected $timeout;
/**
* The properties and capabilities of the LDAP server
*
@ -178,7 +185,8 @@ class LdapConnection implements Selectable, Inspectable
$this->bindDn = $config->bind_dn;
$this->bindPw = $config->bind_pw;
$this->rootDn = $config->root_dn;
$this->port = $config->get('port', 389);
$this->port = (int) $config->get('port', 389);
$this->timeout = (int) $config->get('timeout', 5);
$this->encryption = $config->encryption;
if ($this->encryption !== null) {
@ -1190,6 +1198,9 @@ class LdapConnection implements Selectable, Inspectable
$ds = ldap_connect($hostname, $this->port);
// Set a proper timeout for each connection
ldap_set_option($ds, LDAP_OPT_NETWORK_TIMEOUT, $this->timeout);
// Usage of ldap_rename, setting LDAP_OPT_REFERRALS to 0 or using STARTTLS requires LDAPv3.
// If this does not work we're probably not in a PHP 5.3+ environment as it is VERY
// unlikely that the server complains about it by itself prior to a bind request