tyler.durden/icingaweb2
1
0
Fork 0
mirror of https://github.com/Icinga/icingaweb2.git synced 2025-07-29 16:54:04 +02:00
Code Issues Packages Projects Releases Wiki Activity

LdapConnection: Normalize the hostname in all cases, not just for LDAPS

Browse Source 
refs #3639
This commit is contained in:
Johannes Meyer 2019-04-23 10:54:40 +02:00
parent 57abdc8baa
commit d998bd9894
1 changed files with 33 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

53
library/Icinga/Protocol/Ldap/LdapConnection.php
View File

@ -1179,25 +1179,7 @@ class LdapConnection implements Selectable, Inspectable
$info = new Inspection(''); $info = new Inspection('');
} }
$hostname = $this->hostname; $hostname = $this->normalizeHostname($this->hostname);
if ($this->encryption === static::LDAPS) {
$info->write('Connect using LDAPS');
$ldapUrls = explode(' ', $hostname);
if (count($ldapUrls) > 1) {
foreach ($ldapUrls as & $uri) {
if (preg_match('/:\d+$/', $uri) === 0) {
$uri = $uri . ':' . $this->port;
}
if (strpos($uri, '://') === false) {
$uri = 'ldaps://' . $uri;
}
}
$hostname = implode(' ', $ldapUrls);
} else {
$hostname = 'ldaps://' . $hostname . ':' . $this->port;
}
}
$ds = ldap_connect($hostname, $this->port); $ds = ldap_connect($hostname, $this->port);
@ -1212,7 +1194,9 @@ class LdapConnection implements Selectable, Inspectable
// Not setting this results in "Operations error" on AD when using the whole domain as search base // Not setting this results in "Operations error" on AD when using the whole domain as search base
ldap_set_option($ds, LDAP_OPT_REFERRALS, 0); ldap_set_option($ds, LDAP_OPT_REFERRALS, 0);
if ($this->encryption === static::STARTTLS) { if ($this->encryption === static::LDAPS) {
$info->write('Connect using LDAPS');
} elseif ($this->encryption === static::STARTTLS) {
$this->encrypted = true; $this->encrypted = true;
$info->write('Connect using STARTTLS'); $info->write('Connect using STARTTLS');
if (! ldap_start_tls($ds)) { if (! ldap_start_tls($ds)) {
@ -1546,4 +1530,33 @@ class LdapConnection implements Selectable, Inspectable
} }
return $insp; return $insp;
} }
protected function normalizeHostname($hostname)
{
$scheme = $this->encryption === static::LDAPS ? 'ldaps://' : 'ldap://';
$normalizeHostname = function ($hostname) use ($scheme) {
if (strpos($hostname, $scheme) === false) {
$hostname = $scheme . $hostname;
}
if (! preg_match('/:\d+$/', $hostname)) {
$hostname .= ':' . $this->port;
}
return $hostname;
};
$ldapUrls = explode(' ', $hostname);
if (count($ldapUrls) > 1) {
foreach ($ldapUrls as & $uri) {
$uri = $normalizeHostname($uri);
}
$hostname = implode(' ', $ldapUrls);
} else {
$hostname = $normalizeHostname($hostname);
}
return $hostname;
}
} }