Merged in master (pull request #27)

Use LDAP over StartTLS if option LDAP_USE_START_TLS is set. Approved-by: Janos SUTO
2024-11-07 23:01:58 +01:00 · 2021-07-10 11:32:26 +00:00 · 2021-07-10 11:32:26 +00:00 · 4ebf76e405
commit 4ebf76e405
parent f32ab14c97 d9771a3f7d
2 changed files with 5 additions and 0 deletions
--- a/config.php.in
+++ b/config.php.in
@ -88,6 +88,7 @@ $config['LDAP_MAIL_ATTR'] = 'mail';
 $config['LDAP_AUDITOR_MEMBER_DN'] = '';
 $config['LDAP_ADMIN_MEMBER_DN'] = '';
 $config['LDAP_BASE_DN'] = '';
+$config['LDAP_USE_START_TLS'] = 0;

 // AD specific settings
 //
--- a/webui/system/database/ldap.php
+++ b/webui/system/database/ldap.php
@ -12,6 +12,10 @@ class LDAP {
      ldap_set_option($this->link, LDAP_OPT_PROTOCOL_VERSION, 3);
      ldap_set_option($this->link, LDAP_OPT_REFERRALS, 0);

+      if (LDAP_USE_START_TLS == 1) {
+         ldap_start_tls($this->link);
+      }
+
      if(@ldap_bind($this->link, $binddn, $bindpw)) {
         $this->bind = 1;
      }