Auth.ldap: add starttsl support. See #1248, should fix it.

cdujeu · cdujeu · commit f49aa9032adc · 2016-11-21T10:02:30.000+01:00
diff --git a/core/src/plugins/auth.ldap/LdapAuthDriver.php b/core/src/plugins/auth.ldap/LdapAuthDriver.php
@@ -214,8 +214,10 @@ public function startConnexion()
             if ($this->ldapconn == null) {
                 $this->logError(__FUNCTION__, 'LDAP Server connexion could NOT be established');
             }
+            if ($this->ldapconn !== null && isSet($this->options["LDAP_PROTOCOL"]) && $this->options["LDAP_PROTOCOL"] === 'starttls') {
+                ldap_start_tls($this->ldapconn);
+            }
         }
-        //return $this->ldapconn;
     }
 
     public function __deconstruct()
diff --git a/core/src/plugins/auth.ldap/manifest.xml b/core/src/plugins/auth.ldap/manifest.xml
@@ -12,7 +12,7 @@
         <!-- Server Connection -->
         <param name="LDAP_CONNECTION_LEGEND" group="CONF_MESSAGE[Server Connection]" type="legend" label="" description="CONF_MESSAGE[Set up main connection to server. Use the button to test that your parameters are correct.]"/>
         <param name="LDAP_URL" group="CONF_MESSAGE[Server Connection]" type="string" label="CONF_MESSAGE[LDAP URL]" description="CONF_MESSAGE[LDAP Server URL (IP or name)]" mandatory="true"/>
-        <param name="LDAP_PROTOCOL" group="CONF_MESSAGE[Server Connection]" type="select" choices="ldap|Standard (ldap),ldaps|SSL (ldaps)" default="ldap" label="CONF_MESSAGE[Protocol]" description="CONF_MESSAGE[Connect through ldap or ldaps]" mandatory="true"/>
+        <param name="LDAP_PROTOCOL" group="CONF_MESSAGE[Server Connection]" type="select" choices="ldap|Standard (ldap),ldaps|SSL (ldaps),starttls|StartTLS" default="ldap" label="CONF_MESSAGE[Protocol]" description="CONF_MESSAGE[Connect through ldap or ldaps]" mandatory="true"/>
         <param name="LDAP_PORT" group="CONF_MESSAGE[Server Connection]" type="string" label="CONF_MESSAGE[LDAP Port]" description="CONF_MESSAGE[LDAP Server Port (leave blank for default)]" mandatory="false" default="389"/>
         <param name="LDAP_USER" group="CONF_MESSAGE[Server Connection]" type="string" label="CONF_MESSAGE[LDAP bind username]" description="CONF_MESSAGE[Username (uid + dn) of LDAP bind user]" mandatory="false"/>
         <param name="LDAP_PASSWORD" group="CONF_MESSAGE[Server Connection]" type="string" label="CONF_MESSAGE[LDAP bind password]" description="CONF_MESSAGE[Password of LDAP bind user]" mandatory="false"/>

Original file line number	Diff line number	Diff line change
`@@ -214,8 +214,10 @@ public function startConnexion()`
`214`	`214`	`if ($this->ldapconn == null) {`
`215`	`215`	`$this->logError(__FUNCTION__, 'LDAP Server connexion could NOT be established');`
`216`	`216`	`}`
	`217`	`+ if ($this->ldapconn !== null && isSet($this->options["LDAP_PROTOCOL"]) && $this->options["LDAP_PROTOCOL"] === 'starttls') {`
	`218`	`+ ldap_start_tls($this->ldapconn);`
	`219`	`+ }`
`217`	`220`	`}`
`218`		`- //return $this->ldapconn;`
`219`	`221`	`}`
`220`	`222`
`221`	`223`	`public function __deconstruct()`