Updated LDAP to allow protocol to be specified
As per details by fredericmohr in #236
This commit is contained in:
parent
e211f31370
commit
598b07b53d
2 changed files with 6 additions and 20 deletions
|
@ -18,24 +18,6 @@ class Ldap
|
|||
*/
|
||||
public function connect($hostName, $port)
|
||||
{
|
||||
/*
|
||||
* LDAPS is not working because even if port 363 is specified,
|
||||
* BookStack tries to open a LDAP connection on the LDAPS channel.
|
||||
* The if-clause below fixed this, although it would be better to
|
||||
* change the settings in .env from
|
||||
* LDAP_SERVER=servername:port
|
||||
* to
|
||||
* LDAP_SERVER=ldap://servername:389
|
||||
* LDAP_SERVER=ldaps://servername:363
|
||||
* in order to be compatible with non-standard setups. Currently,
|
||||
* specifying ldap:// or ldaps:// results in an error because BookStack
|
||||
* splits at ":" and takes the seconds chunk (in this case "//servername"
|
||||
* as the port value.
|
||||
*/
|
||||
if ($port == 363)
|
||||
{
|
||||
$hostName = "ldaps://".$hostName;
|
||||
}
|
||||
return ldap_connect($hostName, $port);
|
||||
}
|
||||
|
||||
|
|
|
@ -112,9 +112,13 @@ class LdapService
|
|||
throw new LdapException(trans('errors.ldap_extension_not_installed'));
|
||||
}
|
||||
|
||||
// Get port from server string if specified.
|
||||
// Get port from server string and protocol if specified.
|
||||
$ldapServer = explode(':', $this->config['server']);
|
||||
$ldapConnection = $this->ldap->connect($ldapServer[0], count($ldapServer) > 1 ? $ldapServer[1] : 389);
|
||||
$hasProtocol = preg_match('/^ldaps{0,1}\:\/\//', $this->config['server']) === 1;
|
||||
if (!$hasProtocol) array_unshift($ldapServer, '');
|
||||
$hostName = $ldapServer[0] . ($hasProtocol?':':'') . $ldapServer[1];
|
||||
$defaultPort = $ldapServer[0] === 'ldaps' ? 636 : 389;
|
||||
$ldapConnection = $this->ldap->connect($hostName, count($ldapServer) > 2 ? intval($ldapServer[2]) : $defaultPort);
|
||||
|
||||
if ($ldapConnection === false) {
|
||||
throw new LdapException(trans('errors.ldap_cannot_connect'));
|
||||
|
|
Loading…
Reference in a new issue