diff options
| author | andi <andi@splitbrain.org> | 2005-03-09 22:01:53 +0100 |
|---|---|---|
| committer | andi <andi@splitbrain.org> | 2005-03-09 22:01:53 +0100 |
| commit | c6c0f8871bf5837f9a685ba7add9ec18a917b6bb (patch) | |
| tree | b8ee20be0c877ff7aea4783f88a94d7a9d251e56 | |
| parent | b146b32bb0a5954f583a461f28f0fcf9fb020a2a (diff) | |
| download | rpg-c6c0f8871bf5837f9a685ba7add9ec18a917b6bb.tar.gz rpg-c6c0f8871bf5837f9a685ba7add9ec18a917b6bb.tar.bz2 | |
TLS support for LDAP #191
darcs-hash:20050309210153-9977f-9f63df016b31e0812db0bbcb20513948900b231c.gz
| -rw-r--r-- | inc/auth_ldap.php | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/inc/auth_ldap.php b/inc/auth_ldap.php index 5ae71a2da..296b4e9c8 100644 --- a/inc/auth_ldap.php +++ b/inc/auth_ldap.php @@ -19,7 +19,7 @@ if(!function_exists('ldap_connect')) * * Holds the connection in global scope for multiple use * - * @author Andreas Gohr <andi@splitbrain.org> + * @author Andreas Gohr <andi@splitbrain.org> */ function auth_ldap_connect(){ global $LDAP_CONNECTION; @@ -32,6 +32,7 @@ function auth_ldap_connect(){ msg("LDAP: couldn't connect to LDAP server",-1); return false; } + //set protocol version if($cnf['version']){ if(!@ldap_set_option($LDAP_CONNECTION, LDAP_OPT_PROTOCOL_VERSION, @@ -39,6 +40,15 @@ function auth_ldap_connect(){ msg('Setting LDAP Protocol version '.$cnf['version'].' failed',-1); if($cnf['debug']) msg('LDAP errstr: '.htmlspecialchars(ldap_error($LDAP_CONNECTION)),0); + + //use TLS (needs version 3) + if ($cnf['starttls']) { + if (!@ldap_start_tls($LDAP_CONNECTION)){ + msg('Starting TLS failed',-1); + if($cnf['debug']) + msg('LDAP errstr: '.htmlspecialchars(ldap_error($LDAP_CONNECTION)),0); + } + } } } } |