Skip to content

Commit ff2802a

Browse files
author
robin.kluth
committed
1.1.12
* Create the .ldaprc control file automatically
1 parent 304baab commit ff2802a

File tree

1 file changed

+28
-3
lines changed

1 file changed

+28
-3
lines changed

src/LdapAuth.php

Lines changed: 28 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -94,7 +94,7 @@ public function autoDetect($overrideIp = false)
9494
$index++;
9595
}
9696

97-
Yii::debug('[Autodetect] No suitable domain found :(', __METHOD__);
97+
Yii::warning('[Autodetect] No suitable domain found :(', __METHOD__);
9898
return false;
9999
}
100100

@@ -110,6 +110,31 @@ public function login($username, $password, $domainKey)
110110
$ssl = isset($domainData['useSSL']) && $domainData['useSSL'];
111111
Yii::debug('Use SSL here? ' . ($ssl ? 'Yes' : 'No'));
112112

113+
if ($ssl) {
114+
// When using SSL, we have to set some env variables and create an ldap controlfile - otherwirse a connect with non valid certificat will fail!
115+
116+
/**
117+
* Inhalt der .ldaprc:
118+
* TLS_REQCERT allow
119+
*
120+
*/
121+
$ldaprcfile = $_SERVER['HOME'] . '/.ldaprc';
122+
123+
if (!file_exists($ldaprcfile)) {
124+
// Try to create the file
125+
if (!file_put_contents($ldaprcfile, 'TLS_REQCERT allow')) {
126+
Yii::error('Cannot create required .ldaprc control file!');
127+
return false;
128+
}
129+
} else {
130+
Yii::debug('.ldaprc file exists!');
131+
}
132+
133+
putenv('LDAPCONF=' . $ldaprcfile);
134+
putenv('LDAPTLS_REQCERT=allow');
135+
putenv('TLS_REQCERT=allow');
136+
}
137+
113138
Yii::debug('Trying to connect to Domain #' . $domainKey . ' (' . $domainData['hostname'] . ')');
114139

115140
if (!self::serviceping($domainData['hostname'], $ssl ? 636 : null)) {
@@ -124,7 +149,7 @@ public function login($username, $password, $domainKey)
124149

125150
$l = @ldap_connect($hostPrefix, $port);
126151
if (!$l) {
127-
Yii::debug('Connect failed! ' . ldap_error($l), 'ldapAuth');
152+
Yii::warning('Connect failed! ' . ldap_error($l), 'ldapAuth');
128153
return false;
129154
}
130155

@@ -139,7 +164,7 @@ public function login($username, $password, $domainKey)
139164
$b = @ldap_bind($l, $bind_dn, $password);
140165

141166
if (!$b) {
142-
Yii::debug('Bind failed! ' . ldap_error($l), 'ldapAuth');
167+
Yii::warning('Bind failed! ' . ldap_error($l), 'ldapAuth');
143168
return false;
144169
}
145170

0 commit comments

Comments
 (0)