set LDAP_OPT_X_TLS_CACERTFILE

This commit is contained in:
Roland Gruber 2019-08-15 12:48:37 +02:00
parent 4a373743af
commit bb32bb6424
2 changed files with 12 additions and 1 deletions

View File

@ -703,6 +703,12 @@ function connectToLDAP($serverURL, $startTLS) {
if (!$server) { if (!$server) {
return null; return null;
} }
if (defined('LDAP_OPT_X_TLS_CACERTFILE')) {
$cfgMain = new LAMCfgMain();
if (!empty($cfgMain->getSSLCaCertificates())) {
ldap_set_option($server, LDAP_OPT_X_TLS_CACERTFILE, $cfgMain->getSSLCaCertPath());
}
}
// use LDAPv3 // use LDAPv3
ldap_set_option($server, LDAP_OPT_PROTOCOL_VERSION, 3); ldap_set_option($server, LDAP_OPT_PROTOCOL_VERSION, 3);
// start TLS if possible // start TLS if possible

View File

@ -160,7 +160,12 @@ class myldap extends DS {
$resource = ldap_connect($this->getValue('server','host'),$this->getValue('server','port')); $resource = ldap_connect($this->getValue('server','host'),$this->getValue('server','port'));
else else
$resource = ldap_connect($this->getValue('server','host')); $resource = ldap_connect($this->getValue('server','host'));
if (defined('LDAP_OPT_X_TLS_CACERTFILE')) {
$cfgMain = new LAMCfgMain();
if (!empty($cfgMain->getSSLCaCertificates())) {
ldap_set_option($resource, LDAP_OPT_X_TLS_CACERTFILE, $cfgMain->getSSLCaCertPath());
}
}
$CACHE[$this->index][$method] = $resource; $CACHE[$this->index][$method] = $resource;
if (! is_resource($resource)) if (! is_resource($resource))