diff options
| author | Morris Jobke <hey@morrisjobke.de> | 2017-08-10 21:06:14 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2017-08-10 21:06:14 +0200 |
| commit | 43facdb95f9a3e8524b5acb45299e581569e753e (patch) | |
| tree | a5cd53be6e3075eb98f4f951b103be94040e9758 | |
| parent | d3cb4a7965d1aafc392e054438db981106a02a58 (diff) | |
| parent | 25439919f83d1e1db385649943677597f7ed9a14 (diff) | |
| download | nextcloud-server-43facdb95f9a3e8524b5acb45299e581569e753e.tar.gz nextcloud-server-43facdb95f9a3e8524b5acb45299e581569e753e.zip | |
Merge pull request #5616 from nextcloud/ldap-wizard-remove-LDAPTLS_REQCERT-attempt
LDAP Wizard: do not attempt to recognise cert issue by using LDAPTLS_REQCERT
| -rw-r--r-- | apps/user_ldap/lib/ILDAPWrapper.php | 4 | ||||
| -rw-r--r-- | apps/user_ldap/lib/LDAP.php | 4 | ||||
| -rw-r--r-- | apps/user_ldap/lib/Wizard.php | 19 |
3 files changed, 7 insertions, 20 deletions
diff --git a/apps/user_ldap/lib/ILDAPWrapper.php b/apps/user_ldap/lib/ILDAPWrapper.php index 4034d0baea4..71dd60c3725 100644 --- a/apps/user_ldap/lib/ILDAPWrapper.php +++ b/apps/user_ldap/lib/ILDAPWrapper.php @@ -82,14 +82,14 @@ interface ILDAPWrapper { /** * Return the LDAP error number of the last LDAP command * @param resource $link LDAP link resource - * @return string error message as string + * @return int error code */ public function errno($link); /** * Return the LDAP error message of the last LDAP command * @param resource $link LDAP link resource - * @return int error code as integer + * @return string error message */ public function error($link); diff --git a/apps/user_ldap/lib/LDAP.php b/apps/user_ldap/lib/LDAP.php index ebee0784130..eafd8eacd06 100644 --- a/apps/user_ldap/lib/LDAP.php +++ b/apps/user_ldap/lib/LDAP.php @@ -100,7 +100,7 @@ class LDAP implements ILDAPWrapper { /** * @param LDAP $link - * @return mixed|string + * @return integer */ public function errno($link) { return $this->invokeLDAPMethod('errno', $link); @@ -108,7 +108,7 @@ class LDAP implements ILDAPWrapper { /** * @param LDAP $link - * @return int|mixed + * @return string */ public function error($link) { return $this->invokeLDAPMethod('error', $link); diff --git a/apps/user_ldap/lib/Wizard.php b/apps/user_ldap/lib/Wizard.php index f6b78208fd2..9d4da9cbf3f 100644 --- a/apps/user_ldap/lib/Wizard.php +++ b/apps/user_ldap/lib/Wizard.php @@ -1019,21 +1019,14 @@ class Wizard extends LDAPUtility { /** * Connects and Binds to an LDAP Server + * * @param int $port the port to connect with * @param bool $tls whether startTLS is to be used - * @param bool $ncc * @return bool * @throws \Exception */ - private function connectAndBind($port = 389, $tls = false, $ncc = false) { - if($ncc) { - //No certificate check - //FIXME: undo afterwards - putenv('LDAPTLS_REQCERT=never'); - } - + private function connectAndBind($port, $tls) { //connect, does not really trigger any server communication - \OCP\Util::writeLog('user_ldap', 'Wiz: Checking Host Info ', \OCP\Util::DEBUG); $host = $this->configuration->ldapHost; $hostInfo = parse_url($host); if(!$hostInfo) { @@ -1045,7 +1038,6 @@ class Wizard extends LDAPUtility { throw new \Exception(self::$l->t('Invalid Host')); } - \OCP\Util::writeLog('user_ldap', 'Wiz: Setting LDAP Options ', \OCP\Util::DEBUG); //set LDAP options $this->ldap->setOption($cr, LDAP_OPT_PROTOCOL_VERSION, 3); $this->ldap->setOption($cr, LDAP_OPT_REFERRALS, 0); @@ -1074,18 +1066,13 @@ class Wizard extends LDAPUtility { if($login === true) { $this->ldap->unbind($cr); - if($ncc) { - throw new \Exception('Certificate cannot be validated.'); - } \OCP\Util::writeLog('user_ldap', 'Wiz: Bind successful to Port '. $port . ' TLS ' . intval($tls), \OCP\Util::DEBUG); return true; } - if($errNo === -1 || ($errNo === 2 && $ncc)) { + if($errNo === -1) { //host, port or TLS wrong return false; - } else if ($errNo === 2) { - return $this->connectAndBind($port, $tls, true); } throw new \Exception($error, $errNo); } |