LDAP: Throw an exception if Start TLS fails

This ensures that only a secure connection to the LDAP server will be used, if Start TLS has been enabled. Signed-off-by: Jarkko Lehtoranta <devel@jlranta.com>
author: Jarkko Lehtoranta <devel@jlranta.com> 2017-06-13 21:30:41 +0300
committer: Jarkko Lehtoranta <devel@jlranta.com> 2017-07-23 14:50:01 +0300
commit: de9a9bc00433a8793e9586cb3fbf6256104d6103 (patch)
tree: 39871be2ccc46adfa19c4c77630556f43375e1d4 /apps/user_ldap/lib/Connection.php
parent: ee2c6e8215c05fd9b257dafc9a34795318484fcf (diff)
download: nextcloud-server-de9a9bc00433a8793e9586cb3fbf6256104d6103.tar.gz
nextcloud-server-de9a9bc00433a8793e9586cb3fbf6256104d6103.zip
1 files changed, 3 insertions, 1 deletions
diff --git a/apps/user_ldap/lib/Connection.php b/apps/user_ldap/lib/Connection.php
index 66dfd80adc9..f286a2450c6 100644
--- a/apps/user_ldap/lib/Connection.php
+++ b/apps/user_ldap/lib/Connection.php
@@ -586,7 +586,9 @@ class Connection extends LDAPUtility {
 		if($this->ldap->setOption($this->ldapConnectionRes, LDAP_OPT_PROTOCOL_VERSION, 3)) {
 			if($this->ldap->setOption($this->ldapConnectionRes, LDAP_OPT_REFERRALS, 0)) {
 				if($this->configuration->ldapTLS) {
-					$this->ldap->startTls($this->ldapConnectionRes);
+					if(!$this->ldap->startTls($this->ldapConnectionRes)) {
+						throw new \OC\ServerNotAvailableException('Start TLS failed, when connecting to LDAP host ' . $host . '.');
+					}
 				}
 			}
 		} else {
author	Jarkko Lehtoranta <devel@jlranta.com>	2017-06-13 21:30:41 +0300
committer	Jarkko Lehtoranta <devel@jlranta.com>	2017-07-23 14:50:01 +0300
commit	de9a9bc00433a8793e9586cb3fbf6256104d6103 (patch)
tree	39871be2ccc46adfa19c4c77630556f43375e1d4 /apps/user_ldap/lib/Connection.php
parent	ee2c6e8215c05fd9b257dafc9a34795318484fcf (diff)
download	nextcloud-server-de9a9bc00433a8793e9586cb3fbf6256104d6103.tar.gz nextcloud-server-de9a9bc00433a8793e9586cb3fbf6256104d6103.zip