diff --git a/config.dist.php b/config.dist.php index 53fb0e0..228a2a3 100644 --- a/config.dist.php +++ b/config.dist.php @@ -116,7 +116,13 @@ const AUTH_CALLBACK = null; * All users logging in will be created locally and have the default quota. */ const LDAP_HOST = null; -//const LDAP_URI = '127.0.0.1'; +//const LDAP_HOST = '127.0.0.1'; + +// LDAP server port +const LDAP_PORT = 389; + +// Set to TRUE if using LDAPS +const LDAP_SECURE = false; const LDAP_LOGIN = null; //const LDAP_LOGIN = 'uid=%s,ou=users,dc=yunohost,dc=org'; diff --git a/lib/KaraDAV/LDAP.php b/lib/KaraDAV/LDAP.php index d5c16a2..5a28277 100644 --- a/lib/KaraDAV/LDAP.php +++ b/lib/KaraDAV/LDAP.php @@ -8,7 +8,7 @@ class LDAP static public function enabled(): bool { - $config = [LDAP_HOST, LDAP_LOGIN, LDAP_FIND_USER, LDAP_FIND_IS_ADMIN, LDAP_BASE, LDAP_DISPLAY_NAME]; + $config = [LDAP_HOST, LDAP_PORT, LDAP_SECURE, LDAP_LOGIN, LDAP_FIND_USER, LDAP_FIND_IS_ADMIN, LDAP_BASE, LDAP_DISPLAY_NAME]; $target = count($config); $config = array_filter($config); return count($config) == $target; @@ -20,7 +20,13 @@ class LDAP return; } - $l = ldap_connect(LDAP_HOST) || die('Cannot connect to LDAP'); + $uri = sprintf('ldap%s://%s:%d', LDAP_SECURE ? 's' : '', LDAP_HOST, LDAP_PORT); + $l = ldap_connect($uri); + + if (!$l) { + throw new \RuntimeException('Invalid LDAP connection URI: ' . $uri); + } + ldap_set_option($l, \LDAP_OPT_PROTOCOL_VERSION, 3); ldap_set_option($l, \LDAP_OPT_REFERRALS, 0); ldap_set_option($l, \LDAP_OPT_NETWORK_TIMEOUT, 10); diff --git a/www/_inc.php b/www/_inc.php index 4fd60eb..4ecb815 100644 --- a/www/_inc.php +++ b/www/_inc.php @@ -34,9 +34,10 @@ $defaults = [ 'ERRORS_REPORT_URL' => null, 'AUTH_CALLBACK' => null, 'LDAP_HOST' => null, + 'LDAP_PORT' => null, + 'LDAP_SECURE' => null, 'LDAP_LOGIN' => null, 'LDAP_BASE' => null, - 'LDAP_URI' => null, 'LDAP_DISPLAY_NAME' => null, 'LDAP_FIND_USER' => null, 'LDAP_FIND_IS_ADMIN' => null,