mirror of
https://github.com/the-djmaze/snappymail.git
synced 2025-01-07 23:38:14 +08:00
[ldap-contacts-suggestions] Add support for StartTLS
The plugin currently supports SSL (by using a ldaps:// URI as the hostname of the LDAP server) and unencrypted LDAP. This patch also adds StartTLS support, which is used by many LDAP servers.
This commit is contained in:
parent
c23eeb54be
commit
11294a8f8b
2 changed files with 19 additions and 2 deletions
|
@ -12,6 +12,11 @@ class LdapContactsSuggestions implements \RainLoop\Providers\Suggestions\ISugges
|
||||||
*/
|
*/
|
||||||
private $iHostPort = 389;
|
private $iHostPort = 389;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @var bool
|
||||||
|
*/
|
||||||
|
private $bUseStartTLS = True;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @var string
|
* @var string
|
||||||
*/
|
*/
|
||||||
|
@ -60,6 +65,7 @@ class LdapContactsSuggestions implements \RainLoop\Providers\Suggestions\ISugges
|
||||||
/**
|
/**
|
||||||
* @param string $sHostName
|
* @param string $sHostName
|
||||||
* @param int $iHostPort
|
* @param int $iHostPort
|
||||||
|
* @param bool $bUseStartTLS
|
||||||
* @param string $sAccessDn
|
* @param string $sAccessDn
|
||||||
* @param string $sAccessPassword
|
* @param string $sAccessPassword
|
||||||
* @param string $sUsersDn
|
* @param string $sUsersDn
|
||||||
|
@ -70,10 +76,11 @@ class LdapContactsSuggestions implements \RainLoop\Providers\Suggestions\ISugges
|
||||||
*
|
*
|
||||||
* @return \LdapContactsSuggestions
|
* @return \LdapContactsSuggestions
|
||||||
*/
|
*/
|
||||||
public function SetConfig($sHostName, $iHostPort, $sAccessDn, $sAccessPassword, $sUsersDn, $sObjectClass, $sUidField, $sNameField, $sEmailField, $sAllowedEmails)
|
public function SetConfig($sHostName, $iHostPort, $bUseStartTLS, $sAccessDn, $sAccessPassword, $sUsersDn, $sObjectClass, $sUidField, $sNameField, $sEmailField, $sAllowedEmails)
|
||||||
{
|
{
|
||||||
$this->sHostName = $sHostName;
|
$this->sHostName = $sHostName;
|
||||||
$this->iHostPort = $iHostPort;
|
$this->iHostPort = $iHostPort;
|
||||||
|
$this->bUseStartTLS = $bUseStartTLS;
|
||||||
if (0 < \strlen($sAccessDn))
|
if (0 < \strlen($sAccessDn))
|
||||||
{
|
{
|
||||||
$this->sAccessDn = $sAccessDn;
|
$this->sAccessDn = $sAccessDn;
|
||||||
|
@ -190,6 +197,12 @@ class LdapContactsSuggestions implements \RainLoop\Providers\Suggestions\ISugges
|
||||||
|
|
||||||
@\ldap_set_option($oCon, LDAP_OPT_PROTOCOL_VERSION, 3);
|
@\ldap_set_option($oCon, LDAP_OPT_PROTOCOL_VERSION, 3);
|
||||||
|
|
||||||
|
if ($this->bUseStartTLS && !@\ldap_start_tls($oCon))
|
||||||
|
{
|
||||||
|
$this->logLdapError($oCon, 'ldap_start_tls');
|
||||||
|
return $aResult;
|
||||||
|
}
|
||||||
|
|
||||||
if (!@\ldap_bind($oCon, $this->sAccessDn, $this->sAccessPassword))
|
if (!@\ldap_bind($oCon, $this->sAccessDn, $this->sAccessPassword))
|
||||||
{
|
{
|
||||||
if (is_null($this->sAccessDn))
|
if (is_null($this->sAccessDn))
|
||||||
|
|
|
@ -43,6 +43,7 @@ class LdapContactsSuggestionsPlugin extends \RainLoop\Plugins\AbstractPlugin
|
||||||
|
|
||||||
$sHostName = \trim($this->Config()->Get('plugin', 'hostname', ''));
|
$sHostName = \trim($this->Config()->Get('plugin', 'hostname', ''));
|
||||||
$iHostPort = (int) $this->Config()->Get('plugin', 'port', 389);
|
$iHostPort = (int) $this->Config()->Get('plugin', 'port', 389);
|
||||||
|
$bUseStartTLS = (bool) $this->Config()->Get('plugin', 'use_start_tls', True);
|
||||||
$sAccessDn = \trim($this->Config()->Get('plugin', 'access_dn', ''));
|
$sAccessDn = \trim($this->Config()->Get('plugin', 'access_dn', ''));
|
||||||
$sAccessPassword = \trim($this->Config()->Get('plugin', 'access_password', ''));
|
$sAccessPassword = \trim($this->Config()->Get('plugin', 'access_password', ''));
|
||||||
$sUsersDn = \trim($this->Config()->Get('plugin', 'users_dn_format', ''));
|
$sUsersDn = \trim($this->Config()->Get('plugin', 'users_dn_format', ''));
|
||||||
|
@ -57,7 +58,7 @@ class LdapContactsSuggestionsPlugin extends \RainLoop\Plugins\AbstractPlugin
|
||||||
include_once __DIR__.'/LdapContactsSuggestions.php';
|
include_once __DIR__.'/LdapContactsSuggestions.php';
|
||||||
|
|
||||||
$oProvider = new LdapContactsSuggestions();
|
$oProvider = new LdapContactsSuggestions();
|
||||||
$oProvider->SetConfig($sHostName, $iHostPort, $sAccessDn, $sAccessPassword, $sUsersDn, $sObjectClass, $sSearchField, $sNameField, $sEmailField, $sAllowedEmails);
|
$oProvider->SetConfig($sHostName, $iHostPort, $bUseStartTLS, $sAccessDn, $sAccessPassword, $sUsersDn, $sObjectClass, $sSearchField, $sNameField, $sEmailField, $sAllowedEmails);
|
||||||
|
|
||||||
$mResult[] = $oProvider;
|
$mResult[] = $oProvider;
|
||||||
}
|
}
|
||||||
|
@ -77,6 +78,9 @@ class LdapContactsSuggestionsPlugin extends \RainLoop\Plugins\AbstractPlugin
|
||||||
\RainLoop\Plugins\Property::NewInstance('port')->SetLabel('LDAP port')
|
\RainLoop\Plugins\Property::NewInstance('port')->SetLabel('LDAP port')
|
||||||
->SetType(\RainLoop\Enumerations\PluginPropertyType::INT)
|
->SetType(\RainLoop\Enumerations\PluginPropertyType::INT)
|
||||||
->SetDefaultValue(389),
|
->SetDefaultValue(389),
|
||||||
|
\RainLoop\Plugins\Property::NewInstance('use_start_tls')->SetLabel('Use StartTLS')
|
||||||
|
->SetType(\RainLoop\Enumerations\PluginPropertyType::BOOL)
|
||||||
|
->SetDefaultValue(True),
|
||||||
\RainLoop\Plugins\Property::NewInstance('access_dn')->SetLabel('Access dn (login)')
|
\RainLoop\Plugins\Property::NewInstance('access_dn')->SetLabel('Access dn (login)')
|
||||||
->SetDescription('LDAP bind DN to authentifcate with. If left blank, anonymous bind will be tried and Access password will be ignored')
|
->SetDescription('LDAP bind DN to authentifcate with. If left blank, anonymous bind will be tried and Access password will be ignored')
|
||||||
->SetDefaultValue(''),
|
->SetDefaultValue(''),
|
||||||
|
|
Loading…
Reference in a new issue