mexon/friendica-addons
1
0
Fork 0
forked from friendica/friendica-addons
Code Pull requests Activity

Merge pull request #343 from shtrom/master

Browse source 
[ldapauth] More logging in the connection phase, and use cn for fullname by default
This commit is contained in:
Tobias Diekershoff 2016-02-11 07:34:06 +01:00
parent be899bd4da d6f727974b
commit cb28355e04
1 changed files with 9 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
ldapauth/ldapauth.php
View file

@ -47,7 +47,7 @@
* // attribute to get email - optional - default : 'mail' * // attribute to get email - optional - default : 'mail'
* $a->config['ldapauth']['ldap_autocreateaccount_emailattribute'] = 'mail'; * $a->config['ldapauth']['ldap_autocreateaccount_emailattribute'] = 'mail';
* // attribute to get nickname - optional - default : 'givenName' * // attribute to get nickname - optional - default : 'givenName'
* $a->config['ldapauth']['ldap_autocreateaccount_nameattribute'] = 'givenName'; * $a->config['ldapauth']['ldap_autocreateaccount_nameattribute'] = 'cn';
* *
* ...etc. * ...etc.
*/ */
@ -90,23 +90,29 @@ function ldapauth_authenticate($username,$password) {
if(! ((strlen($password)) if(! ((strlen($password))
&& (function_exists('ldap_connect')) && (function_exists('ldap_connect'))
&& (strlen($ldap_server)))) && (strlen($ldap_server)))) {
logger("ldapauth: not configured or missing php-ldap module");
return false; return false;
}
$connect = @ldap_connect($ldap_server); $connect = @ldap_connect($ldap_server);
if(! $connect) if($connect === false) {
logger("ldapauth: could not connect to $ldap_server");
return false; return false;
}
@ldap_set_option($connect, LDAP_OPT_PROTOCOL_VERSION,3); @ldap_set_option($connect, LDAP_OPT_PROTOCOL_VERSION,3);
@ldap_set_option($connect, LDAP_OPT_REFERRALS, 0); @ldap_set_option($connect, LDAP_OPT_REFERRALS, 0);
if((@ldap_bind($connect,$ldap_binddn,$ldap_bindpw)) === false) { if((@ldap_bind($connect,$ldap_binddn,$ldap_bindpw)) === false) {
logger("ldapauth: could not bind $ldap_server as $ldap_binddn");
return false; return false;
} }
$res = @ldap_search($connect,$ldap_searchdn, $ldap_userattr . '=' . $username); $res = @ldap_search($connect,$ldap_searchdn, $ldap_userattr . '=' . $username);
if(! $res) { if(! $res) {
logger("ldapauth: $ldap_userattr=$username,$ldap_searchdn not found");
return false; return false;
} }