From 9b57e5569f7981bfc3ce06b8f70d792f16520621 Mon Sep 17 00:00:00 2001 From: Tim van Dijen Date: Thu, 30 Mar 2017 17:18:48 +0200 Subject: [PATCH 1/3] Adhere to authsource referals-setting --- modules/ldap/lib/Auth/Process/BaseFilter.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/modules/ldap/lib/Auth/Process/BaseFilter.php b/modules/ldap/lib/Auth/Process/BaseFilter.php index 22aa197bf1..6627f461e3 100644 --- a/modules/ldap/lib/Auth/Process/BaseFilter.php +++ b/modules/ldap/lib/Auth/Process/BaseFilter.php @@ -142,6 +142,7 @@ public function __construct(&$config, $reserved) $authconfig['ldap.port'] = @$authsource['port']; $authconfig['ldap.timeout'] = @$authsource['timeout']; $authconfig['ldap.debug'] = @$authsource['debug']; + $authconfig['ldap.referals'] = (@$authsource['referals'] ? @$authsource['referals'] : false); $authconfig['ldap.basedn'] = (@$authsource['search.enable'] ? @$authsource['search.base'] : null); $authconfig['ldap.username'] = (@$authsource['search.enable'] ? @$authsource['search.username'] : null); $authconfig['ldap.password'] = (@$authsource['search.enable'] ? @$authsource['search.password'] : null); @@ -233,6 +234,7 @@ protected function getLdap() $port = $this->config->getInteger('ldap.port', 389); $enable_tls = $this->config->getBoolean('ldap.enable_tls', false); $debug = $this->config->getBoolean('ldap.debug', false); + $referals = $this->config->getBoolean('ldap.referals', false); $timeout = $this->config->getInteger('ldap.timeout', 0); $username = $this->config->getString('ldap.username', null); $password = $this->config->getString('ldap.password', null); @@ -244,13 +246,14 @@ protected function getLdap() ' Port: ' . $port . ' Enable TLS: ' . ($enable_tls ? 'Yes' : 'No') . ' Debug: ' . ($debug ? 'Yes' : 'No') . + ' Referals: ' . ($referals ? 'Yes' : 'No') . ' Timeout: ' . $timeout . ' Username: ' . $username . ' Password: ' . str_repeat('*', strlen($password)) ); // Connect to the LDAP server to be queried during processing - $this->ldap = new SimpleSAML_Auth_LDAP($hostname, $enable_tls, $debug, $timeout, $port); + $this->ldap = new SimpleSAML_Auth_LDAP($hostname, $enable_tls, $debug, $timeout, $port, $referals); $this->ldap->bind($username, $password); // All done From ac2fb6658df0ac284bcd9c60b9b79052d8bfea8c Mon Sep 17 00:00:00 2001 From: Tim van Dijen Date: Thu, 30 Mar 2017 18:40:46 +0200 Subject: [PATCH 2/3] referals=referrals --- modules/ldap/lib/Auth/Process/BaseFilter.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/modules/ldap/lib/Auth/Process/BaseFilter.php b/modules/ldap/lib/Auth/Process/BaseFilter.php index 6627f461e3..704f3e0086 100644 --- a/modules/ldap/lib/Auth/Process/BaseFilter.php +++ b/modules/ldap/lib/Auth/Process/BaseFilter.php @@ -142,7 +142,7 @@ public function __construct(&$config, $reserved) $authconfig['ldap.port'] = @$authsource['port']; $authconfig['ldap.timeout'] = @$authsource['timeout']; $authconfig['ldap.debug'] = @$authsource['debug']; - $authconfig['ldap.referals'] = (@$authsource['referals'] ? @$authsource['referals'] : false); + $authconfig['ldap.referrals'] = (@$authsource['referrals'] ? @$authsource['referrals'] : false); $authconfig['ldap.basedn'] = (@$authsource['search.enable'] ? @$authsource['search.base'] : null); $authconfig['ldap.username'] = (@$authsource['search.enable'] ? @$authsource['search.username'] : null); $authconfig['ldap.password'] = (@$authsource['search.enable'] ? @$authsource['search.password'] : null); @@ -234,7 +234,7 @@ protected function getLdap() $port = $this->config->getInteger('ldap.port', 389); $enable_tls = $this->config->getBoolean('ldap.enable_tls', false); $debug = $this->config->getBoolean('ldap.debug', false); - $referals = $this->config->getBoolean('ldap.referals', false); + $referrals = $this->config->getBoolean('ldap.referrals', false); $timeout = $this->config->getInteger('ldap.timeout', 0); $username = $this->config->getString('ldap.username', null); $password = $this->config->getString('ldap.password', null); @@ -246,14 +246,14 @@ protected function getLdap() ' Port: ' . $port . ' Enable TLS: ' . ($enable_tls ? 'Yes' : 'No') . ' Debug: ' . ($debug ? 'Yes' : 'No') . - ' Referals: ' . ($referals ? 'Yes' : 'No') . + ' Referrals: ' . ($referrals ? 'Yes' : 'No') . ' Timeout: ' . $timeout . ' Username: ' . $username . ' Password: ' . str_repeat('*', strlen($password)) ); // Connect to the LDAP server to be queried during processing - $this->ldap = new SimpleSAML_Auth_LDAP($hostname, $enable_tls, $debug, $timeout, $port, $referals); + $this->ldap = new SimpleSAML_Auth_LDAP($hostname, $enable_tls, $debug, $timeout, $port, $referrals); $this->ldap->bind($username, $password); // All done From 24f3dc72e2801a85d0d038d7e26854a041670671 Mon Sep 17 00:00:00 2001 From: Tim van Dijen Date: Thu, 3 Aug 2017 11:40:41 +0200 Subject: [PATCH 3/3] Fix bc-incompatible default value --- modules/ldap/lib/Auth/Process/BaseFilter.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/ldap/lib/Auth/Process/BaseFilter.php b/modules/ldap/lib/Auth/Process/BaseFilter.php index 9349030352..2b6d5ba2b1 100644 --- a/modules/ldap/lib/Auth/Process/BaseFilter.php +++ b/modules/ldap/lib/Auth/Process/BaseFilter.php @@ -265,7 +265,7 @@ protected function getLdap() $port = $this->config->getInteger('ldap.port', 389); $enable_tls = $this->config->getBoolean('ldap.enable_tls', false); $debug = $this->config->getBoolean('ldap.debug', false); - $referrals = $this->config->getBoolean('ldap.referrals', false); + $referrals = $this->config->getBoolean('ldap.referrals', true); $timeout = $this->config->getInteger('ldap.timeout', 0); $username = $this->config->getString('ldap.username', null); $password = $this->config->getString('ldap.password', null);