Skip to content

Commit

Permalink
Added StartTLS functionality
Browse files Browse the repository at this point in the history 
Added StartTLS in function Connect().
And also added parameters in config to activate StartTLS.
  • Loading branch information
@S-A-L13
S-A-L13 committed Feb 22, 2024
1 parent 0efc0bb commit 383e406
Show file tree
Hide file tree
Showing 3 changed files with 18 additions and 0 deletions.
3 changes: 3 additions & 0 deletions plugins/ldap-identities/LdapConfig.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ class LdapConfig
{
public const CONFIG_SERVER = "server";
public const CONFIG_PROTOCOL_VERSION = "server_version";
public const CONFIG_STARTTLS = "starttls";

public const CONFIG_BIND_USER = "bind_user";
public const CONFIG_BIND_PASSWORD = "bind_password";
Expand All @@ -28,6 +29,7 @@ class LdapConfig

public $server;
public $protocol;
public $starttls;
public $bind_user;
public $bind_password;
public $user_base;
Expand All @@ -48,6 +50,7 @@ public static function MakeConfig(Plugin $config): LdapConfig
$ldap = new self();
$ldap->server = trim($config->Get("plugin", self::CONFIG_SERVER));
$ldap->protocol = (int)trim($config->Get("plugin", self::CONFIG_PROTOCOL_VERSION, 3));
$ldap->starttls = (bool)trim($config->Get("plugin", self::CONFIG_STARTTLS));
$ldap->bind_user = trim($config->Get("plugin", self::CONFIG_BIND_USER));
$ldap->bind_password = trim($config->Get("plugin", self::CONFIG_BIND_PASSWORD));
$ldap->user_base = trim($config->Get("plugin", self::CONFIG_USER_BASE));
Expand Down
9 changes: 9 additions & 0 deletions plugins/ldap-identities/LdapIdentities.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -178,6 +178,15 @@ private function Connect(): bool
return false;
}

// Activate StartTLS
if ($this->config->starttls) {
$starttlsResult = ldap_start_tls($ldap);
if (!$starttlsResult) {
$this->ldapAvailable = false;
return false;
}
}

$this->ldap = $ldap;
$this->ldapConnected = true;
return true;
Expand Down
6 changes: 6 additions & 0 deletions plugins/ldap-identities/index.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,12 @@ protected function configMapping(): array
->SetLabel("LDAP Protocol Version")
->SetType(PluginPropertyType::SELECTION)
->SetDefaultValue([2, 3]),

Property::NewInstance(LdapConfig::CONFIG_STARTTLS)
->SetLabel("Use StartTLS")
->SetType(PluginPropertyType::BOOL)
->SetDescription("Whether or not to use TLS encrypted connection")
->SetDefaultValue(true),

Property::NewInstance(LdapConfig::CONFIG_BIND_USER)
->SetLabel("Bind User DN")
Expand Down

0 comments on commit 383e406

Please sign in to comment.