nextcloud · come-nc · Dec 8, 2022 · Sep 5, 2022 · Nov 22, 2022
diff --git a/apps/user_ldap/js/wizard/view.js b/apps/user_ldap/js/wizard/view.js
@@ -86,7 +86,8 @@ OCA = OCA || {};
 			var agent = view.configModel.configuration.ldap_dn;
 			var pwd   = view.configModel.configuration.ldap_agent_password;
 
-			if((host && port  && base) && ((!agent && !pwd) || (agent && pwd))) {
+			if(((host && port && base) || (host && base && host.indexOf('ldapi://') > -1 ))
+        && ((!agent && !pwd) || (agent && pwd))) {
 				view.enableTabs();
 			} else {
 				view.disableTabs();
@@ -107,7 +108,8 @@ OCA = OCA || {};
 			var userFilter  = this.configModel.configuration.ldap_userlist_filter;
 			var loginFilter = this.configModel.configuration.ldap_login_filter;
 
-			if(host && port && base && userFilter && loginFilter) {
+			if((host && port && base && userFilter && loginFilter) ||
+        (host && base && host.indexOf('ldapi://') > -1 && userFilter && loginFilter)) {
 				this.configModel.requestConfigurationTest();
 			} else {
 				this._updateStatusIndicator(this.STATUS_INCOMPLETE);

diff --git a/apps/user_ldap/lib/Configuration.php b/apps/user_ldap/lib/Configuration.php
@@ -559,4 +559,11 @@ public function getAvatarAttributes(): array {
 		}
 		return $defaultAttributes;
 	}
+
+	/**
+	 * Returns TRUE if the ldapHost variable starts with 'ldapi://'
+	 */
+	public function usesLdapi(): bool {
+		return (substr($this->config['ldapHost'], 0, strlen('ldapi://')) === 'ldapi://');
+	}
 }
diff --git a/apps/user_ldap/lib/Connection.php b/apps/user_ldap/lib/Connection.php
@@ -18,6 +18,7 @@
  * @author root <root@localhost.localdomain>
  * @author Victor Dubiniuk <dubiniuk@owncloud.com>
  * @author Xuanwo <xuanwo@yunify.com>
+ * @author Vincent Van Houtte <vvh@aplusv.be>
  *
  * @license AGPL-3.0
  *
@@ -454,8 +455,14 @@ private function doCriticalValidation() {
 			(string)$this->configPrefix .'): ';
 
 		//options that shall not be empty
-		$options = ['ldapHost', 'ldapPort', 'ldapUserDisplayName',
+		$options = ['ldapHost', 'ldapUserDisplayName',
 			'ldapGroupDisplayName', 'ldapLoginFilter'];
+
+		//ldapPort should not be empty either unless ldapHost is pointing to a socket
+		if (!$this->configuration->usesLdapi()) {
+			$options[] = 'ldapPort';
+		}
+
 		foreach ($options as $key) {
 			$val = $this->configuration->$key;
 			if (empty($val)) {

diff --git a/apps/user_ldap/lib/LDAP.php b/apps/user_ldap/lib/LDAP.php
@@ -75,7 +75,7 @@ public function connect($host, $port) {
 			$host = 'ldap://' . $host;
 			$pos = 4;
 		}
-		if (strpos($host, ':', $pos + 1) === false) {
+		if (strpos($host, ':', $pos + 1) === false && !empty($port)) {
 			//ldap_connect ignores port parameter when URLs are passed
 			$host .= ':' . $port;
 		}

diff --git a/apps/user_ldap/lib/Wizard.php b/apps/user_ldap/lib/Wizard.php
@@ -19,6 +19,7 @@
  * @author Tobias Perschon <tobias@perschon.at>
  * @author Victor Dubiniuk <dubiniuk@owncloud.com>
  * @author Xuanwo <xuanwo@yunify.com>
+ * @author Vincent Van Houtte <vvh@aplusv.be>
  * @author Côme Chilliet <come.chilliet@nextcloud.com>
  *
  * @license AGPL-3.0
@@ -95,7 +96,10 @@ public function __destruct() {
 	 * @throws \Exception
 	 */
 	public function countEntries(string $filter, string $type): int {
-		$reqs = ['ldapHost', 'ldapPort', 'ldapBase'];
+		$reqs = ['ldapHost', 'ldapBase'];
+		if (!$this->configuration->usesLdapi()) {
+			$reqs[] = 'ldapPort';
+		}
 		if ($type === 'users') {
 			$reqs[] = 'ldapUserFilter';
 		}
@@ -189,13 +193,13 @@ public function countInBaseDN(): WizardResult {
 	 * counts users with a specified attribute
 	 * @return int|false
 	 */
-	public function countUsersWithAttribute(string $attr, bool $existsCheck = false) {
-		if (!$this->checkRequirements(['ldapHost',
-			'ldapPort',
-			'ldapBase',
-			'ldapUserFilter',
-		])) {
-			return false;
+  public function countUsersWithAttribute(string $attr, bool $existsCheck = false) {
+		$reqs = ['ldapHost', 'ldapBase', 'ldapUserFilter'];
+		if (!$this->configuration->usesLdapi()) {
+			$reqs[] = 'ldapPort';
+		}
+		if (!$this->checkRequirements($reqs)) {
+			return  false;
 		}
 
 		$filter = $this->access->combineFilterWithAnd([
@@ -215,11 +219,11 @@ public function countUsersWithAttribute(string $attr, bool $existsCheck = false)
 	 * @throws \Exception
 	 */
 	public function detectUserDisplayNameAttribute() {
-		if (!$this->checkRequirements(['ldapHost',
-			'ldapPort',
-			'ldapBase',
-			'ldapUserFilter',
-		])) {
+		$reqs = ['ldapHost', 'ldapBase', 'ldapUserFilter'];
+		if (!$this->configuration->usesLdapi()) {
+			$reqs[] = 'ldapPort';
+		}
+		if (!$this->checkRequirements($reqs)) {
 			return  false;
 		}
 
@@ -257,11 +261,11 @@ public function detectUserDisplayNameAttribute() {
 	 * @return WizardResult|bool
 	 */
 	public function detectEmailAttribute() {
-		if (!$this->checkRequirements(['ldapHost',
-			'ldapPort',
-			'ldapBase',
-			'ldapUserFilter',
-		])) {
+		$reqs = ['ldapHost', 'ldapBase', 'ldapUserFilter'];
+		if (!$this->configuration->usesLdapi()) {
+			$reqs[] = 'ldapPort';
+		}
+		if (!$this->checkRequirements($reqs)) {
 			return  false;
 		}
 
@@ -306,12 +310,12 @@ public function detectEmailAttribute() {
 	 * @throws \Exception
 	 */
 	public function determineAttributes() {
-		if (!$this->checkRequirements(['ldapHost',
-			'ldapPort',
-			'ldapBase',
-			'ldapUserFilter',
-		])) {
-			return false;
+		$reqs = ['ldapHost', 'ldapBase', 'ldapUserFilter'];
+		if (!$this->configuration->usesLdapi()) {
+			$reqs[] = 'ldapPort';
+		}
+		if (!$this->checkRequirements($reqs)) {
+			return  false;
 		}
 
 		$attributes = $this->getUserAttributes();
@@ -339,12 +343,12 @@ public function determineAttributes() {
 	 * @throws \Exception
 	 */
 	private function getUserAttributes() {
-		if (!$this->checkRequirements(['ldapHost',
-			'ldapPort',
-			'ldapBase',
-			'ldapUserFilter',
-		])) {
-			return false;
+		$reqs = ['ldapHost', 'ldapBase', 'ldapUserFilter'];
+		if (!$this->configuration->usesLdapi()) {
+			$reqs[] = 'ldapPort';
+		}
+		if (!$this->checkRequirements($reqs)) {
+			return  false;
 		}
 		$cr = $this->getConnection();
 		if (!$cr) {
@@ -395,12 +399,13 @@ public function determineGroupsForUsers() {
 	 * @return WizardResult|false the instance's WizardResult instance
 	 * @throws \Exception
 	 */
-	private function determineGroups(string $dbKey, string $confKey, bool $testMemberOf = true) {
-		if (!$this->checkRequirements(['ldapHost',
-			'ldapPort',
-			'ldapBase',
-		])) {
-			return false;
+  private function determineGroups(string $dbKey, string $confKey, bool $testMemberOf = true) {
+		$reqs = ['ldapHost', 'ldapBase'];
+		if (!$this->configuration->usesLdapi()) {
+			$reqs[] = 'ldapPort';
+		}
+		if (!$this->checkRequirements($reqs)) {
+			return  false;
 		}
 		$cr = $this->getConnection();
 		if (!$cr) {
@@ -476,11 +481,12 @@ public function fetchGroups(string $dbKey, string $confKey): array {
 	 * @return WizardResult|false
 	 */
 	public function determineGroupMemberAssoc() {
-		if (!$this->checkRequirements(['ldapHost',
-			'ldapPort',
-			'ldapGroupFilter',
-		])) {
-			return false;
+		$reqs = ['ldapHost', 'ldapGroupFilter'];
+		if (!$this->configuration->usesLdapi()) {
+			$reqs[] = 'ldapPort';
+		}
+		if (!$this->checkRequirements($reqs)) {
+			return  false;
 		}
 		$attribute = $this->detectGroupMemberAssoc();
 		if ($attribute === false) {
@@ -498,10 +504,11 @@ public function determineGroupMemberAssoc() {
 	 * @throws \Exception
 	 */
 	public function determineGroupObjectClasses() {
-		if (!$this->checkRequirements(['ldapHost',
-			'ldapPort',
-			'ldapBase',
-		])) {
+		$reqs = ['ldapHost', 'ldapBase'];
+		if (!$this->configuration->usesLdapi()) {
+			$reqs[] = 'ldapPort';
+		}
+		if (!$this->checkRequirements($reqs)) {
 			return  false;
 		}
 		$cr = $this->getConnection();
@@ -525,11 +532,12 @@ public function determineGroupObjectClasses() {
 	 * @throws \Exception
 	 */
 	public function determineUserObjectClasses() {
-		if (!$this->checkRequirements(['ldapHost',
-			'ldapPort',
-			'ldapBase',
-		])) {
-			return false;
+		$reqs = ['ldapHost', 'ldapBase'];
+		if (!$this->configuration->usesLdapi()) {
+			$reqs[] = 'ldapPort';
+		}
+		if (!$this->checkRequirements($reqs)) {
+			return  false;
 		}
 		$cr = $this->getConnection();
 		if (!$cr) {
@@ -555,10 +563,11 @@ public function determineUserObjectClasses() {
 	 * @throws \Exception
 	 */
 	public function getGroupFilter() {
-		if (!$this->checkRequirements(['ldapHost',
-			'ldapPort',
-			'ldapBase',
-		])) {
+		$reqs = ['ldapHost', 'ldapBase'];
+		if (!$this->configuration->usesLdapi()) {
+			$reqs[] = 'ldapPort';
+		}
+		if (!$this->checkRequirements($reqs)) {
 			return false;
 		}
 		//make sure the use display name is set
@@ -579,10 +588,11 @@ public function getGroupFilter() {
 	 * @throws \Exception
 	 */
 	public function getUserListFilter() {
-		if (!$this->checkRequirements(['ldapHost',
-			'ldapPort',
-			'ldapBase',
-		])) {
+		$reqs = ['ldapHost', 'ldapBase'];
+		if (!$this->configuration->usesLdapi()) {
+			$reqs[] = 'ldapPort';
+		}
+		if (!$this->checkRequirements($reqs)) {
 			return false;
 		}
 		//make sure the use display name is set
@@ -605,11 +615,11 @@ public function getUserListFilter() {
 	 * @throws \Exception
 	 */
 	public function getUserLoginFilter() {
-		if (!$this->checkRequirements(['ldapHost',
-			'ldapPort',
-			'ldapBase',
-			'ldapUserFilter',
-		])) {
+		$reqs = ['ldapHost', 'ldapBase', 'ldapUserFilter'];
+		if (!$this->configuration->usesLdapi()) {
+			$reqs[] = 'ldapPort';
+		}
+		if (!$this->checkRequirements($reqs)) {
 			return false;
 		}
 
@@ -626,12 +636,12 @@ public function getUserLoginFilter() {
 	 * @return WizardResult|false
 	 * @throws \Exception
 	 */
-	public function testLoginName(string $loginName) {
-		if (!$this->checkRequirements(['ldapHost',
-			'ldapPort',
-			'ldapBase',
-			'ldapLoginFilter',
-		])) {
+  public function testLoginName(string $loginName) {
+		$reqs = ['ldapHost', 'ldapBase', 'ldapUserFilter'];
+		if (!$this->configuration->usesLdapi()) {
+			$reqs[] = 'ldapPort';
+		}
+		if (!$this->checkRequirements($reqs)) {
 			return false;
 		}
 
@@ -717,9 +727,11 @@ public function guessPortAndTLS() {
 	 * @return WizardResult|false WizardResult on success, false otherwise
 	 */
 	public function guessBaseDN() {
-		if (!$this->checkRequirements(['ldapHost',
-			'ldapPort',
-		])) {
+		$reqs = ['ldapHost'];
+		if (!$this->configuration->usesLdapi()) {
+			$reqs[] = 'ldapPort';
+		}
+		if (!$this->checkRequirements($reqs)) {
 			return false;
 		}
 
@@ -1361,6 +1373,8 @@ private function getPortSettingsToTry(): array {
 				$portSettings[] = ['port' => $port, 'tls' => true];
 			}
 			$portSettings[] = ['port' => $port, 'tls' => false];
+		} elseif ($this->configuration->usesLdapi()) {
+			$portSettings[] = ['port' => '', 'tls' => false];
 		}
 
 		//default ports