Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix deprecated ldap_connect calls, enable ldap(s):// style LDAP URIs #8642

Closed
wants to merge 2 commits into from
Closed

Fix deprecated ldap_connect calls, enable ldap(s):// style LDAP URIs #8642

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
8a78d2c
Fix #8642 - Fix outdated ldap_connect calls, enable ldap(s)://
RustyDust Apr 4, 2020
0d049c9
Fix #5107 - Add support for multiple LDAP servers
RustyDust Apr 5, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
6 changes: 2 additions & 4 deletions modules/Administration/PasswordManager.tpl
View file
Open in desktop
Expand Up @@ -344,9 +344,7 @@
<table cellspacing='0' cellpadding='1' id='ldap_display' style='display:{$ldap_display}' width='100%'>
<tr>
<td width='25%' scope="row" valign='top' nowrap>{$MOD.LBL_LDAP_SERVER_HOSTNAME} {sugar_help text=$MOD.LBL_LDAP_SERVER_HOSTNAME_DESC}</td>{$settings.proxy_host}
<td width='25%' align="left" valign='top'><input name="ldap_hostname" size='25' type="text" value="{$settings.ldap_hostname}"></td>
<td width='25%' scope="row" valign='top' nowrap>{$MOD.LBL_LDAP_SERVER_PORT} {sugar_help text=$MOD.LBL_LDAP_SERVER_PORT_DESC}</td>{$settings.proxy_port}
<td width='25%' align="left" valign='top' ><input name="ldap_port" size='6' type="text" value="{$settings.ldap_port}"></td>
<td colspan='3' width='75%' align="left" valign='top'><input name="ldap_hostname" size='80' type="text" value="{$settings.ldap_hostname}"></td>
</tr>
<tr>
<td scope="row" valign='middle' nowrap>{$MOD.LBL_LDAP_USER_DN} {sugar_help text=$MOD.LBL_LDAP_USER_DN_DESC}</td>
Expand Down Expand Up @@ -658,7 +656,7 @@ function refresh_email_template_list(template_id, template_name) {
newElement.value=template_id;
field.options.add(newElement);
} // else

}

function testregex(customregex)
Expand Down
2 changes: 1 addition & 1 deletion modules/Administration/language/en_us.lang.php
View file
Open in desktop
Expand Up @@ -298,7 +298,7 @@
'LBL_LDAP_BIND_ATTRIBUTE' => 'Bind Attribute:',
'LBL_LDAP_BIND_ATTRIBUTE_DESC' => 'For Binding the LDAP User<br>Examples:&nbsp;<b>AD:</b>&nbsp;userPrincipalName,&nbsp;<b>openLDAP:</b>&nbsp;dn,&nbsp;<b>Mac&nbsp;OS&nbsp;X:</b>&nbsp;uid ',
'LBL_LDAP_LOGIN_ATTRIBUTE_DESC' => 'For searching for the LDAP User<br>Examples:<b>AD:</b>&nbsp;userPrincipalName,&nbsp;<b>openLDAP:</b>&nbsp;cn,&nbsp;<b>Mac&nbsp;OS&nbsp;X:</b>&nbsp;dn ',
'LBL_LDAP_SERVER_HOSTNAME_DESC' => 'Example: ldap.example.com or ldaps://ldap.example.com for SSL',
'LBL_LDAP_SERVER_HOSTNAME_DESC' => 'Example:<br>ldap://ldap.example.com:389 or<br>ldaps://ldap.example.com:636 for SSL<br>Separate multiple hosts with spaces.',
'LBL_LDAP_SERVER_PORT_DESC' => 'Example: 389 or 636 for SSL',
'LBL_LDAP_GROUP_NAME' => 'Group Name:',
'LBL_LDAP_GROUP_NAME_DESC' => 'Example cn=SuiteCRM',
Expand Down
2 changes: 1 addition & 1 deletion modules/Configurator/language/en_us.lang.php
View file
Open in desktop
Expand Up @@ -154,7 +154,7 @@
'LBL_LDAP_BIND_ATTRIBUTE' => 'Bind Attribute:',
'LBL_LDAP_BIND_ATTRIBUTE_DESC' => 'For Binding the LDAP User Examples:[<b>AD:</b>&nbsp;userPrincipalName] [<b>openLDAP:</b>&nbsp;dn] [<b>Mac&nbsp;OS&nbsp;X:</b>&nbsp;uid] ',
'LBL_LDAP_LOGIN_ATTRIBUTE_DESC' => 'For searching for the LDAP User Examples:[<b>AD:</b>&nbsp;userPrincipalName] [<b>openLDAP:</b>&nbsp;cn] [<b>Mac&nbsp;OS&nbsp;X:</b>&nbsp;dn] ',
'LBL_LDAP_SERVER_HOSTNAME_DESC' => 'Example: ldap.example.com or ldaps://ldap.example.com for SSL',
'LBL_LDAP_SERVER_HOSTNAME_DESC' => 'Example:<br>ldap://ldap.example.com:389 or<br>ldaps://ldap.example.com:636 for SSL<br>Separate multiple hosts with spaces.',
'LBL_LDAP_SERVER_PORT_DESC' => 'Example: <em>389 or 636 for SSL</em>',
'LBL_LDAP_GROUP_NAME' => 'Group Name:',
'LBL_LDAP_GROUP_NAME_DESC' => 'Example <em>cn=suitecrm</em>',
Expand Down
34 changes: 31 additions & 3 deletions modules/Users/authentication/LDAPAuthenticate/LDAPAuthenticateUser.php
View file
Open in desktop
Expand Up @@ -71,8 +71,21 @@ public function authenticateUser($name, $password, $fallback=false)
if (!$port) {
$port = DEFAULT_PORT;
}
$GLOBALS['log']->debug("ldapauth: Connecting to LDAP server: $server");
$ldapconn = ldap_connect($server, $port);
LoggerManager::getLogger()->debug('ldapauth: Connecting to LDAP server: $server');
// check for ldap(s):// style syntax
$slashPos = strpos($server, '://');
if ($slashPos === false) {
// use the old way
$ldapconn = ldap_connect($server, $port);
} else {
if ($slashPos < 4) {
LoggerManager::getLogger()->fatal('ldapauth.ldap_rdn_lookup: Malformed LDAP server URI ($server)');

return false;
}
// use the new way, ignore the port
$ldapconn = ldap_connect($server);
}
$error = ldap_errno($ldapconn);
if ($this->loginError($error)) {
return '';
Expand Down Expand Up @@ -362,7 +375,22 @@ public function ldap_rdn_lookup($user_name, $password)
if (!$port) {
$port = DEFAULT_PORT;
}
$ldapconn = ldap_connect($server, $port);

// check for ldap(s):// style syntax
$slashPos = strpos($server, '://');
if ($slashPos === false) {
// use the old way
$ldapconn = ldap_connect($server, $port);
} else {
if ($slashPos < 4) {
LoggerManager::getLogger()->fatal('ldapauth.ldap_rdn_lookup: Malformed LDAP server URI ($server)');

return false;
}
// use the new way, ignore the port
$ldapconn = ldap_connect($server);
}

$error = ldap_errno($ldapconn);
if ($this->loginError($error)) {
return false;
Expand Down