mirror of
https://github.com/BookStackApp/BookStack.git
synced 2024-10-01 01:36:00 -04:00
Merge pull request #1096 from christophert/add-ldaptlsinsecure
Add option to disable LDAPS Certificate Validation
This commit is contained in:
commit
7c8edf5673
@ -77,6 +77,8 @@ LDAP_GROUP_ATTRIBUTE="memberOf"
|
||||
# Would you like to remove users from roles on BookStack if they do not match on LDAP
|
||||
# If false, the ldap groups-roles sync will only add users to roles
|
||||
LDAP_REMOVE_FROM_GROUPS=false
|
||||
# Set this option to disable LDAPS Certificate Verification
|
||||
LDAP_TLS_INSECURE=false
|
||||
|
||||
# Mail settings
|
||||
MAIL_DRIVER=smtp
|
||||
|
@ -170,6 +170,16 @@ class LdapService
|
||||
}
|
||||
$hostName = $ldapServer[0] . ($hasProtocol?':':'') . $ldapServer[1];
|
||||
$defaultPort = $ldapServer[0] === 'ldaps' ? 636 : 389;
|
||||
|
||||
/*
|
||||
* Check if TLS_INSECURE is set. The handle is set to NULL due to the nature of
|
||||
* the LDAP_OPT_X_TLS_REQUIRE_CERT option. It can only be set globally and not
|
||||
* per handle.
|
||||
*/
|
||||
if($this->config['tls_insecure']) {
|
||||
$this->ldap->setOption(NULL, LDAP_OPT_X_TLS_REQUIRE_CERT, LDAP_OPT_X_TLS_NEVER);
|
||||
}
|
||||
|
||||
$ldapConnection = $this->ldap->connect($hostName, count($ldapServer) > 2 ? intval($ldapServer[2]) : $defaultPort);
|
||||
|
||||
if ($ldapConnection === false) {
|
||||
|
@ -149,6 +149,7 @@ return [
|
||||
'user_to_groups' => env('LDAP_USER_TO_GROUPS',false),
|
||||
'group_attribute' => env('LDAP_GROUP_ATTRIBUTE', 'memberOf'),
|
||||
'remove_from_groups' => env('LDAP_REMOVE_FROM_GROUPS',false),
|
||||
'tls_insecure' => env('LDAP_TLS_INSECURE', false),
|
||||
]
|
||||
|
||||
];
|
||||
|
Loading…
Reference in New Issue
Block a user