Bug #1052 » pfsense-fix-bug1052.diff
| root/pfsense/pfSenseGITREPO/pfSenseGITREPO/etc/inc/auth.inc → etc/inc/auth.inc | ||
|---|---|---|
| 684 | 684 |
@chmod("{$g['varrun_path']}/certs/{$authcfg['name']}.ca", 0600);
|
| 685 | 685 |
putenv('LDAPTLS_REQCERT=hard');
|
| 686 | 686 |
/* XXX: Probably even the hashed link should be created for this? */ |
| 687 |
putenv("TLS_CACERTDIR={$g['varrun_path']}/certs");
|
|
| 688 |
putenv("TLS_CACERT={$g['varrun_path']}/certs/{$authcfg['name']}.ca");
|
|
| 687 |
putenv("LDAPTLS_CACERTDIR={$g['varrun_path']}/certs");
|
|
| 688 |
putenv("LDAPTLS_CACERT={$g['varrun_path']}/certs/{$authcfg['name']}.ca");
|
|
| 689 | 689 |
} |
| 690 | 690 |
} |
| 691 | 691 | |
| ... | ... | |
| 1025 | 1025 |
return false; |
| 1026 | 1026 |
} |
| 1027 | 1027 |
|
| 1028 |
ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0); |
|
| 1029 |
ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, (int)$ldapver); |
|
| 1030 | ||
| 1031 | 1028 |
/* Setup CA environment if needed. */ |
| 1032 | 1029 |
ldap_setup_caenv($authcfg); |
| 1033 | 1030 | |
| 1031 |
ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0); |
|
| 1032 |
ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, (int)$ldapver); |
|
| 1033 | ||
| 1034 | 1034 |
/* Make sure we can connect to LDAP */ |
| 1035 | 1035 |
$error = false; |
| 1036 | 1036 |
if (!($ldap = ldap_connect($ldapserver))) |