Project

General

Profile

« Previous | Next » 

Revision 9500537d

Added by Jim Pingle almost 13 years ago

Don't add ldapcfg to racoon.conf since we're not using racoon's built-in LDAP support now. Moving to external script-based auth, see ticket #1112

View differences:

etc/inc/vpn.inc
417 417 
			}
418 418 
			/* end mode_cfg section */
419 419
420 
			if ($a_client['user_source'] != "system") {
421 
				if (is_array($config['system']['authserver'])) {
422 
					foreach ($config['system']['authserver'] as $authcfg) {
423 
						if ($authcfg['type'] == 'ldap' and $authcfg['name'] == $a_client['user_source'])
424 
							$thisauthcfg = $authcfg;
425 
					}
426 

  		




  427
  
  
    
					/* begin ldapcfg */                        


  		




  428
  
  
    
					$racoonconf .= "ldapcfg {\n";


  		




  429
  
  
    
					$racoonconf .= "\tversion 3;\n";


  		




  430
  
  
    
					$racoonconf .= "\thost \"".$thisauthcfg['host']."\";\n";


  		




  431
  
  
    
					$lport = "389";


  		




  432
  
  
    
					if ($authcfg['port'] != "")


  		




  433
  
  
    
						$lport = $authcfg['port'];


  		




  434
  
  
    
					$racoonconf .= "\tport ".$lport.";\n";


  		




  435
  
  
    
					$racoonconf .= "\tbase \"".$thisauthcfg['ldap_basedn']."\";\n";


  		




  436
  
  
    
					$racoonconf .= "\tsubtree on;\n";


  		




  437
  
  
    
					$racoonconf .= "\tbind_dn \"".$thisauthcfg['ldap_binddn']."\";\n";


  		




  438
  
  
    
					$racoonconf .= "\tbind_pw \"".$thisauthcfg['ldap_bindpw']."\";\n";


  		




  439
  
  
    
					$racoonconf .= "\tattr_user \"".$thisauthcfg['ldap_attr_user']."\";\n";


  		




  440
  
  
    
					$racoonconf .= "}\n\n";


  		




  441
  
  
    
					/* end ldapcfg */


  		




  442
  
  
    
				}


  		




  443
  
  
    
			}


  		




  
  420
  
    
// Disable this for now, when LDAP support returns it will be via external script auth, 


  		




  
  421
  
    
//    since we no longer build racoon with LDAP integrated. This is only preventing racoon from running.


  		




  
  422
  
    
//


  		




  
  423
  
    
//			if ($a_client['user_source'] != "system") {


  		




  
  424
  
    
//				if (is_array($config['system']['authserver'])) {


  		




  
  425
  
    
//					foreach ($config['system']['authserver'] as $authcfg) {


  		




  
  426
  
    
//						if ($authcfg['type'] == 'ldap' and $authcfg['name'] == $a_client['user_source']) 


  		




  
  427
  
    
//							$thisauthcfg = $authcfg;


  		




  
  428
  
    
//					}


  		




  
  429
  
    
//


  		




  
  430
  
    
//					/* begin ldapcfg */


  		




  
  431
  
    
//					$racoonconf .= "ldapcfg {\n";


  		




  
  432
  
    
//					$racoonconf .= "\tversion 3;\n";


  		




  
  433
  
    
//					$racoonconf .= "\thost \"".$thisauthcfg['host']."\";\n";


  		




  
  434
  
    
//					$lport = "389";


  		




  
  435
  
    
//					if ($authcfg['port'] != "")


  		




  
  436
  
    
//						$lport = $authcfg['port'];


  		




  
  437
  
    
//					$racoonconf .= "\tport ".$lport.";\n";


  		




  
  438
  
    
//					$racoonconf .= "\tbase \"".$thisauthcfg['ldap_basedn']."\";\n";


  		




  
  439
  
    
//					$racoonconf .= "\tsubtree on;\n";


  		




  
  440
  
    
//					$racoonconf .= "\tbind_dn \"".$thisauthcfg['ldap_binddn']."\";\n";


  		




  
  441
  
    
//					$racoonconf .= "\tbind_pw \"".$thisauthcfg['ldap_bindpw']."\";\n";


  		




  
  442
  
    
//					$racoonconf .= "\tattr_user \"".$thisauthcfg['ldap_attr_user']."\";\n";


  		




  
  443
  
    
//					$racoonconf .= "}\n\n";


  		




  
  444
  
    
//					/* end ldapcfg */


  		




  
  445
  
    
//				}


  		




  
  446
  
    
//			}


  		




  444
  447
  
    

  		




  445
  448
  
    
			/* begin remote sections */


  		




  446
  449
  
    
			if (is_array($a_phase1) && count($a_phase1)) {


  		












Also available in:  Unified diff