Commit 3fdb5a93 authored by Ad Schellevis's avatar Ad Schellevis

(auth/ldap) disable error reporting on connect, to prevent api to signal...

(auth/ldap) disable error reporting on connect, to prevent api to signal authentication errors as issues.

exception 'Exception' with message 'Error at /usr/local/opnsense/mvc/app/library/OPNsense/Auth/LDAP.php:236 - ldap_bind(): Unable to bind to server: Invalid credentials (errno=2)' in /usr/local/opnsense/mvc/app/controllers/OPNsense/Base/ApiControllerBase.php:84
Stack trace:
 0 [internal function]: OPNsense\Base\ApiControllerBase->APIErrorHandler(2,
parent ce3bc611
......@@ -225,6 +225,13 @@ class LDAP implements IAuthConnector
*/
public function connect($bind_url, $userdn = null, $password = null, $timeout = 30)
{
$retval = false;
set_error_handler(
function () {
null;
}
);
$this->closeLDAPHandle();
$this->ldapHandle = @ldap_connect($bind_url);
......@@ -235,14 +242,17 @@ class LDAP implements IAuthConnector
ldap_set_option($this->ldapHandle, LDAP_OPT_PROTOCOL_VERSION, (int)$this->ldapVersion);
$bindResult = @ldap_bind($this->ldapHandle, $userdn, $password);
if ($bindResult) {
return true;
$retval = true;
} else {
syslog(LOG_ERR, 'LDAP bind error (' . ldap_error($this->ldapHandle).')');
}
}
restore_error_handler();
if (!$retval) {
$this->ldapHandle = null;
return false;
}
return $retval;
}
/**
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment