Commit b221d224 authored by Ad Schellevis's avatar Ad Schellevis Committed by Franco Fichtner

(auth/ldap) disable error reporting on connect, to prevent api to signal...

(auth/ldap) disable error reporting on connect, to prevent api to signal authentication errors as issues.

exception 'Exception' with message 'Error at /usr/local/opnsense/mvc/app/library/OPNsense/Auth/LDAP.php:236 - ldap_bind(): Unable to bind to server: Invalid credentials (errno=2)' in /usr/local/opnsense/mvc/app/controllers/OPNsense/Base/ApiControllerBase.php:84
Stack trace:
 0 [internal function]: OPNsense\Base\ApiControllerBase->APIErrorHandler(2,

(cherry picked from commit 3fdb5a93)
parent 7424a2d7
...@@ -225,6 +225,13 @@ class LDAP implements IAuthConnector ...@@ -225,6 +225,13 @@ class LDAP implements IAuthConnector
*/ */
public function connect($bind_url, $userdn = null, $password = null, $timeout = 30) public function connect($bind_url, $userdn = null, $password = null, $timeout = 30)
{ {
$retval = false;
set_error_handler(
function () {
null;
}
);
$this->closeLDAPHandle(); $this->closeLDAPHandle();
$this->ldapHandle = @ldap_connect($bind_url); $this->ldapHandle = @ldap_connect($bind_url);
...@@ -235,14 +242,17 @@ class LDAP implements IAuthConnector ...@@ -235,14 +242,17 @@ class LDAP implements IAuthConnector
ldap_set_option($this->ldapHandle, LDAP_OPT_PROTOCOL_VERSION, (int)$this->ldapVersion); ldap_set_option($this->ldapHandle, LDAP_OPT_PROTOCOL_VERSION, (int)$this->ldapVersion);
$bindResult = @ldap_bind($this->ldapHandle, $userdn, $password); $bindResult = @ldap_bind($this->ldapHandle, $userdn, $password);
if ($bindResult) { if ($bindResult) {
return true; $retval = true;
} else { } else {
syslog(LOG_ERR, 'LDAP bind error (' . ldap_error($this->ldapHandle).')'); syslog(LOG_ERR, 'LDAP bind error (' . ldap_error($this->ldapHandle).')');
} }
} }
$this->ldapHandle = null; restore_error_handler();
return false; if (!$retval) {
$this->ldapHandle = null;
}
return $retval;
} }
/** /**
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment