Menu
▾
▴
Re: [webmin-l] Missing "Use encrypted connection"
|
From: Jamie C. <jca...@we...> - 2008-12-01 23:31:06
|
On 30/Nov/2008 13:22 Paul R. Ganci wrote ..
> Paul R. Ganci wrote:
> > Here is a patch to ldap-server-lib.pl so you can see
> > what I did
> Ugh, I screwed up ldap-server-lib.patch from my previous Email. I
> accidentally modified the distro ldap-server-lib.pl before I did the
> diff, Sorry. The patch should look more like this:
>
> --- ./ldap-server-lib.pl.dist 2008-11-30 14:14:28.000000000 -0700
> +++ ./ldap-server-lib.pl 2008-11-30 11:21:53.000000000 -0700
> @@ -67,27 +67,21 @@
> local @ssls = $ssl eq "" ? ( 1, 0 ) : ( $ssl );
> local $ldap;
> foreach $ssl (@ssls) {
> - $ldap = Net::LDAP->new($server, port => $port);
> + local ($proto);
> + if (($port == 389) && $ssl) { # STARTTLS only on standard port
> (ldapi)
> + $proto='ldapi';
> + }
> + elsif ($ssl) { # SSL Encryption (ldaps)
> + $proto='ldaps';
> + }
> + else {
> + $proto='ldap'; # Standard (ldap)
> + }
> + $ldap = Net::LDAP->new($server, port => $port, scheme => $proto);
> if (!$ldap) {
> # Connection failed .. give up completely
> return &text('connect_eldap', "<tt>$server</tt>", $port);
> }
> - if ($ssl) {
> - # Switch to TLS mode
> - local $mesg;
> - eval { $mesg = $ldap->start_tls(); };
> - if ($@ || !$mesg || $mesg->code) {
> - # Failed to switch to SSL mode. If also trying
> non-SSL,
> - # continue around the loop. Otherwise, give up
> - if (@ssls > 1) {
> - next;
> - }
> - else {
> - return &text('connect_essl',
> "<tt>$server</tt>",
> - $@ ? $@ : &ldap_error($mesg));
> - }
> - }
> - }
> }
> $ldap || return "This can't happen!";
>
> Watch out for line wraps due to an 80 character text formatted message
> to the list.
Thanks for those three patches - I see now that Webmin's support for proper
LDAP over SSL was broken, as it was only able to handle TLS. I will incorporate
modified versions of your fixed into the next release, with the TLS support
added back in where appropriate.
- Jamie
|