[Tickets #12157] startTLS in pear/Horde/Ldap.php is incorrect
noreply at bugs.horde.org
noreply at bugs.horde.org
Thu Apr 4 17:32:22 UTC 2013
DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.
Ticket URL: http://bugs.horde.org/ticket/12157
------------------------------------------------------------------------------
Ticket | 12157
Created By | landsidel.allen at gmail.com
Summary | startTLS in pear/Horde/Ldap.php is incorrect
Queue | Horde Framework Packages
Version | Git master
Type | Bug
State | Unconfirmed
Priority | 2. Medium
Milestone |
Patch |
Owners |
------------------------------------------------------------------------------
landsidel.allen at gmail.com (2013-04-04 17:32) wrote:
The startTLS function in Ldap.php makes an attempt to fetch the
rootDSE to see if TLS is supported, when TLS is enabled in the horde
configuration for LDAP.
When TLS is required by the LDAP server, this check fails because the
connection is not yet TLS enabled due to ldap_start_tls() not having
yet been called.
Simple solution:
Remove the rootDSE check. Commenting all lines in startTLS() up to
the ldap_start_tls() command fixes the issue.
More complex solution:
Try ldap_start_tls() first, and if that fails, attempt to fetch the
rootDSE to see if it reports as being supported.
More information about the bugs
mailing list