View Issue Details

IDProjectCategoryView StatusLast Update
0027849mantisbtldappublic2021-02-16 08:38
Reporterdregad Assigned Tocommunity  
PrioritynormalSeverityminorReproducibilityN/A
Status resolvedResolutionfixed 
Target Version2.25.0Fixed in Version2.25.0 
Summary0027849: LDAP server must be specified as an URI
Description

Until now, Mantis allowed setting $g_ldap_server to a hostname (i.e. without specifying the ldap[s]:// protocol), relying on an alternate ldap_connect ( string $host = null , int $port = 389 ) : resource|false signature; this is now deprecated, so we require an URI.

Admin Checks now report this obsolete usage, and ldap_connect_bind() will log and trigger an error.

TagsNo tags attached.

Activities

dregad

dregad

2021-01-07 07:48

developer   ~0064957

Fixed in PR https://github.com/mantisbt/mantisbt/pull/1727

Related Changesets

MantisBT: master 94462f8c

2021-01-04 12:29:54

Sean McBride


Committer: dregad Details Diff
Review of LDAP code; added StartTLS support

- added StartTLS support for LDAP, based on illmnec's patch
(fixes 0015361).
- added new ldap_tls_protocol_min option to specify minimun TLS version.
- changed default $g_ldap_protocol_version from 0 to 3 (fixes 0027848).
- improved Admin Guide and config_defaults_inc.php PHPDoc comments
- corrected log output for ldap_connect, which, despite its name,
doesn't actually perform a network connection, according to its docs.
- added an Admin Check to ensure that ldap_server config option is in
URI form (fixes 0027849).

Signed-off-by: Damien Regad <dregad@mantisbt.org>

PR https://github.com/mantisbt/mantisbt/pull/1727
Affected Issues
0015361, 0027848, 0027849
mod - admin/check/check_config_inc.php Diff File
mod - config_defaults_inc.php Diff File
mod - core/constant_inc.php Diff File
mod - core/ldap_api.php Diff File
mod - docbook/Admin_Guide/en-US/config/auth.xml Diff File
mod - lang/strings_english.txt Diff File