diff options
| author | Ermal <eri@pfsense.org> | 2011-11-14 13:42:16 +0000 |
|---|---|---|
| committer | Ermal <eri@pfsense.org> | 2011-11-14 13:42:16 +0000 |
| commit | 6daf497bb2f97a6da719c3e5b157f71521b85dda (patch) | |
| tree | b47486aa0c60a00288a8523c2cdcdacf4fb66d13 | |
| parent | 035c557316e9089f80d02e83e4b739dd595efb65 (diff) | |
| download | pfsense-6daf497bb2f97a6da719c3e5b157f71521b85dda.zip pfsense-6daf497bb2f97a6da719c3e5b157f71521b85dda.tar.gz | |
Ticket #1052. Merge patch referenced in ticket.
| -rw-r--r-- | etc/inc/auth.inc | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/etc/inc/auth.inc b/etc/inc/auth.inc index 16bad47..1338e13 100644 --- a/etc/inc/auth.inc +++ b/etc/inc/auth.inc @@ -667,8 +667,8 @@ function ldap_setup_caenv($authcfg) { @chmod("{$g['varrun_path']}/certs/{$authcfg['name']}.ca", 0600); putenv('LDAPTLS_REQCERT=hard'); /* XXX: Probably even the hashed link should be created for this? */ - putenv("TLS_CACERTDIR={$g['varrun_path']}/certs"); - putenv("TLS_CACERT={$g['varrun_path']}/certs/{$authcfg['name']}.ca"); + putenv("LDAPTLS_CACERTDIR={$g['varrun_path']}/certs"); + putenv("LDAPTLS_CACERT={$g['varrun_path']}/certs/{$authcfg['name']}.ca"); } } @@ -997,12 +997,12 @@ function ldap_backed($username, $passwd, $authcfg) { return false; } - ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0); - ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, (int)$ldapver); - /* Setup CA environment if needed. */ ldap_setup_caenv($authcfg); + ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0); + ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, (int)$ldapver); + /* Make sure we can connect to LDAP */ $error = false; if (!($ldap = ldap_connect($ldapserver))) |
