diff options
author | Ermal <eri@pfsense.org> | 2011-11-14 13:42:16 +0000 |
---|---|---|
committer | Ermal <eri@pfsense.org> | 2011-11-14 13:42:32 +0000 |
commit | 906daddcf54cff12a0cd6b6e2a5c4c53552567d9 (patch) | |
tree | c49e9b2847e8b44c0cd8749c289230a585431d81 /etc/inc/auth.inc | |
parent | 9eced774415768ccc0516a9101a632bb07bd530e (diff) | |
download | pfsense-906daddcf54cff12a0cd6b6e2a5c4c53552567d9.zip pfsense-906daddcf54cff12a0cd6b6e2a5c4c53552567d9.tar.gz |
Ticket #1052. Merge patch referenced in ticket.
Diffstat (limited to 'etc/inc/auth.inc')
-rw-r--r-- | etc/inc/auth.inc | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/etc/inc/auth.inc b/etc/inc/auth.inc index 24f221b..2d55535 100644 --- a/etc/inc/auth.inc +++ b/etc/inc/auth.inc @@ -684,8 +684,8 @@ function ldap_setup_caenv($authcfg) { @chmod("{$g['varrun_path']}/certs/{$authcfg['name']}.ca", 0600); putenv('LDAPTLS_REQCERT=hard'); /* XXX: Probably even the hashed link should be created for this? */ - putenv("TLS_CACERTDIR={$g['varrun_path']}/certs"); - putenv("TLS_CACERT={$g['varrun_path']}/certs/{$authcfg['name']}.ca"); + putenv("LDAPTLS_CACERTDIR={$g['varrun_path']}/certs"); + putenv("LDAPTLS_CACERT={$g['varrun_path']}/certs/{$authcfg['name']}.ca"); } } @@ -1025,12 +1025,12 @@ function ldap_backed($username, $passwd, $authcfg) { return false; } - ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0); - ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, (int)$ldapver); - /* Setup CA environment if needed. */ ldap_setup_caenv($authcfg); + ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0); + ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, (int)$ldapver); + /* Make sure we can connect to LDAP */ $error = false; if (!($ldap = ldap_connect($ldapserver))) |